On 15/01/2018 14:22, Rol Phil wrote:
Hello all,
I have been using <openssl/cmac.h> to tag data with an example I had
found.
However when it comes to authenticate/decrypt a tag with given AES key
I could not find examples.
using cmac.h or evp.h.
Can anybody help me please?
Thanks all.
For any MAC algorithm, the check is to calculate the MAC again and
see if it is the same.
If potential providers of bad data can see how long it takes to
detect a wrong MAC algorithm, be sure to use a compare
implementation tht takes the same amount of time no matter how the
wrong MAC relates to the real MAC (so the normal memcmp() is wrong
because it will reply quicker if the first byte(s) are wrong than
if they are right). The OpenSSL provides the a function
CRYPTO_memcmp() that is good for this job.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users