Hello
i'm trying to use the authenc module and i wrote a small kernel module that
simply encrypts/decrypts a fixed data using the hmac(sha1) as authentication
algorithm and cbc(aes) as encryption algorithm.
The used platform is a KVM quest with Fedora 12 i686 and the latest kernel
2.6.33.
I have taken the code from the testmgr and from net/ipv4/esp4.c.
But, when testing the code, attached in this mail, the crypto_aead_decrypt()
function always replies -EBADMSG.
I tried the same code in a 64-bit machine (user mode kernel and Fedora 12) and
the decryption was successful. I noted, when comparing the auth portion in
both systems, that this computed during the encryption from the 32bit KVM
guest, was different and with no fixed value. I investigated in the code of
authenc and i recorded some partial result of the encryption operation. That
is the log:
--------- testing authenc: encrypt ---------------
assoc: 495C501F1D94CC81BAB7B603AFA5C1A1D85C4268E06CDA8905AC56AC1B2AD386
alg: No test for authenc(hmac(sha1),cbc(aes)) (authenc(hmac(sha1-
generic),cbc(aes-asm)))
Setting ahash key: 313233343536373839303132
Setting blk key: 31323334353637383930313233343536
crypto_authenc_encrypt: ivsize 16 iv: 01010101010101010101010101010101
crypto_authenc_genicv: dump vdst:
CFE3A997243F38B0D6A89DCAB5126DC93952E493E72EA590CC8D186A4E1654860000000000000000000000000000000000000000
crypto_authenc_genicv ivsize 16,dst offset 3392 iv
01010101010101010101010101010101
crypto_authenc_genicv: iv after sg_init_table 00000000000000000101010101010101
crypto_authenc_genicv: vdst == iv + ivsize? 0
crypto_authenc_genicv: scatterlist dst 0 before fn assignement (line 355):
3242265088, 388, 32, dump:
495C501F1D94CC81BAB7B603AFA5C1A1D85C4268E06CDA8905AC56AC1B2AD386
crypto_authenc_genicv: scatterlist dst 1 before fn assignement (line 355):
3727819872, 0, 0, dump:
crypto_authenc_genicv: scatterlist dst 2 before fn assignement (line 355):
3241960448, 1152, 16, dump: 00000000000000000101010101010101
crypto_authenc_genicv: scatterlist dst 3 before fn assignement (line 355):
3747577608, 0, 0, dump:
crypto_authenc_genicv: scatterlist dst 0 after fn assignement (line 355):
3242265088, 388, 32, dump:
495C501F1D94CC81BAB7B603AFA5C1A1D85C4268E06CDA8905AC56AC1B2AD386
crypto_authenc_genicv: scatterlist dst 1 after fn assignement (line 355):
3727819872, 0, 0, dump:
crypto_authenc_genicv: scatterlist dst 2 after fn assignement (line 355):
3241960448, 1152, 16, dump: 0000000000000000C01886E0201986E0
crypto_authenc_genicv: scatterlist dst 2 after fn assignement (line 355)::
3747577608, 0, 0, dump:
--------------------------------------------------
Just for test, i tried to add a 16bit long offset when defining the memory
address for the "iv" in the function crypto_authenc_encrypt() for the 32-bit
kernel, and everything works fine.
I don't know if i made a mistake in the code that causes this misbehaviour in
the authenc module or if it is a bug.
Thanks in advance for the reply.
On Sat, Feb 27, 2010 at 12:14:15PM +0100, Roberto Sassu wrote:
> Hello
>
> i'm trying to use the authenc module and i wrote a small kernel module that
> simply encrypts/decrypts a fixed data using the hmac(sha1) as authentication
> algorithm and cbc(aes) as encryption algorithm.
> The used platform is a KVM quest with Fedora 12 i686 and the latest kernel
> 2.6.33.
> I have taken the code from the testmgr and from net/ipv4/esp4.c.
> But, when testing the code, attached in this mail, the crypto_aead_decrypt()
> function always replies -EBADMSG.
I've posted two fixes for authenc to the linux-crypto list last week.
Could you please try whether these patches fix your problems?
Thanks,
Steffen
Hello
i pulled the crypto-2.6 repo today. Issues appear to be solved for both 32-bit
and 64-bit systems. Many thanks!
I have got another trouble when compiling my test module with a 64-bit
operating system:
when dumping the data placed pointed by the scatterlist array i noted that the
assoc is always zero'ed. I investigated further and it seems that the problem
is the static allocation of the assoc string in my test module. When using the
kmalloc the dump is correct.
On Monday 01 March 2010 14:24:33 Steffen Klassert wrote:
> On Sat, Feb 27, 2010 at 12:14:15PM +0100, Roberto Sassu wrote:
> > Hello
> >
> > i'm trying to use the authenc module and i wrote a small kernel module
> > that simply encrypts/decrypts a fixed data using the hmac(sha1) as
> > authentication algorithm and cbc(aes) as encryption algorithm.
> > The used platform is a KVM quest with Fedora 12 i686 and the latest
> > kernel 2.6.33.
> > I have taken the code from the testmgr and from net/ipv4/esp4.c.
> > But, when testing the code, attached in this mail, the
> > crypto_aead_decrypt() function always replies -EBADMSG.
>
> I've posted two fixes for authenc to the linux-crypto list last week.
> Could you please try whether these patches fix your problems?
>
> Thanks,
>
> Steffen
Roberto Sassu <[email protected]> wrote:
>
> when dumping the data placed pointed by the scatterlist array i noted that the
> assoc is always zero'ed. I investigated further and it seems that the problem
> is the static allocation of the assoc string in my test module. When using the
> kmalloc the dump is correct.
Right, static allocation in general is incompatible with any
interface that uses scatterlists.
Cheers,
--
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <[email protected]>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt