CMS_SIgnedData backwards-compatibility

Zachary Lund admin at computerquip.com
Tue Aug 17 03:02:01 UTC 2021


Hello,

I'm trying to encode some data into a CMS_SignedData structure. The 
verifying code, however, doesn't expect the `encapContentInfo` to be 
wrapped in an OCTET STRING. In RFC 5652 (5.2.1), they mention a possible 
exception to this for the sake of backwards compatibility with PKCS7. 
The Authenticode example they gave is basically exactly what I'm 
wanting. I was wondering if there was a way to implement this exception 
in OpenSSL's CMS API.

Thanks, Zach



More information about the openssl-users mailing list