diff options
author | Eric Biggers <ebiggers@google.com> | 2023-03-19 12:38:47 -0700 |
---|---|---|
committer | Zorro Lang <zlang@kernel.org> | 2023-03-25 12:44:13 +0800 |
commit | 5d6a0f38d175a21cc50a0f8c695343f6dada02a7 (patch) | |
tree | 6d51718dbab92cc9201f2388a4cb362cd90815ed /src | |
parent | 8727e8cb78107bac174f51bb2edc45793f8cb08d (diff) |
fscrypt-crypt-util: fix XTS self-test with latest OpenSSL
In OpenSSL 3.0, XTS encryption fails if the message is zero-length.
Therefore, update test_aes_256_xts() to not test this case.
This only affects the algorithm self-tests within fscrypt-crypt-util,
which are not compiled by default.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Zorro Lang <zlang@kernel.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/fscrypt-crypt-util.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/src/fscrypt-crypt-util.c b/src/fscrypt-crypt-util.c index aab775b3..96f04799 100644 --- a/src/fscrypt-crypt-util.c +++ b/src/fscrypt-crypt-util.c @@ -1109,12 +1109,18 @@ static void test_aes_256_xts(void) while (num_tests--) { u8 key[2 * AES_256_KEY_SIZE]; u8 iv[AES_BLOCK_SIZE]; - u8 ptext[512]; + u8 ptext[32 * AES_BLOCK_SIZE]; u8 ctext[sizeof(ptext)]; u8 ref_ctext[sizeof(ptext)]; u8 decrypted[sizeof(ptext)]; - const size_t datalen = ROUND_DOWN(rand() % (1 + sizeof(ptext)), - AES_BLOCK_SIZE); + /* + * Don't test message lengths that aren't a multiple of the AES + * block size, since support for that is not implemented here. + * Also don't test zero-length messages, since OpenSSL 3.0 and + * later returns an error for those. + */ + const size_t datalen = AES_BLOCK_SIZE * + (1 + rand() % (sizeof(ptext) / AES_BLOCK_SIZE)); int outl, res; rand_bytes(key, sizeof(key)); |