On Sun, May 15, 2011 at 1:08 AM, Dr. Stephen Henson <[email protected]>wrote:
> OpenSSL has no idea what the type of the encapsulated content is: it > could be > raw binary or raw binary that looks like a CMS ContentINfo but isn't. So > you > have to tell it the type of the encapsulated content explicitly using the > -econtent_type option. > > For decoding you have to manually use the correct cms command on the > encapsulated content type. > The -econtent_type option in 1.0.0d seems only defined for SMIME_SIGN, but that is easy to resolve with some additional code. The real problem is with the actual encapsulated payload. As I interpret RFC5652 only the ContentInfo.content part is encapsulated without ContentInfo.contentType (which is subsequently moved to eContentType). This brings the question of how to do the encoding of just the ContentInfo.content part and decoding into ContentInfo.content to reconstruct the original ContentInfo structure. The available CMS functions seem to operate on ContentInfo structures but not its elements. Paul
