On Nov 19, 2014, at 6:26 PM, William McGovern <wi...@thaiglish.com> wrote:On Nov 19, 2014, at 6:09 PM, William McGovern <wi...@thaiglish.com> wrote:On Nov 19, 2014, at 5:03 PM, Maarten Bodewes <maarten...@gmail.com> wrote:this could for instance be a padding bug in OpenSSL's GCM implementation.a test vector with an AAD of 20 bytes created an authentication tag that is not correct,Hi all,I would be very grateful if somebody could explain why the following problem occurs:The Bouncy Castle implementation does seem to generate the correct value for the same test vector.I'll try and execute the code, but currently my openssl development environment is not up.Regards,
MaartenI built your code against 1.0.1j and got the expected result for the authtag on your test vector:should be: c75b7832b2a2d9bd827412b6ef5769dbresult is: c75b7832b2a2d9bd827412b6ef5769db$ openssl versionOpenSSL 1.0.1j 15 Oct 2014If I build against the native OpenSSL library in Ubuntu 12.04 that matches your version I get the same failure you are seeing:should be: c75b7832b2a2d9bd827412b6ef5769dbresult is: e5fb99cb5b9658aa5d2caa3308e0ce6c$ /usr/bin/openssl versionOpenSSL 1.0.1 14 Mar 2012It does seem to work correctly and give expected output when built on Ubuntu 14.04.