Im using the cmd client openssl cms -decrypt with the "debug_decrypt" option to have the same behaviour as before the bleichenbach security patch to use decryption without recipient public keys. For some reason, some messages will produce the following error on OpenSSL 1.0.2d and even OpenSSL 1.0.2k Error decrypting CMS structure6828:error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length:evp_enc.c:593:6828:error:2E078076:CMS routines:cms_EncryptedContent_init_bio:invalid key length:cms_enc.c:163: Calling cms -decrypt without the debug_decrypt option produces no error. What is weird, is that its always basically the same source e-mail encrypted using openssl cms with aes-128-cbc and rsaesOaep and sometimes the resulting messagewill produce this error and other times it works.
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
