Dr. Henson and Matt, Thanks a lot for all the help - my code is also now working. I simply had to not do the DecryptFinal().
The fact that one can call the xxxUpdate() only once is a problem for using our engine. For now a size limit will have to be a limitation on this AES mode. Regards, Leon Brits Senior Design Engineer Parsec Work +27 12 678 9740 Cell +27 (84) 250 2855 Email le...@parsec.co.za www.parsec.co.za/disclaimer -----Original Message----- From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 05 March 2013 08:37 PM To: openssl-dev@openssl.org Subject: Re: AES modes in FIPS and non-FIPS modes On Tue, Mar 05, 2013, Matt Caswell wrote: > On 5 March 2013 14:13, Dr. Stephen Henson <st...@openssl.org> wrote: > > > On Tue, Mar 05, 2013, Leon Brits wrote: > > > > > Just want to add that I do set the data sizes before EncryptUpdate > > > and DecryptUpdate and mentioned in the CCM section of the OpenSSL > > > support > > page. > > > This page does answer both my questions (appologies), but I still > > > fail to decrypt. > > > > > > > I'll add an example for CCM mode in the demos section shortly. CCM > > mode is a bit picky about setting all the parameters correctly in > > the correct order. > > > > That would be good!! I am working on some test code myself but cannot > get it to work. See source code below. This is adapted from some code > I have for GCM that works fine. With CCM though encryption > (apparently) works fine, but when I get to decryption I get a 0 > response from the final EVP_DecryptUpdate call - no error message on > the OpenSSL error stack :-( > I'd just committed it, it's very similar to the GCM code but with some additional restrictions. The main one is that you can only call EVP_*Update once for AAD and/or the ciphertext/plaintext: this is mainly influenced by the requirement that you cannot reveal any plaintext if the tag verify fails. As a result the tag verify is performed when you call EVP_DecryptUpdate and is reflected by the return value: there is no call to EVP_DecryptFinal. See demos/evp/aesccm.c in the master branch. I'll update the manual page too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
