[openssl-users] openssl cms -decrypt failing due to malloc(3) failure

Viktor Dukhovni openssl-users at dukhovni.org
Thu Aug 2 15:13:22 UTC 2018

On Thu, Aug 02, 2018 at 01:53:42PM +0200, Christian Böhme wrote:

> > In any case, the OpenSSL apps are a convenience and a set of samples.
> My original impression was that those tools represented some kind of reference
> implementation of the libraries.  Clearly, I was wrong ;-)

Well, OpenSSL's cms(1) is not a reference implementation of the CMS

It is an implementation of CMS via the OpenSSL APIs, and its source
code is a useful resource in understanding how to use those APIs.

IIRC the requirement to extract the complete CMS message into memory
is not just an artefact of the CLI design.  Rather, I seem to recall
that presently the CMS library needs the whole message in memory
in order to process it.  If so, a streaming implementation would
need to extend the CMS implementation in libcrypto to support that
mode of operation.


More information about the openssl-users mailing list