On Fri, Sep 17, 2021 at 2:31 PM austin clifton <austin.clif...@otoy.com> wrote:
> Hey Jeff, thanks for the fast response!
> Yes, the encrypted sha from your AMD CPUs matches what I get on my Ryzen 7 
> 3700X.
> The encrypted sha from the i7 is 
> 8F16077454F8477594CAD4304126B0A6F30C8C4D2536E2441FFFD320656E1DF1. That's also 
> the sha I get if I disable AVX on my Ryzen when compiling cryptopp.
> I'm not sure which sha is "correct" but we are seeing the same behavior 
> across the AMD CPUs. Would it make sense to disable assembly altogether to 
> get a reference encrypted sha256?

Yes, that is what I usually do when I need a reference. I add
-DCRYPTOPP_DISABLE_ASM to CXXFLAGS. That removes all inline assembly
and intrinsics.

In the case of ChaCha there is another option for a reference. You can
use Bernstein's reference implementation. I use the author's
implementation for test vectors, when available. I keep them stashed
away at https://github.com/noloader/cryptopp-test.

Note that Bernstein's ChaCah and the IETF's ChaCha are slightly
different. Bernstein uses a 64-bit counter that starts at 0 and cannot
wrap. IETF uses a 32-bit counter that can wrap. The IETF never
specified what to do when wrap occurs.

> We are seeing the same behavior from MSVC and GCC compilers. I can try master 
> with GCC here too but sounds like that fix is unrelated?

Yeah, I think that is an issue with the CPU, not the compiler.

> I'll try to glean more useful data from logs I have here. We distribute 
> encrypted assets to lots of machines (all running Windows) but I have to dig 
> around some.

The guy to ask is Agner Fog, https://www.agner.org. I'm not sure
whether he runs a mailing list.


You received this message because you are subscribed to the Google Groups 
"Crypto++ Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to cryptopp-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit 

Reply via email to