Page MenuHomeFreeBSD

cryptocheck: Expand the set of sizes tested by -z.
ClosedPublic

Authored by jhb on Mar 31 2021, 5:26 PM.
Tags
None
Referenced Files
F108553532: D29518.id86717.diff
Sun, Jan 26, 7:03 AM
F108551464: D29518.id86629.diff
Sun, Jan 26, 6:21 AM
Unknown Object (File)
Fri, Jan 24, 5:16 PM
Unknown Object (File)
Sat, Jan 18, 9:54 PM
Unknown Object (File)
Sat, Jan 18, 5:20 PM
Unknown Object (File)
Sat, Jan 11, 8:43 PM
Unknown Object (File)
Dec 20 2024, 8:12 AM
Unknown Object (File)
Dec 11 2024, 11:15 AM
Subscribers

Details

Summary

Test individual sizes up to the max encryption block length as well as
a few sizes that include 1 full block and a partial block before
doubling the size.

Sponsored by: Netflix

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
No Lint Coverage
Unit
No Test Coverage
Build Status
Buildable 38220
Build 35109: arc lint + arc unit

Event Timeline

tools/tools/crypto/cryptocheck.c
1738

16 isn’t a partial block for any 128-bit cipher, like AES?

tools/tools/crypto/cryptocheck.c
1738

16 isn’t a partial block for any 128-bit cipher, like AES?

Ugh, only for Chacha I guess. I could lower the increment to 8.

tools/tools/crypto/cryptocheck.c
1738

8 sounds good to me. No one should be using 64-bit block ciphers anymore (DES).

Altered step in second block to 8.

This revision is now accepted and ready to land.Apr 1 2021, 10:16 PM
markj added inline comments.
tools/tools/crypto/cryptocheck.c
231

I don't quite understand the relationship between EALG_MAX_BLOCK_LEN and the number of sizes we use. We test

  • EALG_MAX_BLOCK_LEN sizes, plus
  • EALG_MAX_BLOCK_LEN / 8 sizes, plus
  • log2(240 * 1024) - log2(EALG_MAX_BLOCK_LEN * 2) - 1 sizes

so with the current max block length of 128 == EALG_MAX_BLOCK_LEN * 2 it just happens to work.

tools/tools/crypto/cryptocheck.c
231

Before it was also a bit of a guess at a number (the magic 128). The assertion _should_ ensure that we don't overflow the array in practice. It's mostly just laziness to avoid having to deal with malloc. Alternatively this could be in C++ with a std::vector<> which would avoid the need for static sizes here as well as the helper variables (naad_sizes and nsizes). I mostly just used N * 2 I as I know we needed at least N + 1 and my plan was to let '-z' assert if it was too small and if so bump it up to N * 3, etc. That is roughly the plan I used when I used 128 before though it was more of a guess that worked the first time.