lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Tue, 08 Sep 2015 05:23:59 +0200
From:	Stephan Mueller <smueller@...onox.de>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	Boris Brezillon <boris.brezillon@...e-electrons.com>,
	"David S. Miller" <davem@...emloft.net>,
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] crypto: testmgr: test IV value after a cipher operation

Am Dienstag, 16. Juni 2015, 11:46:46 schrieb Boris Brezillon:

Hi Herbert,

>The crypto drivers are supposed to update the IV passed to the crypto
>request before calling the completion callback.
>Test for the IV value before considering the test as successful.

May I ask whether there is anything wrong with this patch?

I am asking because the keywrapping template I would like to release would 
need the test manager to check the generated IV.

Thanks a lot.

>
>Signed-off-by: Boris Brezillon <boris.brezillon@...e-electrons.com>
>---
> crypto/testmgr.c | 12 +++++++++++-
> crypto/testmgr.h |  1 +
> 2 files changed, 12 insertions(+), 1 deletion(-)
>
>diff --git a/crypto/testmgr.c b/crypto/testmgr.c
>index f9bce3d..e6b5f24 100644
>--- a/crypto/testmgr.c
>+++ b/crypto/testmgr.c
>@@ -1013,12 +1013,22 @@ static int __test_skcipher(struct crypto_ablkcipher
>*tfm, int enc,
>
> 		q = data;
> 		if (memcmp(q, template[i].result, template[i].rlen)) {
>-			pr_err("alg: skcipher%s: Test %d failed on %s for 
%s\n",
>+			pr_err("alg: skcipher%s: Test %d failed (invalid 
result) on %s for %s\n",
>d, j, e, algo);
> 			hexdump(q, template[i].rlen);
> 			ret = -EINVAL;
> 			goto out;
> 		}
>+
>+		if (template[i].iv_out &&
>+		    memcmp(iv, template[i].iv_out,
>+			   crypto_ablkcipher_ivsize(tfm))) {
>+			pr_err("alg: skcipher%s: Test %d failed (invalid 
output IV) on %s for
>%s\n", +			       d, j, e, algo);
>+			hexdump(iv, crypto_ablkcipher_ivsize(tfm));
>+			ret = -EINVAL;
>+			goto out;
>+		}
> 	}
>
> 	j = 0;
>diff --git a/crypto/testmgr.h b/crypto/testmgr.h
>index 62e2485..03320f9 100644
>--- a/crypto/testmgr.h
>+++ b/crypto/testmgr.h
>@@ -49,6 +49,7 @@ struct hash_testvec {
> struct cipher_testvec {
> 	char *key;
> 	char *iv;
>+	char *iv_out;
> 	char *input;
> 	char *result;
> 	unsigned short tap[MAX_TAP];


Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ