Hello Openssl Team, I've got a problem with CMS key agreement support. The command line I use is
openssl cms -decrypt -inkey seckey.pem -in enc.agree -inform der When we enter the CMS_decrypt_set1_pkey() and do not have the cert, it iterates all the recipient structs, but skips all that is NOT key transport. So we skip everything and output contains random data. I think that if the key agreement is not supported here it is better to return error when no key transport structs are found. Thank you! -- SY, Dmitry Belyavsky ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
