[Esapi-dev] HMAC validation bypass in ESAPI Symetric Encryption

Jim Manico jim.manico at owasp.org
Tue Dec 3 22:11:23 UTC 2013


> In the meantime, or actually I should say regardless, I would recommend
> using CCM or GCM cipher modes rather than CBC mode.

Are these supported well enough today?



More information about the Esapi-dev mailing list