On Tue, 10 Dec 2019 at 11:06, Keerthy <j-keerthy@xxxxxx> wrote:
>
>
>
> On 10/12/19 3:31 pm, Ard Biesheuvel wrote:
> > Hello Keerthy,
> >
> > On Tue, 10 Dec 2019 at 10:35, Keerthy <j-keerthy@xxxxxx> wrote:
> >>
> >> Hi Ard,
> >>
> >> I am not sure if am the first one to report this. It seems like
> >> aes_expandkey is giving me different expansion over what i get with the
> >> older crypto_aes_expand_key which was removed with the below commit:
> >>
> >> commit 5bb12d7825adf0e80b849a273834f3131a6cc4e1
> >> Author: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx>
> >> Date: Tue Jul 2 21:41:33 2019 +0200
> >>
> >> crypto: aes-generic - drop key expansion routine in favor of library
> >> version
> >>
> >> The key that is being expanded is from the crypto aes(cbc) testsuite:
> >>
> >> }, { /* From NIST SP800-38A */
> >> .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
> >> "\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
> >> "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
> >> .klen = 24,
> >>
> >>
> >> The older version crypto_aes_expand_key output that passes the cbc(aes)
> >> decryption test:
...
> >>
> >> The difference is between 52nd index through 59.
> >>
> >> Any ideas if this is expected?
> >>
> >
> > Yes, this is expected. This particular test vector uses a 192 bit key,
> > so those values are DC/ignored.
>
> Thanks for the quick response. However with the new implementation
> decryption test case fails for me with wrong result.
Can you share more details please? Platform, endianness, etc ...
