From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from gandalf.ozlabs.org (mail.ozlabs.org [IPv6:2404:9400:2221:ea00::3])
	by passt.top (Postfix) with ESMTPS id 4599E5A026D
	for <passt-dev@passt.top>; Fri, 22 Sep 2023 16:06:41 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gibson.dropbear.id.au; s=201602; t=1695391594;
	bh=HKAdz01TsEDkzQrmFtiaXyZqt8mZoQymnEw6qNM3rPc=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=eDYl7SnK1UhFM+GMt1GEOL73O2N9GQlYCqr0yFw778DQ8KNHpDvJTzUHfY+WgXK8C
	 Ix3j/cyBPT1Z69+XzU5X30KDuiy9RlD9gyDbM3eHX1hAjuNL4ye/HF9/aJl7SqDHIV
	 KRSnaHb4xdNMUYd3QDF9TvELLz9f4EXYzJlXgKAg=
Received: by gandalf.ozlabs.org (Postfix, from userid 1007)
	id 4RsYwV10xQz4xNg; Sat, 23 Sep 2023 00:06:34 +1000 (AEST)
From: David Gibson <david@gibson.dropbear.id.au>
To: Stefano Brivio <sbrivio@redhat.com>,
	passt-dev@passt.top
Subject: [PATCH 05/10] siphash: Fix bug in state initialisation
Date: Sat, 23 Sep 2023 00:06:25 +1000
Message-ID: <20230922140630.3184256-6-david@gibson.dropbear.id.au>
X-Mailer: git-send-email 2.41.0
In-Reply-To: <20230922140630.3184256-1-david@gibson.dropbear.id.au>
References: <20230922140630.3184256-1-david@gibson.dropbear.id.au>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Message-ID-Hash: KUFIDWDVZEWAN6EOAHDETFYFMH6ZLFNY
X-Message-ID-Hash: KUFIDWDVZEWAN6EOAHDETFYFMH6ZLFNY
X-MailFrom: dgibson@gandalf.ozlabs.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: David Gibson <david@gibson.dropbear.id.au>
X-Mailman-Version: 3.3.8
Precedence: list
List-Id: Development discussion and patches for passt <passt-dev.passt.top>
Archived-At: <https://archives.passt.top/passt-dev/20230922140630.3184256-6-david@gibson.dropbear.id.au/>
Archived-At: <https://passt.top/hyperkitty/list/passt-dev@passt.top/message/KUFIDWDVZEWAN6EOAHDETFYFMH6ZLFNY/>
List-Archive: <https://archives.passt.top/passt-dev/>
List-Archive: <https://passt.top/hyperkitty/list/passt-dev@passt.top/>
List-Help: <mailto:passt-dev-request@passt.top?subject=help>
List-Owner: <mailto:passt-dev-owner@passt.top>
List-Post: <mailto:passt-dev@passt.top>
List-Subscribe: <mailto:passt-dev-join@passt.top>
List-Unsubscribe: <mailto:passt-dev-leave@passt.top>

The SipHash algorithm starts with initializing the 32 bytes of internal
state with some magic numbers XORed with the hash key.  However, our
implementation has a bug - rather than XORing the hash key, it *sets* the
initial state to copies of the key.

I don't know if that affects any of the cryptographic properties of SipHash
but it's not what we should be doing.  Fix it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
---
 siphash.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/siphash.c b/siphash.c
index ec39793..6932da2 100644
--- a/siphash.c
+++ b/siphash.c
@@ -65,7 +65,7 @@
 									  \
 	do {								  \
 		for (__i = sizeof(v) / sizeof(v[0]) - 1; __i >= 0; __i--) \
-			v[__i] = k[__i % 2];				  \
+			v[__i] ^= k[__i % 2];				  \
 	} while (0)
 
 /**
-- 
2.41.0