Re: [PATCH 0/7] crypto: more self-test improvements

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Dec 04, 2019 at 02:42:58PM +0000, Ard Biesheuvel wrote:
> On Tue, 3 Dec 2019 at 12:39, Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> wrote:
> >
> > On Sun, 1 Dec 2019 at 21:54, Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
> > >
> > > This series makes some more improvements to the crypto self-tests, the
> > > largest of which is making the AEAD fuzz tests test inauthentic inputs,
> > > i.e. cases where decryption is expected to fail due to the (ciphertext,
> > > AAD) pair not being the correct result of an encryption with the key.
> > >
> > > It also updates the self-tests to test passing misaligned buffers to the
> > > various setkey() functions, and to check that skciphers have the same
> > > min_keysize as the corresponding generic implementation.
> > >
> > > I haven't seen any test failures from this on x86_64, arm64, or arm32.
> > > But as usual I haven't tested drivers for crypto accelerators.
> > >
> > > For this series to apply this cleanly, my other series
> > > "crypto: skcipher - simplifications due to {,a}blkcipher removal"
> > > needs to be applied first, due to a conflict in skcipher.h.
> > >
> > > This can also be retrieved from git at
> > > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git
> > > tag "crypto-self-tests_2019-12-01".
> > >
> > > Eric Biggers (7):
> > >   crypto: aead - move crypto_aead_maxauthsize() to <crypto/aead.h>
> > >   crypto: skcipher - add crypto_skcipher_min_keysize()
> > >   crypto: testmgr - don't try to decrypt uninitialized buffers
> > >   crypto: testmgr - check skcipher min_keysize
> > >   crypto: testmgr - test setting misaligned keys
> > >   crypto: testmgr - create struct aead_extra_tests_ctx
> > >   crypto: testmgr - generate inauthentic AEAD test vectors
> > >
> >
> > I've dropped this into kernelci again, let's see if anything turns out
> > to be broken.
> >
> > For this series,
> >
> > Acked-by: Ard Biesheuvel <ardb@xxxxxxxxxx>
> >
> 
> Results here:
> https://kernelci.org/boot/all/job/ardb/branch/for-kernelci/kernel/v5.4-9340-g16839329da69/
> 
> Only the usual suspects failed (rk3288)
> 

Great, thanks.  I wouldn't be surprised if all AEAD implementations are
correctly rejecting inauthentic inputs at the moment, but we should still have
the test just in case.

- Eric
[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux