AES-256 GCM support? (alternative to CBC with padding)

[danielweck]

Discussion thread at LCP-server: https://github.com/readium/readium-lcp-server/issues/18#issuecomment-243794068

feature/gcm-support branch: https://github.com/readium/readium-lcp-server/tree/feature/gcm-support Code diff: https://github.com/readium/readium-lcp-server/compare/master...feature/gcm-support

Note that HMAC / GHASH (i.e. authenticated encryption scheme with full integrity check of ciphertext) is implemented on the server / encryption side, so must be checked on client side lib as well. See: https://github.com/readium/readium-lcp-server/blob/feature/gcm-support/crypto/aes_gcm.go out := gcm.Seal(nonce, nonce, data, nil)

Relevant code references in LCP client lib (AesCbcSymmetricAlgorithm): https://github.com/readium/readium-lcp-client/blob/develop/src/lcp-client-lib/AesCbcSymmetricAlgorithm.h https://github.com/readium/readium-lcp-client/blob/develop/src/lcp-client-lib/AesCbcSymmetricAlgorithm.cpp

Usage in LCP encryption profile 1.0: https://github.com/readium/readium-lcp-client/blob/develop/src/lcp-client-lib/Lcp1dot0EncryptionProfile.cpp#L17

    ISymmetricAlgorithm * Lcp1dot0EncryptionProfile::CreatePublicationAlgorithm(
        const KeyType & symmetricKey) const
    {
        return new AesCbcSymmetricAlgorithm(symmetricKey, AesCbcSymmetricAlgorithm::Key256);
    }

    ISymmetricAlgorithm * Lcp1dot0EncryptionProfile::CreateContentKeyAlgorithm(
        const KeyType & symmetricKey) const
    {
        return new AesCbcSymmetricAlgorithm(symmetricKey, AesCbcSymmetricAlgorithm::Key256);
    }

[danielweck]

server PR: https://github.com/readium/readium-lcp-server/pull/35/files

[danielweck]

Note: content_key remains encrypted with CBC, but EPUB resources can be either GCM or CBC (need switch depending on encryption.xml)

[danielweck]

Pull Request: https://github.com/readium/readium-lcp-client/pull/21