Re: [Evolution] Failed S/MIME encryption when using an EC P-384 cert

From: Milan Crha <mcrha redhat com>
To: evolution-list gnome org
Subject: Re: [Evolution] Failed S/MIME encryption when using an EC P-384 cert
Date: Thu, 14 Jul 2022 18:31:55 +0200

On Thu, 2022-07-14 at 15:42 +0200, Szymon Wiśniewski wrote:

Detailed error: security library: invalid algorithm. (-8186) - Cannot
create CMS Recipient information


        Hi,
that error is returned by the NSS library, specifically call to
NSS_CMSRecipientInfo_Create() returns the "invalid algorithm" error. 
You can try to update the Flatpak version you use, which can bring a
newer NSS library, but whether the update will really help I do not
know.

I'm afraid there's nothing the evolution(-data-server) can do about it,
the function just takes the recipient certificate.

I see there's also called NSS_SMIMEUtil_FindBulkAlgForRecipients(),
which returns common algorithm the NSS can use for the encryption. Even
the function did not fail (you'd get a different error), the chosen
algorithm doesn't work for one of the recipients.
        Bye,
        Milan

References:
- [Evolution] Failed S/MIME encryption when using an EC P-384 cert
  - From: Szymon Wiśniewski

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]