From: Nathan Huckleberry <nhuck@google.com>
To: fstests@vger.kernel.org
Cc: Eric Biggers <ebiggers@kernel.org>,
Sami Tolvanen <samitolvanen@google.com>,
Nathan Huckleberry <nhuck@google.com>
Subject: [RFC PATCH v3 2/2] generic: add tests for fscrypt policies with HCTR2
Date: Fri, 20 May 2022 13:23:15 -0500 [thread overview]
Message-ID: <20220520182315.615327-3-nhuck@google.com> (raw)
In-Reply-To: <20220520182315.615327-1-nhuck@google.com>
This patch adds fscrypt policy tests for filename encryption using
HCTR2.
More information on HCTR2 can be found here: "Length-preserving
encryption with HCTR2" https://ia.cr/2021/1441
Signed-off-by: Nathan Huckleberry <nhuck@google.com>
---
tests/generic/900 | 28 ++++++++++++++++++++++++++++
tests/generic/900.out | 16 ++++++++++++++++
2 files changed, 44 insertions(+)
create mode 100755 tests/generic/900
create mode 100644 tests/generic/900.out
diff --git a/tests/generic/900 b/tests/generic/900
new file mode 100755
index 00000000..d1496007
--- /dev/null
+++ b/tests/generic/900
@@ -0,0 +1,28 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright 2022 Google LLC
+#
+# FS QA Test No. generic/900
+#
+# Verify ciphertext for v2 encryption policies that use AES-256-XTS to encrypt
+# file contents and AES-256-HCTR2 to encrypt file names.
+#
+. ./common/preamble
+_begin_fstest auto quick encrypt
+
+# Import common functions.
+. ./common/filter
+. ./common/encrypt
+
+# real QA test starts here
+_supported_fs generic
+
+_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-HCTR2 v2
+_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-HCTR2 \
+ v2 iv_ino_lblk_32
+_verify_ciphertext_for_encryption_policy AES-256-XTS AES-256-HCTR2 \
+ v2 iv_ino_lblk_64
+
+# success, all done
+status=0
+exit
diff --git a/tests/generic/900.out b/tests/generic/900.out
new file mode 100644
index 00000000..a87c80b3
--- /dev/null
+++ b/tests/generic/900.out
@@ -0,0 +1,16 @@
+QA output created by 900
+
+Verifying ciphertext with parameters:
+ contents_encryption_mode: AES-256-XTS
+ filenames_encryption_mode: AES-256-HCTR2
+ options: v2
+
+Verifying ciphertext with parameters:
+ contents_encryption_mode: AES-256-XTS
+ filenames_encryption_mode: AES-256-HCTR2
+ options: v2 iv_ino_lblk_32
+
+Verifying ciphertext with parameters:
+ contents_encryption_mode: AES-256-XTS
+ filenames_encryption_mode: AES-256-HCTR2
+ options: v2 iv_ino_lblk_64
--
2.36.1.124.g0e6072fb45-goog
prev parent reply other threads:[~2022-05-20 18:23 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-20 18:23 [RFC PATCH v3 0/2] generic: test HCTR2 filename encryption Nathan Huckleberry
2022-05-20 18:23 ` [RFC PATCH v3 1/2] fscrypt-crypt-util: add HCTR2 reference implementation Nathan Huckleberry
2022-05-30 18:17 ` Eric Biggers
2022-05-20 18:23 ` Nathan Huckleberry [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220520182315.615327-3-nhuck@google.com \
--to=nhuck@google.com \
--cc=ebiggers@kernel.org \
--cc=fstests@vger.kernel.org \
--cc=samitolvanen@google.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox