subject:"\[PATCH v2\] tests\: add functional tests for ecb\/cbc helpers"

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

2026-01-01 Thread Srish Srinivasan


Hi Glenn,
thanks for taking a look.

On 1/2/26 10:44 AM, Glenn Washburn wrote:

On Mon,  8 Dec 2025 13:58:16 +0530
Srish Srinivasan  wrote:


Test the following helper functions using AES with 128, 192, and
256 bit keys:

grub_crypto_ecb_encrypt
grub_crypto_ecb_decrypt
grub_crypto_cbc_encrypt
grub_crypto_cbc_decrypt

Signed-off-by: Srish Srinivasan 
---
  Link to v1: 
https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00237.html
  docs/grub.texi|   5 +
  grub-core/Makefile.core.def   |   5 +
  grub-core/tests/ecb_cbc_test.c| 197 ++

I would prefer it be named more generally so the
name still makes sense when/if different cipher mode tests are added,
perhaps crypto_cipher_mode_test.c.



Sure, I will make the change.





  grub-core/tests/ecb_cbc_vectors.h | 135 ++
  grub-core/tests/lib/functional_test.c |   1 +
  5 files changed, 343 insertions(+)
  create mode 100644 grub-core/tests/ecb_cbc_test.c
  create mode 100644 grub-core/tests/ecb_cbc_vectors.h

diff --git a/docs/grub.texi b/docs/grub.texi
index 7181009b6..63a82bba2 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -4092,6 +4092,7 @@ Modules can be loaded via the @command{insmod} 
(@pxref{insmod}) command.
  * dm_nv_module::
  * drivemap_module::
  * dsa_sexp_test_module::
+* ecb_cbc_test_module::
  * echo_module::
  * efi_gop_module::
  * efi_uga_module::
@@ -4677,6 +4678,10 @@ mappings. @xref{drivemap} for more information.
  @section dsa_sexp_test
  This module provides a test of the libgcrypt DSA functionality in GRUB.
  
+@node ecb_cbc_test_module

+@section ecb_cbc_test
+This module is intended for performing functional tests for ecb and cbc

This is a bit cryptic (cbc ?= Canadian Broadcasting Corporation). If we
change the name of the module and file, I think we could put: "This
module performs various cipher mode encryption/decryption tests".


Sure, I will keep the file naming and the description more generic
as per your suggestion.



It would be nice to have more tests of crypto functions, like
grub_crypto_hash. But that can be for another time.

Other than the above,
Reviewed-by: Glenn Washburn 



Thanks for the review and feedback.
I will send out v3 with these changes shortly.




Glenn


+
  @node echo_module
  @section echo
  This module provides support for the @command{echo} to display a line of text.
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index fa4bc54aa..a28de3a93 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -2272,6 +2272,11 @@ module = {
common = tests/argon2_test.c;
  };
  
+module = {

+  name = ecb_cbc_test;
+  common = tests/ecb_cbc_test.c;
+};
+
  module = {
name = legacy_password_test;
common = tests/legacy_password_test.c;
diff --git a/grub-core/tests/ecb_cbc_test.c b/grub-core/tests/ecb_cbc_test.c
new file mode 100644
index 0..e988ab224
--- /dev/null
+++ b/grub-core/tests/ecb_cbc_test.c
@@ -0,0 +1,197 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2025 Free Software Foundation, Inc.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see .
+ */
+
+#include 
+#include 
+#include 
+#include 
+
+#include "ecb_cbc_vectors.h"
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+/* Perform cipher lookup, handle init, and key setting. */
+static grub_crypto_cipher_handle_t
+handle_init (struct vector vec, grub_crypto_cipher_handle_t handle)
+{
+  gcry_err_code_t err;
+
+  const gcry_cipher_spec_t *cipher = grub_crypto_lookup_cipher_by_name 
(vec.cipher);
+  grub_test_assert (cipher != NULL, "\n%s: cipher lookup failed for %s", 
vec.mode, vec.cipher);
+  if (cipher == NULL)
+return NULL;
+
+  handle = grub_crypto_cipher_open (cipher);
+  grub_test_assert (handle != NULL, "\n%s: handle init failed for %s", 
vec.mode, vec.cipher);
+  if (handle == NULL)
+return NULL;
+
+  err = grub_crypto_cipher_set_key (handle, (grub_uint8_t *) vec.key, 
vec.keylen);
+  grub_test_assert (err == GPG_ERR_NO_ERROR, "\n%s: key set of size %d failed for 
%s with err = %d",
+vec.mode, vec.keylen, vec.cipher, err);
+  if (err != GPG_ERR_NO_ERROR)
+{
+  grub_crypto_cipher_close (handle);
+  return NULL;
+}
+
+  return handle;
+}
+
+static void
+ecb_test (struct vector vec)
+{
+  gcry_err_code_t gcry_err;
+  grub_crypto_cipher_handle_t handle = NULL;
+

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

2026-01-01 Thread Srish Srinivasan


Hi Glenn,
thanks for taking a look.

On 1/2/26 10:44 AM, Glenn Washburn wrote:

On Mon,  8 Dec 2025 13:58:16 +0530
Srish Srinivasan  wrote:


Test the following helper functions using AES with 128, 192, and
256 bit keys:

grub_crypto_ecb_encrypt
grub_crypto_ecb_decrypt
grub_crypto_cbc_encrypt
grub_crypto_cbc_decrypt

Signed-off-by: Srish Srinivasan 
---
  Link to v1: 
https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00237.html
  docs/grub.texi|   5 +
  grub-core/Makefile.core.def   |   5 +
  grub-core/tests/ecb_cbc_test.c| 197 ++

I would prefer it be named more generally so the
name still makes sense when/if different cipher mode tests are added,
perhaps crypto_cipher_mode_test.c.



Sure, I will make the change.





  grub-core/tests/ecb_cbc_vectors.h | 135 ++
  grub-core/tests/lib/functional_test.c |   1 +
  5 files changed, 343 insertions(+)
  create mode 100644 grub-core/tests/ecb_cbc_test.c
  create mode 100644 grub-core/tests/ecb_cbc_vectors.h

diff --git a/docs/grub.texi b/docs/grub.texi
index 7181009b6..63a82bba2 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -4092,6 +4092,7 @@ Modules can be loaded via the @command{insmod} 
(@pxref{insmod}) command.
  * dm_nv_module::
  * drivemap_module::
  * dsa_sexp_test_module::
+* ecb_cbc_test_module::
  * echo_module::
  * efi_gop_module::
  * efi_uga_module::
@@ -4677,6 +4678,10 @@ mappings. @xref{drivemap} for more information.
  @section dsa_sexp_test
  This module provides a test of the libgcrypt DSA functionality in GRUB.
  
+@node ecb_cbc_test_module

+@section ecb_cbc_test
+This module is intended for performing functional tests for ecb and cbc

This is a bit cryptic (cbc ?= Canadian Broadcasting Corporation). If we
change the name of the module and file, I think we could put: "This
module performs various cipher mode encryption/decryption tests".


Sure, I will keep the file naming and the description more generic
as per your suggestion.



It would be nice to have more tests of crypto functions, like
grub_crypto_hash. But that can be for another time.

Other than the above,
Reviewed-by: Glenn Washburn 



Thanks for the review and feedback.
I will send out v3 with these changes shortly.




Glenn


+
  @node echo_module
  @section echo
  This module provides support for the @command{echo} to display a line of text.
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index fa4bc54aa..a28de3a93 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -2272,6 +2272,11 @@ module = {
common = tests/argon2_test.c;
  };
  
+module = {

+  name = ecb_cbc_test;
+  common = tests/ecb_cbc_test.c;
+};
+
  module = {
name = legacy_password_test;
common = tests/legacy_password_test.c;
diff --git a/grub-core/tests/ecb_cbc_test.c b/grub-core/tests/ecb_cbc_test.c
new file mode 100644
index 0..e988ab224
--- /dev/null
+++ b/grub-core/tests/ecb_cbc_test.c
@@ -0,0 +1,197 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2025 Free Software Foundation, Inc.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see .
+ */
+
+#include 
+#include 
+#include 
+#include 
+
+#include "ecb_cbc_vectors.h"
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+/* Perform cipher lookup, handle init, and key setting. */
+static grub_crypto_cipher_handle_t
+handle_init (struct vector vec, grub_crypto_cipher_handle_t handle)
+{
+  gcry_err_code_t err;
+
+  const gcry_cipher_spec_t *cipher = grub_crypto_lookup_cipher_by_name 
(vec.cipher);
+  grub_test_assert (cipher != NULL, "\n%s: cipher lookup failed for %s", 
vec.mode, vec.cipher);
+  if (cipher == NULL)
+return NULL;
+
+  handle = grub_crypto_cipher_open (cipher);
+  grub_test_assert (handle != NULL, "\n%s: handle init failed for %s", 
vec.mode, vec.cipher);
+  if (handle == NULL)
+return NULL;
+
+  err = grub_crypto_cipher_set_key (handle, (grub_uint8_t *) vec.key, 
vec.keylen);
+  grub_test_assert (err == GPG_ERR_NO_ERROR, "\n%s: key set of size %d failed for 
%s with err = %d",
+vec.mode, vec.keylen, vec.cipher, err);
+  if (err != GPG_ERR_NO_ERROR)
+{
+  grub_crypto_cipher_close (handle);
+  return NULL;
+}
+
+  return handle;
+}
+
+static void
+ecb_test (struct vector vec)
+{
+  gcry_err_code_t gcry_err;
+  grub_crypto_cipher_handle_t handle = NULL;
+

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

2026-01-01 Thread Glenn Washburn

On Mon,  8 Dec 2025 13:58:16 +0530
Srish Srinivasan  wrote:

> Test the following helper functions using AES with 128, 192, and
> 256 bit keys:
> 
> grub_crypto_ecb_encrypt
> grub_crypto_ecb_decrypt
> grub_crypto_cbc_encrypt
> grub_crypto_cbc_decrypt
> 
> Signed-off-by: Srish Srinivasan 
> ---
>  Link to v1: 
> https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00237.html
>  docs/grub.texi|   5 +
>  grub-core/Makefile.core.def   |   5 +
>  grub-core/tests/ecb_cbc_test.c| 197 ++

I would prefer it be named more generally so the
name still makes sense when/if different cipher mode tests are added,
perhaps crypto_cipher_mode_test.c.

>  grub-core/tests/ecb_cbc_vectors.h | 135 ++
>  grub-core/tests/lib/functional_test.c |   1 +
>  5 files changed, 343 insertions(+)
>  create mode 100644 grub-core/tests/ecb_cbc_test.c
>  create mode 100644 grub-core/tests/ecb_cbc_vectors.h
> 
> diff --git a/docs/grub.texi b/docs/grub.texi
> index 7181009b6..63a82bba2 100644
> --- a/docs/grub.texi
> +++ b/docs/grub.texi
> @@ -4092,6 +4092,7 @@ Modules can be loaded via the @command{insmod} 
> (@pxref{insmod}) command.
>  * dm_nv_module::
>  * drivemap_module::
>  * dsa_sexp_test_module::
> +* ecb_cbc_test_module::
>  * echo_module::
>  * efi_gop_module::
>  * efi_uga_module::
> @@ -4677,6 +4678,10 @@ mappings. @xref{drivemap} for more information.
>  @section dsa_sexp_test
>  This module provides a test of the libgcrypt DSA functionality in GRUB.
>  
> +@node ecb_cbc_test_module
> +@section ecb_cbc_test
> +This module is intended for performing functional tests for ecb and cbc

This is a bit cryptic (cbc ?= Canadian Broadcasting Corporation). If we
change the name of the module and file, I think we could put: "This
module performs various cipher mode encryption/decryption tests".

It would be nice to have more tests of crypto functions, like
grub_crypto_hash. But that can be for another time.

Other than the above,
Reviewed-by: Glenn Washburn 

Glenn

> +
>  @node echo_module
>  @section echo
>  This module provides support for the @command{echo} to display a line of 
> text.
> diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
> index fa4bc54aa..a28de3a93 100644
> --- a/grub-core/Makefile.core.def
> +++ b/grub-core/Makefile.core.def
> @@ -2272,6 +2272,11 @@ module = {
>common = tests/argon2_test.c;
>  };
>  
> +module = {
> +  name = ecb_cbc_test;
> +  common = tests/ecb_cbc_test.c;
> +};
> +
>  module = {
>name = legacy_password_test;
>common = tests/legacy_password_test.c;
> diff --git a/grub-core/tests/ecb_cbc_test.c b/grub-core/tests/ecb_cbc_test.c
> new file mode 100644
> index 0..e988ab224
> --- /dev/null
> +++ b/grub-core/tests/ecb_cbc_test.c
> @@ -0,0 +1,197 @@
> +/*
> + *  GRUB  --  GRand Unified Bootloader
> + *  Copyright (C) 2025 Free Software Foundation, Inc.
> + *
> + *  GRUB is free software: you can redistribute it and/or modify
> + *  it under the terms of the GNU General Public License as published by
> + *  the Free Software Foundation, either version 3 of the License, or
> + *  (at your option) any later version.
> + *
> + *  GRUB is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + *  GNU General Public License for more details.
> + *
> + *  You should have received a copy of the GNU General Public License
> + *  along with GRUB.  If not, see .
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#include "ecb_cbc_vectors.h"
> +
> +GRUB_MOD_LICENSE ("GPLv3+");
> +
> +/* Perform cipher lookup, handle init, and key setting. */
> +static grub_crypto_cipher_handle_t
> +handle_init (struct vector vec, grub_crypto_cipher_handle_t handle)
> +{
> +  gcry_err_code_t err;
> +
> +  const gcry_cipher_spec_t *cipher = grub_crypto_lookup_cipher_by_name 
> (vec.cipher);
> +  grub_test_assert (cipher != NULL, "\n%s: cipher lookup failed for %s", 
> vec.mode, vec.cipher);
> +  if (cipher == NULL)  
> +return NULL;
> +
> +  handle = grub_crypto_cipher_open (cipher);
> +  grub_test_assert (handle != NULL, "\n%s: handle init failed for %s", 
> vec.mode, vec.cipher);
> +  if (handle == NULL)
> +return NULL;
> +
> +  err = grub_crypto_cipher_set_key (handle, (grub_uint8_t *) vec.key, 
> vec.keylen);
> +  grub_test_assert (err == GPG_ERR_NO_ERROR, "\n%s: key set of size %d 
> failed for %s with err = %d",
> +vec.mode, vec.keylen, vec.cipher, err);
> +  if (err != GPG_ERR_NO_ERROR)
> +{
> +  grub_crypto_cipher_close (handle);
> +  return NULL;
> +}
> +
> +  return handle;
> +}
> +
> +static void
> +ecb_test (struct vector vec)
> +{
> +  gcry_err_code_t gcry_err;
> +  grub_crypto_cipher_handle_t handle = NULL;
> +  grub_uint8_t *plaintext = NULL, *ciphertext = NULL;
> +  grub_

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

2025-12-29 Thread Daniel Kiper

Adding Glenn...

On Mon, Dec 08, 2025 at 01:58:16PM +0530, Srish Srinivasan wrote:
> Test the following helper functions using AES with 128, 192, and
> 256 bit keys:
>
> grub_crypto_ecb_encrypt
> grub_crypto_ecb_decrypt
> grub_crypto_cbc_encrypt
> grub_crypto_cbc_decrypt
>
> Signed-off-by: Srish Srinivasan 

Reviewed-by: Daniel Kiper 

Daniel

___
Grub-devel mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/grub-devel

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

2025-12-18 Thread Sudhakar Kuppusamy



> On 8 Dec 2025, at 1:58 PM, Srish Srinivasan  wrote:
> 
> Test the following helper functions using AES with 128, 192, and
> 256 bit keys:
> 
> grub_crypto_ecb_encrypt
> grub_crypto_ecb_decrypt
> grub_crypto_cbc_encrypt
> grub_crypto_cbc_decrypt
> 
> Signed-off-by: Srish Srinivasan 

Reviewed-by: Sudhakar Kuppusamy 

Thanks,
Sudhakar  
> ---
> Link to v1: 
> https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00237.html
> docs/grub.texi|   5 +
> grub-core/Makefile.core.def   |   5 +
> grub-core/tests/ecb_cbc_test.c| 197 ++
> grub-core/tests/ecb_cbc_vectors.h | 135 ++
> grub-core/tests/lib/functional_test.c |   1 +
> 5 files changed, 343 insertions(+)
> create mode 100644 grub-core/tests/ecb_cbc_test.c
> create mode 100644 grub-core/tests/ecb_cbc_vectors.h
> 
> diff --git a/docs/grub.texi b/docs/grub.texi
> index 7181009b6..63a82bba2 100644
> --- a/docs/grub.texi
> +++ b/docs/grub.texi
> @@ -4092,6 +4092,7 @@ Modules can be loaded via the @command{insmod} 
> (@pxref{insmod}) command.
> * dm_nv_module::
> * drivemap_module::
> * dsa_sexp_test_module::
> +* ecb_cbc_test_module::
> * echo_module::
> * efi_gop_module::
> * efi_uga_module::
> @@ -4677,6 +4678,10 @@ mappings. @xref{drivemap} for more information.
> @section dsa_sexp_test
> This module provides a test of the libgcrypt DSA functionality in GRUB.
> 
> +@node ecb_cbc_test_module
> +@section ecb_cbc_test
> +This module is intended for performing functional tests for ecb and cbc
> +
> @node echo_module
> @section echo
> This module provides support for the @command{echo} to display a line of text.
> diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
> index fa4bc54aa..a28de3a93 100644
> --- a/grub-core/Makefile.core.def
> +++ b/grub-core/Makefile.core.def
> @@ -2272,6 +2272,11 @@ module = {
>   common = tests/argon2_test.c;
> };
> 
> +module = {
> +  name = ecb_cbc_test;
> +  common = tests/ecb_cbc_test.c;
> +};
> +
> module = {
>   name = legacy_password_test;
>   common = tests/legacy_password_test.c;
> diff --git a/grub-core/tests/ecb_cbc_test.c b/grub-core/tests/ecb_cbc_test.c
> new file mode 100644
> index 0..e988ab224
> --- /dev/null
> +++ b/grub-core/tests/ecb_cbc_test.c
> @@ -0,0 +1,197 @@
> +/*
> + *  GRUB  --  GRand Unified Bootloader
> + *  Copyright (C) 2025 Free Software Foundation, Inc.
> + *
> + *  GRUB is free software: you can redistribute it and/or modify
> + *  it under the terms of the GNU General Public License as published by
> + *  the Free Software Foundation, either version 3 of the License, or
> + *  (at your option) any later version.
> + *
> + *  GRUB is distributed in the hope that it will be useful,
> + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
> + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> + *  GNU General Public License for more details.
> + *
> + *  You should have received a copy of the GNU General Public License
> + *  along with GRUB.  If not, see .
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#include "ecb_cbc_vectors.h"
> +
> +GRUB_MOD_LICENSE ("GPLv3+");
> +
> +/* Perform cipher lookup, handle init, and key setting. */
> +static grub_crypto_cipher_handle_t
> +handle_init (struct vector vec, grub_crypto_cipher_handle_t handle)
> +{
> +  gcry_err_code_t err;
> +
> +  const gcry_cipher_spec_t *cipher = grub_crypto_lookup_cipher_by_name 
> (vec.cipher);
> +  grub_test_assert (cipher != NULL, "\n%s: cipher lookup failed for %s", 
> vec.mode, vec.cipher);
> +  if (cipher == NULL)  
> +return NULL;
> +
> +  handle = grub_crypto_cipher_open (cipher);
> +  grub_test_assert (handle != NULL, "\n%s: handle init failed for %s", 
> vec.mode, vec.cipher);
> +  if (handle == NULL)
> +return NULL;
> +
> +  err = grub_crypto_cipher_set_key (handle, (grub_uint8_t *) vec.key, 
> vec.keylen);
> +  grub_test_assert (err == GPG_ERR_NO_ERROR, "\n%s: key set of size %d 
> failed for %s with err = %d",
> +vec.mode, vec.keylen, vec.cipher, err);
> +  if (err != GPG_ERR_NO_ERROR)
> +{
> +  grub_crypto_cipher_close (handle);
> +  return NULL;
> +}
> +
> +  return handle;
> +}
> +
> +static void
> +ecb_test (struct vector vec)
> +{
> +  gcry_err_code_t gcry_err;
> +  grub_crypto_cipher_handle_t handle = NULL;
> +  grub_uint8_t *plaintext = NULL, *ciphertext = NULL;
> +  grub_int32_t rc;
> +
> +  handle = handle_init (vec, handle);
> +  if (handle == NULL)
> +return;
> +
> +  /* Test encryption. */
> +  ciphertext = grub_zalloc (vec.plen);
> +  grub_test_assert (ciphertext != NULL, "\necb: ciphertext buffer allocation 
> failed");
> +  if (ciphertext == NULL)
> +goto out_handle;
> +
> +  gcry_err = grub_crypto_ecb_encrypt (handle, ciphertext, vec.ptext, 
> vec.plen);
> +  grub_test_assert (gcry_err == GPG_ERR_NO_ERROR, "\necb: encryption failed 
> with err = %d",
> +

[PATCH v2] tests: add functional tests for ecb/cbc helpers

2025-12-08 Thread Srish Srinivasan

Test the following helper functions using AES with 128, 192, and
256 bit keys:

grub_crypto_ecb_encrypt
grub_crypto_ecb_decrypt
grub_crypto_cbc_encrypt
grub_crypto_cbc_decrypt

Signed-off-by: Srish Srinivasan 
---
 Link to v1: https://lists.gnu.org/archive/html/grub-devel/2025-11/msg00237.html
 docs/grub.texi|   5 +
 grub-core/Makefile.core.def   |   5 +
 grub-core/tests/ecb_cbc_test.c| 197 ++
 grub-core/tests/ecb_cbc_vectors.h | 135 ++
 grub-core/tests/lib/functional_test.c |   1 +
 5 files changed, 343 insertions(+)
 create mode 100644 grub-core/tests/ecb_cbc_test.c
 create mode 100644 grub-core/tests/ecb_cbc_vectors.h

diff --git a/docs/grub.texi b/docs/grub.texi
index 7181009b6..63a82bba2 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -4092,6 +4092,7 @@ Modules can be loaded via the @command{insmod} 
(@pxref{insmod}) command.
 * dm_nv_module::
 * drivemap_module::
 * dsa_sexp_test_module::
+* ecb_cbc_test_module::
 * echo_module::
 * efi_gop_module::
 * efi_uga_module::
@@ -4677,6 +4678,10 @@ mappings. @xref{drivemap} for more information.
 @section dsa_sexp_test
 This module provides a test of the libgcrypt DSA functionality in GRUB.
 
+@node ecb_cbc_test_module
+@section ecb_cbc_test
+This module is intended for performing functional tests for ecb and cbc
+
 @node echo_module
 @section echo
 This module provides support for the @command{echo} to display a line of text.
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index fa4bc54aa..a28de3a93 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -2272,6 +2272,11 @@ module = {
   common = tests/argon2_test.c;
 };
 
+module = {
+  name = ecb_cbc_test;
+  common = tests/ecb_cbc_test.c;
+};
+
 module = {
   name = legacy_password_test;
   common = tests/legacy_password_test.c;
diff --git a/grub-core/tests/ecb_cbc_test.c b/grub-core/tests/ecb_cbc_test.c
new file mode 100644
index 0..e988ab224
--- /dev/null
+++ b/grub-core/tests/ecb_cbc_test.c
@@ -0,0 +1,197 @@
+/*
+ *  GRUB  --  GRand Unified Bootloader
+ *  Copyright (C) 2025 Free Software Foundation, Inc.
+ *
+ *  GRUB is free software: you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation, either version 3 of the License, or
+ *  (at your option) any later version.
+ *
+ *  GRUB is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with GRUB.  If not, see .
+ */
+
+#include 
+#include 
+#include 
+#include 
+
+#include "ecb_cbc_vectors.h"
+
+GRUB_MOD_LICENSE ("GPLv3+");
+
+/* Perform cipher lookup, handle init, and key setting. */
+static grub_crypto_cipher_handle_t
+handle_init (struct vector vec, grub_crypto_cipher_handle_t handle)
+{
+  gcry_err_code_t err;
+
+  const gcry_cipher_spec_t *cipher = grub_crypto_lookup_cipher_by_name 
(vec.cipher);
+  grub_test_assert (cipher != NULL, "\n%s: cipher lookup failed for %s", 
vec.mode, vec.cipher);
+  if (cipher == NULL)  
+return NULL;
+
+  handle = grub_crypto_cipher_open (cipher);
+  grub_test_assert (handle != NULL, "\n%s: handle init failed for %s", 
vec.mode, vec.cipher);
+  if (handle == NULL)
+return NULL;
+
+  err = grub_crypto_cipher_set_key (handle, (grub_uint8_t *) vec.key, 
vec.keylen);
+  grub_test_assert (err == GPG_ERR_NO_ERROR, "\n%s: key set of size %d failed 
for %s with err = %d",
+vec.mode, vec.keylen, vec.cipher, err);
+  if (err != GPG_ERR_NO_ERROR)
+{
+  grub_crypto_cipher_close (handle);
+  return NULL;
+}
+
+  return handle;
+}
+
+static void
+ecb_test (struct vector vec)
+{
+  gcry_err_code_t gcry_err;
+  grub_crypto_cipher_handle_t handle = NULL;
+  grub_uint8_t *plaintext = NULL, *ciphertext = NULL;
+  grub_int32_t rc;
+
+  handle = handle_init (vec, handle);
+  if (handle == NULL)
+return;
+
+  /* Test encryption. */
+  ciphertext = grub_zalloc (vec.plen);
+  grub_test_assert (ciphertext != NULL, "\necb: ciphertext buffer allocation 
failed");
+  if (ciphertext == NULL)
+goto out_handle;
+
+  gcry_err = grub_crypto_ecb_encrypt (handle, ciphertext, vec.ptext, vec.plen);
+  grub_test_assert (gcry_err == GPG_ERR_NO_ERROR, "\necb: encryption failed 
with err = %d",
+gcry_err);
+  if (gcry_err != GPG_ERR_NO_ERROR)
+goto out_ct;
+
+  rc = grub_memcmp (ciphertext, vec.ctext, vec.plen);
+  grub_test_assert (rc == 0, "\necb: ciphertext mismatch after encryption");
+  if (rc != 0)
+goto out_ct;
+
+  /* Test decryption. */
+  plaintext = grub_zalloc (vec.plen);
+  grub_test_assert (plaintext != NULL, "\necb: plaintext buffer allocation

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

Re: [PATCH v2] tests: add functional tests for ecb/cbc helpers

[PATCH v2] tests: add functional tests for ecb/cbc helpers

6 matches

Site Navigation

Mail list logo

Footer information