On Thu, Aug 02, 2018 at 01:53:42PM +0200, Christian Böhme wrote: > > In any case, the OpenSSL apps are a convenience and a set of samples. > > My original impression was that those tools represented some kind of reference > implementation of the libraries. Clearly, I was wrong ;-) Well, OpenSSL's cms(1) is not a reference implementation of the CMS standard. It is an implementation of CMS via the OpenSSL APIs, and its source code is a useful resource in understanding how to use those APIs. IIRC the requirement to extract the complete CMS message into memory is not just an artefact of the CLI design. Rather, I seem to recall that presently the CMS library needs the whole message in memory in order to process it. If so, a streaming implementation would need to extend the CMS implementation in libcrypto to support that mode of operation. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
