> On Jan 26, 2018, at 10:13 AM, clou <m...@iclou.ch> wrote:
>
> openssl cms -sign works perfect and sending an email.
>
> For encryption and sending an email I just get an email with an attachment
> smime.p7m.
>
> I use the following encryption command
>
> openssl cms -encrypt \
> -recip cert.pem \
> -subject 'openssl encrypt' \
> -to email \
> -from email \
> -in msg.txt \
> -keyopt ecdh_kdf_md:sha256 \
> | \
> sendmail email
>
>
> Any idea how I need do encrypt (or encrypt and sign) in order to get a proper
> email?
This requires a pipeline of two cms(1) commands, one to sign and other
to encrypt (S/MIME is generally a sign-then-encrypt encapsulation).
The inner signed content would be the just the payload no mail headers.
And yes, ECDSA is supported with CMS.
--
Viktor.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
