Re: [PATCH] to fix vmac test fails on s390
On Tue, Mar 16, 2010 at 01:25:54PM +0800, Wang, Shane wrote:
> That should be simpler and better.
OK can you please resubmit the patch?
Thanks,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~}
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH] to fix vmac test fails on s390
That should be simpler and better.
Thanks.
Shane
-Original Message-
From: Herbert Xu [mailto:herb...@gondor.apana.org.au]
Sent: 2010年3月2日 21:57
To: Wang, Shane
Cc: Sebastian Andrzej Siewior; Jan Glauber; Cihula, Joseph; linux-crypto
Subject: Re: [PATCH] to fix vmac test fails on s390
On Mon, Feb 22, 2010 at 11:21:04AM +0800, Wang, Shane wrote:
>
> @@ -474,7 +475,10 @@ static u64 vmac(unsigned char m[], unsig
> }
> p = be64_to_cpup(out_p + i);
> h = vhash(m, mbytes, (u64 *)0, &ctx->__vmac_ctx);
> - return p + h;
> + r = p + h;
> + r = le64_to_cpup(&r);
> +
> + return r;
Is there any reason why we don't simply do
return le64_to_cpu(p + h);
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~}
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
Re: [PATCH] to fix vmac test fails on s390
On Mon, Feb 22, 2010 at 11:21:04AM +0800, Wang, Shane wrote:
>
> @@ -474,7 +475,10 @@ static u64 vmac(unsigned char m[], unsig
> }
> p = be64_to_cpup(out_p + i);
> h = vhash(m, mbytes, (u64 *)0, &ctx->__vmac_ctx);
> - return p + h;
> + r = p + h;
> + r = le64_to_cpup(&r);
> +
> + return r;
Is there any reason why we don't simply do
return le64_to_cpu(p + h);
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~}
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH] to fix vmac test fails on s390
This patch is to fix the vmac algorithm, add more test cases for vmac, and fix
the test failure on some big endian system like s390.
Signed-off-by: Shane Wang
crypto/testmgr.h | 64 +---
crypto/vmac.c| 80 ++---
2 files changed, 100 insertions(+), 44 deletions(-)
diff -r 91636f5ce7a2 crypto/testmgr.h
--- a/crypto/testmgr.h Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/testmgr.h Mon Feb 22 05:24:19 2010 -0500
@@ -1669,17 +1669,73 @@ static struct hash_testvec aes_xcbc128_t
}
};
-#define VMAC_AES_TEST_VECTORS 1
-static char vmac_string[128] = {'\x01', '\x01', '\x01', '\x01',
+#define VMAC_AES_TEST_VECTORS 8
+static char vmac_string1[128] = {'\x01', '\x01', '\x01', '\x01',
'\x02', '\x03', '\x02', '\x02',
'\x02', '\x04', '\x01', '\x07',
'\x04', '\x01', '\x04', '\x03',};
+static char vmac_string2[128] = {'a', 'b', 'c',};
+static char vmac_string3[128] = {'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ };
+
static struct hash_testvec aes_vmac128_tv_template[] = {
{
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = NULL,
+ .digest = "\x07\x58\x80\x35\x77\xa4\x7b\x54",
+ .psize = 0,
+ .ksize = 16,
+ }, {
.key= "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .plaintext = vmac_string,
- .digest = "\xcb\xd7\x8a\xfd\xb7\x33\x79\xe7",
+ .plaintext = vmac_string1,
+ .digest = "\xce\xf5\x3c\xd3\xae\x68\x8c\xa1",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string2,
+ .digest = "\xc9\x27\xb0\x73\x81\xbd\x14\x2d",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string3,
+ .digest = "\x8d\x1a\x95\x8c\x98\x47\x0b\x19",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = NULL,
+ .digest = "\x3b\x89\xa1\x26\x9e\x55\x8f\x84",
+ .psize = 0,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string1,
+ .digest = "\xab\x5e\xab\xb0\xf6\x8d\x74\xc2",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string2,
+ .digest = "\x11\x15\x68\x42\x3d\x7b\x09\xdf",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string3,
+ .digest = "\x8b\x32\x8f\xe1\xed\x8f\xfa\xd4",
.psize = 128,
.ksize = 16,
},
diff -r 91636f5ce7a2 crypto/vmac.c
--- a/crypto/vmac.c Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/vmac.c Mon Feb 22 05:24:19 2010 -0500
@@ -42,6 +42,8 @@ const u64 m63 = UINT64_C(0x7ff
const u64 m63 = UINT64_C(0x7fff); /* 63-bit mask */
const u64 m64 = UINT64_C(0x); /* 64-bit mask */
const u64 mpoly = UINT64_C(0x1fff1fff); /* Poly key mask */
+
+#define pe64_to_cpup le64_to_cpup /* Prefer little endian */
#ifdef __LITTLE_ENDIAN
#define INDEX_HIGH 1
@@ -110,8 +112,8 @@ const u64 mpoly = UINT64_C(0x1fff1ff
int i; u64 th, tl; \
rh = rl = 0;\
for (i = 0; i < nw; i += 2) { \
- MUL64(th, tl, le64_to_cpup((mp)+i)+(kp)[i], \
- le64_to_cpup((mp)+i+1)+(kp)[i+1]); \
+ MUL64(th, tl, pe64_to_cpup((mp)+i)+(kp)[i], \
+ pe64_to_cpup((mp)+i+1)+(kp)[i+1]); \
ADD128(rh, rl, th, tl);
Re: [PATCH] to fix vmac test fails on s390
* Wang, Shane | 2010-02-21 13:32:49 [+0800]:
>--- a/crypto/vmac.cThu Feb 11 00:45:57 2010 -0800
>+++ b/crypto/vmac.cSun Feb 21 02:23:01 2010 -0800
>@@ -42,6 +42,8 @@ const u64 m63 = UINT64_C(0x7ff
> const u64 m63 = UINT64_C(0x7fff); /* 63-bit mask */
> const u64 m64 = UINT64_C(0x); /* 64-bit mask */
> const u64 mpoly = UINT64_C(0x1fff1fff); /* Poly key mask */
>+
>+#define pe64_to_cpup le64_to_cpup /* Prefer little endian */
Does it mean that I can switch it to be64_to_cpup ?
>@@ -575,6 +572,10 @@ static int vmac_final(struct shash_desc
> u8 nonce[16] = {};
>
> mac = vmac(NULL, 0, nonce, NULL, ctx);
>+
>+ /* set output invariant considering endianness */
>+ mac = le64_to_cpup(&mac);
So this is the fix. It would look better if you would include this
swap into vmac() itself. I'm not sure but this is probably causing a
dereference which could be avoided.
sparse should catch conversion bugs like this one if you were using
types likes __be64.
Sebastian
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
RE: [PATCH] to fix vmac test fails on s390
This patch is to fix the vmac algorithm, add more test cases for vmac, and fix
the test failure on some big endian system like s390.
Signed-off-by: Shane Wang
crypto/testmgr.h | 64 +++--
crypto/vmac.c| 77 ++---
2 files changed, 99 insertions(+), 42 deletions(-)
diff -r 91636f5ce7a2 crypto/testmgr.h
--- a/crypto/testmgr.h Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/testmgr.h Sun Feb 21 02:23:01 2010 -0800
@@ -1669,17 +1669,73 @@ static struct hash_testvec aes_xcbc128_t
}
};
-#define VMAC_AES_TEST_VECTORS 1
-static char vmac_string[128] = {'\x01', '\x01', '\x01', '\x01',
+#define VMAC_AES_TEST_VECTORS 8
+static char vmac_string1[128] = {'\x01', '\x01', '\x01', '\x01',
'\x02', '\x03', '\x02', '\x02',
'\x02', '\x04', '\x01', '\x07',
'\x04', '\x01', '\x04', '\x03',};
+static char vmac_string2[128] = {'a', 'b', 'c',};
+static char vmac_string3[128] = {'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ };
+
static struct hash_testvec aes_vmac128_tv_template[] = {
{
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = NULL,
+ .digest = "\x07\x58\x80\x35\x77\xa4\x7b\x54",
+ .psize = 0,
+ .ksize = 16,
+ }, {
.key= "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .plaintext = vmac_string,
- .digest = "\xcb\xd7\x8a\xfd\xb7\x33\x79\xe7",
+ .plaintext = vmac_string1,
+ .digest = "\xce\xf5\x3c\xd3\xae\x68\x8c\xa1",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string2,
+ .digest = "\xc9\x27\xb0\x73\x81\xbd\x14\x2d",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string3,
+ .digest = "\x8d\x1a\x95\x8c\x98\x47\x0b\x19",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = NULL,
+ .digest = "\x3b\x89\xa1\x26\x9e\x55\x8f\x84",
+ .psize = 0,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string1,
+ .digest = "\xab\x5e\xab\xb0\xf6\x8d\x74\xc2",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string2,
+ .digest = "\x11\x15\x68\x42\x3d\x7b\x09\xdf",
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string3,
+ .digest = "\x8b\x32\x8f\xe1\xed\x8f\xfa\xd4",
.psize = 128,
.ksize = 16,
},
diff -r 91636f5ce7a2 crypto/vmac.c
--- a/crypto/vmac.c Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/vmac.c Sun Feb 21 02:23:01 2010 -0800
@@ -42,6 +42,8 @@ const u64 m63 = UINT64_C(0x7ff
const u64 m63 = UINT64_C(0x7fff); /* 63-bit mask */
const u64 m64 = UINT64_C(0x); /* 64-bit mask */
const u64 mpoly = UINT64_C(0x1fff1fff); /* Poly key mask */
+
+#define pe64_to_cpup le64_to_cpup /* Prefer little endian */
#ifdef __LITTLE_ENDIAN
#define INDEX_HIGH 1
@@ -110,8 +112,8 @@ const u64 mpoly = UINT64_C(0x1fff1ff
int i; u64 th, tl; \
rh = rl = 0;\
for (i = 0; i < nw; i += 2) { \
- MUL64(th, tl, le64_to_cpup((mp)+i)+(kp)[i], \
- le64_to_cpup((mp)+i+1)+(kp)[i+1]); \
+ MUL64(th, tl, pe64_to_cpup((mp)+i)+(kp)[i], \
+ pe64_to_cpup((mp)+i+1)+(kp)[i+1]); \
ADD128(rh, rl, th, tl);
RE: [PATCH] to fix vmac test fails on s390
Herbert Xu wrote: > Sorry but you can't fix it like this. Your hash output must be > invariant with respect to endianness. > > That means, whether I run it on a big-endian machine or a little- > endian one it should produce the same output. > > Otherwise this hash will be totally useless as soon as you get > onto the network. > > Cheers, OK, I understand. The problem is the VMAC result is an integer instead of a string. I also tested the original VMAC algorithm (w/ Jan), since I ported from it. It proved the above. In this case, should I change the original algorithm to produce an invariant string output? Thanks. Shane -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: [PATCH] to fix vmac test fails on s390
On Thu, Feb 11, 2010 at 11:18:08AM +0800, Wang, Shane wrote:
>
> static struct hash_testvec aes_vmac128_tv_template[] = {
> {
> + .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
> + "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
> + .plaintext = NULL,
> +#ifdef __LITTLE_ENDIAN
> + .digest = "\x07\x58\x80\x35\x77\xa4\x7b\x54",
> +#else
> + .digest = "\x54\x7b\xa4\x77\x35\x80\x58\x07",
> +#endif
> + .psize = 0,
> + .ksize = 16,
> + }, {
Sorry but you can't fix it like this. Your hash output must be
invariant with respect to endianness.
That means, whether I run it on a big-endian machine or a little-
endian one it should produce the same output.
Otherwise this hash will be totally useless as soon as you get
onto the network.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~}
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
[PATCH] to fix vmac test fails on s390
Herbert,
Here is the patch to fix it. I missed an important fact that the digest of vmac
is not a string or a char array, but an 64bit integer.
This patch is to fix the vmac algorithm, add more test cases for vmac, and fix
the test failure on some big endian system like s390.
(the attachment is for applying the patch)
Signed-off-by: Shane Wang
crypto/testmgr.h | 96 +++--
crypto/vmac.c| 74 --
2 files changed, 128 insertions(+), 42 deletions(-)
diff -r 91636f5ce7a2 crypto/testmgr.h
--- a/crypto/testmgr.h Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/testmgr.h Thu Feb 11 01:20:22 2010 -0800
@@ -1669,17 +1669,105 @@ static struct hash_testvec aes_xcbc128_t
}
};
-#define VMAC_AES_TEST_VECTORS 1
-static char vmac_string[128] = {'\x01', '\x01', '\x01', '\x01',
+#define VMAC_AES_TEST_VECTORS 8
+static char vmac_string1[128] = {'\x01', '\x01', '\x01', '\x01',
'\x02', '\x03', '\x02', '\x02',
'\x02', '\x04', '\x01', '\x07',
'\x04', '\x01', '\x04', '\x03',};
+static char vmac_string2[128] = {'a', 'b', 'c',};
+static char vmac_string3[128] = {'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ 'a', 'b', 'c', 'a', 'b', 'c',
+ };
+
static struct hash_testvec aes_vmac128_tv_template[] = {
{
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = NULL,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\x07\x58\x80\x35\x77\xa4\x7b\x54",
+#else
+ .digest = "\x54\x7b\xa4\x77\x35\x80\x58\x07",
+#endif
+ .psize = 0,
+ .ksize = 16,
+ }, {
.key= "\x00\x01\x02\x03\x04\x05\x06\x07"
"\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
- .plaintext = vmac_string,
- .digest = "\xcb\xd7\x8a\xfd\xb7\x33\x79\xe7",
+ .plaintext = vmac_string1,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\xce\xf5\x3c\xd3\xae\x68\x8c\xa1",
+#else
+ .digest = "\xa1\x8c\x68\xae\xd3\x3c\xf5\xce",
+#endif
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string2,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\xc9\x27\xb0\x73\x81\xbd\x14\x2d",
+#else
+ .digest = "\x2d\x14\xbd\x81\x73\xb0\x27\xc9",
+#endif
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .plaintext = vmac_string3,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\x8d\x1a\x95\x8c\x98\x47\x0b\x19",
+#else
+ .digest = "\x19\x0b\x47\x98\x8c\x95\x1a\x8d",
+#endif
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = NULL,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\x3b\x89\xa1\x26\x9e\x55\x8f\x84",
+#else
+ .digest = "\x84\x8f\x55\x9e\x26\xa1\x89\x3b",
+#endif
+ .psize = 0,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string1,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\xab\x5e\xab\xb0\xf6\x8d\x74\xc2",
+#else
+ .digest = "\xc2\x74\x8d\xf6\xb0\xab\x5e\xab",
+#endif
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string2,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\x11\x15\x68\x42\x3d\x7b\x09\xdf",
+#else
+ .digest = "\xdf\x09\x7b\x3d\x42\x68\x15\x11",
+#endif
+ .psize = 128,
+ .ksize = 16,
+ }, {
+ .key= "abcdefghijklmnop",
+ .plaintext = vmac_string3,
+#ifdef __LITTLE_ENDIAN
+ .digest = "\x8b\x32\x8f\xe1\xed\x8f\xfa\xd4",
+#else
+ .digest = "\xd4\xfa\x8f\xed\xe1\x8f\x32\x8b",
+#endif
.psize = 128,
.ksize = 16,
},
diff -r 91636f5ce7a2 crypto/vmac.c
--- a/crypto/vmac.c Thu Feb 11 00:45:57 2010 -0800
+++ b/crypto/vmac.c Thu Feb 11 01:20:22 2010 -0800
@@ -42,6 +42,8 @@ const u64 m63 = UINT64_
