On 22.11.19 09:16, Herbert Xu wrote:
> On Wed, Nov 13, 2019 at 11:55:23AM +0100, Harald Freudenberger wrote:
>> This patch adds selftests for the s390 specific protected key
>> AES (PAES) cipher implementations:
>> * cbc-paes-s390
>> * ctr-paes-s390
>> * ecb-paes-s390
>> * xts-paes-s390
>> PAES is an AES cipher but with encrypted ('protected') key
>> material. So here come ordinary AES enciphered data values
>> but with a special key format understood by the PAES
>> implementation.
>>
>> The testdata definitons and testlist entries are surrounded
>> by #if IS_ENABLED(CONFIG_CRYPTO_PAES_S390) because they don't
>> make any sense on non s390 platforms or without the PAES
>> cipher implementation.
>>
>> Signed-off-by: Harald Freudenberger <freude@xxxxxxxxxxxxx>
>> ---
>> crypto/testmgr.c | 36 +++++
>> crypto/testmgr.h | 334 +++++++++++++++++++++++++++++++++++++++++++++++
>> 2 files changed, 370 insertions(+)
> So with your cleartext work, I gather that you can now supply
> arbitrary keys to paes? If so my preferred method of testing it
> would be to add a paes-specific tester function that massaged the
> existing aes vectors into the format required by paes so you
> get exactly the same testing coverage as plain aes.
>
> Is this possible?
>
> Thanks,
Thanks for your feedback.
I thought about this too. But it would require to implement own versions of
alg_test_skcipher() and test_skcipher() and test_skcipher_vs_generic_impl()
and that's a lot of complicated code unique for paes within testmgr.c
I'd like to avoid.
