S/MIME 4.0 (RFC 8551): PKCS7_ support?
Steffen Nurpmeso
steffen at sdaoden.eu
Mon Oct 9 19:10:04 UTC 2023
Viktor Dukhovni wrote in
<ZSQ9aZwh7SpRUzYH at straasha.imrryr.org>:
|On Mon, Oct 09, 2023 at 07:06:05PM +0200, Steffen Nurpmeso wrote:
...
|> Alongside this i thought using a much smaller key would be great,
|> and so i generated
|>
|> openssl req -noenc -newkey ED25519 -keyout key.pem -out csr.pem -x509
|>
|> which gives wonderful short things.
|> Unfortunately i cannot use it
|>
|> s-nail: Error setting PKCS#7 signing object signer: error:10800094:PKCS\
|> 7 routines::signing not supported for this key type
|>
|> I seem to know that this type does not support streams aka update,
|> update, .. final cycles, but wanted to ask whether this is the
|> problem here (without doing all the rewrite stuff), or whether the
|> OpenSSL PKCS7 codebase simply cannot deal with RFC 8551 yet.
|
|Join the queue, :-(
|
| https://github.com/openssl/openssl/issues/11915
I did search only via Google as github is practically unusable if
your bandwidth is out and you live with 5-8 Kbyte/sec.
.... :) well ok hm, that gets a bit too involved for me, but the
cms tool uses the PKCS7_*() itself, so we are brothers in failure.
Thank you, Viktor!
--steffen
|
|Der Kragenbaer, The moon bear,
|der holt sich munter he cheerfully and one by one
|einen nach dem anderen runter wa.ks himself off
|(By Robert Gernhardt)
More information about the openssl-users
mailing list