Hi Paul, On Wed, Apr 18, 2012 at 2:01 PM, Muschick, Paul <paul.musch...@itron.com> wrote: > So, it’s ironic that only after I post to the mailing list, I solve my first > problem. For visitors from the future, to fully add a new cipher suite, you > can’t forget to add your cipher’s EVP_CIPHER* accessor function (generated > by the BLOCK_CIPHER_custom macro) to SSL_library_init() in ssl_algs.c. > > Now that that’s done, my client and server are negotiating the desired > cipher suite, but I’m getting the error SSL_R_CIPHER_OR_HASH_UNAVAILABLE. It > seems that CCM is defined as not using AEAD, but the flavor of CCM I’m > trying to enable uses AEAD, specifically AEAD_AES_128_CCM as defined in > section 5.3 of RFC 5116. > > Could someone tell me for sure that, while GCM is an AEAD algorithm, CCM is > not? > > My confusion lies in the fact I’m not familiar with encryption, plus one of > my reference documents, “AES-CCM ECC Cipher Suites for TLS” > (http://tools.ietf.org/html/draft-mcgrew-tls-aes-ccm-ecc-01), talks about > CCM and AEAD in the same breath. > > Also, RFC 5116 “An Interface and Algorithms for Authenticated Encryption” > (http://tools.ietf.org/html/rfc5116#page-14) defines 2 AEAD algorithms for > AES-CCM. Is that not the same CCM as OpenSSL already supports? If your heart is not set on CCM, consider using GCM or EAX mode. Both are superior to CCM.
CCM has a spotted history. It is cryptographically sound, but 802.11's adoption was hasty way back when. It lead to adoption and standardization elsewhere. Its unfortunate since there were better AEAD modes available around the time. http://www.cryptopp.com/wiki/AEAD_Comparison Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org