Hi Sebastian, On Dec 8, 2007 2:44 AM, Sebastian Siewior <linux-crypto@xxxxxxxxxxxxxxxx> wrote: > >The keysetup() should be the same as the C version... except that I've > >previously modified the C version to use key length in bytes while the > >assembly version uses bits! :-) I could change the C code back. But I > >personally prefer to use the assembly version since it was distributed > >as a "self-contained and complete solution" in Bernstein's > >"salsa20.s". > I would go for the smaller files. That's why merged the AES code > earlier. I've seen your good work with the AES code. But I will stick with the assembly version for the time being... at least until I've done the Salsa x86-64 version and perhaps a few more eSTREAM ciphers. > I would not mind modifing the source code for the greated good :) Should > you make a mistake than the test vectors should detect them. Test vectors are great for catching general bugs (wrong S-box entry, wrong transformation, etc) but they can be weak at boundary conditions (an extra byte mistakenly written at the end of the output buffer) and against malicious intent (malicious code added without breaking crypto). Since I don't expect people to trust a newbie like me, I'd rather stick to not modifying the original assembly code too much. :-) > After all, you modified the C version and s/keysize/bits. With hindsight, I wish I had not modified the keysize bits in the C version. It was the source of a bug while I was writing up the i586 patch (I forgot to multiply keylen by 8). So I may revert them eventually to make them consistent with the assembly version. :-) Swee Heng - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
