Am Mittwoch, 7. Juni 2017, 15:57:31 CEST schrieb Che-Min Hsieh:
Hi Che,
> Rfc4309 test vectors in testmgr.h have gone through major changes from
> linux3 to linux4. In linux 4.4, linux4.9, there are vectors as such
I think you and the kernel implement crypto properly. It is just the
formatting that you do not get right.
See crypto/ccm.c:
static struct aead_request *crypto_rfc4309_crypt(struct aead_request *req)
{
...
scatterwalk_map_and_copy(iv + 16, req->src, 0, req->assoclen - 8, 0);
...
The key is how to understand the input data format. RFC4309 CCM is no cipher
implementation, but rather a special formatting of the CCM input data.
In your code, change the following line
> // Add the AAD
> EVP_EncryptUpdate(cryptCtx, 0, &outl, A, sizeof(A));
to
EVP_EncryptUpdate(cryptCtx, 0, &outl, A, sizeof(A) - 8);
and you will see consistent results.
Ciao
Stephan
