So, it's ironic that only after I post to the mailing list, I solve my first problem. For visitors from the future, to fully add a new cipher suite, you can't forget to add your cipher's EVP_CIPHER* accessor function (generated by the BLOCK_CIPHER_custom macro) to SSL_library_init() in ssl_algs.c.
Now that that's done, my client and server are negotiating the desired cipher suite, but I'm getting the error SSL_R_CIPHER_OR_HASH_UNAVAILABLE. It seems that CCM is defined as not using AEAD, but the flavor of CCM I'm trying to enable uses AEAD, specifically AEAD_AES_128_CCM as defined in section 5.3 of RFC 5116. Could someone tell me for sure that, while GCM is an AEAD algorithm, CCM is not? My confusion lies in the fact I'm not familiar with encryption, plus one of my reference documents, "AES-CCM ECC Cipher Suites for TLS" (http://tools.ietf.org/html/draft-mcgrew-tls-aes-ccm-ecc-01), talks about CCM and AEAD in the same breath. Also, RFC 5116 "An Interface and Algorithms for Authenticated Encryption" (http://tools.ietf.org/html/rfc5116#page-14) defines 2 AEAD algorithms for AES-CCM. Is that not the same CCM as OpenSSL already supports? Thanks in advance for any help. Paul From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Muschick, Paul Sent: Tuesday, April 17, 2012 11:34 AM To: openssl-users@openssl.org Subject: Making AES-CCM available as a TLS-negotiated cipher suite Hello all, I've been working on getting AES-CCM available for negotiation over a TLS connection. I know that AES-CCM is available via the EVP interface, but I need it to be available as a TLS cipher suite so it can be negotiated with a client. I started adding it as a new cipher suite, in a manner to how AES-GCM seems to be implemented, but I'm having trouble just getting it reported at an available cipher using the "openssl ciphers" command. I started thinking I was going down the wrong path, since CCM is already available via EVP. Is my approach to add a new "AES128-CCM" cipher suite a reasonable one, or would it be better/quicker to just change the default mode of AES (and the related cipher suite ids) so that I can get a TLS-negotiated AES-CCM connection? Regards, Paul Muschick
