On Tue, Jul 26, 2016, Jim Carroll wrote: > After experimenting, I can confirm this is the same issue we're seeing, > although experiencing it very differently from the MIT/Kerberos team. I can > confirm that right now PKCS7 sign/encrypt/decrypt is broken. I'd love to > help fix it, but I'm not yet up to speed on bio_enc.c and evp_enc.c. For > now, I think wait for a fix is the best approach. > > What is the accepted way for "the great unwashed" to follow tickets? I got > into the ticket system as a guest, but as guest I can't asked to be notified > about status updates. Is there a process to request a full account on > rt.openssl.org? > > Once the fix is ready, I'll submit a unittest to help with regression > testing PKCS7 sign-encrypt-decrypt-verify. > A fix is currently being reviewed. It includes a test. It just happense that the standard CMS/PKCS#7 tests use a very short content length. If it is a little longer they trigger the bug. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org
