On Mon, May 08, 2017, Harakiri via openssl-users wrote: > Im using the cmd client openssl cms -decrypt with the "debug_decrypt" option to have the same behaviour as before the bleichenbach security patch to use decryption without recipient public keys. > For some reason, some messages will produce the following error on OpenSSL 1.0.2d and even OpenSSL 1.0.2k > Error decrypting CMS structure6828:error:0607A082:digital envelope routines:EVP_CIPHER_CTX_set_key_length:invalid key length:evp_enc.c:593:6828:error:2E078076:CMS routines:cms_EncryptedContent_init_bio:invalid key length:cms_enc.c:163: > Calling cms -decrypt without the debug_decrypt option produces no error. > What is weird, is that its always basically the same source e-mail encrypted using openssl cms with aes-128-cbc and rsaesOaep and sometimes the resulting messagewill produce this error and other times it works. > > That's odd. What command line are you using to create the messages? Would it be possible to create a test case that reproduces this error? Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
