| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 25 Feb 2020 17:48:33 +0200
From: Gilad Ben-Yossef <gilad@...yossef.com>
To: Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
Cc: Ofir Drang <ofir.drang@....com>,
Eric Biggers <ebiggers@...nel.org>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH 1/2] crypto: testmgr - use generic algs making test vecs
Use generic algs to produce inauthentic AEAD messages,
otherwise we are running the risk of using an untested
code to produce the test messages.
As this code is only used in developer only extended tests
any cycles/runtime costs are negligible.
Signed-off-by: Gilad Ben-Yossef <gilad@...yossef.com>
Cc: Eric Biggers <ebiggers@...nel.org>
---
crypto/testmgr.c | 50 +++++++++++++++++++++++++++++++++++++++++++-----
1 file changed, 45 insertions(+), 5 deletions(-)
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 88f33c0efb23..cf565b063cdf 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2314,12 +2314,13 @@ static void generate_random_aead_testvec(struct aead_request *req,
}
static void try_to_generate_inauthentic_testvec(
- struct aead_extra_tests_ctx *ctx)
+ struct aead_extra_tests_ctx *ctx,
+ struct aead_request *req)
{
int i;
for (i = 0; i < 10; i++) {
- generate_random_aead_testvec(ctx->req, &ctx->vec,
+ generate_random_aead_testvec(req, &ctx->vec,
&ctx->test_desc->suite.aead,
ctx->maxkeysize, ctx->maxdatasize,
ctx->vec_name,
@@ -2337,8 +2338,42 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
{
unsigned int i;
int err;
+ struct crypto_aead *tfm = ctx->tfm;
+ const char *algname = crypto_aead_alg(tfm)->base.cra_name;
+ const char *driver = ctx->driver;
+ const char *generic_driver = ctx->test_desc->generic_driver;
+ char _generic_driver[CRYPTO_MAX_ALG_NAME];
+ struct crypto_aead *generic_tfm = NULL;
+ struct aead_request *generic_req = NULL;
+
+ if (!generic_driver) {
+ err = build_generic_driver_name(algname, _generic_driver);
+ if (err)
+ return err;
+ generic_driver = _generic_driver;
+ }
+
+ if (!strcmp(generic_driver, driver) == 0) {
+ /* Already the generic impl? */
+
+ generic_tfm = crypto_alloc_aead(generic_driver, 0, 0);
+ if (IS_ERR(generic_tfm)) {
+ err = PTR_ERR(generic_tfm);
+ pr_err("alg: aead: error allocating %s (generic impl of %s): %d\n",
+ generic_driver, algname, err);
+ return err;
+ }
+
+ generic_req = aead_request_alloc(generic_tfm, GFP_KERNEL);
+ if (!generic_req)
+ goto free_tfm;
+ }
for (i = 0; i < fuzz_iterations * 8; i++) {
+ struct aead_request *req;
+
+ req = generic_req ? generic_req : ctx->req;
+
/*
* Since this part of the tests isn't comparing the
* implementation to another, there's no point in testing any
@@ -2348,7 +2383,7 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
* if the algorithm keeps rejecting the generated keys, don't
* retry forever; just continue on.
*/
- try_to_generate_inauthentic_testvec(ctx);
+ try_to_generate_inauthentic_testvec(ctx, req);
if (ctx->vec.novrfy) {
generate_random_testvec_config(&ctx->cfg, ctx->cfgname,
sizeof(ctx->cfgname));
@@ -2356,11 +2391,16 @@ static int test_aead_inauthentic_inputs(struct aead_extra_tests_ctx *ctx)
ctx->vec_name, &ctx->cfg,
ctx->req, ctx->tsgls);
if (err)
- return err;
+ goto out;
}
cond_resched();
}
- return 0;
+
+out:
+ aead_request_free(generic_req);
+free_tfm:
+ crypto_free_aead(generic_tfm);
+ return err;
}
/*
--
2.25.0
Powered by blists - more mailing lists