[openssl-users] FIPS certification for AES GCM mode algorithm
Leon Brits
leonb at parsec.co.za
Tue Nov 17 07:48:29 UTC 2015
Hi all,
We are using the OpenSSL FIPS module v2.0 and are in the process of certifying the algorithms for our implementation. As part of this process there are different types of questionnaires about the algorithms. The questionnaire for AES GCM mode asks:
:
:
Input Data Lengths (0 to 65536 bits, multiples of 8):
* If any category of Plaintext or AAD value is not supported, enter "0" in both fields.
* If only one value is supported for a given category, enter that value in both fields.
Plaintext: Supports 0 Length Plaintext (GMAC)
* Enter 2 Plaintext values that are multiples of 128: (1) 0 (2) 1024
* Enter 2 Plaintext values that are not multiples of 128: (1) 0 (2) 1024
AAD: Supports 0 Length AAD (Additional Authenticated Data)
* Enter 2 AAD values that are multiples of 128: (1) 0 (2) 1024
* Enter 2 AAD values that are not multiples of 128: (1) 0 (2) 1024
:
Any advice on what two values to enter for "multiple of 128" and "not multiple of 128" for plaintext and AAD. Why do I need to select these values? Are there exclusions in that range (0-1024)?
Thanks for your time
Regards,
LJB
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20151117/cf3a4d4b/attachment-0001.html>
More information about the openssl-users
mailing list