From f50c7763856641d88f9a9c2757964a0433b82f42 Mon Sep 17 00:00:00 2001
From: Vitaly Chikunov <vt@altlinux.org>
Date: Mon, 23 Jul 2018 03:41:37 +0300
Subject: [PATCH] test_grasshopper: Test OFB after it's fixed

(cherry picked from commit ee15414bf118b8e3370ec8b5f0c4ff74eea9b31f)
---
 test_grasshopper.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/test_grasshopper.c b/test_grasshopper.c
index cb27895..434586f 100644
--- a/test_grasshopper.c
+++ b/test_grasshopper.c
@@ -223,14 +223,18 @@ int main(int argc, char **argv)
     ret |= test_block(cipher_gost_grasshopper_ctr(), "ctr", E_CTR);
     ret |= test_block(cipher_gost_grasshopper_ctr(), "ctr iv2", E_CTR_IV2);
     ret |= test_stream(cipher_gost_grasshopper_ctr(), "ctr", E_CTR);
-    ret |= test_block(cipher_gost_grasshopper_ofb(), "ofb", E_OFB);
     /*
      * Other modes (ofb, cbc, cfb) is impossible to test to match GOST R
-     * 34.13-2015 test vectors due to these vectors having exceeding IV
-     * length value (m) = 256 bits, while openssl have hardcoded limit
+     * 34.13-2015 test vectors exactly, due to these vectors having exceeding
+     * IV length value (m) = 256 bits, while openssl have hard-coded limit
      * of maximum IV length of 128 bits (EVP_MAX_IV_LENGTH).
      * Also, current grasshopper code having fixed IV length of 128 bits.
+     *
+     * Thus, new test vectors are generated with truncated 128-bit IV using
+     * canonical GOST implementation from TC26.
      */
+    ret |= test_block(cipher_gost_grasshopper_ofb(), "ofb", E_OFB);
+    ret |= test_stream(cipher_gost_grasshopper_ctr(), "ofb", E_CTR);
 
     ret |= test_omac();
 
-- 
2.39.2