The wolfSSL embedded SSL/TLS library has support for PKCS#7 and you can use the wolfSSL Examples GitHub repository to take that functionality for a quick spin. PKCS #7: Cryptographic Message Syntax (CMS) is used to sign, encrypt, or decrypt messages under Public Key Infrastructure (PKI). Using the wolfSSL API to do all of the above has been demonstrated right here with different implementations and content types. This blog will showcase how to compile/run these examples.
Build wolfSSL as shown below. Some of the examples which use the CompressedData content type require the zlib library to be installed.
$ ./configure --enable-pkcs7 --enable-pwdbased CFLAGS="-DWOLFSSL_DER_TO_PEM" --with-libz
$ sudo make install
Then compile the examples in the pkcs7 directory.
All executables are now built and can be run from the terminal, encoding then decoding their respective bundles and printing the status. For example:
Successfully encoded EncryptedData bundle (encryptedData.der)
Successfully decoded EncryptedData bundle (encryptedData.der)
Be sure to examine how wolfCrypt’s usage varies across different content and RecipientInfo types. And in no time, you’ll be putting wolfSSL’s PKCS#7 API to good use and further strengthening the security for your IoT devices requiring TLS functionality.
Documentation and more information on PKCS#7 are located within doxygen pages, here: Algorithms – PKCS7 (wolfssl.com).
Wikipedia article on PKCS#7: https://en.wikipedia.org/wiki/PKCS_7
For more information about wolfSSL and PKCS#7 contact us at firstname.lastname@example.org.
wolfSSL supports TLS 1.3 ! http://www.wolfssl.com/tls13
Checkout out latest release: https://www.wolfssl.com/download