Hello Steve,
you are right. I corrected the code (see below). Now it works!
Thank you very much for your quick response.
...
/* encrypt content */
cms = CMS_encrypt(NULL, in, cipher, nflags);
if(!cms)
{
KWlog_appl ( EV_D_APPL_INFO , "CMS not allocated!" );
}
for (i = 0; i < sk_X509_num(encerts); i++) {
CMS_RecipientInfo* r_info;
EVP_PKEY_CTX* wrap_ctx = NULL;
nflags |= CMS_KEY_PARAM;
recip = sk_X509_value(encerts, i);
r_info = CMS_add1_recipient_cert(cms, recip, nflags);
if (!r_info) {
KWlog_appl(EV_E_APPL_INFO,
"smime_encrypt_cms(): Error
while adding recipient certs to CMS info
structure");
return false;
}
wrap_ctx = CMS_RecipientInfo_get0_pkey_ctx(r_info);
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () Set OAEP Padding");
if (EVP_PKEY_CTX_set_rsa_padding(wrap_ctx,
RSA_PKCS1_OAEP_PADDING) <= 0)
{
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () Error
while setting OAEP
Padding");
}
EVP_PKEY_CTX_set_rsa_oaep_md(wrap_ctx, EVP_sha256());
EVP_PKEY_CTX_set_rsa_mgf1_md(wrap_ctx, EVP_sha256());
EVP_PKEY_CTX_set0_rsa_oaep_label(wrap_ctx, oaep_label,
oaep_label_l);
}
KWlog ( EV_D_APPL_14 , "smime_encrypt_cms () CMS_final");
CMS_final(cms, in, NULL, nflags);
...
Regards
Rudy
--
View this message in context:
http://openssl.6102.n7.nabble.com/RSA-PKCS1-OAEP-PADDING-tp70741p70836.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
