On Sat, 3 Nov 2018 12:28:02 +0500 Марк Коренберг <socketpair@xxxxxxxxx> wrote: > Try openssl cms ( as newer alternative to s/mime) cms is not newer than s/mime, it's the underlying message format of s/mime. According to this https://www.openssl.org/docs/man1.0.2/apps/openssl.html it only supports deprecated cipher modes (cbc, cfb, ofb, ecb) and has exactly the malleability vulnerability the original poster was asking about (including a wide variety of obscure and some insecure ciphers). I don't think this should be recommended. -- Hanno Böck https://hboeck.de/ mail/jabber: hanno@xxxxxxxxx GPG: FE73757FA60E4E21B937579FA5880072BBB51E42 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users