Page MenuHomeFreeBSD

cryptocheck: Expand the set of sizes tested by -z.
ClosedPublic

Authored by jhb on Mar 31 2021, 5:26 PM.
Tags
None
Referenced Files
Unknown Object (File)
Fri, Feb 23, 1:54 AM
Unknown Object (File)
Sat, Feb 10, 6:13 PM
Unknown Object (File)
Sat, Feb 10, 3:15 PM
Unknown Object (File)
Jan 21 2024, 3:57 PM
Unknown Object (File)
Jan 19 2024, 8:54 AM
Unknown Object (File)
Jan 12 2024, 2:45 AM
Unknown Object (File)
Dec 1 2023, 12:35 PM
Unknown Object (File)
Nov 29 2023, 12:16 PM
Subscribers

Details

Summary

Test individual sizes up to the max encryption block length as well as
a few sizes that include 1 full block and a partial block before
doubling the size.

Sponsored by: Netflix

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

tools/tools/crypto/cryptocheck.c
1738

16 isn’t a partial block for any 128-bit cipher, like AES?

tools/tools/crypto/cryptocheck.c
1738

16 isn’t a partial block for any 128-bit cipher, like AES?

Ugh, only for Chacha I guess. I could lower the increment to 8.

tools/tools/crypto/cryptocheck.c
1738

8 sounds good to me. No one should be using 64-bit block ciphers anymore (DES).

Altered step in second block to 8.

This revision is now accepted and ready to land.Apr 1 2021, 10:16 PM
markj added inline comments.
tools/tools/crypto/cryptocheck.c
231

I don't quite understand the relationship between EALG_MAX_BLOCK_LEN and the number of sizes we use. We test

  • EALG_MAX_BLOCK_LEN sizes, plus
  • EALG_MAX_BLOCK_LEN / 8 sizes, plus
  • log2(240 * 1024) - log2(EALG_MAX_BLOCK_LEN * 2) - 1 sizes

so with the current max block length of 128 == EALG_MAX_BLOCK_LEN * 2 it just happens to work.

tools/tools/crypto/cryptocheck.c
231

Before it was also a bit of a guess at a number (the magic 128). The assertion _should_ ensure that we don't overflow the array in practice. It's mostly just laziness to avoid having to deal with malloc. Alternatively this could be in C++ with a std::vector<> which would avoid the need for static sizes here as well as the helper variables (naad_sizes and nsizes). I mostly just used N * 2 I as I know we needed at least N + 1 and my plan was to let '-z' assert if it was too small and if so bump it up to N * 3, etc. That is roughly the plan I used when I used 128 before though it was more of a guess that worked the first time.