You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello.
I am using sjcl's latest version.
Sjcl successfully encrypts using CCM mode with an IV of 1049 bytes.
However, according to the Wycheproof test suite, this is forbidden :
"AES-CCM is only defined for nonces of size 7 .. 13. No other nonce sizes should be used."
I've checked the source code in ccm.js. It seems that it only limits the lower limit of 7 of IV's length and ignores the upper limit of 13. Allowing encryption with such IV is dangerous, which could leak the key.
The text was updated successfully, but these errors were encountered:
Hello.
I am using sjcl's latest version.
Sjcl successfully encrypts using CCM mode with an IV of 1049 bytes.
However, according to the Wycheproof test suite, this is forbidden :
I've checked the source code in ccm.js. It seems that it only limits the lower limit of 7 of IV's length and ignores the upper limit of 13. Allowing encryption with such IV is dangerous, which could leak the key.
The text was updated successfully, but these errors were encountered: