[gnutls-devel] GnuTLS | lib: Set the AES 128 CCM iv size to 11 (!939)

Development of GNU's TLS library gnutls-devel at lists.gnutls.org
Tue Feb 26 16:13:28 CET 2019


New Merge Request !939

https://gitlab.com/gnutls/gnutls/merge_requests/939

Project:Branches: cryptomilk/gnutls:master-aes-ccm to gnutls/gnutls:master
Author:    Andreas Schneider
Assignee:  


It took me two days to figure out how to use that AEAD API as the documentation is not very useful. It took me than one day to figure out that the nonce size returned by gnutls_cipher_get_iv_size() is one byte to big, looks like every one uses 11 bytes, for example https://tools.ietf.org/html/rfc4309

And the same with Microsoft Windows, they use L=4.

I think 11 is more correct, however this should be documented that the returned size for some ciphers might not be the one you need!

-- 
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/merge_requests/939
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20190226/3b9f777c/attachment.html>


More information about the Gnutls-devel mailing list