New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add CMS AuthEnvelopedData with AES-GCM support #8024

Open
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
4 participants
@bukka
Copy link
Contributor

bukka commented Jan 15, 2019

This PR adds support for CMS AuthEnvelopedData as defined in RFC 5083 with AES-GCM parameter as defined in RFC 5084.

I think it useful to support GCM as it allows the tag to be stored with the message. Especially if the cms is now recommended tool for AEAD and there was a decision not to introduce special format for apps enc to handle AEAD modes IIRC.

It works already with use of apps cms when selecting for example -aes-128-gcm cipher. It updates CMS_encrypt to automatically use AuthEnvelopedData for GCM modes so the application doesn't require new API. As there is now new special API, it means that there is currently no support for AAD but that's something that I would like to look in the future as part of another PR. Also CCM mode is not supported as it's a bit more tricky (mainly because the length needs to be known in advance) but I plan to look into it in the future too.

The documentation is partially updated which means that I updated CMS_encrypt and CMS_decrypt. The reason why I left the rest out is that I'm not sure if the new public functions should be really public. Currently I added them as a public for consistency. For example EVP_CIPHER_set_asn1_aead_params is an AEAD variant for EVP_CIPHER_set_asn1_iv so it might be useful to expose it possibly for engines use. Similarly ASN1_TYPE_set_octetstring_int is consistent with public ASN1_TYPE_set_int_octetstring (also not documented). In addition the new CMS_AuthEnvelopedData_create is like exposed CMS_EnvelopedData_create (also not documented) but for AuthEnvelopedData of course. Considering that all the existing mentioned functions are not documented, it might be better to leave the documentation for another PR and do it together with the existing once. I would be happy to do that later.

Checklist
  • documentation is added or updated
  • tests are added or updated
@bukka

This comment has been minimized.

Copy link
Contributor Author

bukka commented Jan 15, 2019

FYI I have sent ICLA this morning.

Show resolved Hide resolved crypto/cms/cms_env.c Outdated
Show resolved Hide resolved doc/man3/CMS_encrypt.pod Outdated

@bukka bukka closed this Jan 16, 2019

@bukka bukka reopened this Jan 16, 2019

@bukka bukka force-pushed the bukka:cms-auth-env-gcm branch from c31d6e7 to de3efb3 Jan 16, 2019

@russhousley

This comment has been minimized.

Copy link

russhousley commented Jan 16, 2019

Thanks for all of this very valuable work. The S/MIME 4.0 specifications are in the final stages, and they make use of AuthEnvelopedData!

Ideally, in the future, AAD support for the authenticated attributes in AuthEnvelopedData would be the next step.

@bukka

This comment has been minimized.

Copy link
Contributor Author

bukka commented Jan 18, 2019

@russhousley Yes I plan to look on adding AAD support after this gets reviewed and hopefully merged. I'm still thinking about the best API for that but the implementation should be fairly easy. Although I think it will require some improvements in the CMS testing as it's quite limited atm. I would like to look on adding ChaCha20-Poly1305 (thank you for creating RFC 8103 btw.) as well and I also thought about CCM support but it will probably require loading the whole plaintext to the memory BIO to get the length before it's processed by cipher BIO. That needs a bit more thinking though!

Show resolved Hide resolved crypto/cms/cms_env.c
Show resolved Hide resolved crypto/cms/cms_env.c Outdated
Show resolved Hide resolved crypto/cms/cms_env.c Outdated
/*
* Can't set version higher than 4 so if 4 or more already nothing to do.
*/
if (env->version >= 4)
return;

cms_env_set_originfo_version(env);
env->version = cms_env_get_oi_version(env->originatorInfo, env->version);
env->version = cms_env_get_ris_version(env->recipientInfos, env->version);

This comment has been minimized.

@FdaSilvaYY

FdaSilvaYY Jan 18, 2019

Contributor

You change the code logic here, no ?
you should move this line after the if below, to keep thinks as its was , no ?
if cms_env_get_ris_version returns 3, the methods will now returns.

This comment has been minimized.

@bukka

bukka Jan 23, 2019

Author Contributor

@FdaSilvaYY I just doubled check and it seems that the logic is correct. It returned 3 before as well as can be seen in

Show resolved Hide resolved crypto/cms/cms_env.c Outdated
CMS_RecipientInfo *ri = NULL;
CMS_EnvelopedData *env;
CMS_EncryptedContentInfo *ec;

This comment has been minimized.

@FdaSilvaYY

FdaSilvaYY Jan 18, 2019

Contributor

ec is more often used as a shortcut for 'Elliptic Curve', in others parts of the code.
Better name it eci, ?

This comment has been minimized.

@bukka

bukka Jan 23, 2019

Author Contributor

Not sure why me previous comment doesn't show here but it's used in cms_env.c quite a lot so I think it's better to have it consistent.

Add CMS AuthEnvelopedData with AES-GCM support
Add the AuthEnvelopedData as defined in RFC 5083 with AES-GCM
parameter as defined in RFC 5084.

@bukka bukka force-pushed the bukka:cms-auth-env-gcm branch from de3efb3 to 10778e5 Jan 23, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment