[cryptography] Oddity in common bcrypt implementation
iang at iang.org
Tue Jun 21 12:31:24 EDT 2011
On 20/06/11 10:59 AM, Solar Designer wrote:
> On Wed, Jun 15, 2011 at 04:22:55AM +0400, Solar Designer wrote:
>> I am trying to
> learn some lessons from this.
This used to happen to me a lot in the old Cryptix days, which for a
while were a sort of smorgasboard of algorithms.
One lesson was that any algorithm had to have test paramaters, which
would be coded into the code directly. If it didn't have them, we had
to go find them or make them.
Another lesson was that there had to be a harness that would pump random
data into two distant implementations and compare them over Mb of
results, and keep lots of internal state in case there was a clash.
This would typically be done with an outside program (using pipes or
files) because the other implementation would be in another language.
We'd let it run for hours... This was really useful, and would often
pick up really subtle differences in definition like those wierd sign
effects and misuse of language number types.
> I'd appreciate any suggestions.
Occasionally (speaking from my experience) this would cause a real
compatibility issue. In that case, we'd write in a sort of hack into
each program that would test variant A, and if that failed, test variant
B. This is definately a gross hack... but it was better than breaking K6.
More information about the cryptography