Project

General

Profile

Actions
Copy link

Task #4653

open

Should the new code be hard-wired to AES_CBC?

Added by Anonymous almost 6 years ago. Updated almost 6 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Start date:
07/06/2018
Due date:
% Done:

0%

Estimated time:

Description

The new code seems to be hard-wired to AES_CBC:
https://github.com/named-data/name-based-access-control/blob/ff3ee9f2af0303028b6f5a840f1e5641b3982ac1/src/decryptor.cpp#L259

Decryptor::doDecrypt(...)
{
  ...
  security::transform::bufferSource(content.getPayload().value(), content.getPayload().value_size())
    >> security::transform::blockCipher(BlockCipherAlgorithm::AES_CBC,
}

Can the new code handle multiple algorithms? (The original version of EncryptedContent had an EncryptionAlgorithm.)

Actions
Copy link
 #1

Updated by Alex Afanasyev almost 6 years ago

I, personally, don't see a need to do customization. If you have a suggestion how it could be used (and what is a reasonably user-friendy interface for such customization), I would not oppose customizing.

Actions
Copy link
 #2

Updated by Anonymous almost 6 years ago

No change to the API. But for future proofing, maybe just keep the EncryptionAlgorithm in the EncryptedContent, but require it to be AlgorithmAesCbc (1).
https://github.com/named-data/name-based-access-control/blob/master/src/encrypted-content.cpp#L130

Actions
Copy link

Also available in: Atom PDF