On Fri, Jul 31, 2015 at 05:35:51PM +0000, Laetitia Baudoin via RT wrote: > When encrypting using the 'openssl cms -encrypt -aes-256-gcm' command an > all zero IV is used, this breaks any guarantees provided by the GCM > mode (see NIST Special Publication 800-38D). >
https://mta.openssl.org/pipermail/openssl-dev/2015-April/001177.html > - If AES-GCM is not supported by the 'openssl cms' command (there is no > clear RFC for it when generating enveloped data, RFC 5084 is for > authenticated enveloped data) the command should show an error. Yes, it should return an error. -- Viktor. _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev