Page MenuHome GnuPG

GPGSM: Authenticated encryption
Open, NormalPublic

Description

For S/MIME there are Authenticated encryption features in RFC 5083, 5084 and 5652

Due to attacks that might be similar to attacks on OpenPGP without MDC GnuPG should also support Authenticated Encryption features for S/MIME.

Details

Version
master

Revisions and Commits

Event Timeline

Do you have any other implementation to test against?

Openssl since version 3 supports aes-gcm and aria-gcm in cms. CMS has a different wrapper for AEAD. openssl Pull Request. I created test files (nistp384 key, certificates, messages), perhaps it will be useful.

$ gpgsm --version
gpgsm (GnuPG) 2.4.3
libgcrypt 1.10.2
libksba 1.6.4

$ kleopatra -v
Gpg4win-4.2.0

$ gpgsm --import -v --batch credential_private_encrypted_3DES.p12

$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes128cbc.der
$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes128cbc.pem
$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes192cbc.der
$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes192cbc.pem
$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes256cbc.der
$ gpgsm --debug-level guru -d R:\envelopedData\encrypted_aes256cbc.pem
→ OK

$ kleopatra -d R:\envelopedData\encrypted_aes128cbc.der
$ kleopatra -d R:\envelopedData\encrypted_aes128cbc.pem
$ kleopatra -d R:\envelopedData\encrypted_aes192cbc.der
$ kleopatra -d R:\envelopedData\encrypted_aes192cbc.pem
$ kleopatra -d R:\envelopedData\encrypted_aes256cbc.der
$ kleopatra -d R:\envelopedData\encrypted_aes256cbc.pem
→ OK
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes128gcm.der
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes128gcm.pem
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes192gcm.der
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes192gcm.pem
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes256gcm.der
$ gpgsm --debug-level guru -d R:\authEnvelopedData\encrypted_aes256gcm.pem
gpgsm: enabled debug flags: x509 mpi crypto memory cache memstat hashing ipc clock lookup
gpgsm: enabled compatibility flags:
gpgsm: DBG: [no clock] keydb_new: enter
gpgsm: DBG: [no clock] keydb_new: leave (hd=0x0078e740)
gpgsm: error getting IV: Bufor zbyt mały
gpgsm: message decryption failed: Bufor zbyt mały <KSBA>
gpgsm: DBG: [no clock] keydb_release: enter (hd=0x0078e740)
gpgsm: DBG: [no clock] keydb_release: leave
random usage: poolsize=600 mixed=0 polls=0/0 added=0/0
              outmix=0 getlvl1=0/0 getlvl2=0/0
rndjent stat: collector=00000000 calls=0 bytes=0
secmem usage: 0/16384 bytes in 0 blocks

$ kleopatra -d R:\authEnvelopedData\encrypted_aes128gcm.der
$ kleopatra -d R:\authEnvelopedData\encrypted_aes128gcm.pem
$ kleopatra -d R:\authEnvelopedData\encrypted_aes192gcm.der
$ kleopatra -d R:\authEnvelopedData\encrypted_aes192gcm.pem
$ kleopatra -d R:\authEnvelopedData\encrypted_aes256gcm.der
$ kleopatra -d R:\authEnvelopedData\encrypted_aes256gcm.pem
→ error
$ openssl cms -decrypt -inform PEM -in "encrypted_aes256gcm.pem" -inkey "key_user.pem"
Content-Type: text/plain; charset=utf-8

This is a sample encrypted message.

$ openssl cms -decrypt -text -inform PEM -in "encrypted_aes256gcm.pem" -inkey "key_user.pem"
This is a sample encrypted message.

werner raised the priority of this task from Wishlist to Normal.Thu, Dec 19, 10:32 AM
werner added a project: gnupg26.