[openssl-dev] [openssl.org #4037] IV-setting bug on AES/CCM decryption
Stephen Henson via RT
rt at openssl.org
Fri Sep 11 21:58:00 UTC 2015
On Fri Sep 11 17:34:27 2015, afelsher at cisco.com wrote:
> Hi,
>
> While running some tests on a module using OpenSSL, we noticed that
> when using EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_CCM_SET_IVLEN,
> length, NULL) to set the IV length, AES/CCM decryption does not seem
> to detect a bad IV length. With encryption, it is detected and an
> appropriate error code is returned. And AES/GCM, for example, detects
> the bad IV length for both encryption and decryption.
>
Can you give a few more details? What do you mean by a "bad IV length" do you
have some sample code?
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
More information about the openssl-dev
mailing list