On Wed, Nov 12, 2014 at 6:29 PM, Dr. Stephen Henson wrote:
> The OpenSSL version uses indefinite length encoding so you see the construted
> encrypted content tag and an OCTET STRING content. If you didn't use streaming
> for the OpenSSL version it would've looked similar.
Ah, that was the missin
Thanks for the suggestion, Matt. As far as I know, ruby's openssl
bindings don't expose CMS_encrypt. :-(
On Wed, Nov 12, 2014 at 11:25 AM, Matt Caswell wrote:
>
>
> On 12/11/14 09:07, Sheldon Hearn wrote:
>> The AES-IV is present, but the ciphertext is not. I've bo
2014 at 11:42 AM, Sheldon Hearn wrote:
> Thanks for the suggestion, Matt. As far as I know, ruby's openssl
> bindings don't expose CMS_encrypt. :-(
>
> On Wed, Nov 12, 2014 at 11:25 AM, Matt Caswell wrote:
>>
>>
>> On 12/11/14 09:07, Sheldon Hearn wrote:
>
I'm building a secret store, kinda like LastPass for services, where
developers encrypt application secrets and place the ciphertext in the
store, and then applications fetch the ciphertext and decrypt the secrets
using a key that they were given by the runtime environment.
This moves the problem
