eSTREAM in Linux: Salsa20 (i586)

While testing against a large test vector, I discovered that my previous patch have a serious bug: I’ve switched the source and destination buffers around when calling salsa20_encrypt_bytes()! It doesn’t show up against small test vectors because in those cases, blkcipher_walk-ing typically uses the same buffer as source and destination. It is usually when we are near a page boundary that source and destination points to different buffers and then the bug becomes apparent. A patch has been submitted.

Sebastian Siewior also commented that I left too many comments in the assembly code. I explained that I wanted to make it easy for others to verify that I did not tamper with Bernstein’s code using “diff -b“. But alas, diff was confused by my removal of some of the global labels and so “diff -b” did not work for this purpose. That being the case, I decided that “diff -b” was not a good idea and rewrote my script to remove the extraneous comments and functions. If you are interested to verify that I did not tamper with the code, you should study the script instead.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: