Hi,
While running some tests on a module using OpenSSL, we noticed that when using
EVP_CIPHER_CTX_ctrl(context, EVP_CTRL_CCM_SET_IVLEN, length, NULL) to set the
IV length, AES/CCM decryption does not seem to detect a bad IV length. With
encryption, it is detected and an appropriate error code is returned. And
AES/GCM, for example, detects the bad IV length for both encryption and
decryption.
Regards,
Andrew Felsher
_______________________________________________
openssl-bugs-mod mailing list
[email protected]
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
