[openssl-users] Is the structure of this CMS object correct?

Stephan Mühlstrasser stm at pdflib.com
Tue Feb 23 13:09:57 UTC 2016

Am 23.02.16 um 14:04 schrieb Dr. Stephen Henson:
> On Tue, Feb 23, 2016, Stephan M?hlstrasser wrote:
>> Am 09.02.16 um 16:39 schrieb Erwann Abalea:
>>> Bonjour Stephan,
>>> ...
>>> PKCS#7 and CMS are pretty much interchangeable.
>>> Here, your file is strictly not a PKCS#7v1.5, because in this version,
>>> RecipientInfo wasn?t a CHOICE (see RFC2315 to see PKCS#7v1.5 definitions).
>>> How did you generate this structure? Adobe Acrobat?
>> The previous structure was generated with Adobe Acrobat XI.
>> I repeated the experiment with Adobe Acrobat DC, and something was
>> changed in the structure of the CMS object, but it still does not
>> look correct to me (full dumpasn1 output below).
>> It is clear to me that there is no problem with OpenSSL here, but I
>> would appreciate it if someone with more authority on CMS and ASN.1
>> than me could confirm that the CMS structure is broken and that
>> OpenSSL is correct to reject it, thanks.
> To properly analyse the structure it would help if you included the file you
> are trying to parse.

Sure, here it is. I had thought that ASN.1 dump would be sufficient.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: cms-DC-AES256.der
Type: application/x-x509-ca-cert
Size: 449 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160223/95259e2d/attachment.crt>

More information about the openssl-users mailing list