[openssl-dev] [openssl.org #4500] Testing cipher AES-128-XTS(encrypt/decrypt) failure

[Andy Polyakov via RT]

> Hi Paul,

It doesn't seem unlike that OP is not subscribed, so he won't see
responses send to <openssl-dev> alone. To ensure delivery and or reply
to <rt at openssl.org>.

> I have not checked the code for the test, but I do get the expected
> values with my little test program.

But what is your host, Massimiliano? Is it also Hercules, and if so
which version? As Paul indicated later, it might be Hercules bug, and it
would be helpful if you can tell what's your version. One has to keep in
mind that not all version implement XTS support...

> Here's the dump (key and iv set to 0
> - block size is 32 bytes (i.e. 2 * 128bit units)):
> 
>     AES XTS Encrypt:
>     ----------------
> 
>     Plaintext (32):
>     0020 - <SPACES/NULS>
> 
>     Ciphertext 32:
>     0000 - 91 7c f6 9e bd 68 b2 ec-9b 9f e9 a3 ea dd a6 92  
>     .|...h..........
>     0010 - cd 43 d2 f5 95 98 ed 85-8c 02 c2 65 2f bf 92 2e  
>     .C.........e/...
> 
>     AES XTS Decrypt:
>     ----------------
> 
>     Encrypted Data:
>     0000 - 91 7c f6 9e bd 68 b2 ec-9b 9f e9 a3 ea dd a6 92  
>     .|...h..........
>     0010 - cd 43 d2 f5 95 98 ed 85-8c 02 c2 65 2f bf 92 2e  
>     .C.........e/...
> 
>     Decrypt Offset: 0
>     Original Start: 0
>     Throw Away: 0
> 
>     Clear Text 32:
>     0020 - <SPACES/NULS>
> 
> My guess is that the second part of the key is not all zeros - this
> would cause you to get the first part of the message encrypted correctly
> and the second part not having the good values... this is just my guess,
> of course.
> 
> Cheers,
> Max


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4500
Please log in as guest with password guest if prompted