Hello,
when I select AES128 as S/MIME encryption algorithm in the advanced settings, does CipherMail then use AES 128 GCM or AES 128 CBC?
Thanks for your help in advance.
Best wishes,
Stefan
Hello,
when I select AES128 as S/MIME encryption algorithm in the advanced settings, does CipherMail then use AES 128 GCM or AES 128 CBC?
Thanks for your help in advance.
Best wishes,
Stefan
At the moment GCM is not supported. We will look into it.
Do you know whether there are requirements for CGM? (some German standard for example?)
I have received a request from a German company that pretends to require GCM, without giving a reason why.
The requirement comes from edi@energy (document: Regulations on the transmission path, regulations for the secure exchange of EDIFACT and Redispatch 2.0 process data, version 1.7 Author: BDEW, in german: von edi@energy Regelungen zum Übertragungsweg, Regelungen zum sicheren Austausch von EDIFACT- und Redispatch 2.0-Prozessdaten Version 1.7 Autor: BDEW). The document states: (S/MIME content encryption) From 01.10.2024, only AES-128 GCM (in accordance with IETF RFC 5084) is to be used.
Hi Martijn,
could you please give us an update here? Will GCM be supported with the next release and if yes when will the next release be published? Thanks in advance
We have added preliminary GCM support to the next release and tested interoperability between OpenSSL and CipherMail.
The new release will hopefully be released somewhere at the end of October but this is not a hard promise.
Hi Martijn,
Is there a possibility to install the implementation in a small release in advance? As there are many customers who will ultimately be affected in Germany, this would not be unimportant.
Thanks in advance
Hello Martijn,
would it be possible to provide the GCM support in a hotfix? From 01.10. new regulations apply and Ciphermail would no longer be edi-compliant in Germany. I would appreciate a prompt reply on this topic. Many thanks in advance
I will check whether we can back-port the changes but I cannot promise anything.
As there are many customers who will ultimately be affected in Germany, this would not be unimportant.
With customers, you mean your customers? since we are not aware of any customer who are impacted by this… (but I might be wrong)
We have back-ported the GCM changes to the stable branch:
Binary release (rpm and deb files) can be downloaded from
Back-porting was not trivial because of the differences between the upcoming version and the stable version. For example we had to update the BC library to a newer version.
We did some basic tests but I leave it up to you to test it further.
Martijn