-
Notifications
You must be signed in to change notification settings - Fork 88
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Trouble with CFB and OFB with the C implementation #65
Comments
Can you provide the test output when test_aes.py fails? Without this it is impossible to tell what is going wrong. |
This is the failure message for The C implementation runs into the same failure (with the same Skipping this particular test (
|
Thank you for the further information. I do not see anything obvious that you are doing wrong. At the same time this code is now very stable and I have not had any other reports of failures for over the last five years so it seems likely that the issue is specific to the code in combination with the specific compiler you are using. Since both the C and assembler versions fail but the AES_NI version does not, it seems likely that the error occurs in the C code that is common to the C and assembler builds but not shared with the AES_NI build. This leads me to suspect that the AES key generation code is being mis-compiled. A first step would be to turn off all compiler optimisation and see if the error persists. If it doesn't you could then turn on optimisation in a subset of the C files (e.g. aeskey.c) to find which if any are being mis-compiled. Sadly, I cannot help directly with this myself as I do not use the build environment that you are using. I am happy to offer further advice if you need it. |
I tried the following, but I still get the same failure:
I understand that you don't have the environment I'm using. I've tidied up the Dockerfile below in case anyone else wants to investigate: this demonstrates (in my environment) that the regular one-block AES works ( As you said, this code is very stable by now, so this behavior may be peculiar to my environment and so you may want to investigate further only if other people run into the same issue. Fortunately for me I can live without the OFB/CFB/CTR modes, so please feel free to close the issue (though I'll be happy to run commands in my environment to help debug this if you want). FROM gcc:13.2
RUN apt-get --allow-unauthenticated update && apt-get --allow-unauthenticated install -y git yasm
RUN git clone https://github.com/BrianGladman/aes
WORKDIR /aes/test
RUN git checkout 646c5d4
#-------- AES_NI implementation --------
RUN gcc -O0 -Wall -march=skylake \
../aes_modes.c ../aeskey.c ../aestab.c ../aescrypt.c ../aes_ni.c \
../aestst.c
RUN ./a.out # works
RUN gcc -O0 -Wall -march=skylake \
../aes_modes.c ../aeskey.c ../aestab.c ../aescrypt.c ../aes_ni.c \
../aes_avs.c ../aesaux.c
RUN ! ./a.out | grep Error # works
#-------- AES_NI implementation --------
#-------- C implementation --------
RUN gcc -O0 -Wall -march=skylake \
-U__AES__ ../aes_modes.c ../aeskey.c ../aestab.c ../aescrypt.c \
../aestst.c
RUN ./a.out # works
RUN gcc -O0 -Wall -march=skylake \
-U__AES__ ../aes_modes.c ../aeskey.c ../aestab.c ../aescrypt.c \
../aes_avs.c ../aesaux.c
RUN ! ./a.out | grep Error # fails
#-------- C implementation --------
#-------- asm implementation --------
RUN yasm -f elf64 -a x86 -D__GNUC__ ../aes_amd64.asm -o asm.o
RUN gcc -O0 -Wall -march=skylake \
-U__AES__ -DASM_AMD64_C ../aes_modes.c ../aeskey.c ../aestab.c ./asm.o \
../aestst.c
RUN ./a.out # works
RUN gcc -O0 -Wall -march=skylake \
-U__AES__ -DASM_AMD64_C ../aes_modes.c ../aeskey.c ../aestab.c ./asm.o \
../aes_avs.c ../aesaux.c
RUN ! ./a.out | grep Error # fails
#-------- asm implementation -------- |
Thanks for the further work on this. It definitely needs resolving so I will leave it open and see if I can find a colleague who is willing to investigate it. |
I have tracked down the cause of the difference to aeskey.c where these lines occur in each of the key setting subroutines:
where cx and inf are defined as: typedef struct ALIGNED_(16) typedef union byte b[2] in the cx_>inf is used by the CFB and OFB routines to hold the position within blocks as the process proceeds and must be set to zero before the encryption/decryption starts. All the bytes are set to zero in the key setting routines by setting 'l' in the union to zero but this doesn't appear to happen since bytes in 'b' are not set to zero when I use an AES DLL that I was able to build with GCC and run with MSVC. I will see if I can find out why this is happening if I can get an assembly code listing of aeskey.obj |
This was a bug in the OFB/CFB code that was using a part of the context used by the main code. It should all work now. Thank you for discovering this bug. I guess it shows that OFB/CFB is pretty rarely used. |
Good to know! Would you have the changes uploaded somewhere that I can test in my environment? It doesn’t seem to have been pushed to this repository. |
I forget to push it, done now. |
I can confirm that the tests pass in my environment now. Thank you for your help! |
Hello, I can get the python CFB and OFB tests working with the aes_ni implementation, but somehow it fails with the C and amd64.asm implementation.
I have a Dockerfile reproducing this (my CPU is 12th Gen Intel(R) Core(TM) i9-12900H, but I've reproduced this on a few other machines, and with gcc 9.3)
Am I doing something wrongly?
The text was updated successfully, but these errors were encountered: