Allow specifying the tag after AAD in CCM mode

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Allow specifying the tag after AAD in CCM mode

Tobias Nießen
Hello everyone,

in GCM and OCB mode, it is possible to set the authentication tag after
supplying AAD, but the CCM implementation does not allow that. This
isn't a problem for most applications, but in Node.js, we expose similar
APIs to interact with AEAD ciphers and these differences between cipher
modes within OpenSSL propagate to our users. Unless there is a reason
for the current behavior, I would prefer to change it.

I opened a PR about this five months ago
(https://github.com/openssl/openssl/pull/7243). It has received zero
attention and I am hoping the mailing list is a good way to change that.

Kind regards,
Tobias

Reply | Threaded
Open this post in threaded view
|

Re: Allow specifying the tag after AAD in CCM mode

Peter Magnusson
I've commented on the PR, mostly about not understanding the commit
message RFC-references and indentation error.

Overall the PR looks good to me, but I'd like someone who is more
familiar with implementation have a look at it.

Best Regards
Eine Kleine Blau Fisch

On Tue, Feb 19, 2019 at 2:10 PM Tobias Nießen <[hidden email]> wrote:

>
> Hello everyone,
>
> in GCM and OCB mode, it is possible to set the authentication tag after
> supplying AAD, but the CCM implementation does not allow that. This
> isn't a problem for most applications, but in Node.js, we expose similar
> APIs to interact with AEAD ciphers and these differences between cipher
> modes within OpenSSL propagate to our users. Unless there is a reason
> for the current behavior, I would prefer to change it.
>
> I opened a PR about this five months ago
> (https://github.com/openssl/openssl/pull/7243). It has received zero
> attention and I am hoping the mailing list is a good way to change that.
>
> Kind regards,
> Tobias
>