Support for authenticated encryption in CommonCrypto
| Originator: | robnapier | ||
| Number: | rdar://11194903 | Date Originated: | April 5, 2012 |
| Status: | Open | Resolved: | |
| Product: | Product Version: | ||
| Classification: | Security | Reproducible: |
There is currently no support for an authenticated encryption mode (i.e. GCM, CCM, EAX, OCB) in CommonCrypto. This encourages many developers to not provide authenticated encryption at all (defaulting most often to AES-CBC), or forces them to implement their own encrypt-than-MAC implementation. This needs to be available on both Mac and iOS to encourage correct use of authenticated encryption.
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!
Looking for Encrypt-then-MAC implementation
Rather than screw it up myself, I'm wondering if there are Encrypt-then-MAC implementations that others have written and that have been looked at which I could use.
Cheers,
-j
RNCryptor is designed to wrap all of this up for you. https://github.com/rnapier/RNCryptor