Commit c637f3e4 authored by Thorsten Blum's avatar Thorsten Blum Committed by Herbert Xu
Browse files

crypto: testmgr - Add missing DES weak and semi-weak key tests 



Ever since commit da7f033d ("crypto: cryptomgr - Add test
infrastructure"), the DES test suite has tested only one of the four
weak keys and none of the twelve semi-weak keys.

DES has four weak keys and twelve semi-weak keys, and the kernel's DES
implementation correctly detects and rejects all of these keys when the
CRYPTO_TFM_REQ_FORBID_WEAK_KEYS flag is set. However, only a single weak
key was being tested. Add tests for all 16 weak and semi-weak keys.

While DES is deprecated, it is still used in some legacy protocols, and
weak/semi-weak key detection should be tested accordingly.

Tested on arm64 with cryptographic self-tests.

Signed-off-by: default avatarThorsten Blum <thorsten.blum@linux.dev>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 20d868a7

crypto/testmgr.h

+120 −0
Original line number Diff line number Diff line
@@ -9011,6 +9011,126 @@ static const struct cipher_testvec des_tv_template[] = { 
		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Weak key */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xe0\xe0\xe0\xe0\xf1\xf1\xf1\xf1",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Weak key */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Weak key */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 1a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x01\xfe\x01\xfe\x01\xfe\x01\xfe",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 1b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xfe\x01\xfe\x01\xfe\x01\xfe\x01",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 2a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x1f\xe0\x1f\xe0\x0e\xf1\x0e\xf1",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 2b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xe0\x1f\xe0\x1f\xf1\x0e\xf1\x0e",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 3a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x01\xe0\x01\xe0\x01\xf1\x01\xf1",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 3b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xe0\x01\xe0\x01\xf1\x01\xf1\x01",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 4a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x1f\xfe\x1f\xfe\x0e\xfe\x0e\xfe",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 4b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xfe\x1f\xfe\x1f\xfe\x0e\xfe\x0e",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 5a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x01\x1f\x01\x1f\x01\x0e\x01\x0e",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 5b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\x1f\x01\x1f\x01\x0e\x01\x0e\x01",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 6a */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xe0\xfe\xe0\xfe\xf1\xfe\xf1\xfe",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Semi-weak key pair 6b */

		.setkey_error = -EINVAL,

		.wk	= 1,

		.key	= "\xfe\xe0\xfe\xe0\xfe\xf1\xfe\xf1",

		.klen	= 8,

		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",

		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",

		.len	= 8,

	}, { /* Two blocks -- for testing encryption across pages */

		.key	= "\x01\x23\x45\x67\x89\xab\xcd\xef",

		.klen	= 8,