| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190112052645.GC639@sol.localdomain>
Date: Fri, 11 Jan 2019 21:26:46 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: Stephan Müller <smueller@...onox.de>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
James Bottomley <James.Bottomley@...senpartnership.com>,
Andy Lutomirski <luto@...capital.net>,
"Lee, Chun-Yi" <joeyli.kernel@...il.com>,
"Rafael J . Wysocki" <rjw@...ysocki.net>,
Pavel Machek <pavel@....cz>, linux-kernel@...r.kernel.org,
linux-pm@...r.kernel.org, keyrings@...r.kernel.org,
"Rafael J. Wysocki" <rafael.j.wysocki@...el.com>,
Chen Yu <yu.c.chen@...el.com>,
Oliver Neukum <oneukum@...e.com>,
Ryan Chen <yu.chen.surf@...il.com>,
David Howells <dhowells@...hat.com>,
Giovanni Gherdovich <ggherdovich@...e.cz>,
Randy Dunlap <rdunlap@...radead.org>,
Jann Horn <jannh@...gle.com>,
Andy Lutomirski <luto@...nel.org>, linux-crypto@...r.kernel.org
Subject: Re: [PATCH 3/6] crypto: kdf - add known answer tests
On Fri, Jan 11, 2019 at 08:10:22PM +0100, Stephan Müller wrote:
> Add known answer tests to the testmgr for the KDF (SP800-108) cipher.
>
> Signed-off-by: Stephan Mueller <smueller@...onox.de>
> ---
> crypto/testmgr.c | 226 +++++++++++++++++++++++++++++++++++++++++++++++
> crypto/testmgr.h | 110 +++++++++++++++++++++++
> 2 files changed, 336 insertions(+)
>
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index 0f684a414acb..ff9051bffa1f 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -110,6 +110,11 @@ struct drbg_test_suite {
> unsigned int count;
> };
>
> +struct kdf_test_suite {
> + struct kdf_testvec *vecs;
> + unsigned int count;
> +};
> +
> struct akcipher_test_suite {
> const struct akcipher_testvec *vecs;
> unsigned int count;
> @@ -133,6 +138,7 @@ struct alg_test_desc {
> struct hash_test_suite hash;
> struct cprng_test_suite cprng;
> struct drbg_test_suite drbg;
> + struct kdf_test_suite kdf;
> struct akcipher_test_suite akcipher;
> struct kpp_test_suite kpp;
> } suite;
> @@ -2020,6 +2026,64 @@ static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
> return ret;
> }
>
> +static int kdf_cavs_test(struct kdf_testvec *test,
> + const char *driver, u32 type, u32 mask)
Why not just "kdf_test()"?
> +{
> + int ret = -EAGAIN;
> + struct crypto_rng *drng;
> + unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
s/unsigned char/u8
> +
> + if (!buf)
> + return -ENOMEM;
> +
> + drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
> + if (IS_ERR(drng)) {
> + printk(KERN_ERR "alg: kdf: could not allocate cipher handle "
> + "for %s\n", driver);
pr_err
> + kzfree(buf);
kfree is fine here.
> + return -ENOMEM;
> + }
> +
> + ret = crypto_rng_reset(drng, test->K1, test->K1len);
> + if (ret) {
> + printk(KERN_ERR "alg: kdf: could not set key derivation key\n");
pr_err
> + goto err;
> + }
> +
> + ret = crypto_rng_generate(drng, test->context, test->contextlen,
> + buf, test->expectedlen);
> + if (ret) {
> + printk(KERN_ERR "alg: kdf: could not obtain key data\n");
pr_err
> + goto err;
> + }
> +
> + ret = memcmp(test->expected, buf, test->expectedlen);
Elsewhere this function returns an -errno value but this is different.
> +
> +err:
> + crypto_free_rng(drng);
> + kzfree(buf);
kfree would be fine here too.
> + return ret;
> +}
> +
> +static int alg_test_kdf(const struct alg_test_desc *desc, const char *driver,
> + u32 type, u32 mask)
> +{
> + int err = 0;
> + unsigned int i = 0;
> + struct kdf_testvec *template = desc->suite.kdf.vecs;
const
- Eric
Powered by blists - more mailing lists