ocf-linux-users Mailing List for Open Cryptographic Framework for Linux (Page 4)

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Hi David,

The current version of cryptotest from the crypto-tools-20100325.tar.gz package only tests the sha256_hmac, and not the md5_hmac, sha1_hmac, sha384_hmac, and sha512_hmac (if available).  This happens because the authkey length settings don't match between crypto/ocf/cryptodev.c and cryptotest.c.

Crypto/ocf/cryptodev.c uses the following settings for authkey, based on the operation (see cryptodev_ioctl()):

    CRYPTO_MD5_HMAC        16
    CRYPTO_SHA1_HMAC       20
    CRYPTO_SHA2_256_HMAC   32
    CRYPTO_SHA2_384_HMAC   48
    CRYPTO_SHA2_512_HMAC   64

Cryptotest.c uses the alg structure table to compute the authkey length:

    { "md5",            1,    8,    0,    0,        16,    CRYPTO_MD5 },
    { "md5_hmac",       1,    8,    1,    64,       16,    CRYPTO_MD5_HMAC },
    { "sha1",           1,    8,    0,    0,        20,    CRYPTO_SHA1 },
    { "sha1_hmac",      1,    1,    1,    64,       20,    CRYPTO_SHA1_HMAC },
    { "sha256",         1,    8,    0,    0,        32,    CRYPTO_SHA2_256 },
    { "sha256_hmac",    1,    1,    1,    64,       32,    CRYPTO_SHA2_256_HMAC },
    { "sha384",         1,    8,    0,    0,        48,    CRYPTO_SHA2_384 },
    { "sha384_hmac",    1,    1,    1,    64,       48,    CRYPTO_SHA2_384_HMAC },
    { "sha512",         1,    8,    0,    0,        64,    CRYPTO_SHA2_512 },
    { "sha512_hmac",    1,    1,    1,    64,       64,    CRYPTO_SHA2_512_HMAC },

All _hmac entries show a minkeylen/maxkeylen value of 1/64.  This causes runtest() to pass a keylen of (1+64)/2 = 32, which only works for the sha256_hmac.  Changing the table entries in cryptotest.c to:

    { "md5",            1,    8,    0,    0,        16,    CRYPTO_MD5 },
    { "md5_hmac",       1,    8,    16,   16,       16,    CRYPTO_MD5_HMAC },
    { "sha1",           1,    8,    0,    0,        20,    CRYPTO_SHA1 },
    { "sha1_hmac",      1,    1,    20,   20,       20,    CRYPTO_SHA1_HMAC },
    { "sha256",         1,    8,    0,    0,        32,    CRYPTO_SHA2_256 },
    { "sha256_hmac",    1,    1,    32,   32,       32,    CRYPTO_SHA2_256_HMAC },
    { "sha384",         1,    8,    0,    0,        48,    CRYPTO_SHA2_384 },
    { "sha384_hmac",    1,    1,    48,   48,       48,    CRYPTO_SHA2_384_HMAC },
    { "sha512",         1,    8,    0,    0,        64,    CRYPTO_SHA2_512 },
    { "sha512_hmac",    1,    1,    64,   64,       64,    CRYPTO_SHA2_512_HMAC },

allows cryptotest to test the other *_hmacs too.

Best regards,

Herman Schuurman

2007	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug (12)	Sep (39)	Oct (16)	Nov (7)	Dec (17)
2008	Jan (10)	Feb (1)	Mar (18)	Apr (8)	May (14)	Jun (12)	Jul (35)	Aug (11)	Sep (3)	Oct (3)	Nov (7)	Dec (2)
2009	Jan (20)	Feb (12)	Mar (31)	Apr (20)	May (31)	Jun	Jul (2)	Aug (5)	Sep (11)	Oct	Nov (2)	Dec (6)
2010	Jan (20)	Feb (10)	Mar (16)	Apr	May (17)	Jun	Jul (2)	Aug (30)	Sep (6)	Oct	Nov	Dec (1)
2011	Jan	Feb (9)	Mar (7)	Apr (6)	May (20)	Jun (2)	Jul (13)	Aug (4)	Sep (7)	Oct (9)	Nov (5)	Dec (2)
2012	Jan (5)	Feb (2)	Mar	Apr (1)	May	Jun (7)	Jul	Aug	Sep	Oct	Nov (8)	Dec (19)
2013	Jan (2)	Feb (3)	Mar	Apr (3)	May	Jun	Jul	Aug	Sep	Oct	Nov	Dec
2014	Jan (2)	Feb	Mar	Apr	May	Jun (1)	Jul (8)	Aug (2)	Sep	Oct	Nov	Dec
2015	Jan	Feb	Mar (2)	Apr (2)	May	Jun	Jul	Aug	Sep	Oct (2)	Nov	Dec
2016	Jan	Feb	Mar	Apr	May	Jun	Jul (1)	Aug	Sep (1)	Oct	Nov	Dec
2021	Jan	Feb	Mar	Apr	May	Jun	Jul	Aug	Sep	Oct (2)	Nov	Dec
2022	Jan	Feb	Mar	Apr	May	Jun (1)	Jul	Aug	Sep	Oct (3)	Nov	Dec

ocf-linux-users Mailing List for Open Cryptographic Framework for Linux (Page 4)

ocf-linux-users — Anything and everything ocf-linux related