Thanks for the feedback. I'll change the template parameter to a byte length.
GCM's name already includes Mode, and GCM/CCM_Mode looks weird so I named both without Mode. Hopefully it won't cause too much confusion. Crypto++ now supports variable IV sizes at runtime (I forgot to note it in the changes). SetKeyWithIV takes an optional fourth parameter for the IV length. IVSize() is now deprecated, and returns the same thing as DefaultIVLength(). Crypto++ supports every IV length that's defined in the CCM standard. If you use StreamTransformationFilter with AuthenticatedSymmetricCipher, it won't output/verify the MAC! Use AuthenticatedEncryptionFilter and AuthenticatedDecryptionFilter instead. Maybe I need some way to warn the user about this. Let me know if you figure out what's causing the linker error. I haven't seen that yet. -------------------------------------------------- From: "Jeffrey Walton" <[email protected]> Sent: Sunday, March 01, 2009 11:14 PM To: "Crypto++" <[email protected]> Subject: Crypto++ 5.6, CCM Mode > > Hi All/Wei, > > Just my 2 cents on CCM mode. Take it for what its worth. > > I find it a bit awkward to move away from past usage. For example, in > the past the mode would be specified a CCM_Mode. It may add to future > confusion. But I personally like it without "_Mode". > > CCM< AES, 96 >::Encryption e; > e.SetKeyWithIV( key, sizeof(key), iv ); > > Using a bit count (rather than a byte count) for Tag lengths may lead > to future confusion. SP800-38C specifies 4, 6, 8, 10, 12, 14, and 16. > I would expect others to plug in the byte size, rather than the bit > size. Requesting the wrong tag [bit] size will result in a message > similar to below, which might add to the confusion. > > // Tags size must be 4, 6, 8, 10, 12, 14, or 16 > CCM< AES, 4 >::Encryption tt; > tt.SetKeyWithIV( key, sizeof(key), iv ); > > catch "AES/CCM: DigestSize must be 4, 6, 8, 10, 12, 14, or 16" > > Visual Studio is not letting me step into the Increment() function, so > I can't be sure what is exactly going on (but I think I have an idea). > CCM returns a hard coded value of 8 for IVSize(), which means Q must > be 7. So CCM can handle a message of 2**56. It would be nice to have a > compile time constant for the IV. Currently I'm declaring using AES's > blocksize (of which CCM will consume 8), but it may give others the > wrong impression. Again, the compile time constant would remove > ambiguity. > > Finally, I thanks for the mode. I don't believe I've ever had a real > need for authenticating adata (AAD), but there is always a need for > Authenticated Encryption. > > CCM< AES, 96 >::Encryption e; > e.SetKeyWithIV( key, sizeof(key), iv ); > > StreamTransformationFilter ef( e, new StringSink( cipher ) ); > ef.Put( (const byte*)plain.c_str(), plain.length() ); > ef.MessageEnd(); > > Jeff > > A compiler/Linker is not done until it can compile Crypto++... > > 1>Compiling... > 1>Driver.cpp > 1>Linking... > 1>Driver.obj : fatal error LNK1000: Internal error during IncrCalcPtrs > 1> Version 9.00.30729.01 > 1> ExceptionCode = C0000005 > 1> ExceptionFlags = 00000000 > 1> ExceptionAddress = 0045B8C0 (00400000) "C:\Program > Files\Microsoft Visual Studio 9.0\VC\bin\link.exe" > .... > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
