Re: [PATCH v2] crypto: XTS - remove test that will fail in FIPS mode

Tapas Sarangi <TSarangi@xxxxxxxxxxxxx> · Wed, 17 Aug 2016 14:52:32 +0000

Hi Stephan,

Yes, can you give me some more detail about your findings on dracut-fips
!? This seems to be the major difference between our test environments
where a bunch of algorithms are failing self-test during boot with fips=1.

Thanks
-Tapas

On 8/16/16, 4:38 AM, "Stephan Mueller" <smueller@xxxxxxxxxx> wrote:

>Hi Tapas,
>
>I was able to reproduce the issue now.
>
>I tested the patch below and it works for me now. Yet, I see that
>dracut-fips seems to need some fixes too as it cannot find cmac when
>compiled as module and has some issues with the authenc() ciphers too.
>
>
>---8<---
>
>In FIPS mode, setting XTS keys where the AES key is identical to the
>tweak key is forbidden. Thus, the self test with such property will fail
>in FIPS mode.
>
>As we have other tests available for XTS, this patch simply removes the
>offending test vectors.
>
>Reported-by: Tapas Sarangi <TSarangi@xxxxxxxxxxxxx>
>Signed-off-by: Stephan Mueller <stephan.mueller@xxxxxxxxx>
>---
> crypto/testmgr.h | 44 ++++----------------------------------------
> 1 file changed, 4 insertions(+), 40 deletions(-)
>
>diff --git a/crypto/testmgr.h b/crypto/testmgr.h
>index acb6bbf..893b321 100644
>--- a/crypto/testmgr.h
>+++ b/crypto/testmgr.h
>@@ -15179,8 +15179,8 @@ static struct cipher_testvec
>cast6_xts_dec_tv_template[] = {
> #define HMAC_SHA512_AES_CBC_ENC_TEST_VEC 7
> #define AES_LRW_ENC_TEST_VECTORS 8
> #define AES_LRW_DEC_TEST_VECTORS 8
>-#define AES_XTS_ENC_TEST_VECTORS 5
>-#define AES_XTS_DEC_TEST_VECTORS 5
>+#define AES_XTS_ENC_TEST_VECTORS 4
>+#define AES_XTS_DEC_TEST_VECTORS 4
> #define AES_CTR_ENC_TEST_VECTORS 5
> #define AES_CTR_DEC_TEST_VECTORS 5
> #define AES_OFB_ENC_TEST_VECTORS 1
>@@ -18218,25 +18218,7 @@ static struct cipher_testvec
>aes_lrw_dec_tv_template[] = {
>
> static struct cipher_testvec aes_xts_enc_tv_template[] = {
>       /*
>http://scanmail.trustwave.com/?c=4062&d=-96y1wXsB1ZUProHtkc64VYvnNekxXtLFt
>hU_sfSVw&s=5&u=http%3a%2f%2fgrouper%2eieee%2eorg%2fgroups%2f1619%2femail%2
>fpdf00086%2epdf */
>-      { /* XTS-AES 1 */
>-              .key    = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .klen   = 32,
>-              .iv     = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .input  = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .ilen   = 32,
>-              .result = "\x91\x7c\xf6\x9e\xbd\x68\xb2\xec"
>-                        "\x9b\x9f\xe9\xa3\xea\xdd\xa6\x92"
>-                        "\xcd\x43\xd2\xf5\x95\x98\xed\x85"
>-                        "\x8c\x02\xc2\x65\x2f\xbf\x92\x2e",
>-              .rlen   = 32,
>-      }, { /* XTS-AES 2 */
>+      { /* XTS-AES 2 */
>               .key    = "\x11\x11\x11\x11\x11\x11\x11\x11"
>                         "\x11\x11\x11\x11\x11\x11\x11\x11"
>                         "\x22\x22\x22\x22\x22\x22\x22\x22"
>@@ -18560,25 +18542,7 @@ static struct cipher_testvec
>aes_xts_enc_tv_template[] = {
>
> static struct cipher_testvec aes_xts_dec_tv_template[] = {
>       /*
>http://scanmail.trustwave.com/?c=4062&d=-96y1wXsB1ZUProHtkc64VYvnNekxXtLFt
>hU_sfSVw&s=5&u=http%3a%2f%2fgrouper%2eieee%2eorg%2fgroups%2f1619%2femail%2
>fpdf00086%2epdf */
>-      { /* XTS-AES 1 */
>-              .key    = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .klen   = 32,
>-              .iv     = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                        "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .input = "\x91\x7c\xf6\x9e\xbd\x68\xb2\xec"
>-                       "\x9b\x9f\xe9\xa3\xea\xdd\xa6\x92"
>-                       "\xcd\x43\xd2\xf5\x95\x98\xed\x85"
>-                       "\x8c\x02\xc2\x65\x2f\xbf\x92\x2e",
>-              .ilen   = 32,
>-              .result  = "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                         "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                         "\x00\x00\x00\x00\x00\x00\x00\x00"
>-                         "\x00\x00\x00\x00\x00\x00\x00\x00",
>-              .rlen   = 32,
>-      }, { /* XTS-AES 2 */
>+      { /* XTS-AES 2 */
>               .key    = "\x11\x11\x11\x11\x11\x11\x11\x11"
>                         "\x11\x11\x11\x11\x11\x11\x11\x11"
>                         "\x22\x22\x22\x22\x22\x22\x22\x22"
>--
>2.7.4
>
>

________________________________

This transmission may contain information that is privileged, confidential, and/or exempt from disclosure under applicable law. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, or use of the information contained herein (including any reliance thereon) is strictly prohibited. If you received this transmission in error, please immediately contact the sender and destroy the material in its entirety, whether in electronic or hard copy format.
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html