[v6,0/2] generic: test HCTR2 filename encryption

Message ID	20220809184037.636578-1-nhuck@google.com (mailing list archive)
Headers	show Return-Path: <linux-fscrypt-owner@kernel.org> Date: Tue, 9 Aug 2022 11:40:35 -0700 Message-Id: <20220809184037.636578-1-nhuck@google.com> Mime-Version: 1.0 Subject: [PATCH v6 0/2] generic: test HCTR2 filename encryption From: Nathan Huckleberry <nhuck@google.com> To: fstests@vger.kernel.org, linux-fscrypt@vger.kernel.org Cc: Eric Biggers <ebiggers@kernel.org>, Sami Tolvanen <samitolvanen@google.com>, Nathan Huckleberry <nhuck@google.com> Content-Type: text/plain; charset="UTF-8" Precedence: bulk
Series	generic: test HCTR2 filename encryption \| expand [v6,0/2] generic: test HCTR2 filename encryption [v6,1/2] fscrypt-crypt-util: add HCTR2 implementation [v6,2/2] generic: add tests for fscrypt policies with HCTR2

Message ID

20220809184037.636578-1-nhuck@google.com (mailing list archive)

Headers

Date: Tue,  9 Aug 2022 11:40:35 -0700
Message-Id: <20220809184037.636578-1-nhuck@google.com>
Mime-Version: 1.0
Subject: [PATCH v6 0/2] generic: test HCTR2 filename encryption
From: Nathan Huckleberry <nhuck@google.com>
To: fstests@vger.kernel.org, linux-fscrypt@vger.kernel.org
Cc: Eric Biggers <ebiggers@kernel.org>,
        Sami Tolvanen <samitolvanen@google.com>,
        Nathan Huckleberry <nhuck@google.com>
Content-Type: text/plain; charset="UTF-8"
Precedence: bulk

Series

generic: test HCTR2 filename encryption | expand

Message

Nathan Huckleberry Aug. 9, 2022, 6:40 p.m. UTC

HCTR2 is a new wide-block encryption mode that can used for filename encryption
in fscrypt.  This patchset adds a reference implementation of HCTR2 to the
fscrypt testing utility and adds tests for filename encryption with HCTR2.

More information on HCTR2 can be found here: "Length-preserving encryption with
HCTR2": https://ia.cr/2021/1441

The patchset introducing HCTR2 to the kernel can be found here:
https://lore.kernel.org/linux-crypto/20220520181501.2159644-1-nhuck@google.com/

Changes in v6:
* Remove unused variable
* Rework cover letter

Changes in v5:
* Added links to relevant references for POLYVAL and HCTR2
* Removed POLYVAL partial block handling
* Referenced HCTR2 commit in test

Changes in v4:
* Add helper functions for HCTR2 hashing
* Fix accumulator alignment bug
* Small style fixes

Changes in v3:
* Consolidate tests into one file

Changes in v2:
* Use POLYVAL multiplication directly instead of using GHASH trick
* Split reference implementation and tests into two patches
* Remove v1 policy tests
* Various small style fixes

Nathan Huckleberry (2):
  fscrypt-crypt-util: add HCTR2 implementation
  generic: add tests for fscrypt policies with HCTR2

 common/encrypt           |   2 +
 src/fscrypt-crypt-util.c | 357 ++++++++++++++++++++++++++++++++-------
 tests/generic/900        |  31 ++++
 tests/generic/900.out    |  16 ++
 4 files changed, 349 insertions(+), 57 deletions(-)
 create mode 100755 tests/generic/900
 create mode 100644 tests/generic/900.out

Comments

Eric Biggers Aug. 9, 2022, 6:48 p.m. UTC | #1

On Tue, Aug 09, 2022 at 11:40:35AM -0700, Nathan Huckleberry wrote:
> HCTR2 is a new wide-block encryption mode that can used for filename encryption
> in fscrypt.  This patchset adds a reference implementation of HCTR2 to the
> fscrypt testing utility and adds tests for filename encryption with HCTR2.
> 
> More information on HCTR2 can be found here: "Length-preserving encryption with
> HCTR2": https://ia.cr/2021/1441
> 
> The patchset introducing HCTR2 to the kernel can be found here:
> https://lore.kernel.org/linux-crypto/20220520181501.2159644-1-nhuck@google.com/

Thanks Huck.  Zorro already applied v5 to the for-next branch, with the
chunk_size variable removed (which is the only code you changed in v6), and with
generic/900 renamed to its final name of generic/693.  See
https://lore.kernel.org/fstests/20220807155112.E0989C433D6@smtp.kernel.org/T/#u

So I think everything is good to go already.

- Eric

Zorro Lang Aug. 11, 2022, 4:23 p.m. UTC | #2

On Tue, Aug 09, 2022 at 11:40:35AM -0700, Nathan Huckleberry wrote:
> HCTR2 is a new wide-block encryption mode that can used for filename encryption
> in fscrypt.  This patchset adds a reference implementation of HCTR2 to the
> fscrypt testing utility and adds tests for filename encryption with HCTR2.
> 
> More information on HCTR2 can be found here: "Length-preserving encryption with
> HCTR2": https://ia.cr/2021/1441
> 
> The patchset introducing HCTR2 to the kernel can be found here:
> https://lore.kernel.org/linux-crypto/20220520181501.2159644-1-nhuck@google.com/
> 
> Changes in v6:
> * Remove unused variable
> * Rework cover letter

I've merged your v5 patchset. So feel free to send bug fix patches if you
found more issues.

Thanks,
Zorro

> 
> Changes in v5:
> * Added links to relevant references for POLYVAL and HCTR2
> * Removed POLYVAL partial block handling
> * Referenced HCTR2 commit in test



> 
> Changes in v4:
> * Add helper functions for HCTR2 hashing
> * Fix accumulator alignment bug
> * Small style fixes
> 
> Changes in v3:
> * Consolidate tests into one file
> 
> Changes in v2:
> * Use POLYVAL multiplication directly instead of using GHASH trick
> * Split reference implementation and tests into two patches
> * Remove v1 policy tests
> * Various small style fixes
> 
> Nathan Huckleberry (2):
>   fscrypt-crypt-util: add HCTR2 implementation
>   generic: add tests for fscrypt policies with HCTR2
> 
>  common/encrypt           |   2 +
>  src/fscrypt-crypt-util.c | 357 ++++++++++++++++++++++++++++++++-------
>  tests/generic/900        |  31 ++++
>  tests/generic/900.out    |  16 ++
>  4 files changed, 349 insertions(+), 57 deletions(-)
>  create mode 100755 tests/generic/900
>  create mode 100644 tests/generic/900.out
> 
> -- 
> 2.37.1.559.g78731f0fdb-goog
>