Allow specifying the tag after AAD in CCM mode
blaufish.public.email at gmail.com
Tue Feb 19 16:32:35 UTC 2019
I've commented on the PR, mostly about not understanding the commit
message RFC-references and indentation error.
Overall the PR looks good to me, but I'd like someone who is more
familiar with implementation have a look at it.
Eine Kleine Blau Fisch
On Tue, Feb 19, 2019 at 2:10 PM Tobias Nießen <tniessen at tnie.de> wrote:
> Hello everyone,
> in GCM and OCB mode, it is possible to set the authentication tag after
> supplying AAD, but the CCM implementation does not allow that. This
> isn't a problem for most applications, but in Node.js, we expose similar
> APIs to interact with AEAD ciphers and these differences between cipher
> modes within OpenSSL propagate to our users. Unless there is a reason
> for the current behavior, I would prefer to change it.
> I opened a PR about this five months ago
> (https://github.com/openssl/openssl/pull/7243). It has received zero
> attention and I am hoping the mailing list is a good way to change that.
> Kind regards,
More information about the openssl-users