<div dir="ltr"><div class="gmail_default" style="font-family:courier new,monospace;color:rgb(76,17,48)">I am affraid EC certs do not work in CMS openSSL 1.0.2. I just wrote a simple test procedure:<br><br>void cmsTest()<br>{<br> //this RSA works<br> //auto certFileBio = BIO_new_file("c:\\a\\simplersa_noPem.cer", "rb");<br> //auto prvKeyFileBio = BIO_new_file("c:\\a\\simplersa_pkey.openssl", "rb");<br><br> //this EC not<br> auto certFileBio = BIO_new_file("c:\\a\\advancedbr256r1_noPem.cer", "rb");<br> auto prvKeyFileBio = BIO_new_file("c:\\a\\advancedbr256r1_pkey.pkcs8", "rb");<br> <br> auto evpPkey = d2i_PrivateKey_bio(prvKeyFileBio, 0);<br> auto cert = d2i_X509_bio(certFileBio, 0);<br> stack_st_X509* certStack = sk_X509_new_null();<br> sk_X509_push(certStack, cert);<br> X509_STORE* store = X509_STORE_new();<br> X509_STORE_add_cert(store, cert);<br><br> //sign<br> auto inFileBio = BIO_new_file("c:\\tmp\\0_inContent.txt", "rb");<br> CMS_ContentInfo *cms = CMS_sign(cert, evpPkey, 0, inFileBio, 0);<br> auto cmsOutFileBio = BIO_new_file("c:\\tmp\\1_signedCms.txt", "wb");<br> auto res = PEM_write_bio_CMS_stream(cmsOutFileBio, cms, 0, 0);<br> BIO_free(inFileBio);<br> BIO_free(cmsOutFileBio);<br><br> //encrypt<br> inFileBio = BIO_new_file("c:\\tmp\\1_signedCms.txt", "rb");<br> cms = CMS_encrypt(certStack, inFileBio, EVP_aes_128_cbc(), 0);<br> auto ecnryptedCmsOutFileBio = BIO_new_file("c:\\tmp\\2_encryptedSignedCmsOut.txt", "wb");<br> res = PEM_write_bio_CMS_stream(ecnryptedCmsOutFileBio, cms, 0, 0);<br> BIO_free(inFileBio);<br> BIO_free(ecnryptedCmsOutFileBio);<br><br> //decrypt<br> inFileBio = BIO_new_file("c:\\tmp\\2_encryptedSignedCmsOut.txt", "rb");<br> cms = PEM_read_bio_CMS(inFileBio, 0, 0, 0);<br> auto decryptedCmsOutFileBio = BIO_new_file("c:\\tmp\\3_decryptedSignedCmsOut.txt", "wb");<br> res = CMS_decrypt(cms, evpPkey, cert, 0, decryptedCmsOutFileBio, 0); // ERROR HERE **************************************************************<br> BIO_free(decryptedCmsOutFileBio);<br> BIO_free(inFileBio);<br><br> //verify/read content CMS<br> inFileBio = BIO_new_file("c:\\tmp\\3_decryptedSignedCmsOut.txt", "rb");<br> cms = PEM_read_bio_CMS(inFileBio, 0, 0, 0);<br> auto decodedCmsOutFileBio = BIO_new_file("c:\\tmp\\4_inContext.txt", "wb");<br> res = CMS_verify(cms, certStack, store, 0, decodedCmsOutFileBio, 0);<br> auto signers = CMS_get0_signers(cms);<br> BIO_free(inFileBio);<br> BIO_free(decodedCmsOutFileBio);<br> <br> //deinit<br> EVP_PKEY_free(evpPkey);<br> sk_X509_free(certStack);<br> X509_STORE_free(store);<br> BIO_free(certFileBio);<br> BIO_free(prvKeyFileBio);<br>}<br><br></div><div class="gmail_default" style="font-family:courier new,monospace;color:rgb(76,17,48)">and it works perfectly if RSA certificate is used but It fails during decrypt if I use the brainpool based certificates.<br></div><div class="gmail_default" style="font-family:courier new,monospace;color:rgb(76,17,48)">The error occurs in cms_env.c, cms_env_asn1_ctrl function<br><br>int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd)<br>{<br> EVP_PKEY *pkey;<br> int i;<br> if (ri->type == CMS_RECIPINFO_TRANS)<br> pkey = ri->d.ktri->pkey;<br> else if (ri->type == CMS_RECIPINFO_AGREE) {<br> EVP_PKEY_CTX *pctx = ri->d.kari->pctx;<br> if (!pctx)<br> return 0;<br> pkey = EVP_PKEY_CTX_get0_pkey(pctx);<br> if (!pkey)<br> return 0;<br> } else<br> return 0;<br> if (!pkey->ameth || !pkey->ameth->pkey_ctrl)<br> return 1;<br> i = pkey->ameth->pkey_ctrl(pkey, ASN1_PKEY_CTRL_CMS_ENVELOPE, cmd, ri); // this returns 0 *********************<br> if (i == -2) {<br> CMSerr(CMS_F_CMS_ENV_ASN1_CTRL,<br> CMS_R_NOT_SUPPORTED_FOR_THIS_KEY_TYPE);<br> return 0;<br> }<br> if (i <= 0) {<br> CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE);<br> return 0;<br> }<br> return 1;<br>}<br></div><div class="gmail_default" style="font-family:courier new,monospace;color:rgb(76,17,48)"><br></div><div class="gmail_default" style="font-family:courier new,monospace;color:rgb(76,17,48)">the i = pkey->ameth->pkey_ctrl call returns 0 and error CMSerr(CMS_F_CMS_ENV_ASN1_CTRL, CMS_R_CTRL_FAILURE is set.<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">2015-04-09 15:20 GMT+02:00 Dr. Stephen Henson <span dir="ltr"><<a href="mailto:steve@openssl.org" target="_blank">steve@openssl.org</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">On Thu, Apr 09, 2015, Pawe?? Ka??mierczak wrote:<br>
<br>
> Hi,<br>
><br>
> currently openssl in CMS supports only RSA based certificates but EC based<br>
> certificates are supported in openssl TLS... so I assume that there is<br>
> already a code that can sing/verify and perform key agreement (ECKA-EG<br>
> ECKA-DH) using eliptic curves.<br>
><br>
> Can someone please tell me if this will be a lot of work to use that code<br>
> in CMS in a way that CMS could work with EC based certificates?<br>
><br>
<br>
OpenSSL 1.0.0 and later should support ECDSA in CMS. The use of ECDH is quite<br>
rare: most implementations just use RSA key exchange. OpenSSL 1.0.2 does<br>
support ECDH though.<br>
<br>
Steve.<br>
--<br>
Dr Stephen N. Henson. OpenSSL project core developer.<br>
Commercial tech support now available see: <a href="http://www.openssl.org" target="_blank">http://www.openssl.org</a><br>
_______________________________________________<br>
openssl-dev mailing list<br>
To unsubscribe: <a href="https://mta.openssl.org/mailman/listinfo/openssl-dev" target="_blank">https://mta.openssl.org/mailman/listinfo/openssl-dev</a><br>
</blockquote></div><br></div>