[PATCH 1/2] crypto: testmgr - use generic algs making test vecs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Use generic algs to produce inauthentic AEAD messages,
otherwise we are running the risk of using an untested
code to produce the test messages.

As this code is only used in developer only extended tests
any cycles/runtime costs are negligible.

Signed-off-by: Gilad Ben-Yossef <gilad@xxxxxxxxxxxxx>
Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
---
 crypto/testmgr.c | 50 +++++++++++++++++++++++++++++++++++++++++++-----
 1 file changed, 45 insertions(+), 5 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 88f33c0efb23..cf565b063cdf 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2314,12 +2314,13 @@ static void generate_random_aead_testvec(struct aead_request *req,
 }
 
 static void try_to_generate_inauthentic_testvec(
-					struct aead_extra_tests_ctx *ctx)
+					struct aead_extra_tests_ctx *ctx,
+					struct aead_request *req)
 {
 	int i;
 
 	for (i = 0; i < 10; i++) {
-		generate_random_aead_testvec(ctx->req, &ctx->vec,
+		generate_random_aead_testvec(req, &ctx->vec,
 					     &ctx->test_desc->suite.aead,
 					     ctx->maxkeysize, ctx->maxdatasize,
 					     ctx->vec_name,
@@ -2337,8 +2338,42 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
 {
 	unsigned int i;
 	int err;
+	struct crypto_aead *tfm = ctx->tfm;
+	const char *algname = crypto_aead_alg(tfm)->base.cra_name;
+	const char *driver = ctx->driver;
+	const char *generic_driver = ctx->test_desc->generic_driver;
+	char _generic_driver[CRYPTO_MAX_ALG_NAME];
+	struct crypto_aead *generic_tfm = NULL;
+	struct aead_request *generic_req = NULL;
+
+	if (!generic_driver) {
+		err = build_generic_driver_name(algname, _generic_driver);
+		if (err)
+			return err;
+		generic_driver = _generic_driver;
+	}
+
+	if (!strcmp(generic_driver, driver) == 0) {
+		/* Already the generic impl? */
+
+		generic_tfm = crypto_alloc_aead(generic_driver, 0, 0);
+		if (IS_ERR(generic_tfm)) {
+			err = PTR_ERR(generic_tfm);
+			pr_err("alg: aead: error allocating %s (generic impl of %s): %d\n",
+			generic_driver, algname, err);
+			return err;
+		}
+
+		generic_req = aead_request_alloc(generic_tfm, GFP_KERNEL);
+		if (!generic_req)
+			goto free_tfm;
+	}
 
 	for (i = 0; i < fuzz_iterations * 8; i++) {
+		struct aead_request *req;
+
+		req = generic_req ? generic_req : ctx->req;
+
 		/*
 		 * Since this part of the tests isn't comparing the
 		 * implementation to another, there's no point in testing any
@@ -2348,7 +2383,7 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
 		 * if the algorithm keeps rejecting the generated keys, don't
 		 * retry forever; just continue on.
 		 */
-		try_to_generate_inauthentic_testvec(ctx);
+		try_to_generate_inauthentic_testvec(ctx, req);
 		if (ctx->vec.novrfy) {
 			generate_random_testvec_config(&ctx->cfg, ctx->cfgname,
 						       sizeof(ctx->cfgname));
@@ -2356,11 +2391,16 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
 						ctx->vec_name, &ctx->cfg,
 						ctx->req, ctx->tsgls);
 			if (err)
-				return err;
+				goto out;
 		}
 		cond_resched();
 	}
-	return 0;
+
+out:
+	aead_request_free(generic_req);
+free_tfm:
+	crypto_free_aead(generic_tfm);
+	return err;
 }
 
 /*
-- 
2.25.0




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux