Authenticated encryption in CMS with OpenSSL

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Authenticated encryption in CMS with OpenSSL

Christian Böhme
Hello all,

While investigating if and how OpenSSL in several versions could be
made to support authenticated encryption in CMS [1], I noticed that,
e.g., AES in CCM and GCM modes disappeared completely in newer versions
from the command line tools.

That is, while, e.g.,

> openssl version
OpenSSL 1.0.2g  1 Mar 2016

> openssl enc -ciphers 2>&1 | grep -E -i -- '-(ccm|gcm)'
-aes-128-ccm               -aes-128-cfb               -aes-128-cfb1
-aes-128-gcm               -aes-128-ofb               -aes-128-xts
-aes-192-cbc               -aes-192-ccm               -aes-192-cfb
-aes-192-ecb               -aes-192-gcm               -aes-192-ofb
-aes-256-ccm               -aes-256-cfb               -aes-256-cfb1
-aes-256-gcm               -aes-256-ofb               -aes-256-xts
-gost89-cnt                -id-aes128-CCM             -id-aes128-GCM
-id-aes128-wrap            -id-aes192-CCM             -id-aes192-GCM
-id-aes192-wrap            -id-aes256-CCM             -id-aes256-GCM

provides the modes,

> openssl version
OpenSSL 1.1.0h  27 Mar 2018

> openssl enc -ciphers | grep -E -i -- '-(ccm|gcm)'

does not.

The respective algorithms, such as  EVP_aes_256_gcm() , appear to be available
in both versions' libraries, though.

Would someone perhaps involved in the release process be able to explain
the reasoning behind dropping the authenticated encryption modes from the
command line tools?  Are there plans to extend OpenSSL's current support
for CMS [2] to newer CMS versions?  Or is there even a connection between
the two, preventing the latter?


Thanks,
Christian

[1] https://tools.ietf.org/html/rfc5083
[2] https://tools.ietf.org/html/rfc3369

--
*Christian Böhme*

Developer System Integration

CLOUD&HEAT

*CLOUD & HEAT Technologies GmbH*
Königsbrücker Str. 96 (Halle 15) | 01099 Dresden
Tel: +49 351 479 3670 - 100
Fax: +49 351 479 3670 - 110
E-Mail: [hidden email] <mailto:[hidden email]>
Web: https://www.cloudandheat.com <https://www.cloudandheat.com>

Handelsregister: Amtsgericht Dresden
Registernummer: HRB 30549
USt.-Ident.-Nr.: DE281093504
Geschäftsführer: Nicolas Röhrs



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (545 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Authenticated encryption in CMS with OpenSSL

OpenSSL - User mailing list
The ciphers are available, but the code to use things like AES-GCM never actually worked.  Or if it claimed to work, it was actually broken.
 

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Authenticated encryption in CMS with OpenSSL

Christian Böhme
On 20.07.2018 15:19, Salz, Rich via openssl-users wrote:

> The ciphers are available, but the code to use things like AES-GCM never
> actually worked.  Or if it claimed to work, it was actually broken.

I take this to mean there has actually code been written already
to that effect.  Has it made its way into the repo, and if so, which
branch/tree could it be in?

Thanks,
Christian

--
*Christian Böhme*

Developer System Integration

CLOUD&HEAT

*CLOUD & HEAT Technologies GmbH*
Königsbrücker Str. 96 (Halle 15) | 01099 Dresden
Tel: +49 351 479 3670 - 100
Fax: +49 351 479 3670 - 110
E-Mail: [hidden email] <mailto:[hidden email]>
Web: https://www.cloudandheat.com <https://www.cloudandheat.com>

Handelsregister: Amtsgericht Dresden
Registernummer: HRB 30549
USt.-Ident.-Nr.: DE281093504
Geschäftsführer: Nicolas Röhrs



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (545 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Re: Authenticated encryption in CMS with OpenSSL

OpenSSL - User mailing list
    > The ciphers are available, but the code to use things like AES-GCM never
    > actually worked.  Or if it claimed to work, it was actually broken.
   
    I take this to mean there has actually code been written already
    to that effect.


Sorry I was not clear.

This has not been implemented.  In recent releases, we added a check to disallow AEAD ciphers, rather than failing (perhaps SILENTLY) later on.


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: Authenticated encryption in CMS with OpenSSL

Christian Böhme
On 20.07.2018 15:42, Salz, Rich via openssl-users wrote:

> Sorry I was not clear.
>
> This has not been implemented.  In recent releases, we added a check to disallow AEAD ciphers,
> rather than failing (perhaps SILENTLY) later on.

Yeah, the checks happen in  crypto/evp/evp_lib.c:EVP_CIPHER_param_to_asn1() .

I understand that AEAD cipher support for CMS would have to be written from
scratch, then.


Thanks,
Christian

--
*Christian Böhme*

Developer System Integration

CLOUD&HEAT

*CLOUD & HEAT Technologies GmbH*
Königsbrücker Str. 96 (Halle 15) | 01099 Dresden
Tel: +49 351 479 3670 - 100
Fax: +49 351 479 3670 - 110
E-Mail: [hidden email] <mailto:[hidden email]>
Web: https://www.cloudandheat.com <https://www.cloudandheat.com>

Handelsregister: Amtsgericht Dresden
Registernummer: HRB 30549
USt.-Ident.-Nr.: DE281093504
Geschäftsführer: Nicolas Röhrs



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

signature.asc (545 bytes) Download Attachment