[openssl-users] Extract content of DER-encoded package by OID

Justin Mogannam jmogannam at arkhamtechnology.com
Thu Jul 20 18:39:32 UTC 2017

Thanks for the tips thus far. One of the last issues I'm having is actually
declaring a CMS_ContentInfo structure. I just declare :

CMS_ContentInfo cms;

Amd gcc tells me "error: storage size of 'cms' isn't known". This goes back
to my question 1 of the previous email: is there a particular function call
to use to construct a CMS_ContentInfo structure? Thanks! 

-----Original Message-----
From: openssl-users [mailto:openssl-users-bounces at openssl.org] On Behalf Of
Dr. Stephen Henson
Sent: Wednesday, July 19, 2017 6:32 PM
To: openssl-users at openssl.org
Subject: Re: [openssl-users] Extract content of DER-encoded package by OID

On Wed, Jul 19, 2017, Justin Mogannam wrote:

> 2) Once again, I'm looking in openssl/cms.h, and I could not find the 
> function prototype " d2i_CMS_ContentInfo". I even did a grep on the 
> whole directory. Is it located somewhere else? I have OpenSSL 1.0.1, 
> which is after 0.9.8 when the function was added to OpenSSL.



> 3) In looking at the function prototype (via
> https://www.openssl.org/docs/man1.0.2/crypto/d2i_CMS_ContentInfo.html):
> CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, unsigned 
> char **pp, long length); I'm assuming **pp is just a pointer to the 
> array with the DER-encoded certificate in it? I just want to make sure 
> since some of the parameter names are a little ambiguous in OpenSSL.
> I'm assuming once I'm able to get the DER-encoded certificate in a CMS 
> object, I can use the function you provided and the ones in cms.h to 
> strip off "layers" of the certificate to get the encryptedKeyPackage 
> that I want (which, of course as you mentioned, I'll be able to handle 
> the rest from there). Thank you very much for your response, as it was 
> very helpful, and I hope to get just as useful of a response back!

I'm not sure what you mean by "certificate" here. The structure you
mentioned will be a CMS ContentInfo. 

Anyway see:


for details about how to decode the DER form.

Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

More information about the openssl-users mailing list