I am working on some code that receives AES/CCM encrypted packets but without the MAC appended. This causes me a problem in Java as the library expects the MAC to be there. Here is the snippet of code that performs the decryption:
javax.crypto.Cipher out = Cipher.getInstance("AES/CCM/NoPadding", "BC");
out.init(Cipher.DECRYPT_MODE, key, new javax.crypto.spec.IvParameterSpec.IvParameterSpec(nonce));
byte[] decrypted = out.doFinal(encrypted);
When executed this fails on my input because the 8 bytes of MAC is not appended to the end of the encrypted array. The error message is: Encryption failed : MAC check in CCM failed. Is there a way to set up the decryption using the Java libraries such that the MAC is not expected? Unfortunately I have no control over the format of the data sent to me by the remote device.
CCM is CBC with MAC. If you do not want to use authentication field, just use AES/CBC.