[openssl-users] openssl cms -decrypt failing due to malloc(3) failure
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Aug 1 13:42:44 UTC 2018
> On Aug 1, 2018, at 9:31 AM, Michael Wojcik <Michael.Wojcik at microfocus.com> wrote:
>
> CMS with an AEAD mode (such as AES128-GCM) ought to avoid the integrity-protection issue for the encrypted content, but not for the other parts of the message, I assume. (I'm no CMS expert so I may be missing something there.) And, of course, both sender and recipient would have to support that algorithm.
Not if you make it streaming. A streaming implementing will emit almost
the entirety of the decrypted message before checking integrity at the
end and finding out that some part of it (already output) was wrong.
--
Viktor.
More information about the openssl-users
mailing list