Re: [PATCH 1/2] crypto: testmgr - use generic algs making test vecs

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: Gilad Ben-Yossef <gilad@benyossef.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
	"David S. Miller" <davem@davemloft.net>,
	Ofir Drang <ofir.drang@arm.com>,
	Linux Crypto Mailing List <linux-crypto@vger.kernel.org>,
	Linux kernel mailing list <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH 1/2] crypto: testmgr - use generic algs making test vecs
Date: Wed, 26 Feb 2020 14:17:42 -0800	[thread overview]
Message-ID: <20200226221742.GA135806@gmail.com> (raw)
In-Reply-To: <CAOtvUMeWB=MiYfzkrPjOctOufKJ8Q81E3m6bq8GJY-enbG6Qjg@mail.gmail.com>

On Wed, Feb 26, 2020 at 04:42:45PM +0200, Gilad Ben-Yossef wrote:
> 
> The impetus to write this patch came from my experience debugging a
> test failure with the ccree driver.
> At some point while tweaking around I got into a situation where the
> test was succeeding (that is, declaring the message inauthentic) not
> because the mutation was being detected but because the generation of
> the origin was producing a bogus ICV.

That's being fixed by your patch 2/2 though, right?

> At that point it seemed to me that it would be safer to "isolate" the
> original AEAD messages generation from the code that was being teste.
> 
> > We could also just move test_aead_inauthentic_inputs() to below
> > test_aead_vs_generic_impl() so that it runs last.
> 
> This would probably be better, although I think that this stage also
> generates inauthentic messages from time to time, no?

That's correct, but in test_aead_vs_generic_impl() the generic implementation is
used to generate the test vectors.

> At any rate, I don't have strong feelings about it either way. I defer
> to your judgment whether it is worth it to add a fallback to use the
> same implementation and fix what needs fixing or drop the patch
> altogether if you think this isn't worth the trouble - just let me
> know.

I just want to avoid adding complexity that isn't worthwhile.
Beyond your patch 2, how about we just do:

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 79b431545249a9..2ab48d4d317250 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -2564,11 +2564,11 @@ static int test_aead_extra(const char *driver,
 		goto out;
 	}
 
-	err = test_aead_inauthentic_inputs(ctx);
+	err = test_aead_vs_generic_impl(ctx);
 	if (err)
 		goto out;
 
-	err = test_aead_vs_generic_impl(ctx);
+	err = test_aead_inauthentic_inputs(ctx);
 out:
 	kfree(ctx->vec.key);
 	kfree(ctx->vec.iv);


Then the dedicated tests for inauthentic inputs wouldn't be run until the fuzz
tests vs. generic have already passed.

- Eric

next prev parent reply	other threads:[~2020-02-26 22:17 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-02-25 15:48 [PATCH 0/2] crypto: testmgr - AEAD extra tests fixes Gilad Ben-Yossef
2020-02-25 15:48 ` [PATCH 1/2] crypto: testmgr - use generic algs making test vecs Gilad Ben-Yossef
2020-02-25 19:45   ` Eric Biggers
2020-02-26  2:32     ` Eric Biggers
2020-02-26 14:42     ` Gilad Ben-Yossef
2020-02-26 22:17       ` Eric Biggers [this message]
2020-02-25 15:48 ` [PATCH 2/2] crypto: testmgr - sync both RFC4106 IV copies Gilad Ben-Yossef
2020-02-25 20:02   ` Eric Biggers
2020-02-26 15:09     ` Gilad Ben-Yossef

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:79b431545249a dfblob:2ab48d4d31725 )
 OR (
bs:"Re: [PATCH 1/2] crypto: testmgr - use generic algs making test vecs" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20200226221742.GA135806@gmail.com \
    --to=ebiggers@kernel.org \
    --cc=davem@davemloft.net \
    --cc=gilad@benyossef.com \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ofir.drang@arm.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.