Am 07.07.16 um 00:16 schrieb Dr. Stephen Henson:
> On Wed, Jul 06, 2016, Stephan M?hlstrasser wrote:
>
>>
>> While doing research on this, we found one thing that looks
>> suspicious in the CMS objects generated by OpenSSL 1.0.2. When
>> dumping the CMS object with dumpasn1, the key wrap algorithm is
>> encoded as follows:
>>
>> SEQUENCE {
>> OBJECT IDENTIFIER '1 3 132 1 11 3'
>> SEQUENCE {
>> OBJECT IDENTIFIER aes256-wrap (2 16 840 1 101 3 4 1 45)
>> NULL
>> }
>> }
>>
>
> That's strange: I just tried OpenSSL 1.0.2 and the master branch and I don't
> get a NULL in either case.
I apologize, you are right. I tracked this down to the fact that the CMS
object was created with an OpenSSL 1.0.2 beta version. Sorry for the
confusion.
> Also that algorithm isn't something you'd get by default with OpenSSL. Has it
> been modified in some way?
It has not been modified. The algorithm is set with the
EVP_PKEY_CTX_ctrl_str() function:
EVP_PKEY_CTX_ctrl_str(ctx, "ecdh_kdf_md", "sha256");
--
Stephan
