Is AES-256-CCM supported?

[samoht]

I see CRYPTO_CIPHER_AES256_CCM is defined in the EncCipherSuite enum and AES256_CCM_KEYLEN exists, but I couldn't find any unit tests using CCM or documentation on how to configure it.

When I try to use it (SA with ecs=CRYPTO_CIPHER_AES256_CCM, 12-byte IV, 16-byte MAC), the output doesn't appear to be encrypted - the data field still contains plaintext.

Looking at the code, I noticed Crypto_Is_AEAD_Algorithm() checks for GCM, CBC_MAC, and GCM_SIV but not CCM. Should CCM be included there, or is CCM not meant to go through the AEAD path?

I also couldn't find the gcry_cipher_ctl(h, GCRYCTL_SET_CCM_LENGTHS, ...) call that libgcrypt requires for CCM mode. Is CCM with libgcrypt still work-in-progress, or am I configuring something wrong?

Thanks!