Difference in behavior of Crypto850 build on Windows and non-Windows

[Vinay Kumar]

We are migrating from Crypto-5.4 to Crypto850.
Changes have been made to support the newer version(Crypto850).
On Linux, it works fine. But on Windows, we are facing issues.
We are using Visual Studio 2013 to build the cypto library(using cryptest.sln).
There is no source code difference between Linux and Windows.
The same source code works fine if it is rebuilt with Crypto-5.4.
Only major change done is to replace Randpool.Put with Randpool.IncorporateEntropy

And also, using OldRandPool instead of RandPool works fine.

Any Idea on how to resolve this problem?

One more observation is that on building manually(without using cryptest.sln) and using the library, it is found to crash at randpool.cpp:39

[Jeffrey Walton]

So it sounds like you have two problems. I can't really tell what the first problem is. Can you provide a reproducer, please.

The second problem is a crash when you run a program using Randpool. You have no provided details, like how you built the library or  how to reproduce the problem. Can you setup a GitHub repo with the source files and the steps to reproduce the problem, please?

Jeff

[Jeffrey Walton]

> We are migrating from Crypto-5.4 to Crypto850.
> Changes have been made to support the newer version(Crypto850).
> On Linux, it works fine. But on Windows, we are facing issues.
> We are using Visual Studio 2013 to build the cypto library(using cryptest.sln).
> There is no source code difference between Linux and Windows.
> The same source code works fine if it is rebuilt with Crypto-5.4.
> Only major change done is to replace Randpool.Put with Randpool.IncorporateEntropy
>
> And also, using OldRandPool instead of RandPool works fine.
>
> Any Idea on how to resolve this problem?

Also see https://www.cryptopp.com/wiki/OldRandomPool for documentation
on OldRandomPool.

> One more observation is that on building manually(without using cryptest.sln) and using the library, it is found to crash at randpool.cpp:39

For custom Crypto++ builds, the Nmake makefile might be useful to you.
It is easier to change build flags using Nmake makefile. Also see
https://cryptopp.com/wiki/Nmake_(Command_Line) .

Jeff

[Vinay Kumar]

Thanq.

Here is the code snippet(tested with sample application):

unsigned char temprpl[4] = { '\0' };

unsigned __int32 Value = 3957804565;

CryptoPP::RandomPool vRandPool;

        memset((CryptoPP::byte *)&temprpl, 0, 4);

memcpy((CryptoPP::byte *)&temprpl, (CryptoPP::byte *)&Value, 4);

cout << "VALUE=" << Value << endl;

vRandPool.Put( reinterpret_cast<unsigned char*>(&temprpl), sizeof(Value) ); /* For Crypto++ 5.4 */

// vRandPool.IncorporateEntropy( (const CryptoPP::byte *)&temprpl, 4 ); /* For Cryptopp850 */

CryptoPP::word32 t1 = vRandPool.GenerateWord32();

cout << "FIRST RAND=" << t1 << endl;

CryptoPP::word32 t2 = vRandPool.GenerateWord32();

cout << "SECOND RAND=" << t2 << endl;

CryptoPP::word32 t3 = vRandPool.GenerateWord32();

cout << "THIRD RAND=" << t3 << endl;

With Crypto++ 5.4 it always returns 'fixed RAND' values for specific 'Value' as follows:

VALUE=3957804565

FIRST RAND=123224688

SECOND RAND=3565820466

THIRD RAND=2141184933

VALUE=15201583

FIRST RAND=2446881748

SECOND RAND=653021931

THIRD RAND=31285341

VALUE=1947237586

FIRST RAND=4090363092

SECOND RAND=1687243401

THIRD RAND=1878929729

But, with Cryptopp850, it returns 'different RAND' values(and it is different for every run). This is causing issues after upgrading to Cryptopp850.
This change in behavior is observed only on Windows platform and it works perfectly fine on Linux.

Do you think it is a bug? Any workaround or other solution available to resolve this problem. 

[Jeffrey Walton]

For Crypto++ 8.5 (or anything greater than Crypto++ 5.5), you should
use OldRandPool instead of RandPool if you want the old behavior.
Actually OldRandPool was added at Crypto++ 6.0, so it is available for
Crypto++ 6.0 and above.

OldRandPool should work for you out of the box. We have a test for it
using data generated by Crypto++ 5.4. Also see
https://github.com/weidai11/cryptopp/blob/master/validat3.cpp#L633 .

If the OldRandPool is not returning correct results for you, then
copy/paste Crypto++ 5.4 RandPool into Crypto++ 8.5. Rename the class
to something like LegacyRandPool or FixedOldRandPool, and then use it
instead.

Also see the head notes at
https://www.cryptopp.com/docs/ref/randpool_8h.html, and the docs at
https://www.cryptopp.com/wiki/OldRandomPool.

Jeff

[Jeffrey Walton]

OK, I had some time to do some digging. Here's what Crypto++ 5.4
prints out in hex:

$ ./test.exe
VALUE=3957804565
FIRST RAND=7584270
SECOND RAND=d48a1a32
THIRD RAND=7f9fe3a5

The OldRandomPool class provides an endian-swapped value. I'm not sure why.

To fix it, we checked in this change:
https://github.com/weidai11/cryptopp/commit/7101e9e73a66.

Jeff

[Jeffrey Walton]

> The OldRandomPool class provides an endian-swapped value. I'm not sure why.
>
> To fix it, we checked in this change:
> https://github.com/weidai11/cryptopp/commit/7101e9e73a66.

This should fix the problem completely using the old Crypto++ 5.4
version of GenerateWord32:
https://github.com/weidai11/cryptopp/commit/fabd88e4e47b .

We tracked this change at https://github.com/weidai11/cryptopp/issues/1048 .

Jeff