David: This is just a quick and dirty superficial guess, but are you copying from the correct place in memory? I.e., is the value of: ctx.Xi.c, a pointer to the address that holds the first byte of the tag? If you do a byte-wise dump of the entire structure and then do visual pattern matching for the tag (which you already know), then you can count the offset, etc. And, then you can see if the numerical value of ctx.Xi.c points to the correct address.
Good luck On Fri, May 18, 2012 at 10:22 AM, Li, David <l...@cloudshield.com> wrote: > Hi Experts,**** > > ** ** > > First time I am using AES-GCM mode to run the NIST test vectors. The API > is:**** > > ** ** > > void AES_gcm128_encrypt(GCM128_CONTEXT *ctx,**** > > const unsigned char *in, unsigned char *out,**** > > size_t len)**** > > ** ** > > ** ** > > After initialization and encryption, my cipher text matched the one from > NIST vector but tag value didn’t. I obtained the tag value by:**** > > ** ** > > Unsigned char tag[16];**** > > memcpy(tag, ctx.Xi.c, 16);**** > > ** ** > > Anyone can think of a reason what might have gone wrong?**** > > ** ** > > **- **David**** > > ** ** > > ** ** > > The test vectors from NIST look like:**** > > ============================**** > > [Keylen = 256]**** > > [IVlen = 128]**** > > [PTlen = 1024]**** > > [AADlen = 1024]**** > > [Taglen = 120]**** > > ** ** > > Count = 0**** > > Key = ec566324ad9d4cd015821e2cd4ed4d3d507bdb3c65bd50acc85f690ef06740fa**** > > PT = > 348d35768d7192415cbb92c5625f10edd79f24c56d4b821aaf80d7dc83e901ede6be94d1efe11a3acd16ac00aea8d0d4875c47522332fed11cdf0816b26978de431c89d2fe6d122b2d4980f1d53a97edc15e490a44e73cba9394ca4bbb871675c729c39de80d6678c71b1bd220e4647bfd20a7ddbefe2b7eec7276b87c92ba77 > **** > > AAD = > fa6f38f8e562a54bb2281dc9a7cbe0b981292fb00dc0053185550a300661852179d0f2beb4e7759b81316fbfead5c858e6fce73f3cd2c2462925dbb199a4e6c121d051b1b5ebf60e16d1e30f6973b19cf31830da30588fdfff6115a4a1f6d977a72583379a56055724581be5232b0d1b0ae88bab5d4a031b058bc8d03078dcd5 > **** > > IV = 95c8a544c4b94e9fbfd76e66f40bb975**** > > CT = > 8b4da79f3ae1ea35a80af2f52fc640055e6a3b92617ddfa79fe5d8a49f28ddf36a82a17ca0b3cdf1726700f7ffc09ae5b412d064fd52a90a76bacc74a0b89e38dc474e880a2b768ffa91fef34c47759a7b8fd7faa32a4fcb258349495e4438c7b2055a8f462729fa4e7223aa9b47087695e3aabf43afb32e272d536b257b748a > **** > > Tag = b1faec277697add8f756391dd9c7f4**** > > ** ** > > ** ** > -- Slavish adherence to ideology in the pursuit of power leads to magical thinking and regrettable behavior. John Zavgren 603-371-0513 (home) 603-801-2094 (cell) johnzavgren (skype) 603-821-0904 (skype) j...@zavgren.com
