Re: [PATCH 3/6] crypto: kdf - add known answer tests
From: Eric Biggers
Date: Sat Jan 12 2019 - 00:27:14 EST
On Fri, Jan 11, 2019 at 08:10:22PM +0100, Stephan Müller wrote:
> Add known answer tests to the testmgr for the KDF (SP800-108) cipher.
>
> Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx>
> ---
> crypto/testmgr.c | 226 +++++++++++++++++++++++++++++++++++++++++++++++
> crypto/testmgr.h | 110 +++++++++++++++++++++++
> 2 files changed, 336 insertions(+)
>
> diff --git a/crypto/testmgr.c b/crypto/testmgr.c
> index 0f684a414acb..ff9051bffa1f 100644
> --- a/crypto/testmgr.c
> +++ b/crypto/testmgr.c
> @@ -110,6 +110,11 @@ struct drbg_test_suite {
> unsigned int count;
> };
>
> +struct kdf_test_suite {
> + struct kdf_testvec *vecs;
> + unsigned int count;
> +};
> +
> struct akcipher_test_suite {
> const struct akcipher_testvec *vecs;
> unsigned int count;
> @@ -133,6 +138,7 @@ struct alg_test_desc {
> struct hash_test_suite hash;
> struct cprng_test_suite cprng;
> struct drbg_test_suite drbg;
> + struct kdf_test_suite kdf;
> struct akcipher_test_suite akcipher;
> struct kpp_test_suite kpp;
> } suite;
> @@ -2020,6 +2026,64 @@ static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
> return ret;
> }
>
> +static int kdf_cavs_test(struct kdf_testvec *test,
> + const char *driver, u32 type, u32 mask)
Why not just "kdf_test()"?
> +{
> + int ret = -EAGAIN;
> + struct crypto_rng *drng;
> + unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
s/unsigned char/u8
> +
> + if (!buf)
> + return -ENOMEM;
> +
> + drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
> + if (IS_ERR(drng)) {
> + printk(KERN_ERR "alg: kdf: could not allocate cipher handle "
> + "for %s\n", driver);
pr_err
> + kzfree(buf);
kfree is fine here.
> + return -ENOMEM;
> + }
> +
> + ret = crypto_rng_reset(drng, test->K1, test->K1len);
> + if (ret) {
> + printk(KERN_ERR "alg: kdf: could not set key derivation key\n");
pr_err
> + goto err;
> + }
> +
> + ret = crypto_rng_generate(drng, test->context, test->contextlen,
> + buf, test->expectedlen);
> + if (ret) {
> + printk(KERN_ERR "alg: kdf: could not obtain key data\n");
pr_err
> + goto err;
> + }
> +
> + ret = memcmp(test->expected, buf, test->expectedlen);
Elsewhere this function returns an -errno value but this is different.
> +
> +err:
> + crypto_free_rng(drng);
> + kzfree(buf);
kfree would be fine here too.
> + return ret;
> +}
> +
> +static int alg_test_kdf(const struct alg_test_desc *desc, const char *driver,
> + u32 type, u32 mask)
> +{
> + int err = 0;
> + unsigned int i = 0;
> + struct kdf_testvec *template = desc->suite.kdf.vecs;
const
- Eric