[aarch64-port-dev ] [16] RFR[S]: 8251216: Implement MD5 intrinsics on AArch64

Stuart Monteith stuart.monteith at arm.com
Thu Aug 13 15:48:34 UTC 2020

On 13/08/2020 11:00, Andrew Haley wrote:
> On 12/08/2020 12:38, Stuart Monteith wrote:
>  > The method "testDigest" generates an byte array of a given size,
>  > with each element filled with it's own index & 0xff.
>  >
>  > The test is then run once, assumed uncompiled, it is then "warmed
>  > up" and the first generated digest is compared against the digest
>  > presumably generated by the intrinsic. This is the same test for all
>  > of the message digest algorithms.
>  >
>  > I'd say the test is no worse than what has gone before. There are
>  > additional tests under the jdk library tests, but nothing that
>  > addresses the correctness of the MD5 algorithm implementation
>  > itself.
> Good grief. So there are no compliance tests in the test suite at all.

Yes for any algorithm, for either the intrinsics or the Java implementations.

>  > In terms of the status-quo, that patch looks ok to me. I think if
>  > the testing is to be expanded, it should be expanded to all of the
>  > message digest algorithms.
> That's not much more that an excuse for doing nothing, IMO.

My intention was to suggest that more than MD5 or even just the intrinsics need to be tested, it's not an excuse to 
ignore this.

The existing tests are simply a comparison between generated message digest for a single message between the Java code 
and the intrinsics. The NIST samples cover SHA1 and MD5, but there are additional samples here: 
https://csrc.nist.gov/Projects/cryptographic-standards-and-guidelines/example-values .

The message digests in Java under sun.security.provider are:

	MD2, MD4, MD5,
SHA2:	SHA2-224, SHA2-256,
SHA3:	SHA3-224, SHA3-256, SHA3-384, SHA3-512,	SHAKE256
SHA5: SHA-512/224, SHA-512/256, SHA-512, SHA-384,

The intrinsics implemented are:
	aarch64: SHA1, SHA2, SHA5 (+MD5)
	ppc64:  SHA2, SHA5
	x86_64: SHA1, SHA2, SHA5, MD5
	x86_32: SHA1, SHA2, MD5

The MD5 patches have been merged already for x86.

SHA3 doesn't have any intrinsic implementations.

MD2 has some example values in its RFC https://tools.ietf.org/html/rfc1319
Likewise, MD4 has example values in its RFC too: https://tools.ietf.org/html/rfc1320

My suggestion is to add new tests for each of the message digest algorithms and share them between the JTreg jdk and 
hotspot instrinsics. The MD5 intrinsics could be merged after some demonstration of correctness?

I've CC'd core-libs-dev as this affects the jdk library.


More information about the core-libs-dev mailing list