On Apr 4, 2016, at 3:42 PM, Jakob Bohm <jb-open...@wisemo.com> wrote: > Unless you can point out a clause in the "CMS" format RFCs > that allow use without X.509 certificates, there is no reason > why the "CMS" part of the OpenSSL library should be able to > any such thing.
The CMS RFC (RFC 5652) specifies password based key derivation (in addition to asymmetric-key crypto key transport or agreement, and also a symmetric-cryptography key transport mechanism). See section 6.2. It looks like password based key derivation wasn't in the original PKCS#7, but was introduced in a 2001 specification (RFC 3211) and was folded into the 2002 revision of CMS (RFC 3369). -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users