From: Eric Biggers <ebiggers@kernel.org>
To: ltp@lists.linux.it
Cc: linux-crypto@vger.kernel.org
Subject: [PATCH 2/6] crypto/af_alg01: new regression test for hmac nesting bug
Date: Wed, 20 Feb 2019 21:30:22 -0800 [thread overview]
Message-ID: <20190221053026.18489-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20190221053026.18489-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
runtest/cve | 1 +
testcases/kernel/crypto/.gitignore | 1 +
testcases/kernel/crypto/af_alg01.c | 79 ++++++++++++++++++++++++++++++
3 files changed, 81 insertions(+)
create mode 100644 testcases/kernel/crypto/af_alg01.c
diff --git a/runtest/cve b/runtest/cve
index 8f38045e9a..f46c400cc4 100644
--- a/runtest/cve
+++ b/runtest/cve
@@ -27,6 +27,7 @@ cve-2017-15299 request_key03 -b cve-2017-15299
cve-2017-15537 ptrace07
cve-2017-15649 fanout01
cve-2017-15951 request_key03 -b cve-2017-15951
+cve-2017-17806 af_alg01
cve-2017-17807 request_key04
cve-2017-1000364 stack_clash
cve-2017-5754 meltdown
diff --git a/testcases/kernel/crypto/.gitignore b/testcases/kernel/crypto/.gitignore
index 759592fbdf..998af17284 100644
--- a/testcases/kernel/crypto/.gitignore
+++ b/testcases/kernel/crypto/.gitignore
@@ -1,2 +1,3 @@
+af_alg01
pcrypt_aead01
crypto_user01
diff --git a/testcases/kernel/crypto/af_alg01.c b/testcases/kernel/crypto/af_alg01.c
new file mode 100644
index 0000000000..79b61de279
--- /dev/null
+++ b/testcases/kernel/crypto/af_alg01.c
@@ -0,0 +1,79 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2019 Google LLC
+ */
+
+/*
+ * Regression test for commit af3ff8045bbf ("crypto: hmac - require that the
+ * underlying hash algorithm is unkeyed"), or CVE-2017-17806. This test
+ * verifies that the hmac template cannot be nested inside itself.
+ */
+
+#include <errno.h>
+#include <stdio.h>
+
+#include "tst_test.h"
+#include "tst_af_alg.h"
+
+static void test_with_hash_alg(const char *hash_algname)
+{
+ char hmac_algname[64];
+ char key[4096] = { 0 };
+
+ if (!tst_have_alg("hash", hash_algname)) {
+ tst_res(TCONF, "kernel doesn't have hash algorithm '%s'",
+ hash_algname);
+ return;
+ }
+ sprintf(hmac_algname, "hmac(%s)", hash_algname);
+ if (!tst_have_alg("hash", hmac_algname)) {
+ tst_res(TCONF, "kernel doesn't have hash algorithm '%s'",
+ hmac_algname);
+ return;
+ }
+
+ sprintf(hmac_algname, "hmac(hmac(%s))", hash_algname);
+ if (tst_have_alg("hash", hmac_algname)) {
+ int algfd;
+
+ tst_res(TFAIL, "instantiated nested hmac algorithm ('%s')!",
+ hmac_algname);
+
+ /*
+ * Be extra annoying; with the bug, setting a key on
+ * "hmac(hmac(sha3-256-generic))" crashed the kernel.
+ */
+ algfd = tst_alg_setup("hash", hmac_algname, NULL, 0);
+ if (setsockopt(algfd, SOL_ALG, ALG_SET_KEY,
+ key, sizeof(key)) == 0) {
+ tst_res(TFAIL,
+ "set key on nested hmac algorithm ('%s')!",
+ hmac_algname);
+ }
+ } else {
+ tst_res(TPASS,
+ "couldn't instantiate nested hmac algorithm ('%s')",
+ hmac_algname);
+ }
+}
+
+static void run(void)
+{
+ /* try several different unkeyed hash algorithms */
+ static const char * const hash_algs[] = {
+ "md5", "md5-generic",
+ "sha1", "sha1-generic",
+ "sha224", "sha224-generic",
+ "sha256", "sha256-generic",
+ "sha3-256", "sha3-256-generic",
+ "sha3-512", "sha3-512-generic",
+ };
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(hash_algs); i++)
+ test_with_hash_alg(hash_algs[i]);
+}
+
+static struct tst_test test = {
+ .test_all = run,
+};
--
2.20.1
WARNING: multiple messages have this Message-ID (diff)
From: Eric Biggers <ebiggers@kernel.org>
To: ltp@lists.linux.it
Subject: [LTP] [PATCH 2/6] crypto/af_alg01: new regression test for hmac nesting bug
Date: Wed, 20 Feb 2019 21:30:22 -0800 [thread overview]
Message-ID: <20190221053026.18489-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20190221053026.18489-1-ebiggers@kernel.org>
From: Eric Biggers <ebiggers@google.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
---
runtest/cve | 1 +
testcases/kernel/crypto/.gitignore | 1 +
testcases/kernel/crypto/af_alg01.c | 79 ++++++++++++++++++++++++++++++
3 files changed, 81 insertions(+)
create mode 100644 testcases/kernel/crypto/af_alg01.c
diff --git a/runtest/cve b/runtest/cve
index 8f38045e9a..f46c400cc4 100644
--- a/runtest/cve
+++ b/runtest/cve
@@ -27,6 +27,7 @@ cve-2017-15299 request_key03 -b cve-2017-15299
cve-2017-15537 ptrace07
cve-2017-15649 fanout01
cve-2017-15951 request_key03 -b cve-2017-15951
+cve-2017-17806 af_alg01
cve-2017-17807 request_key04
cve-2017-1000364 stack_clash
cve-2017-5754 meltdown
diff --git a/testcases/kernel/crypto/.gitignore b/testcases/kernel/crypto/.gitignore
index 759592fbdf..998af17284 100644
--- a/testcases/kernel/crypto/.gitignore
+++ b/testcases/kernel/crypto/.gitignore
@@ -1,2 +1,3 @@
+af_alg01
pcrypt_aead01
crypto_user01
diff --git a/testcases/kernel/crypto/af_alg01.c b/testcases/kernel/crypto/af_alg01.c
new file mode 100644
index 0000000000..79b61de279
--- /dev/null
+++ b/testcases/kernel/crypto/af_alg01.c
@@ -0,0 +1,79 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/*
+ * Copyright 2019 Google LLC
+ */
+
+/*
+ * Regression test for commit af3ff8045bbf ("crypto: hmac - require that the
+ * underlying hash algorithm is unkeyed"), or CVE-2017-17806. This test
+ * verifies that the hmac template cannot be nested inside itself.
+ */
+
+#include <errno.h>
+#include <stdio.h>
+
+#include "tst_test.h"
+#include "tst_af_alg.h"
+
+static void test_with_hash_alg(const char *hash_algname)
+{
+ char hmac_algname[64];
+ char key[4096] = { 0 };
+
+ if (!tst_have_alg("hash", hash_algname)) {
+ tst_res(TCONF, "kernel doesn't have hash algorithm '%s'",
+ hash_algname);
+ return;
+ }
+ sprintf(hmac_algname, "hmac(%s)", hash_algname);
+ if (!tst_have_alg("hash", hmac_algname)) {
+ tst_res(TCONF, "kernel doesn't have hash algorithm '%s'",
+ hmac_algname);
+ return;
+ }
+
+ sprintf(hmac_algname, "hmac(hmac(%s))", hash_algname);
+ if (tst_have_alg("hash", hmac_algname)) {
+ int algfd;
+
+ tst_res(TFAIL, "instantiated nested hmac algorithm ('%s')!",
+ hmac_algname);
+
+ /*
+ * Be extra annoying; with the bug, setting a key on
+ * "hmac(hmac(sha3-256-generic))" crashed the kernel.
+ */
+ algfd = tst_alg_setup("hash", hmac_algname, NULL, 0);
+ if (setsockopt(algfd, SOL_ALG, ALG_SET_KEY,
+ key, sizeof(key)) == 0) {
+ tst_res(TFAIL,
+ "set key on nested hmac algorithm ('%s')!",
+ hmac_algname);
+ }
+ } else {
+ tst_res(TPASS,
+ "couldn't instantiate nested hmac algorithm ('%s')",
+ hmac_algname);
+ }
+}
+
+static void run(void)
+{
+ /* try several different unkeyed hash algorithms */
+ static const char * const hash_algs[] = {
+ "md5", "md5-generic",
+ "sha1", "sha1-generic",
+ "sha224", "sha224-generic",
+ "sha256", "sha256-generic",
+ "sha3-256", "sha3-256-generic",
+ "sha3-512", "sha3-512-generic",
+ };
+ size_t i;
+
+ for (i = 0; i < ARRAY_SIZE(hash_algs); i++)
+ test_with_hash_alg(hash_algs[i]);
+}
+
+static struct tst_test test = {
+ .test_all = run,
+};
--
2.20.1
next prev parent reply other threads:[~2019-02-21 5:31 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-02-21 5:30 [PATCH 0/6] ltp: AF_ALG test helpers and a few regression tests Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-02-21 5:30 ` [PATCH 1/6] lib: add tst_af_alg lib Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-03-15 9:38 ` Petr Vorel
2019-03-15 9:38 ` Petr Vorel
2019-02-21 5:30 ` Eric Biggers [this message]
2019-02-21 5:30 ` [LTP] [PATCH 2/6] crypto/af_alg01: new regression test for hmac nesting bug Eric Biggers
2019-03-15 9:43 ` Petr Vorel
2019-03-15 9:43 ` Petr Vorel
2019-02-21 5:30 ` [PATCH 3/6] crypto/af_alg02: new regression test for salsa20 empty message bug Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-02-21 5:30 ` [PATCH 4/6] crypto/af_alg03: new regression test for rfc7539 hash alg validation Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-03-15 9:29 ` Petr Vorel
2019-03-15 9:29 ` Petr Vorel
2019-03-15 16:13 ` Eric Biggers
2019-03-15 16:13 ` Eric Biggers
2019-03-15 18:40 ` Petr Vorel
2019-03-15 18:40 ` Petr Vorel
2019-03-15 19:49 ` Eric Biggers
2019-03-15 19:49 ` Eric Biggers
2019-02-21 5:30 ` [PATCH 5/6] crypto/af_alg04: new regression test for vmac race conditions Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-02-21 5:30 ` [PATCH 6/6] crypto/af_alg05: new regression test for skcipher_walk error bug Eric Biggers
2019-02-21 5:30 ` [LTP] " Eric Biggers
2019-03-15 0:11 ` [PATCH 0/6] ltp: AF_ALG test helpers and a few regression tests Eric Biggers
2019-03-15 0:11 ` [LTP] " Eric Biggers
2019-03-15 9:45 ` Petr Vorel
2019-03-15 9:45 ` Petr Vorel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190221053026.18489-3-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=ltp@lists.linux.it \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.