Download Latest Version v1.1.12 source code.tar.gz (1.3 MB)
Email in envelope

Get an email when there's a new version of ts-cms-ep-sfx

Home / v1.1.0
Name Modified Size InfoDownloads / Week
Parent folder
encrypt.html 2025-03-26 206.4 kB
README.md 2025-03-26 857 Bytes
v1.1.0 source code.tar.gz 2025-03-26 1.3 MB
v1.1.0 source code.zip 2025-03-26 1.4 MB
Totals: 4 Items   2.9 MB 0

This release incorporates two important technical updates:

  1. Since AES-256-GCM is used, the more appropriate AuthEnvelopedData (RFC 5083) structure is used rather than EnvelopedData.
  2. Now, AES-256-CBC with CMS key wrapping (RFC 3211, §2.3) is used for encrypting the PWRI field, instead of using AES-256-GCM.

The result of these changes is a more correct implementation of CMS. This has the added benefit that the output file can be recovered with other tools, such as OpenSSL:

:::sh
# `/path/to/encryptedoutput.example.html` is the file generated by this tool,
# `/path/to/encryptedoutput.example` is where the decrypted file will be saved
printf 'Password: ' && read password && openssl cms -decrypt -pwri_password "$password" -inform PEM -in /path/to/encryptedoutput.example.html -out /path/to/encryptedoutput.example
Source: README.md, updated 2025-03-26