Linux-Crypto Archive on lore.kernel.org
 help / color / Atom feed
From: Eric Biggers <ebiggers@kernel.org>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: "open list:HARDWARE RANDOM NUMBER GENERATOR CORE" 
	<linux-crypto@vger.kernel.org>
Subject: Re: [PATCH 0/7] crypto: more self-test improvements
Date: Wed, 4 Dec 2019 09:03:46 -0800
Message-ID: <20191204170346.GA1023@sol.localdomain> (raw)
In-Reply-To: <CAKv+Gu9fQV4-KFz=wnBkNEHa3F8cWMuX9CG=a67qhVgFkZ=cPw@mail.gmail.com>

On Wed, Dec 04, 2019 at 02:42:58PM +0000, Ard Biesheuvel wrote:
> On Tue, 3 Dec 2019 at 12:39, Ard Biesheuvel <ard.biesheuvel@linaro.org> wrote:
> >
> > On Sun, 1 Dec 2019 at 21:54, Eric Biggers <ebiggers@kernel.org> wrote:
> > >
> > > This series makes some more improvements to the crypto self-tests, the
> > > largest of which is making the AEAD fuzz tests test inauthentic inputs,
> > > i.e. cases where decryption is expected to fail due to the (ciphertext,
> > > AAD) pair not being the correct result of an encryption with the key.
> > >
> > > It also updates the self-tests to test passing misaligned buffers to the
> > > various setkey() functions, and to check that skciphers have the same
> > > min_keysize as the corresponding generic implementation.
> > >
> > > I haven't seen any test failures from this on x86_64, arm64, or arm32.
> > > But as usual I haven't tested drivers for crypto accelerators.
> > >
> > > For this series to apply this cleanly, my other series
> > > "crypto: skcipher - simplifications due to {,a}blkcipher removal"
> > > needs to be applied first, due to a conflict in skcipher.h.
> > >
> > > This can also be retrieved from git at
> > > https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git
> > > tag "crypto-self-tests_2019-12-01".
> > >
> > > Eric Biggers (7):
> > >   crypto: aead - move crypto_aead_maxauthsize() to <crypto/aead.h>
> > >   crypto: skcipher - add crypto_skcipher_min_keysize()
> > >   crypto: testmgr - don't try to decrypt uninitialized buffers
> > >   crypto: testmgr - check skcipher min_keysize
> > >   crypto: testmgr - test setting misaligned keys
> > >   crypto: testmgr - create struct aead_extra_tests_ctx
> > >   crypto: testmgr - generate inauthentic AEAD test vectors
> > >
> >
> > I've dropped this into kernelci again, let's see if anything turns out
> > to be broken.
> >
> > For this series,
> >
> > Acked-by: Ard Biesheuvel <ardb@kernel.org>
> >
> 
> Results here:
> https://kernelci.org/boot/all/job/ardb/branch/for-kernelci/kernel/v5.4-9340-g16839329da69/
> 
> Only the usual suspects failed (rk3288)
> 

Great, thanks.  I wouldn't be surprised if all AEAD implementations are
correctly rejecting inauthentic inputs at the moment, but we should still have
the test just in case.

- Eric

  reply index

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-01 21:53 Eric Biggers
2019-12-01 21:53 ` [PATCH 1/7] crypto: aead - move crypto_aead_maxauthsize() to <crypto/aead.h> Eric Biggers
2019-12-01 21:53 ` [PATCH 2/7] crypto: skcipher - add crypto_skcipher_min_keysize() Eric Biggers
2019-12-01 21:53 ` [PATCH 3/7] crypto: testmgr - don't try to decrypt uninitialized buffers Eric Biggers
2019-12-01 21:53 ` [PATCH 4/7] crypto: testmgr - check skcipher min_keysize Eric Biggers
2019-12-01 21:53 ` [PATCH 5/7] crypto: testmgr - test setting misaligned keys Eric Biggers
2019-12-01 21:53 ` [PATCH 6/7] crypto: testmgr - create struct aead_extra_tests_ctx Eric Biggers
2019-12-01 21:53 ` [PATCH 7/7] crypto: testmgr - generate inauthentic AEAD test vectors Eric Biggers
2019-12-03 12:39 ` [PATCH 0/7] crypto: more self-test improvements Ard Biesheuvel
2019-12-04 14:42   ` Ard Biesheuvel
2019-12-04 17:03     ` Eric Biggers [this message]
2019-12-11  9:43 ` Herbert Xu

Reply instructions:

You may reply publically to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191204170346.GA1023@sol.localdomain \
    --to=ebiggers@kernel.org \
    --cc=ard.biesheuvel@linaro.org \
    --cc=linux-crypto@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Linux-Crypto Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-crypto/0 linux-crypto/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-crypto linux-crypto/ https://lore.kernel.org/linux-crypto \
		linux-crypto@vger.kernel.org
	public-inbox-index linux-crypto

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-crypto


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git