On Tue, 10 Dec 2019 at 11:06, Keerthy <j-keerthy@xxxxxx> wrote: > > > > On 10/12/19 3:31 pm, Ard Biesheuvel wrote: > > Hello Keerthy, > > > > On Tue, 10 Dec 2019 at 10:35, Keerthy <j-keerthy@xxxxxx> wrote: > >> > >> Hi Ard, > >> > >> I am not sure if am the first one to report this. It seems like > >> aes_expandkey is giving me different expansion over what i get with the > >> older crypto_aes_expand_key which was removed with the below commit: > >> > >> commit 5bb12d7825adf0e80b849a273834f3131a6cc4e1 > >> Author: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > >> Date: Tue Jul 2 21:41:33 2019 +0200 > >> > >> crypto: aes-generic - drop key expansion routine in favor of library > >> version > >> > >> The key that is being expanded is from the crypto aes(cbc) testsuite: > >> > >> }, { /* From NIST SP800-38A */ > >> .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52" > >> "\xc8\x10\xf3\x2b\x80\x90\x79\xe5" > >> "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b", > >> .klen = 24, > >> > >> > >> The older version crypto_aes_expand_key output that passes the cbc(aes) > >> decryption test: ... > >> > >> The difference is between 52nd index through 59. > >> > >> Any ideas if this is expected? > >> > > > > Yes, this is expected. This particular test vector uses a 192 bit key, > > so those values are DC/ignored. > > Thanks for the quick response. However with the new implementation > decryption test case fails for me with wrong result. Can you share more details please? Platform, endianness, etc ...