summaryrefslogtreecommitdiffstats
path: root/crypto/api.c
diff options
context:
space:
mode:
authorEric Biggers <ebiggers@google.com>2019-12-01 22:53:30 +0100
committerHerbert Xu <herbert@gondor.apana.org.au>2019-12-11 09:37:01 +0100
commit49763fc6b1af422e742e58fd04e078ab011edd96 (patch)
treeaf3c9af3fa69ea1fc6256f58343602a279fa5432 /crypto/api.c
parentcrypto: testmgr - create struct aead_extra_tests_ctx (diff)
downloadlinux-49763fc6b1af422e742e58fd04e078ab011edd96.tar.xz
linux-49763fc6b1af422e742e58fd04e078ab011edd96.zip
crypto: testmgr - generate inauthentic AEAD test vectors
The whole point of using an AEAD over length-preserving encryption is that the data is authenticated. However currently the fuzz tests don't test any inauthentic inputs to verify that the data is actually being authenticated. And only two algorithms ("rfc4543(gcm(aes))" and "ccm(aes)") even have any inauthentic test vectors at all. Therefore, update the AEAD fuzz tests to sometimes generate inauthentic test vectors, either by generating a (ciphertext, AAD) pair without using the key, or by mutating an authentic pair that was generated. To avoid flakiness, only assume this works reliably if the auth tag is at least 8 bytes. Also account for the rfc4106, rfc4309, and rfc7539esp algorithms intentionally ignoring the last 8 AAD bytes, and for some algorithms doing extra checks that result in EINVAL rather than EBADMSG. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/api.c')
0 files changed, 0 insertions, 0 deletions