CMS and GCM

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

CMS and GCM

Dr. Pala-2

Hi All,

I am having issues using AES GCM in EnvelopedData - in particular if I use AES CBC, that is ok, but when I try to use the GCM mode, I simply cannot finalize the data.

Are there any specific operations that need to happen in order to use AES in GCM mode (as per RFC5084) ?

Is there a way to list the ciphers supported when using EnvelopedData ?

Cheers,
Max

--
Best Regards,
Massimiliano Pala, Ph.D.
OpenCA Labs Director
OpenCA Logo
Reply | Threaded
Open this post in threaded view
|

Re: CMS and GCM

Jakub Zelenka
Hi,

On Mon, May 13, 2019 at 12:50 AM Dr. Pala <[hidden email]> wrote:

Hi All,

I am having issues using AES GCM in EnvelopedData - in particular if I use AES CBC, that is ok, but when I try to use the GCM mode, I simply cannot finalize the data.

 If you want to use AES GCM, then you need AuthEnvelopedData.

Are there any specific operations that need to happen in order to use AES in GCM mode (as per RFC5084) ?

 I have created a PR for this: https://github.com/openssl/openssl/pull/8024 . It just needs a review from OpenSSL committers. I also need to rebase it once anyone is interested in reviewing it. :)

Cheers

ddaoiiheablnooch.png (4K) Download Attachment