AES192 & AES256 in CBC mode [libgcrypt]

Jan Bilek jan.bilek at eftlab.co.uk
Sun Nov 30 14:18:42 CET 2014


Resending as previous email seemed to be bounced back by the  
http://www.dnsbl.manitu.net/'s spam filter.

Kind Regards,
Jan

On 30/11/14 23:02, Jan Bilek wrote:
> Hello Jussi,
>
> thanks for this, however I'm not sure how to interpret your email. 
> Does it mean that my test vectors are wrong? I calculated those "in 
> hand" so this might be the case, but then my understanding of CBC is 
> incorrect.
>
> Thank you,
> Jan
>
> On 30/11/14 19:07, Jussi Kivilinna wrote:
>> Hello,
>>
>> On 28.11.2014 03:10, Jan Bilek wrote:> Hello,
>>> I've just bounced in a potential problem with libgcrypt while trying 
>>> to do AES192 & AES256 in CBC mode.
>>>
>>> All works well with AES128 for all cipher modes, however when moving 
>>> to AES192 & AES256 and GCRY_CIPHER_MODE_CBC it looks like all 
>>> buffers are being written just in first 128 bits of output.
>>>
>>> Please see example code attached.
>>>
>>> Let me know if you'll be able to confirm that and if confirmed if I 
>>> may help with fixing it.
>> I added new CBC test vectors to tests/basic.c from RFC 3602 and NIST 
>> SP800-38A, which did work fine. Then I tried adding the test vectors 
>> from example code that you provided and those tests fail (AES128, 192 
>> and 256).
>>
>> check-cbc, encrypt mismatch entry 4:0
>> expected: 72 de 8d 00 17 e1 4a a3 5c 87 16 b3 33 55 92 5c b8 ef fc b9 
>> d8 aa 32 29 8a 76 6a 62 7c fc 29 52 e0 34 c8 72 32 91 0a 8d 18 93 13 
>> 48 fc af 45 24 01 1a 61 9d 6c 61 a2 38 5f c7 9d ce 7f 92 ee b8
>> computed: 72 de 8d 00 17 e1 4a a3 5c 87 16 b3 33 55 92 5c b8 ef fc b9 
>> d8 aa 32 29 8a 76 6a 62 7c fc 29 52 01 1a 61 9d 6c 61 a2 38 5f c7 9d 
>> ce 7f 92 ee b8 e0 34 c8 72 32 91 0a 8d 18 93 13 48 fc af 45 24
>> xor-diff: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
>> 00 00 00 00 00 00 00 00 00 00 00 00 e1 2e a9 ef 5e f0 a8 b5 47 54 8e 
>> 86 83 3d ab 9c e1 2e a9 ef 5e f0 a8 b5 47 54 8e 86 83 3d ab 9c
>> check-cbc, encrypt mismatch entry 5:0
>> expected: 12 e9 3d 3c b0 6d 13 44 e7 b9 5c eb b6 88 ec ba 39 f3 b0 21 
>> d7 a2 45 f0 9e 24 ed e1 2c 4f f6 a3 80 f9 f7 b7 3c f6 dc 46 3e e5 3a 
>> 7b d1 e6 1d 2e bb b1 38 b2 aa 22 7b 81 18 35 e0 a7 c8 20 53 f6
>> computed: fd 51 b0 e6 d2 98 09 85 4f 7a c7 a7 d6 97 c2 62 72 a2 d8 bb 
>> 5f 0f 43 5e 05 33 59 ef c7 4d f9 83 16 05 2c 29 91 55 1c 58 b9 d9 7d 
>> ec 5d dd eb 4c 7a 97 e1 a5 b5 04 60 59 6c 25 62 e5 50 1d 72 33
>> xor-diff: ef b8 8d da 62 f5 1a c1 a8 c3 9b 4c 60 1f 2e d8 4b 51 68 9a 
>> 88 ad 06 ae 9b 17 b4 0e eb 02 0f 20 96 fc db 9e ad a3 c0 1e 87 3c 47 
>> 97 8c 3b f6 62 c1 26 d9 17 1f 26 1b d8 74 10 82 42 98 3d 21 c5
>> check-cbc, encrypt mismatch entry 6:0
>> expected: 4a d8 4c 9f 32 dc 6a 95 63 49 a3 d3 cc 30 88 96 4b 5c aa f0 
>> 30 51 f1 9f 1e a9 11 71 52 89 46 0a 4c da 68 d7 17 6b a4 ed e0 4d 1b 
>> 69 c8 fb 54 f2 46 6a 14 7d 9a 4a d5 c4 bc 55 15 d4 1b d4 ac 7d
>> computed: b2 1f 9d bf bf fe c3 4f b0 98 fe f2 0b fc 8e 44 d1 ac 48 e0 
>> d9 1c b4 17 e1 32 19 05 80 f8 e9 da 60 fb 53 97 4a 6c 79 46 2a 7d 91 
>> 7c 87 71 af a7 87 44 37 05 2b 02 c7 63 52 b3 53 a3 a3 cf 8f 75
>> xor-diff: f8 c7 d1 20 8d 22 a9 da d3 d1 5d 21 c7 cc 06 d2 9a f0 e2 10 
>> e9 4d 45 88 ff 9b 08 74 d2 71 af d0 2c 21 3b 40 5d 07 dd ab ca 30 8a 
>> 15 4f 8a fb 55 c1 2e 23 78 b1 48 12 a7 ee e6 46 77 b8 1b 23 08
>>
>> Patch with these tests for libgcrypt/master attached.
>>
>> -Jussi
>>
>>> Thank you & Kind Regards,
>>> Jan
>>>
>>> Jan Bilek
>>> CTO, EFTlab Pty Ltd
>>> email: jan.bilek at eftlab.co.uk
>>> mob:   +61 (0) 498 103 179
>>>
>>> This message contains confidential information and is intended only 
>>> for the addressee(s). E-mail transmission cannot be guaranteed to be 
>>> secure or error-free as information could be intercepted, corrupted, 
>>> lost, destroyed, arrive late or incomplete, or contain viruses. 
>>> EFTlab Ltd cannot accept liability for any errors or omissions in 
>>> the contents of this message, which may arise as a result of e-mail 
>>> transmission. Please note that EFTlab Ltd may monitor, analyse and 
>>> archive email traffic, data and the content of email for the 
>>> purposes of security, legal compliance and staff training. If you 
>>> have received this email in error please notify us at 
>>> support at eftlab.co.uk. EFTlab is a limited company registered in 
>>> England & Wales with Reg No. 07528943. The Registered Office is 
>>> 21-27 Lamb's Conduit Street, London, WC1N 3GS.
>>>
>>>
>>> _______________________________________________
>>> Gcrypt-devel mailing list
>>> Gcrypt-devel at gnupg.org
>>> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>>>
>




More information about the Gcrypt-devel mailing list