diff options
author | Andy Polyakov <appro@openssl.org> | 2016-04-15 16:30:29 +0200 |
---|---|---|
committer | Andy Polyakov <appro@openssl.org> | 2016-04-25 22:56:09 +0200 |
commit | dc3c5067cd90f3f2159e5d53c57b92730c687d7e (patch) | |
tree | cddd32278a6b1674e8df98f3a26159343e11cf0b /crypto/poly1305/poly1305.c | |
parent | 5a6694e30340d36fcf0b1dd349a7373010fb2524 (diff) |
crypto/poly1305/asm: chase overflow bit on x86 and ARM platforms.
Even though no test could be found to trigger this, paper-n-pencil
estimate suggests that x86 and ARM inner loop lazy reductions can
loose a bit in H4>>*5+H0 step.
Reviewed-by: Emilia Käsper <emilia@openssl.org>
Diffstat (limited to 'crypto/poly1305/poly1305.c')
-rw-r--r-- | crypto/poly1305/poly1305.c | 18 |
1 files changed, 17 insertions, 1 deletions
diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c index 6bec8b30f8..2a766b3295 100644 --- a/crypto/poly1305/poly1305.c +++ b/crypto/poly1305/poly1305.c @@ -590,7 +590,8 @@ static const struct poly1305_test poly1305_tests[] = { "5154ad0d2cb26e01274fc51148491f1b" }, /* - * self-generated + * self-generated vectors exercise "significant" lengths, such that + * are handled by different code paths */ { "ab0812724a7f1e342742cbed374d94d136c6b8795d45b3819830f2c04491faf0" @@ -672,6 +673,21 @@ static const struct poly1305_test poly1305_tests[] = { "12976a08c4426d0ce8a82407c4f48207""80f8c20aa71202d1e29179cbcb555a57", "b846d44e9bbd53cedffbfbb6b7fa4933" }, + /* + * 4th power of the key spills to 131th bit in SIMD key setup + */ + { + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", + "ad628107e8351d0f2c231a05dc4a4106""00000000000000000000000000000000", + "07145a4c02fe5fa32036de68fabe9066" + }, { /* * poly1305_ieee754.c failed this in final stage |