On 10.02.2015 18:22, Marcus Meissner wrote: > Hi Jussi, > > We were trying to use rfc4543(gcm(aes)) in the kernel for FIPS mode, > but the testvectors seem to fail.
You probably need to add '.fips_allowed = 1,' in testmgr.c for "rfc4543(gcm(aes))" to enable algorithm in fips mode. > > Did you verify that they work? Are these the ones from Page 18 of > https://tools.ietf.org/html/draft-mcgrew-gcm-test-01, as there the > "plaintext" > and "aaad" seem to be switched? rfc4543() wrapper constructs the aad from '.assoc' and '.input'. -Jussi > > Ciao, Marcus >
signature.asc
Description: OpenPGP digital signature
