Closed pablodelara closed 5 years ago
tkanteck
commented
5 years ago Thanks Pablo. At the time of CCM implementation the library didn't have chain order flexibility vs cipher direction. This has been added just recently and it makes sense to tidy up CCM implementation.
pablodelara
commented
5 years ago Closing the issue, after AES-CCM implementation has been changed, so now HASH_CIPHER chain order must be selected when encrypting and CIPHER_HASH when decrypting.
Currently in the code, when performing AES-CCM, CIPHER_HASH chain order is expected when encrypting and HASH_CIPHER when decrypting. This setting is wrong, since when encrypting on CCM, authentication needs to be performed first and encryption last, and the other way around whene decrypting. Therefore, chain order needs to be reversed.
This means that all apps using CCM will need to be modified to correct the chain order from 0.53 version.
Code changes are expected in CCM which will enforce the chain_order change, as job submission will be split into two functions, submit_job_aes_ccm_enc/dec and submit_aes_ccm_auth, requiring the proper chain order to be set.