[openssl-dev] [openssl.org #3789] CMS: Segmentation fault when using subject key identifier and EC
Jonas Peterson via RT
rt at openssl.org
Thu Apr 9 17:51:26 UTC 2015
Hi,
OpenSSL segfaults when trying to create an encrypted CMS data envelope
using subject key identifier and EC. Have tested this in version
1.0.2a and latest 1.1.0 release as of today (2015-04-09) with the same
result.
Example:
$ openssl version
OpenSSL 1.0.2a 19 Mar 2015
$ openssl ecparam -name prime192v1 -genkey -out ec.key
$ openssl req -x509 -new -key ec.key -out ec.crt
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
-----
Country Name (2 letter code) [AU]:
State or Province Name (full name) [Some-State]:
Locality Name (eg, city) []:
Organization Name (eg, company) [Internet Widgits Pty Ltd]:
Organizational Unit Name (eg, section) []:
Common Name (e.g. server FQDN or YOUR name) []:
Email Address []:
$ echo "Text to encrypt" > text.txt
$ openssl cms -encrypt -keyid -in text.txt -outform DER -recip ec.crt
-out out.dat
Segmentation fault: 11
If I remove the 'keyid' switch it will work as expected.
Best regards,
Jonas Peterson
More information about the openssl-dev
mailing list