I reported the issue here -> https://github.com/openssl/openssl/issues/14927
I guess this is a final message from me. Nothing more to add. MM On 15. 4. 2021, at 17:40, Michal Moravec <michal.mora...@logicworks.cz<mailto:michal.mora...@logicworks.cz>> wrote: VICTORY! After replacing the PEM_write_bio_PKCS7/PEM_read_bio_CMS methods for i2d_PKCS7_bio/d2i_CMS_bio https://github.com/EtneteraLogicworks/libscep/commit/b16cd6a97c979abd6ca0ab7af7a944ef553cf17d PCKS7 (In this case CMS) decryption now works! Code now looks like: handle_encrypted_content(SCEP *handle, SCEP_DATA *data, PKCS7 *p7env, X509 *dec_cert, EVP_PKEY *dec_key) { ... CMS_ContentInfo *cmsMessage = NULL; BIO *convert = NULL; conversion = BIO_new(BIO_s_mem()); i2d_PKCS7_bio(conversion, p7env); cmsEnv = d2i_CMS_bio(conversion, NULL); CMS_decrypt(cmsEnv, dec_key, dec_cert, NULL, decData, 0); MM
