SyZero and crypto #38

Closed
opened 2018-08-08 11:11:55 +02:00 by devnexen · 9 comments
Member

More a question actually ... it is used as well to clear the MD5 context.
Would be interesting to know if SyZero can be possibly optimised by aggressive optimisation by the compiler thus not guarantying it. In other hash algo implementations before memset was used but then SecureZero* or explicit_bzero replaced these.
That is something I did myself for php, I implemented explicit_bzero for musl for the next release for this kind of purpose too.

More a question actually ... it is used as well to clear the MD5 context. Would be interesting to know if SyZero can be possibly optimised by aggressive optimisation by the compiler thus not guarantying it. In other hash algo implementations before memset was used but then SecureZero* or explicit_bzero replaced these. That is something I did myself for php, I implemented explicit_bzero for musl for the next release for this kind of purpose too.
devnexen added the
question
label 2018-08-08 11:12:52 +02:00
Author
Member

In fact SecureZero* functions from Win32 API and explicit_bzero/explicit_memset (NetBSD flavor if I recall) had been created to guarantee the address is gueninely cleared regardless of the code consumer compiler optimisation used(basically either adding a memory barrier like musl or a particular compiler settings different from the rest of the libc like openbsd does for example ...).
Do not know if I am clear enough though :-)

In fact SecureZero* functions from Win32 API and explicit_bzero/explicit_memset (NetBSD flavor if I recall) had been created to guarantee the address is gueninely cleared regardless of the code consumer compiler optimisation used(basically either adding a memory barrier like musl or a particular compiler settings different from the rest of the libc like openbsd does for example ...). Do not know if I am clear enough though :-)
Author
Member

Ah the question is SyZero able to guarantee to clear the context regardless of the optimisation ? :-)

Ah the question is SyZero able to guarantee to clear the context regardless of the optimisation ? :-)
Owner

When I look at PH7 as overall and the amount of bugs as well as Symisc Systems approach, I doubt it can guarantee anything. :)
For example SyStringInitFromBuf() simply takes the char* and int and stores into a structure. The string can be of any length, and any length can be specifies. However, the length is not checked anywhere and I already several times came across SyString showing some trash after the requested string. Symisc resolved that by adding %z to their string formating functions. But if you want to convert SyString to char*, you should be careful.

When I look at PH7 as overall and the amount of bugs as well as Symisc Systems approach, I doubt it can guarantee anything. :) For example SyStringInitFromBuf() simply takes the char* and int and stores into a structure. The string can be of any length, and any length can be specifies. However, the length is not checked anywhere and I already several times came across SyString showing some trash after the requested string. Symisc resolved that by adding %z to their string formating functions. But if you want to convert SyString to char*, you should be careful.
Author
Member

Ok ... something to keep in mind even though not the highest priority at the moment.

Ok ... something to keep in mind even though not the highest priority at the moment.
devnexen was assigned by belliash 2018-08-09 15:21:30 +02:00
Author
Member

Found odd too first time I read it unless it is to avoid some compiler optimisations ?

Found odd too first time I read it unless it is to avoid some compiler optimisations ?
Owner

No idea, but its not first time I see something like that in PH7. There are more of them. In this particular case, the whole loop could be even replaced by:

memset(zSrc, 0, zEnd - zSrc);
No idea, but its not first time I see something like that in PH7. There are more of them. In this particular case, the whole loop could be even replaced by: memset(zSrc, 0, zEnd - zSrc);
Owner

I have contacted with Symisc. They told me, that's an old manual optimisation technique targeting Intel CPUs and was inspired from the qmail source tree. Basically if you unloop your code and duplicate it four times, you can get non insignificant speed boost on some old x86 architecture. They also told me, they didnt want to use memset, as they wanted a minimal dependency with libc.

Nova days, I think we can rely on compiler optimisations.

I have contacted with Symisc. They told me, that's an old manual optimisation technique targeting Intel CPUs and was inspired from the qmail source tree. Basically if you unloop your code and duplicate it four times, you can get non insignificant speed boost on some old x86 architecture. They also told me, they didnt want to use memset, as they wanted a minimal dependency with libc. Nova days, I think we can rely on compiler optimisations.
Owner

To sum up, I think SyZero is currently able to guarantee to clear the context regardless of the optimisation. @devnexen: Do we need anything else, or can we close this ticket?

To sum up, I think SyZero is currently able to guarantee to clear the context regardless of the optimisation. @devnexen: Do we need anything else, or can we close this ticket?
Author
Member

Nothing to add.

Nothing to add.
Sign in to join this conversation.
No Milestone
No Assignees
2 Participants
Notifications
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: aerscript/Aer#38
No description provided.