Thanks, guess I will have to wait for 1.0.2. My aim is still the same though, get rid of the padding required by SHA. As I understand it GCM/GMAC would be a good fit too (?). Will I be able to key it using PSK?
Br Fredrik On Tue, Mar 4, 2014 at 10:05 PM, Dr. Stephen Henson <st...@openssl.org> wrote: > On Tue, Mar 04, 2014, Fredrik Jansson wrote: > >> I am currently using DTLS v1.1 but with the introduction of v1.2 in OpenSSL >> 1.0.1f I was hoping to be able to use AES CCM mode. >> >> We use PSK to key DTLS and the resulting algorithm is PSK-AES256-CBC-SHA. >> Is it possible to stick with PSK and migrate to AES CCM? >> > > DTLS 1.2 is supported in OpenSSL 1.0.2 only not 1.0.1f. Also it only supports > AES GCM and not AES CCM. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
