Ok, I have missed that point (and probably many others...)
I need to go deeper to better understand things,
and I am grateful for your explanations.
Le 18/06/2014 20:25, Thulasi Goriparthi a écrit :
In the test program, you are feeding a fixed ccm_tag to decryption
process. This will not work for CCM, as tag length itself will also be
an input for tag generation. Change in tag length, will change the tag
produced. I modified the decryption api(aes_ccm_decrypt) to take the
tag generated by encryption api(aes_ccm_encrypt). It works fine.
Note: Tag length will internally be embedded within the IV(nonce).
On Wed, Jun 18, 2014 at 8:12 PM, Michel <msa...@paybox.com
<mailto:msa...@paybox.com>> wrote:
I tried all of 2, 4, 6, 8, 10, 12, 14, 16 values, and always got a
"Plaintext not available: tag verify failed".
Even when tag length of decryption was equal to tag length of
encryption.
:-(
It just works for : tag length of decryption = tag length of
encryption = 16.
