Thanks for sending me your test code. It turns out that there is a bug in the portable implementation of VMAC, not the asm code. The bug only affects input lengths that are >64 mod 128. TestVectors/vmac.txt contains a number of different input lengths, up to 3000000 (the r1000000 in vmac.txt means repeat 1000000 times), but none of them are >64 mod 128 which is how this bug escaped detection until now.
You can download the fix at http://cryptopp.svn.sourceforge.net/viewvc/cryptopp/trunk/c5/vmac.cpp?revision=431. I also updated TestVectors/vmac.txt to include some additional message lengths. Please let me know if the fix works for you. -------------------------------------------------- From: "Denis Podluzhny" <[email protected]> Sent: Tuesday, January 20, 2009 3:12 AM To: "Crypto++ Users" <[email protected]> Subject: Re: Problem (bug?) with VMAC asm code > >> Can you please send me the test code you're using? > > void IVMac::TestVMac( int _num, vector<uint64> *_res ) > { > const char key[16] = "somedummykey345"; > const byte pattern[100] = { > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, > 0, 1, 2, 3, 4, 5, 6, 7, 8, 9 }; > if ( sizeof(pattern) < _num ) > _num = sizeof(pattern); > > const uint64 nonce[2] = { 0x10, 0x0 }; > > CryptoPP::VMAC<CryptoPP::AES, 64> hasher; > hasher.SetKey( (byte*)key, 16, CryptoPP::MakeParameters > ( CryptoPP::Name::IV(), (const byte*)&nonce, false ) > ( CryptoPP::Name::KeySize(), 128 ) ); > > _res->clear(); > for ( size_t i = 1, e = _num; i != e; ++ i ) > { > uint64 cv; > hasher.Resynchronize( (const byte*)nonce ); > hasher.CalculateDigest( (byte*)&cv, pattern, i ); > _res->push_back( cv ); > } > } > > Part of output for win32-asm version (same for solaris-x32-asm build) > > 001: 1a389ca500d4eaf0 > 002: e149caa17fe0b40a > ... > 060: 1dfc4e591d2eedfe > 061: 1ba45cc0c3ed0829 > 062: c996642079603e2b > 063: 9d44fabe3aee558f > 064: 46e4869622115be9 > 065: 7517e94a7ae02859 > 066: ce5f7ae6bdbbe8b9 > 067: c78eafeb12f60ac6 > 068: 29bb6477ff69dd56 > 069: 45b48cffc229c764 > ... > 098: 700d75c652ef4712 > 099: 51e6c6f7a2e117ce > > Same part for win32-noasm version (same for solaris-x64-asm and > solaris-x32-noasm) > > 001: 1a389ca500d4eaf0 > 002: e149caa17fe0b40a > ... > 060: 1dfc4e591d2eedfe > 061: 1ba45cc0c3ed0829 > 062: c996642079603e2b > 063: 9d44fabe3aee558f > 064: 46e4869622115be9 > 065: 27e30b88034cbfa > 066: 897f00d2d199c0ac > 067: 5bf580ff41fca8d4 > 068: c94d16b7f98ae18c > 069: ff397910e46c009f > ... > 098: acaf5798f9c12eeb > 099: c55dec74a12110ae > > btw, I were wrong, problem starts from 65 bytes msg length. > >> BTW, if you run "cryptest.exe v" it will test VMAC with messages of up to >> 512 bytes. Does that pass for you? > As I see in "TestVectors/vmac.txt" only short (less then 10 bytes > length) messages used. And yes - cryptest v passed. > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com. -~----------~----~----~----~------~----~------~--~---
