On Tuesday 05 May 2009 09:18:35 Herbert Xu wrote: > On Mon, May 04, 2009 at 04:24:44PM -0400, Jarod Wilson wrote: > > > > Indeed, the first enc/dec operation after we set the counter *is* > > completely deterministic across all implementations, the AESAVS > > is referring to tests with multiple operations, which aren't > > possible, due to varying implementations of counter increment > > routines. This patch adds test vectors for ctr(aes), using the > > first block input values from Appendix F.5 of NIST Special Pub > > 800-38A. > > Well, our ctr(aes) must be completely deterministic as it is > used as the base for CCM and GCM. In fact, if it weren't so > then you can't use it for anything since two implementations > may produces different outputs. Yeah, that makes sense, I believe I finally see the light. > So if you could resend some vectors that test multiple blocks > then I'll happily add them. Multi-block test vectors coming shortly, passing in all the input blocks from F.5 of 800-38A is spitting back the expected answers for ever block. -- Jarod Wilson jarod@xxxxxxxxxx -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
