crypto: testmgr - Allow implementation-specific tests

This patch adds the support for testing specific implementations.
This should only be used in very specific situations. Right now

crypto: testmgr - Allow implementation-specific tests

This patch adds the support for testing specific implementations.
This should only be used in very specific situations. Right now
this means specific implementations of random number generators.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Remove hash size check

Until hash test vectors grow longer than 256 bytes, the only
purpose of the check is to generate a gcc warning.

Signed-off-by: Herbert X

crypto: testmgr - Remove hash size check

Until hash test vectors grow longer than 256 bytes, the only
purpose of the check is to generate a gcc warning.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Allow hash test vectors longer than a page

As it stands we will each test hash vector both linearly and as
a scatter list if applicable. This means that we cannot have

crypto: testmgr - Allow hash test vectors longer than a page

As it stands we will each test hash vector both linearly and as
a scatter list if applicable. This means that we cannot have
vectors longer than a page, even with scatter lists.

This patch fixes this by skipping test vectors with np != 0 when
testing linearly.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Check all test vector lengths

As we cannot guarantee the availability of contiguous pages at
run-time, all test vectors must either fit within a page, or use
scatte

crypto: testmgr - Check all test vector lengths

As we cannot guarantee the availability of contiguous pages at
run-time, all test vectors must either fit within a page, or use
scatter lists. In some cases vectors were not checked as to
whether they fit inside a page. This patch adds all the missing
checks.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: compress - Return produced bytes in crypto_{,de}compress_{update,final}

If crypto_{,de}compress_{update,final}() succeed, return the actual number of
bytes produced instead of ze

crypto: compress - Return produced bytes in crypto_{,de}compress_{update,final}

If crypto_{,de}compress_{update,final}() succeed, return the actual number of
bytes produced instead of zero, so their users don't have to calculate that
theirselves.

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Skip algs not flagged fips_allowed in fips mode

Because all fips-allowed algorithms must be self-tested before they
can be used, they will all have entries in testmgr.c

crypto: testmgr - Skip algs not flagged fips_allowed in fips mode

Because all fips-allowed algorithms must be self-tested before they
can be used, they will all have entries in testmgr.c's alg_test_descs[].
Skip self-tests for any algs not flagged as fips_approved and return
-EINVAL when in fips mode.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Mark algs allowed in fips mode

Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs
that are allowed to be used when in fips mode.

One caveat: de

crypto: testmgr - Mark algs allowed in fips mode

Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs
that are allowed to be used when in fips mode.

One caveat: des isn't actually allowed anymore, but des (and thus also
ecb(des)) has to be permitted, because disallowing them results in
des3_ede being unable to properly register (see des module init func).

Also, crc32 isn't technically on the fips approved list, but I think
it gets used in various places that necessitate it being allowed.

This list is based on
http://csrc.nist.gov/groups/STM/cavp/index.html

Important note: allowed/approved here does NOT mean "validated", just
that its an alg that *could* be validated.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Add ctr(aes) test vectors

Now with multi-block test vectors, all from SP800-38A, Appendix F.5.
Also added ctr(aes) to case 10 in tcrypt.

Signed-off-by: Jarod W

crypto: testmgr - Add ctr(aes) test vectors

Now with multi-block test vectors, all from SP800-38A, Appendix F.5.
Also added ctr(aes) to case 10 in tcrypt.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Dynamically allocate xbuf and axbuf

We currently allocate temporary memory that is used for testing
statically. This renders the testing engine non-reentrant. As
a

crypto: testmgr - Dynamically allocate xbuf and axbuf

We currently allocate temporary memory that is used for testing
statically. This renders the testing engine non-reentrant. As
algorithms may nest, i.e., one may construct another in order to
carry out a part of its operation, this is unacceptable. For
example, it has been reported that an AEAD implementation allocates
a cipher in its setkey function, which causes it to fail during
testing as the temporary memory is overwritten.

This patch replaces the static memory with dynamically allocated
buffers. We need a maximum of 16 pages so this slightly increases
the chances of an algorithm failing due to memory shortage.
However, as testing usually occurs at registration, this shouldn't
be a big problem.

Reported-by: Shasi Pulijala <spulijala@amcc.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Print self-test pass notices in fips mode

According to our FIPS CAVS testing lab guru, when we're in fips mode,
we must print out notices of successful self-test comple

crypto: testmgr - Print self-test pass notices in fips mode

According to our FIPS CAVS testing lab guru, when we're in fips mode,
we must print out notices of successful self-test completion for
every alg to be compliant.

New and improved v2, without strncmp crap. Doesn't need to touch a flag
though, due to not moving the notest label around anymore.

Applies atop '[PATCH v2] crypto: catch base cipher self-test failures
in fips mode'.

Personally, I wouldn't mind seeing this info printed out regardless of
whether or not we're in fips mode, I think its useful info, but will
stick with only in fips mode for now.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Catch base cipher self-test failures in fips mode

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: testmgr - Add ansi_cprng test vectors

Add ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode),
aka 'ansi_cprng' test vectors, taken from Appendix B.2.9 and B.2.10

crypto: testmgr - Add ansi_cprng test vectors

Add ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode),
aka 'ansi_cprng' test vectors, taken from Appendix B.2.9 and B.2.10
of the NIST RNGVS document, found here:
http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdf

Successfully tested against both the cryptodev-2.6 tree and a Red
Hat Enterprise Linux 5.4 kernel, via 'modprobe tcrypt mode=150'.

The selection of 150 was semi-arbitrary, didn't seem like it should
go any place in particular, so I started a new range for rng tests.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Add infrastructure for ansi_cprng self-tests

Add some necessary infrastructure to make it possible to run
self-tests for ansi_cprng. The bits are likely very specific

crypto: testmgr - Add infrastructure for ansi_cprng self-tests

Add some necessary infrastructure to make it possible to run
self-tests for ansi_cprng. The bits are likely very specific
to the ANSI X9.31 CPRNG in AES mode, and thus perhaps should
be named more specifically if/when we grow additional CPRNG
support...

Successfully tested against the cryptodev-2.6 tree and a
Red Hat Enterprise Linux 5.x kernel with the follow-on
patch that adds the actual test vectors.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Add self-tests for rfc4309(ccm(aes))

Add an array of encryption and decryption + verification self-tests
for rfc4309(ccm(aes)).

Test vectors all come from samp

crypto: testmgr - Add self-tests for rfc4309(ccm(aes))

Add an array of encryption and decryption + verification self-tests
for rfc4309(ccm(aes)).

Test vectors all come from sample FIPS CAVS files provided to
Red Hat by a testing lab. Unfortunately, all the published sample
vectors in RFC 3610 and NIST Special Publication 800-38C contain nonce
lengths that the kernel's rfc4309 implementation doesn't support, so
while using some public domain vectors would have been preferred, its
not possible at this time.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Handle AEAD test vectors expected to fail verification

Add infrastructure to tcrypt/testmgr to support handling ccm decryption
test vectors that are expected to fail ve

crypto: testmgr - Handle AEAD test vectors expected to fail verification

Add infrastructure to tcrypt/testmgr to support handling ccm decryption
test vectors that are expected to fail verification.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Kill test_comp() sparse warnings

make C=1:
| crypto/testmgr.c:846:45: warning: incorrect type in argument 5 (different signedness)
| crypto/testmgr.c:846:45: exp

crypto: testmgr - Kill test_comp() sparse warnings

make C=1:
| crypto/testmgr.c:846:45: warning: incorrect type in argument 5 (different signedness)
| crypto/testmgr.c:846:45: expected unsigned int *dlen
| crypto/testmgr.c:846:45: got int *<noident>
| crypto/testmgr.c:878:47: warning: incorrect type in argument 5 (different signedness)
| crypto/testmgr.c:878:47: expected unsigned int *dlen
| crypto/testmgr.c:878:47: got int *<noident>

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - add zlib test

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: testmgr - Add support for the pcomp interface

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: testmgr - Validate output length in (de)compression tests

When self-testing (de)compression algorithms, make sure the actual size of
the (de)compressed output data matches the ex

crypto: testmgr - Validate output length in (de)compression tests

When self-testing (de)compression algorithms, make sure the actual size of
the (de)compressed output data matches the expected output size.
Otherwise, in case the actual output size would be smaller than the expected
output size, the subsequent buffer compare test would still succeed, and no
error would be reported.

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Fix error flow of test_comp

This warning:

crypto/testmgr.c: In function ‘test_comp’:
crypto/testmgr.c:829: warning: ‘ret’ may be used uninitialized in this

crypto: testmgr - Fix error flow of test_comp

This warning:

crypto/testmgr.c: In function ‘test_comp’:
crypto/testmgr.c:829: warning: ‘ret’ may be used uninitialized in this function

triggers because GCC correctly notices that in the ctcount == 0 &&
dtcount != 0 input condition case this function can return an undefined
value, if the second loop fails.

Remove the shadowed 'ret' variable from the second loop that was probably
unintended.

Signed-off-by: Ingo Molnar <mingo@elte.hu>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: crc32c - Test descriptor context format

This patch adds a test for the requirement that all crc32c algorithms
shall store the partial result in the first four bytes of the descri

crypto: crc32c - Test descriptor context format

This patch adds a test for the requirement that all crc32c algorithms
shall store the partial result in the first four bytes of the descriptor
context.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: testmgr - Trigger a panic when self test fails in FIPS mode

The FIPS specification requires that should self test for any supported
crypto algorithm fail during operation in fips

crypto: testmgr - Trigger a panic when self test fails in FIPS mode

The FIPS specification requires that should self test for any supported
crypto algorithm fail during operation in fips mode, we need to prevent
the use of any crypto functionality until such time as the system can
be re-initialized. Seems like the best way to handle that would be
to panic the system if we were in fips mode and failed a self test.
This patch implements that functionality. I've built and run it
successfully.

Signed-off-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: cryptomgr - Test ciphers using ECB

As it is we only test ciphers when combined with a mode. That means
users that do not invoke a mode of operations may get an untested
ciph

crypto: cryptomgr - Test ciphers using ECB

As it is we only test ciphers when combined with a mode. That means
users that do not invoke a mode of operations may get an untested
cipher.

This patch tests all ciphers using the ECB mode so that simple cipher
users such as ansi-cprng are also protected.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...

crypto: cryptomgr - Add test infrastructure

This patch moves the newly created alg_test infrastructure into
cryptomgr. This shall allow us to use it for testing at algorithm
registr

crypto: cryptomgr - Add test infrastructure

This patch moves the newly created alg_test infrastructure into
cryptomgr. This shall allow us to use it for testing at algorithm
registrations.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

show more ...