livebe01
commented
1 year ago Thanks @abkarcher, we'll take a look.
Open abkarcher opened 2 years ago
livebe01
commented
1 year ago Thanks @abkarcher, we'll take a look.
livebe01
commented
1 year ago Hi @abkarcher, Chris and I spoke yesterday and the prompt sizes you're seeing is what we would expect given the number of HMACs you're testing. If you're testing key sizes as large as 65KB, the test files are going to be large because of that large key size. You may be right; perhaps the test groups do not need to have 75 test cases a piece.
Can you give us an idea of how much additional difficulty this is causing you in testing? What are the size constraints that you're working with? If the HMAC vectors went from 339MB to 170MB and the prompt file from 467MB to 298MB, how much difference is that going to make? For example, If you're already having to split the file up to move it, there's probably not that much additional effort involved in splitting it into 3 parts vs 2.
Thanks,
Ben
livebe01
commented
1 year ago @abkarcher yes, we can make these smaller (feel free to answer my questions above though... just interesting to hear).
abkarcher
commented
1 year ago Hi @livebe01,
Apologies for the delay getting back here.
Generally, it doesn't make testing extraordinarily difficult, it just creates more fixed overhead in some cases with limited hardware. In the case of having to split up files, its done manually right now and is pretty tedious.
We hope to get functionality to split requested vector sets into their own files automatically in libacvp in the future since it is becoming more and more a need with the quantity of ciphers in action these days.
It would definitely be appreciated to make these large key sizes have smaller groups, but it isn't vital. It just currently adds more manual steps to a process we try to keep as automated as possible.
Feel free to close this if no further action is needed, but I will leave it open in case you still want to track.
Thanks, Andrew
livebe01
commented
1 year ago Thanks for the follow up @abkarcher! I can appreciate what you're saying about manually splitting things up being tedious. It's also helpful to hear about how things shake out on your end so that we can make meaningful improvements on our side. After looking at the generation code, we agree and think it makes sense to optimize the HMAC tests/prompts.
environment Demo
testSessionId 296052
Hello!
I have a question as to the size of HMAC vector sets. Using a registration that is similar to OpenSSL 3.X's alg cert (not quite identical yet), HMAC vector sets consist of about 73% of the total combined file size, a whopping 339MB out of 467MB. This is from using key lengths of 8-524288, increment 8. Each vector set ranges from ~22 to ~40MB.
(I can provide a more detailed breakdown if requested, but I figure you mostly have access to that info).
Can anything be done to decrease the size of these? It could become a bit cumbersome to move these around (and perhaps split up on hardware limited platforms), and it also builds up the log record sizes quite quickly for labs. It looks like test groups are 75 vectors long; maybe this could be reduced in cases where large amounts of key lengths, or groups where very large key lengths, are being tested?
Thanks, Andrew