openssl cms and smime support

GoogleCloudPlatform / kms-integrations

https://cloud.google.com/kms

Apache License 2.0

39 stars 13 forks source link

openssl cms and smime support #9

Closed cristianpaul0 closed 1 year ago

cristianpaul0 commented 2 years ago

Could you provide an example and/or acknowledgement if this library works with openssl cms and/or openssl smime?

cristianpaul0 commented 2 years ago

openssl smime -sign -in somedata.txt -out out.txt -md sha256 -nocerts -nodetach -certfile my-request.crt -engine pkcs11 -keyform engine -inkey pkcs11:object=myksmkey -signer my-request.crt seems to work

tdbhacks commented 2 years ago

At first glance, it looks like both openssl cms and openssl smime should work fine with our library, we haven't noticed anything clearly suggesting incompatibility issues in their respective documentation.

I am not super familiar with those two tools, so the only thing that comes to mind is paying attention to the KMS data limits (eg. the maximum data input size for Encrypt and Decrypt functions is 64 KiB).

tdbhacks commented 1 year ago

Closing for inactivity, feel free to reopen if needed.