• Eric Biggers's avatar
    crypto: testmgr - generate inauthentic AEAD test vectors · 49763fc6
    Eric Biggers authored
    The whole point of using an AEAD over length-preserving encryption is
    that the data is authenticated.  However currently the fuzz tests don't
    test any inauthentic inputs to verify that the data is actually being
    authenticated.  And only two algorithms ("rfc4543(gcm(aes))" and
    "ccm(aes)") even have any inauthentic test vectors at all.
    
    Therefore, update the AEAD fuzz tests to sometimes generate inauthentic
    test vectors, either by generating a (ciphertext, AAD) pair without
    using the key, or by mutating an authentic pair that was generated.
    
    To avoid flakiness, only assume this works reliably if the auth tag is
    at least 8 bytes.  Also account for the rfc4106, rfc4309, and rfc7539esp
    algorithms intentionally ignoring the last 8 AAD bytes, and for some
    algorithms doing extra checks that result in EINVAL rather than EBADMSG.
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    49763fc6
testmgr.c 144 KB