I have an application where I need to store small to moderate amounts of data in a symmetrically encrypted form. For various reasons, CMS with an AuthEnvelopedData seems to tick all the requirements.
For example, password recipient info (PWRI) neatly binds up the KDF and the (encrypted) content encryption key.
Another of those requirements was to be able to move the code to using newer crypto solutions without needing to redesign the data and storage structure.
I'd like to use NaCl (libsodium, actually) for implementation, which would prefer Argon2id for KDF and AEADChaCha20Poly1305 for encryption, but whilst the encryption algorithm has an ASN.1 AlgorithmId, Argon2id is nowhere to be seen. PBKDF2 is there, but I've only been able to find a Draft proposing an Algorithm id for scrypt (in the context of the implementation, scrypt would be acceptable as KDF).
Here's the rub, though - the RFCs describing CMS are all fairly old (3370, 5083, 5652, 7468, 8103), and the ASN.1 has not been much updated with more recent algorithms. Is AuthEnvelopedData at a dead end? What is there that's standards based that can be used to replace it?
