[openssl-dev] [openssl.org #4429] Cannot decrypt RC4-encrypted CMS object

Blumenthal, Uri - 0553 - MITLL uri at ll.mit.edu
Mon Mar 14 19:03:04 UTC 2016

On 3/14/16, 14:45, "openssl-dev on behalf of Viktor Dukhovni"
<openssl-dev-bounces at openssl.org on behalf of openssl-users at dukhovni.org>

>On Mon, Mar 14, 2016 at 05:45:34PM +0000, Stephan Mühlstrasser via RT
>> I had written a message about this issue to openssl-users, but received
>> no reaction.
>IIRC RC4 (more generally all stream ciphers) are not supported with
>CMS, and the bug is that OpenSSL allowed you to use RC4, not that
>the result failed to decrypt.

Is there any reason why stream ciphers are not supported with CMS?

Along the same line, is there any reason why AE(AD) ciphers are not
supported with “openssl enc”?

More information about the openssl-dev mailing list