Closed noloader closed 9 months ago
This was cleared in two steps. The 2nd step, which fixed the issue, is Commit dde8e9fa23bc. The dde8e9fa23bc commit removed this block, and folded the XOR into building outBlock
.
- if (xorBlock != NULLPTR)
- for (unsigned int n=0; n<ARIA::BLOCKSIZE; ++n)
- outBlock[n] ^= xorBlock[n];
The 1st commit, Commit 5250ab2bf2b0, removed the SIMD code since it was no longer needed due to the second commit.
I do not know why this fixed ARIA. The two codes should have been equivalent.
I do not know why this fixed ARIA. The two codes should have been equivalent.
ARIA had undefined behavior. Ugh!
The working area - m_w
- was too small. It should have been a SecWordBlock
with room for 28 word-sized elements. Instead it only had room for 17 elements. Arg!!!
Even more baffling, Valgrind never alerted to the problem.
Also see Commit d3d23002f607.
Rabbit, RabbitWithIV, HC128 and HC256 were producing incorrect results when
inString == outString
as reported in GH #1231. We added self tests to detect the failures, and cleared the failures.The new tests also revealed ARIA/CTR mode also has problems. The failure can be duplicated with
./cryptest.exe tv aria
.This bug will track ARIA/CTR.