I'm trying to implement CMS encrypt using ECDH keys. Ref openssl CMS with ECDH EnvelopedData <http://stackoverflow.com/questions/29280688/openssl-cms-with-ecdh-envelopeddata> The command line works flawlessly but my program is giving an error - Error Encrypting Data 140508524291744:error:2E06507D:CMS routines:CMS_add1_recipient_cert:not supported for this key type:cms_env.c:210: In code below, recip.pem was created using steps here openssl CMS with ECDH EnvelopedData <http://stackoverflow.com/questions/29280688/openssl-cms-with-ecdh-envelopeddata> int main (int argc, char **argv) { CMS_ContentInfo *cms1 = NULL; BIO *in = NULL, *out = NULL, *tbio = NULL; X509 *rcert = NULL; int ret = 1; int flags = CMS_STREAM; OpenSSL_add_all_algorithms(); ERR_load_crypto_strings(); tbio = BIO_new_file("recip.pem", "r"); if (!tbio) goto err; rcert = PEM_read_bio_X509(tbio, NULL, 0, NULL); if (!rcert) goto err; in = BIO_new_file("encr.txt", "r"); flags |= CMS_PARTIAL; cms1 = CMS_encrypt(NULL, in, EVP_des_ede3_cbc(), flags); CMS_RecipientInfo *ri; ri = CMS_add1_recipient_cert(cms1, rcert, flags); if (!ri) goto err; if(!CMS_final(cms1, in, NULL, flags)) goto err; if (!cms1) goto err; out = BIO_new_file("cms1.pem", "w"); if(!out) goto err; if(!PEM_write_bio_CMS_stream(out, cms1, in, flags)) goto err; ret = 0; err: ##cleanup } The documentation states ECC keys are not supported yet the commandline cms app is able to do it without a problem. I stepped through the cms app but am unable to figure out what I'm doing differently. Also tried the cms_enc.c from the demos folder but that does not handle ecc keys as well. TIA! -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150418/e67f10c2/attachment.html>
