How to verify a .cms-file?

Hi list members, I got a file 'document.pdf' and a 'document_pdf.cms. Using 'openssl pkcs7'. It seems to be DER encoded and I can extract multiple certs, a CA, an intermediate and a signer's certificate. I have tried some variants of 'openssl cms -ver

Re: Support for ECDH One-pass in "openssl cms enc"

on behalf of Henning Krause via openssl-users Sent: Sunday, May 23, 2021 2:45 PM To: openssl-users@openssl.org Subject: Support for ECDH One-pass in "openssl cms enc" Hi, I'm trying to encrypt an email using the ECDH One-Pass algorithm. I've first created an X509 certific

Support for ECDH One-pass in "openssl cms enc"

Hi, I'm trying to encrypt an email using the ECDH One-Pass algorithm. I've first created an X509 certificate with an EDSA key based on the curve prime256v1. Then, I ran this command: openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha2

Re: openssl cms -encrypt error: error setting recipientinfo

ing). I am running OpenBSD current (6.9) from about 1 month ago. Previously, I have been using "openssl smime" to sign and encrypt emails. Now that I am migrating to EC keys/certificates, I need to switch to "openssl cms". However, I am unable to encrypt using th

openssl cms -encrypt error: error setting recipientinfo

t; to sign and encrypt emails. Now that I am migrating to EC keys/certificates, I need to switch to "openssl cms". However, I am unable to encrypt using the EC certificate. When I use: (I am going to obfuscate the emails in plain text, although I understand there will be some encoded in

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

am trying to analyze openssl sources, and it looks like the resign >> is implemented in an naive path that does not handle all cases. >> >> In other words, the CMS resign is not working in any case other than >> the default execution path. >> >> For example the -n

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Would you mind to raise the issue on GitHub with the reproduction? On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote: > Hi, > > I am trying to analyze openssl sources, and it looks like the resign > is implemented in an naive path that does not handle all cases. > > In other wor

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Hi, I am trying to analyze openssl sources, and it looks like the resign is implemented in an naive path that does not handle all cases. In other words, the CMS resign is not working in any case other than the default execution path. For example the -noattr is also not working. I updated my

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

> >>> built on: Fri Feb 19 18:56:06 2021 UTC >>> >>> platform: darwin64-x86_64-cc >>> >>> options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) >>> >>> compiler: cc -fPIC -arch x86_64 -g -Wall -DL_ENDIAN -DOPENSSL_PIC

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

GF2m -DSHA1_ASM -DSHA256_ASM >> -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM >> -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -D_REENTRANT >> -DNDEBUG >> >> OPENSSLDIR: "/usr/local/ssl" >> >> ENGINESDIR: "/

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

al/ssl" > > ENGINESDIR: "/usr/local/lib/engines-1.1" > > Seeding source: os-specific > > openssl cms -sign -in msg -text -signer cert1.pem -out 1.cms -keyopt > rsa_padding_mode:pss > > openssl cms -verify -in 1.cms -CAfile ca.pem > > Content-Type:

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

OPENSSLDIR: "/usr/local/ssl" ENGINESDIR: "/usr/local/lib/engines-1.1" Seeding source: os-specific openssl cms -sign -in msg -text -signer cert1.pem -out 1.cms -keyopt rsa_padding_mode:pss openssl cms -verify -in 1.cms -CAfile ca.pem Content-Type: text/plain hello world Ver

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

On Fri, Feb 19, 2021 at 11:19:42PM +0530, Thulasi Goriparthi wrote: > I am able to reproduce this issue with 1.1.1i OpenSSL 1.1.1j has been released. Do you still see the problem with 1.1.1j? -- Viktor.

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Hi Alon, I am able to reproduce this issue with 1.1.1i echo "hello world" > msg /* pkcs1 */ openssl cms -sign -in msg -text -signer cert1.pem -out 1.cms openssl cms -verify -in 1.cms -CAfile ca.pem openssl cms -resign -in 1.cms -signer cert2.pem -out 2.cms openssl cms -ver

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

Hello OpenSSL masters, Can someone please try to reproduce the below issue? Thanks, Alon On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote: > Hello, > > I am trying to resign a CMS using the openssl tool. > > When I use RSA-PKCS1 everything is working fine. > > When I use

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

On Sat, Feb 13, 2021 at 11:34 PM Quanah Gibson-Mount wrote: > --On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev > wrote: > > > I prepared a demo[1] to help people reproduce the issue, tested with > > openssl-1.1.1i. > > Maybe ? > Thank

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

--On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev wrote: I prepared a demo[1] to help people reproduce the issue, tested with openssl-1.1.1i. Maybe ? --Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packa

openssl cms resign with RSA-PSS corrupts the CMS(?)

Hello, I am trying to resign a CMS using the openssl tool. When I use RSA-PKCS1 everything is working fine. When I use RSA-PSS it seems like the asn1 is produced corrupted, I do not see the signature in asn1dump. I prepared a demo[1] to help people reproduce the issue, tested with openssl

Re: CMS in openssl

On Wed, Apr 22, 2020, 2:56 PM Michael Richardson wrote: > > Michael Mueller wrote: > >> Michael Mueller wrote: > >> > We've implemented what I gather can be called a CMS on Linux and > >> Windows > >> > using openssl evp fun

Re: CMS in openssl

Michael Mueller wrote: >> Michael Mueller wrote: >> > We've implemented what I gather can be called a CMS on Linux and >> Windows >> > using openssl evp functions. >> >> I'm not sure why you say it this way. >&g

Re: CMS in openssl

On Tue, Apr 21, 2020, 9:46 PM Michael Richardson wrote: > > Michael Mueller wrote: > > We've implemented what I gather can be called a CMS on Linux and > Windows > > using openssl evp functions. > > I'm not sure why you say it this way. > OpenS

Re: CMS in openssl

A few corrections: OpenSSL included CMS (RFC3369) support since 1.0.0 (see the CHANGES file), though for a long time, there was an arbitrary disconnect between functions named CMS and functions named PKCS#7 even though it should have been a continuum. The PKCS#7 and CMS standards equally

Re: CMS in openssl

Michael Mueller wrote: > We've implemented what I gather can be called a CMS on Linux and Windows > using openssl evp functions. I'm not sure why you say it this way. OpenSSL includes CMS (RFC3369) support, but I think not until 1.1.0. Did you implement RFC3369, or some

CMS in openssl

Greetings esteemed openssl users, We've implemented what I gather can be called a CMS on Linux and Windows using openssl evp functions. We need to expand this CMS to other systems, on which we have not been able to build openssl. These other systems have a vendor supplied security applic

How create cms signed data using the message digest instead of a data

Hello everyone. I have the digest of a data (message digest). How I can create cms signed data using the digest instead of a data? Thanks.

some testers needed for PHP CMS calls

Hi everyone, If anyone is interested, I have attempted to port the OpenSSL CMS routines into PHP.  The code is available in a PR at https://github.com/php/php-src/pull/5251.  Comments/reviews most welcome. Eliot signature.asc Description: OpenPGP digital signature

Signing cms using hash of data instead data

Hello everyone. Is it possible to create cms Signed Data using the message digest value instead of the data? What I need use? Thanks.

Signing cms using hash of data instead data

Hello everyone. Is it possible to create cms Signed Data using hash of the input data instead of the data? What I need use? Thanks.

Re: CMS decryption of message with OAEP using Hardware security module

CMS_Decrypt doesn't need to feed this information explicitly and it will part of CMS envelope of the encrypted data. https://tools.ietf.org/html/rfc3560#page-4 Thanks, Thulasi. On Tue, 18 Feb 2020 at 17:16, Thulasi Goriparthi < thulasi.goripar...@gmail.com> wrote: > Sorry for th

Re: CMS decryption of message with OAEP using Hardware security module

Sorry for this. I see that you already knew about it. On Tue, 18 Feb, 2020, 17:08 Thulasi Goriparthi, < thulasi.goripar...@gmail.com> wrote: > https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html > > Thanks, > Thulasi. > > On Tue, 18 Feb, 2020, 16:43 RudyAC, wrote: > >> Hello Th

Re: CMS decryption of message with OAEP using Hardware security module

https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html Thanks, Thulasi. On Tue, 18 Feb, 2020, 16:43 RudyAC, wrote: > Hello Thulasi, > > thank you for your quick response. > > the encryption takes not place in the HSM because we only store the private > keys inside the HSM. For en

Re: CMS decryption of message with OAEP using Hardware security module

Hello Thulasi, thank you for your quick response. the encryption takes not place in the HSM because we only store the private keys inside the HSM. For encryption we use the openssl CMS_encrypt() function. In case of OAEP I use the parameters: EVP_PKEY_CTX_set_rsa_oaep_md(wrap_ctx

Re: CMS decryption of message with OAEP using Hardware security module

7 Feb, 2020, 19:22 RudyAC, wrote: > Hi, > > I have the requirement to decrypt e-mails where RSA-OAEP padding is used. I > use the library openssl-1.0.2k and decrypt with CMS container > (CMS_decrypt). > This works very well unless the private key is stored in a Hardware >

CMS decryption of message with OAEP using Hardware security module

Hi, I have the requirement to decrypt e-mails where RSA-OAEP padding is used. I use the library openssl-1.0.2k and decrypt with CMS container (CMS_decrypt). This works very well unless the private key is stored in a Hardware security module and the cryptographic operation is performed via the

Re: CMS with ECC Keys is incompatibel to Windows CMS / Outlook

-sha1kdf-scheme (1.3.133.16.840.63.0.2) parameter: SEQUENCE: 0:d=0 hl=2 l= 11 cons: SEQUENCE 2:d=1 hl=2 l= 9 prim: OBJECT:id-aes256-wrap recipientEncryptedKeys: As one can see, there is a NULL at the end of the parameter sequence generated on Windows. CMS

CMS with ECC Keys is incompatibel to Windows CMS / Outlook

Hello, when generating a CMS with OpenSSL 1.1.1d or OpenSSL 1.0.2g using only ECC Keys, Windows 10 is unable to decrypt the CMS. All Passwords for keys is "test". Encrypting: openssl cms -encrypt -outform PEM -recip bob.pem -in Test.eml -out opensslencrypted.cms -aes256 -a

openssl smime/cms unable to handle binary encoded message? (header too long:asn1)

g from the link above... $ sed '1,/^\r$/d' suA97544.body $ openssl cms -uncompress -inform der -in suA97544.body Now, when I try this suggestion... sed does strip the MIME headers, but still when attempting to uncompress with openssl there is an error. Error reading S/MIME message 14008

Re: CMS and GCM

Hi, On Mon, May 13, 2019 at 12:50 AM Dr. Pala wrote: > Hi All, > > I am having issues using AES GCM in EnvelopedData - in particular if I use > AES CBC, that is ok, but when I try to use the GCM mode, I simply cannot > finalize the data. > > If you want to use AES GCM, then you need AuthEnvelop

CMS and GCM

Hi All, I am having issues using AES GCM in EnvelopedData - in particular if I use AES CBC, that is ok, but when I try to use the GCM mode, I simply cannot finalize the data. Are there any specific operations that need to happen in order to use AES in GCM mode (as per RFC5084) ? Is there a

Re: How to Sign and Encrypt in CMS ?

> > > I was playing around with the CMS interface and I was wondering what is > the right way to generate a signed and encrypted CMS. > take a look at this thread https://marc.info/?l=openssl-users&m=141606382825289 > >

Re: How to Sign and Encrypt in CMS ?

On May 5, 2019, at 7:13 PM, Dr. Pala wrote: > small question - I was playing around with the CMS interface and I was > wondering what is the right way to generate a signed and encrypted CMS. In > particular, for PKCS#7, you could use the signed_and_encrypted choice... but > in C

How to Sign and Encrypt in CMS ?

Hi All, small question - I was playing around with the CMS interface and I was wondering what is the right way to generate a signed and encrypted CMS. In particular, for PKCS#7, you could use the signed_and_encrypted choice... but in CMS, there is the envelopedData ... but that does not

Re: PKCS#7/CMS verify reports bad signature

Hello, I have a small update in order to close this issue. The identity provider that produced the invalid signatures have fixed their signatures so that we can verify them using the latest LTS version of OpenSSL. We use Bouncy Castle in some products and it does not catch the invalid signatures

Re: PKCS#7/CMS verify reports bad signature

Hello, I think the person I spoke with might have thought about another set of signatures for an in-house identity provider. If that is the case then those signatures were probably generated by OpenSSL 1.0.2 and are OK. I heard from another person today that the bad files were produced by the othe

Re: PKCS#7/CMS verify reports bad signature

On 02/04/2019 17:34, Steffen wrote: > Hello, > >> What had produced the signatures? > > I received word from my end that the signatures may have been produced by > OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but I > cannot confirm this. > If that's the case, I'd re

Re: PKCS#7/CMS verify reports bad signature

Hello, > What had produced the signatures? I received word from my end that the signatures may have been produced by OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but I cannot confirm this.

Re: PKCS#7/CMS verify reports bad signature

Matt Caswell wrote: > Using the cert/data files you provided me off-list (thanks), I was able to > confirm the above and narrow it down further to the following commit: What had produced the signatures? > In some cases, the damage is permanent and the spec deviation and > securi

Re: PKCS#7/CMS verify reports bad signature

SSL were unduly lenient in tolerating incorrectly formatted signatures. As a security hardening measure that tolerance was removed. If you want to know more then David Benjamin may be able to expand. Please note that CMS countersignatures made using a specific Symantec server (specifically to timestamp t

Re: PKCS#7/CMS verify reports bad signature

Hello Matt, Thank you for looking into this! So it seems like I have to figure out why the signatures are incorrectly formatted and then fix it at every source if possible, or convert the structures somehow if it can be done correctly. The only immediate solution I can see is to downgrade to Open

Re: PKCS#7/CMS verify reports bad signature

On 01/04/2019 22:23, Steffen wrote: > Hello, > > I believe that I have narrowed the problem down to one specific version of > OpenSSL. Version 1.1.0b works as expected while OpenSSL 1.1.0c does not. Using the cert/data files you provided me off-list (thanks), I was able to confirm the above an

Re: PKCS#7/CMS verify reports bad signature

1.1.0c describes the following change for CMS: *) CMS Null dereference Applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed

Re: PKCS#7/CMS verify reports bad signature

Hello Matt, Thank you for your reply! I am not quite sure if I should do something more but specifying "-binary" alone does not seem to help: # 1.0.2r $ /usr/local/opt/openssl/bin/openssl cms -verify -inform der -in test.der -content test-data.bin -noverify -binary > /dev/null

Re: PKCS#7/CMS verify reports bad signature

On 01/04/2019 14:46, Steffen wrote: > Hello, > > I am struggling with using OpenSSL 1.1.1 to verify a PKCS #7/CMS structure. > Verification succeeds when I use OpenSSL 1.0.2, but 1.1.0 and 1.1.1 fails with > "bad signature". I initially had this problem when using t

PKCS#7/CMS verify reports bad signature

Hello, I am struggling with using OpenSSL 1.1.1 to verify a PKCS #7/CMS structure. Verification succeeds when I use OpenSSL 1.0.2, but 1.1.0 and 1.1.1 fails with "bad signature". I initially had this problem when using the OpenSSL library but I see that the problem also applies to the O

Re: How can I make openssl doesn't add a signed attribute "signingTime" when I sign a cms/cades singnature?

ar 14, 2019 04:41 PM To: "shiyao_...@foxitsoftware.cn"; Cc: "openssl-users"; "gaochao_liu"; "junyi_liang"; "xiaochuan_liu"; Subject: Re: How can I make openssl doesn't add a signed attribute "signingTime" when I sign

Re: How can I make openssl doesn't add a signed attribute "signingTime" when I sign a cms/cades singnature?

also believe that CMS API flag would be useful that allows suppression of the signing-time attribute. Antonio On Wed, Mar 13, 2019 at 12:57 PM shiyao_...@foxitsoftware.cn wrote: > > Hello everyone, > > I am working on a project about how to use openssl libs to implement a >

How can I make openssl doesn't add a signed attribute "signingTime" when I sign a cms/cades singnature?

g for some help. According to the PAdES reference, signing-time attribute in CMS signature shall not be present in a PAdES signature. In openssl libs, signing-time attribute is set in the function CMS_SignerInfo_sign. But I can't find a way to control it not to set signing-time attribute.

[openssl-users] setting eContentType for CMS messages without CMS_PARTIAL

A major way in which PKCS7 and CMS signed artifacts differ is that the CMS artifacts include a content-type. RFC5652 has a decision tree to decide what version of SignedData structure to produce. The presence of a non-"id-data" content-type is among the decision tree, and so I underst

[openssl-users] setting eContentType for CMS messages without CMS_PARTIAL

A major way in which PKCS7 and CMS signed artifacts differ is that the CMS artifacts include a content-type. RFC5652 has a decision tree to decide what version of SignedData structure to produce. The presence of a non-"id-data" content-type is among the decision tree, and so I underst

[openssl-users] moving from PKCS7 to CMS functions

I am implementing a module for ruby-openssl to add CMS API access to ruby. (Once I figure it out, I will likely look at how to refactor PKCS7 API code, but I don't care about that yet) PKCS7 has the PKCS7_SIGNER_INFO object, and it is declared in pkcs7.h with DECLARE_ASN1_FUNCTIONS(). CM

[openssl-users] openssl cms encrypt recipientInfo [questions for openssl developers].

Here is a dump of my CMS encrypted message. === CMS_ContentInfo:. contentType: pkcs7-envelopedData (1.2.840.113549.1.7.3) d.envelopedData:. version: 2 originatorInfo: recipientInfos: d.kari:. version: 3 d.originatorKey:. algorithm

[openssl-users] How to get OCSP response in CMS through openssl library in C++

> Hello, > > I've been developing some broadcast apps signing logic on a TV. > > Actually, I should receive and verify the signing information such as > certificates and ocsp responses which are included in CMS signed data > format. > These application data are sent

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

wrong ;-) Well, OpenSSL's cms(1) is not a reference implementation of the CMS standard. It is an implementation of CMS via the OpenSSL APIs, and its source code is a useful resource in understanding how to use those APIs. IIRC the requirement to extract the complete CMS message into memory is not

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

Hello, On 01.08.2018 14:49, Michael Wojcik wrote: >> On 30.07.2018 20:12, Michael Wojcik wrote: >> >>> FWIW, SUS Issue 5 defines RLIMIT_AS as applying to both malloc and mmap, >>> but RLIMIT_DATA as >>> applying only to malloc. (That is, mmap'd pages do not count against the >>> data limit.) >>

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

On 01/08/2018 15:42, Viktor Dukhovni wrote: On Aug 1, 2018, at 9:31 AM, Michael Wojcik wrote: CMS with an AEAD mode (such as AES128-GCM) ought to avoid the integrity-protection issue for the encrypted content, but not for the other parts of the message, I assume. (I'm no CMS expert

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

> On Aug 1, 2018, at 9:31 AM, Michael Wojcik > wrote: > > CMS with an AEAD mode (such as AES128-GCM) ought to avoid the > integrity-protection issue for the encrypted content, but not for the other > parts of the message, I assume. (I'm no CMS expert so I may be mis

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Viktor Dukhovni > Sent: Wednesday, August 01, 2018 06:56 > > On Tue, Jul 31, 2018 at 06:14:18PM +0200, Jakob Bohm wrote: > > > Actually, the CMS format itself is clearly designed for streamed

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

On Tue, Jul 31, 2018 at 06:14:18PM +0200, Jakob Bohm wrote: > > CMS works fine for small messages, and could even be used to construct > > the integrity-protected chunks in a higher-level protocol. CMS is > > not appropriate for multi-gigabyte or terabyte, ... datasets. >

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

gular files could also be processed sequentially. What's the advantage of making seekable sources a special case? In any case, the OpenSSL apps are a convenience and a set of samples. You can always write your own version of the cms app. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

lseek(2) in combination with read(v)(2) can be employed. Portability is certainly an issue, but isn't this what the configure scripts are for to figure out? I also do not quite get why CMS should not lend itself to "large" data, given the above. It would seem that the whole

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

can't find that much contiguous virtual address space, and mmap won't be able to find it either. If you're a 32-bit process, then malloc'ing or mmap'ing a 2GB object will be difficult at best. Getting out of the weeds, the core issue is that CMS message input processing d

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Jordan Brown > Sent: Monday, July 30, 2018 10:46 > I have never heard of a malloc implementation that has artificial limits; Er... setrlimit(RLIMIT_DATA). For OSes that claim Single UNIX Specification compliance. >

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

t find that much contiguous virtual address > space, and mmap won't be able to find it either. > > If you're a 32-bit process, then malloc'ing or mmap'ing a 2GB object will be > difficult at best. Getting out of the weeds, the core issue is that CMS message input pr

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

On 7/30/2018 1:57 AM, Christian Böhme wrote: > What's the reason for using malloc(3) in the first place? Is this a > limitation of the library or just openssl cms ? > > For the latter, if the argument to -in can be determined to resolve to > a file descriptor of a regular file,

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Christian Böhme > Sent: Monday, July 30, 2018 02:57 > > For the latter, if the argument to -in can be determined to resolve to a > file > descriptor of a regular file, the file's contents can be /very/ conveniently >

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

>What's the reason for using malloc(3) in the first place? Is this a > limitation of the library or just openssl cms ? It is a limitation of the CMS command. You might look at the -stream option. If you need more then that, well, a PR is also welcomed. -- openssl-us

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

sue. What's the reason for using malloc(3) in the first place? Is this a limitation of the library or just openssl cms ? For the latter, if the argument to -in can be determined to resolve to a file descriptor of a regular file, the file's contents can be /very/ conveniently mmap(2)&#

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

>It would appear that both commands fail due to them being unable to allocate more memory to slurp the rest of the input file's contents into. Is this intentional behaviour? It is a known issue. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/li

[openssl-users] openssl cms -decrypt failing due to malloc(3) failure

(-x) unlimited $ dd if=/dev/zero of=plaintext.in bs=1024 count=$((1024 * 1024 * 2)) 2097152+0 records in 2097152+0 records out 2147483648 bytes (2.1 GB, 2.0 GiB) copied, 7.7645 s, 277 MB/s $ echo -n 'uno dos tres cuatro' | openssl cms -encrypt -aes-256-cbc -pwri_passwor

Re: [openssl-users] Authenticated encryption in CMS with OpenSSL

in crypto/evp/evp_lib.c:EVP_CIPHER_param_to_asn1() . I understand that AEAD cipher support for CMS would have to be written from scratch, then. Thanks, Christian -- *Christian Böhme* Developer System Integration CLOUD&HEAT *CLOUD & HEAT Technologies GmbH* Königsbrücker Str. 96 (Halle 15) | 01099 Dresde

Re: [openssl-users] Authenticated encryption in CMS with OpenSSL

> The ciphers are available, but the code to use things like AES-GCM never > actually worked. Or if it claimed to work, it was actually broken. I take this to mean there has actually code been written already to that effect. Sorry I was not clear. This has not been implemen

Re: [openssl-users] Authenticated encryption in CMS with OpenSSL

On 20.07.2018 15:19, Salz, Rich via openssl-users wrote: > The ciphers are available, but the code to use things like AES-GCM never > actually worked. Or if it claimed to work, it was actually broken. I take this to mean there has actually code been written already to that effect. Has it made i

Re: [openssl-users] Authenticated encryption in CMS with OpenSSL

The ciphers are available, but the code to use things like AES-GCM never actually worked. Or if it claimed to work, it was actually broken. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Authenticated encryption in CMS with OpenSSL

Hello all, While investigating if and how OpenSSL in several versions could be made to support authenticated encryption in CMS [1], I noticed that, e.g., AES in CCM and GCM modes disappeared completely in newer versions from the command line tools. That is, while, e.g., > openssl vers

Re: [openssl-users] gpgsm/cms: int_rsa_verify:wrong signature length

Yeah, you're probably right. I was distracted, should have looked closer. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] gpgsm/cms: int_rsa_verify:wrong signature length

> On Apr 23, 2018, at 7:44 PM, Salz, Rich via openssl-users > wrote: > > Your key starts with EF... Since that has the high-bit on, it should be > encoded with a leading zero. Are you sure? That does not look like a key to me... More likely to be the signature block. The broken one is on

Re: [openssl-users] gpgsm/cms: int_rsa_verify:wrong signature length

Your key starts with EF... Since that has the high-bit on, it should be encoded with a leading zero. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] gpgsm/cms: int_rsa_verify:wrong signature length

Hi, I am using GnuPG to sign 'swupdate' update images, that are verified on the target using openssl: gpgsm -o sw-description.sig -sb sw-description swupdate links against the openssl, but the equivalent cmd line is: openssl cms -verify -in sw-description.sig -inform DER -

Re: [openssl-users] cms utility "-sign" doesn't include signed content

x27;m able to verify/unpack the original message, but not able to sign the unpacked message to get back to where I started. I have access to the signer's certificate and private key. I hope somebody can point me in the right direction? I'm extracting the message with: openssl cms -veri

[openssl-users] CMS-supported ciphers

Hello! I see the CMS-Interface (CMS_encrypt, X_write_CMS, ...) does not support AES128-GCM. https://mta.openssl.org/pipermail/openssl-dev/2015-April/001177.html Is there a list of all supporting ciphers for CMS? Or how can I find out without trying it? Thanks! Chris -- openssl-users

[openssl-users] CMS/SMIME: RSASSA-PSS, RSAES-OAEP

Hello! I have an application that uses 3DES for encryption and SHA1 for signing. It is MIME-content and so I use SMIME and CMS. Is there a way to do RSAES-OAEP for keyencryption and RSASSA-PSS for signing with the commandline-tools too or do I need to use the API? Cheers, Chris -- openssl

[openssl-users] cms utility "-sign" doesn't include signed content

but not able to sign the unpacked message to get back to where I started. I have access to the signer's certificate and private key. I hope somebody can point me in the right direction? I'm extracting the message with: openssl cms -verify -CAfile CA_cert.pem -inform pem -in original -o

Re: [openssl-users] gpgsm/openssl cms detached signatures verification fails

On 15/05/2017 17:54, Andreas Fenkart wrote: Hi list, I'm experimenting with openssl/gnupg interoperability. It seems the least common multiple is cms. I didn't find a way to produce output with opengpg to work with 'openssl dgst' directly. Am I wrong, is there a

[openssl-users] gpgsm/openssl cms detached signatures verification fails

Hi list, I'm experimenting with openssl/gnupg interoperability. It seems the least common multiple is cms. I didn't find a way to produce output with opengpg to work with 'openssl dgst' directly. Am I wrong, is there a simpler way? generate gpgsm keyring: https://lists.gt.n

Re: [openssl-users] Some S/MIME CMS encrypted messages produce invalid key length when using the debug_decrypt option

The message is first signed then encrypted. Commands are as follows /usr/bin/openssl cms -encrypt -aes128 -in /tmp/OpenSSL5294490400891792656.eml -out /tmp/OpenSSL3519826551660167644.eml -subject 'subject' -from sen...@sender.com -to recipi...@recipient.com,recipie...@recipient.c

Re: [openssl-users] Some S/MIME CMS encrypted messages produce invalid key length when using the debug_decrypt option

On Mon, May 08, 2017, Harakiri via openssl-users wrote: > Im using the cmd client openssl cms -decrypt with the "debug_decrypt" option > to have the same behaviour as before the bleichenbach security patch to use > decryption without recipient public keys. > For some reas

[openssl-users] Some S/MIME CMS encrypted messages produce invalid key length when using the debug_decrypt option

Im using the cmd client openssl cms -decrypt with the "debug_decrypt" option to have the same behaviour as before the bleichenbach security patch to use decryption without recipient public keys. For some reason, some messages will produce the following error on OpenSSL 1.0.2d and ev

Re: [openssl-users] Using RSASSA-PSS in command line smime / cms utility

On Mon, Feb 13, 2017, Harakiri via openssl-users wrote: > Can i set the padding RSASSA-PSS or alg ECDSA via command line when using > openssl smime or openssl cms command? > I can't find an option for it. You have to use the cms command and -keyopt rsa_padding_mode:pss

[openssl-users] Using RSASSA-PSS in command line smime / cms utility

Can i set the padding RSASSA-PSS or alg ECDSA via command line when using openssl smime or openssl cms command? I can't find an option for it.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Why is the signing-time signed attribute added unconditionally in CMS signatures?

Hi, I'm wondering why OpenSSL adds the signing-time signed attribute unconditionally to a CMS signedData object. See function CMS_SignerInfo_sign() in source file cms_sd.c: if (CMS_signed_get_attr_by_NID(si, NID_pkcs9_signingTime, -1) < 0) { if (!cms_add1_signingTime(

  1   2   3   4   >