Hello.
I am using sjcl's latest version.
Sjcl successfully encrypts using CCM mode with an IV of 1049 bytes.
However, according to the Wycheproof test suite, this is forbidden :
"AES-CCM is only defined for nonces of size 7 .. 13. No other nonce sizes should be used."
I've checked the source code in ccm.js. It seems that it only limits the lower limit of 7 of IV's length and ignores the upper limit of 13. Allowing encryption with such IV is dangerous, which could leak the key.
Hello. I am using sjcl's latest version. Sjcl successfully encrypts using CCM mode with an IV of 1049 bytes. However, according to the Wycheproof test suite, this is forbidden :
I've checked the source code in ccm.js. It seems that it only limits the lower limit of 7 of IV's length and ignores the upper limit of 13. Allowing encryption with such IV is dangerous, which could leak the key.