search

intel / isa-l_crypto

Other
275 stars 80 forks source link

Failure on XTS 128 rand test, for ARM arch #130

Closed pablodelara closed 8 months ago

pablodelara commented 8 months ago

Compiling the library with the extra tests (make test), results in a failure, on ARM architecture, on AES-XTS-128

./aes/xts_128_rand aes_xts_128 enc/dec rand test, 10 sets of 1048576 max: ...........fail rand 0, size 308598

Can anyone check?

chenxuqiang commented 8 months ago

Can you tell me what hardware and compiler you are using?

chenxuqiang commented 8 months ago

I have tested on both kunpeng and Yitian and have not found this issue.

chenxuqiang commented 8 months ago

I tested with the latest code and found that there is indeed a problem. I will locate it further.

chenxuqiang commented 8 months ago

I think I may have found the problem. Here's the code from aes/aarch64/xts_aes_common.S: 

.copytail:
        subs    tailcnt,tailcnt,#1
        ldrb tmpw,[lastblk,tailcnt]
        strb tmpw,[outp,tailcnt]     
        ldrb    tmpw,[inp,tailcnt]
        strb    tmpw,[tmpbuf,tailcnt]
        b.gt    .copytail
        and     tailcnt,bytes,#0x0F
.steal:

In inplace mode, when the ciphertext/plaintext's tailcnt != 0, first, the tailcnt of lastblk is loaded to tmpw, and then the address of outp is written. Note that in the inplace mode, inp and outp have the same memory address. Therefore, the modification also changes the internal value of inp. As a result, the value of inp loaded below is changed. As a result, the last tailcntalso has an error. We can use the final result by comparing dt, and we can see that the mismatch is exactly in the tailcnt section:

XTS_AES_128_enc(key2, key1, tinit, n, dt, dt);
XTS_AES_128_dec(key2, key1, tinit, n, dt, dt);
for (int i = 0; i < n; i++) {
      if (pt[i] != dt[i]) {
            printf("i = %d\n", i);
      }
}

So how do we fix it? We should avoid the content pointed by inp being modified. We find that inp is mainly used for load, while outp is used for store. So we just need to switch the order of the two instructions, because they do not have data dependency, as follows:

.copytail:
        subs    tailcnt,tailcnt,#1
-       ldrb tmpw,[lastblk,tailcnt]
-       strb tmpw,[outp,tailcnt]
        ldrb    tmpw,[inp,tailcnt]
        strb    tmpw,[tmpbuf,tailcnt]
+     ldrb tmpw, [lastblk, tailcnt]
+     strb tmpw, [outp, tailcnt]
        b.gt    .copytail
        and     tailcnt,bytes,#0x0F

After the modification, the test can be passed.

#./aes/xts_128_rand
aes_xts_128 enc/dec rand test, 10 sets of 1048576 max: .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Pass

#./aes/xts_256_rand
aes_xts_256 enc/dec rand test, 10 sets of 1048576 max: .......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Pass

#./aes/xts_128_rand_ossl_test
SEED: 4660
aes_xts_128_rand_ossl test, 2048 sets of various length: ...............Pass
aes_xts_128_rand_ossl test, 128 sets of length 1048576: ................Pass
aes_xts_128_rand_ossl test, 128 sets of random lengths: ................Pass
aes_xts_128_rand_ossl: All tests passed

#./aes/xts_256_rand_ossl_test
SEED: 4660
aes_xts_256_rand_ossl test, 2048 sets of various length: ...............Pass
aes_xts_256_rand_ossl test, 128 sets of length 1048576: ................Pass
aes_xts_256_rand_ossl test, 128 sets of random lengths: ................Pass
aes_xts_256_rand_ossl: All tests passed

#./aes/xts_128_test
............................Pass
#./aes/xts_256_test
..........Pass
#./aes/xts_128_expanded_key_test
............................Pass
#./aes/xts_256_expanded_key_test
..........Pass
pablodelara commented 8 months ago

Great! Could you send a PR with this fix? Thanks!

chenxuqiang commented 8 months ago

Great! Could you send a PR with this fix? Thanks!

OK

chenxuqiang commented 8 months ago

Great! Could you send a PR with this fix? Thanks!

I submitted a PR, but it was detected that I didn't sign-off, but I did, and the commit ID printed by CI's check_format.sh is different from the commit ID of my commit.

pablodelara commented 8 months ago

Great! Could you send a PR with this fix? Thanks!

I submitted a PR, but it was detected that I didn't sign-off, but I did, and the commit ID printed by CI's check_format.sh is different from the commit ID of my commit.

Thanks @chenxuqiang. I fixed the workflow already.

chenxuqiang commented 8 months ago

Great! Could you send a PR with this fix? Thanks!

I submitted a PR, but it was detected that I didn't sign-off, but I did, and the commit ID printed by CI's check_format.sh is different from the commit ID of my commit.

Thanks @chenxuqiang. I fixed the workflow already.

I re-triggered the workflow, and now it's passable. thanks @pablodelara

pablodelara commented 8 months ago

This is now fixed thanks!