1 Topic by bachelet_safi (edited by bachelet_safi 2016-08-12 02:32:47)

  • Registered: 2016-08-12
  • Posts: 3

Topic: PKCS#7 (CMS) only supports DES and 3DES

Hi all,

I began to code for using PKCS#7 (CMS) with wolfCrypt but, after preparing all needed, once I was going to use wc_PKCS7_EncodeData function, I couldn't define encryptOID (key encryption algorithm OID) to AES (precisely AES 128 Mode CBC). PKCS#7 only supports DES and 3DES.

/* build PKCS#7 envelopedData content type, return enveloped size */
int wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz)
{
...
    /* PKCS#7 only supports DES, 3DES for now */
    switch (pkcs7->encryptOID) {
        case DESb:
            blockKeySz = DES_KEYLEN;
            break;

        case DES3b:
            blockKeySz = DES3_KEYLEN;
            break;

        default:
            WOLFSSL_MSG("Unsupported content cipher type");
            return ALGO_ID_E;
    };
...
}

Why wolfCrypt doesn't support AES? I needed to use PKCS#7 with AES to meet specifications. Have you got a solution for me?

Thanks.

Share

  • From: Bozeman, MT
  • Registered: 2010-10-20
  • Posts: 647

Re: PKCS#7 (CMS) only supports DES and 3DES

Hi,

At the time our PKCS#7 implementation was written, it only needed to support DES and 3DES encrypt cipher types for EnvelopedData.

I have added this request to our desired features list.

Thanks,
Chris

https://www.wolfssl.com

chrisc's Website

Share