Received: by 2002:a25:1506:0:0:0:0:0 with SMTP id 6csp3840423ybv; Tue, 25 Feb 2020 08:13:58 -0800 (PST) X-Google-Smtp-Source: APXvYqy8L/Mwh3zWqfBEN/kW7j1GrdqgycUrPxXBCU+eZbSKU3sI7b50RN4naEW0FLu6lhakdjes X-Received: by 2002:a9d:7357:: with SMTP id l23mr43751520otk.10.1582647238265; Tue, 25 Feb 2020 08:13:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1582647238; cv=none; d=google.com; s=arc-20160816; b=njwcNw3oJrt0AItlXLKW5DEjRgCFW+oT6pOAVvA4JKP9n1kPI19H8m2eUiwGOylzHG n48H+xYEuFUq4NBmMRnzKHPFWl/fqFUF0ZPerq3/4G/tfvih0Ik/V97FtiaXgztK9i/C UIn6a0mSVkNiz1IsvF6jZEEryPey22n5q8ZWKjoxFzIp24sc9J7KFkCwh05EIix2+FIZ 8AAmcULfoUlHSwFf6HI0OHYh7D98jVl0F830ilgQp0ksuoNTfFGe4Ah9xgXQ4b4lcQXZ rSCvw5WOuAT8blwUBHFs4kGluVvdjIFVsI/tJlqvyPHMPDUeq497nAjIivPF8GX0hRPo Yxyw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from; bh=tB9y2MXEsiqUsseXo+Mq1wkkp69hJ4RQ1yR5hCVUhSQ=; b=FOPo6PUjWxDQNRpJkmAUp7WgpAPW0nsa4NNr9uMjk5ya6w8j+8PBrk0PBxuiJUfOXU KKBV3x+IoqyvDyjAjXGrQ8fMqsC4OQeVIyNWP7DSsl34CwGp2ytxqewkDpKvg+qPxm4t ItxdXmQDThXsqBfat5vDPbonhxsyig7lkZpELeuCPbdZM3B9VtilX4jbvBou1oTIrb6Y GV821DXNsLTvET+ijB6F43k4kaS7/nE24nuIoSarVxechk+KsF/Kq/R0FkGikVMhKTVO 6F3UyPFywg51RATDCAAFVFTwPvJq2g8+QpjhFXowhjjAwIKnDcGpZv/xP5a/c348bbSn Gf5Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id z22si8302324otq.94.2020.02.25.08.13.41; Tue, 25 Feb 2020 08:13:58 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-crypto-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1728503AbgBYQKb (ORCPT + 99 others); Tue, 25 Feb 2020 11:10:31 -0500 Received: from foss.arm.com ([217.140.110.172]:52634 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1728499AbgBYQKb (ORCPT ); Tue, 25 Feb 2020 11:10:31 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 82F52101E; Tue, 25 Feb 2020 07:48:48 -0800 (PST) Received: from e110176-lin.kfn.arm.com (unknown [10.50.4.157]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id F1DAE3F703; Tue, 25 Feb 2020 07:48:46 -0800 (PST) From: Gilad Ben-Yossef To: Herbert Xu , "David S. Miller" Cc: Ofir Drang , Geert Uytterhoeven , Eric Biggers , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org Subject: [PATCH 2/2] crypto: testmgr - sync both RFC4106 IV copies Date: Tue, 25 Feb 2020 17:48:34 +0200 Message-Id: <20200225154834.25108-3-gilad@benyossef.com> X-Mailer: git-send-email 2.25.0 In-Reply-To: <20200225154834.25108-1-gilad@benyossef.com> References: <20200225154834.25108-1-gilad@benyossef.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Sender: linux-crypto-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org RFC4106 AEAD ciphers the AAD is the concatenation of associated authentication data || IV || plaintext or ciphertext but the random AEAD message generation in testmgr extended tests did not obey this requirements producing messages with undefined behaviours. Fix it by syncing the copies if needed. Since this only relevant for developer only extended tests any additional cycles/run time costs are negligible. This fixes extended AEAD test failures with the ccree driver caused by illegal input. Signed-off-by: Gilad Ben-Yossef Reported-by: Geert Uytterhoeven Cc: Eric Biggers --- crypto/testmgr.c | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/crypto/testmgr.c b/crypto/testmgr.c index cf565b063cdf..288f349a0cae 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -95,6 +95,11 @@ struct aead_test_suite { * AAD buffer during decryption. */ unsigned int esp_aad : 1; + + /* + * Set if the algorithm requires the IV to trail the AAD buffer. + */ + unsigned int iv_aad : 1; }; struct cipher_test_suite { @@ -2207,6 +2212,10 @@ static void generate_aead_message(struct aead_request *req, /* Generate the AAD. */ generate_random_bytes((u8 *)vec->assoc, vec->alen); + /* For RFC4106 algs, a copy of the IV is part of the AAD */ + if (suite->iv_aad) + memcpy(((u8 *)vec->assoc + vec->alen - ivsize), vec->iv, + ivsize); if (inauthentic && prandom_u32() % 2 == 0) { /* Generate a random ciphertext. */ @@ -2247,6 +2256,14 @@ static void generate_aead_message(struct aead_request *req, vec->novrfy = 1; if (suite->einval_allowed) vec->crypt_error = -EINVAL; + + /* + * For RFC4106 algs, the IV is embedded as part of the AAD + * and we might have mutated the AAD so sync the copies + */ + if (suite->iv_aad) + memcpy((u8 *)vec->iv, (vec->assoc + vec->alen - ivsize), + ivsize); } /* @@ -5243,6 +5260,7 @@ static const struct alg_test_desc alg_test_descs[] = { ____VECS(aes_gcm_rfc4106_tv_template), .einval_allowed = 1, .esp_aad = 1, + .iv_aad = 1, } } }, { @@ -5255,6 +5273,7 @@ static const struct alg_test_desc alg_test_descs[] = { ____VECS(aes_ccm_rfc4309_tv_template), .einval_allowed = 1, .esp_aad = 1, + .iv_aad = 1, } } }, { @@ -5265,6 +5284,7 @@ static const struct alg_test_desc alg_test_descs[] = { .aead = { ____VECS(aes_gcm_rfc4543_tv_template), .einval_allowed = 1, + .iv_aad = 1, } } }, { -- 2.25.0