Hi, > I've started playing with the ChaCha20 assembly that was recently checked > in and found a few problems. Most of these do not affect OpenSSL as you > only ever call ChaCha20_ctr32 on a whole number of blocks. But this isn't > documented as a constraint in internal/chacha.h and the assembly has code > for partial blocks, so it seems it was supposed to work. (If not, I'd > recommend removing the codepaths and documenting the constraint.)
Idea behind implementing partial blocks and not using them is to reserve for code reuse in contexts other than OpenSSL. > 1. In chacha-x86_64.pl, .Ltail: > > 2. In chacha-x86_64.pl, .Loop_tail_ssse3: > > 3. In chacha-x86.pl, loop: Fix is upcoming. Thanks! > 4. The assembly versions crash if you pass in an empty input/output. The > generic C code handles this fine. (I'll defer to you whether this is a bug > or a caller obligation to be documented.) This will be addressed separately by fixing all modules. I mean not all modules have this problem, but all modules will be double-checked and fixed as required. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4305 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
