Allow specifying the tag after AAD in CCM mode

Tobias Nießen tniessen at
Tue Feb 19 13:04:57 UTC 2019

Hello everyone,

in GCM and OCB mode, it is possible to set the authentication tag after 
supplying AAD, but the CCM implementation does not allow that. This 
isn't a problem for most applications, but in Node.js, we expose similar 
APIs to interact with AEAD ciphers and these differences between cipher 
modes within OpenSSL propagate to our users. Unless there is a reason 
for the current behavior, I would prefer to change it.

I opened a PR about this five months ago 
( It has received zero 
attention and I am hoping the mailing list is a good way to change that.

Kind regards,

More information about the openssl-users mailing list