On 6/23/19 4:09 PM, Daniel Franke wrote:
The translation of the AEEF ciphertext into corresponding plaintext is
given by the negotiated AEAD algorithm; for AES-SIV, by RFC 5297. The
structure of the plaintext is defined in the draft, as a concatenation
of RFC 7822 extension fields.
This matches the RFC. It does not match the code, which expects a
CMAC_LENGTH of 16 always and with no exceptions.
Possibility: this is a temporary measure, during which time encrypted
extensions are simply not supported yet?
That would also explain why as far as I can tell the cmac data is never
used.
--
/"In the end; what separates a Man, from a Slave? Money? Power? No. A
Man Chooses, a Slave Obeys."/ -- Andrew Ryan
/"Utopia cannot precede the Utopian. It will exist the moment we are fit
to occupy it."/ -- Sophia Lamb
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
