Skip to content

Comments

apps/speed: fix weird EC arrays usage#6133

Closed
FdaSilvaYY wants to merge 2 commits intoopenssl:masterfrom
FdaSilvaYY:app/speed/fix-ec-num-issue
Closed

apps/speed: fix weird EC arrays usage#6133
FdaSilvaYY wants to merge 2 commits intoopenssl:masterfrom
FdaSilvaYY:app/speed/fix-ec-num-issue

Conversation

@FdaSilvaYY
Copy link
Contributor

@FdaSilvaYY FdaSilvaYY commented Apr 29, 2018

because there is actually 18 curves defined, but only 16 are plugged for ecdsa test
Deduce directly array size using OSSL_NELEM and so remove various magic numbers.
Require some declarations moving.
Implement OPT_PAIR list search without a null-ending element.

IMHO, this PR deserves a backport to 1.1.0

Checklist
  • documentation is added or updated
  • tests are added or updated

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from 6fe79d9 to 9983953 Compare April 29, 2018 23:20
@FdaSilvaYY FdaSilvaYY changed the title app/speed: fix OOB access in some EC arrays app/speed: fix weird EC arrays uses Apr 29, 2018
apps/speed.c Outdated
Copy link
Contributor Author

@FdaSilvaYY FdaSilvaYY Apr 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Useless indirection through retval

apps/speed.c Outdated
Copy link
Contributor Author

@FdaSilvaYY FdaSilvaYY Apr 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

was an useless indirection through retval

apps/speed.c Outdated
Copy link
Contributor Author

@FdaSilvaYY FdaSilvaYY Apr 29, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hopefully, there is no OOB because of the values that are used

apps/speed.c Outdated
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

two last elements were not initialized and used

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from 9983953 to 2d7e6a5 Compare April 29, 2018 23:38
@FdaSilvaYY FdaSilvaYY changed the title app/speed: fix weird EC arrays uses apps/speed: fix weird EC arrays uses Apr 29, 2018
@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch 6 times, most recently from 249481a to 3e149f7 Compare April 30, 2018 00:37
@FdaSilvaYY FdaSilvaYY changed the title apps/speed: fix weird EC arrays uses WIP: apps/speed: fix weird EC arrays uses Apr 30, 2018
@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch 3 times, most recently from 680340e to f2c2343 Compare April 30, 2018 10:00
apps/speed.c Outdated
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any reason you rename i to ix?

Copy link
Contributor Author

@FdaSilvaYY FdaSilvaYY Apr 30, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed, I just change the signature of found() method, and it is less intrusive.

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from f2c2343 to b67296a Compare April 30, 2018 10:09
@FdaSilvaYY
Copy link
Contributor Author

FdaSilvaYY commented Apr 30, 2018 via email

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch 3 times, most recently from a171db0 to 63f0afe Compare April 30, 2018 14:15
@FdaSilvaYY FdaSilvaYY changed the title WIP: apps/speed: fix weird EC arrays uses apps/speed: fix weird EC arrays uses Apr 30, 2018
@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from 63f0afe to 83a4d32 Compare April 30, 2018 21:40
apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wonder what would people think of following pattern

static const char *names[] = {
#define D_MD2    0
    "md2",
#define D_MDC2   1
    "mdc2",
...

It's still ugly, but at least it gives you right idea about relationship between names and indices....

Copy link
Contributor Author

@FdaSilvaYY FdaSilvaYY May 1, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Other suggestion :

enum { D_MD2, D_MDC2, D_MD4,    ...    
static const char *names[] = {
    "md2",    /* D_MD2   */
    "mdc2",   /* D_MDC2   */
    "md4",     /* D_MD4   */
    ...

Shorter and more speaking form and format, IMHO

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Another suggestion (if this is really important) is to have an enum and then a "pair" typedef that has value/string-name. We do that in many other places.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I add these suggestions to the many more ideas I have to simplify and document this code.

@dot-asm
Copy link
Contributor

dot-asm commented May 1, 2018

It appears that it would be dependent on #6132 in sense that it would require re-base, so that final review would have to be postponed...

@FdaSilvaYY
Copy link
Contributor Author

This could possibly have a merge issue with #6132, but it will be easy to fixed.
I will rebased as soon I can , once any of two PR is merged.

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch 2 times, most recently from 5096d32 to 4a648c3 Compare May 3, 2018 20:11
@bernd-edlinger
Copy link
Member

Aehm, I would need some performance numbers for brainpool vs. nist vs. Ed25519
does this PR provide such numbers?

apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If additional empty line is meant to delimit prime and 2m fields, then how come there is no one prior brainpool chunk?

apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hmm, this is not right. Basically the difference between these values is approximate difference between speeds, so I'd suggest count / 8000 for X448.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The brp numbers are unreasonable too. The brp256 should be ~3-5 smaller than they are, then loop condition is totally wrong for chosen indices. Indeed, the R and T are interleaved, so it should be i+=2, and it should be <= R_EC_BRP512[RT]1...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I change my mind twice about interleaving or not : that's why this change is awkward.
You know that this juggle around estimating iteration counts is mostly useless, because SIGALRM define and support is the main use-case ...

Copy link
Contributor

@dot-asm dot-asm May 9, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If you interleave, then it's i+=2, if you ++i, then there should be no interleave. If argument is that it's not non-main use case, then it's argument in favour of whole thing removal, not for suggesting code that is visibly (and verifiably) wrong. There is no excuse for that.

apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why? Original condition was correct.

@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from db44e20 to f389005 Compare May 9, 2018 20:58
@FdaSilvaYY FdaSilvaYY changed the title apps/speed: fix weird EC arrays uses apps/speed: fix weird EC arrays usage May 9, 2018
apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Once again, <=, not <.

apps/speed.c Outdated
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggestion was that x448 coefficient would be 8 times larger than x25519. I.e. if X25519 was 1000, then X448 would be 8000. Slower algorithm -> higher coefficient. X448 is slower than X25519, 8 times (on x86_64). Well, one can argue that it's not really fair comparison, and it should be approximately square of key lengths' ratio, all right, let's say 4. So if you choose 2200 for X25519, then it should be 8800 for X448.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I made some measurements of X25519/X499 against ecdhb163 to deduce these ratios, but I inverse my calculation Oups ;(
I get a x3 ratio on my computer between X25519 and X499, but ok for a x4 ratio.

because there is actually 18 curves defined, but only 16 are plugged for ecdsa test
Deduce directly array size using OSSL_NELEM and so remove various magic numbers.
Require some declarations moving.
Implement OPT_PAIR list search without a null-ending element.
Fix some comparison between signed and unsigned integer expressions.
@FdaSilvaYY FdaSilvaYY force-pushed the app/speed/fix-ec-num-issue branch from f389005 to 07ee0ad Compare May 10, 2018 11:34
@dot-asm dot-asm added the approval: review pending This pull request needs review by a committer label May 11, 2018
@dot-asm
Copy link
Contributor

dot-asm commented May 11, 2018

As for 1.1.0, does it cherry-pick? [No, I didn't test.]

@richsalz richsalz added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels May 11, 2018
levitte pushed a commit that referenced this pull request May 12, 2018
because there are actually 18 curves defined, but only 16 are plugged for
ecdsa test.
Deduce array size using OSSL_NELEM and so remove various magic numbers,
which required some declarations moving.
Implement OPT_PAIR list search without a null-ending element.
Fix some comparison between signed and unsigned integer expressions.

Reviewed-by: Andy Polyakov <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from #6133)
levitte pushed a commit that referenced this pull request May 12, 2018
Reviewed-by: Andy Polyakov <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from #6133)
@dot-asm
Copy link
Contributor

dot-asm commented May 12, 2018

Merged. Thanks!

@dot-asm dot-asm closed this May 12, 2018
FdaSilvaYY added a commit to FdaSilvaYY/openssl that referenced this pull request May 15, 2018
because there are actually 17 curves defined, but only 16 are plugged for
ecdsa test.
Deduce array size using OSSL_NELEM and so remove various magic numbers,
which required some declarations moving.
Implement OPT_PAIR list search without a null-ending element.
Fix some comparison between signed and unsigned integer expressions.

cherry-picking from commit 5c6a69f.

Partial Back-port of openssl#6133 to 1.1.0
levitte pushed a commit that referenced this pull request May 18, 2018
because there are actually 17 curves defined, but only 16 are plugged for
ecdsa test.
Deduce array size using OSSL_NELEM and so remove various magic numbers,
which required some declarations moving.
Implement OPT_PAIR list search without a null-ending element.
Fix some comparison between signed and unsigned integer expressions.

cherry-picking from commit 5c6a69f.

Partial Back-port of #6133 to 1.1.0

Reviewed-by: Andy Polyakov <[email protected]>
Reviewed-by: Rich Salz <[email protected]>
(Merged from #6245)
@FdaSilvaYY FdaSilvaYY deleted the app/speed/fix-ec-num-issue branch July 19, 2018 20:37
@FdaSilvaYY FdaSilvaYY mentioned this pull request Sep 5, 2018
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approval: done This pull request has the required number of approvals

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants