std.crypto: add AES-CCM and CBC-MAC #25526
Open
+1,031
−0
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
aarvay
force-pushed
the
aes-ccm-implementation
branch
from
422bf7a to
a1fda3b
Compare
jedisct1
reviewed
Oct 10, 2025
|
For the counter, you can use Feel free to copy/paste anything you need from the implementations at https://gist.github.com/jedisct1/140251214fbf3938e5c0196a7fb37f8f and https://gist.github.com/jedisct1/4227b9c5026fb095a0f007e4fad25a34 |
aarvay
force-pushed
the
aes-ccm-implementation
branch
from
a1fda3b to
52c45af
Compare
jedisct1
reviewed
Oct 10, 2025
aarvay
force-pushed
the
aes-ccm-implementation
branch
2 times, most recently
from
99ec817 to
8c3d7e4
Compare
jedisct1
reviewed
Oct 13, 2025
aarvay
force-pushed
the
aes-ccm-implementation
branch
from
8c3d7e4 to
5153ced
Compare
Add AES-CCM (Counter with CBC-MAC) authenticated encryption and CBC-MAC message authentication code implementations to the standard library. AES-CCM combines CTR mode encryption with CBC-MAC authentication as specified in NIST SP 800-38C and RFC 3610. It provides authenticated encryption with support for additional authenticated data (AAD). CBC-MAC is a simple MAC construction used internally by CCM, specified in FIPS 113 and ISO/IEC 9797-1. Includes comprehensive test vectors from RFC 3610 and NIST SP 800-38C.
Implements CCM* mode per IEEE 802.15.4 specification, extending AES-CCM to support encryption-only mode when tag_len=0. This is required by protocols like ZigBee, Thread, and WirelessHART. Changes: - Allow tag_len=0 for encryption-only mode (no authentication) - Skip CBC-MAC computation when tag_len=0 in encrypt/decrypt - Correctly encode M'=0 in B0 block for CCM* mode - Add Aes128Ccm0 and Aes256Ccm0 convenience instances - Add IEEE 802.15.4 test vectors and CCM* tests
aarvay
force-pushed
the
aes-ccm-implementation
branch
2 times, most recently
from
91f9efb to
9e700f4
Compare
|
Looks good to me! |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add AES-CCM (Counter with CBC-MAC) authenticated encryption and CBC-MAC message authentication code implementations to the standard library.
AES-CCM combines CTR mode encryption with CBC-MAC authentication as specified in NIST SP 800-38C and RFC 3610. It provides authenticated encryption with support for additional authenticated data (AAD).
CBC-MAC is a simple MAC construction used internally by CCM, specified in FIPS 113 and ISO/IEC 9797-1.
Includes comprehensive test vectors from RFC 3610 and NIST SP 800-38C.