CMAC Authentication

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

CMAC Authentication

Rol Phil
Hello all,

I have been using <openssl/cmac.h> to tag data with an example I had found.
However when it comes to authenticate/decrypt a tag with given AES key I could not find examples.
 using cmac.h or evp.h.
Can anybody help me please?
Thanks all.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CMAC Authentication

Jakob Bohm-7
On 15/01/2018 14:22, Rol Phil wrote:

> Hello all,
>
> I have been using <openssl/cmac.h> to tag data with an example I had
> found.
> However when it comes to authenticate/decrypt a tag with given AES key
> I could not find examples.
>  using cmac.h or evp.h.
> Can anybody help me please?
> Thanks all.
>
For any MAC algorithm, the check is to calculate the MAC again and
see if it is the same.

If potential providers of bad data can see how long it takes to
detect a wrong MAC algorithm, be sure to use a compare
implementation tht takes the same amount of time no matter how the
wrong MAC relates to the real MAC (so the normal memcmp() is wrong
because it will reply quicker if the first byte(s) are wrong than
if they are right).  The OpenSSL provides the a function
CRYPTO_memcmp() that is good for this job.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: CMAC Authentication

Jeffrey Walton-3
In reply to this post by Rol Phil
On Mon, Jan 15, 2018 at 8:22 AM, Rol Phil <[hidden email]> wrote:
> Hello all,
>
> I have been using <openssl/cmac.h> to tag data with an example I had found.
> However when it comes to authenticate/decrypt a tag with given AES key I
> could not find examples.
>  using cmac.h or evp.h.
> Can anybody help me please?

CMAC is covered under EVP Signing and Verifying. See
https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying .

Jeff
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users