New in this version

Changes in Version 23.0 (September 2024):

• Added the ability to make and read CMS enveloped-data objects using the latest RSA Key Encapsulation Mechanism (RSA-KEM) Algorithm kemRSA using KEMRecipientInfo. See CMS_MakeEnvData with option PKI_KEM_RSA and RSA-KEM.
• Added ability to add a new signer to a CMS signed-data object. See CMS_MakeSigData with option PKI_ADD_SIGNER.
• Added key derivation functions KDF2 and KDF3. See KDF_Bytes and CMS_MakeEnvData.
• Added ability to use subjectKeyIdentifier in CMS signed-data and enveloped-data objects. See option PKI_USE_SKI.
• Made changes to default options when using CMS_MakeEnvData. The default content encryption algorithm is now aes128.
• Changed default output from CMS_MakeSigData and CMS_MakeEnvData to use fixed-length encoding and use strict DER sorting rules for sets.
• Added new features to CMS_QueryEnvData to reflect above changes
  • kemParams
  • ukm
  • HASsubjectKeyIdentifier
  • recipientIdentifier
• Added new features to CMS_QuerySigData to reflect above changes.
  • CountOfDigestAlgs
  • certificate/N
  • HASsubjectKeyIdentifier
  • signerIdentifier

[Contents] [Index]