On Tue, May 26, 2009, Peter Waltenberg wrote: > > AES-CCM also has it's own quirks which would bite if you ever wanted to > have it FIPS certified and it was used via a generic upper layer API. > By specification it's not supposed to produce decrypted output if the hash > fails which breaks the normal Init/Update/Update/.../Final pattern. >
I saw that quirk in the spec. PKCS#11 specs handle that by effectively ignoring it. I'm not sure what FIPS would have to say about that: would be strange if it was impossible to validate CCM using PKCS#11. Perhaps they'd say that was the applications responsibility. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
