summaryrefslogtreecommitdiffhomepage
path: root/src/crypto/zinc/selftest
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2018-09-19 04:42:56 +0200
committerJason A. Donenfeld <Jason@zx2c4.com>2018-09-20 19:41:22 +0200
commitdf49ba633d2996d5833b69f454a5bd3b5ccc0331 (patch)
tree7410da74b769acef2bc866a904e9191ee7510e3a /src/crypto/zinc/selftest
parentd84f598f5c080c730b3b5f4bbd284acf06b23002 (diff)
poly1305: account for simd being toggled off midway
This is a very rare occurance, but we should account for it, so that the calculations aren't wrong. Here we convert from base 2^26 back to base 2^64. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Diffstat (limited to 'src/crypto/zinc/selftest')
-rw-r--r--src/crypto/zinc/selftest/poly1305.h17
1 files changed, 17 insertions, 0 deletions
diff --git a/src/crypto/zinc/selftest/poly1305.h b/src/crypto/zinc/selftest/poly1305.h
index 1439c98..71bee1b 100644
--- a/src/crypto/zinc/selftest/poly1305.h
+++ b/src/crypto/zinc/selftest/poly1305.h
@@ -862,6 +862,23 @@ static bool __init poly1305_selftest(void)
i + 1, j);
success = false;
}
+
+ memset(out, 0, sizeof(out));
+ memset(&poly1305, 0, sizeof(poly1305));
+ poly1305_init(&poly1305, poly1305_testvecs[i].key);
+ poly1305_update(&poly1305, poly1305_testvecs[i].input,
+ j, &simd_context);
+ poly1305_update(&poly1305,
+ poly1305_testvecs[i].input + j,
+ poly1305_testvecs[i].ilen - j,
+ (simd_context_t []){ HAVE_NO_SIMD });
+ poly1305_final(&poly1305, out, &simd_context);
+ if (memcmp(out, poly1305_testvecs[i].output,
+ POLY1305_MAC_SIZE)) {
+ pr_info("poly1305 self-test %zu (split %zu, mixed simd): FAIL\n",
+ i + 1, j);
+ success = false;
+ }
simd_relax(&simd_context);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-12 13:59:28 +0000