AES-XTS OSSL fails when executing with OpenSSL 3.0.2
Closed this issue · 3 comments
dineshchitlangia commented
After we build successfully on a machine with OpenSSL 3.0.2, only the following functions fail:
$ ./aes/xts_128_enc_ossl_perf
$ ./aes/xts_128_dec_ossl_perf
$ ./aes/xts_256_enc_ossl_perf
$ ./aes/xts_256_dec_ossl_perf
We get the following error:
$ ./aes/xts_128_enc_ossl_perf
aes_xts_128_enc_perf:
ERROR!!
ISA-L and OpenSSL results don't match
gbtucker commented
Thanks for reporting @dineshchitlangia.
From experimenting with encode lengths it looks like small buffers are fine but openssl EVP_EncryptUpdate() now has a size limit of 16777216 bytes = 2^24 and only for xts. I don't see this in the openssl documentation but if true, we may have to loop the update() for large sizes.
gbtucker commented
Also from the openssl docs they don't support streaming.
The XTS implementation in OpenSSL does not support streaming. That is there must only be one EVP_EncryptUpdate(3) call per EVP_EncryptInit_ex(3) call
So a direct comparison for a very large buffer may be impossible.
dineshchitlangia commented
Thanks @gbtucker for looking into this and the pointers. Appreciate it.