On Thu, Aug 04, 2011, Tyrel Haveman wrote:
Is there someone in particular who would be optimal to look into this? I
have no knowledge of the code or algorithm in question here.
What happens if you do:
fips_test_suite post
Please send the full output.
Also temporarily in e_aes.c try
Hi,
I want to make apache to use aes cipher for encryption in ctr mode (by
default it is cbc mode). Cipher mode for aes is not specified in the cipher
list. I know the mode is not being chosen in the hello process, but do you
know when client and the server settle on the cipher mode they are about
On Thu, Aug 04, 2011, Roham Sameni wrote:
Hi,
I want to make apache to use aes cipher for encryption in ctr mode (by
default it is cbc mode). Cipher mode for aes is not specified in the cipher
list. I know the mode is not being chosen in the hello process, but do you
know when client and the
Dr. Henson
Changing #define AESNI_CAPABLE 0 resolved the problem. All the tests run
ok.
Ken
--- On Fri, 8/5/11, Dr. Stephen Henson st...@openssl.org wrote:
From: Dr. Stephen Henson st...@openssl.org
Subject: Re: FIPS CCM self-test failure
To: openssl-dev@openssl.org
Date: Friday,
Dr. Henson
The error happens in fips_aes_selftest.c, lines 157-159:
if (memcmp(tag, ccm_tag, sizeof(ccm_tag))
|| memcmp(out, ccm_ct, sizeof(ccm_ct)))
goto err;
If I comment out these three lines, all tests run ok.
Ken
--- On Fri, 8/5/11, Dr. Stephen Henson st...@openssl.org
The full output of fips_test_suite post is below. I tried changing
AESNI_CAPABLE to 0 as you suggested, and all tests now succeed, as Ken also
experienced.
Here's the output of fips_test_suite:
POST started
DRBG AES-128-CTR DF test started
DRBG AES-128-CTR