S/MIME 4.0 (RFC 8551): PKCS7_ support?
Steffen Nurpmeso
steffen at sdaoden.eu
Mon Oct 9 17:06:05 UTC 2023
Hello.
After my CACert-backed S/MIME approach has come to an end
i thought i switch to some self-signed one with attached
certificate in signed envelope, as now many PGP people do.
Alongside this i thought using a much smaller key would be great,
and so i generated
openssl req -noenc -newkey ED25519 -keyout key.pem -out csr.pem -x509
which gives wonderful short things.
Unfortunately i cannot use it
s-nail: Error setting PKCS#7 signing object signer: error:10800094:PKCS7 routines::signing not supported for this key type
I seem to know that this type does not support streams aka update,
update, .. final cycles, but wanted to ask whether this is the
problem here (without doing all the rewrite stuff), or whether the
OpenSSL PKCS7 codebase simply cannot deal with RFC 8551 yet.
Thank you,
Ciao from Germany.
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the openssl-users
mailing list