engine: test_grasshopper OMAC fails on openssl/master
Not sure if it’s similar to #151. MacOS Mojave 10.14.6, Xcode-10.3, current OpenSSL master, current GOST engine master.
I’m not getting any error messages besides this:
$ build/bin/test_grasshopper
. . . . .
# Tests for omac
OMAC test from GOST R 34.13-2015
Resize result size from 16 to 8
MAC[16] = 336f4d296059fbe34ddeb35b37749c67
Test FAILED
. . . . .
All the other tests pass.
Update
Somehow, the mac does not get resized, as you can see if you add debugging output to test_mac()
around lines 357 etc.:
EVP_MD_CTX_free(ctx);
printf(" MAC[%2u] = ", md_len);
hexdump(md_value, md_len);
printf(" exp[%2lu] = ", mac_size);
hexdump(mac, mac_size);
and then observe
$ bin/test_grasshopper
. . . . .
# Tests for omac
OMAC test from GOST R 34.13-2015
Resize result size from 16 to 8
MAC[16] = 336f4d296059fbe34ddeb35b37749c67
exp[ 8] = 336f4d296059fbe3
Test FAILED
. . . . .
With OpenSSL-1.1.1c everything works fine.
About this issue
- Original URL
- State: closed
- Created 5 years ago
- Comments: 80 (80 by maintainers)
This has me wonder what the hell the engine is doing. I’m not in a position to check that out today, though… or maybe tonight
@levitte Big thanks for your help!
😃 Understood. It works now, which is what matters.
@beldmit let’s merge #169 before the code gets stale! 😉
#169 adds XOF support to the Grasshopper MDs, and cleans up
test_grasshopper.c
. Perhaps @mouse07410 will have fewer problems then?Oh boy… what a pile of confusion.
EVP_MD_meth_
,EVP_CIPHER_meth_
or any other_meth_
function unless you’re constructing a new method structure (basically, if you do, you’re screwing up things, quite badly… think threaded applications)EVP_MD_size()
, which always only returns the preset constant size from the method. This value is (at least in theory) not possible to modify by anyone but the method creator.EVP_MD_CTX_size()
, which I now discover just doesEVP_MD_size(EVP_MD_CTX_md(ctx))
even in OpenSSL 3.0, which was perfectly OK as long as we only dealt with constant size MDs.EVP_DigestFinalXOF()
, which is currently the only supported way to get a digest result other than what is given by the size stored in theEVP_MD
structure (it uses internal ctrl() / set_ctx_params() functionality to set the size for that specific context).