Open emillon opened 4 years ago
Hi,
It looks like CCM decryption does not correctly handle the case when the ciphertext is empty. This happens when there is AAD and when there is not.
In the following example, I would expect Some Cstruct.empty to be returned:
Some Cstruct.empty
let () = let key = Cstruct.of_hex "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f" |> Nocrypto.Cipher_block.AES.CCM.of_secret ~maclen:16 in let nonce = Cstruct.of_hex "00 01 02 03 04 05 06 07" in let adata = Cstruct.of_string "hello" in let recovered = Cstruct.empty |> Nocrypto.Cipher_block.AES.CCM.encrypt ~key ~nonce ~adata |> Nocrypto.Cipher_block.AES.CCM.decrypt ~key ~nonce ~adata in match recovered with | Some cs -> Cstruct.hexdump cs | None -> print_endline "None"
Output:
None
Thanks!
Hi,
It looks like CCM decryption does not correctly handle the case when the ciphertext is empty. This happens when there is AAD and when there is not.
In the following example, I would expect
Some Cstruct.emptyto be returned:Output:
Thanks!