On Wed, 2022-10-12 at 11:02 +0200, Tomas Mraz wrote: > On Tue, 2022-10-11 at 10:50 +0000, Fernando Elena Benavente wrote: > > Hi guys, Im triying to use the EVP_MAC OpenSSL API with the > > CMAC_AES256, I have been using some testing vectors I found on > > github, but seems they doesn’t work on the CMAC of OpenSSl, as the > > expected output of the test vectors are different from the OpenSSL > > CMAC output. > > > > I attach a screenshot of the test vectors we are using, and how we > > are introducing it on our key and plaintext variables, the CMAC > > code > > is the demo code on OpenSSL github. > > > > It is better not to use screenshots if possible and rather do > copy&paste to save mailbox space of all the recipients. > > Our demo is actually incorrect because the cipher name used should be > 'AES-256-CBC' to produce a proper CMAC. Ahem... I am actually wrong, the demo is right although somewhat misleading, because "aes256" (which is in the demo) is an alias for "AES-256-CBC". Looking at the screenshots - you cannot use the hexadecimal value of the input directly in the data[] as you do. You need to initialize the data[] as an array similarly to how key is initialized. -- Tomáš Mráz, OpenSSL
