[openssl-users] OpenSSL vs GPG for encrypting files? Security best practices?
Hanno Böck
hanno at hboeck.de
Sat Nov 3 09:11:25 UTC 2018
On Sat, 3 Nov 2018 12:28:02 +0500
Марк Коренберг <socketpair at gmail.com> wrote:
> Try openssl cms ( as newer alternative to s/mime)
cms is not newer than s/mime, it's the underlying message format of
s/mime.
According to this
https://www.openssl.org/docs/man1.0.2/apps/openssl.html
it only supports deprecated cipher modes (cbc, cfb, ofb, ecb) and has
exactly the malleability vulnerability the original poster was asking
about (including a wide variety of obscure and some insecure ciphers). I
don't think this should be recommended.
--
Hanno Böck
https://hboeck.de/
mail/jabber: hanno at hboeck.de
GPG: FE73757FA60E4E21B937579FA5880072BBB51E42
More information about the openssl-users
mailing list