On 12/11/14 09:07, Sheldon Hearn wrote:
> The AES-IV is present, but the ciphertext is not. I've boiled the ruby
> code down for the purposes of asking this question:
>
> #>>>>>>>>>>>>>>>>>>>>>>>
>
> require 'openssl'
>
> cleartext = "The cake is a lie!"
>
> cipher = OpenSSL::Cipher::AES256.new(:CBC)
> cipher.encrypt
> cipher.random_key
> iv = cipher.random_iv
> ciphertext = cipher.update(cleartext) + cipher.final
>
> cms = OpenSSL::ASN1::Sequence.new([
> OpenSSL::ASN1::ObjectId.new("1.2.840.113549.1.7.6"),
> OpenSSL::ASN1::Sequence.new([
> OpenSSL::ASN1::Integer.new(0),
> OpenSSL::ASN1::Sequence.new([
> OpenSSL::ASN1::ObjectId.new("1.2.840.113549.1.7.1"),
> OpenSSL::ASN1::Sequence.new([
> OpenSSL::ASN1::ObjectId.new("2.16.840.1.101.3.4.1.42"),
> OpenSSL::ASN1::OctetString.new(iv)
> ]),
> OpenSSL::ASN1::OctetString.new(ciphertext, 0, :IMPLICIT)
> ]),
> OpenSSL::ASN1::Set.new([], 1, :IMPLICIT)
> ], 0, :EXPLICIT)
> ])
>
> $stdout.write cms.to_der
>
> #>>>>>>>>>>>>>>>>>>>>>>>
>
> I feed it to openssl asn1parse as follows:
>
> ruby mail-list-question.rb | openssl asn1parse -inform DER
>
> What am I doing wrong?
Why are you building this yourself using the ASN1 routines, rather than
just using OpenSSL's own CMS routines, e.g.:
https://www.openssl.org/docs/crypto/CMS_encrypt.html
Matt
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
