[openssl-users] Unable to decrypt CMS object encrypted with EC prime256v1 certificate

Stephan Mühlstrasser stm at pdflib.com
Thu Jul 7 07:24:08 UTC 2016


Am 07.07.16 um 00:16 schrieb Dr. Stephen Henson:
> On Wed, Jul 06, 2016, Stephan M?hlstrasser wrote:
>
>>
>> While doing research on this, we found one thing that looks
>> suspicious in the CMS objects generated by OpenSSL 1.0.2. When
>> dumping the CMS object with dumpasn1, the key wrap algorithm is
>> encoded as follows:
>>
>> SEQUENCE {
>>  OBJECT IDENTIFIER '1 3 132 1 11 3'
>>  SEQUENCE {
>>    OBJECT IDENTIFIER aes256-wrap (2 16 840 1 101 3 4 1 45)
>>    NULL
>>    }
>>  }
>>
>
> That's strange: I just tried OpenSSL 1.0.2 and the master branch and I don't
> get a NULL in either case.

I apologize, you are right. I tracked this down to the fact that the CMS 
object was created with an OpenSSL 1.0.2 beta version. Sorry for the 
confusion.

> Also that algorithm isn't something you'd get by default with OpenSSL. Has it
> been modified in some way?

It has not been modified. The algorithm is set with the 
EVP_PKEY_CTX_ctrl_str() function:

EVP_PKEY_CTX_ctrl_str(ctx, "ecdh_kdf_md", "sha256");

-- 
Stephan


More information about the openssl-users mailing list