How to Sign and Encrypt in CMS ?

Dr. Pala director at
Mon May 6 02:13:01 UTC 2019

Hi All,

small question - I was playing around with the CMS interface and I was 
wondering what is the right way to generate a signed and encrypted CMS. 
In particular, for PKCS#7, you could use the signed_and_encrypted 
choice... but in CMS, there is the envelopedData ... but that does not 
allow for signing... ??? And for the signed data, there is the 
signedData type... but that does not allow for encryption... The 
EncryptedData is for use with PSK - not a case I am interested into...

So... what is the right way of doing it ?

And when you receive such CMS, how do you extract the encryption 
algorithm from the EnvelopedData/EncryptedContentInfo (I can not find 
the helper function...) ?


Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: iijkmgiafamdaajo.png
Type: image/png
Size: 3146 bytes
Desc: not available
URL: <>

More information about the openssl-users mailing list