AES192 & AES256 in CBC mode [libgcrypt]

Jan Bilek jan.bilek at eftlab.co.uk
Sun Nov 30 17:26:46 CET 2014 

Hi,

problem found and fixed between the chair and keyboard on my side.

Thank you for your support & Kind Regards,
Jan


On 30/11/14 23:18, Jan Bilek wrote:
> Resending as previous email seemed to be bounced back by the 
> http://www.dnsbl.manitu.net/'s spam filter.
>
> Kind Regards,
> Jan
>
> On 30/11/14 23:02, Jan Bilek wrote:
>> Hello Jussi,
>>
>> thanks for this, however I'm not sure how to interpret your email. 
>> Does it mean that my test vectors are wrong? I calculated those "in 
>> hand" so this might be the case, but then my understanding of CBC is 
>> incorrect.
>>
>> Thank you,
>> Jan
>>
>> On 30/11/14 19:07, Jussi Kivilinna wrote:
>>> Hello,
>>>
>>> On 28.11.2014 03:10, Jan Bilek wrote:> Hello,
>>>> I've just bounced in a potential problem with libgcrypt while 
>>>> trying to do AES192 & AES256 in CBC mode.
>>>>
>>>> All works well with AES128 for all cipher modes, however when 
>>>> moving to AES192 & AES256 and GCRY_CIPHER_MODE_CBC it looks like 
>>>> all buffers are being written just in first 128 bits of output.
>>>>
>>>> Please see example code attached.
>>>>
>>>> Let me know if you'll be able to confirm that and if confirmed if I 
>>>> may help with fixing it.
>>> I added new CBC test vectors to tests/basic.c from RFC 3602 and NIST 
>>> SP800-38A, which did work fine. Then I tried adding the test vectors 
>>> from example code that you provided and those tests fail (AES128, 
>>> 192 and 256).
>>>
>>> check-cbc, encrypt mismatch entry 4:0
>>> expected: 72 de 8d 00 17 e1 4a a3 5c 87 16 b3 33 55 92 5c b8 ef fc 
>>> b9 d8 aa 32 29 8a 76 6a 62 7c fc 29 52 e0 34 c8 72 32 91 0a 8d 18 93 
>>> 13 48 fc af 45 24 01 1a 61 9d 6c 61 a2 38 5f c7 9d ce 7f 92 ee b8
>>> computed: 72 de 8d 00 17 e1 4a a3 5c 87 16 b3 33 55 92 5c b8 ef fc 
>>> b9 d8 aa 32 29 8a 76 6a 62 7c fc 29 52 01 1a 61 9d 6c 61 a2 38 5f c7 
>>> 9d ce 7f 92 ee b8 e0 34 c8 72 32 91 0a 8d 18 93 13 48 fc af 45 24
>>> xor-diff: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 
>>> 00 00 00 00 00 00 00 00 00 00 00 00 00 e1 2e a9 ef 5e f0 a8 b5 47 54 
>>> 8e 86 83 3d ab 9c e1 2e a9 ef 5e f0 a8 b5 47 54 8e 86 83 3d ab 9c
>>> check-cbc, encrypt mismatch entry 5:0
>>> expected: 12 e9 3d 3c b0 6d 13 44 e7 b9 5c eb b6 88 ec ba 39 f3 b0 
>>> 21 d7 a2 45 f0 9e 24 ed e1 2c 4f f6 a3 80 f9 f7 b7 3c f6 dc 46 3e e5 
>>> 3a 7b d1 e6 1d 2e bb b1 38 b2 aa 22 7b 81 18 35 e0 a7 c8 20 53 f6
>>> computed: fd 51 b0 e6 d2 98 09 85 4f 7a c7 a7 d6 97 c2 62 72 a2 d8 
>>> bb 5f 0f 43 5e 05 33 59 ef c7 4d f9 83 16 05 2c 29 91 55 1c 58 b9 d9 
>>> 7d ec 5d dd eb 4c 7a 97 e1 a5 b5 04 60 59 6c 25 62 e5 50 1d 72 33
>>> xor-diff: ef b8 8d da 62 f5 1a c1 a8 c3 9b 4c 60 1f 2e d8 4b 51 68 
>>> 9a 88 ad 06 ae 9b 17 b4 0e eb 02 0f 20 96 fc db 9e ad a3 c0 1e 87 3c 
>>> 47 97 8c 3b f6 62 c1 26 d9 17 1f 26 1b d8 74 10 82 42 98 3d 21 c5
>>> check-cbc, encrypt mismatch entry 6:0
>>> expected: 4a d8 4c 9f 32 dc 6a 95 63 49 a3 d3 cc 30 88 96 4b 5c aa 
>>> f0 30 51 f1 9f 1e a9 11 71 52 89 46 0a 4c da 68 d7 17 6b a4 ed e0 4d 
>>> 1b 69 c8 fb 54 f2 46 6a 14 7d 9a 4a d5 c4 bc 55 15 d4 1b d4 ac 7d
>>> computed: b2 1f 9d bf bf fe c3 4f b0 98 fe f2 0b fc 8e 44 d1 ac 48 
>>> e0 d9 1c b4 17 e1 32 19 05 80 f8 e9 da 60 fb 53 97 4a 6c 79 46 2a 7d 
>>> 91 7c 87 71 af a7 87 44 37 05 2b 02 c7 63 52 b3 53 a3 a3 cf 8f 75
>>> xor-diff: f8 c7 d1 20 8d 22 a9 da d3 d1 5d 21 c7 cc 06 d2 9a f0 e2 
>>> 10 e9 4d 45 88 ff 9b 08 74 d2 71 af d0 2c 21 3b 40 5d 07 dd ab ca 30 
>>> 8a 15 4f 8a fb 55 c1 2e 23 78 b1 48 12 a7 ee e6 46 77 b8 1b 23 08
>>>
>>> Patch with these tests for libgcrypt/master attached.
>>>
>>> -Jussi
>>>
>>>> Thank you & Kind Regards,
>>>> Jan
>>>>
>>>> Jan Bilek
>>>> CTO, EFTlab Pty Ltd
>>>> email: jan.bilek at eftlab.co.uk
>>>> mob:   +61 (0) 498 103 179
>>>>
>>>> This message contains confidential information and is intended only 
>>>> for the addressee(s). E-mail transmission cannot be guaranteed to 
>>>> be secure or error-free as information could be intercepted, 
>>>> corrupted, lost, destroyed, arrive late or incomplete, or contain 
>>>> viruses. EFTlab Ltd cannot accept liability for any errors or 
>>>> omissions in the contents of this message, which may arise as a 
>>>> result of e-mail transmission. Please note that EFTlab Ltd may 
>>>> monitor, analyse and archive email traffic, data and the content of 
>>>> email for the purposes of security, legal compliance and staff 
>>>> training. If you have received this email in error please notify us 
>>>> at support at eftlab.co.uk. EFTlab is a limited company registered in 
>>>> England & Wales with Reg No. 07528943. The Registered Office is 
>>>> 21-27 Lamb's Conduit Street, London, WC1N 3GS.
>>>>
>>>>
>>>> _______________________________________________
>>>> Gcrypt-devel mailing list
>>>> Gcrypt-devel at gnupg.org
>>>> http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
>>>>
>>
>

More information about the Gcrypt-devel mailing list