Name | Modified | Size | Downloads / Week |
---|---|---|---|
Parent folder | |||
encrypt.html | 2025-03-26 | 206.4 kB | |
README.md | 2025-03-26 | 857 Bytes | |
v1.1.0 source code.tar.gz | 2025-03-26 | 1.3 MB | |
v1.1.0 source code.zip | 2025-03-26 | 1.4 MB | |
Totals: 4 Items | 2.9 MB | 0 |
This release incorporates two important technical updates:
- Since AES-256-GCM is used, the more appropriate
AuthEnvelopedData
(RFC 5083) structure is used rather thanEnvelopedData
. - Now, AES-256-CBC with CMS key wrapping (RFC 3211, §2.3) is used for encrypting the PWRI field, instead of using AES-256-GCM.
The result of these changes is a more correct implementation of CMS. This has the added benefit that the output file can be recovered with other tools, such as OpenSSL:
:::sh
# `/path/to/encryptedoutput.example.html` is the file generated by this tool,
# `/path/to/encryptedoutput.example` is where the decrypted file will be saved
printf 'Password: ' && read password && openssl cms -decrypt -pwri_password "$password" -inform PEM -in /path/to/encryptedoutput.example.html -out /path/to/encryptedoutput.example