Hi Andy, The partial-block tail code in chacha-armv4.pl also seems to have problems. My colleague Steven and I made an attempt to debug it, but we're not familiar enough with ARM to fix it.
>From playing with it in a debugger, it doesn't look like @t[3] contains the length. We suspect something is going wrong with the condition flags on loading or updating length. https://git.openssl.org/gitweb/?p=openssl.git;a=blob;f=crypto/chacha/asm/chacha-armv4.pl;h=55ebc9e586475a35e313b74483eb4b8d5b6f2b03;hb=HEAD#l585 It may be worth going back and testing these cases on all of the implementations as well. David -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4323 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
