On 5 March 2013 18:36, Dr. Stephen Henson <st...@openssl.org> wrote: > On Tue, Mar 05, 2013, Matt Caswell wrote: > > > On 5 March 2013 14:13, Dr. Stephen Henson <st...@openssl.org> wrote: > > > > > On Tue, Mar 05, 2013, Leon Brits wrote: > > > > > > > Just want to add that I do set the data sizes before EncryptUpdate > and > > > > DecryptUpdate and mentioned in the CCM section of the OpenSSL support > > > page. > > > > This page does answer both my questions (appologies), but I still > fail to > > > > decrypt. > > > > > > > > > > I'll add an example for CCM mode in the demos section shortly. CCM > mode is > > > a > > > bit picky about setting all the parameters correctly in the correct > order. > > > > > > > That would be good!! I am working on some test code myself but cannot get > > it to work. See source code below. This is adapted from some code I have > > for GCM that works fine. With CCM though encryption (apparently) works > > fine, but when I get to decryption I get a 0 response from the final > > EVP_DecryptUpdate call - no error message on the OpenSSL error stack :-( > > > > I'd just committed it, it's very similar to the GCM code but with some > additional restrictions. The main one is that you can only call EVP_*Update > once for AAD and/or the ciphertext/plaintext: this is mainly influenced by > the > requirement that you cannot reveal any plaintext if the tag verify fails. > As a > result the tag verify is performed when you call EVP_DecryptUpdate and is > reflected by the return value: there is no call to EVP_DecryptFinal. > > See demos/evp/aesccm.c in the master branch. > > I'll update the manual page too. >
Great - thanks - it works. One small note though - I think you have inadvertently inserted a call to EVP_EncryptUpdate rather than EVP_DecryptUpdate in the demo decryption code. Doesn't seem to make any difference functionally (as far as I can tell) - but might confuse the unwary! Thanks Matt
