openssl cms -encrypt error: error setting recipientinfo

Ted Wynnychenko ted.m.w at comcast.net
Thu May 6 02:06:14 UTC 2021 

Hello


I recently decided to change from RSA to EC keys/certs.
I do this primarily as a learning exercise (there is no real corporate or
professional demand to have this working).
I am running OpenBSD current (6.9) from about 1 month ago.


Previously, I have been using "openssl smime" to sign and encrypt emails.

Now that I am migrating to EC keys/certificates, I need to switch to
"openssl cms".

However, I am unable to encrypt using the EC certificate.

When I use:
(I am going to obfuscate the emails in plain text, although I understand
there will be some encoded in the public key that follows.)

cat text.in | /usr/bin/openssl cms -encrypt -from 'User <user at example.com>'
-to 'Admin <admin at example.com>' -subject "Test Email" -aes256 encryption.pem
> encrypted.out

with the old RSA certificate, everything works as expected.

But, when I replace the RSA cert with the EC certificate, it does not.
Instead, I see:

15724089243112:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl
failure:/usr/src/lib/libcrypto/cms/cms_env.c:124:
15724089243112:error:2EFFF074:CMS routines:CRYPTO_internal:error setting
recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944:
15724089243112:error:2EFFF068:CMS routines:CRYPTO_internal:cms
lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850:

And the output file is zero size.
The "-to" email address used is encoded as a SAN email in the EC
certificate.

I tried a more basic command:

openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem

Works with RSA certificate, same error with EC certificate.

I also tried (not really understanding, but it is in the man page example):

openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem
-keyopt ecdh_kdf_md:sha256

and got the same error.

I am not sure what this error means, or how to address it.

I was wondering if I needed to add the email to the certificate's DN, but
since (I understand) emails in the DN are depreciated, and the email is
included as a SAN, that seems unlikely.

Any suggestions would be great.

I have pasted the output from, "openssl x509 -in encryption.pem -noout
-text" below.
As I said, the plain text has been altered, but the public key is unchanged.

Thanks

Ted


$ openssl x509 -in encryption.pem -noout -text

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 25 (0x19)
    Signature Algorithm: ecdsa-with-SHA384
        Issuer: C=US, ST=State, L=Town, O=Example, OU=Home, CN=example.com
        Validity
            Not Before: Jan  2 00:00:00 2019 GMT
            Not After : Apr 17 13:57:06 2051 GMT
        Subject: C=US, ST=State, L=Town, O=Example, OU=Home,
CN=admin.example.com
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (384 bit)
                pub:
                    04:80:34:1b:cf:63:94:33:47:37:39:42:89:cd:80:
                    86:44:2f:df:5f:e2:cb:3f:1b:08:3b:2c:c8:20:ec:
                    4e:68:2a:ac:1d:ba:7b:09:3d:78:84:cc:e5:7c:f1:
                    5f:3c:36:c1:89:c1:8d:95:dc:ec:dd:7c:18:e9:58:
                    a2:83:bc:f9:db:82:cc:c3:fe:17:87:e3:52:78:70:
                    3b:2a:9e:ca:44:f6:f0:ff:42:82:8b:5a:51:9f:94:
                    63:4b:ef:08:d1:53:37
                ASN1 OID: secp384r1
                NIST CURVE: P-384
        X509v3 extensions:
            X509v3 Basic Constraints:
                CA:FALSE
            X509v3 Subject Key Identifier:
                C6:1E:C2:DD:D2:89:2A:64:58:F2:94:1F:EB:80:CA:AC:3C:9B:43:DC
            X509v3 CRL Distribution Points:

                Full Name:
                  URI:https://crl.example.com/example.ca.crl
                CRL Issuer:
                  DirName: C = US, O = Example, CN = example.com

            Authority Information Access:
                OCSP - URI:http://ocsp.example.com:2560

            X509v3 Issuer Alternative Name:
                DNS:example.com, email:admin at example.com
            X509v3 Authority Key Identifier:
 
keyid:74:87:C7:29:8F:E5:8F:79:00:9F:95:52:69:F8:CA:57:A6:84:4C:9E
 
DirName:/C=US/ST=Illinois/L=Winnetka/O=Wynnychenko/OU=Home/CN=wynnychenko.co
m
                serial:B0:99:14:14:0B:6D:33:21

            X509v3 Key Usage: critical
                Digital Signature, Non Repudiation, Key Encipherment, Data
Encipherment
            X509v3 Extended Key Usage:
                E-mail Protection
            X509v3 Subject Alternative Name:
                email:admin at example.com
    Signature Algorithm: ecdsa-with-SHA384
         30:65:02:31:00:94:1c:9e:ce:f2:0f:9f:b4:65:18:6d:7d:e4:
         be:01:19:0e:05:02:02:f6:83:84:88:11:0a:39:69:39:2a:7a:
         af:64:dd:4d:d0:57:dd:e3:db:8f:02:0a:8a:1b:27:8a:80:02:
         30:44:65:8c:36:be:7a:c6:27:cf:6d:3d:9c:42:d1:72:93:a5:
         df:21:c9:c0:58:64:c3:6e:d7:7c:30:13:da:10:7d:b9:e6:5d:
         d6:1c:89:e0:d5:eb:ba:03:d8:76:22:17:18

More information about the openssl-users mailing list