> On Jan 26, 2018, at 10:13 AM, clou <mail@xxxxxxxx> wrote: > > openssl cms -sign works perfect and sending an email. > > For encryption and sending an email I just get an email with an attachment smime.p7m. > > I use the following encryption command > > openssl cms -encrypt \ > -recip cert.pem \ > -subject 'openssl encrypt' \ > -to email \ > -from email \ > -in msg.txt \ > -keyopt ecdh_kdf_md:sha256 \ > | \ > sendmail email > > > Any idea how I need do encrypt (or encrypt and sign) in order to get a proper email? This requires a pipeline of two cms(1) commands, one to sign and other to encrypt (S/MIME is generally a sign-then-encrypt encapsulation). The inner signed content would be the just the payload no mail headers. And yes, ECDSA is supported with CMS. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
