Decrypt a PKCS7 file in c++ with OpenSSL
Pergunta
I have a PKCS7 file, produced by M2Crypto python library, which looks like this:
-----BEGIN PKCS7-----
MIIBWAYJKoZIhvcNAQcDo[cut]
-----END PKCS7-----
Is is binary content encripted by a public key.
Now I need to decrypt it in C++, but it seems not to recognize this format. I tried d2i_PKCS7_bio()
and SMIME_read_PKCS7()
, but I always get errors like:
8957:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1316:
8957:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:380:Type=PKCS7
and similar errors trying by command line like this:
openssl smime -decrypt -inform DER -binary -inkey privkey.pem
EDIT
I found the right command line option:
openssl cms -decrypt -in samplepkcs7.pem -inkey privkey.pem -inform pem
Now I need to find the corresponding function in C++.
Maybe I'm wrong, but it's really hard to find documentation on this. Any help would be appreciated.
Solução
What you have is a PEM-format object; a DER-format object would look like garbage in a text editor (by virtue of being a binary format). Hence you want PEM_read_PKCS7()
.
The OpenSSL documentation is inherently a mess, and it's very difficult to learn your way around without a guide of some sort. I recommend the O'Reilly Network Security with OpenSSL text; while written for OpenSSL 0.9.6/0.9.7, it's still an excellent introduction to the library (the API hasn't changed very much) and will serve as a handy reference.