On Tue, Feb 25, 2020 at 05:48:33PM +0200, Gilad Ben-Yossef wrote:
> Use generic algs to produce inauthentic AEAD messages,
> otherwise we are running the risk of using an untested
> code to produce the test messages.
>
> As this code is only used in developer only extended tests
> any cycles/runtime costs are negligible.
>
> Signed-off-by: Gilad Ben-Yossef <gilad@xxxxxxxxxxxxx>
> Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
It's intentional to use the same implementation to generate the inauthentic AEAD
messages, because it allows the inauthentic AEAD input tests to run even if the
generic implementation is unavailable.
> @@ -2337,8 +2338,42 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
> {
> unsigned int i;
> int err;
> + struct crypto_aead *tfm = ctx->tfm;
> + const char *algname = crypto_aead_alg(tfm)->base.cra_name;
> + const char *driver = ctx->driver;
> + const char *generic_driver = ctx->test_desc->generic_driver;
> + char _generic_driver[CRYPTO_MAX_ALG_NAME];
> + struct crypto_aead *generic_tfm = NULL;
> + struct aead_request *generic_req = NULL;
> +
> + if (!generic_driver) {
> + err = build_generic_driver_name(algname, _generic_driver);
> + if (err)
> + return err;
> + generic_driver = _generic_driver;
> + }
> +
> + if (!strcmp(generic_driver, driver) == 0) {
> + /* Already the generic impl? */
> +
> + generic_tfm = crypto_alloc_aead(generic_driver, 0, 0);
I think you meant the condition to be 'if (strcmp(generic_driver, driver) != 0)'
and for the comment to be "Not already the generic impl?".
> + if (IS_ERR(generic_tfm)) {
> + err = PTR_ERR(generic_tfm);
> + pr_err("alg: aead: error allocating %s (generic impl of %s): %d\n",
> + generic_driver, algname, err);
> + return err;
> + }
This means the test won't run if the generic implementation is unavailable.
Is there any particular reason to impose that requirement?
You mentioned a concern about the implementation being "untested", but it
actually already passed test_aead() before getting to test_aead_extra().
We could also just move test_aead_inauthentic_inputs() to below
test_aead_vs_generic_impl() so that it runs last.
- Eric
