AES-CBC with HMAC-SHA2 is an AEAD cipher based on AES-CBC with an additional MAC computed with HMAC-SHA2. It is defined in a draft RFC and included in RFC 7518 (JWA: JSON Web Algorithms). It is very popular in the JWx world, for example used to encrypt the content of JWE messages (including JWTs).
I would like to propose that an official implementation for this cipher be considered for the x/crypto package.
We recently had to implement this for Dapr. We initially hoped to find 3rd-party implementations, but all the ones we could find were either too intertwined with larger JWx libraries, or contained a number of issues (for example with incorrectly implement the cipher.AEAD interface or incorrectly supporting appending output to an existing byte slice).
AES-CBC with HMAC-SHA2 is an AEAD cipher based on AES-CBC with an additional MAC computed with HMAC-SHA2. It is defined in a draft RFC and included in RFC 7518 (JWA: JSON Web Algorithms). It is very popular in the JWx world, for example used to encrypt the content of JWE messages (including JWTs).
I would like to propose that an official implementation for this cipher be considered for the x/crypto package.
We recently had to implement this for Dapr. We initially hoped to find 3rd-party implementations, but all the ones we could find were either too intertwined with larger JWx libraries, or contained a number of issues (for example with incorrectly implement the
cipher.AEADinterface or incorrectly supporting appending output to an existing byte slice).