On Mon, Mar 14, 2016 at 07:03:04PM +0000, Blumenthal, Uri - 0553 - MITLL wrote:
> >IIRC RC4 (more generally all stream ciphers) are not supported with
> >CMS, and the bug is that OpenSSL allowed you to use RC4, not that
> >the result failed to decrypt.
>
> Is there any reason why stream ciphers are not supported with CMS?
At least in part because code does not write itself, and support
was never implemented.
The main issue seems to be related to handling of "parameters",
such as the IV for CBC ciphers. With RC4 there is no IV, nor any
other parameters, but the CMS decoder expects parameters to be
present.
Would it work if the requirement were relaxed? Perhaps, but that
requires someone to implement said change.
As for GCM/CCM ciphers with CMS that's described in
https://tools.ietf.org/html/rfc5084
and someone would have to implement that.
--
Viktor.
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
