<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 10/23/2015 01:38 PM, Vijay Singh wrote:<br>
<blockquote
cite="mid:CALCNsJRz_o3A=9VyZncsTJ91_oOBpHcDuLVX90MGVPyGpqDztQ@mail.gmail.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<p dir="ltr">It seems that the library uses 13 bytes of AAD data.
Is this per-spec? The reason I am asking is that the new Intel
AESNI APIs that provide HW support seem to require AAD as a
multiple of 4 bytes, and 0 padding the AAD changes the computed
auth value.</p>
</blockquote>
<br>
Sorry, is the claim that the authentication tag is 13 bytes, or that
some portion of the codebase is supplying additional authenticated
data of length 13 bytes, or something else? OpenSSL does make use
of the AESNI APIs for GCM, so it is not clear where you are
observing this seemingly incompatible behavior.<br>
<br>
<blockquote
cite="mid:CALCNsJRz_o3A=9VyZncsTJ91_oOBpHcDuLVX90MGVPyGpqDztQ@mail.gmail.com"
type="cite">
<p dir="ltr">Any insights are much appreciated.</p>
<br>
</blockquote>
<br>
That will be difficult without better pointers to what behavior your
are observing.<br>
<br>
-Ben Kaduk<br>
</body>
</html>