>> Daniel has code that does.
>> https://github.com/dfoxfranke/libaes_siv
>> It doesn't build on NetBSD and gets warnings on FreeBSD.
> It gets warnings on Linux as well.
What flavor of Linux? It's clean on Fedora 29.
I thought I saw warnings on FreeBSD, but I just tried again and it looks
>> IANA maintains one. That's what we use on the wire. It's started in
>> RFC 5116. RFC 5297 covers the case we want. The magic number is 15.
> I don't want magic numbnbers in config files.
Then please write some code that translates "AEAD_AES_SIV_CMAC_256" to 15.
Since we don't have any
On 2/8/19, Hal Murray via devel wrote:
> OpenSSL doesn't support what we need yet.
>
> Daniel has code that does.
> https://github.com/dfoxfranke/libaes_siv
> It doesn't build on NetBSD and gets warnings on FreeBSD.
It gets warnings on Linux as well. But I'm guessing the variables 'block'
of
Yo Hal!
On Fri, 08 Feb 2019 14:12:44 -0800
Hal Murray via devel wrote:
> > Unfortunately, in this case, I'm not sure if OpenSSL implements
> > cipher strings for AEAD selection. I don't think they do. So _if_
> > we implement more than AES_SIV_CMAC_256, we may have to roll our
> > own. However,
> Unfortunately, in this case, I'm not sure if OpenSSL implements cipher
> strings for AEAD selection. I don't think they do. So _if_ we implement more
> than AES_SIV_CMAC_256, we may have to roll our own. However, _if_ we have to
> roll our own, we should make it behave similarly to OpenSSL
On 2/8/19 3:14 PM, Gary E. Miller via devel wrote:
> My point is that instead of coming up with somthing new,we should try
> hard to stick to longstanding and well battle tested existing cipher
> strings.
Agreed!
Unfortunately, in this case, I'm not sure if OpenSSL implements cipher
strings for
Yo Richard!
On Fri, 8 Feb 2019 15:01:37 -0600
Richard Laager via devel wrote:
> >> dc2827a3 by Richard Laager at 2019-02-07T18:42:59Z
> >> nts.adoc: Make AEAD_AES_SIV_CMAC_256 not implicit
> >>
> >> If the user specifies a NTPCipherSuite string, they need to include
> >> AEAD_AES_SIV_CMAC_256
On 2/7/19 6:37 PM, Gary E. Miller via devel wrote:
> Yo Richard!
>
> On Fri, 08 Feb 2019 00:26:27 +
> Matt Selsky via vc wrote:
>
>> dc2827a3 by Richard Laager at 2019-02-07T18:42:59Z
>> nts.adoc: Make AEAD_AES_SIV_CMAC_256 not implicit
>>
>> If the user specifies a NTPCipherSuite string,
Yo Richard!
On Fri, 08 Feb 2019 00:26:27 +
Matt Selsky via vc wrote:
> dc2827a3 by Richard Laager at 2019-02-07T18:42:59Z
> nts.adoc: Make AEAD_AES_SIV_CMAC_256 not implicit
>
> If the user specifies a NTPCipherSuite string, they need to include
> AEAD_AES_SIV_CMAC_256 if they want it.