From patchwork Sun May 20 05:07:41 2018
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Eric Biggers <ebiggers3@gmail.com>
X-Patchwork-Id: 10413089
X-Patchwork-Delegate: herbert@gondor.apana.org.au
Return-Path: <linux-crypto-owner@kernel.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D42FC6053B for <patchwork-linux-crypto@patchwork.kernel.org>;
	Sun, 20 May 2018 05:07:06 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id C4DED2847A
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Sun, 20 May 2018 05:07:06 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id B947F2870C; Sun, 20 May 2018 05:07:06 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-8.0 required=2.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, MAILING_LIST_MULTI,
	RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from vger.kernel.org (vger.kernel.org [209.132.180.67])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4C9A5286FB
	for <patchwork-linux-crypto@patchwork.kernel.org>;
	Sun, 20 May 2018 05:07:06 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S1750914AbeETFHE (ORCPT
	<rfc822;patchwork-linux-crypto@patchwork.kernel.org>);
	Sun, 20 May 2018 01:07:04 -0400
Received: from mail-pl0-f49.google.com ([209.85.160.49]:44270 "EHLO
	mail-pl0-f49.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1750918AbeETFHB (ORCPT
	<rfc822;linux-crypto@vger.kernel.org>);
	Sun, 20 May 2018 01:07:01 -0400
Received: by mail-pl0-f49.google.com with SMTP id e6-v6so6846480plt.11
	for <linux-crypto@vger.kernel.org>;
	Sat, 19 May 2018 22:07:01 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=gmail.com; s=20161025;
	h=from:to:cc:subject:date:message-id:in-reply-to:references;
	bh=qaa50gGlklViD5mhoXR8Vvd/ipQuuIDBI12+ToIQpKA=;
	b=mmwc+pb7SlkbMe5oA0by8suxUvFHZxkutShMsMhnJMYgqZ/WDUCH5oD1d3XI5b8KAI
	WwXnohDWuXNYePgY+Su1kBp3Zh9uO6QtdDNV1OMDhpaDO0Eqv/2JIuVXBgkI88STjUME
	Uc5YN6MIGb2RdWIpsSRDDzqdRPMYSMLpoMdBaSwilRBTUdXQ+mh81UuCzUEKnhiA0JHG
	jegMWbZfggK5bthNQkDw11CC4U4vVP22n7scVSM1fuZnwAzpJWH5XqFuG8k0CHj7SbrS
	1wY94FtXRcyb9fJ/368E2RaLzo1yxdbqeBD3IHm0itkkYso1OP9wpu0J3/kCIMu/0L1S
	DABA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
	:references;
	bh=qaa50gGlklViD5mhoXR8Vvd/ipQuuIDBI12+ToIQpKA=;
	b=ldQ537In43yc079JzdeCWcHanfNxoVn+Z1/EJWlNXw2wZyr8jSOo9GuVqGGlsgBKn9
	1SO2Pm/Phe8F6ENrg22cUnlFr+9EICyB9xjiNrLbWGZwhVjBXDqFGAE1DBjdO9WXXjEG
	MQM7SEgepUn+ER0LERmhsw8UJFwUpIKbGoJmZgy581yM/cXzhaIduG4COWZTlKxdwll9
	wPvsztFDj7SUJfyimPEs+fSdpW/gRt0FXAj1TFi4IlVtWKUHYqvrxAT0BkLDPpcpuu/o
	LGq9RZ5OqMFmRCRjkvANnKNicHnYj01ltvDaa1gAb6a7D10ljZSgTl8v/84T0RwRtE0x
	UFWg==
X-Gm-Message-State: ALKqPwcr4Cj5pSX5JAQS5Vk6qPwMsCFMHl1GWtlumCDk6frxvRcgXXvj
	G6EMmkXUmrPUuM8xqWK9EiObylX2
X-Google-Smtp-Source: 
 AB8JxZp1oPK98t/1+H51mFBLm7c5S94FFzFEJFjRNXFAxyfXkjjj2yfF7a7L+0mqHHnZNQn5dXqA7w==
X-Received: by 2002:a17:902:5409:: with SMTP id
	d9-v6mr7691974pli.1.1526792820999;
	Sat, 19 May 2018 22:07:00 -0700 (PDT)
Received: from sol.localdomain (c-67-185-97-198.hsd1.wa.comcast.net.
	[67.185.97.198]) by smtp.gmail.com with ESMTPSA id
	m9-v6sm19488322pff.41.2018.05.19.22.07.00
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Sat, 19 May 2018 22:07:00 -0700 (PDT)
From: Eric Biggers <ebiggers3@gmail.com>
To: linux-crypto@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>
Cc: Eric Biggers <ebiggers@google.com>
Subject: [PATCH 5/6] crypto: testmgr - fix testing OPTIONAL_KEY hash
	algorithms
Date: Sat, 19 May 2018 22:07:41 -0700
Message-Id: <20180520050742.5008-6-ebiggers3@gmail.com>
X-Mailer: git-send-email 2.17.0
In-Reply-To: <20180520050742.5008-1-ebiggers3@gmail.com>
References: <20180520050742.5008-1-ebiggers3@gmail.com>
Sender: linux-crypto-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-crypto.vger.kernel.org>
X-Mailing-List: linux-crypto@vger.kernel.org
X-Virus-Scanned: ClamAV using ClamSMTP

From: Eric Biggers <ebiggers@google.com>

Since testmgr uses a single tfm for all tests of each hash algorithm,
once a key is set the tfm won't be unkeyed anymore.  But with crc32 and
crc32c, the key is really the "default initial state" and is optional;
those algorithms should have both keyed and unkeyed test vectors, to
verify that implementations use the correct default key.

Simply listing the unkeyed test vectors first isn't guaranteed to work
yet because testmgr makes multiple passes through the test vectors.
crc32c does have an unkeyed test vector listed first currently, but it
only works by chance because the last crc32c test vector happens to use
a key that is the same as the default key.

Therefore, teach testmgr to split hash test vectors into unkeyed and
keyed sections, and do all the unkeyed ones before the keyed ones.

Signed-off-by: Eric Biggers <ebiggers@google.com>
---
 crypto/testmgr.c | 50 +++++++++++++++++++++++++++++++++++++++++-------
 1 file changed, 43 insertions(+), 7 deletions(-)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 7e57530ecd52..d3335d347e10 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1798,8 +1798,9 @@ static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
 	return err;
 }
 
-static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
-			 u32 type, u32 mask)
+static int __alg_test_hash(const struct hash_testvec *template,
+			   unsigned int tcount, const char *driver,
+			   u32 type, u32 mask)
 {
 	struct crypto_ahash *tfm;
 	int err;
@@ -1811,16 +1812,51 @@ static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
 		return PTR_ERR(tfm);
 	}
 
-	err = test_hash(tfm, desc->suite.hash.vecs,
-			desc->suite.hash.count, true);
+	err = test_hash(tfm, template, tcount, true);
 	if (!err)
-		err = test_hash(tfm, desc->suite.hash.vecs,
-				desc->suite.hash.count, false);
-
+		err = test_hash(tfm, template, tcount, false);
 	crypto_free_ahash(tfm);
 	return err;
 }
 
+static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
+			 u32 type, u32 mask)
+{
+	const struct hash_testvec *template = desc->suite.hash.vecs;
+	unsigned int tcount = desc->suite.hash.count;
+	unsigned int nr_unkeyed, nr_keyed;
+	int err;
+
+	/*
+	 * For OPTIONAL_KEY algorithms, we have to do all the unkeyed tests
+	 * first, before setting a key on the tfm.  To make this easier, we
+	 * require that the unkeyed test vectors (if any) are listed first.
+	 */
+
+	for (nr_unkeyed = 0; nr_unkeyed < tcount; nr_unkeyed++) {
+		if (template[nr_unkeyed].ksize)
+			break;
+	}
+	for (nr_keyed = 0; nr_unkeyed + nr_keyed < tcount; nr_keyed++) {
+		if (!template[nr_unkeyed + nr_keyed].ksize) {
+			pr_err("alg: hash: test vectors for %s out of order, "
+			       "unkeyed ones must come first\n", desc->alg);
+			return -EINVAL;
+		}
+	}
+
+	err = 0;
+	if (nr_unkeyed) {
+		err = __alg_test_hash(template, nr_unkeyed, driver, type, mask);
+		template += nr_unkeyed;
+	}
+
+	if (!err && nr_keyed)
+		err = __alg_test_hash(template, nr_keyed, driver, type, mask);
+
+	return err;
+}
+
 static int alg_test_crc32c(const struct alg_test_desc *desc,
 			   const char *driver, u32 type, u32 mask)
 {