On Thu, Feb 02, 2017 at 08:01:47AM +0000, Ard Biesheuvel wrote: > > You are right: due to its construction, the CCM mode does not care > about the incremented counter because it clears the counter part of > the IV before encrypting the MAC. So this is caused by an optimization > in my code rather than the CCM code being incorrect. OK so you will send me an update for the ARM64 code, right? Thanks, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
