Hi, I'd like to get some input on the validity of the following crypto
testing scenario - two symmetric sessions, with the same parameters except
the operation (ENCODE/DECODE) and testing that the output of the encode
session can be decoded by the other one and the result is the same as the
input to encode session.
As I see, linux-generic will fail this test in case of authentication when
hash_result_offset is inside the authenticated range (as it is for AH
protocol). The implementation is not symmetric , for encode the ICV is
computed on the authenticated range as it is passed by the application but
for ICV checking the implementation clears the ICV prior checking:
static
enum crypto_alg_err md5_check(odp_crypto_op_params_t *params,
odp_crypto_generic_session_t *session)
{
-----------------
/* Adjust pointer for beginning of area to auth */
data += params->auth_range.offset;
icv += params->hash_result_offset;
/* Copy current value out and clear it before authentication */
memset(hash_in, 0, sizeof(hash_in));
memcpy(hash_in, icv, bytes);
memset(icv, 0, bytes);
memset(hash_out, 0, sizeof(hash_out));
/* Hash it */
HMAC(EVP_md5(),
session->auth.data.md5.key,
16,
data,
len,
hash_out,
NULL);
--------------
}
static
enum crypto_alg_err md5_gen(odp_crypto_op_params_t *params,
odp_crypto_generic_session_t *session)
{
-------------------
/* Adjust pointer for beginning of area to auth */
data += params->auth_range.offset;
icv += params->hash_result_offset;
/* Hash it */
HMAC(EVP_md5(),
session->auth.data.md5.key,
16,
data,
len,
hash,
NULL);
-------
}
_______________________________________________
lng-odp mailing list
[email protected]
http://lists.linaro.org/mailman/listinfo/lng-odp
