[Cryptography] CMS with OCB
Werner Koch
wk at gnupg.org
Wed Jun 2 06:09:03 EDT 2021
Hi!
does anyone known of a specification for OCB mode for CMS?
AEAD for CMS is specified in RFC-5083 with an GCM instance defined by
RFC-5084. Using GCM in CMS is actually troublesome because all AAD is
required before starting the decryption - but CMS puts the AAD after the
encrypted content. OCB would be easier.
I am also looking for GCM test messages. Bouncy Castle had a bug and
the only test message I got comes from a software which uses an unfixed
version of BC.
Shalom-Salam,
Werner
--
Die Gedanken sind frei. Ausnahmen regelt ein Bundesgesetz.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 227 bytes
Desc: not available
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210602/86c4967c/attachment.sig>
More information about the cryptography
mailing list