Test individual sizes up to the max encryption block length as well as
a few sizes that include 1 full block and a partial block before
doubling the size.
Sponsored by: Netflix
Details
Details
Diff Detail
Diff Detail
- Repository
- rG FreeBSD src repository
- Lint
Lint Not Applicable - Unit
Tests Not Applicable
Event Timeline
| tools/tools/crypto/cryptocheck.c | ||
|---|---|---|
| 1738 | 16 isn’t a partial block for any 128-bit cipher, like AES? | |
| tools/tools/crypto/cryptocheck.c | ||
|---|---|---|
| 1738 |
Ugh, only for Chacha I guess. I could lower the increment to 8. | |
| tools/tools/crypto/cryptocheck.c | ||
|---|---|---|
| 1738 | 8 sounds good to me. No one should be using 64-bit block ciphers anymore (DES). | |
| tools/tools/crypto/cryptocheck.c | ||
|---|---|---|
| 231 | I don't quite understand the relationship between EALG_MAX_BLOCK_LEN and the number of sizes we use. We test
so with the current max block length of 128 == EALG_MAX_BLOCK_LEN * 2 it just happens to work. | |
| tools/tools/crypto/cryptocheck.c | ||
|---|---|---|
| 231 | Before it was also a bit of a guess at a number (the magic 128). The assertion _should_ ensure that we don't overflow the array in practice. It's mostly just laziness to avoid having to deal with malloc. Alternatively this could be in C++ with a std::vector<> which would avoid the need for static sizes here as well as the helper variables (naad_sizes and nsizes). I mostly just used N * 2 I as I know we needed at least N + 1 and my plan was to let '-z' assert if it was too small and if so bump it up to N * 3, etc. That is roughly the plan I used when I used 128 before though it was more of a guess that worked the first time. | |