diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-04-16 12:15:43 +0100 |
---|---|---|
committer | Dr. Stephen Henson <steve@openssl.org> | 2014-04-16 12:36:21 +0100 |
commit | ebbbc8bd1c42a22e45116e4a1ebd7ab5e57a4090 (patch) | |
tree | 462b5780c662598fdb6fb437a422593aa289348d /doc | |
parent | bddd6e349549ed18c28d2172d030fd32cf000071 (diff) |
Document -debug_decrypt option.
(cherry picked from commit 0dd5b94aeb77c2982bdf6886962b7a8491c6c9ed)
Diffstat (limited to 'doc')
-rw-r--r-- | doc/apps/cms.pod | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/doc/apps/cms.pod b/doc/apps/cms.pod index a09588a18d..dd0fd862b4 100644 --- a/doc/apps/cms.pod +++ b/doc/apps/cms.pod @@ -90,6 +90,11 @@ decrypt mail using the supplied certificate and private key. Expects an encrypted mail message in MIME format for the input file. The decrypted mail is written to the output file. +=item B<-debug_decrypt> + +this option sets the B<CMS_DEBUG_DECRYPT> flag. This option should be used +with caution: see the notes section below. + =item B<-sign> sign mail using the supplied certificate and private key. Input file is @@ -446,6 +451,16 @@ Streaming is always used for the B<-sign> operation with detached data but since the content is no longer part of the CMS structure the encoding remains DER. +If the B<-decrypt> option is used without a recipient certificate then an +attempt is made to locate the recipient by trying each potential recipient +in turn using the supplied private key. To thwart the MMA attack +(Bleichenbacher's attack on PKCS #1 v1.5 RSA padding) all recipients are +tried whether they succeed or not and if no recipients match the message +is "decrypted" using a random key which will typically output garbage. +The B<-debug_decrypt> option can be used to disable the MMA attack protection +and return an error if no recipient can be found: this option should be used +with caution. For a fuller description see L<CMS_decrypt(3)|CMS_decrypt(3)>). + =head1 EXIT CODES =over 4 |