CMS in openssl

Jakob Bohm jb-openssl at wisemo.com
Wed Apr 22 02:26:18 UTC 2020 

A few corrections:

OpenSSL included CMS (RFC3369) support since 1.0.0 (see the CHANGES 
file), though for a long time, there was an arbitrary disconnect between 
functions named CMS and functions named PKCS#7 even though it should 
have been a continuum.

The PKCS#7 and CMS standards equally and fully support any 
non-interactive algorithm that has been assigned an OID, from 
RSA+MD2+DES to HSS/LSS+STREEBOG+CAMELIA, no artifical version 
dependencies like in the OpenSSL interpretation of TLS.

On 2020-04-22 03:46, Michael Richardson wrote:
> Michael Mueller <abaci.mjm at gmail.com> wrote:
>      > We've implemented what I gather can be called a CMS on Linux and Windows
>      > using openssl evp functions.
>
> I'm not sure why you say it this way.
> OpenSSL includes CMS (RFC3369) support, but I think not until 1.1.0.
> Did you implement RFC3369, or something else?
>
> You don't say if this is email or something else.
>
>      > We need to expand this CMS to other systems, on which we have not been able
>      > to build openssl. These other systems have a vendor supplied security
>      > application. This application supports PKCS7.
>
>      > We are being asked if our evp CMS is interoperable with PKCS7.
>
> CMS (RFC3369/2630) is an upward revision to PKCS7 (RFC2315) 1.5.
> CMS can read PKCS7 messages, but converse is not true.
>
> I think it is possible to configure the CMS routines to produce PKCS7
> messages, but I didn't do this in my RFC8366 support. I just forklift
> upgraded to CMS.
>
>      > If it is possible and more information is required to answer this question,
>      > I'll provide such information.
>
>      > If not, advice on how to present that argument to management would be
>      > appreciated.
>
> You will understand them, but they won't understand you.
>
> You may be able to configure your end to generate PKCS7 easily, and it may
> have little effect.  This might degenerate until just using PKCS7 everywhere.
>
> The major difference is the eContentType that is lacking in PKCS7.
> And algorithms: I think that there are few modern algorithms defined for PKCS7.
>
> You could easily run in PKCS7 mode until you receive a CMS message from the
> peer, and then upgrade to CMS.  But this winds up in a bid-down attack if
> both parties run this algorithm, so you'd want to insert some extension that
> said: "I can do CMS" into your PKCS7 messages.
>
>
Enjoy

Jakob
-- 
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list