1da7f033dSHerbert Xu /* 2da7f033dSHerbert Xu * Algorithm testing framework and tests. 3da7f033dSHerbert Xu * 4da7f033dSHerbert Xu * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5da7f033dSHerbert Xu * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> 6da7f033dSHerbert Xu * Copyright (c) 2007 Nokia Siemens Networks 7da7f033dSHerbert Xu * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> 83f47a03dSEric Biggers * Copyright (c) 2019 Google LLC 9da7f033dSHerbert Xu * 1069435b94SAdrian Hoban * Updated RFC4106 AES-GCM testing. 1169435b94SAdrian Hoban * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com) 1269435b94SAdrian Hoban * Adrian Hoban <adrian.hoban@intel.com> 1369435b94SAdrian Hoban * Gabriele Paoloni <gabriele.paoloni@intel.com> 1469435b94SAdrian Hoban * Tadeusz Struk (tadeusz.struk@intel.com) 1569435b94SAdrian Hoban * Copyright (c) 2010, Intel Corporation. 1669435b94SAdrian Hoban * 17da7f033dSHerbert Xu * This program is free software; you can redistribute it and/or modify it 18da7f033dSHerbert Xu * under the terms of the GNU General Public License as published by the Free 19da7f033dSHerbert Xu * Software Foundation; either version 2 of the License, or (at your option) 20da7f033dSHerbert Xu * any later version. 21da7f033dSHerbert Xu * 22da7f033dSHerbert Xu */ 23da7f033dSHerbert Xu 241ce33115SHerbert Xu #include <crypto/aead.h> 25da7f033dSHerbert Xu #include <crypto/hash.h> 2612773d93SHerbert Xu #include <crypto/skcipher.h> 27da7f033dSHerbert Xu #include <linux/err.h> 281c41b882SHerbert Xu #include <linux/fips.h> 29da7f033dSHerbert Xu #include <linux/module.h> 303f47a03dSEric Biggers #include <linux/once.h> 31da7f033dSHerbert Xu #include <linux/scatterlist.h> 32da7f033dSHerbert Xu #include <linux/slab.h> 33da7f033dSHerbert Xu #include <linux/string.h> 347647d6ceSJarod Wilson #include <crypto/rng.h> 3564d1cdfbSStephan Mueller #include <crypto/drbg.h> 36946cc463STadeusz Struk #include <crypto/akcipher.h> 37802c7f1cSSalvatore Benedetto #include <crypto/kpp.h> 38d7db7a88SGiovanni Cabiddu #include <crypto/acompress.h> 39da7f033dSHerbert Xu 40da7f033dSHerbert Xu #include "internal.h" 410b767f96SAlexander Shishkin 429e5c9fe4SRichard W.M. Jones static bool notests; 439e5c9fe4SRichard W.M. Jones module_param(notests, bool, 0644); 449e5c9fe4SRichard W.M. Jones MODULE_PARM_DESC(notests, "disable crypto self-tests"); 459e5c9fe4SRichard W.M. Jones 465b2706a4SEric Biggers #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS 475b2706a4SEric Biggers static bool noextratests; 485b2706a4SEric Biggers module_param(noextratests, bool, 0644); 495b2706a4SEric Biggers MODULE_PARM_DESC(noextratests, "disable expensive crypto self-tests"); 505b2706a4SEric Biggers 515b2706a4SEric Biggers static unsigned int fuzz_iterations = 100; 525b2706a4SEric Biggers module_param(fuzz_iterations, uint, 0644); 535b2706a4SEric Biggers MODULE_PARM_DESC(fuzz_iterations, "number of fuzz test iterations"); 545b2706a4SEric Biggers #endif 555b2706a4SEric Biggers 56326a6346SHerbert Xu #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS 570b767f96SAlexander Shishkin 580b767f96SAlexander Shishkin /* a perfect nop */ 590b767f96SAlexander Shishkin int alg_test(const char *driver, const char *alg, u32 type, u32 mask) 600b767f96SAlexander Shishkin { 610b767f96SAlexander Shishkin return 0; 620b767f96SAlexander Shishkin } 630b767f96SAlexander Shishkin 640b767f96SAlexander Shishkin #else 650b767f96SAlexander Shishkin 66da7f033dSHerbert Xu #include "testmgr.h" 67da7f033dSHerbert Xu 68da7f033dSHerbert Xu /* 69da7f033dSHerbert Xu * Need slab memory for testing (size in number of pages). 70da7f033dSHerbert Xu */ 71da7f033dSHerbert Xu #define XBUFSIZE 8 72da7f033dSHerbert Xu 73da7f033dSHerbert Xu /* 74da7f033dSHerbert Xu * Indexes into the xbuf to simulate cross-page access. 75da7f033dSHerbert Xu */ 76da7f033dSHerbert Xu #define IDX1 32 77da7f033dSHerbert Xu #define IDX2 32400 7804b46fbdSArd Biesheuvel #define IDX3 1511 79da7f033dSHerbert Xu #define IDX4 8193 80da7f033dSHerbert Xu #define IDX5 22222 81da7f033dSHerbert Xu #define IDX6 17101 82da7f033dSHerbert Xu #define IDX7 27333 83da7f033dSHerbert Xu #define IDX8 3000 84da7f033dSHerbert Xu 85da7f033dSHerbert Xu /* 86da7f033dSHerbert Xu * Used by test_cipher() 87da7f033dSHerbert Xu */ 88da7f033dSHerbert Xu #define ENCRYPT 1 89da7f033dSHerbert Xu #define DECRYPT 0 90da7f033dSHerbert Xu 91da7f033dSHerbert Xu struct aead_test_suite { 92b13b1e0cSEric Biggers const struct aead_testvec *vecs; 93da7f033dSHerbert Xu unsigned int count; 94da7f033dSHerbert Xu }; 95da7f033dSHerbert Xu 96da7f033dSHerbert Xu struct cipher_test_suite { 97b13b1e0cSEric Biggers const struct cipher_testvec *vecs; 98da7f033dSHerbert Xu unsigned int count; 99da7f033dSHerbert Xu }; 100da7f033dSHerbert Xu 101da7f033dSHerbert Xu struct comp_test_suite { 102da7f033dSHerbert Xu struct { 103b13b1e0cSEric Biggers const struct comp_testvec *vecs; 104da7f033dSHerbert Xu unsigned int count; 105da7f033dSHerbert Xu } comp, decomp; 106da7f033dSHerbert Xu }; 107da7f033dSHerbert Xu 108da7f033dSHerbert Xu struct hash_test_suite { 109b13b1e0cSEric Biggers const struct hash_testvec *vecs; 110da7f033dSHerbert Xu unsigned int count; 111da7f033dSHerbert Xu }; 112da7f033dSHerbert Xu 1137647d6ceSJarod Wilson struct cprng_test_suite { 114b13b1e0cSEric Biggers const struct cprng_testvec *vecs; 1157647d6ceSJarod Wilson unsigned int count; 1167647d6ceSJarod Wilson }; 1177647d6ceSJarod Wilson 11864d1cdfbSStephan Mueller struct drbg_test_suite { 119b13b1e0cSEric Biggers const struct drbg_testvec *vecs; 12064d1cdfbSStephan Mueller unsigned int count; 12164d1cdfbSStephan Mueller }; 12264d1cdfbSStephan Mueller 123946cc463STadeusz Struk struct akcipher_test_suite { 124b13b1e0cSEric Biggers const struct akcipher_testvec *vecs; 125946cc463STadeusz Struk unsigned int count; 126946cc463STadeusz Struk }; 127946cc463STadeusz Struk 128802c7f1cSSalvatore Benedetto struct kpp_test_suite { 129b13b1e0cSEric Biggers const struct kpp_testvec *vecs; 130802c7f1cSSalvatore Benedetto unsigned int count; 131802c7f1cSSalvatore Benedetto }; 132802c7f1cSSalvatore Benedetto 133da7f033dSHerbert Xu struct alg_test_desc { 134da7f033dSHerbert Xu const char *alg; 135da7f033dSHerbert Xu int (*test)(const struct alg_test_desc *desc, const char *driver, 136da7f033dSHerbert Xu u32 type, u32 mask); 137a1915d51SJarod Wilson int fips_allowed; /* set if alg is allowed in fips mode */ 138da7f033dSHerbert Xu 139da7f033dSHerbert Xu union { 140da7f033dSHerbert Xu struct aead_test_suite aead; 141da7f033dSHerbert Xu struct cipher_test_suite cipher; 142da7f033dSHerbert Xu struct comp_test_suite comp; 143da7f033dSHerbert Xu struct hash_test_suite hash; 1447647d6ceSJarod Wilson struct cprng_test_suite cprng; 14564d1cdfbSStephan Mueller struct drbg_test_suite drbg; 146946cc463STadeusz Struk struct akcipher_test_suite akcipher; 147802c7f1cSSalvatore Benedetto struct kpp_test_suite kpp; 148da7f033dSHerbert Xu } suite; 149da7f033dSHerbert Xu }; 150da7f033dSHerbert Xu 151b13b1e0cSEric Biggers static const unsigned int IDX[8] = { 152b13b1e0cSEric Biggers IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 }; 153da7f033dSHerbert Xu 154da7f033dSHerbert Xu static void hexdump(unsigned char *buf, unsigned int len) 155da7f033dSHerbert Xu { 156da7f033dSHerbert Xu print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, 157da7f033dSHerbert Xu 16, 1, 158da7f033dSHerbert Xu buf, len, false); 159da7f033dSHerbert Xu } 160da7f033dSHerbert Xu 1613f47a03dSEric Biggers static int __testmgr_alloc_buf(char *buf[XBUFSIZE], int order) 162f8b0d4d0SHerbert Xu { 163f8b0d4d0SHerbert Xu int i; 164f8b0d4d0SHerbert Xu 165f8b0d4d0SHerbert Xu for (i = 0; i < XBUFSIZE; i++) { 1663f47a03dSEric Biggers buf[i] = (char *)__get_free_pages(GFP_KERNEL, order); 167f8b0d4d0SHerbert Xu if (!buf[i]) 168f8b0d4d0SHerbert Xu goto err_free_buf; 169f8b0d4d0SHerbert Xu } 170f8b0d4d0SHerbert Xu 171f8b0d4d0SHerbert Xu return 0; 172f8b0d4d0SHerbert Xu 173f8b0d4d0SHerbert Xu err_free_buf: 174f8b0d4d0SHerbert Xu while (i-- > 0) 1753f47a03dSEric Biggers free_pages((unsigned long)buf[i], order); 176f8b0d4d0SHerbert Xu 177f8b0d4d0SHerbert Xu return -ENOMEM; 178f8b0d4d0SHerbert Xu } 179f8b0d4d0SHerbert Xu 1803f47a03dSEric Biggers static int testmgr_alloc_buf(char *buf[XBUFSIZE]) 1813f47a03dSEric Biggers { 1823f47a03dSEric Biggers return __testmgr_alloc_buf(buf, 0); 1833f47a03dSEric Biggers } 1843f47a03dSEric Biggers 1853f47a03dSEric Biggers static void __testmgr_free_buf(char *buf[XBUFSIZE], int order) 186f8b0d4d0SHerbert Xu { 187f8b0d4d0SHerbert Xu int i; 188f8b0d4d0SHerbert Xu 189f8b0d4d0SHerbert Xu for (i = 0; i < XBUFSIZE; i++) 1903f47a03dSEric Biggers free_pages((unsigned long)buf[i], order); 1913f47a03dSEric Biggers } 1923f47a03dSEric Biggers 1933f47a03dSEric Biggers static void testmgr_free_buf(char *buf[XBUFSIZE]) 1943f47a03dSEric Biggers { 1953f47a03dSEric Biggers __testmgr_free_buf(buf, 0); 1963f47a03dSEric Biggers } 1973f47a03dSEric Biggers 1983f47a03dSEric Biggers #define TESTMGR_POISON_BYTE 0xfe 1993f47a03dSEric Biggers #define TESTMGR_POISON_LEN 16 2003f47a03dSEric Biggers 2013f47a03dSEric Biggers static inline void testmgr_poison(void *addr, size_t len) 2023f47a03dSEric Biggers { 2033f47a03dSEric Biggers memset(addr, TESTMGR_POISON_BYTE, len); 2043f47a03dSEric Biggers } 2053f47a03dSEric Biggers 2063f47a03dSEric Biggers /* Is the memory region still fully poisoned? */ 2073f47a03dSEric Biggers static inline bool testmgr_is_poison(const void *addr, size_t len) 2083f47a03dSEric Biggers { 2093f47a03dSEric Biggers return memchr_inv(addr, TESTMGR_POISON_BYTE, len) == NULL; 2103f47a03dSEric Biggers } 2113f47a03dSEric Biggers 2123f47a03dSEric Biggers /* flush type for hash algorithms */ 2133f47a03dSEric Biggers enum flush_type { 2143f47a03dSEric Biggers /* merge with update of previous buffer(s) */ 2153f47a03dSEric Biggers FLUSH_TYPE_NONE = 0, 2163f47a03dSEric Biggers 2173f47a03dSEric Biggers /* update with previous buffer(s) before doing this one */ 2183f47a03dSEric Biggers FLUSH_TYPE_FLUSH, 2193f47a03dSEric Biggers 2203f47a03dSEric Biggers /* likewise, but also export and re-import the intermediate state */ 2213f47a03dSEric Biggers FLUSH_TYPE_REIMPORT, 2223f47a03dSEric Biggers }; 2233f47a03dSEric Biggers 2243f47a03dSEric Biggers /* finalization function for hash algorithms */ 2253f47a03dSEric Biggers enum finalization_type { 2263f47a03dSEric Biggers FINALIZATION_TYPE_FINAL, /* use final() */ 2273f47a03dSEric Biggers FINALIZATION_TYPE_FINUP, /* use finup() */ 2283f47a03dSEric Biggers FINALIZATION_TYPE_DIGEST, /* use digest() */ 2293f47a03dSEric Biggers }; 2303f47a03dSEric Biggers 2313f47a03dSEric Biggers #define TEST_SG_TOTAL 10000 2323f47a03dSEric Biggers 2333f47a03dSEric Biggers /** 2343f47a03dSEric Biggers * struct test_sg_division - description of a scatterlist entry 2353f47a03dSEric Biggers * 2363f47a03dSEric Biggers * This struct describes one entry of a scatterlist being constructed to check a 2373f47a03dSEric Biggers * crypto test vector. 2383f47a03dSEric Biggers * 2393f47a03dSEric Biggers * @proportion_of_total: length of this chunk relative to the total length, 2403f47a03dSEric Biggers * given as a proportion out of TEST_SG_TOTAL so that it 2413f47a03dSEric Biggers * scales to fit any test vector 2423f47a03dSEric Biggers * @offset: byte offset into a 2-page buffer at which this chunk will start 2433f47a03dSEric Biggers * @offset_relative_to_alignmask: if true, add the algorithm's alignmask to the 2443f47a03dSEric Biggers * @offset 2453f47a03dSEric Biggers * @flush_type: for hashes, whether an update() should be done now vs. 2463f47a03dSEric Biggers * continuing to accumulate data 2473f47a03dSEric Biggers */ 2483f47a03dSEric Biggers struct test_sg_division { 2493f47a03dSEric Biggers unsigned int proportion_of_total; 2503f47a03dSEric Biggers unsigned int offset; 2513f47a03dSEric Biggers bool offset_relative_to_alignmask; 2523f47a03dSEric Biggers enum flush_type flush_type; 2533f47a03dSEric Biggers }; 2543f47a03dSEric Biggers 2553f47a03dSEric Biggers /** 2563f47a03dSEric Biggers * struct testvec_config - configuration for testing a crypto test vector 2573f47a03dSEric Biggers * 2583f47a03dSEric Biggers * This struct describes the data layout and other parameters with which each 2593f47a03dSEric Biggers * crypto test vector can be tested. 2603f47a03dSEric Biggers * 2613f47a03dSEric Biggers * @name: name of this config, logged for debugging purposes if a test fails 2623f47a03dSEric Biggers * @inplace: operate on the data in-place, if applicable for the algorithm type? 2633f47a03dSEric Biggers * @req_flags: extra request_flags, e.g. CRYPTO_TFM_REQ_MAY_SLEEP 2643f47a03dSEric Biggers * @src_divs: description of how to arrange the source scatterlist 2653f47a03dSEric Biggers * @dst_divs: description of how to arrange the dst scatterlist, if applicable 2663f47a03dSEric Biggers * for the algorithm type. Defaults to @src_divs if unset. 2673f47a03dSEric Biggers * @iv_offset: misalignment of the IV in the range [0..MAX_ALGAPI_ALIGNMASK+1], 2683f47a03dSEric Biggers * where 0 is aligned to a 2*(MAX_ALGAPI_ALIGNMASK+1) byte boundary 2693f47a03dSEric Biggers * @iv_offset_relative_to_alignmask: if true, add the algorithm's alignmask to 2703f47a03dSEric Biggers * the @iv_offset 2713f47a03dSEric Biggers * @finalization_type: what finalization function to use for hashes 2723f47a03dSEric Biggers */ 2733f47a03dSEric Biggers struct testvec_config { 2743f47a03dSEric Biggers const char *name; 2753f47a03dSEric Biggers bool inplace; 2763f47a03dSEric Biggers u32 req_flags; 2773f47a03dSEric Biggers struct test_sg_division src_divs[XBUFSIZE]; 2783f47a03dSEric Biggers struct test_sg_division dst_divs[XBUFSIZE]; 2793f47a03dSEric Biggers unsigned int iv_offset; 2803f47a03dSEric Biggers bool iv_offset_relative_to_alignmask; 2813f47a03dSEric Biggers enum finalization_type finalization_type; 2823f47a03dSEric Biggers }; 2833f47a03dSEric Biggers 2843f47a03dSEric Biggers #define TESTVEC_CONFIG_NAMELEN 192 2853f47a03dSEric Biggers 2863f47a03dSEric Biggers static unsigned int count_test_sg_divisions(const struct test_sg_division *divs) 2873f47a03dSEric Biggers { 2883f47a03dSEric Biggers unsigned int remaining = TEST_SG_TOTAL; 2893f47a03dSEric Biggers unsigned int ndivs = 0; 2903f47a03dSEric Biggers 2913f47a03dSEric Biggers do { 2923f47a03dSEric Biggers remaining -= divs[ndivs++].proportion_of_total; 2933f47a03dSEric Biggers } while (remaining); 2943f47a03dSEric Biggers 2953f47a03dSEric Biggers return ndivs; 2963f47a03dSEric Biggers } 2973f47a03dSEric Biggers 2983f47a03dSEric Biggers static bool valid_sg_divisions(const struct test_sg_division *divs, 2993f47a03dSEric Biggers unsigned int count, bool *any_flushes_ret) 3003f47a03dSEric Biggers { 3013f47a03dSEric Biggers unsigned int total = 0; 3023f47a03dSEric Biggers unsigned int i; 3033f47a03dSEric Biggers 3043f47a03dSEric Biggers for (i = 0; i < count && total != TEST_SG_TOTAL; i++) { 3053f47a03dSEric Biggers if (divs[i].proportion_of_total <= 0 || 3063f47a03dSEric Biggers divs[i].proportion_of_total > TEST_SG_TOTAL - total) 3073f47a03dSEric Biggers return false; 3083f47a03dSEric Biggers total += divs[i].proportion_of_total; 3093f47a03dSEric Biggers if (divs[i].flush_type != FLUSH_TYPE_NONE) 3103f47a03dSEric Biggers *any_flushes_ret = true; 3113f47a03dSEric Biggers } 3123f47a03dSEric Biggers return total == TEST_SG_TOTAL && 3133f47a03dSEric Biggers memchr_inv(&divs[i], 0, (count - i) * sizeof(divs[0])) == NULL; 3143f47a03dSEric Biggers } 3153f47a03dSEric Biggers 3163f47a03dSEric Biggers /* 3173f47a03dSEric Biggers * Check whether the given testvec_config is valid. This isn't strictly needed 3183f47a03dSEric Biggers * since every testvec_config should be valid, but check anyway so that people 3193f47a03dSEric Biggers * don't unknowingly add broken configs that don't do what they wanted. 3203f47a03dSEric Biggers */ 3213f47a03dSEric Biggers static bool valid_testvec_config(const struct testvec_config *cfg) 3223f47a03dSEric Biggers { 3233f47a03dSEric Biggers bool any_flushes = false; 3243f47a03dSEric Biggers 3253f47a03dSEric Biggers if (cfg->name == NULL) 3263f47a03dSEric Biggers return false; 3273f47a03dSEric Biggers 3283f47a03dSEric Biggers if (!valid_sg_divisions(cfg->src_divs, ARRAY_SIZE(cfg->src_divs), 3293f47a03dSEric Biggers &any_flushes)) 3303f47a03dSEric Biggers return false; 3313f47a03dSEric Biggers 3323f47a03dSEric Biggers if (cfg->dst_divs[0].proportion_of_total) { 3333f47a03dSEric Biggers if (!valid_sg_divisions(cfg->dst_divs, 3343f47a03dSEric Biggers ARRAY_SIZE(cfg->dst_divs), 3353f47a03dSEric Biggers &any_flushes)) 3363f47a03dSEric Biggers return false; 3373f47a03dSEric Biggers } else { 3383f47a03dSEric Biggers if (memchr_inv(cfg->dst_divs, 0, sizeof(cfg->dst_divs))) 3393f47a03dSEric Biggers return false; 3403f47a03dSEric Biggers /* defaults to dst_divs=src_divs */ 3413f47a03dSEric Biggers } 3423f47a03dSEric Biggers 3433f47a03dSEric Biggers if (cfg->iv_offset + 3443f47a03dSEric Biggers (cfg->iv_offset_relative_to_alignmask ? MAX_ALGAPI_ALIGNMASK : 0) > 3453f47a03dSEric Biggers MAX_ALGAPI_ALIGNMASK + 1) 3463f47a03dSEric Biggers return false; 3473f47a03dSEric Biggers 3483f47a03dSEric Biggers if (any_flushes && cfg->finalization_type == FINALIZATION_TYPE_DIGEST) 3493f47a03dSEric Biggers return false; 3503f47a03dSEric Biggers 3513f47a03dSEric Biggers return true; 3523f47a03dSEric Biggers } 3533f47a03dSEric Biggers 3543f47a03dSEric Biggers struct test_sglist { 3553f47a03dSEric Biggers char *bufs[XBUFSIZE]; 3563f47a03dSEric Biggers struct scatterlist sgl[XBUFSIZE]; 3573f47a03dSEric Biggers struct scatterlist sgl_saved[XBUFSIZE]; 3583f47a03dSEric Biggers struct scatterlist *sgl_ptr; 3593f47a03dSEric Biggers unsigned int nents; 3603f47a03dSEric Biggers }; 3613f47a03dSEric Biggers 3623f47a03dSEric Biggers static int init_test_sglist(struct test_sglist *tsgl) 3633f47a03dSEric Biggers { 3643f47a03dSEric Biggers return __testmgr_alloc_buf(tsgl->bufs, 1 /* two pages per buffer */); 3653f47a03dSEric Biggers } 3663f47a03dSEric Biggers 3673f47a03dSEric Biggers static void destroy_test_sglist(struct test_sglist *tsgl) 3683f47a03dSEric Biggers { 3693f47a03dSEric Biggers return __testmgr_free_buf(tsgl->bufs, 1 /* two pages per buffer */); 3703f47a03dSEric Biggers } 3713f47a03dSEric Biggers 3723f47a03dSEric Biggers /** 3733f47a03dSEric Biggers * build_test_sglist() - build a scatterlist for a crypto test 3743f47a03dSEric Biggers * 3753f47a03dSEric Biggers * @tsgl: the scatterlist to build. @tsgl->bufs[] contains an array of 2-page 3763f47a03dSEric Biggers * buffers which the scatterlist @tsgl->sgl[] will be made to point into. 3773f47a03dSEric Biggers * @divs: the layout specification on which the scatterlist will be based 3783f47a03dSEric Biggers * @alignmask: the algorithm's alignmask 3793f47a03dSEric Biggers * @total_len: the total length of the scatterlist to build in bytes 3803f47a03dSEric Biggers * @data: if non-NULL, the buffers will be filled with this data until it ends. 3813f47a03dSEric Biggers * Otherwise the buffers will be poisoned. In both cases, some bytes 3823f47a03dSEric Biggers * past the end of each buffer will be poisoned to help detect overruns. 3833f47a03dSEric Biggers * @out_divs: if non-NULL, the test_sg_division to which each scatterlist entry 3843f47a03dSEric Biggers * corresponds will be returned here. This will match @divs except 3853f47a03dSEric Biggers * that divisions resolving to a length of 0 are omitted as they are 3863f47a03dSEric Biggers * not included in the scatterlist. 3873f47a03dSEric Biggers * 3883f47a03dSEric Biggers * Return: 0 or a -errno value 3893f47a03dSEric Biggers */ 3903f47a03dSEric Biggers static int build_test_sglist(struct test_sglist *tsgl, 3913f47a03dSEric Biggers const struct test_sg_division *divs, 3923f47a03dSEric Biggers const unsigned int alignmask, 3933f47a03dSEric Biggers const unsigned int total_len, 3943f47a03dSEric Biggers struct iov_iter *data, 3953f47a03dSEric Biggers const struct test_sg_division *out_divs[XBUFSIZE]) 3963f47a03dSEric Biggers { 3973f47a03dSEric Biggers struct { 3983f47a03dSEric Biggers const struct test_sg_division *div; 3993f47a03dSEric Biggers size_t length; 4003f47a03dSEric Biggers } partitions[XBUFSIZE]; 4013f47a03dSEric Biggers const unsigned int ndivs = count_test_sg_divisions(divs); 4023f47a03dSEric Biggers unsigned int len_remaining = total_len; 4033f47a03dSEric Biggers unsigned int i; 4043f47a03dSEric Biggers 4053f47a03dSEric Biggers BUILD_BUG_ON(ARRAY_SIZE(partitions) != ARRAY_SIZE(tsgl->sgl)); 4063f47a03dSEric Biggers if (WARN_ON(ndivs > ARRAY_SIZE(partitions))) 4073f47a03dSEric Biggers return -EINVAL; 4083f47a03dSEric Biggers 4093f47a03dSEric Biggers /* Calculate the (div, length) pairs */ 4103f47a03dSEric Biggers tsgl->nents = 0; 4113f47a03dSEric Biggers for (i = 0; i < ndivs; i++) { 4123f47a03dSEric Biggers unsigned int len_this_sg = 4133f47a03dSEric Biggers min(len_remaining, 4143f47a03dSEric Biggers (total_len * divs[i].proportion_of_total + 4153f47a03dSEric Biggers TEST_SG_TOTAL / 2) / TEST_SG_TOTAL); 4163f47a03dSEric Biggers 4173f47a03dSEric Biggers if (len_this_sg != 0) { 4183f47a03dSEric Biggers partitions[tsgl->nents].div = &divs[i]; 4193f47a03dSEric Biggers partitions[tsgl->nents].length = len_this_sg; 4203f47a03dSEric Biggers tsgl->nents++; 4213f47a03dSEric Biggers len_remaining -= len_this_sg; 4223f47a03dSEric Biggers } 4233f47a03dSEric Biggers } 4243f47a03dSEric Biggers if (tsgl->nents == 0) { 4253f47a03dSEric Biggers partitions[tsgl->nents].div = &divs[0]; 4263f47a03dSEric Biggers partitions[tsgl->nents].length = 0; 4273f47a03dSEric Biggers tsgl->nents++; 4283f47a03dSEric Biggers } 4293f47a03dSEric Biggers partitions[tsgl->nents - 1].length += len_remaining; 4303f47a03dSEric Biggers 4313f47a03dSEric Biggers /* Set up the sgl entries and fill the data or poison */ 4323f47a03dSEric Biggers sg_init_table(tsgl->sgl, tsgl->nents); 4333f47a03dSEric Biggers for (i = 0; i < tsgl->nents; i++) { 4343f47a03dSEric Biggers unsigned int offset = partitions[i].div->offset; 4353f47a03dSEric Biggers void *addr; 4363f47a03dSEric Biggers 4373f47a03dSEric Biggers if (partitions[i].div->offset_relative_to_alignmask) 4383f47a03dSEric Biggers offset += alignmask; 4393f47a03dSEric Biggers 4403f47a03dSEric Biggers while (offset + partitions[i].length + TESTMGR_POISON_LEN > 4413f47a03dSEric Biggers 2 * PAGE_SIZE) { 4423f47a03dSEric Biggers if (WARN_ON(offset <= 0)) 4433f47a03dSEric Biggers return -EINVAL; 4443f47a03dSEric Biggers offset /= 2; 4453f47a03dSEric Biggers } 4463f47a03dSEric Biggers 4473f47a03dSEric Biggers addr = &tsgl->bufs[i][offset]; 4483f47a03dSEric Biggers sg_set_buf(&tsgl->sgl[i], addr, partitions[i].length); 4493f47a03dSEric Biggers 4503f47a03dSEric Biggers if (out_divs) 4513f47a03dSEric Biggers out_divs[i] = partitions[i].div; 4523f47a03dSEric Biggers 4533f47a03dSEric Biggers if (data) { 4543f47a03dSEric Biggers size_t copy_len, copied; 4553f47a03dSEric Biggers 4563f47a03dSEric Biggers copy_len = min(partitions[i].length, data->count); 4573f47a03dSEric Biggers copied = copy_from_iter(addr, copy_len, data); 4583f47a03dSEric Biggers if (WARN_ON(copied != copy_len)) 4593f47a03dSEric Biggers return -EINVAL; 4603f47a03dSEric Biggers testmgr_poison(addr + copy_len, partitions[i].length + 4613f47a03dSEric Biggers TESTMGR_POISON_LEN - copy_len); 4623f47a03dSEric Biggers } else { 4633f47a03dSEric Biggers testmgr_poison(addr, partitions[i].length + 4643f47a03dSEric Biggers TESTMGR_POISON_LEN); 4653f47a03dSEric Biggers } 4663f47a03dSEric Biggers } 4673f47a03dSEric Biggers 4683f47a03dSEric Biggers sg_mark_end(&tsgl->sgl[tsgl->nents - 1]); 4693f47a03dSEric Biggers tsgl->sgl_ptr = tsgl->sgl; 4703f47a03dSEric Biggers memcpy(tsgl->sgl_saved, tsgl->sgl, tsgl->nents * sizeof(tsgl->sgl[0])); 4713f47a03dSEric Biggers return 0; 4723f47a03dSEric Biggers } 4733f47a03dSEric Biggers 4743f47a03dSEric Biggers /* 4753f47a03dSEric Biggers * Verify that a scatterlist crypto operation produced the correct output. 4763f47a03dSEric Biggers * 4773f47a03dSEric Biggers * @tsgl: scatterlist containing the actual output 4783f47a03dSEric Biggers * @expected_output: buffer containing the expected output 4793f47a03dSEric Biggers * @len_to_check: length of @expected_output in bytes 4803f47a03dSEric Biggers * @unchecked_prefix_len: number of ignored bytes in @tsgl prior to real result 4813f47a03dSEric Biggers * @check_poison: verify that the poison bytes after each chunk are intact? 4823f47a03dSEric Biggers * 4833f47a03dSEric Biggers * Return: 0 if correct, -EINVAL if incorrect, -EOVERFLOW if buffer overrun. 4843f47a03dSEric Biggers */ 4853f47a03dSEric Biggers static int verify_correct_output(const struct test_sglist *tsgl, 4863f47a03dSEric Biggers const char *expected_output, 4873f47a03dSEric Biggers unsigned int len_to_check, 4883f47a03dSEric Biggers unsigned int unchecked_prefix_len, 4893f47a03dSEric Biggers bool check_poison) 4903f47a03dSEric Biggers { 4913f47a03dSEric Biggers unsigned int i; 4923f47a03dSEric Biggers 4933f47a03dSEric Biggers for (i = 0; i < tsgl->nents; i++) { 4943f47a03dSEric Biggers struct scatterlist *sg = &tsgl->sgl_ptr[i]; 4953f47a03dSEric Biggers unsigned int len = sg->length; 4963f47a03dSEric Biggers unsigned int offset = sg->offset; 4973f47a03dSEric Biggers const char *actual_output; 4983f47a03dSEric Biggers 4993f47a03dSEric Biggers if (unchecked_prefix_len) { 5003f47a03dSEric Biggers if (unchecked_prefix_len >= len) { 5013f47a03dSEric Biggers unchecked_prefix_len -= len; 5023f47a03dSEric Biggers continue; 5033f47a03dSEric Biggers } 5043f47a03dSEric Biggers offset += unchecked_prefix_len; 5053f47a03dSEric Biggers len -= unchecked_prefix_len; 5063f47a03dSEric Biggers unchecked_prefix_len = 0; 5073f47a03dSEric Biggers } 5083f47a03dSEric Biggers len = min(len, len_to_check); 5093f47a03dSEric Biggers actual_output = page_address(sg_page(sg)) + offset; 5103f47a03dSEric Biggers if (memcmp(expected_output, actual_output, len) != 0) 5113f47a03dSEric Biggers return -EINVAL; 5123f47a03dSEric Biggers if (check_poison && 5133f47a03dSEric Biggers !testmgr_is_poison(actual_output + len, TESTMGR_POISON_LEN)) 5143f47a03dSEric Biggers return -EOVERFLOW; 5153f47a03dSEric Biggers len_to_check -= len; 5163f47a03dSEric Biggers expected_output += len; 5173f47a03dSEric Biggers } 5183f47a03dSEric Biggers if (WARN_ON(len_to_check != 0)) 5193f47a03dSEric Biggers return -EINVAL; 5203f47a03dSEric Biggers return 0; 5213f47a03dSEric Biggers } 5223f47a03dSEric Biggers 5233f47a03dSEric Biggers static bool is_test_sglist_corrupted(const struct test_sglist *tsgl) 5243f47a03dSEric Biggers { 5253f47a03dSEric Biggers unsigned int i; 5263f47a03dSEric Biggers 5273f47a03dSEric Biggers for (i = 0; i < tsgl->nents; i++) { 5283f47a03dSEric Biggers if (tsgl->sgl[i].page_link != tsgl->sgl_saved[i].page_link) 5293f47a03dSEric Biggers return true; 5303f47a03dSEric Biggers if (tsgl->sgl[i].offset != tsgl->sgl_saved[i].offset) 5313f47a03dSEric Biggers return true; 5323f47a03dSEric Biggers if (tsgl->sgl[i].length != tsgl->sgl_saved[i].length) 5333f47a03dSEric Biggers return true; 5343f47a03dSEric Biggers } 5353f47a03dSEric Biggers return false; 5363f47a03dSEric Biggers } 5373f47a03dSEric Biggers 5383f47a03dSEric Biggers struct cipher_test_sglists { 5393f47a03dSEric Biggers struct test_sglist src; 5403f47a03dSEric Biggers struct test_sglist dst; 5413f47a03dSEric Biggers }; 5423f47a03dSEric Biggers 5433f47a03dSEric Biggers static struct cipher_test_sglists *alloc_cipher_test_sglists(void) 5443f47a03dSEric Biggers { 5453f47a03dSEric Biggers struct cipher_test_sglists *tsgls; 5463f47a03dSEric Biggers 5473f47a03dSEric Biggers tsgls = kmalloc(sizeof(*tsgls), GFP_KERNEL); 5483f47a03dSEric Biggers if (!tsgls) 5493f47a03dSEric Biggers return NULL; 5503f47a03dSEric Biggers 5513f47a03dSEric Biggers if (init_test_sglist(&tsgls->src) != 0) 5523f47a03dSEric Biggers goto fail_kfree; 5533f47a03dSEric Biggers if (init_test_sglist(&tsgls->dst) != 0) 5543f47a03dSEric Biggers goto fail_destroy_src; 5553f47a03dSEric Biggers 5563f47a03dSEric Biggers return tsgls; 5573f47a03dSEric Biggers 5583f47a03dSEric Biggers fail_destroy_src: 5593f47a03dSEric Biggers destroy_test_sglist(&tsgls->src); 5603f47a03dSEric Biggers fail_kfree: 5613f47a03dSEric Biggers kfree(tsgls); 5623f47a03dSEric Biggers return NULL; 5633f47a03dSEric Biggers } 5643f47a03dSEric Biggers 5653f47a03dSEric Biggers static void free_cipher_test_sglists(struct cipher_test_sglists *tsgls) 5663f47a03dSEric Biggers { 5673f47a03dSEric Biggers if (tsgls) { 5683f47a03dSEric Biggers destroy_test_sglist(&tsgls->src); 5693f47a03dSEric Biggers destroy_test_sglist(&tsgls->dst); 5703f47a03dSEric Biggers kfree(tsgls); 5713f47a03dSEric Biggers } 5723f47a03dSEric Biggers } 5733f47a03dSEric Biggers 5743f47a03dSEric Biggers /* Build the src and dst scatterlists for an skcipher or AEAD test */ 5753f47a03dSEric Biggers static int build_cipher_test_sglists(struct cipher_test_sglists *tsgls, 5763f47a03dSEric Biggers const struct testvec_config *cfg, 5773f47a03dSEric Biggers unsigned int alignmask, 5783f47a03dSEric Biggers unsigned int src_total_len, 5793f47a03dSEric Biggers unsigned int dst_total_len, 5803f47a03dSEric Biggers const struct kvec *inputs, 5813f47a03dSEric Biggers unsigned int nr_inputs) 5823f47a03dSEric Biggers { 5833f47a03dSEric Biggers struct iov_iter input; 5843f47a03dSEric Biggers int err; 5853f47a03dSEric Biggers 5863f47a03dSEric Biggers iov_iter_kvec(&input, WRITE, inputs, nr_inputs, src_total_len); 5873f47a03dSEric Biggers err = build_test_sglist(&tsgls->src, cfg->src_divs, alignmask, 5883f47a03dSEric Biggers cfg->inplace ? 5893f47a03dSEric Biggers max(dst_total_len, src_total_len) : 5903f47a03dSEric Biggers src_total_len, 5913f47a03dSEric Biggers &input, NULL); 5923f47a03dSEric Biggers if (err) 5933f47a03dSEric Biggers return err; 5943f47a03dSEric Biggers 5953f47a03dSEric Biggers if (cfg->inplace) { 5963f47a03dSEric Biggers tsgls->dst.sgl_ptr = tsgls->src.sgl; 5973f47a03dSEric Biggers tsgls->dst.nents = tsgls->src.nents; 5983f47a03dSEric Biggers return 0; 5993f47a03dSEric Biggers } 6003f47a03dSEric Biggers return build_test_sglist(&tsgls->dst, 6013f47a03dSEric Biggers cfg->dst_divs[0].proportion_of_total ? 6023f47a03dSEric Biggers cfg->dst_divs : cfg->src_divs, 6033f47a03dSEric Biggers alignmask, dst_total_len, NULL, NULL); 604f8b0d4d0SHerbert Xu } 605f8b0d4d0SHerbert Xu 606466d7b9fSKamil Konieczny static int ahash_guard_result(char *result, char c, int size) 607466d7b9fSKamil Konieczny { 608466d7b9fSKamil Konieczny int i; 609466d7b9fSKamil Konieczny 610466d7b9fSKamil Konieczny for (i = 0; i < size; i++) { 611466d7b9fSKamil Konieczny if (result[i] != c) 612466d7b9fSKamil Konieczny return -EINVAL; 613466d7b9fSKamil Konieczny } 614466d7b9fSKamil Konieczny 615466d7b9fSKamil Konieczny return 0; 616466d7b9fSKamil Konieczny } 617466d7b9fSKamil Konieczny 618018ba95cSWang, Rui Y static int ahash_partial_update(struct ahash_request **preq, 619b13b1e0cSEric Biggers struct crypto_ahash *tfm, const struct hash_testvec *template, 620018ba95cSWang, Rui Y void *hash_buff, int k, int temp, struct scatterlist *sg, 6217f397136SGilad Ben-Yossef const char *algo, char *result, struct crypto_wait *wait) 622018ba95cSWang, Rui Y { 623018ba95cSWang, Rui Y char *state; 624018ba95cSWang, Rui Y struct ahash_request *req; 625018ba95cSWang, Rui Y int statesize, ret = -EINVAL; 626da1729ceSJoey Pabalinas static const unsigned char guard[] = { 0x00, 0xba, 0xad, 0x00 }; 627466d7b9fSKamil Konieczny int digestsize = crypto_ahash_digestsize(tfm); 628018ba95cSWang, Rui Y 629018ba95cSWang, Rui Y req = *preq; 630018ba95cSWang, Rui Y statesize = crypto_ahash_statesize( 631018ba95cSWang, Rui Y crypto_ahash_reqtfm(req)); 6327bcb87bcSJan Stancek state = kmalloc(statesize + sizeof(guard), GFP_KERNEL); 633018ba95cSWang, Rui Y if (!state) { 634cf3f9609SGilad Ben-Yossef pr_err("alg: hash: Failed to alloc state for %s\n", algo); 635018ba95cSWang, Rui Y goto out_nostate; 636018ba95cSWang, Rui Y } 6377bcb87bcSJan Stancek memcpy(state + statesize, guard, sizeof(guard)); 638466d7b9fSKamil Konieczny memset(result, 1, digestsize); 639018ba95cSWang, Rui Y ret = crypto_ahash_export(req, state); 6407bcb87bcSJan Stancek WARN_ON(memcmp(state + statesize, guard, sizeof(guard))); 641018ba95cSWang, Rui Y if (ret) { 642cf3f9609SGilad Ben-Yossef pr_err("alg: hash: Failed to export() for %s\n", algo); 643018ba95cSWang, Rui Y goto out; 644018ba95cSWang, Rui Y } 645466d7b9fSKamil Konieczny ret = ahash_guard_result(result, 1, digestsize); 646466d7b9fSKamil Konieczny if (ret) { 647466d7b9fSKamil Konieczny pr_err("alg: hash: Failed, export used req->result for %s\n", 648466d7b9fSKamil Konieczny algo); 649466d7b9fSKamil Konieczny goto out; 650466d7b9fSKamil Konieczny } 651018ba95cSWang, Rui Y ahash_request_free(req); 652018ba95cSWang, Rui Y req = ahash_request_alloc(tfm, GFP_KERNEL); 653018ba95cSWang, Rui Y if (!req) { 654018ba95cSWang, Rui Y pr_err("alg: hash: Failed to alloc request for %s\n", algo); 655018ba95cSWang, Rui Y goto out_noreq; 656018ba95cSWang, Rui Y } 657018ba95cSWang, Rui Y ahash_request_set_callback(req, 658018ba95cSWang, Rui Y CRYPTO_TFM_REQ_MAY_BACKLOG, 6597f397136SGilad Ben-Yossef crypto_req_done, wait); 660018ba95cSWang, Rui Y 661018ba95cSWang, Rui Y memcpy(hash_buff, template->plaintext + temp, 662018ba95cSWang, Rui Y template->tap[k]); 663018ba95cSWang, Rui Y sg_init_one(&sg[0], hash_buff, template->tap[k]); 664018ba95cSWang, Rui Y ahash_request_set_crypt(req, sg, result, template->tap[k]); 665018ba95cSWang, Rui Y ret = crypto_ahash_import(req, state); 666018ba95cSWang, Rui Y if (ret) { 667018ba95cSWang, Rui Y pr_err("alg: hash: Failed to import() for %s\n", algo); 668018ba95cSWang, Rui Y goto out; 669018ba95cSWang, Rui Y } 670466d7b9fSKamil Konieczny ret = ahash_guard_result(result, 1, digestsize); 671466d7b9fSKamil Konieczny if (ret) { 672466d7b9fSKamil Konieczny pr_err("alg: hash: Failed, import used req->result for %s\n", 673466d7b9fSKamil Konieczny algo); 674466d7b9fSKamil Konieczny goto out; 675466d7b9fSKamil Konieczny } 6767f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_update(req), wait); 677018ba95cSWang, Rui Y if (ret) 678018ba95cSWang, Rui Y goto out; 679018ba95cSWang, Rui Y *preq = req; 680018ba95cSWang, Rui Y ret = 0; 681018ba95cSWang, Rui Y goto out_noreq; 682018ba95cSWang, Rui Y out: 683018ba95cSWang, Rui Y ahash_request_free(req); 684018ba95cSWang, Rui Y out_noreq: 685018ba95cSWang, Rui Y kfree(state); 686018ba95cSWang, Rui Y out_nostate: 687018ba95cSWang, Rui Y return ret; 688018ba95cSWang, Rui Y } 689018ba95cSWang, Rui Y 69076715095SGilad Ben-Yossef enum hash_test { 69176715095SGilad Ben-Yossef HASH_TEST_DIGEST, 69276715095SGilad Ben-Yossef HASH_TEST_FINAL, 69376715095SGilad Ben-Yossef HASH_TEST_FINUP 69476715095SGilad Ben-Yossef }; 69576715095SGilad Ben-Yossef 696b13b1e0cSEric Biggers static int __test_hash(struct crypto_ahash *tfm, 697b13b1e0cSEric Biggers const struct hash_testvec *template, unsigned int tcount, 69876715095SGilad Ben-Yossef enum hash_test test_type, const int align_offset) 699da7f033dSHerbert Xu { 700da7f033dSHerbert Xu const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); 701e93acd6fSAndrew Lutomirski size_t digest_size = crypto_ahash_digestsize(tfm); 702da7f033dSHerbert Xu unsigned int i, j, k, temp; 703da7f033dSHerbert Xu struct scatterlist sg[8]; 70429b77e5dSHoria Geanta char *result; 70529b77e5dSHoria Geanta char *key; 706da7f033dSHerbert Xu struct ahash_request *req; 7077f397136SGilad Ben-Yossef struct crypto_wait wait; 708da7f033dSHerbert Xu void *hash_buff; 709f8b0d4d0SHerbert Xu char *xbuf[XBUFSIZE]; 710f8b0d4d0SHerbert Xu int ret = -ENOMEM; 711f8b0d4d0SHerbert Xu 712e93acd6fSAndrew Lutomirski result = kmalloc(digest_size, GFP_KERNEL); 71329b77e5dSHoria Geanta if (!result) 71429b77e5dSHoria Geanta return ret; 71529b77e5dSHoria Geanta key = kmalloc(MAX_KEYLEN, GFP_KERNEL); 71629b77e5dSHoria Geanta if (!key) 71729b77e5dSHoria Geanta goto out_nobuf; 718f8b0d4d0SHerbert Xu if (testmgr_alloc_buf(xbuf)) 719f8b0d4d0SHerbert Xu goto out_nobuf; 720da7f033dSHerbert Xu 7217f397136SGilad Ben-Yossef crypto_init_wait(&wait); 722da7f033dSHerbert Xu 723da7f033dSHerbert Xu req = ahash_request_alloc(tfm, GFP_KERNEL); 724da7f033dSHerbert Xu if (!req) { 725da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: Failed to allocate request for " 726da7f033dSHerbert Xu "%s\n", algo); 727da7f033dSHerbert Xu goto out_noreq; 728da7f033dSHerbert Xu } 729da7f033dSHerbert Xu ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 7307f397136SGilad Ben-Yossef crypto_req_done, &wait); 731da7f033dSHerbert Xu 732a0cfae59SHerbert Xu j = 0; 733da7f033dSHerbert Xu for (i = 0; i < tcount; i++) { 734a0cfae59SHerbert Xu if (template[i].np) 735a0cfae59SHerbert Xu continue; 736a0cfae59SHerbert Xu 737da5ffe11SJussi Kivilinna ret = -EINVAL; 738da5ffe11SJussi Kivilinna if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE)) 739da5ffe11SJussi Kivilinna goto out; 740da5ffe11SJussi Kivilinna 741a0cfae59SHerbert Xu j++; 742e93acd6fSAndrew Lutomirski memset(result, 0, digest_size); 743da7f033dSHerbert Xu 744da7f033dSHerbert Xu hash_buff = xbuf[0]; 745da5ffe11SJussi Kivilinna hash_buff += align_offset; 746da7f033dSHerbert Xu 747da7f033dSHerbert Xu memcpy(hash_buff, template[i].plaintext, template[i].psize); 748da7f033dSHerbert Xu sg_init_one(&sg[0], hash_buff, template[i].psize); 749da7f033dSHerbert Xu 750da7f033dSHerbert Xu if (template[i].ksize) { 751da7f033dSHerbert Xu crypto_ahash_clear_flags(tfm, ~0); 75229b77e5dSHoria Geanta if (template[i].ksize > MAX_KEYLEN) { 75329b77e5dSHoria Geanta pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 75429b77e5dSHoria Geanta j, algo, template[i].ksize, MAX_KEYLEN); 75529b77e5dSHoria Geanta ret = -EINVAL; 75629b77e5dSHoria Geanta goto out; 75729b77e5dSHoria Geanta } 75829b77e5dSHoria Geanta memcpy(key, template[i].key, template[i].ksize); 75929b77e5dSHoria Geanta ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 760da7f033dSHerbert Xu if (ret) { 761da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: setkey failed on " 762a0cfae59SHerbert Xu "test %d for %s: ret=%d\n", j, algo, 763da7f033dSHerbert Xu -ret); 764da7f033dSHerbert Xu goto out; 765da7f033dSHerbert Xu } 766da7f033dSHerbert Xu } 767da7f033dSHerbert Xu 768da7f033dSHerbert Xu ahash_request_set_crypt(req, sg, result, template[i].psize); 76976715095SGilad Ben-Yossef switch (test_type) { 77076715095SGilad Ben-Yossef case HASH_TEST_DIGEST: 7717f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_digest(req), &wait); 772a8f1a052SDavid S. Miller if (ret) { 773a8f1a052SDavid S. Miller pr_err("alg: hash: digest failed on test %d " 774a0cfae59SHerbert Xu "for %s: ret=%d\n", j, algo, -ret); 775da7f033dSHerbert Xu goto out; 776da7f033dSHerbert Xu } 77776715095SGilad Ben-Yossef break; 77876715095SGilad Ben-Yossef 77976715095SGilad Ben-Yossef case HASH_TEST_FINAL: 780466d7b9fSKamil Konieczny memset(result, 1, digest_size); 7817f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_init(req), &wait); 782a8f1a052SDavid S. Miller if (ret) { 783cf3f9609SGilad Ben-Yossef pr_err("alg: hash: init failed on test %d " 784a8f1a052SDavid S. Miller "for %s: ret=%d\n", j, algo, -ret); 785a8f1a052SDavid S. Miller goto out; 786a8f1a052SDavid S. Miller } 787466d7b9fSKamil Konieczny ret = ahash_guard_result(result, 1, digest_size); 788466d7b9fSKamil Konieczny if (ret) { 789466d7b9fSKamil Konieczny pr_err("alg: hash: init failed on test %d " 790466d7b9fSKamil Konieczny "for %s: used req->result\n", j, algo); 791466d7b9fSKamil Konieczny goto out; 792466d7b9fSKamil Konieczny } 7937f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_update(req), &wait); 794a8f1a052SDavid S. Miller if (ret) { 795cf3f9609SGilad Ben-Yossef pr_err("alg: hash: update failed on test %d " 796a8f1a052SDavid S. Miller "for %s: ret=%d\n", j, algo, -ret); 797a8f1a052SDavid S. Miller goto out; 798a8f1a052SDavid S. Miller } 799466d7b9fSKamil Konieczny ret = ahash_guard_result(result, 1, digest_size); 800466d7b9fSKamil Konieczny if (ret) { 801466d7b9fSKamil Konieczny pr_err("alg: hash: update failed on test %d " 802466d7b9fSKamil Konieczny "for %s: used req->result\n", j, algo); 803466d7b9fSKamil Konieczny goto out; 804466d7b9fSKamil Konieczny } 8057f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_final(req), &wait); 806a8f1a052SDavid S. Miller if (ret) { 807cf3f9609SGilad Ben-Yossef pr_err("alg: hash: final failed on test %d " 808a8f1a052SDavid S. Miller "for %s: ret=%d\n", j, algo, -ret); 809a8f1a052SDavid S. Miller goto out; 810a8f1a052SDavid S. Miller } 81176715095SGilad Ben-Yossef break; 81276715095SGilad Ben-Yossef 81376715095SGilad Ben-Yossef case HASH_TEST_FINUP: 81476715095SGilad Ben-Yossef memset(result, 1, digest_size); 81576715095SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_init(req), &wait); 81676715095SGilad Ben-Yossef if (ret) { 81776715095SGilad Ben-Yossef pr_err("alg: hash: init failed on test %d " 81876715095SGilad Ben-Yossef "for %s: ret=%d\n", j, algo, -ret); 81976715095SGilad Ben-Yossef goto out; 82076715095SGilad Ben-Yossef } 82176715095SGilad Ben-Yossef ret = ahash_guard_result(result, 1, digest_size); 82276715095SGilad Ben-Yossef if (ret) { 82376715095SGilad Ben-Yossef pr_err("alg: hash: init failed on test %d " 82476715095SGilad Ben-Yossef "for %s: used req->result\n", j, algo); 82576715095SGilad Ben-Yossef goto out; 82676715095SGilad Ben-Yossef } 82776715095SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_finup(req), &wait); 82876715095SGilad Ben-Yossef if (ret) { 82976715095SGilad Ben-Yossef pr_err("alg: hash: final failed on test %d " 83076715095SGilad Ben-Yossef "for %s: ret=%d\n", j, algo, -ret); 83176715095SGilad Ben-Yossef goto out; 83276715095SGilad Ben-Yossef } 83376715095SGilad Ben-Yossef break; 834a8f1a052SDavid S. Miller } 835da7f033dSHerbert Xu 836da7f033dSHerbert Xu if (memcmp(result, template[i].digest, 837da7f033dSHerbert Xu crypto_ahash_digestsize(tfm))) { 838da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: Test %d failed for %s\n", 839a0cfae59SHerbert Xu j, algo); 840da7f033dSHerbert Xu hexdump(result, crypto_ahash_digestsize(tfm)); 841da7f033dSHerbert Xu ret = -EINVAL; 842da7f033dSHerbert Xu goto out; 843da7f033dSHerbert Xu } 844da7f033dSHerbert Xu } 845da7f033dSHerbert Xu 84676715095SGilad Ben-Yossef if (test_type) 84776715095SGilad Ben-Yossef goto out; 84876715095SGilad Ben-Yossef 849da7f033dSHerbert Xu j = 0; 850da7f033dSHerbert Xu for (i = 0; i < tcount; i++) { 851da5ffe11SJussi Kivilinna /* alignment tests are only done with continuous buffers */ 852da5ffe11SJussi Kivilinna if (align_offset != 0) 853da5ffe11SJussi Kivilinna break; 854da5ffe11SJussi Kivilinna 8555f2b424eSCristian Stoica if (!template[i].np) 8565f2b424eSCristian Stoica continue; 8575f2b424eSCristian Stoica 858da7f033dSHerbert Xu j++; 859e93acd6fSAndrew Lutomirski memset(result, 0, digest_size); 860da7f033dSHerbert Xu 861da7f033dSHerbert Xu temp = 0; 862da7f033dSHerbert Xu sg_init_table(sg, template[i].np); 863fd57f22aSHerbert Xu ret = -EINVAL; 864da7f033dSHerbert Xu for (k = 0; k < template[i].np; k++) { 865fd57f22aSHerbert Xu if (WARN_ON(offset_in_page(IDX[k]) + 866fd57f22aSHerbert Xu template[i].tap[k] > PAGE_SIZE)) 867fd57f22aSHerbert Xu goto out; 868da7f033dSHerbert Xu sg_set_buf(&sg[k], 869da7f033dSHerbert Xu memcpy(xbuf[IDX[k] >> PAGE_SHIFT] + 870da7f033dSHerbert Xu offset_in_page(IDX[k]), 871da7f033dSHerbert Xu template[i].plaintext + temp, 872da7f033dSHerbert Xu template[i].tap[k]), 873da7f033dSHerbert Xu template[i].tap[k]); 874da7f033dSHerbert Xu temp += template[i].tap[k]; 875da7f033dSHerbert Xu } 876da7f033dSHerbert Xu 877da7f033dSHerbert Xu if (template[i].ksize) { 87829b77e5dSHoria Geanta if (template[i].ksize > MAX_KEYLEN) { 87929b77e5dSHoria Geanta pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 8805f2b424eSCristian Stoica j, algo, template[i].ksize, MAX_KEYLEN); 88129b77e5dSHoria Geanta ret = -EINVAL; 88229b77e5dSHoria Geanta goto out; 88329b77e5dSHoria Geanta } 884da7f033dSHerbert Xu crypto_ahash_clear_flags(tfm, ~0); 88529b77e5dSHoria Geanta memcpy(key, template[i].key, template[i].ksize); 8865f2b424eSCristian Stoica ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 887da7f033dSHerbert Xu 888da7f033dSHerbert Xu if (ret) { 889da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: setkey " 890da7f033dSHerbert Xu "failed on chunking test %d " 8915f2b424eSCristian Stoica "for %s: ret=%d\n", j, algo, -ret); 892da7f033dSHerbert Xu goto out; 893da7f033dSHerbert Xu } 894da7f033dSHerbert Xu } 895da7f033dSHerbert Xu 8965f2b424eSCristian Stoica ahash_request_set_crypt(req, sg, result, template[i].psize); 8977f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_digest(req), &wait); 8987f397136SGilad Ben-Yossef if (ret) { 8997f397136SGilad Ben-Yossef pr_err("alg: hash: digest failed on chunking test %d for %s: ret=%d\n", 9007f397136SGilad Ben-Yossef j, algo, -ret); 901da7f033dSHerbert Xu goto out; 902da7f033dSHerbert Xu } 903da7f033dSHerbert Xu 904da7f033dSHerbert Xu if (memcmp(result, template[i].digest, 905da7f033dSHerbert Xu crypto_ahash_digestsize(tfm))) { 906da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: Chunking test %d " 907da7f033dSHerbert Xu "failed for %s\n", j, algo); 908da7f033dSHerbert Xu hexdump(result, crypto_ahash_digestsize(tfm)); 909da7f033dSHerbert Xu ret = -EINVAL; 910da7f033dSHerbert Xu goto out; 911da7f033dSHerbert Xu } 912da7f033dSHerbert Xu } 913da7f033dSHerbert Xu 914018ba95cSWang, Rui Y /* partial update exercise */ 915018ba95cSWang, Rui Y j = 0; 916018ba95cSWang, Rui Y for (i = 0; i < tcount; i++) { 917018ba95cSWang, Rui Y /* alignment tests are only done with continuous buffers */ 918018ba95cSWang, Rui Y if (align_offset != 0) 919018ba95cSWang, Rui Y break; 920018ba95cSWang, Rui Y 921018ba95cSWang, Rui Y if (template[i].np < 2) 922018ba95cSWang, Rui Y continue; 923018ba95cSWang, Rui Y 924018ba95cSWang, Rui Y j++; 925e93acd6fSAndrew Lutomirski memset(result, 0, digest_size); 926018ba95cSWang, Rui Y 927018ba95cSWang, Rui Y ret = -EINVAL; 928018ba95cSWang, Rui Y hash_buff = xbuf[0]; 929018ba95cSWang, Rui Y memcpy(hash_buff, template[i].plaintext, 930018ba95cSWang, Rui Y template[i].tap[0]); 931018ba95cSWang, Rui Y sg_init_one(&sg[0], hash_buff, template[i].tap[0]); 932018ba95cSWang, Rui Y 933018ba95cSWang, Rui Y if (template[i].ksize) { 934018ba95cSWang, Rui Y crypto_ahash_clear_flags(tfm, ~0); 935018ba95cSWang, Rui Y if (template[i].ksize > MAX_KEYLEN) { 936018ba95cSWang, Rui Y pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 937018ba95cSWang, Rui Y j, algo, template[i].ksize, MAX_KEYLEN); 938018ba95cSWang, Rui Y ret = -EINVAL; 939018ba95cSWang, Rui Y goto out; 940018ba95cSWang, Rui Y } 941018ba95cSWang, Rui Y memcpy(key, template[i].key, template[i].ksize); 942018ba95cSWang, Rui Y ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 943018ba95cSWang, Rui Y if (ret) { 944018ba95cSWang, Rui Y pr_err("alg: hash: setkey failed on test %d for %s: ret=%d\n", 945018ba95cSWang, Rui Y j, algo, -ret); 946018ba95cSWang, Rui Y goto out; 947018ba95cSWang, Rui Y } 948018ba95cSWang, Rui Y } 949018ba95cSWang, Rui Y 950018ba95cSWang, Rui Y ahash_request_set_crypt(req, sg, result, template[i].tap[0]); 9517f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_init(req), &wait); 952018ba95cSWang, Rui Y if (ret) { 953cf3f9609SGilad Ben-Yossef pr_err("alg: hash: init failed on test %d for %s: ret=%d\n", 954018ba95cSWang, Rui Y j, algo, -ret); 955018ba95cSWang, Rui Y goto out; 956018ba95cSWang, Rui Y } 9577f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_update(req), &wait); 958018ba95cSWang, Rui Y if (ret) { 959cf3f9609SGilad Ben-Yossef pr_err("alg: hash: update failed on test %d for %s: ret=%d\n", 960018ba95cSWang, Rui Y j, algo, -ret); 961018ba95cSWang, Rui Y goto out; 962018ba95cSWang, Rui Y } 963018ba95cSWang, Rui Y 964018ba95cSWang, Rui Y temp = template[i].tap[0]; 965018ba95cSWang, Rui Y for (k = 1; k < template[i].np; k++) { 966018ba95cSWang, Rui Y ret = ahash_partial_update(&req, tfm, &template[i], 967018ba95cSWang, Rui Y hash_buff, k, temp, &sg[0], algo, result, 9687f397136SGilad Ben-Yossef &wait); 969018ba95cSWang, Rui Y if (ret) { 970cf3f9609SGilad Ben-Yossef pr_err("alg: hash: partial update failed on test %d for %s: ret=%d\n", 971018ba95cSWang, Rui Y j, algo, -ret); 972018ba95cSWang, Rui Y goto out_noreq; 973018ba95cSWang, Rui Y } 974018ba95cSWang, Rui Y temp += template[i].tap[k]; 975018ba95cSWang, Rui Y } 9767f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_ahash_final(req), &wait); 977018ba95cSWang, Rui Y if (ret) { 978cf3f9609SGilad Ben-Yossef pr_err("alg: hash: final failed on test %d for %s: ret=%d\n", 979018ba95cSWang, Rui Y j, algo, -ret); 980018ba95cSWang, Rui Y goto out; 981018ba95cSWang, Rui Y } 982018ba95cSWang, Rui Y if (memcmp(result, template[i].digest, 983018ba95cSWang, Rui Y crypto_ahash_digestsize(tfm))) { 984018ba95cSWang, Rui Y pr_err("alg: hash: Partial Test %d failed for %s\n", 985018ba95cSWang, Rui Y j, algo); 986018ba95cSWang, Rui Y hexdump(result, crypto_ahash_digestsize(tfm)); 987018ba95cSWang, Rui Y ret = -EINVAL; 988018ba95cSWang, Rui Y goto out; 989018ba95cSWang, Rui Y } 990018ba95cSWang, Rui Y } 991018ba95cSWang, Rui Y 992da7f033dSHerbert Xu ret = 0; 993da7f033dSHerbert Xu 994da7f033dSHerbert Xu out: 995da7f033dSHerbert Xu ahash_request_free(req); 996da7f033dSHerbert Xu out_noreq: 997f8b0d4d0SHerbert Xu testmgr_free_buf(xbuf); 998f8b0d4d0SHerbert Xu out_nobuf: 99929b77e5dSHoria Geanta kfree(key); 100029b77e5dSHoria Geanta kfree(result); 1001da7f033dSHerbert Xu return ret; 1002da7f033dSHerbert Xu } 1003da7f033dSHerbert Xu 1004b13b1e0cSEric Biggers static int test_hash(struct crypto_ahash *tfm, 1005b13b1e0cSEric Biggers const struct hash_testvec *template, 100676715095SGilad Ben-Yossef unsigned int tcount, enum hash_test test_type) 1007da5ffe11SJussi Kivilinna { 1008da5ffe11SJussi Kivilinna unsigned int alignmask; 1009da5ffe11SJussi Kivilinna int ret; 1010da5ffe11SJussi Kivilinna 101176715095SGilad Ben-Yossef ret = __test_hash(tfm, template, tcount, test_type, 0); 1012da5ffe11SJussi Kivilinna if (ret) 1013da5ffe11SJussi Kivilinna return ret; 1014da5ffe11SJussi Kivilinna 1015da5ffe11SJussi Kivilinna /* test unaligned buffers, check with one byte offset */ 101676715095SGilad Ben-Yossef ret = __test_hash(tfm, template, tcount, test_type, 1); 1017da5ffe11SJussi Kivilinna if (ret) 1018da5ffe11SJussi Kivilinna return ret; 1019da5ffe11SJussi Kivilinna 1020da5ffe11SJussi Kivilinna alignmask = crypto_tfm_alg_alignmask(&tfm->base); 1021da5ffe11SJussi Kivilinna if (alignmask) { 1022da5ffe11SJussi Kivilinna /* Check if alignment mask for tfm is correctly set. */ 102376715095SGilad Ben-Yossef ret = __test_hash(tfm, template, tcount, test_type, 1024da5ffe11SJussi Kivilinna alignmask + 1); 1025da5ffe11SJussi Kivilinna if (ret) 1026da5ffe11SJussi Kivilinna return ret; 1027da5ffe11SJussi Kivilinna } 1028da5ffe11SJussi Kivilinna 1029da5ffe11SJussi Kivilinna return 0; 1030da5ffe11SJussi Kivilinna } 1031da5ffe11SJussi Kivilinna 1032d8a32ac2SJussi Kivilinna static int __test_aead(struct crypto_aead *tfm, int enc, 1033b13b1e0cSEric Biggers const struct aead_testvec *template, unsigned int tcount, 103458dcf548SJussi Kivilinna const bool diff_dst, const int align_offset) 1035da7f033dSHerbert Xu { 1036da7f033dSHerbert Xu const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); 1037da7f033dSHerbert Xu unsigned int i, j, k, n, temp; 1038f8b0d4d0SHerbert Xu int ret = -ENOMEM; 1039da7f033dSHerbert Xu char *q; 1040da7f033dSHerbert Xu char *key; 1041da7f033dSHerbert Xu struct aead_request *req; 1042d8a32ac2SJussi Kivilinna struct scatterlist *sg; 1043d8a32ac2SJussi Kivilinna struct scatterlist *sgout; 1044d8a32ac2SJussi Kivilinna const char *e, *d; 10457f397136SGilad Ben-Yossef struct crypto_wait wait; 1046424a5da6SCristian Stoica unsigned int authsize, iv_len; 10479bac019dSTadeusz Struk char *iv; 1048f8b0d4d0SHerbert Xu char *xbuf[XBUFSIZE]; 1049d8a32ac2SJussi Kivilinna char *xoutbuf[XBUFSIZE]; 1050f8b0d4d0SHerbert Xu char *axbuf[XBUFSIZE]; 1051f8b0d4d0SHerbert Xu 10529bac019dSTadeusz Struk iv = kzalloc(MAX_IVLEN, GFP_KERNEL); 10539bac019dSTadeusz Struk if (!iv) 10549bac019dSTadeusz Struk return ret; 105529b77e5dSHoria Geanta key = kmalloc(MAX_KEYLEN, GFP_KERNEL); 105629b77e5dSHoria Geanta if (!key) 105729b77e5dSHoria Geanta goto out_noxbuf; 1058f8b0d4d0SHerbert Xu if (testmgr_alloc_buf(xbuf)) 1059f8b0d4d0SHerbert Xu goto out_noxbuf; 1060f8b0d4d0SHerbert Xu if (testmgr_alloc_buf(axbuf)) 1061f8b0d4d0SHerbert Xu goto out_noaxbuf; 1062d8a32ac2SJussi Kivilinna if (diff_dst && testmgr_alloc_buf(xoutbuf)) 1063d8a32ac2SJussi Kivilinna goto out_nooutbuf; 1064d8a32ac2SJussi Kivilinna 1065d8a32ac2SJussi Kivilinna /* avoid "the frame size is larger than 1024 bytes" compiler warning */ 10666da2ec56SKees Cook sg = kmalloc(array3_size(sizeof(*sg), 8, (diff_dst ? 4 : 2)), 10676da2ec56SKees Cook GFP_KERNEL); 1068d8a32ac2SJussi Kivilinna if (!sg) 1069d8a32ac2SJussi Kivilinna goto out_nosg; 10708a525fcdSHerbert Xu sgout = &sg[16]; 1071d8a32ac2SJussi Kivilinna 1072d8a32ac2SJussi Kivilinna if (diff_dst) 1073d8a32ac2SJussi Kivilinna d = "-ddst"; 1074d8a32ac2SJussi Kivilinna else 1075d8a32ac2SJussi Kivilinna d = ""; 1076d8a32ac2SJussi Kivilinna 1077da7f033dSHerbert Xu if (enc == ENCRYPT) 1078da7f033dSHerbert Xu e = "encryption"; 1079da7f033dSHerbert Xu else 1080da7f033dSHerbert Xu e = "decryption"; 1081da7f033dSHerbert Xu 10827f397136SGilad Ben-Yossef crypto_init_wait(&wait); 1083da7f033dSHerbert Xu 1084da7f033dSHerbert Xu req = aead_request_alloc(tfm, GFP_KERNEL); 1085da7f033dSHerbert Xu if (!req) { 1086d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Failed to allocate request for %s\n", 1087d8a32ac2SJussi Kivilinna d, algo); 1088da7f033dSHerbert Xu goto out; 1089da7f033dSHerbert Xu } 1090da7f033dSHerbert Xu 1091da7f033dSHerbert Xu aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 10927f397136SGilad Ben-Yossef crypto_req_done, &wait); 1093da7f033dSHerbert Xu 1094abfa7f43SJerome Marchand iv_len = crypto_aead_ivsize(tfm); 1095abfa7f43SJerome Marchand 1096da7f033dSHerbert Xu for (i = 0, j = 0; i < tcount; i++) { 1097a0d608eeSEric Biggers const char *input, *expected_output; 1098a0d608eeSEric Biggers unsigned int inlen, outlen; 1099a0d608eeSEric Biggers char *inbuf, *outbuf, *assocbuf; 1100a0d608eeSEric Biggers 110105b1d338SCristian Stoica if (template[i].np) 110205b1d338SCristian Stoica continue; 1103a0d608eeSEric Biggers if (enc) { 1104a0d608eeSEric Biggers if (template[i].novrfy) 11055bc3de58SEric Biggers continue; 1106a0d608eeSEric Biggers input = template[i].ptext; 1107a0d608eeSEric Biggers inlen = template[i].plen; 1108a0d608eeSEric Biggers expected_output = template[i].ctext; 1109a0d608eeSEric Biggers outlen = template[i].clen; 1110a0d608eeSEric Biggers } else { 1111a0d608eeSEric Biggers input = template[i].ctext; 1112a0d608eeSEric Biggers inlen = template[i].clen; 1113a0d608eeSEric Biggers expected_output = template[i].ptext; 1114a0d608eeSEric Biggers outlen = template[i].plen; 1115a0d608eeSEric Biggers } 111605b1d338SCristian Stoica 1117da7f033dSHerbert Xu j++; 1118da7f033dSHerbert Xu 111958dcf548SJussi Kivilinna /* some templates have no input data but they will 1120da7f033dSHerbert Xu * touch input 1121da7f033dSHerbert Xu */ 1122a0d608eeSEric Biggers inbuf = xbuf[0] + align_offset; 1123a0d608eeSEric Biggers assocbuf = axbuf[0]; 1124da7f033dSHerbert Xu 1125fd57f22aSHerbert Xu ret = -EINVAL; 1126a0d608eeSEric Biggers if (WARN_ON(align_offset + template[i].clen > PAGE_SIZE || 1127a0d608eeSEric Biggers template[i].alen > PAGE_SIZE)) 1128fd57f22aSHerbert Xu goto out; 1129fd57f22aSHerbert Xu 1130a0d608eeSEric Biggers memcpy(inbuf, input, inlen); 1131a0d608eeSEric Biggers memcpy(assocbuf, template[i].assoc, template[i].alen); 1132da7f033dSHerbert Xu if (template[i].iv) 1133424a5da6SCristian Stoica memcpy(iv, template[i].iv, iv_len); 1134da7f033dSHerbert Xu else 1135424a5da6SCristian Stoica memset(iv, 0, iv_len); 1136da7f033dSHerbert Xu 1137da7f033dSHerbert Xu crypto_aead_clear_flags(tfm, ~0); 1138da7f033dSHerbert Xu if (template[i].wk) 1139231baecdSEric Biggers crypto_aead_set_flags(tfm, 1140231baecdSEric Biggers CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1141da7f033dSHerbert Xu 114229b77e5dSHoria Geanta if (template[i].klen > MAX_KEYLEN) { 114329b77e5dSHoria Geanta pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", 114429b77e5dSHoria Geanta d, j, algo, template[i].klen, 114529b77e5dSHoria Geanta MAX_KEYLEN); 114629b77e5dSHoria Geanta ret = -EINVAL; 114729b77e5dSHoria Geanta goto out; 114829b77e5dSHoria Geanta } 114929b77e5dSHoria Geanta memcpy(key, template[i].key, template[i].klen); 1150da7f033dSHerbert Xu 115105b1d338SCristian Stoica ret = crypto_aead_setkey(tfm, key, template[i].klen); 11520fae0c1eSYanjiang Jin if (template[i].fail == !ret) { 1153d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n", 1154d8a32ac2SJussi Kivilinna d, j, algo, crypto_aead_get_flags(tfm)); 1155da7f033dSHerbert Xu goto out; 1156da7f033dSHerbert Xu } else if (ret) 1157da7f033dSHerbert Xu continue; 1158da7f033dSHerbert Xu 1159a0d608eeSEric Biggers authsize = template[i].clen - template[i].plen; 1160da7f033dSHerbert Xu ret = crypto_aead_setauthsize(tfm, authsize); 1161da7f033dSHerbert Xu if (ret) { 1162d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n", 1163d8a32ac2SJussi Kivilinna d, authsize, j, algo); 1164da7f033dSHerbert Xu goto out; 1165da7f033dSHerbert Xu } 1166da7f033dSHerbert Xu 11678a525fcdSHerbert Xu k = !!template[i].alen; 11688a525fcdSHerbert Xu sg_init_table(sg, k + 1); 1169a0d608eeSEric Biggers sg_set_buf(&sg[0], assocbuf, template[i].alen); 1170a0d608eeSEric Biggers sg_set_buf(&sg[k], inbuf, template[i].clen); 1171a0d608eeSEric Biggers outbuf = inbuf; 1172d8a32ac2SJussi Kivilinna 11738a525fcdSHerbert Xu if (diff_dst) { 11748a525fcdSHerbert Xu sg_init_table(sgout, k + 1); 1175a0d608eeSEric Biggers sg_set_buf(&sgout[0], assocbuf, template[i].alen); 11768a525fcdSHerbert Xu 1177a0d608eeSEric Biggers outbuf = xoutbuf[0] + align_offset; 1178a0d608eeSEric Biggers sg_set_buf(&sgout[k], outbuf, template[i].clen); 11798a525fcdSHerbert Xu } 1180da7f033dSHerbert Xu 1181a0d608eeSEric Biggers aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, inlen, 1182a0d608eeSEric Biggers iv); 1183da7f033dSHerbert Xu 11848a525fcdSHerbert Xu aead_request_set_ad(req, template[i].alen); 1185da7f033dSHerbert Xu 11867f397136SGilad Ben-Yossef ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) 11877f397136SGilad Ben-Yossef : crypto_aead_decrypt(req), &wait); 1188da7f033dSHerbert Xu 1189da7f033dSHerbert Xu switch (ret) { 1190da7f033dSHerbert Xu case 0: 1191e44a1b44SJarod Wilson if (template[i].novrfy) { 1192e44a1b44SJarod Wilson /* verification was supposed to fail */ 1193d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n", 1194d8a32ac2SJussi Kivilinna d, e, j, algo); 1195e44a1b44SJarod Wilson /* so really, we got a bad message */ 1196e44a1b44SJarod Wilson ret = -EBADMSG; 1197e44a1b44SJarod Wilson goto out; 1198e44a1b44SJarod Wilson } 1199da7f033dSHerbert Xu break; 1200e44a1b44SJarod Wilson case -EBADMSG: 1201e44a1b44SJarod Wilson if (template[i].novrfy) 1202e44a1b44SJarod Wilson /* verification failure was expected */ 1203e44a1b44SJarod Wilson continue; 1204da7f033dSHerbert Xu /* fall through */ 1205da7f033dSHerbert Xu default: 1206d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n", 1207d8a32ac2SJussi Kivilinna d, e, j, algo, -ret); 1208da7f033dSHerbert Xu goto out; 1209da7f033dSHerbert Xu } 1210da7f033dSHerbert Xu 1211a0d608eeSEric Biggers if (memcmp(outbuf, expected_output, outlen)) { 1212d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Test %d failed on %s for %s\n", 1213d8a32ac2SJussi Kivilinna d, j, e, algo); 1214a0d608eeSEric Biggers hexdump(outbuf, outlen); 1215da7f033dSHerbert Xu ret = -EINVAL; 1216da7f033dSHerbert Xu goto out; 1217da7f033dSHerbert Xu } 1218da7f033dSHerbert Xu } 1219da7f033dSHerbert Xu 1220da7f033dSHerbert Xu for (i = 0, j = 0; i < tcount; i++) { 1221a0d608eeSEric Biggers const char *input, *expected_output; 1222a0d608eeSEric Biggers unsigned int inlen, outlen; 1223a0d608eeSEric Biggers 122458dcf548SJussi Kivilinna /* alignment tests are only done with continuous buffers */ 122558dcf548SJussi Kivilinna if (align_offset != 0) 122658dcf548SJussi Kivilinna break; 122758dcf548SJussi Kivilinna 122805b1d338SCristian Stoica if (!template[i].np) 122905b1d338SCristian Stoica continue; 123005b1d338SCristian Stoica 1231a0d608eeSEric Biggers if (enc) { 1232a0d608eeSEric Biggers if (template[i].novrfy) 12335bc3de58SEric Biggers continue; 1234a0d608eeSEric Biggers input = template[i].ptext; 1235a0d608eeSEric Biggers inlen = template[i].plen; 1236a0d608eeSEric Biggers expected_output = template[i].ctext; 1237a0d608eeSEric Biggers outlen = template[i].clen; 1238a0d608eeSEric Biggers } else { 1239a0d608eeSEric Biggers input = template[i].ctext; 1240a0d608eeSEric Biggers inlen = template[i].clen; 1241a0d608eeSEric Biggers expected_output = template[i].ptext; 1242a0d608eeSEric Biggers outlen = template[i].plen; 1243a0d608eeSEric Biggers } 12445bc3de58SEric Biggers 1245da7f033dSHerbert Xu j++; 1246da7f033dSHerbert Xu 1247da7f033dSHerbert Xu if (template[i].iv) 1248abfa7f43SJerome Marchand memcpy(iv, template[i].iv, iv_len); 1249da7f033dSHerbert Xu else 1250da7f033dSHerbert Xu memset(iv, 0, MAX_IVLEN); 1251da7f033dSHerbert Xu 1252da7f033dSHerbert Xu crypto_aead_clear_flags(tfm, ~0); 1253da7f033dSHerbert Xu if (template[i].wk) 1254231baecdSEric Biggers crypto_aead_set_flags(tfm, 1255231baecdSEric Biggers CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 125629b77e5dSHoria Geanta if (template[i].klen > MAX_KEYLEN) { 125729b77e5dSHoria Geanta pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", 125805b1d338SCristian Stoica d, j, algo, template[i].klen, MAX_KEYLEN); 125929b77e5dSHoria Geanta ret = -EINVAL; 126029b77e5dSHoria Geanta goto out; 126129b77e5dSHoria Geanta } 126229b77e5dSHoria Geanta memcpy(key, template[i].key, template[i].klen); 1263da7f033dSHerbert Xu 1264da7f033dSHerbert Xu ret = crypto_aead_setkey(tfm, key, template[i].klen); 12650fae0c1eSYanjiang Jin if (template[i].fail == !ret) { 1266d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n", 1267d8a32ac2SJussi Kivilinna d, j, algo, crypto_aead_get_flags(tfm)); 1268da7f033dSHerbert Xu goto out; 1269da7f033dSHerbert Xu } else if (ret) 1270da7f033dSHerbert Xu continue; 1271da7f033dSHerbert Xu 1272a0d608eeSEric Biggers authsize = template[i].clen - template[i].plen; 1273da7f033dSHerbert Xu 1274da7f033dSHerbert Xu ret = -EINVAL; 12758a525fcdSHerbert Xu sg_init_table(sg, template[i].anp + template[i].np); 1276d8a32ac2SJussi Kivilinna if (diff_dst) 12778a525fcdSHerbert Xu sg_init_table(sgout, template[i].anp + template[i].np); 12788a525fcdSHerbert Xu 12798a525fcdSHerbert Xu ret = -EINVAL; 12808a525fcdSHerbert Xu for (k = 0, temp = 0; k < template[i].anp; k++) { 12818a525fcdSHerbert Xu if (WARN_ON(offset_in_page(IDX[k]) + 12828a525fcdSHerbert Xu template[i].atap[k] > PAGE_SIZE)) 12838a525fcdSHerbert Xu goto out; 12848a525fcdSHerbert Xu sg_set_buf(&sg[k], 12858a525fcdSHerbert Xu memcpy(axbuf[IDX[k] >> PAGE_SHIFT] + 12868a525fcdSHerbert Xu offset_in_page(IDX[k]), 12878a525fcdSHerbert Xu template[i].assoc + temp, 12888a525fcdSHerbert Xu template[i].atap[k]), 12898a525fcdSHerbert Xu template[i].atap[k]); 12908a525fcdSHerbert Xu if (diff_dst) 12918a525fcdSHerbert Xu sg_set_buf(&sgout[k], 12928a525fcdSHerbert Xu axbuf[IDX[k] >> PAGE_SHIFT] + 12938a525fcdSHerbert Xu offset_in_page(IDX[k]), 12948a525fcdSHerbert Xu template[i].atap[k]); 12958a525fcdSHerbert Xu temp += template[i].atap[k]; 12968a525fcdSHerbert Xu } 12978a525fcdSHerbert Xu 1298da7f033dSHerbert Xu for (k = 0, temp = 0; k < template[i].np; k++) { 1299a0d608eeSEric Biggers n = template[i].tap[k]; 1300a0d608eeSEric Biggers if (k == template[i].np - 1 && !enc) 1301a0d608eeSEric Biggers n += authsize; 1302a0d608eeSEric Biggers 1303a0d608eeSEric Biggers if (WARN_ON(offset_in_page(IDX[k]) + n > PAGE_SIZE)) 1304da7f033dSHerbert Xu goto out; 1305da7f033dSHerbert Xu 130605b1d338SCristian Stoica q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); 1307a0d608eeSEric Biggers memcpy(q, input + temp, n); 1308a0d608eeSEric Biggers sg_set_buf(&sg[template[i].anp + k], q, n); 1309d8a32ac2SJussi Kivilinna 1310d8a32ac2SJussi Kivilinna if (diff_dst) { 1311d8a32ac2SJussi Kivilinna q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 1312d8a32ac2SJussi Kivilinna offset_in_page(IDX[k]); 1313d8a32ac2SJussi Kivilinna 1314a0d608eeSEric Biggers memset(q, 0, n); 1315d8a32ac2SJussi Kivilinna 1316a0d608eeSEric Biggers sg_set_buf(&sgout[template[i].anp + k], q, n); 1317d8a32ac2SJussi Kivilinna } 1318d8a32ac2SJussi Kivilinna 13198ec25c51SHoria Geanta if (k == template[i].np - 1 && enc) 13208ec25c51SHoria Geanta n += authsize; 13218ec25c51SHoria Geanta if (offset_in_page(q) + n < PAGE_SIZE) 13228ec25c51SHoria Geanta q[n] = 0; 13238ec25c51SHoria Geanta 1324a0d608eeSEric Biggers temp += n; 1325da7f033dSHerbert Xu } 1326da7f033dSHerbert Xu 1327da7f033dSHerbert Xu ret = crypto_aead_setauthsize(tfm, authsize); 1328da7f033dSHerbert Xu if (ret) { 1329d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n", 1330d8a32ac2SJussi Kivilinna d, authsize, j, algo); 1331da7f033dSHerbert Xu goto out; 1332da7f033dSHerbert Xu } 1333da7f033dSHerbert Xu 1334da7f033dSHerbert Xu if (enc) { 13358a525fcdSHerbert Xu if (WARN_ON(sg[template[i].anp + k - 1].offset + 13368a525fcdSHerbert Xu sg[template[i].anp + k - 1].length + 13378a525fcdSHerbert Xu authsize > PAGE_SIZE)) { 1338da7f033dSHerbert Xu ret = -EINVAL; 1339da7f033dSHerbert Xu goto out; 1340da7f033dSHerbert Xu } 1341da7f033dSHerbert Xu 1342d8a32ac2SJussi Kivilinna if (diff_dst) 13438a525fcdSHerbert Xu sgout[template[i].anp + k - 1].length += 13448a525fcdSHerbert Xu authsize; 13458a525fcdSHerbert Xu sg[template[i].anp + k - 1].length += authsize; 1346da7f033dSHerbert Xu } 1347da7f033dSHerbert Xu 1348d8a32ac2SJussi Kivilinna aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 1349a0d608eeSEric Biggers inlen, iv); 1350da7f033dSHerbert Xu 13518a525fcdSHerbert Xu aead_request_set_ad(req, template[i].alen); 1352da7f033dSHerbert Xu 13537f397136SGilad Ben-Yossef ret = crypto_wait_req(enc ? crypto_aead_encrypt(req) 13547f397136SGilad Ben-Yossef : crypto_aead_decrypt(req), &wait); 1355da7f033dSHerbert Xu 1356da7f033dSHerbert Xu switch (ret) { 1357da7f033dSHerbert Xu case 0: 1358e44a1b44SJarod Wilson if (template[i].novrfy) { 1359e44a1b44SJarod Wilson /* verification was supposed to fail */ 1360d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n", 1361d8a32ac2SJussi Kivilinna d, e, j, algo); 1362e44a1b44SJarod Wilson /* so really, we got a bad message */ 1363e44a1b44SJarod Wilson ret = -EBADMSG; 1364e44a1b44SJarod Wilson goto out; 1365e44a1b44SJarod Wilson } 1366da7f033dSHerbert Xu break; 1367e44a1b44SJarod Wilson case -EBADMSG: 1368e44a1b44SJarod Wilson if (template[i].novrfy) 1369e44a1b44SJarod Wilson /* verification failure was expected */ 1370e44a1b44SJarod Wilson continue; 1371da7f033dSHerbert Xu /* fall through */ 1372da7f033dSHerbert Xu default: 1373d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n", 1374d8a32ac2SJussi Kivilinna d, e, j, algo, -ret); 1375da7f033dSHerbert Xu goto out; 1376da7f033dSHerbert Xu } 1377da7f033dSHerbert Xu 1378da7f033dSHerbert Xu ret = -EINVAL; 1379da7f033dSHerbert Xu for (k = 0, temp = 0; k < template[i].np; k++) { 1380d8a32ac2SJussi Kivilinna if (diff_dst) 1381d8a32ac2SJussi Kivilinna q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 1382d8a32ac2SJussi Kivilinna offset_in_page(IDX[k]); 1383d8a32ac2SJussi Kivilinna else 1384da7f033dSHerbert Xu q = xbuf[IDX[k] >> PAGE_SHIFT] + 1385da7f033dSHerbert Xu offset_in_page(IDX[k]); 1386da7f033dSHerbert Xu 1387da7f033dSHerbert Xu n = template[i].tap[k]; 1388a0d608eeSEric Biggers if (k == template[i].np - 1 && enc) 1389a0d608eeSEric Biggers n += authsize; 1390da7f033dSHerbert Xu 1391a0d608eeSEric Biggers if (memcmp(q, expected_output + temp, n)) { 1392d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n", 1393d8a32ac2SJussi Kivilinna d, j, e, k, algo); 1394da7f033dSHerbert Xu hexdump(q, n); 1395da7f033dSHerbert Xu goto out; 1396da7f033dSHerbert Xu } 1397da7f033dSHerbert Xu 1398da7f033dSHerbert Xu q += n; 1399da7f033dSHerbert Xu if (k == template[i].np - 1 && !enc) { 1400a0d608eeSEric Biggers if (!diff_dst && memcmp(q, input + temp + n, 1401a0d608eeSEric Biggers authsize)) 1402da7f033dSHerbert Xu n = authsize; 1403da7f033dSHerbert Xu else 1404da7f033dSHerbert Xu n = 0; 1405da7f033dSHerbert Xu } else { 140605b1d338SCristian Stoica for (n = 0; offset_in_page(q + n) && q[n]; n++) 1407da7f033dSHerbert Xu ; 1408da7f033dSHerbert Xu } 1409da7f033dSHerbert Xu if (n) { 1410d8a32ac2SJussi Kivilinna pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", 1411d8a32ac2SJussi Kivilinna d, j, e, k, algo, n); 1412da7f033dSHerbert Xu hexdump(q, n); 1413da7f033dSHerbert Xu goto out; 1414da7f033dSHerbert Xu } 1415da7f033dSHerbert Xu 1416da7f033dSHerbert Xu temp += template[i].tap[k]; 1417da7f033dSHerbert Xu } 1418da7f033dSHerbert Xu } 1419da7f033dSHerbert Xu 1420da7f033dSHerbert Xu ret = 0; 1421da7f033dSHerbert Xu 1422da7f033dSHerbert Xu out: 1423da7f033dSHerbert Xu aead_request_free(req); 1424d8a32ac2SJussi Kivilinna kfree(sg); 1425d8a32ac2SJussi Kivilinna out_nosg: 1426d8a32ac2SJussi Kivilinna if (diff_dst) 1427d8a32ac2SJussi Kivilinna testmgr_free_buf(xoutbuf); 1428d8a32ac2SJussi Kivilinna out_nooutbuf: 1429f8b0d4d0SHerbert Xu testmgr_free_buf(axbuf); 1430f8b0d4d0SHerbert Xu out_noaxbuf: 1431f8b0d4d0SHerbert Xu testmgr_free_buf(xbuf); 1432f8b0d4d0SHerbert Xu out_noxbuf: 143329b77e5dSHoria Geanta kfree(key); 14349bac019dSTadeusz Struk kfree(iv); 1435da7f033dSHerbert Xu return ret; 1436da7f033dSHerbert Xu } 1437da7f033dSHerbert Xu 1438d8a32ac2SJussi Kivilinna static int test_aead(struct crypto_aead *tfm, int enc, 1439b13b1e0cSEric Biggers const struct aead_testvec *template, unsigned int tcount) 1440d8a32ac2SJussi Kivilinna { 144158dcf548SJussi Kivilinna unsigned int alignmask; 1442d8a32ac2SJussi Kivilinna int ret; 1443d8a32ac2SJussi Kivilinna 1444d8a32ac2SJussi Kivilinna /* test 'dst == src' case */ 144558dcf548SJussi Kivilinna ret = __test_aead(tfm, enc, template, tcount, false, 0); 1446d8a32ac2SJussi Kivilinna if (ret) 1447d8a32ac2SJussi Kivilinna return ret; 1448d8a32ac2SJussi Kivilinna 1449d8a32ac2SJussi Kivilinna /* test 'dst != src' case */ 145058dcf548SJussi Kivilinna ret = __test_aead(tfm, enc, template, tcount, true, 0); 145158dcf548SJussi Kivilinna if (ret) 145258dcf548SJussi Kivilinna return ret; 145358dcf548SJussi Kivilinna 145458dcf548SJussi Kivilinna /* test unaligned buffers, check with one byte offset */ 145558dcf548SJussi Kivilinna ret = __test_aead(tfm, enc, template, tcount, true, 1); 145658dcf548SJussi Kivilinna if (ret) 145758dcf548SJussi Kivilinna return ret; 145858dcf548SJussi Kivilinna 145958dcf548SJussi Kivilinna alignmask = crypto_tfm_alg_alignmask(&tfm->base); 146058dcf548SJussi Kivilinna if (alignmask) { 146158dcf548SJussi Kivilinna /* Check if alignment mask for tfm is correctly set. */ 146258dcf548SJussi Kivilinna ret = __test_aead(tfm, enc, template, tcount, true, 146358dcf548SJussi Kivilinna alignmask + 1); 146458dcf548SJussi Kivilinna if (ret) 146558dcf548SJussi Kivilinna return ret; 146658dcf548SJussi Kivilinna } 146758dcf548SJussi Kivilinna 146858dcf548SJussi Kivilinna return 0; 1469d8a32ac2SJussi Kivilinna } 1470d8a32ac2SJussi Kivilinna 14711aa4ecd9SHerbert Xu static int test_cipher(struct crypto_cipher *tfm, int enc, 1472b13b1e0cSEric Biggers const struct cipher_testvec *template, 1473b13b1e0cSEric Biggers unsigned int tcount) 14741aa4ecd9SHerbert Xu { 14751aa4ecd9SHerbert Xu const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm)); 14761aa4ecd9SHerbert Xu unsigned int i, j, k; 14771aa4ecd9SHerbert Xu char *q; 14781aa4ecd9SHerbert Xu const char *e; 147992a4c9feSEric Biggers const char *input, *result; 14801aa4ecd9SHerbert Xu void *data; 1481f8b0d4d0SHerbert Xu char *xbuf[XBUFSIZE]; 1482f8b0d4d0SHerbert Xu int ret = -ENOMEM; 1483f8b0d4d0SHerbert Xu 1484f8b0d4d0SHerbert Xu if (testmgr_alloc_buf(xbuf)) 1485f8b0d4d0SHerbert Xu goto out_nobuf; 14861aa4ecd9SHerbert Xu 14871aa4ecd9SHerbert Xu if (enc == ENCRYPT) 14881aa4ecd9SHerbert Xu e = "encryption"; 14891aa4ecd9SHerbert Xu else 14901aa4ecd9SHerbert Xu e = "decryption"; 14911aa4ecd9SHerbert Xu 14921aa4ecd9SHerbert Xu j = 0; 14931aa4ecd9SHerbert Xu for (i = 0; i < tcount; i++) { 14941aa4ecd9SHerbert Xu if (template[i].np) 14951aa4ecd9SHerbert Xu continue; 14961aa4ecd9SHerbert Xu 149710faa8c0SStephan Mueller if (fips_enabled && template[i].fips_skip) 149810faa8c0SStephan Mueller continue; 149910faa8c0SStephan Mueller 150092a4c9feSEric Biggers input = enc ? template[i].ptext : template[i].ctext; 150192a4c9feSEric Biggers result = enc ? template[i].ctext : template[i].ptext; 15021aa4ecd9SHerbert Xu j++; 15031aa4ecd9SHerbert Xu 1504fd57f22aSHerbert Xu ret = -EINVAL; 150592a4c9feSEric Biggers if (WARN_ON(template[i].len > PAGE_SIZE)) 1506fd57f22aSHerbert Xu goto out; 1507fd57f22aSHerbert Xu 15081aa4ecd9SHerbert Xu data = xbuf[0]; 150992a4c9feSEric Biggers memcpy(data, input, template[i].len); 15101aa4ecd9SHerbert Xu 15111aa4ecd9SHerbert Xu crypto_cipher_clear_flags(tfm, ~0); 15121aa4ecd9SHerbert Xu if (template[i].wk) 1513231baecdSEric Biggers crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 15141aa4ecd9SHerbert Xu 15151aa4ecd9SHerbert Xu ret = crypto_cipher_setkey(tfm, template[i].key, 15161aa4ecd9SHerbert Xu template[i].klen); 15170fae0c1eSYanjiang Jin if (template[i].fail == !ret) { 15181aa4ecd9SHerbert Xu printk(KERN_ERR "alg: cipher: setkey failed " 15191aa4ecd9SHerbert Xu "on test %d for %s: flags=%x\n", j, 15201aa4ecd9SHerbert Xu algo, crypto_cipher_get_flags(tfm)); 15211aa4ecd9SHerbert Xu goto out; 15221aa4ecd9SHerbert Xu } else if (ret) 15231aa4ecd9SHerbert Xu continue; 15241aa4ecd9SHerbert Xu 152592a4c9feSEric Biggers for (k = 0; k < template[i].len; 15261aa4ecd9SHerbert Xu k += crypto_cipher_blocksize(tfm)) { 15271aa4ecd9SHerbert Xu if (enc) 15281aa4ecd9SHerbert Xu crypto_cipher_encrypt_one(tfm, data + k, 15291aa4ecd9SHerbert Xu data + k); 15301aa4ecd9SHerbert Xu else 15311aa4ecd9SHerbert Xu crypto_cipher_decrypt_one(tfm, data + k, 15321aa4ecd9SHerbert Xu data + k); 15331aa4ecd9SHerbert Xu } 15341aa4ecd9SHerbert Xu 15351aa4ecd9SHerbert Xu q = data; 153692a4c9feSEric Biggers if (memcmp(q, result, template[i].len)) { 15371aa4ecd9SHerbert Xu printk(KERN_ERR "alg: cipher: Test %d failed " 15381aa4ecd9SHerbert Xu "on %s for %s\n", j, e, algo); 153992a4c9feSEric Biggers hexdump(q, template[i].len); 15401aa4ecd9SHerbert Xu ret = -EINVAL; 15411aa4ecd9SHerbert Xu goto out; 15421aa4ecd9SHerbert Xu } 15431aa4ecd9SHerbert Xu } 15441aa4ecd9SHerbert Xu 15451aa4ecd9SHerbert Xu ret = 0; 15461aa4ecd9SHerbert Xu 15471aa4ecd9SHerbert Xu out: 1548f8b0d4d0SHerbert Xu testmgr_free_buf(xbuf); 1549f8b0d4d0SHerbert Xu out_nobuf: 15501aa4ecd9SHerbert Xu return ret; 15511aa4ecd9SHerbert Xu } 15521aa4ecd9SHerbert Xu 155312773d93SHerbert Xu static int __test_skcipher(struct crypto_skcipher *tfm, int enc, 1554b13b1e0cSEric Biggers const struct cipher_testvec *template, 1555b13b1e0cSEric Biggers unsigned int tcount, 15563a338f20SJussi Kivilinna const bool diff_dst, const int align_offset) 1557da7f033dSHerbert Xu { 1558da7f033dSHerbert Xu const char *algo = 155912773d93SHerbert Xu crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); 1560da7f033dSHerbert Xu unsigned int i, j, k, n, temp; 1561da7f033dSHerbert Xu char *q; 156212773d93SHerbert Xu struct skcipher_request *req; 1563da7f033dSHerbert Xu struct scatterlist sg[8]; 156408d6af8cSJussi Kivilinna struct scatterlist sgout[8]; 156508d6af8cSJussi Kivilinna const char *e, *d; 15667f397136SGilad Ben-Yossef struct crypto_wait wait; 156792a4c9feSEric Biggers const char *input, *result; 1568da7f033dSHerbert Xu void *data; 1569da7f033dSHerbert Xu char iv[MAX_IVLEN]; 1570f8b0d4d0SHerbert Xu char *xbuf[XBUFSIZE]; 157108d6af8cSJussi Kivilinna char *xoutbuf[XBUFSIZE]; 1572f8b0d4d0SHerbert Xu int ret = -ENOMEM; 157384cba178SAndrey Ryabinin unsigned int ivsize = crypto_skcipher_ivsize(tfm); 1574f8b0d4d0SHerbert Xu 1575f8b0d4d0SHerbert Xu if (testmgr_alloc_buf(xbuf)) 1576f8b0d4d0SHerbert Xu goto out_nobuf; 1577da7f033dSHerbert Xu 157808d6af8cSJussi Kivilinna if (diff_dst && testmgr_alloc_buf(xoutbuf)) 157908d6af8cSJussi Kivilinna goto out_nooutbuf; 158008d6af8cSJussi Kivilinna 158108d6af8cSJussi Kivilinna if (diff_dst) 158208d6af8cSJussi Kivilinna d = "-ddst"; 158308d6af8cSJussi Kivilinna else 158408d6af8cSJussi Kivilinna d = ""; 158508d6af8cSJussi Kivilinna 1586da7f033dSHerbert Xu if (enc == ENCRYPT) 1587da7f033dSHerbert Xu e = "encryption"; 1588da7f033dSHerbert Xu else 1589da7f033dSHerbert Xu e = "decryption"; 1590da7f033dSHerbert Xu 15917f397136SGilad Ben-Yossef crypto_init_wait(&wait); 1592da7f033dSHerbert Xu 159312773d93SHerbert Xu req = skcipher_request_alloc(tfm, GFP_KERNEL); 1594da7f033dSHerbert Xu if (!req) { 159508d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: Failed to allocate request for %s\n", 159608d6af8cSJussi Kivilinna d, algo); 1597da7f033dSHerbert Xu goto out; 1598da7f033dSHerbert Xu } 1599da7f033dSHerbert Xu 160012773d93SHerbert Xu skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 16017f397136SGilad Ben-Yossef crypto_req_done, &wait); 1602da7f033dSHerbert Xu 1603da7f033dSHerbert Xu j = 0; 1604da7f033dSHerbert Xu for (i = 0; i < tcount; i++) { 1605bbb9a7ddSCristian Stoica if (template[i].np && !template[i].also_non_np) 1606bbb9a7ddSCristian Stoica continue; 1607bbb9a7ddSCristian Stoica 160810faa8c0SStephan Mueller if (fips_enabled && template[i].fips_skip) 160910faa8c0SStephan Mueller continue; 161010faa8c0SStephan Mueller 161192a4c9feSEric Biggers if (template[i].iv && !(template[i].generates_iv && enc)) 161284cba178SAndrey Ryabinin memcpy(iv, template[i].iv, ivsize); 1613da7f033dSHerbert Xu else 1614da7f033dSHerbert Xu memset(iv, 0, MAX_IVLEN); 1615da7f033dSHerbert Xu 161692a4c9feSEric Biggers input = enc ? template[i].ptext : template[i].ctext; 161792a4c9feSEric Biggers result = enc ? template[i].ctext : template[i].ptext; 1618da7f033dSHerbert Xu j++; 1619fd57f22aSHerbert Xu ret = -EINVAL; 162092a4c9feSEric Biggers if (WARN_ON(align_offset + template[i].len > PAGE_SIZE)) 1621fd57f22aSHerbert Xu goto out; 1622fd57f22aSHerbert Xu 1623da7f033dSHerbert Xu data = xbuf[0]; 16243a338f20SJussi Kivilinna data += align_offset; 162592a4c9feSEric Biggers memcpy(data, input, template[i].len); 1626da7f033dSHerbert Xu 162712773d93SHerbert Xu crypto_skcipher_clear_flags(tfm, ~0); 1628da7f033dSHerbert Xu if (template[i].wk) 1629231baecdSEric Biggers crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1630da7f033dSHerbert Xu 163112773d93SHerbert Xu ret = crypto_skcipher_setkey(tfm, template[i].key, 1632da7f033dSHerbert Xu template[i].klen); 16330fae0c1eSYanjiang Jin if (template[i].fail == !ret) { 163408d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n", 163512773d93SHerbert Xu d, j, algo, crypto_skcipher_get_flags(tfm)); 1636da7f033dSHerbert Xu goto out; 1637da7f033dSHerbert Xu } else if (ret) 1638da7f033dSHerbert Xu continue; 1639da7f033dSHerbert Xu 164092a4c9feSEric Biggers sg_init_one(&sg[0], data, template[i].len); 164108d6af8cSJussi Kivilinna if (diff_dst) { 164208d6af8cSJussi Kivilinna data = xoutbuf[0]; 16433a338f20SJussi Kivilinna data += align_offset; 164492a4c9feSEric Biggers sg_init_one(&sgout[0], data, template[i].len); 164508d6af8cSJussi Kivilinna } 1646da7f033dSHerbert Xu 164712773d93SHerbert Xu skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 164892a4c9feSEric Biggers template[i].len, iv); 16497f397136SGilad Ben-Yossef ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) : 16507f397136SGilad Ben-Yossef crypto_skcipher_decrypt(req), &wait); 1651da7f033dSHerbert Xu 16527f397136SGilad Ben-Yossef if (ret) { 165308d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n", 165408d6af8cSJussi Kivilinna d, e, j, algo, -ret); 1655da7f033dSHerbert Xu goto out; 1656da7f033dSHerbert Xu } 1657da7f033dSHerbert Xu 1658da7f033dSHerbert Xu q = data; 165992a4c9feSEric Biggers if (memcmp(q, result, template[i].len)) { 16608a826a34SBoris BREZILLON pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n", 166108d6af8cSJussi Kivilinna d, j, e, algo); 166292a4c9feSEric Biggers hexdump(q, template[i].len); 1663da7f033dSHerbert Xu ret = -EINVAL; 1664da7f033dSHerbert Xu goto out; 1665da7f033dSHerbert Xu } 16668a826a34SBoris BREZILLON 166792a4c9feSEric Biggers if (template[i].generates_iv && enc && 166892a4c9feSEric Biggers memcmp(iv, template[i].iv, crypto_skcipher_ivsize(tfm))) { 16698a826a34SBoris BREZILLON pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n", 16708a826a34SBoris BREZILLON d, j, e, algo); 16718a826a34SBoris BREZILLON hexdump(iv, crypto_skcipher_ivsize(tfm)); 16728a826a34SBoris BREZILLON ret = -EINVAL; 16738a826a34SBoris BREZILLON goto out; 16748a826a34SBoris BREZILLON } 1675da7f033dSHerbert Xu } 1676da7f033dSHerbert Xu 1677da7f033dSHerbert Xu j = 0; 1678da7f033dSHerbert Xu for (i = 0; i < tcount; i++) { 16793a338f20SJussi Kivilinna /* alignment tests are only done with continuous buffers */ 16803a338f20SJussi Kivilinna if (align_offset != 0) 16813a338f20SJussi Kivilinna break; 1682da7f033dSHerbert Xu 1683bbb9a7ddSCristian Stoica if (!template[i].np) 1684bbb9a7ddSCristian Stoica continue; 1685bbb9a7ddSCristian Stoica 168610faa8c0SStephan Mueller if (fips_enabled && template[i].fips_skip) 168710faa8c0SStephan Mueller continue; 168810faa8c0SStephan Mueller 168992a4c9feSEric Biggers if (template[i].iv && !(template[i].generates_iv && enc)) 169084cba178SAndrey Ryabinin memcpy(iv, template[i].iv, ivsize); 1691da7f033dSHerbert Xu else 1692da7f033dSHerbert Xu memset(iv, 0, MAX_IVLEN); 1693da7f033dSHerbert Xu 169492a4c9feSEric Biggers input = enc ? template[i].ptext : template[i].ctext; 169592a4c9feSEric Biggers result = enc ? template[i].ctext : template[i].ptext; 1696da7f033dSHerbert Xu j++; 169712773d93SHerbert Xu crypto_skcipher_clear_flags(tfm, ~0); 1698da7f033dSHerbert Xu if (template[i].wk) 1699231baecdSEric Biggers crypto_skcipher_set_flags(tfm, CRYPTO_TFM_REQ_FORBID_WEAK_KEYS); 1700da7f033dSHerbert Xu 170112773d93SHerbert Xu ret = crypto_skcipher_setkey(tfm, template[i].key, 1702da7f033dSHerbert Xu template[i].klen); 17030fae0c1eSYanjiang Jin if (template[i].fail == !ret) { 170408d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n", 170512773d93SHerbert Xu d, j, algo, crypto_skcipher_get_flags(tfm)); 1706da7f033dSHerbert Xu goto out; 1707da7f033dSHerbert Xu } else if (ret) 1708da7f033dSHerbert Xu continue; 1709da7f033dSHerbert Xu 1710da7f033dSHerbert Xu temp = 0; 1711da7f033dSHerbert Xu ret = -EINVAL; 1712da7f033dSHerbert Xu sg_init_table(sg, template[i].np); 171308d6af8cSJussi Kivilinna if (diff_dst) 171408d6af8cSJussi Kivilinna sg_init_table(sgout, template[i].np); 1715da7f033dSHerbert Xu for (k = 0; k < template[i].np; k++) { 1716da7f033dSHerbert Xu if (WARN_ON(offset_in_page(IDX[k]) + 1717da7f033dSHerbert Xu template[i].tap[k] > PAGE_SIZE)) 1718da7f033dSHerbert Xu goto out; 1719da7f033dSHerbert Xu 1720a1aa44a2SCristian Stoica q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); 1721da7f033dSHerbert Xu 172292a4c9feSEric Biggers memcpy(q, input + temp, template[i].tap[k]); 1723da7f033dSHerbert Xu 1724a1aa44a2SCristian Stoica if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE) 1725da7f033dSHerbert Xu q[template[i].tap[k]] = 0; 1726da7f033dSHerbert Xu 1727da7f033dSHerbert Xu sg_set_buf(&sg[k], q, template[i].tap[k]); 172808d6af8cSJussi Kivilinna if (diff_dst) { 172908d6af8cSJussi Kivilinna q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 173008d6af8cSJussi Kivilinna offset_in_page(IDX[k]); 173108d6af8cSJussi Kivilinna 1732a1aa44a2SCristian Stoica sg_set_buf(&sgout[k], q, template[i].tap[k]); 173308d6af8cSJussi Kivilinna 173408d6af8cSJussi Kivilinna memset(q, 0, template[i].tap[k]); 173508d6af8cSJussi Kivilinna if (offset_in_page(q) + 173608d6af8cSJussi Kivilinna template[i].tap[k] < PAGE_SIZE) 173708d6af8cSJussi Kivilinna q[template[i].tap[k]] = 0; 173808d6af8cSJussi Kivilinna } 1739da7f033dSHerbert Xu 1740da7f033dSHerbert Xu temp += template[i].tap[k]; 1741da7f033dSHerbert Xu } 1742da7f033dSHerbert Xu 174312773d93SHerbert Xu skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 174492a4c9feSEric Biggers template[i].len, iv); 1745da7f033dSHerbert Xu 17467f397136SGilad Ben-Yossef ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) : 17477f397136SGilad Ben-Yossef crypto_skcipher_decrypt(req), &wait); 1748da7f033dSHerbert Xu 17497f397136SGilad Ben-Yossef if (ret) { 175008d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n", 175108d6af8cSJussi Kivilinna d, e, j, algo, -ret); 1752da7f033dSHerbert Xu goto out; 1753da7f033dSHerbert Xu } 1754da7f033dSHerbert Xu 1755da7f033dSHerbert Xu temp = 0; 1756da7f033dSHerbert Xu ret = -EINVAL; 1757da7f033dSHerbert Xu for (k = 0; k < template[i].np; k++) { 175808d6af8cSJussi Kivilinna if (diff_dst) 175908d6af8cSJussi Kivilinna q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 176008d6af8cSJussi Kivilinna offset_in_page(IDX[k]); 176108d6af8cSJussi Kivilinna else 1762da7f033dSHerbert Xu q = xbuf[IDX[k] >> PAGE_SHIFT] + 1763da7f033dSHerbert Xu offset_in_page(IDX[k]); 1764da7f033dSHerbert Xu 176592a4c9feSEric Biggers if (memcmp(q, result + temp, template[i].tap[k])) { 176608d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n", 176708d6af8cSJussi Kivilinna d, j, e, k, algo); 1768da7f033dSHerbert Xu hexdump(q, template[i].tap[k]); 1769da7f033dSHerbert Xu goto out; 1770da7f033dSHerbert Xu } 1771da7f033dSHerbert Xu 1772da7f033dSHerbert Xu q += template[i].tap[k]; 1773da7f033dSHerbert Xu for (n = 0; offset_in_page(q + n) && q[n]; n++) 1774da7f033dSHerbert Xu ; 1775da7f033dSHerbert Xu if (n) { 177608d6af8cSJussi Kivilinna pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", 177708d6af8cSJussi Kivilinna d, j, e, k, algo, n); 1778da7f033dSHerbert Xu hexdump(q, n); 1779da7f033dSHerbert Xu goto out; 1780da7f033dSHerbert Xu } 1781da7f033dSHerbert Xu temp += template[i].tap[k]; 1782da7f033dSHerbert Xu } 1783da7f033dSHerbert Xu } 1784da7f033dSHerbert Xu 1785da7f033dSHerbert Xu ret = 0; 1786da7f033dSHerbert Xu 1787da7f033dSHerbert Xu out: 178812773d93SHerbert Xu skcipher_request_free(req); 178908d6af8cSJussi Kivilinna if (diff_dst) 179008d6af8cSJussi Kivilinna testmgr_free_buf(xoutbuf); 179108d6af8cSJussi Kivilinna out_nooutbuf: 1792f8b0d4d0SHerbert Xu testmgr_free_buf(xbuf); 1793f8b0d4d0SHerbert Xu out_nobuf: 1794da7f033dSHerbert Xu return ret; 1795da7f033dSHerbert Xu } 1796da7f033dSHerbert Xu 179712773d93SHerbert Xu static int test_skcipher(struct crypto_skcipher *tfm, int enc, 1798b13b1e0cSEric Biggers const struct cipher_testvec *template, 1799b13b1e0cSEric Biggers unsigned int tcount) 180008d6af8cSJussi Kivilinna { 18013a338f20SJussi Kivilinna unsigned int alignmask; 180208d6af8cSJussi Kivilinna int ret; 180308d6af8cSJussi Kivilinna 180408d6af8cSJussi Kivilinna /* test 'dst == src' case */ 18053a338f20SJussi Kivilinna ret = __test_skcipher(tfm, enc, template, tcount, false, 0); 180608d6af8cSJussi Kivilinna if (ret) 180708d6af8cSJussi Kivilinna return ret; 180808d6af8cSJussi Kivilinna 180908d6af8cSJussi Kivilinna /* test 'dst != src' case */ 18103a338f20SJussi Kivilinna ret = __test_skcipher(tfm, enc, template, tcount, true, 0); 18113a338f20SJussi Kivilinna if (ret) 18123a338f20SJussi Kivilinna return ret; 18133a338f20SJussi Kivilinna 18143a338f20SJussi Kivilinna /* test unaligned buffers, check with one byte offset */ 18153a338f20SJussi Kivilinna ret = __test_skcipher(tfm, enc, template, tcount, true, 1); 18163a338f20SJussi Kivilinna if (ret) 18173a338f20SJussi Kivilinna return ret; 18183a338f20SJussi Kivilinna 18193a338f20SJussi Kivilinna alignmask = crypto_tfm_alg_alignmask(&tfm->base); 18203a338f20SJussi Kivilinna if (alignmask) { 18213a338f20SJussi Kivilinna /* Check if alignment mask for tfm is correctly set. */ 18223a338f20SJussi Kivilinna ret = __test_skcipher(tfm, enc, template, tcount, true, 18233a338f20SJussi Kivilinna alignmask + 1); 18243a338f20SJussi Kivilinna if (ret) 18253a338f20SJussi Kivilinna return ret; 18263a338f20SJussi Kivilinna } 18273a338f20SJussi Kivilinna 18283a338f20SJussi Kivilinna return 0; 182908d6af8cSJussi Kivilinna } 183008d6af8cSJussi Kivilinna 1831b13b1e0cSEric Biggers static int test_comp(struct crypto_comp *tfm, 1832b13b1e0cSEric Biggers const struct comp_testvec *ctemplate, 1833b13b1e0cSEric Biggers const struct comp_testvec *dtemplate, 1834b13b1e0cSEric Biggers int ctcount, int dtcount) 1835da7f033dSHerbert Xu { 1836da7f033dSHerbert Xu const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm)); 183733607384SMahipal Challa char *output, *decomp_output; 1838da7f033dSHerbert Xu unsigned int i; 1839da7f033dSHerbert Xu int ret; 1840da7f033dSHerbert Xu 184133607384SMahipal Challa output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL); 184233607384SMahipal Challa if (!output) 184333607384SMahipal Challa return -ENOMEM; 184433607384SMahipal Challa 184533607384SMahipal Challa decomp_output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL); 184633607384SMahipal Challa if (!decomp_output) { 184733607384SMahipal Challa kfree(output); 184833607384SMahipal Challa return -ENOMEM; 184933607384SMahipal Challa } 185033607384SMahipal Challa 1851da7f033dSHerbert Xu for (i = 0; i < ctcount; i++) { 1852c79cf910SGeert Uytterhoeven int ilen; 1853c79cf910SGeert Uytterhoeven unsigned int dlen = COMP_BUF_SIZE; 1854da7f033dSHerbert Xu 185522a8118dSMichael Schupikov memset(output, 0, COMP_BUF_SIZE); 185622a8118dSMichael Schupikov memset(decomp_output, 0, COMP_BUF_SIZE); 1857da7f033dSHerbert Xu 1858da7f033dSHerbert Xu ilen = ctemplate[i].inlen; 1859da7f033dSHerbert Xu ret = crypto_comp_compress(tfm, ctemplate[i].input, 186033607384SMahipal Challa ilen, output, &dlen); 1861da7f033dSHerbert Xu if (ret) { 1862da7f033dSHerbert Xu printk(KERN_ERR "alg: comp: compression failed " 1863da7f033dSHerbert Xu "on test %d for %s: ret=%d\n", i + 1, algo, 1864da7f033dSHerbert Xu -ret); 1865da7f033dSHerbert Xu goto out; 1866da7f033dSHerbert Xu } 1867da7f033dSHerbert Xu 186833607384SMahipal Challa ilen = dlen; 186933607384SMahipal Challa dlen = COMP_BUF_SIZE; 187033607384SMahipal Challa ret = crypto_comp_decompress(tfm, output, 187133607384SMahipal Challa ilen, decomp_output, &dlen); 187233607384SMahipal Challa if (ret) { 187333607384SMahipal Challa pr_err("alg: comp: compression failed: decompress: on test %d for %s failed: ret=%d\n", 187433607384SMahipal Challa i + 1, algo, -ret); 187533607384SMahipal Challa goto out; 187633607384SMahipal Challa } 187733607384SMahipal Challa 187833607384SMahipal Challa if (dlen != ctemplate[i].inlen) { 1879b812eb00SGeert Uytterhoeven printk(KERN_ERR "alg: comp: Compression test %d " 1880b812eb00SGeert Uytterhoeven "failed for %s: output len = %d\n", i + 1, algo, 1881b812eb00SGeert Uytterhoeven dlen); 1882b812eb00SGeert Uytterhoeven ret = -EINVAL; 1883b812eb00SGeert Uytterhoeven goto out; 1884b812eb00SGeert Uytterhoeven } 1885b812eb00SGeert Uytterhoeven 188633607384SMahipal Challa if (memcmp(decomp_output, ctemplate[i].input, 188733607384SMahipal Challa ctemplate[i].inlen)) { 188833607384SMahipal Challa pr_err("alg: comp: compression failed: output differs: on test %d for %s\n", 188933607384SMahipal Challa i + 1, algo); 189033607384SMahipal Challa hexdump(decomp_output, dlen); 1891da7f033dSHerbert Xu ret = -EINVAL; 1892da7f033dSHerbert Xu goto out; 1893da7f033dSHerbert Xu } 1894da7f033dSHerbert Xu } 1895da7f033dSHerbert Xu 1896da7f033dSHerbert Xu for (i = 0; i < dtcount; i++) { 1897c79cf910SGeert Uytterhoeven int ilen; 1898c79cf910SGeert Uytterhoeven unsigned int dlen = COMP_BUF_SIZE; 1899da7f033dSHerbert Xu 190022a8118dSMichael Schupikov memset(decomp_output, 0, COMP_BUF_SIZE); 1901da7f033dSHerbert Xu 1902da7f033dSHerbert Xu ilen = dtemplate[i].inlen; 1903da7f033dSHerbert Xu ret = crypto_comp_decompress(tfm, dtemplate[i].input, 190433607384SMahipal Challa ilen, decomp_output, &dlen); 1905da7f033dSHerbert Xu if (ret) { 1906da7f033dSHerbert Xu printk(KERN_ERR "alg: comp: decompression failed " 1907da7f033dSHerbert Xu "on test %d for %s: ret=%d\n", i + 1, algo, 1908da7f033dSHerbert Xu -ret); 1909da7f033dSHerbert Xu goto out; 1910da7f033dSHerbert Xu } 1911da7f033dSHerbert Xu 1912b812eb00SGeert Uytterhoeven if (dlen != dtemplate[i].outlen) { 1913b812eb00SGeert Uytterhoeven printk(KERN_ERR "alg: comp: Decompression test %d " 1914b812eb00SGeert Uytterhoeven "failed for %s: output len = %d\n", i + 1, algo, 1915b812eb00SGeert Uytterhoeven dlen); 1916b812eb00SGeert Uytterhoeven ret = -EINVAL; 1917b812eb00SGeert Uytterhoeven goto out; 1918b812eb00SGeert Uytterhoeven } 1919b812eb00SGeert Uytterhoeven 192033607384SMahipal Challa if (memcmp(decomp_output, dtemplate[i].output, dlen)) { 1921da7f033dSHerbert Xu printk(KERN_ERR "alg: comp: Decompression test %d " 1922da7f033dSHerbert Xu "failed for %s\n", i + 1, algo); 192333607384SMahipal Challa hexdump(decomp_output, dlen); 1924da7f033dSHerbert Xu ret = -EINVAL; 1925da7f033dSHerbert Xu goto out; 1926da7f033dSHerbert Xu } 1927da7f033dSHerbert Xu } 1928da7f033dSHerbert Xu 1929da7f033dSHerbert Xu ret = 0; 1930da7f033dSHerbert Xu 1931da7f033dSHerbert Xu out: 193233607384SMahipal Challa kfree(decomp_output); 193333607384SMahipal Challa kfree(output); 1934da7f033dSHerbert Xu return ret; 1935da7f033dSHerbert Xu } 1936da7f033dSHerbert Xu 1937b13b1e0cSEric Biggers static int test_acomp(struct crypto_acomp *tfm, 1938b13b1e0cSEric Biggers const struct comp_testvec *ctemplate, 1939b13b1e0cSEric Biggers const struct comp_testvec *dtemplate, 1940b13b1e0cSEric Biggers int ctcount, int dtcount) 1941d7db7a88SGiovanni Cabiddu { 1942d7db7a88SGiovanni Cabiddu const char *algo = crypto_tfm_alg_driver_name(crypto_acomp_tfm(tfm)); 1943d7db7a88SGiovanni Cabiddu unsigned int i; 1944a9943a0aSGiovanni Cabiddu char *output, *decomp_out; 1945d7db7a88SGiovanni Cabiddu int ret; 1946d7db7a88SGiovanni Cabiddu struct scatterlist src, dst; 1947d7db7a88SGiovanni Cabiddu struct acomp_req *req; 19487f397136SGilad Ben-Yossef struct crypto_wait wait; 1949d7db7a88SGiovanni Cabiddu 1950eb095593SEric Biggers output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL); 1951eb095593SEric Biggers if (!output) 1952eb095593SEric Biggers return -ENOMEM; 1953eb095593SEric Biggers 1954a9943a0aSGiovanni Cabiddu decomp_out = kmalloc(COMP_BUF_SIZE, GFP_KERNEL); 1955a9943a0aSGiovanni Cabiddu if (!decomp_out) { 1956a9943a0aSGiovanni Cabiddu kfree(output); 1957a9943a0aSGiovanni Cabiddu return -ENOMEM; 1958a9943a0aSGiovanni Cabiddu } 1959a9943a0aSGiovanni Cabiddu 1960d7db7a88SGiovanni Cabiddu for (i = 0; i < ctcount; i++) { 1961d7db7a88SGiovanni Cabiddu unsigned int dlen = COMP_BUF_SIZE; 1962d7db7a88SGiovanni Cabiddu int ilen = ctemplate[i].inlen; 196302608e02SLaura Abbott void *input_vec; 1964d7db7a88SGiovanni Cabiddu 1965d2110224SEric Biggers input_vec = kmemdup(ctemplate[i].input, ilen, GFP_KERNEL); 196602608e02SLaura Abbott if (!input_vec) { 196702608e02SLaura Abbott ret = -ENOMEM; 196802608e02SLaura Abbott goto out; 196902608e02SLaura Abbott } 197002608e02SLaura Abbott 1971eb095593SEric Biggers memset(output, 0, dlen); 19727f397136SGilad Ben-Yossef crypto_init_wait(&wait); 197302608e02SLaura Abbott sg_init_one(&src, input_vec, ilen); 1974d7db7a88SGiovanni Cabiddu sg_init_one(&dst, output, dlen); 1975d7db7a88SGiovanni Cabiddu 1976d7db7a88SGiovanni Cabiddu req = acomp_request_alloc(tfm); 1977d7db7a88SGiovanni Cabiddu if (!req) { 1978d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: request alloc failed for %s\n", 1979d7db7a88SGiovanni Cabiddu algo); 198002608e02SLaura Abbott kfree(input_vec); 1981d7db7a88SGiovanni Cabiddu ret = -ENOMEM; 1982d7db7a88SGiovanni Cabiddu goto out; 1983d7db7a88SGiovanni Cabiddu } 1984d7db7a88SGiovanni Cabiddu 1985d7db7a88SGiovanni Cabiddu acomp_request_set_params(req, &src, &dst, ilen, dlen); 1986d7db7a88SGiovanni Cabiddu acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 19877f397136SGilad Ben-Yossef crypto_req_done, &wait); 1988d7db7a88SGiovanni Cabiddu 19897f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_acomp_compress(req), &wait); 1990d7db7a88SGiovanni Cabiddu if (ret) { 1991d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n", 1992d7db7a88SGiovanni Cabiddu i + 1, algo, -ret); 199302608e02SLaura Abbott kfree(input_vec); 1994d7db7a88SGiovanni Cabiddu acomp_request_free(req); 1995d7db7a88SGiovanni Cabiddu goto out; 1996d7db7a88SGiovanni Cabiddu } 1997d7db7a88SGiovanni Cabiddu 1998a9943a0aSGiovanni Cabiddu ilen = req->dlen; 1999a9943a0aSGiovanni Cabiddu dlen = COMP_BUF_SIZE; 2000a9943a0aSGiovanni Cabiddu sg_init_one(&src, output, ilen); 2001a9943a0aSGiovanni Cabiddu sg_init_one(&dst, decomp_out, dlen); 20027f397136SGilad Ben-Yossef crypto_init_wait(&wait); 2003a9943a0aSGiovanni Cabiddu acomp_request_set_params(req, &src, &dst, ilen, dlen); 2004a9943a0aSGiovanni Cabiddu 20057f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_acomp_decompress(req), &wait); 2006a9943a0aSGiovanni Cabiddu if (ret) { 2007a9943a0aSGiovanni Cabiddu pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n", 2008a9943a0aSGiovanni Cabiddu i + 1, algo, -ret); 2009a9943a0aSGiovanni Cabiddu kfree(input_vec); 2010a9943a0aSGiovanni Cabiddu acomp_request_free(req); 2011a9943a0aSGiovanni Cabiddu goto out; 2012a9943a0aSGiovanni Cabiddu } 2013a9943a0aSGiovanni Cabiddu 2014a9943a0aSGiovanni Cabiddu if (req->dlen != ctemplate[i].inlen) { 2015d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: Compression test %d failed for %s: output len = %d\n", 2016d7db7a88SGiovanni Cabiddu i + 1, algo, req->dlen); 2017d7db7a88SGiovanni Cabiddu ret = -EINVAL; 201802608e02SLaura Abbott kfree(input_vec); 2019d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2020d7db7a88SGiovanni Cabiddu goto out; 2021d7db7a88SGiovanni Cabiddu } 2022d7db7a88SGiovanni Cabiddu 2023a9943a0aSGiovanni Cabiddu if (memcmp(input_vec, decomp_out, req->dlen)) { 2024d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: Compression test %d failed for %s\n", 2025d7db7a88SGiovanni Cabiddu i + 1, algo); 2026d7db7a88SGiovanni Cabiddu hexdump(output, req->dlen); 2027d7db7a88SGiovanni Cabiddu ret = -EINVAL; 202802608e02SLaura Abbott kfree(input_vec); 2029d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2030d7db7a88SGiovanni Cabiddu goto out; 2031d7db7a88SGiovanni Cabiddu } 2032d7db7a88SGiovanni Cabiddu 203302608e02SLaura Abbott kfree(input_vec); 2034d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2035d7db7a88SGiovanni Cabiddu } 2036d7db7a88SGiovanni Cabiddu 2037d7db7a88SGiovanni Cabiddu for (i = 0; i < dtcount; i++) { 2038d7db7a88SGiovanni Cabiddu unsigned int dlen = COMP_BUF_SIZE; 2039d7db7a88SGiovanni Cabiddu int ilen = dtemplate[i].inlen; 204002608e02SLaura Abbott void *input_vec; 2041d7db7a88SGiovanni Cabiddu 2042d2110224SEric Biggers input_vec = kmemdup(dtemplate[i].input, ilen, GFP_KERNEL); 204302608e02SLaura Abbott if (!input_vec) { 204402608e02SLaura Abbott ret = -ENOMEM; 204502608e02SLaura Abbott goto out; 204602608e02SLaura Abbott } 204702608e02SLaura Abbott 2048eb095593SEric Biggers memset(output, 0, dlen); 20497f397136SGilad Ben-Yossef crypto_init_wait(&wait); 205002608e02SLaura Abbott sg_init_one(&src, input_vec, ilen); 2051d7db7a88SGiovanni Cabiddu sg_init_one(&dst, output, dlen); 2052d7db7a88SGiovanni Cabiddu 2053d7db7a88SGiovanni Cabiddu req = acomp_request_alloc(tfm); 2054d7db7a88SGiovanni Cabiddu if (!req) { 2055d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: request alloc failed for %s\n", 2056d7db7a88SGiovanni Cabiddu algo); 205702608e02SLaura Abbott kfree(input_vec); 2058d7db7a88SGiovanni Cabiddu ret = -ENOMEM; 2059d7db7a88SGiovanni Cabiddu goto out; 2060d7db7a88SGiovanni Cabiddu } 2061d7db7a88SGiovanni Cabiddu 2062d7db7a88SGiovanni Cabiddu acomp_request_set_params(req, &src, &dst, ilen, dlen); 2063d7db7a88SGiovanni Cabiddu acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 20647f397136SGilad Ben-Yossef crypto_req_done, &wait); 2065d7db7a88SGiovanni Cabiddu 20667f397136SGilad Ben-Yossef ret = crypto_wait_req(crypto_acomp_decompress(req), &wait); 2067d7db7a88SGiovanni Cabiddu if (ret) { 2068d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: decompression failed on test %d for %s: ret=%d\n", 2069d7db7a88SGiovanni Cabiddu i + 1, algo, -ret); 207002608e02SLaura Abbott kfree(input_vec); 2071d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2072d7db7a88SGiovanni Cabiddu goto out; 2073d7db7a88SGiovanni Cabiddu } 2074d7db7a88SGiovanni Cabiddu 2075d7db7a88SGiovanni Cabiddu if (req->dlen != dtemplate[i].outlen) { 2076d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: Decompression test %d failed for %s: output len = %d\n", 2077d7db7a88SGiovanni Cabiddu i + 1, algo, req->dlen); 2078d7db7a88SGiovanni Cabiddu ret = -EINVAL; 207902608e02SLaura Abbott kfree(input_vec); 2080d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2081d7db7a88SGiovanni Cabiddu goto out; 2082d7db7a88SGiovanni Cabiddu } 2083d7db7a88SGiovanni Cabiddu 2084d7db7a88SGiovanni Cabiddu if (memcmp(output, dtemplate[i].output, req->dlen)) { 2085d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: Decompression test %d failed for %s\n", 2086d7db7a88SGiovanni Cabiddu i + 1, algo); 2087d7db7a88SGiovanni Cabiddu hexdump(output, req->dlen); 2088d7db7a88SGiovanni Cabiddu ret = -EINVAL; 208902608e02SLaura Abbott kfree(input_vec); 2090d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2091d7db7a88SGiovanni Cabiddu goto out; 2092d7db7a88SGiovanni Cabiddu } 2093d7db7a88SGiovanni Cabiddu 209402608e02SLaura Abbott kfree(input_vec); 2095d7db7a88SGiovanni Cabiddu acomp_request_free(req); 2096d7db7a88SGiovanni Cabiddu } 2097d7db7a88SGiovanni Cabiddu 2098d7db7a88SGiovanni Cabiddu ret = 0; 2099d7db7a88SGiovanni Cabiddu 2100d7db7a88SGiovanni Cabiddu out: 2101a9943a0aSGiovanni Cabiddu kfree(decomp_out); 2102eb095593SEric Biggers kfree(output); 2103d7db7a88SGiovanni Cabiddu return ret; 2104d7db7a88SGiovanni Cabiddu } 2105d7db7a88SGiovanni Cabiddu 2106b13b1e0cSEric Biggers static int test_cprng(struct crypto_rng *tfm, 2107b13b1e0cSEric Biggers const struct cprng_testvec *template, 21087647d6ceSJarod Wilson unsigned int tcount) 21097647d6ceSJarod Wilson { 21107647d6ceSJarod Wilson const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm)); 2111fa4ef8a6SFelipe Contreras int err = 0, i, j, seedsize; 21127647d6ceSJarod Wilson u8 *seed; 21137647d6ceSJarod Wilson char result[32]; 21147647d6ceSJarod Wilson 21157647d6ceSJarod Wilson seedsize = crypto_rng_seedsize(tfm); 21167647d6ceSJarod Wilson 21177647d6ceSJarod Wilson seed = kmalloc(seedsize, GFP_KERNEL); 21187647d6ceSJarod Wilson if (!seed) { 21197647d6ceSJarod Wilson printk(KERN_ERR "alg: cprng: Failed to allocate seed space " 21207647d6ceSJarod Wilson "for %s\n", algo); 21217647d6ceSJarod Wilson return -ENOMEM; 21227647d6ceSJarod Wilson } 21237647d6ceSJarod Wilson 21247647d6ceSJarod Wilson for (i = 0; i < tcount; i++) { 21257647d6ceSJarod Wilson memset(result, 0, 32); 21267647d6ceSJarod Wilson 21277647d6ceSJarod Wilson memcpy(seed, template[i].v, template[i].vlen); 21287647d6ceSJarod Wilson memcpy(seed + template[i].vlen, template[i].key, 21297647d6ceSJarod Wilson template[i].klen); 21307647d6ceSJarod Wilson memcpy(seed + template[i].vlen + template[i].klen, 21317647d6ceSJarod Wilson template[i].dt, template[i].dtlen); 21327647d6ceSJarod Wilson 21337647d6ceSJarod Wilson err = crypto_rng_reset(tfm, seed, seedsize); 21347647d6ceSJarod Wilson if (err) { 21357647d6ceSJarod Wilson printk(KERN_ERR "alg: cprng: Failed to reset rng " 21367647d6ceSJarod Wilson "for %s\n", algo); 21377647d6ceSJarod Wilson goto out; 21387647d6ceSJarod Wilson } 21397647d6ceSJarod Wilson 21407647d6ceSJarod Wilson for (j = 0; j < template[i].loops; j++) { 21417647d6ceSJarod Wilson err = crypto_rng_get_bytes(tfm, result, 21427647d6ceSJarod Wilson template[i].rlen); 214319e60e13SStephan Mueller if (err < 0) { 21447647d6ceSJarod Wilson printk(KERN_ERR "alg: cprng: Failed to obtain " 21457647d6ceSJarod Wilson "the correct amount of random data for " 214619e60e13SStephan Mueller "%s (requested %d)\n", algo, 214719e60e13SStephan Mueller template[i].rlen); 21487647d6ceSJarod Wilson goto out; 21497647d6ceSJarod Wilson } 21507647d6ceSJarod Wilson } 21517647d6ceSJarod Wilson 21527647d6ceSJarod Wilson err = memcmp(result, template[i].result, 21537647d6ceSJarod Wilson template[i].rlen); 21547647d6ceSJarod Wilson if (err) { 21557647d6ceSJarod Wilson printk(KERN_ERR "alg: cprng: Test %d failed for %s\n", 21567647d6ceSJarod Wilson i, algo); 21577647d6ceSJarod Wilson hexdump(result, template[i].rlen); 21587647d6ceSJarod Wilson err = -EINVAL; 21597647d6ceSJarod Wilson goto out; 21607647d6ceSJarod Wilson } 21617647d6ceSJarod Wilson } 21627647d6ceSJarod Wilson 21637647d6ceSJarod Wilson out: 21647647d6ceSJarod Wilson kfree(seed); 21657647d6ceSJarod Wilson return err; 21667647d6ceSJarod Wilson } 21677647d6ceSJarod Wilson 2168da7f033dSHerbert Xu static int alg_test_aead(const struct alg_test_desc *desc, const char *driver, 2169da7f033dSHerbert Xu u32 type, u32 mask) 2170da7f033dSHerbert Xu { 2171a0d608eeSEric Biggers const struct aead_test_suite *suite = &desc->suite.aead; 2172da7f033dSHerbert Xu struct crypto_aead *tfm; 2173a0d608eeSEric Biggers int err; 2174da7f033dSHerbert Xu 2175eed93e0cSHerbert Xu tfm = crypto_alloc_aead(driver, type, mask); 2176da7f033dSHerbert Xu if (IS_ERR(tfm)) { 2177da7f033dSHerbert Xu printk(KERN_ERR "alg: aead: Failed to load transform for %s: " 2178da7f033dSHerbert Xu "%ld\n", driver, PTR_ERR(tfm)); 2179da7f033dSHerbert Xu return PTR_ERR(tfm); 2180da7f033dSHerbert Xu } 2181da7f033dSHerbert Xu 2182a0d608eeSEric Biggers err = test_aead(tfm, ENCRYPT, suite->vecs, suite->count); 2183a0d608eeSEric Biggers if (!err) 2184a0d608eeSEric Biggers err = test_aead(tfm, DECRYPT, suite->vecs, suite->count); 2185da7f033dSHerbert Xu 2186da7f033dSHerbert Xu crypto_free_aead(tfm); 2187da7f033dSHerbert Xu return err; 2188da7f033dSHerbert Xu } 2189da7f033dSHerbert Xu 2190da7f033dSHerbert Xu static int alg_test_cipher(const struct alg_test_desc *desc, 2191da7f033dSHerbert Xu const char *driver, u32 type, u32 mask) 2192da7f033dSHerbert Xu { 219392a4c9feSEric Biggers const struct cipher_test_suite *suite = &desc->suite.cipher; 21941aa4ecd9SHerbert Xu struct crypto_cipher *tfm; 219592a4c9feSEric Biggers int err; 2196da7f033dSHerbert Xu 2197eed93e0cSHerbert Xu tfm = crypto_alloc_cipher(driver, type, mask); 2198da7f033dSHerbert Xu if (IS_ERR(tfm)) { 2199da7f033dSHerbert Xu printk(KERN_ERR "alg: cipher: Failed to load transform for " 2200da7f033dSHerbert Xu "%s: %ld\n", driver, PTR_ERR(tfm)); 2201da7f033dSHerbert Xu return PTR_ERR(tfm); 2202da7f033dSHerbert Xu } 2203da7f033dSHerbert Xu 220492a4c9feSEric Biggers err = test_cipher(tfm, ENCRYPT, suite->vecs, suite->count); 220592a4c9feSEric Biggers if (!err) 220692a4c9feSEric Biggers err = test_cipher(tfm, DECRYPT, suite->vecs, suite->count); 2207da7f033dSHerbert Xu 22081aa4ecd9SHerbert Xu crypto_free_cipher(tfm); 22091aa4ecd9SHerbert Xu return err; 22101aa4ecd9SHerbert Xu } 22111aa4ecd9SHerbert Xu 22121aa4ecd9SHerbert Xu static int alg_test_skcipher(const struct alg_test_desc *desc, 22131aa4ecd9SHerbert Xu const char *driver, u32 type, u32 mask) 22141aa4ecd9SHerbert Xu { 221592a4c9feSEric Biggers const struct cipher_test_suite *suite = &desc->suite.cipher; 221612773d93SHerbert Xu struct crypto_skcipher *tfm; 221792a4c9feSEric Biggers int err; 22181aa4ecd9SHerbert Xu 2219eed93e0cSHerbert Xu tfm = crypto_alloc_skcipher(driver, type, mask); 22201aa4ecd9SHerbert Xu if (IS_ERR(tfm)) { 22211aa4ecd9SHerbert Xu printk(KERN_ERR "alg: skcipher: Failed to load transform for " 22221aa4ecd9SHerbert Xu "%s: %ld\n", driver, PTR_ERR(tfm)); 22231aa4ecd9SHerbert Xu return PTR_ERR(tfm); 22241aa4ecd9SHerbert Xu } 22251aa4ecd9SHerbert Xu 222692a4c9feSEric Biggers err = test_skcipher(tfm, ENCRYPT, suite->vecs, suite->count); 222792a4c9feSEric Biggers if (!err) 222892a4c9feSEric Biggers err = test_skcipher(tfm, DECRYPT, suite->vecs, suite->count); 22291aa4ecd9SHerbert Xu 223012773d93SHerbert Xu crypto_free_skcipher(tfm); 2231da7f033dSHerbert Xu return err; 2232da7f033dSHerbert Xu } 2233da7f033dSHerbert Xu 2234da7f033dSHerbert Xu static int alg_test_comp(const struct alg_test_desc *desc, const char *driver, 2235da7f033dSHerbert Xu u32 type, u32 mask) 2236da7f033dSHerbert Xu { 2237d7db7a88SGiovanni Cabiddu struct crypto_comp *comp; 2238d7db7a88SGiovanni Cabiddu struct crypto_acomp *acomp; 2239da7f033dSHerbert Xu int err; 2240d7db7a88SGiovanni Cabiddu u32 algo_type = type & CRYPTO_ALG_TYPE_ACOMPRESS_MASK; 2241da7f033dSHerbert Xu 2242d7db7a88SGiovanni Cabiddu if (algo_type == CRYPTO_ALG_TYPE_ACOMPRESS) { 2243d7db7a88SGiovanni Cabiddu acomp = crypto_alloc_acomp(driver, type, mask); 2244d7db7a88SGiovanni Cabiddu if (IS_ERR(acomp)) { 2245d7db7a88SGiovanni Cabiddu pr_err("alg: acomp: Failed to load transform for %s: %ld\n", 2246d7db7a88SGiovanni Cabiddu driver, PTR_ERR(acomp)); 2247d7db7a88SGiovanni Cabiddu return PTR_ERR(acomp); 2248d7db7a88SGiovanni Cabiddu } 2249d7db7a88SGiovanni Cabiddu err = test_acomp(acomp, desc->suite.comp.comp.vecs, 2250d7db7a88SGiovanni Cabiddu desc->suite.comp.decomp.vecs, 2251d7db7a88SGiovanni Cabiddu desc->suite.comp.comp.count, 2252d7db7a88SGiovanni Cabiddu desc->suite.comp.decomp.count); 2253d7db7a88SGiovanni Cabiddu crypto_free_acomp(acomp); 2254d7db7a88SGiovanni Cabiddu } else { 2255d7db7a88SGiovanni Cabiddu comp = crypto_alloc_comp(driver, type, mask); 2256d7db7a88SGiovanni Cabiddu if (IS_ERR(comp)) { 2257d7db7a88SGiovanni Cabiddu pr_err("alg: comp: Failed to load transform for %s: %ld\n", 2258d7db7a88SGiovanni Cabiddu driver, PTR_ERR(comp)); 2259d7db7a88SGiovanni Cabiddu return PTR_ERR(comp); 2260da7f033dSHerbert Xu } 2261da7f033dSHerbert Xu 2262d7db7a88SGiovanni Cabiddu err = test_comp(comp, desc->suite.comp.comp.vecs, 2263da7f033dSHerbert Xu desc->suite.comp.decomp.vecs, 2264da7f033dSHerbert Xu desc->suite.comp.comp.count, 2265da7f033dSHerbert Xu desc->suite.comp.decomp.count); 2266da7f033dSHerbert Xu 2267d7db7a88SGiovanni Cabiddu crypto_free_comp(comp); 2268d7db7a88SGiovanni Cabiddu } 2269da7f033dSHerbert Xu return err; 2270da7f033dSHerbert Xu } 2271da7f033dSHerbert Xu 22729b3abc01SEric Biggers static int __alg_test_hash(const struct hash_testvec *template, 22739b3abc01SEric Biggers unsigned int tcount, const char *driver, 2274da7f033dSHerbert Xu u32 type, u32 mask) 2275da7f033dSHerbert Xu { 2276da7f033dSHerbert Xu struct crypto_ahash *tfm; 2277da7f033dSHerbert Xu int err; 2278da7f033dSHerbert Xu 2279eed93e0cSHerbert Xu tfm = crypto_alloc_ahash(driver, type, mask); 2280da7f033dSHerbert Xu if (IS_ERR(tfm)) { 2281da7f033dSHerbert Xu printk(KERN_ERR "alg: hash: Failed to load transform for %s: " 2282da7f033dSHerbert Xu "%ld\n", driver, PTR_ERR(tfm)); 2283da7f033dSHerbert Xu return PTR_ERR(tfm); 2284da7f033dSHerbert Xu } 2285da7f033dSHerbert Xu 228676715095SGilad Ben-Yossef err = test_hash(tfm, template, tcount, HASH_TEST_DIGEST); 2287a8f1a052SDavid S. Miller if (!err) 228876715095SGilad Ben-Yossef err = test_hash(tfm, template, tcount, HASH_TEST_FINAL); 228976715095SGilad Ben-Yossef if (!err) 229076715095SGilad Ben-Yossef err = test_hash(tfm, template, tcount, HASH_TEST_FINUP); 2291da7f033dSHerbert Xu crypto_free_ahash(tfm); 2292da7f033dSHerbert Xu return err; 2293da7f033dSHerbert Xu } 2294da7f033dSHerbert Xu 22959b3abc01SEric Biggers static int alg_test_hash(const struct alg_test_desc *desc, const char *driver, 22969b3abc01SEric Biggers u32 type, u32 mask) 22979b3abc01SEric Biggers { 22989b3abc01SEric Biggers const struct hash_testvec *template = desc->suite.hash.vecs; 22999b3abc01SEric Biggers unsigned int tcount = desc->suite.hash.count; 23009b3abc01SEric Biggers unsigned int nr_unkeyed, nr_keyed; 23019b3abc01SEric Biggers int err; 23029b3abc01SEric Biggers 23039b3abc01SEric Biggers /* 23049b3abc01SEric Biggers * For OPTIONAL_KEY algorithms, we have to do all the unkeyed tests 23059b3abc01SEric Biggers * first, before setting a key on the tfm. To make this easier, we 23069b3abc01SEric Biggers * require that the unkeyed test vectors (if any) are listed first. 23079b3abc01SEric Biggers */ 23089b3abc01SEric Biggers 23099b3abc01SEric Biggers for (nr_unkeyed = 0; nr_unkeyed < tcount; nr_unkeyed++) { 23109b3abc01SEric Biggers if (template[nr_unkeyed].ksize) 23119b3abc01SEric Biggers break; 23129b3abc01SEric Biggers } 23139b3abc01SEric Biggers for (nr_keyed = 0; nr_unkeyed + nr_keyed < tcount; nr_keyed++) { 23149b3abc01SEric Biggers if (!template[nr_unkeyed + nr_keyed].ksize) { 23159b3abc01SEric Biggers pr_err("alg: hash: test vectors for %s out of order, " 23169b3abc01SEric Biggers "unkeyed ones must come first\n", desc->alg); 23179b3abc01SEric Biggers return -EINVAL; 23189b3abc01SEric Biggers } 23199b3abc01SEric Biggers } 23209b3abc01SEric Biggers 23219b3abc01SEric Biggers err = 0; 23229b3abc01SEric Biggers if (nr_unkeyed) { 23239b3abc01SEric Biggers err = __alg_test_hash(template, nr_unkeyed, driver, type, mask); 23249b3abc01SEric Biggers template += nr_unkeyed; 23259b3abc01SEric Biggers } 23269b3abc01SEric Biggers 23279b3abc01SEric Biggers if (!err && nr_keyed) 23289b3abc01SEric Biggers err = __alg_test_hash(template, nr_keyed, driver, type, mask); 23299b3abc01SEric Biggers 23309b3abc01SEric Biggers return err; 23319b3abc01SEric Biggers } 23329b3abc01SEric Biggers 23338e3ee85eSHerbert Xu static int alg_test_crc32c(const struct alg_test_desc *desc, 23348e3ee85eSHerbert Xu const char *driver, u32 type, u32 mask) 23358e3ee85eSHerbert Xu { 23368e3ee85eSHerbert Xu struct crypto_shash *tfm; 2337cb9dde88SEric Biggers __le32 val; 23388e3ee85eSHerbert Xu int err; 23398e3ee85eSHerbert Xu 23408e3ee85eSHerbert Xu err = alg_test_hash(desc, driver, type, mask); 23418e3ee85eSHerbert Xu if (err) 2342eb5e6730SEric Biggers return err; 23438e3ee85eSHerbert Xu 2344eed93e0cSHerbert Xu tfm = crypto_alloc_shash(driver, type, mask); 23458e3ee85eSHerbert Xu if (IS_ERR(tfm)) { 2346eb5e6730SEric Biggers if (PTR_ERR(tfm) == -ENOENT) { 2347eb5e6730SEric Biggers /* 2348eb5e6730SEric Biggers * This crc32c implementation is only available through 2349eb5e6730SEric Biggers * ahash API, not the shash API, so the remaining part 2350eb5e6730SEric Biggers * of the test is not applicable to it. 2351eb5e6730SEric Biggers */ 2352eb5e6730SEric Biggers return 0; 2353eb5e6730SEric Biggers } 23548e3ee85eSHerbert Xu printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: " 23558e3ee85eSHerbert Xu "%ld\n", driver, PTR_ERR(tfm)); 2356eb5e6730SEric Biggers return PTR_ERR(tfm); 23578e3ee85eSHerbert Xu } 23588e3ee85eSHerbert Xu 23598e3ee85eSHerbert Xu do { 23604c5c3024SJan-Simon Möller SHASH_DESC_ON_STACK(shash, tfm); 23614c5c3024SJan-Simon Möller u32 *ctx = (u32 *)shash_desc_ctx(shash); 23628e3ee85eSHerbert Xu 23634c5c3024SJan-Simon Möller shash->tfm = tfm; 23644c5c3024SJan-Simon Möller shash->flags = 0; 23658e3ee85eSHerbert Xu 2366cb9dde88SEric Biggers *ctx = 420553207; 23674c5c3024SJan-Simon Möller err = crypto_shash_final(shash, (u8 *)&val); 23688e3ee85eSHerbert Xu if (err) { 23698e3ee85eSHerbert Xu printk(KERN_ERR "alg: crc32c: Operation failed for " 23708e3ee85eSHerbert Xu "%s: %d\n", driver, err); 23718e3ee85eSHerbert Xu break; 23728e3ee85eSHerbert Xu } 23738e3ee85eSHerbert Xu 2374cb9dde88SEric Biggers if (val != cpu_to_le32(~420553207)) { 2375cb9dde88SEric Biggers pr_err("alg: crc32c: Test failed for %s: %u\n", 2376cb9dde88SEric Biggers driver, le32_to_cpu(val)); 23778e3ee85eSHerbert Xu err = -EINVAL; 23788e3ee85eSHerbert Xu } 23798e3ee85eSHerbert Xu } while (0); 23808e3ee85eSHerbert Xu 23818e3ee85eSHerbert Xu crypto_free_shash(tfm); 23828e3ee85eSHerbert Xu 23838e3ee85eSHerbert Xu return err; 23848e3ee85eSHerbert Xu } 23858e3ee85eSHerbert Xu 23867647d6ceSJarod Wilson static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver, 23877647d6ceSJarod Wilson u32 type, u32 mask) 23887647d6ceSJarod Wilson { 23897647d6ceSJarod Wilson struct crypto_rng *rng; 23907647d6ceSJarod Wilson int err; 23917647d6ceSJarod Wilson 2392eed93e0cSHerbert Xu rng = crypto_alloc_rng(driver, type, mask); 23937647d6ceSJarod Wilson if (IS_ERR(rng)) { 23947647d6ceSJarod Wilson printk(KERN_ERR "alg: cprng: Failed to load transform for %s: " 23957647d6ceSJarod Wilson "%ld\n", driver, PTR_ERR(rng)); 23967647d6ceSJarod Wilson return PTR_ERR(rng); 23977647d6ceSJarod Wilson } 23987647d6ceSJarod Wilson 23997647d6ceSJarod Wilson err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count); 24007647d6ceSJarod Wilson 24017647d6ceSJarod Wilson crypto_free_rng(rng); 24027647d6ceSJarod Wilson 24037647d6ceSJarod Wilson return err; 24047647d6ceSJarod Wilson } 24057647d6ceSJarod Wilson 240664d1cdfbSStephan Mueller 2407b13b1e0cSEric Biggers static int drbg_cavs_test(const struct drbg_testvec *test, int pr, 240864d1cdfbSStephan Mueller const char *driver, u32 type, u32 mask) 240964d1cdfbSStephan Mueller { 241064d1cdfbSStephan Mueller int ret = -EAGAIN; 241164d1cdfbSStephan Mueller struct crypto_rng *drng; 241264d1cdfbSStephan Mueller struct drbg_test_data test_data; 241364d1cdfbSStephan Mueller struct drbg_string addtl, pers, testentropy; 241464d1cdfbSStephan Mueller unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL); 241564d1cdfbSStephan Mueller 241664d1cdfbSStephan Mueller if (!buf) 241764d1cdfbSStephan Mueller return -ENOMEM; 241864d1cdfbSStephan Mueller 2419eed93e0cSHerbert Xu drng = crypto_alloc_rng(driver, type, mask); 242064d1cdfbSStephan Mueller if (IS_ERR(drng)) { 242164d1cdfbSStephan Mueller printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for " 242264d1cdfbSStephan Mueller "%s\n", driver); 242364d1cdfbSStephan Mueller kzfree(buf); 242464d1cdfbSStephan Mueller return -ENOMEM; 242564d1cdfbSStephan Mueller } 242664d1cdfbSStephan Mueller 242764d1cdfbSStephan Mueller test_data.testentropy = &testentropy; 242864d1cdfbSStephan Mueller drbg_string_fill(&testentropy, test->entropy, test->entropylen); 242964d1cdfbSStephan Mueller drbg_string_fill(&pers, test->pers, test->perslen); 243064d1cdfbSStephan Mueller ret = crypto_drbg_reset_test(drng, &pers, &test_data); 243164d1cdfbSStephan Mueller if (ret) { 243264d1cdfbSStephan Mueller printk(KERN_ERR "alg: drbg: Failed to reset rng\n"); 243364d1cdfbSStephan Mueller goto outbuf; 243464d1cdfbSStephan Mueller } 243564d1cdfbSStephan Mueller 243664d1cdfbSStephan Mueller drbg_string_fill(&addtl, test->addtla, test->addtllen); 243764d1cdfbSStephan Mueller if (pr) { 243864d1cdfbSStephan Mueller drbg_string_fill(&testentropy, test->entpra, test->entprlen); 243964d1cdfbSStephan Mueller ret = crypto_drbg_get_bytes_addtl_test(drng, 244064d1cdfbSStephan Mueller buf, test->expectedlen, &addtl, &test_data); 244164d1cdfbSStephan Mueller } else { 244264d1cdfbSStephan Mueller ret = crypto_drbg_get_bytes_addtl(drng, 244364d1cdfbSStephan Mueller buf, test->expectedlen, &addtl); 244464d1cdfbSStephan Mueller } 244519e60e13SStephan Mueller if (ret < 0) { 244664d1cdfbSStephan Mueller printk(KERN_ERR "alg: drbg: could not obtain random data for " 244764d1cdfbSStephan Mueller "driver %s\n", driver); 244864d1cdfbSStephan Mueller goto outbuf; 244964d1cdfbSStephan Mueller } 245064d1cdfbSStephan Mueller 245164d1cdfbSStephan Mueller drbg_string_fill(&addtl, test->addtlb, test->addtllen); 245264d1cdfbSStephan Mueller if (pr) { 245364d1cdfbSStephan Mueller drbg_string_fill(&testentropy, test->entprb, test->entprlen); 245464d1cdfbSStephan Mueller ret = crypto_drbg_get_bytes_addtl_test(drng, 245564d1cdfbSStephan Mueller buf, test->expectedlen, &addtl, &test_data); 245664d1cdfbSStephan Mueller } else { 245764d1cdfbSStephan Mueller ret = crypto_drbg_get_bytes_addtl(drng, 245864d1cdfbSStephan Mueller buf, test->expectedlen, &addtl); 245964d1cdfbSStephan Mueller } 246019e60e13SStephan Mueller if (ret < 0) { 246164d1cdfbSStephan Mueller printk(KERN_ERR "alg: drbg: could not obtain random data for " 246264d1cdfbSStephan Mueller "driver %s\n", driver); 246364d1cdfbSStephan Mueller goto outbuf; 246464d1cdfbSStephan Mueller } 246564d1cdfbSStephan Mueller 246664d1cdfbSStephan Mueller ret = memcmp(test->expected, buf, test->expectedlen); 246764d1cdfbSStephan Mueller 246864d1cdfbSStephan Mueller outbuf: 246964d1cdfbSStephan Mueller crypto_free_rng(drng); 247064d1cdfbSStephan Mueller kzfree(buf); 247164d1cdfbSStephan Mueller return ret; 247264d1cdfbSStephan Mueller } 247364d1cdfbSStephan Mueller 247464d1cdfbSStephan Mueller 247564d1cdfbSStephan Mueller static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, 247664d1cdfbSStephan Mueller u32 type, u32 mask) 247764d1cdfbSStephan Mueller { 247864d1cdfbSStephan Mueller int err = 0; 247964d1cdfbSStephan Mueller int pr = 0; 248064d1cdfbSStephan Mueller int i = 0; 2481b13b1e0cSEric Biggers const struct drbg_testvec *template = desc->suite.drbg.vecs; 248264d1cdfbSStephan Mueller unsigned int tcount = desc->suite.drbg.count; 248364d1cdfbSStephan Mueller 248464d1cdfbSStephan Mueller if (0 == memcmp(driver, "drbg_pr_", 8)) 248564d1cdfbSStephan Mueller pr = 1; 248664d1cdfbSStephan Mueller 248764d1cdfbSStephan Mueller for (i = 0; i < tcount; i++) { 248864d1cdfbSStephan Mueller err = drbg_cavs_test(&template[i], pr, driver, type, mask); 248964d1cdfbSStephan Mueller if (err) { 249064d1cdfbSStephan Mueller printk(KERN_ERR "alg: drbg: Test %d failed for %s\n", 249164d1cdfbSStephan Mueller i, driver); 249264d1cdfbSStephan Mueller err = -EINVAL; 249364d1cdfbSStephan Mueller break; 249464d1cdfbSStephan Mueller } 249564d1cdfbSStephan Mueller } 249664d1cdfbSStephan Mueller return err; 249764d1cdfbSStephan Mueller 249864d1cdfbSStephan Mueller } 249964d1cdfbSStephan Mueller 2500b13b1e0cSEric Biggers static int do_test_kpp(struct crypto_kpp *tfm, const struct kpp_testvec *vec, 2501802c7f1cSSalvatore Benedetto const char *alg) 2502802c7f1cSSalvatore Benedetto { 2503802c7f1cSSalvatore Benedetto struct kpp_request *req; 2504802c7f1cSSalvatore Benedetto void *input_buf = NULL; 2505802c7f1cSSalvatore Benedetto void *output_buf = NULL; 250647d3fd39STudor-Dan Ambarus void *a_public = NULL; 250747d3fd39STudor-Dan Ambarus void *a_ss = NULL; 250847d3fd39STudor-Dan Ambarus void *shared_secret = NULL; 25097f397136SGilad Ben-Yossef struct crypto_wait wait; 2510802c7f1cSSalvatore Benedetto unsigned int out_len_max; 2511802c7f1cSSalvatore Benedetto int err = -ENOMEM; 2512802c7f1cSSalvatore Benedetto struct scatterlist src, dst; 2513802c7f1cSSalvatore Benedetto 2514802c7f1cSSalvatore Benedetto req = kpp_request_alloc(tfm, GFP_KERNEL); 2515802c7f1cSSalvatore Benedetto if (!req) 2516802c7f1cSSalvatore Benedetto return err; 2517802c7f1cSSalvatore Benedetto 25187f397136SGilad Ben-Yossef crypto_init_wait(&wait); 2519802c7f1cSSalvatore Benedetto 2520802c7f1cSSalvatore Benedetto err = crypto_kpp_set_secret(tfm, vec->secret, vec->secret_size); 2521802c7f1cSSalvatore Benedetto if (err < 0) 2522802c7f1cSSalvatore Benedetto goto free_req; 2523802c7f1cSSalvatore Benedetto 2524802c7f1cSSalvatore Benedetto out_len_max = crypto_kpp_maxsize(tfm); 2525802c7f1cSSalvatore Benedetto output_buf = kzalloc(out_len_max, GFP_KERNEL); 2526802c7f1cSSalvatore Benedetto if (!output_buf) { 2527802c7f1cSSalvatore Benedetto err = -ENOMEM; 2528802c7f1cSSalvatore Benedetto goto free_req; 2529802c7f1cSSalvatore Benedetto } 2530802c7f1cSSalvatore Benedetto 2531802c7f1cSSalvatore Benedetto /* Use appropriate parameter as base */ 2532802c7f1cSSalvatore Benedetto kpp_request_set_input(req, NULL, 0); 2533802c7f1cSSalvatore Benedetto sg_init_one(&dst, output_buf, out_len_max); 2534802c7f1cSSalvatore Benedetto kpp_request_set_output(req, &dst, out_len_max); 2535802c7f1cSSalvatore Benedetto kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 25367f397136SGilad Ben-Yossef crypto_req_done, &wait); 2537802c7f1cSSalvatore Benedetto 253847d3fd39STudor-Dan Ambarus /* Compute party A's public key */ 25397f397136SGilad Ben-Yossef err = crypto_wait_req(crypto_kpp_generate_public_key(req), &wait); 2540802c7f1cSSalvatore Benedetto if (err) { 254147d3fd39STudor-Dan Ambarus pr_err("alg: %s: Party A: generate public key test failed. err %d\n", 2542802c7f1cSSalvatore Benedetto alg, err); 2543802c7f1cSSalvatore Benedetto goto free_output; 2544802c7f1cSSalvatore Benedetto } 254547d3fd39STudor-Dan Ambarus 254647d3fd39STudor-Dan Ambarus if (vec->genkey) { 254747d3fd39STudor-Dan Ambarus /* Save party A's public key */ 2548e3d90e52SChristopher Diaz Riveros a_public = kmemdup(sg_virt(req->dst), out_len_max, GFP_KERNEL); 254947d3fd39STudor-Dan Ambarus if (!a_public) { 255047d3fd39STudor-Dan Ambarus err = -ENOMEM; 255147d3fd39STudor-Dan Ambarus goto free_output; 255247d3fd39STudor-Dan Ambarus } 255347d3fd39STudor-Dan Ambarus } else { 2554802c7f1cSSalvatore Benedetto /* Verify calculated public key */ 2555802c7f1cSSalvatore Benedetto if (memcmp(vec->expected_a_public, sg_virt(req->dst), 2556802c7f1cSSalvatore Benedetto vec->expected_a_public_size)) { 255747d3fd39STudor-Dan Ambarus pr_err("alg: %s: Party A: generate public key test failed. Invalid output\n", 2558802c7f1cSSalvatore Benedetto alg); 2559802c7f1cSSalvatore Benedetto err = -EINVAL; 2560802c7f1cSSalvatore Benedetto goto free_output; 2561802c7f1cSSalvatore Benedetto } 256247d3fd39STudor-Dan Ambarus } 2563802c7f1cSSalvatore Benedetto 2564802c7f1cSSalvatore Benedetto /* Calculate shared secret key by using counter part (b) public key. */ 2565e3d90e52SChristopher Diaz Riveros input_buf = kmemdup(vec->b_public, vec->b_public_size, GFP_KERNEL); 2566802c7f1cSSalvatore Benedetto if (!input_buf) { 2567802c7f1cSSalvatore Benedetto err = -ENOMEM; 2568802c7f1cSSalvatore Benedetto goto free_output; 2569802c7f1cSSalvatore Benedetto } 2570802c7f1cSSalvatore Benedetto 2571802c7f1cSSalvatore Benedetto sg_init_one(&src, input_buf, vec->b_public_size); 2572802c7f1cSSalvatore Benedetto sg_init_one(&dst, output_buf, out_len_max); 2573802c7f1cSSalvatore Benedetto kpp_request_set_input(req, &src, vec->b_public_size); 2574802c7f1cSSalvatore Benedetto kpp_request_set_output(req, &dst, out_len_max); 2575802c7f1cSSalvatore Benedetto kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 25767f397136SGilad Ben-Yossef crypto_req_done, &wait); 25777f397136SGilad Ben-Yossef err = crypto_wait_req(crypto_kpp_compute_shared_secret(req), &wait); 2578802c7f1cSSalvatore Benedetto if (err) { 257947d3fd39STudor-Dan Ambarus pr_err("alg: %s: Party A: compute shared secret test failed. err %d\n", 2580802c7f1cSSalvatore Benedetto alg, err); 2581802c7f1cSSalvatore Benedetto goto free_all; 2582802c7f1cSSalvatore Benedetto } 258347d3fd39STudor-Dan Ambarus 258447d3fd39STudor-Dan Ambarus if (vec->genkey) { 258547d3fd39STudor-Dan Ambarus /* Save the shared secret obtained by party A */ 2586e3d90e52SChristopher Diaz Riveros a_ss = kmemdup(sg_virt(req->dst), vec->expected_ss_size, GFP_KERNEL); 258747d3fd39STudor-Dan Ambarus if (!a_ss) { 258847d3fd39STudor-Dan Ambarus err = -ENOMEM; 258947d3fd39STudor-Dan Ambarus goto free_all; 259047d3fd39STudor-Dan Ambarus } 259147d3fd39STudor-Dan Ambarus 259247d3fd39STudor-Dan Ambarus /* 259347d3fd39STudor-Dan Ambarus * Calculate party B's shared secret by using party A's 259447d3fd39STudor-Dan Ambarus * public key. 259547d3fd39STudor-Dan Ambarus */ 259647d3fd39STudor-Dan Ambarus err = crypto_kpp_set_secret(tfm, vec->b_secret, 259747d3fd39STudor-Dan Ambarus vec->b_secret_size); 259847d3fd39STudor-Dan Ambarus if (err < 0) 259947d3fd39STudor-Dan Ambarus goto free_all; 260047d3fd39STudor-Dan Ambarus 260147d3fd39STudor-Dan Ambarus sg_init_one(&src, a_public, vec->expected_a_public_size); 260247d3fd39STudor-Dan Ambarus sg_init_one(&dst, output_buf, out_len_max); 260347d3fd39STudor-Dan Ambarus kpp_request_set_input(req, &src, vec->expected_a_public_size); 260447d3fd39STudor-Dan Ambarus kpp_request_set_output(req, &dst, out_len_max); 260547d3fd39STudor-Dan Ambarus kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 26067f397136SGilad Ben-Yossef crypto_req_done, &wait); 26077f397136SGilad Ben-Yossef err = crypto_wait_req(crypto_kpp_compute_shared_secret(req), 26087f397136SGilad Ben-Yossef &wait); 260947d3fd39STudor-Dan Ambarus if (err) { 261047d3fd39STudor-Dan Ambarus pr_err("alg: %s: Party B: compute shared secret failed. err %d\n", 261147d3fd39STudor-Dan Ambarus alg, err); 261247d3fd39STudor-Dan Ambarus goto free_all; 261347d3fd39STudor-Dan Ambarus } 261447d3fd39STudor-Dan Ambarus 261547d3fd39STudor-Dan Ambarus shared_secret = a_ss; 261647d3fd39STudor-Dan Ambarus } else { 261747d3fd39STudor-Dan Ambarus shared_secret = (void *)vec->expected_ss; 261847d3fd39STudor-Dan Ambarus } 261947d3fd39STudor-Dan Ambarus 2620802c7f1cSSalvatore Benedetto /* 2621802c7f1cSSalvatore Benedetto * verify shared secret from which the user will derive 2622802c7f1cSSalvatore Benedetto * secret key by executing whatever hash it has chosen 2623802c7f1cSSalvatore Benedetto */ 262447d3fd39STudor-Dan Ambarus if (memcmp(shared_secret, sg_virt(req->dst), 2625802c7f1cSSalvatore Benedetto vec->expected_ss_size)) { 2626802c7f1cSSalvatore Benedetto pr_err("alg: %s: compute shared secret test failed. Invalid output\n", 2627802c7f1cSSalvatore Benedetto alg); 2628802c7f1cSSalvatore Benedetto err = -EINVAL; 2629802c7f1cSSalvatore Benedetto } 2630802c7f1cSSalvatore Benedetto 2631802c7f1cSSalvatore Benedetto free_all: 263247d3fd39STudor-Dan Ambarus kfree(a_ss); 2633802c7f1cSSalvatore Benedetto kfree(input_buf); 2634802c7f1cSSalvatore Benedetto free_output: 263547d3fd39STudor-Dan Ambarus kfree(a_public); 2636802c7f1cSSalvatore Benedetto kfree(output_buf); 2637802c7f1cSSalvatore Benedetto free_req: 2638802c7f1cSSalvatore Benedetto kpp_request_free(req); 2639802c7f1cSSalvatore Benedetto return err; 2640802c7f1cSSalvatore Benedetto } 2641802c7f1cSSalvatore Benedetto 2642802c7f1cSSalvatore Benedetto static int test_kpp(struct crypto_kpp *tfm, const char *alg, 2643b13b1e0cSEric Biggers const struct kpp_testvec *vecs, unsigned int tcount) 2644802c7f1cSSalvatore Benedetto { 2645802c7f1cSSalvatore Benedetto int ret, i; 2646802c7f1cSSalvatore Benedetto 2647802c7f1cSSalvatore Benedetto for (i = 0; i < tcount; i++) { 2648802c7f1cSSalvatore Benedetto ret = do_test_kpp(tfm, vecs++, alg); 2649802c7f1cSSalvatore Benedetto if (ret) { 2650802c7f1cSSalvatore Benedetto pr_err("alg: %s: test failed on vector %d, err=%d\n", 2651802c7f1cSSalvatore Benedetto alg, i + 1, ret); 2652802c7f1cSSalvatore Benedetto return ret; 2653802c7f1cSSalvatore Benedetto } 2654802c7f1cSSalvatore Benedetto } 2655802c7f1cSSalvatore Benedetto return 0; 2656802c7f1cSSalvatore Benedetto } 2657802c7f1cSSalvatore Benedetto 2658802c7f1cSSalvatore Benedetto static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver, 2659802c7f1cSSalvatore Benedetto u32 type, u32 mask) 2660802c7f1cSSalvatore Benedetto { 2661802c7f1cSSalvatore Benedetto struct crypto_kpp *tfm; 2662802c7f1cSSalvatore Benedetto int err = 0; 2663802c7f1cSSalvatore Benedetto 2664eed93e0cSHerbert Xu tfm = crypto_alloc_kpp(driver, type, mask); 2665802c7f1cSSalvatore Benedetto if (IS_ERR(tfm)) { 2666802c7f1cSSalvatore Benedetto pr_err("alg: kpp: Failed to load tfm for %s: %ld\n", 2667802c7f1cSSalvatore Benedetto driver, PTR_ERR(tfm)); 2668802c7f1cSSalvatore Benedetto return PTR_ERR(tfm); 2669802c7f1cSSalvatore Benedetto } 2670802c7f1cSSalvatore Benedetto if (desc->suite.kpp.vecs) 2671802c7f1cSSalvatore Benedetto err = test_kpp(tfm, desc->alg, desc->suite.kpp.vecs, 2672802c7f1cSSalvatore Benedetto desc->suite.kpp.count); 2673802c7f1cSSalvatore Benedetto 2674802c7f1cSSalvatore Benedetto crypto_free_kpp(tfm); 2675802c7f1cSSalvatore Benedetto return err; 2676802c7f1cSSalvatore Benedetto } 2677802c7f1cSSalvatore Benedetto 267850d2b643SHerbert Xu static int test_akcipher_one(struct crypto_akcipher *tfm, 2679b13b1e0cSEric Biggers const struct akcipher_testvec *vecs) 2680946cc463STadeusz Struk { 2681df27b26fSHerbert Xu char *xbuf[XBUFSIZE]; 2682946cc463STadeusz Struk struct akcipher_request *req; 2683946cc463STadeusz Struk void *outbuf_enc = NULL; 2684946cc463STadeusz Struk void *outbuf_dec = NULL; 26857f397136SGilad Ben-Yossef struct crypto_wait wait; 2686946cc463STadeusz Struk unsigned int out_len_max, out_len = 0; 2687946cc463STadeusz Struk int err = -ENOMEM; 268822287b0bSTadeusz Struk struct scatterlist src, dst, src_tab[2]; 26890507de94SVitaly Chikunov const char *m, *c; 26900507de94SVitaly Chikunov unsigned int m_size, c_size; 26910507de94SVitaly Chikunov const char *op; 2692946cc463STadeusz Struk 2693df27b26fSHerbert Xu if (testmgr_alloc_buf(xbuf)) 2694df27b26fSHerbert Xu return err; 2695df27b26fSHerbert Xu 2696946cc463STadeusz Struk req = akcipher_request_alloc(tfm, GFP_KERNEL); 2697946cc463STadeusz Struk if (!req) 2698df27b26fSHerbert Xu goto free_xbuf; 2699946cc463STadeusz Struk 27007f397136SGilad Ben-Yossef crypto_init_wait(&wait); 270122287b0bSTadeusz Struk 270222287b0bSTadeusz Struk if (vecs->public_key_vec) 270322287b0bSTadeusz Struk err = crypto_akcipher_set_pub_key(tfm, vecs->key, 270422287b0bSTadeusz Struk vecs->key_len); 270522287b0bSTadeusz Struk else 270622287b0bSTadeusz Struk err = crypto_akcipher_set_priv_key(tfm, vecs->key, 270722287b0bSTadeusz Struk vecs->key_len); 2708946cc463STadeusz Struk if (err) 2709946cc463STadeusz Struk goto free_req; 2710946cc463STadeusz Struk 271157763f5eSSalvatore Benedetto err = -ENOMEM; 271222287b0bSTadeusz Struk out_len_max = crypto_akcipher_maxsize(tfm); 27130507de94SVitaly Chikunov 27140507de94SVitaly Chikunov /* 27150507de94SVitaly Chikunov * First run test which do not require a private key, such as 27160507de94SVitaly Chikunov * encrypt or verify. 27170507de94SVitaly Chikunov */ 2718946cc463STadeusz Struk outbuf_enc = kzalloc(out_len_max, GFP_KERNEL); 2719946cc463STadeusz Struk if (!outbuf_enc) 2720946cc463STadeusz Struk goto free_req; 2721946cc463STadeusz Struk 27220507de94SVitaly Chikunov if (!vecs->siggen_sigver_test) { 27230507de94SVitaly Chikunov m = vecs->m; 27240507de94SVitaly Chikunov m_size = vecs->m_size; 27250507de94SVitaly Chikunov c = vecs->c; 27260507de94SVitaly Chikunov c_size = vecs->c_size; 27270507de94SVitaly Chikunov op = "encrypt"; 27280507de94SVitaly Chikunov } else { 27290507de94SVitaly Chikunov /* Swap args so we could keep plaintext (digest) 27300507de94SVitaly Chikunov * in vecs->m, and cooked signature in vecs->c. 27310507de94SVitaly Chikunov */ 27320507de94SVitaly Chikunov m = vecs->c; /* signature */ 27330507de94SVitaly Chikunov m_size = vecs->c_size; 27340507de94SVitaly Chikunov c = vecs->m; /* digest */ 27350507de94SVitaly Chikunov c_size = vecs->m_size; 27360507de94SVitaly Chikunov op = "verify"; 27370507de94SVitaly Chikunov } 2738df27b26fSHerbert Xu 27390507de94SVitaly Chikunov if (WARN_ON(m_size > PAGE_SIZE)) 27400507de94SVitaly Chikunov goto free_all; 27410507de94SVitaly Chikunov memcpy(xbuf[0], m, m_size); 2742df27b26fSHerbert Xu 274322287b0bSTadeusz Struk sg_init_table(src_tab, 2); 2744df27b26fSHerbert Xu sg_set_buf(&src_tab[0], xbuf[0], 8); 27450507de94SVitaly Chikunov sg_set_buf(&src_tab[1], xbuf[0] + 8, m_size - 8); 274622287b0bSTadeusz Struk sg_init_one(&dst, outbuf_enc, out_len_max); 27470507de94SVitaly Chikunov akcipher_request_set_crypt(req, src_tab, &dst, m_size, 274822287b0bSTadeusz Struk out_len_max); 2749946cc463STadeusz Struk akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 27507f397136SGilad Ben-Yossef crypto_req_done, &wait); 2751946cc463STadeusz Struk 27527f397136SGilad Ben-Yossef err = crypto_wait_req(vecs->siggen_sigver_test ? 27530507de94SVitaly Chikunov /* Run asymmetric signature verification */ 27540507de94SVitaly Chikunov crypto_akcipher_verify(req) : 27551207107cSStephan Mueller /* Run asymmetric encrypt */ 27567f397136SGilad Ben-Yossef crypto_akcipher_encrypt(req), &wait); 2757946cc463STadeusz Struk if (err) { 27580507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. err %d\n", op, err); 2759946cc463STadeusz Struk goto free_all; 2760946cc463STadeusz Struk } 27610507de94SVitaly Chikunov if (req->dst_len != c_size) { 27620507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. Invalid output len\n", 27630507de94SVitaly Chikunov op); 2764946cc463STadeusz Struk err = -EINVAL; 2765946cc463STadeusz Struk goto free_all; 2766946cc463STadeusz Struk } 2767946cc463STadeusz Struk /* verify that encrypted message is equal to expected */ 27680507de94SVitaly Chikunov if (memcmp(c, outbuf_enc, c_size)) { 27690507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. Invalid output\n", op); 27700507de94SVitaly Chikunov hexdump(outbuf_enc, c_size); 2771946cc463STadeusz Struk err = -EINVAL; 2772946cc463STadeusz Struk goto free_all; 2773946cc463STadeusz Struk } 27740507de94SVitaly Chikunov 27750507de94SVitaly Chikunov /* 27760507de94SVitaly Chikunov * Don't invoke (decrypt or sign) test which require a private key 27770507de94SVitaly Chikunov * for vectors with only a public key. 27780507de94SVitaly Chikunov */ 2779946cc463STadeusz Struk if (vecs->public_key_vec) { 2780946cc463STadeusz Struk err = 0; 2781946cc463STadeusz Struk goto free_all; 2782946cc463STadeusz Struk } 2783946cc463STadeusz Struk outbuf_dec = kzalloc(out_len_max, GFP_KERNEL); 2784946cc463STadeusz Struk if (!outbuf_dec) { 2785946cc463STadeusz Struk err = -ENOMEM; 2786946cc463STadeusz Struk goto free_all; 2787946cc463STadeusz Struk } 2788df27b26fSHerbert Xu 27890507de94SVitaly Chikunov op = vecs->siggen_sigver_test ? "sign" : "decrypt"; 27900507de94SVitaly Chikunov if (WARN_ON(c_size > PAGE_SIZE)) 2791df27b26fSHerbert Xu goto free_all; 27920507de94SVitaly Chikunov memcpy(xbuf[0], c, c_size); 2793df27b26fSHerbert Xu 27940507de94SVitaly Chikunov sg_init_one(&src, xbuf[0], c_size); 279522287b0bSTadeusz Struk sg_init_one(&dst, outbuf_dec, out_len_max); 27967f397136SGilad Ben-Yossef crypto_init_wait(&wait); 27970507de94SVitaly Chikunov akcipher_request_set_crypt(req, &src, &dst, c_size, out_len_max); 2798946cc463STadeusz Struk 27997f397136SGilad Ben-Yossef err = crypto_wait_req(vecs->siggen_sigver_test ? 28000507de94SVitaly Chikunov /* Run asymmetric signature generation */ 28010507de94SVitaly Chikunov crypto_akcipher_sign(req) : 28021207107cSStephan Mueller /* Run asymmetric decrypt */ 28037f397136SGilad Ben-Yossef crypto_akcipher_decrypt(req), &wait); 2804946cc463STadeusz Struk if (err) { 28050507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. err %d\n", op, err); 2806946cc463STadeusz Struk goto free_all; 2807946cc463STadeusz Struk } 2808946cc463STadeusz Struk out_len = req->dst_len; 28090507de94SVitaly Chikunov if (out_len < m_size) { 28100507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. Invalid output len %u\n", 28110507de94SVitaly Chikunov op, out_len); 2812946cc463STadeusz Struk err = -EINVAL; 2813946cc463STadeusz Struk goto free_all; 2814946cc463STadeusz Struk } 2815946cc463STadeusz Struk /* verify that decrypted message is equal to the original msg */ 28160507de94SVitaly Chikunov if (memchr_inv(outbuf_dec, 0, out_len - m_size) || 28170507de94SVitaly Chikunov memcmp(m, outbuf_dec + out_len - m_size, m_size)) { 28180507de94SVitaly Chikunov pr_err("alg: akcipher: %s test failed. Invalid output\n", op); 281950d2b643SHerbert Xu hexdump(outbuf_dec, out_len); 2820946cc463STadeusz Struk err = -EINVAL; 2821946cc463STadeusz Struk } 2822946cc463STadeusz Struk free_all: 2823946cc463STadeusz Struk kfree(outbuf_dec); 2824946cc463STadeusz Struk kfree(outbuf_enc); 2825946cc463STadeusz Struk free_req: 2826946cc463STadeusz Struk akcipher_request_free(req); 2827df27b26fSHerbert Xu free_xbuf: 2828df27b26fSHerbert Xu testmgr_free_buf(xbuf); 2829946cc463STadeusz Struk return err; 2830946cc463STadeusz Struk } 2831946cc463STadeusz Struk 283250d2b643SHerbert Xu static int test_akcipher(struct crypto_akcipher *tfm, const char *alg, 2833b13b1e0cSEric Biggers const struct akcipher_testvec *vecs, 2834b13b1e0cSEric Biggers unsigned int tcount) 2835946cc463STadeusz Struk { 283615226e48SHerbert Xu const char *algo = 283715226e48SHerbert Xu crypto_tfm_alg_driver_name(crypto_akcipher_tfm(tfm)); 2838946cc463STadeusz Struk int ret, i; 2839946cc463STadeusz Struk 2840946cc463STadeusz Struk for (i = 0; i < tcount; i++) { 284150d2b643SHerbert Xu ret = test_akcipher_one(tfm, vecs++); 284250d2b643SHerbert Xu if (!ret) 284350d2b643SHerbert Xu continue; 284450d2b643SHerbert Xu 284515226e48SHerbert Xu pr_err("alg: akcipher: test %d failed for %s, err=%d\n", 284615226e48SHerbert Xu i + 1, algo, ret); 2847946cc463STadeusz Struk return ret; 2848946cc463STadeusz Struk } 2849946cc463STadeusz Struk return 0; 2850946cc463STadeusz Struk } 2851946cc463STadeusz Struk 2852946cc463STadeusz Struk static int alg_test_akcipher(const struct alg_test_desc *desc, 2853946cc463STadeusz Struk const char *driver, u32 type, u32 mask) 2854946cc463STadeusz Struk { 2855946cc463STadeusz Struk struct crypto_akcipher *tfm; 2856946cc463STadeusz Struk int err = 0; 2857946cc463STadeusz Struk 2858eed93e0cSHerbert Xu tfm = crypto_alloc_akcipher(driver, type, mask); 2859946cc463STadeusz Struk if (IS_ERR(tfm)) { 2860946cc463STadeusz Struk pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n", 2861946cc463STadeusz Struk driver, PTR_ERR(tfm)); 2862946cc463STadeusz Struk return PTR_ERR(tfm); 2863946cc463STadeusz Struk } 2864946cc463STadeusz Struk if (desc->suite.akcipher.vecs) 2865946cc463STadeusz Struk err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs, 2866946cc463STadeusz Struk desc->suite.akcipher.count); 2867946cc463STadeusz Struk 2868946cc463STadeusz Struk crypto_free_akcipher(tfm); 2869946cc463STadeusz Struk return err; 2870946cc463STadeusz Struk } 2871946cc463STadeusz Struk 2872863b557aSYouquan, Song static int alg_test_null(const struct alg_test_desc *desc, 2873863b557aSYouquan, Song const char *driver, u32 type, u32 mask) 2874863b557aSYouquan, Song { 2875863b557aSYouquan, Song return 0; 2876863b557aSYouquan, Song } 2877863b557aSYouquan, Song 287821c8e720SArd Biesheuvel #define __VECS(tv) { .vecs = tv, .count = ARRAY_SIZE(tv) } 287921c8e720SArd Biesheuvel 2880da7f033dSHerbert Xu /* Please keep this list sorted by algorithm name. */ 2881da7f033dSHerbert Xu static const struct alg_test_desc alg_test_descs[] = { 2882da7f033dSHerbert Xu { 2883059c2a4dSEric Biggers .alg = "adiantum(xchacha12,aes)", 2884059c2a4dSEric Biggers .test = alg_test_skcipher, 2885059c2a4dSEric Biggers .suite = { 2886059c2a4dSEric Biggers .cipher = __VECS(adiantum_xchacha12_aes_tv_template) 2887059c2a4dSEric Biggers }, 2888059c2a4dSEric Biggers }, { 2889059c2a4dSEric Biggers .alg = "adiantum(xchacha20,aes)", 2890059c2a4dSEric Biggers .test = alg_test_skcipher, 2891059c2a4dSEric Biggers .suite = { 2892059c2a4dSEric Biggers .cipher = __VECS(adiantum_xchacha20_aes_tv_template) 2893059c2a4dSEric Biggers }, 2894059c2a4dSEric Biggers }, { 2895b87dc203SOndrej Mosnacek .alg = "aegis128", 2896b87dc203SOndrej Mosnacek .test = alg_test_aead, 2897b87dc203SOndrej Mosnacek .suite = { 2898a0d608eeSEric Biggers .aead = __VECS(aegis128_tv_template) 2899b87dc203SOndrej Mosnacek } 2900b87dc203SOndrej Mosnacek }, { 2901b87dc203SOndrej Mosnacek .alg = "aegis128l", 2902b87dc203SOndrej Mosnacek .test = alg_test_aead, 2903b87dc203SOndrej Mosnacek .suite = { 2904a0d608eeSEric Biggers .aead = __VECS(aegis128l_tv_template) 2905b87dc203SOndrej Mosnacek } 2906b87dc203SOndrej Mosnacek }, { 2907b87dc203SOndrej Mosnacek .alg = "aegis256", 2908b87dc203SOndrej Mosnacek .test = alg_test_aead, 2909b87dc203SOndrej Mosnacek .suite = { 2910a0d608eeSEric Biggers .aead = __VECS(aegis256_tv_template) 2911b87dc203SOndrej Mosnacek } 2912b87dc203SOndrej Mosnacek }, { 2913e08ca2daSJarod Wilson .alg = "ansi_cprng", 2914e08ca2daSJarod Wilson .test = alg_test_cprng, 2915e08ca2daSJarod Wilson .suite = { 291621c8e720SArd Biesheuvel .cprng = __VECS(ansi_cprng_aes_tv_template) 2917e08ca2daSJarod Wilson } 2918e08ca2daSJarod Wilson }, { 2919bca4feb0SHoria Geanta .alg = "authenc(hmac(md5),ecb(cipher_null))", 2920bca4feb0SHoria Geanta .test = alg_test_aead, 2921bca4feb0SHoria Geanta .suite = { 2922a0d608eeSEric Biggers .aead = __VECS(hmac_md5_ecb_cipher_null_tv_template) 2923bca4feb0SHoria Geanta } 2924bca4feb0SHoria Geanta }, { 2925a4198fd4SHerbert Xu .alg = "authenc(hmac(sha1),cbc(aes))", 2926e46e9a46SHoria Geanta .test = alg_test_aead, 2927bcf741cbSHerbert Xu .fips_allowed = 1, 2928e46e9a46SHoria Geanta .suite = { 2929a0d608eeSEric Biggers .aead = __VECS(hmac_sha1_aes_cbc_tv_temp) 29305208ed2cSNitesh Lal } 29315208ed2cSNitesh Lal }, { 2932a4198fd4SHerbert Xu .alg = "authenc(hmac(sha1),cbc(des))", 29335208ed2cSNitesh Lal .test = alg_test_aead, 29345208ed2cSNitesh Lal .suite = { 2935a0d608eeSEric Biggers .aead = __VECS(hmac_sha1_des_cbc_tv_temp) 29365208ed2cSNitesh Lal } 29375208ed2cSNitesh Lal }, { 2938a4198fd4SHerbert Xu .alg = "authenc(hmac(sha1),cbc(des3_ede))", 29395208ed2cSNitesh Lal .test = alg_test_aead, 2940ed1afac9SMarcus Meissner .fips_allowed = 1, 29415208ed2cSNitesh Lal .suite = { 2942a0d608eeSEric Biggers .aead = __VECS(hmac_sha1_des3_ede_cbc_tv_temp) 2943e46e9a46SHoria Geanta } 2944e46e9a46SHoria Geanta }, { 2945fb16abc2SMarcus Meissner .alg = "authenc(hmac(sha1),ctr(aes))", 2946fb16abc2SMarcus Meissner .test = alg_test_null, 2947fb16abc2SMarcus Meissner .fips_allowed = 1, 2948fb16abc2SMarcus Meissner }, { 2949bca4feb0SHoria Geanta .alg = "authenc(hmac(sha1),ecb(cipher_null))", 2950bca4feb0SHoria Geanta .test = alg_test_aead, 2951bca4feb0SHoria Geanta .suite = { 2952a0d608eeSEric Biggers .aead = __VECS(hmac_sha1_ecb_cipher_null_tv_temp) 29535208ed2cSNitesh Lal } 29545208ed2cSNitesh Lal }, { 29558888690eSMarcus Meissner .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", 29568888690eSMarcus Meissner .test = alg_test_null, 29578888690eSMarcus Meissner .fips_allowed = 1, 29588888690eSMarcus Meissner }, { 2959a4198fd4SHerbert Xu .alg = "authenc(hmac(sha224),cbc(des))", 29605208ed2cSNitesh Lal .test = alg_test_aead, 29615208ed2cSNitesh Lal .suite = { 2962a0d608eeSEric Biggers .aead = __VECS(hmac_sha224_des_cbc_tv_temp) 29635208ed2cSNitesh Lal } 29645208ed2cSNitesh Lal }, { 2965a4198fd4SHerbert Xu .alg = "authenc(hmac(sha224),cbc(des3_ede))", 29665208ed2cSNitesh Lal .test = alg_test_aead, 2967ed1afac9SMarcus Meissner .fips_allowed = 1, 29685208ed2cSNitesh Lal .suite = { 2969a0d608eeSEric Biggers .aead = __VECS(hmac_sha224_des3_ede_cbc_tv_temp) 2970bca4feb0SHoria Geanta } 2971bca4feb0SHoria Geanta }, { 2972a4198fd4SHerbert Xu .alg = "authenc(hmac(sha256),cbc(aes))", 2973e46e9a46SHoria Geanta .test = alg_test_aead, 2974ed1afac9SMarcus Meissner .fips_allowed = 1, 2975e46e9a46SHoria Geanta .suite = { 2976a0d608eeSEric Biggers .aead = __VECS(hmac_sha256_aes_cbc_tv_temp) 29775208ed2cSNitesh Lal } 29785208ed2cSNitesh Lal }, { 2979a4198fd4SHerbert Xu .alg = "authenc(hmac(sha256),cbc(des))", 29805208ed2cSNitesh Lal .test = alg_test_aead, 29815208ed2cSNitesh Lal .suite = { 2982a0d608eeSEric Biggers .aead = __VECS(hmac_sha256_des_cbc_tv_temp) 29835208ed2cSNitesh Lal } 29845208ed2cSNitesh Lal }, { 2985a4198fd4SHerbert Xu .alg = "authenc(hmac(sha256),cbc(des3_ede))", 29865208ed2cSNitesh Lal .test = alg_test_aead, 2987ed1afac9SMarcus Meissner .fips_allowed = 1, 29885208ed2cSNitesh Lal .suite = { 2989a0d608eeSEric Biggers .aead = __VECS(hmac_sha256_des3_ede_cbc_tv_temp) 29905208ed2cSNitesh Lal } 29915208ed2cSNitesh Lal }, { 2992fb16abc2SMarcus Meissner .alg = "authenc(hmac(sha256),ctr(aes))", 2993fb16abc2SMarcus Meissner .test = alg_test_null, 2994fb16abc2SMarcus Meissner .fips_allowed = 1, 2995fb16abc2SMarcus Meissner }, { 29968888690eSMarcus Meissner .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", 29978888690eSMarcus Meissner .test = alg_test_null, 29988888690eSMarcus Meissner .fips_allowed = 1, 29998888690eSMarcus Meissner }, { 3000a4198fd4SHerbert Xu .alg = "authenc(hmac(sha384),cbc(des))", 30015208ed2cSNitesh Lal .test = alg_test_aead, 30025208ed2cSNitesh Lal .suite = { 3003a0d608eeSEric Biggers .aead = __VECS(hmac_sha384_des_cbc_tv_temp) 30045208ed2cSNitesh Lal } 30055208ed2cSNitesh Lal }, { 3006a4198fd4SHerbert Xu .alg = "authenc(hmac(sha384),cbc(des3_ede))", 30075208ed2cSNitesh Lal .test = alg_test_aead, 3008ed1afac9SMarcus Meissner .fips_allowed = 1, 30095208ed2cSNitesh Lal .suite = { 3010a0d608eeSEric Biggers .aead = __VECS(hmac_sha384_des3_ede_cbc_tv_temp) 3011e46e9a46SHoria Geanta } 3012e46e9a46SHoria Geanta }, { 3013fb16abc2SMarcus Meissner .alg = "authenc(hmac(sha384),ctr(aes))", 3014fb16abc2SMarcus Meissner .test = alg_test_null, 3015fb16abc2SMarcus Meissner .fips_allowed = 1, 3016fb16abc2SMarcus Meissner }, { 30178888690eSMarcus Meissner .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", 30188888690eSMarcus Meissner .test = alg_test_null, 30198888690eSMarcus Meissner .fips_allowed = 1, 30208888690eSMarcus Meissner }, { 3021a4198fd4SHerbert Xu .alg = "authenc(hmac(sha512),cbc(aes))", 3022ed1afac9SMarcus Meissner .fips_allowed = 1, 3023e46e9a46SHoria Geanta .test = alg_test_aead, 3024e46e9a46SHoria Geanta .suite = { 3025a0d608eeSEric Biggers .aead = __VECS(hmac_sha512_aes_cbc_tv_temp) 30265208ed2cSNitesh Lal } 30275208ed2cSNitesh Lal }, { 3028a4198fd4SHerbert Xu .alg = "authenc(hmac(sha512),cbc(des))", 30295208ed2cSNitesh Lal .test = alg_test_aead, 30305208ed2cSNitesh Lal .suite = { 3031a0d608eeSEric Biggers .aead = __VECS(hmac_sha512_des_cbc_tv_temp) 30325208ed2cSNitesh Lal } 30335208ed2cSNitesh Lal }, { 3034a4198fd4SHerbert Xu .alg = "authenc(hmac(sha512),cbc(des3_ede))", 30355208ed2cSNitesh Lal .test = alg_test_aead, 3036ed1afac9SMarcus Meissner .fips_allowed = 1, 30375208ed2cSNitesh Lal .suite = { 3038a0d608eeSEric Biggers .aead = __VECS(hmac_sha512_des3_ede_cbc_tv_temp) 3039e46e9a46SHoria Geanta } 3040e46e9a46SHoria Geanta }, { 3041fb16abc2SMarcus Meissner .alg = "authenc(hmac(sha512),ctr(aes))", 3042fb16abc2SMarcus Meissner .test = alg_test_null, 3043fb16abc2SMarcus Meissner .fips_allowed = 1, 3044fb16abc2SMarcus Meissner }, { 30458888690eSMarcus Meissner .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", 30468888690eSMarcus Meissner .test = alg_test_null, 30478888690eSMarcus Meissner .fips_allowed = 1, 30488888690eSMarcus Meissner }, { 3049da7f033dSHerbert Xu .alg = "cbc(aes)", 30501aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3051a1915d51SJarod Wilson .fips_allowed = 1, 3052da7f033dSHerbert Xu .suite = { 305392a4c9feSEric Biggers .cipher = __VECS(aes_cbc_tv_template) 305492a4c9feSEric Biggers }, 3055da7f033dSHerbert Xu }, { 3056da7f033dSHerbert Xu .alg = "cbc(anubis)", 30571aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3058da7f033dSHerbert Xu .suite = { 305992a4c9feSEric Biggers .cipher = __VECS(anubis_cbc_tv_template) 306092a4c9feSEric Biggers }, 3061da7f033dSHerbert Xu }, { 3062da7f033dSHerbert Xu .alg = "cbc(blowfish)", 30631aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3064da7f033dSHerbert Xu .suite = { 306592a4c9feSEric Biggers .cipher = __VECS(bf_cbc_tv_template) 306692a4c9feSEric Biggers }, 3067da7f033dSHerbert Xu }, { 3068da7f033dSHerbert Xu .alg = "cbc(camellia)", 30691aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3070da7f033dSHerbert Xu .suite = { 307192a4c9feSEric Biggers .cipher = __VECS(camellia_cbc_tv_template) 307292a4c9feSEric Biggers }, 3073da7f033dSHerbert Xu }, { 3074a2c58260SJohannes Goetzfried .alg = "cbc(cast5)", 3075a2c58260SJohannes Goetzfried .test = alg_test_skcipher, 3076a2c58260SJohannes Goetzfried .suite = { 307792a4c9feSEric Biggers .cipher = __VECS(cast5_cbc_tv_template) 307892a4c9feSEric Biggers }, 3079a2c58260SJohannes Goetzfried }, { 30809b8b0405SJohannes Goetzfried .alg = "cbc(cast6)", 30819b8b0405SJohannes Goetzfried .test = alg_test_skcipher, 30829b8b0405SJohannes Goetzfried .suite = { 308392a4c9feSEric Biggers .cipher = __VECS(cast6_cbc_tv_template) 308492a4c9feSEric Biggers }, 30859b8b0405SJohannes Goetzfried }, { 3086da7f033dSHerbert Xu .alg = "cbc(des)", 30871aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3088da7f033dSHerbert Xu .suite = { 308992a4c9feSEric Biggers .cipher = __VECS(des_cbc_tv_template) 309092a4c9feSEric Biggers }, 3091da7f033dSHerbert Xu }, { 3092da7f033dSHerbert Xu .alg = "cbc(des3_ede)", 30931aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3094a1915d51SJarod Wilson .fips_allowed = 1, 3095da7f033dSHerbert Xu .suite = { 309692a4c9feSEric Biggers .cipher = __VECS(des3_ede_cbc_tv_template) 309792a4c9feSEric Biggers }, 3098da7f033dSHerbert Xu }, { 3099a794d8d8SGilad Ben-Yossef /* Same as cbc(aes) except the key is stored in 3100a794d8d8SGilad Ben-Yossef * hardware secure memory which we reference by index 3101a794d8d8SGilad Ben-Yossef */ 3102a794d8d8SGilad Ben-Yossef .alg = "cbc(paes)", 3103a794d8d8SGilad Ben-Yossef .test = alg_test_null, 3104a794d8d8SGilad Ben-Yossef .fips_allowed = 1, 3105a794d8d8SGilad Ben-Yossef }, { 31069d25917dSJussi Kivilinna .alg = "cbc(serpent)", 31079d25917dSJussi Kivilinna .test = alg_test_skcipher, 31089d25917dSJussi Kivilinna .suite = { 310992a4c9feSEric Biggers .cipher = __VECS(serpent_cbc_tv_template) 311092a4c9feSEric Biggers }, 31119d25917dSJussi Kivilinna }, { 311295ba5973SGilad Ben-Yossef .alg = "cbc(sm4)", 311395ba5973SGilad Ben-Yossef .test = alg_test_skcipher, 311495ba5973SGilad Ben-Yossef .suite = { 311595ba5973SGilad Ben-Yossef .cipher = __VECS(sm4_cbc_tv_template) 311695ba5973SGilad Ben-Yossef } 311795ba5973SGilad Ben-Yossef }, { 3118da7f033dSHerbert Xu .alg = "cbc(twofish)", 31191aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3120da7f033dSHerbert Xu .suite = { 312192a4c9feSEric Biggers .cipher = __VECS(tf_cbc_tv_template) 312292a4c9feSEric Biggers }, 3123da7f033dSHerbert Xu }, { 3124092acf06SArd Biesheuvel .alg = "cbcmac(aes)", 3125092acf06SArd Biesheuvel .fips_allowed = 1, 3126092acf06SArd Biesheuvel .test = alg_test_hash, 3127092acf06SArd Biesheuvel .suite = { 3128092acf06SArd Biesheuvel .hash = __VECS(aes_cbcmac_tv_template) 3129092acf06SArd Biesheuvel } 3130092acf06SArd Biesheuvel }, { 3131da7f033dSHerbert Xu .alg = "ccm(aes)", 3132da7f033dSHerbert Xu .test = alg_test_aead, 3133a1915d51SJarod Wilson .fips_allowed = 1, 3134da7f033dSHerbert Xu .suite = { 3135a0d608eeSEric Biggers .aead = __VECS(aes_ccm_tv_template) 3136da7f033dSHerbert Xu } 3137da7f033dSHerbert Xu }, { 31387da66670SDmitry Eremin-Solenikov .alg = "cfb(aes)", 31397da66670SDmitry Eremin-Solenikov .test = alg_test_skcipher, 31407da66670SDmitry Eremin-Solenikov .fips_allowed = 1, 31417da66670SDmitry Eremin-Solenikov .suite = { 31427da66670SDmitry Eremin-Solenikov .cipher = __VECS(aes_cfb_tv_template) 31437da66670SDmitry Eremin-Solenikov }, 31447da66670SDmitry Eremin-Solenikov }, { 31453590ebf2SMartin Willi .alg = "chacha20", 31463590ebf2SMartin Willi .test = alg_test_skcipher, 31473590ebf2SMartin Willi .suite = { 314892a4c9feSEric Biggers .cipher = __VECS(chacha20_tv_template) 314992a4c9feSEric Biggers }, 31503590ebf2SMartin Willi }, { 315193b5e86aSJussi Kivilinna .alg = "cmac(aes)", 31528f183751SStephan Mueller .fips_allowed = 1, 315393b5e86aSJussi Kivilinna .test = alg_test_hash, 315493b5e86aSJussi Kivilinna .suite = { 315521c8e720SArd Biesheuvel .hash = __VECS(aes_cmac128_tv_template) 315693b5e86aSJussi Kivilinna } 315793b5e86aSJussi Kivilinna }, { 315893b5e86aSJussi Kivilinna .alg = "cmac(des3_ede)", 31598f183751SStephan Mueller .fips_allowed = 1, 316093b5e86aSJussi Kivilinna .test = alg_test_hash, 316193b5e86aSJussi Kivilinna .suite = { 316221c8e720SArd Biesheuvel .hash = __VECS(des3_ede_cmac64_tv_template) 316393b5e86aSJussi Kivilinna } 316493b5e86aSJussi Kivilinna }, { 3165e448370dSJussi Kivilinna .alg = "compress_null", 3166e448370dSJussi Kivilinna .test = alg_test_null, 3167e448370dSJussi Kivilinna }, { 3168ebb3472fSArd Biesheuvel .alg = "crc32", 3169ebb3472fSArd Biesheuvel .test = alg_test_hash, 3170a8a34416SMilan Broz .fips_allowed = 1, 3171ebb3472fSArd Biesheuvel .suite = { 317221c8e720SArd Biesheuvel .hash = __VECS(crc32_tv_template) 3173ebb3472fSArd Biesheuvel } 3174ebb3472fSArd Biesheuvel }, { 3175da7f033dSHerbert Xu .alg = "crc32c", 31768e3ee85eSHerbert Xu .test = alg_test_crc32c, 3177a1915d51SJarod Wilson .fips_allowed = 1, 3178da7f033dSHerbert Xu .suite = { 317921c8e720SArd Biesheuvel .hash = __VECS(crc32c_tv_template) 3180da7f033dSHerbert Xu } 3181da7f033dSHerbert Xu }, { 318268411521SHerbert Xu .alg = "crct10dif", 318368411521SHerbert Xu .test = alg_test_hash, 318468411521SHerbert Xu .fips_allowed = 1, 318568411521SHerbert Xu .suite = { 318621c8e720SArd Biesheuvel .hash = __VECS(crct10dif_tv_template) 318768411521SHerbert Xu } 318868411521SHerbert Xu }, { 3189f7cb80f2SJarod Wilson .alg = "ctr(aes)", 3190f7cb80f2SJarod Wilson .test = alg_test_skcipher, 3191a1915d51SJarod Wilson .fips_allowed = 1, 3192f7cb80f2SJarod Wilson .suite = { 319392a4c9feSEric Biggers .cipher = __VECS(aes_ctr_tv_template) 3194f7cb80f2SJarod Wilson } 3195f7cb80f2SJarod Wilson }, { 319685b63e34SJussi Kivilinna .alg = "ctr(blowfish)", 319785b63e34SJussi Kivilinna .test = alg_test_skcipher, 319885b63e34SJussi Kivilinna .suite = { 319992a4c9feSEric Biggers .cipher = __VECS(bf_ctr_tv_template) 320085b63e34SJussi Kivilinna } 320185b63e34SJussi Kivilinna }, { 32020840605eSJussi Kivilinna .alg = "ctr(camellia)", 32030840605eSJussi Kivilinna .test = alg_test_skcipher, 32040840605eSJussi Kivilinna .suite = { 320592a4c9feSEric Biggers .cipher = __VECS(camellia_ctr_tv_template) 32060840605eSJussi Kivilinna } 32070840605eSJussi Kivilinna }, { 3208a2c58260SJohannes Goetzfried .alg = "ctr(cast5)", 3209a2c58260SJohannes Goetzfried .test = alg_test_skcipher, 3210a2c58260SJohannes Goetzfried .suite = { 321192a4c9feSEric Biggers .cipher = __VECS(cast5_ctr_tv_template) 3212a2c58260SJohannes Goetzfried } 3213a2c58260SJohannes Goetzfried }, { 32149b8b0405SJohannes Goetzfried .alg = "ctr(cast6)", 32159b8b0405SJohannes Goetzfried .test = alg_test_skcipher, 32169b8b0405SJohannes Goetzfried .suite = { 321792a4c9feSEric Biggers .cipher = __VECS(cast6_ctr_tv_template) 32189b8b0405SJohannes Goetzfried } 32199b8b0405SJohannes Goetzfried }, { 32208163fc30SJussi Kivilinna .alg = "ctr(des)", 32218163fc30SJussi Kivilinna .test = alg_test_skcipher, 32228163fc30SJussi Kivilinna .suite = { 322392a4c9feSEric Biggers .cipher = __VECS(des_ctr_tv_template) 32248163fc30SJussi Kivilinna } 32258163fc30SJussi Kivilinna }, { 3226e080b17aSJussi Kivilinna .alg = "ctr(des3_ede)", 3227e080b17aSJussi Kivilinna .test = alg_test_skcipher, 32280d8da104SMarcelo Cerri .fips_allowed = 1, 3229e080b17aSJussi Kivilinna .suite = { 323092a4c9feSEric Biggers .cipher = __VECS(des3_ede_ctr_tv_template) 3231e080b17aSJussi Kivilinna } 3232e080b17aSJussi Kivilinna }, { 3233a794d8d8SGilad Ben-Yossef /* Same as ctr(aes) except the key is stored in 3234a794d8d8SGilad Ben-Yossef * hardware secure memory which we reference by index 3235a794d8d8SGilad Ben-Yossef */ 3236a794d8d8SGilad Ben-Yossef .alg = "ctr(paes)", 3237a794d8d8SGilad Ben-Yossef .test = alg_test_null, 3238a794d8d8SGilad Ben-Yossef .fips_allowed = 1, 3239a794d8d8SGilad Ben-Yossef }, { 32409d25917dSJussi Kivilinna .alg = "ctr(serpent)", 32419d25917dSJussi Kivilinna .test = alg_test_skcipher, 32429d25917dSJussi Kivilinna .suite = { 324392a4c9feSEric Biggers .cipher = __VECS(serpent_ctr_tv_template) 32449d25917dSJussi Kivilinna } 32459d25917dSJussi Kivilinna }, { 324695ba5973SGilad Ben-Yossef .alg = "ctr(sm4)", 324795ba5973SGilad Ben-Yossef .test = alg_test_skcipher, 324895ba5973SGilad Ben-Yossef .suite = { 324995ba5973SGilad Ben-Yossef .cipher = __VECS(sm4_ctr_tv_template) 325095ba5973SGilad Ben-Yossef } 325195ba5973SGilad Ben-Yossef }, { 3252573da620SJussi Kivilinna .alg = "ctr(twofish)", 3253573da620SJussi Kivilinna .test = alg_test_skcipher, 3254573da620SJussi Kivilinna .suite = { 325592a4c9feSEric Biggers .cipher = __VECS(tf_ctr_tv_template) 3256573da620SJussi Kivilinna } 3257573da620SJussi Kivilinna }, { 3258da7f033dSHerbert Xu .alg = "cts(cbc(aes))", 32591aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3260196ad604SGilad Ben-Yossef .fips_allowed = 1, 3261da7f033dSHerbert Xu .suite = { 326292a4c9feSEric Biggers .cipher = __VECS(cts_mode_tv_template) 3263da7f033dSHerbert Xu } 3264da7f033dSHerbert Xu }, { 3265da7f033dSHerbert Xu .alg = "deflate", 3266da7f033dSHerbert Xu .test = alg_test_comp, 32670818904dSMilan Broz .fips_allowed = 1, 3268da7f033dSHerbert Xu .suite = { 3269da7f033dSHerbert Xu .comp = { 327021c8e720SArd Biesheuvel .comp = __VECS(deflate_comp_tv_template), 327121c8e720SArd Biesheuvel .decomp = __VECS(deflate_decomp_tv_template) 3272da7f033dSHerbert Xu } 3273da7f033dSHerbert Xu } 3274da7f033dSHerbert Xu }, { 3275802c7f1cSSalvatore Benedetto .alg = "dh", 3276802c7f1cSSalvatore Benedetto .test = alg_test_kpp, 3277802c7f1cSSalvatore Benedetto .fips_allowed = 1, 3278802c7f1cSSalvatore Benedetto .suite = { 327921c8e720SArd Biesheuvel .kpp = __VECS(dh_tv_template) 3280802c7f1cSSalvatore Benedetto } 3281802c7f1cSSalvatore Benedetto }, { 3282e448370dSJussi Kivilinna .alg = "digest_null", 3283e448370dSJussi Kivilinna .test = alg_test_null, 3284e448370dSJussi Kivilinna }, { 328564d1cdfbSStephan Mueller .alg = "drbg_nopr_ctr_aes128", 328664d1cdfbSStephan Mueller .test = alg_test_drbg, 328764d1cdfbSStephan Mueller .fips_allowed = 1, 328864d1cdfbSStephan Mueller .suite = { 328921c8e720SArd Biesheuvel .drbg = __VECS(drbg_nopr_ctr_aes128_tv_template) 329064d1cdfbSStephan Mueller } 329164d1cdfbSStephan Mueller }, { 329264d1cdfbSStephan Mueller .alg = "drbg_nopr_ctr_aes192", 329364d1cdfbSStephan Mueller .test = alg_test_drbg, 329464d1cdfbSStephan Mueller .fips_allowed = 1, 329564d1cdfbSStephan Mueller .suite = { 329621c8e720SArd Biesheuvel .drbg = __VECS(drbg_nopr_ctr_aes192_tv_template) 329764d1cdfbSStephan Mueller } 329864d1cdfbSStephan Mueller }, { 329964d1cdfbSStephan Mueller .alg = "drbg_nopr_ctr_aes256", 330064d1cdfbSStephan Mueller .test = alg_test_drbg, 330164d1cdfbSStephan Mueller .fips_allowed = 1, 330264d1cdfbSStephan Mueller .suite = { 330321c8e720SArd Biesheuvel .drbg = __VECS(drbg_nopr_ctr_aes256_tv_template) 330464d1cdfbSStephan Mueller } 330564d1cdfbSStephan Mueller }, { 330664d1cdfbSStephan Mueller /* 330764d1cdfbSStephan Mueller * There is no need to specifically test the DRBG with every 330864d1cdfbSStephan Mueller * backend cipher -- covered by drbg_nopr_hmac_sha256 test 330964d1cdfbSStephan Mueller */ 331064d1cdfbSStephan Mueller .alg = "drbg_nopr_hmac_sha1", 331164d1cdfbSStephan Mueller .fips_allowed = 1, 331264d1cdfbSStephan Mueller .test = alg_test_null, 331364d1cdfbSStephan Mueller }, { 331464d1cdfbSStephan Mueller .alg = "drbg_nopr_hmac_sha256", 331564d1cdfbSStephan Mueller .test = alg_test_drbg, 331664d1cdfbSStephan Mueller .fips_allowed = 1, 331764d1cdfbSStephan Mueller .suite = { 331821c8e720SArd Biesheuvel .drbg = __VECS(drbg_nopr_hmac_sha256_tv_template) 331964d1cdfbSStephan Mueller } 332064d1cdfbSStephan Mueller }, { 332164d1cdfbSStephan Mueller /* covered by drbg_nopr_hmac_sha256 test */ 332264d1cdfbSStephan Mueller .alg = "drbg_nopr_hmac_sha384", 332364d1cdfbSStephan Mueller .fips_allowed = 1, 332464d1cdfbSStephan Mueller .test = alg_test_null, 332564d1cdfbSStephan Mueller }, { 332664d1cdfbSStephan Mueller .alg = "drbg_nopr_hmac_sha512", 332764d1cdfbSStephan Mueller .test = alg_test_null, 332864d1cdfbSStephan Mueller .fips_allowed = 1, 332964d1cdfbSStephan Mueller }, { 333064d1cdfbSStephan Mueller .alg = "drbg_nopr_sha1", 333164d1cdfbSStephan Mueller .fips_allowed = 1, 333264d1cdfbSStephan Mueller .test = alg_test_null, 333364d1cdfbSStephan Mueller }, { 333464d1cdfbSStephan Mueller .alg = "drbg_nopr_sha256", 333564d1cdfbSStephan Mueller .test = alg_test_drbg, 333664d1cdfbSStephan Mueller .fips_allowed = 1, 333764d1cdfbSStephan Mueller .suite = { 333821c8e720SArd Biesheuvel .drbg = __VECS(drbg_nopr_sha256_tv_template) 333964d1cdfbSStephan Mueller } 334064d1cdfbSStephan Mueller }, { 334164d1cdfbSStephan Mueller /* covered by drbg_nopr_sha256 test */ 334264d1cdfbSStephan Mueller .alg = "drbg_nopr_sha384", 334364d1cdfbSStephan Mueller .fips_allowed = 1, 334464d1cdfbSStephan Mueller .test = alg_test_null, 334564d1cdfbSStephan Mueller }, { 334664d1cdfbSStephan Mueller .alg = "drbg_nopr_sha512", 334764d1cdfbSStephan Mueller .fips_allowed = 1, 334864d1cdfbSStephan Mueller .test = alg_test_null, 334964d1cdfbSStephan Mueller }, { 335064d1cdfbSStephan Mueller .alg = "drbg_pr_ctr_aes128", 335164d1cdfbSStephan Mueller .test = alg_test_drbg, 335264d1cdfbSStephan Mueller .fips_allowed = 1, 335364d1cdfbSStephan Mueller .suite = { 335421c8e720SArd Biesheuvel .drbg = __VECS(drbg_pr_ctr_aes128_tv_template) 335564d1cdfbSStephan Mueller } 335664d1cdfbSStephan Mueller }, { 335764d1cdfbSStephan Mueller /* covered by drbg_pr_ctr_aes128 test */ 335864d1cdfbSStephan Mueller .alg = "drbg_pr_ctr_aes192", 335964d1cdfbSStephan Mueller .fips_allowed = 1, 336064d1cdfbSStephan Mueller .test = alg_test_null, 336164d1cdfbSStephan Mueller }, { 336264d1cdfbSStephan Mueller .alg = "drbg_pr_ctr_aes256", 336364d1cdfbSStephan Mueller .fips_allowed = 1, 336464d1cdfbSStephan Mueller .test = alg_test_null, 336564d1cdfbSStephan Mueller }, { 336664d1cdfbSStephan Mueller .alg = "drbg_pr_hmac_sha1", 336764d1cdfbSStephan Mueller .fips_allowed = 1, 336864d1cdfbSStephan Mueller .test = alg_test_null, 336964d1cdfbSStephan Mueller }, { 337064d1cdfbSStephan Mueller .alg = "drbg_pr_hmac_sha256", 337164d1cdfbSStephan Mueller .test = alg_test_drbg, 337264d1cdfbSStephan Mueller .fips_allowed = 1, 337364d1cdfbSStephan Mueller .suite = { 337421c8e720SArd Biesheuvel .drbg = __VECS(drbg_pr_hmac_sha256_tv_template) 337564d1cdfbSStephan Mueller } 337664d1cdfbSStephan Mueller }, { 337764d1cdfbSStephan Mueller /* covered by drbg_pr_hmac_sha256 test */ 337864d1cdfbSStephan Mueller .alg = "drbg_pr_hmac_sha384", 337964d1cdfbSStephan Mueller .fips_allowed = 1, 338064d1cdfbSStephan Mueller .test = alg_test_null, 338164d1cdfbSStephan Mueller }, { 338264d1cdfbSStephan Mueller .alg = "drbg_pr_hmac_sha512", 338364d1cdfbSStephan Mueller .test = alg_test_null, 338464d1cdfbSStephan Mueller .fips_allowed = 1, 338564d1cdfbSStephan Mueller }, { 338664d1cdfbSStephan Mueller .alg = "drbg_pr_sha1", 338764d1cdfbSStephan Mueller .fips_allowed = 1, 338864d1cdfbSStephan Mueller .test = alg_test_null, 338964d1cdfbSStephan Mueller }, { 339064d1cdfbSStephan Mueller .alg = "drbg_pr_sha256", 339164d1cdfbSStephan Mueller .test = alg_test_drbg, 339264d1cdfbSStephan Mueller .fips_allowed = 1, 339364d1cdfbSStephan Mueller .suite = { 339421c8e720SArd Biesheuvel .drbg = __VECS(drbg_pr_sha256_tv_template) 339564d1cdfbSStephan Mueller } 339664d1cdfbSStephan Mueller }, { 339764d1cdfbSStephan Mueller /* covered by drbg_pr_sha256 test */ 339864d1cdfbSStephan Mueller .alg = "drbg_pr_sha384", 339964d1cdfbSStephan Mueller .fips_allowed = 1, 340064d1cdfbSStephan Mueller .test = alg_test_null, 340164d1cdfbSStephan Mueller }, { 340264d1cdfbSStephan Mueller .alg = "drbg_pr_sha512", 340364d1cdfbSStephan Mueller .fips_allowed = 1, 340464d1cdfbSStephan Mueller .test = alg_test_null, 340564d1cdfbSStephan Mueller }, { 3406da7f033dSHerbert Xu .alg = "ecb(aes)", 34071aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3408a1915d51SJarod Wilson .fips_allowed = 1, 3409da7f033dSHerbert Xu .suite = { 341092a4c9feSEric Biggers .cipher = __VECS(aes_tv_template) 3411da7f033dSHerbert Xu } 3412da7f033dSHerbert Xu }, { 3413da7f033dSHerbert Xu .alg = "ecb(anubis)", 34141aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3415da7f033dSHerbert Xu .suite = { 341692a4c9feSEric Biggers .cipher = __VECS(anubis_tv_template) 3417da7f033dSHerbert Xu } 3418da7f033dSHerbert Xu }, { 3419da7f033dSHerbert Xu .alg = "ecb(arc4)", 34201aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3421da7f033dSHerbert Xu .suite = { 342292a4c9feSEric Biggers .cipher = __VECS(arc4_tv_template) 3423da7f033dSHerbert Xu } 3424da7f033dSHerbert Xu }, { 3425da7f033dSHerbert Xu .alg = "ecb(blowfish)", 34261aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3427da7f033dSHerbert Xu .suite = { 342892a4c9feSEric Biggers .cipher = __VECS(bf_tv_template) 3429da7f033dSHerbert Xu } 3430da7f033dSHerbert Xu }, { 3431da7f033dSHerbert Xu .alg = "ecb(camellia)", 34321aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3433da7f033dSHerbert Xu .suite = { 343492a4c9feSEric Biggers .cipher = __VECS(camellia_tv_template) 3435da7f033dSHerbert Xu } 3436da7f033dSHerbert Xu }, { 3437da7f033dSHerbert Xu .alg = "ecb(cast5)", 34381aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3439da7f033dSHerbert Xu .suite = { 344092a4c9feSEric Biggers .cipher = __VECS(cast5_tv_template) 3441da7f033dSHerbert Xu } 3442da7f033dSHerbert Xu }, { 3443da7f033dSHerbert Xu .alg = "ecb(cast6)", 34441aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3445da7f033dSHerbert Xu .suite = { 344692a4c9feSEric Biggers .cipher = __VECS(cast6_tv_template) 3447da7f033dSHerbert Xu } 3448da7f033dSHerbert Xu }, { 3449e448370dSJussi Kivilinna .alg = "ecb(cipher_null)", 3450e448370dSJussi Kivilinna .test = alg_test_null, 34516175ca2bSMilan Broz .fips_allowed = 1, 3452e448370dSJussi Kivilinna }, { 3453da7f033dSHerbert Xu .alg = "ecb(des)", 34541aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3455da7f033dSHerbert Xu .suite = { 345692a4c9feSEric Biggers .cipher = __VECS(des_tv_template) 3457da7f033dSHerbert Xu } 3458da7f033dSHerbert Xu }, { 3459da7f033dSHerbert Xu .alg = "ecb(des3_ede)", 34601aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3461a1915d51SJarod Wilson .fips_allowed = 1, 3462da7f033dSHerbert Xu .suite = { 346392a4c9feSEric Biggers .cipher = __VECS(des3_ede_tv_template) 3464da7f033dSHerbert Xu } 3465da7f033dSHerbert Xu }, { 346666e5bd00SJussi Kivilinna .alg = "ecb(fcrypt)", 346766e5bd00SJussi Kivilinna .test = alg_test_skcipher, 346866e5bd00SJussi Kivilinna .suite = { 346966e5bd00SJussi Kivilinna .cipher = { 347092a4c9feSEric Biggers .vecs = fcrypt_pcbc_tv_template, 347166e5bd00SJussi Kivilinna .count = 1 347266e5bd00SJussi Kivilinna } 347366e5bd00SJussi Kivilinna } 347466e5bd00SJussi Kivilinna }, { 3475da7f033dSHerbert Xu .alg = "ecb(khazad)", 34761aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3477da7f033dSHerbert Xu .suite = { 347892a4c9feSEric Biggers .cipher = __VECS(khazad_tv_template) 3479da7f033dSHerbert Xu } 3480da7f033dSHerbert Xu }, { 348115f47ce5SGilad Ben-Yossef /* Same as ecb(aes) except the key is stored in 348215f47ce5SGilad Ben-Yossef * hardware secure memory which we reference by index 348315f47ce5SGilad Ben-Yossef */ 348415f47ce5SGilad Ben-Yossef .alg = "ecb(paes)", 348515f47ce5SGilad Ben-Yossef .test = alg_test_null, 348615f47ce5SGilad Ben-Yossef .fips_allowed = 1, 348715f47ce5SGilad Ben-Yossef }, { 3488da7f033dSHerbert Xu .alg = "ecb(seed)", 34891aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3490da7f033dSHerbert Xu .suite = { 349192a4c9feSEric Biggers .cipher = __VECS(seed_tv_template) 3492da7f033dSHerbert Xu } 3493da7f033dSHerbert Xu }, { 3494da7f033dSHerbert Xu .alg = "ecb(serpent)", 34951aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3496da7f033dSHerbert Xu .suite = { 349792a4c9feSEric Biggers .cipher = __VECS(serpent_tv_template) 3498da7f033dSHerbert Xu } 3499da7f033dSHerbert Xu }, { 3500cd83a8a7SGilad Ben-Yossef .alg = "ecb(sm4)", 3501cd83a8a7SGilad Ben-Yossef .test = alg_test_skcipher, 3502cd83a8a7SGilad Ben-Yossef .suite = { 350392a4c9feSEric Biggers .cipher = __VECS(sm4_tv_template) 3504cd83a8a7SGilad Ben-Yossef } 3505cd83a8a7SGilad Ben-Yossef }, { 3506da7f033dSHerbert Xu .alg = "ecb(tea)", 35071aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3508da7f033dSHerbert Xu .suite = { 350992a4c9feSEric Biggers .cipher = __VECS(tea_tv_template) 3510da7f033dSHerbert Xu } 3511da7f033dSHerbert Xu }, { 3512da7f033dSHerbert Xu .alg = "ecb(tnepres)", 35131aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3514da7f033dSHerbert Xu .suite = { 351592a4c9feSEric Biggers .cipher = __VECS(tnepres_tv_template) 3516da7f033dSHerbert Xu } 3517da7f033dSHerbert Xu }, { 3518da7f033dSHerbert Xu .alg = "ecb(twofish)", 35191aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3520da7f033dSHerbert Xu .suite = { 352192a4c9feSEric Biggers .cipher = __VECS(tf_tv_template) 3522da7f033dSHerbert Xu } 3523da7f033dSHerbert Xu }, { 3524da7f033dSHerbert Xu .alg = "ecb(xeta)", 35251aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3526da7f033dSHerbert Xu .suite = { 352792a4c9feSEric Biggers .cipher = __VECS(xeta_tv_template) 3528da7f033dSHerbert Xu } 3529da7f033dSHerbert Xu }, { 3530da7f033dSHerbert Xu .alg = "ecb(xtea)", 35311aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3532da7f033dSHerbert Xu .suite = { 353392a4c9feSEric Biggers .cipher = __VECS(xtea_tv_template) 3534da7f033dSHerbert Xu } 3535da7f033dSHerbert Xu }, { 35363c4b2390SSalvatore Benedetto .alg = "ecdh", 35373c4b2390SSalvatore Benedetto .test = alg_test_kpp, 35383c4b2390SSalvatore Benedetto .fips_allowed = 1, 35393c4b2390SSalvatore Benedetto .suite = { 354021c8e720SArd Biesheuvel .kpp = __VECS(ecdh_tv_template) 35413c4b2390SSalvatore Benedetto } 35423c4b2390SSalvatore Benedetto }, { 3543da7f033dSHerbert Xu .alg = "gcm(aes)", 3544da7f033dSHerbert Xu .test = alg_test_aead, 3545a1915d51SJarod Wilson .fips_allowed = 1, 3546da7f033dSHerbert Xu .suite = { 3547a0d608eeSEric Biggers .aead = __VECS(aes_gcm_tv_template) 3548da7f033dSHerbert Xu } 3549da7f033dSHerbert Xu }, { 3550507069c9SYouquan, Song .alg = "ghash", 3551507069c9SYouquan, Song .test = alg_test_hash, 355218c0ebd2SJarod Wilson .fips_allowed = 1, 3553507069c9SYouquan, Song .suite = { 355421c8e720SArd Biesheuvel .hash = __VECS(ghash_tv_template) 3555507069c9SYouquan, Song } 3556507069c9SYouquan, Song }, { 3557da7f033dSHerbert Xu .alg = "hmac(md5)", 3558da7f033dSHerbert Xu .test = alg_test_hash, 3559da7f033dSHerbert Xu .suite = { 356021c8e720SArd Biesheuvel .hash = __VECS(hmac_md5_tv_template) 3561da7f033dSHerbert Xu } 3562da7f033dSHerbert Xu }, { 3563da7f033dSHerbert Xu .alg = "hmac(rmd128)", 3564da7f033dSHerbert Xu .test = alg_test_hash, 3565da7f033dSHerbert Xu .suite = { 356621c8e720SArd Biesheuvel .hash = __VECS(hmac_rmd128_tv_template) 3567da7f033dSHerbert Xu } 3568da7f033dSHerbert Xu }, { 3569da7f033dSHerbert Xu .alg = "hmac(rmd160)", 3570da7f033dSHerbert Xu .test = alg_test_hash, 3571da7f033dSHerbert Xu .suite = { 357221c8e720SArd Biesheuvel .hash = __VECS(hmac_rmd160_tv_template) 3573da7f033dSHerbert Xu } 3574da7f033dSHerbert Xu }, { 3575da7f033dSHerbert Xu .alg = "hmac(sha1)", 3576da7f033dSHerbert Xu .test = alg_test_hash, 3577a1915d51SJarod Wilson .fips_allowed = 1, 3578da7f033dSHerbert Xu .suite = { 357921c8e720SArd Biesheuvel .hash = __VECS(hmac_sha1_tv_template) 3580da7f033dSHerbert Xu } 3581da7f033dSHerbert Xu }, { 3582da7f033dSHerbert Xu .alg = "hmac(sha224)", 3583da7f033dSHerbert Xu .test = alg_test_hash, 3584a1915d51SJarod Wilson .fips_allowed = 1, 3585da7f033dSHerbert Xu .suite = { 358621c8e720SArd Biesheuvel .hash = __VECS(hmac_sha224_tv_template) 3587da7f033dSHerbert Xu } 3588da7f033dSHerbert Xu }, { 3589da7f033dSHerbert Xu .alg = "hmac(sha256)", 3590da7f033dSHerbert Xu .test = alg_test_hash, 3591a1915d51SJarod Wilson .fips_allowed = 1, 3592da7f033dSHerbert Xu .suite = { 359321c8e720SArd Biesheuvel .hash = __VECS(hmac_sha256_tv_template) 3594da7f033dSHerbert Xu } 3595da7f033dSHerbert Xu }, { 359698eca72fSraveendra padasalagi .alg = "hmac(sha3-224)", 359798eca72fSraveendra padasalagi .test = alg_test_hash, 359898eca72fSraveendra padasalagi .fips_allowed = 1, 359998eca72fSraveendra padasalagi .suite = { 360021c8e720SArd Biesheuvel .hash = __VECS(hmac_sha3_224_tv_template) 360198eca72fSraveendra padasalagi } 360298eca72fSraveendra padasalagi }, { 360398eca72fSraveendra padasalagi .alg = "hmac(sha3-256)", 360498eca72fSraveendra padasalagi .test = alg_test_hash, 360598eca72fSraveendra padasalagi .fips_allowed = 1, 360698eca72fSraveendra padasalagi .suite = { 360721c8e720SArd Biesheuvel .hash = __VECS(hmac_sha3_256_tv_template) 360898eca72fSraveendra padasalagi } 360998eca72fSraveendra padasalagi }, { 361098eca72fSraveendra padasalagi .alg = "hmac(sha3-384)", 361198eca72fSraveendra padasalagi .test = alg_test_hash, 361298eca72fSraveendra padasalagi .fips_allowed = 1, 361398eca72fSraveendra padasalagi .suite = { 361421c8e720SArd Biesheuvel .hash = __VECS(hmac_sha3_384_tv_template) 361598eca72fSraveendra padasalagi } 361698eca72fSraveendra padasalagi }, { 361798eca72fSraveendra padasalagi .alg = "hmac(sha3-512)", 361898eca72fSraveendra padasalagi .test = alg_test_hash, 361998eca72fSraveendra padasalagi .fips_allowed = 1, 362098eca72fSraveendra padasalagi .suite = { 362121c8e720SArd Biesheuvel .hash = __VECS(hmac_sha3_512_tv_template) 362298eca72fSraveendra padasalagi } 362398eca72fSraveendra padasalagi }, { 3624da7f033dSHerbert Xu .alg = "hmac(sha384)", 3625da7f033dSHerbert Xu .test = alg_test_hash, 3626a1915d51SJarod Wilson .fips_allowed = 1, 3627da7f033dSHerbert Xu .suite = { 362821c8e720SArd Biesheuvel .hash = __VECS(hmac_sha384_tv_template) 3629da7f033dSHerbert Xu } 3630da7f033dSHerbert Xu }, { 3631da7f033dSHerbert Xu .alg = "hmac(sha512)", 3632da7f033dSHerbert Xu .test = alg_test_hash, 3633a1915d51SJarod Wilson .fips_allowed = 1, 3634da7f033dSHerbert Xu .suite = { 363521c8e720SArd Biesheuvel .hash = __VECS(hmac_sha512_tv_template) 3636da7f033dSHerbert Xu } 3637da7f033dSHerbert Xu }, { 363825a0b9d4SVitaly Chikunov .alg = "hmac(streebog256)", 363925a0b9d4SVitaly Chikunov .test = alg_test_hash, 364025a0b9d4SVitaly Chikunov .suite = { 364125a0b9d4SVitaly Chikunov .hash = __VECS(hmac_streebog256_tv_template) 364225a0b9d4SVitaly Chikunov } 364325a0b9d4SVitaly Chikunov }, { 364425a0b9d4SVitaly Chikunov .alg = "hmac(streebog512)", 364525a0b9d4SVitaly Chikunov .test = alg_test_hash, 364625a0b9d4SVitaly Chikunov .suite = { 364725a0b9d4SVitaly Chikunov .hash = __VECS(hmac_streebog512_tv_template) 364825a0b9d4SVitaly Chikunov } 364925a0b9d4SVitaly Chikunov }, { 3650bb5530e4SStephan Mueller .alg = "jitterentropy_rng", 3651bb5530e4SStephan Mueller .fips_allowed = 1, 3652bb5530e4SStephan Mueller .test = alg_test_null, 3653bb5530e4SStephan Mueller }, { 365435351988SStephan Mueller .alg = "kw(aes)", 365535351988SStephan Mueller .test = alg_test_skcipher, 365635351988SStephan Mueller .fips_allowed = 1, 365735351988SStephan Mueller .suite = { 365892a4c9feSEric Biggers .cipher = __VECS(aes_kw_tv_template) 365935351988SStephan Mueller } 366035351988SStephan Mueller }, { 3661da7f033dSHerbert Xu .alg = "lrw(aes)", 36621aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3663da7f033dSHerbert Xu .suite = { 366492a4c9feSEric Biggers .cipher = __VECS(aes_lrw_tv_template) 3665da7f033dSHerbert Xu } 3666da7f033dSHerbert Xu }, { 36670840605eSJussi Kivilinna .alg = "lrw(camellia)", 36680840605eSJussi Kivilinna .test = alg_test_skcipher, 36690840605eSJussi Kivilinna .suite = { 367092a4c9feSEric Biggers .cipher = __VECS(camellia_lrw_tv_template) 36710840605eSJussi Kivilinna } 36720840605eSJussi Kivilinna }, { 36739b8b0405SJohannes Goetzfried .alg = "lrw(cast6)", 36749b8b0405SJohannes Goetzfried .test = alg_test_skcipher, 36759b8b0405SJohannes Goetzfried .suite = { 367692a4c9feSEric Biggers .cipher = __VECS(cast6_lrw_tv_template) 36779b8b0405SJohannes Goetzfried } 36789b8b0405SJohannes Goetzfried }, { 3679d7bfc0faSJussi Kivilinna .alg = "lrw(serpent)", 3680d7bfc0faSJussi Kivilinna .test = alg_test_skcipher, 3681d7bfc0faSJussi Kivilinna .suite = { 368292a4c9feSEric Biggers .cipher = __VECS(serpent_lrw_tv_template) 3683d7bfc0faSJussi Kivilinna } 3684d7bfc0faSJussi Kivilinna }, { 36850b2a1551SJussi Kivilinna .alg = "lrw(twofish)", 36860b2a1551SJussi Kivilinna .test = alg_test_skcipher, 36870b2a1551SJussi Kivilinna .suite = { 368892a4c9feSEric Biggers .cipher = __VECS(tf_lrw_tv_template) 36890b2a1551SJussi Kivilinna } 36900b2a1551SJussi Kivilinna }, { 36911443cc9bSKOVACS Krisztian .alg = "lz4", 36921443cc9bSKOVACS Krisztian .test = alg_test_comp, 36931443cc9bSKOVACS Krisztian .fips_allowed = 1, 36941443cc9bSKOVACS Krisztian .suite = { 36951443cc9bSKOVACS Krisztian .comp = { 369621c8e720SArd Biesheuvel .comp = __VECS(lz4_comp_tv_template), 369721c8e720SArd Biesheuvel .decomp = __VECS(lz4_decomp_tv_template) 36981443cc9bSKOVACS Krisztian } 36991443cc9bSKOVACS Krisztian } 37001443cc9bSKOVACS Krisztian }, { 37011443cc9bSKOVACS Krisztian .alg = "lz4hc", 37021443cc9bSKOVACS Krisztian .test = alg_test_comp, 37031443cc9bSKOVACS Krisztian .fips_allowed = 1, 37041443cc9bSKOVACS Krisztian .suite = { 37051443cc9bSKOVACS Krisztian .comp = { 370621c8e720SArd Biesheuvel .comp = __VECS(lz4hc_comp_tv_template), 370721c8e720SArd Biesheuvel .decomp = __VECS(lz4hc_decomp_tv_template) 37081443cc9bSKOVACS Krisztian } 37091443cc9bSKOVACS Krisztian } 37101443cc9bSKOVACS Krisztian }, { 3711da7f033dSHerbert Xu .alg = "lzo", 3712da7f033dSHerbert Xu .test = alg_test_comp, 37130818904dSMilan Broz .fips_allowed = 1, 3714da7f033dSHerbert Xu .suite = { 3715da7f033dSHerbert Xu .comp = { 371621c8e720SArd Biesheuvel .comp = __VECS(lzo_comp_tv_template), 371721c8e720SArd Biesheuvel .decomp = __VECS(lzo_decomp_tv_template) 3718da7f033dSHerbert Xu } 3719da7f033dSHerbert Xu } 3720da7f033dSHerbert Xu }, { 3721da7f033dSHerbert Xu .alg = "md4", 3722da7f033dSHerbert Xu .test = alg_test_hash, 3723da7f033dSHerbert Xu .suite = { 372421c8e720SArd Biesheuvel .hash = __VECS(md4_tv_template) 3725da7f033dSHerbert Xu } 3726da7f033dSHerbert Xu }, { 3727da7f033dSHerbert Xu .alg = "md5", 3728da7f033dSHerbert Xu .test = alg_test_hash, 3729da7f033dSHerbert Xu .suite = { 373021c8e720SArd Biesheuvel .hash = __VECS(md5_tv_template) 3731da7f033dSHerbert Xu } 3732da7f033dSHerbert Xu }, { 3733da7f033dSHerbert Xu .alg = "michael_mic", 3734da7f033dSHerbert Xu .test = alg_test_hash, 3735da7f033dSHerbert Xu .suite = { 373621c8e720SArd Biesheuvel .hash = __VECS(michael_mic_tv_template) 3737da7f033dSHerbert Xu } 3738da7f033dSHerbert Xu }, { 37394feb4c59SOndrej Mosnacek .alg = "morus1280", 37404feb4c59SOndrej Mosnacek .test = alg_test_aead, 37414feb4c59SOndrej Mosnacek .suite = { 3742a0d608eeSEric Biggers .aead = __VECS(morus1280_tv_template) 37434feb4c59SOndrej Mosnacek } 37444feb4c59SOndrej Mosnacek }, { 37454feb4c59SOndrej Mosnacek .alg = "morus640", 37464feb4c59SOndrej Mosnacek .test = alg_test_aead, 37474feb4c59SOndrej Mosnacek .suite = { 3748a0d608eeSEric Biggers .aead = __VECS(morus640_tv_template) 37494feb4c59SOndrej Mosnacek } 37504feb4c59SOndrej Mosnacek }, { 375126609a21SEric Biggers .alg = "nhpoly1305", 375226609a21SEric Biggers .test = alg_test_hash, 375326609a21SEric Biggers .suite = { 375426609a21SEric Biggers .hash = __VECS(nhpoly1305_tv_template) 375526609a21SEric Biggers } 375626609a21SEric Biggers }, { 3757ba0e14acSPuneet Saxena .alg = "ofb(aes)", 3758ba0e14acSPuneet Saxena .test = alg_test_skcipher, 3759ba0e14acSPuneet Saxena .fips_allowed = 1, 3760ba0e14acSPuneet Saxena .suite = { 376192a4c9feSEric Biggers .cipher = __VECS(aes_ofb_tv_template) 3762ba0e14acSPuneet Saxena } 3763ba0e14acSPuneet Saxena }, { 3764a794d8d8SGilad Ben-Yossef /* Same as ofb(aes) except the key is stored in 3765a794d8d8SGilad Ben-Yossef * hardware secure memory which we reference by index 3766a794d8d8SGilad Ben-Yossef */ 3767a794d8d8SGilad Ben-Yossef .alg = "ofb(paes)", 3768a794d8d8SGilad Ben-Yossef .test = alg_test_null, 3769a794d8d8SGilad Ben-Yossef .fips_allowed = 1, 3770a794d8d8SGilad Ben-Yossef }, { 3771da7f033dSHerbert Xu .alg = "pcbc(fcrypt)", 37721aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3773da7f033dSHerbert Xu .suite = { 377492a4c9feSEric Biggers .cipher = __VECS(fcrypt_pcbc_tv_template) 3775da7f033dSHerbert Xu } 3776da7f033dSHerbert Xu }, { 37771207107cSStephan Mueller .alg = "pkcs1pad(rsa,sha224)", 37781207107cSStephan Mueller .test = alg_test_null, 37791207107cSStephan Mueller .fips_allowed = 1, 37801207107cSStephan Mueller }, { 37811207107cSStephan Mueller .alg = "pkcs1pad(rsa,sha256)", 37821207107cSStephan Mueller .test = alg_test_akcipher, 37831207107cSStephan Mueller .fips_allowed = 1, 37841207107cSStephan Mueller .suite = { 37851207107cSStephan Mueller .akcipher = __VECS(pkcs1pad_rsa_tv_template) 37861207107cSStephan Mueller } 37871207107cSStephan Mueller }, { 37881207107cSStephan Mueller .alg = "pkcs1pad(rsa,sha384)", 37891207107cSStephan Mueller .test = alg_test_null, 37901207107cSStephan Mueller .fips_allowed = 1, 37911207107cSStephan Mueller }, { 37921207107cSStephan Mueller .alg = "pkcs1pad(rsa,sha512)", 37931207107cSStephan Mueller .test = alg_test_null, 37941207107cSStephan Mueller .fips_allowed = 1, 37951207107cSStephan Mueller }, { 3796eee9dc61SMartin Willi .alg = "poly1305", 3797eee9dc61SMartin Willi .test = alg_test_hash, 3798eee9dc61SMartin Willi .suite = { 379921c8e720SArd Biesheuvel .hash = __VECS(poly1305_tv_template) 3800eee9dc61SMartin Willi } 3801eee9dc61SMartin Willi }, { 3802da7f033dSHerbert Xu .alg = "rfc3686(ctr(aes))", 38031aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3804a1915d51SJarod Wilson .fips_allowed = 1, 3805da7f033dSHerbert Xu .suite = { 380692a4c9feSEric Biggers .cipher = __VECS(aes_ctr_rfc3686_tv_template) 3807da7f033dSHerbert Xu } 3808da7f033dSHerbert Xu }, { 38093f31a740SHerbert Xu .alg = "rfc4106(gcm(aes))", 381069435b94SAdrian Hoban .test = alg_test_aead, 3811db71f29aSJarod Wilson .fips_allowed = 1, 381269435b94SAdrian Hoban .suite = { 3813a0d608eeSEric Biggers .aead = __VECS(aes_gcm_rfc4106_tv_template) 381469435b94SAdrian Hoban } 381569435b94SAdrian Hoban }, { 3816544c436aSHerbert Xu .alg = "rfc4309(ccm(aes))", 38175d667322SJarod Wilson .test = alg_test_aead, 3818a1915d51SJarod Wilson .fips_allowed = 1, 38195d667322SJarod Wilson .suite = { 3820a0d608eeSEric Biggers .aead = __VECS(aes_ccm_rfc4309_tv_template) 38215d667322SJarod Wilson } 38225d667322SJarod Wilson }, { 3823bb68745eSHerbert Xu .alg = "rfc4543(gcm(aes))", 3824e9b7441aSJussi Kivilinna .test = alg_test_aead, 3825e9b7441aSJussi Kivilinna .suite = { 3826a0d608eeSEric Biggers .aead = __VECS(aes_gcm_rfc4543_tv_template) 3827e9b7441aSJussi Kivilinna } 3828e9b7441aSJussi Kivilinna }, { 3829af2b76b5SMartin Willi .alg = "rfc7539(chacha20,poly1305)", 3830af2b76b5SMartin Willi .test = alg_test_aead, 3831af2b76b5SMartin Willi .suite = { 3832a0d608eeSEric Biggers .aead = __VECS(rfc7539_tv_template) 3833af2b76b5SMartin Willi } 3834af2b76b5SMartin Willi }, { 38355900758dSMartin Willi .alg = "rfc7539esp(chacha20,poly1305)", 38365900758dSMartin Willi .test = alg_test_aead, 38375900758dSMartin Willi .suite = { 3838a0d608eeSEric Biggers .aead = __VECS(rfc7539esp_tv_template) 38395900758dSMartin Willi } 38405900758dSMartin Willi }, { 3841da7f033dSHerbert Xu .alg = "rmd128", 3842da7f033dSHerbert Xu .test = alg_test_hash, 3843da7f033dSHerbert Xu .suite = { 384421c8e720SArd Biesheuvel .hash = __VECS(rmd128_tv_template) 3845da7f033dSHerbert Xu } 3846da7f033dSHerbert Xu }, { 3847da7f033dSHerbert Xu .alg = "rmd160", 3848da7f033dSHerbert Xu .test = alg_test_hash, 3849da7f033dSHerbert Xu .suite = { 385021c8e720SArd Biesheuvel .hash = __VECS(rmd160_tv_template) 3851da7f033dSHerbert Xu } 3852da7f033dSHerbert Xu }, { 3853da7f033dSHerbert Xu .alg = "rmd256", 3854da7f033dSHerbert Xu .test = alg_test_hash, 3855da7f033dSHerbert Xu .suite = { 385621c8e720SArd Biesheuvel .hash = __VECS(rmd256_tv_template) 3857da7f033dSHerbert Xu } 3858da7f033dSHerbert Xu }, { 3859da7f033dSHerbert Xu .alg = "rmd320", 3860da7f033dSHerbert Xu .test = alg_test_hash, 3861da7f033dSHerbert Xu .suite = { 386221c8e720SArd Biesheuvel .hash = __VECS(rmd320_tv_template) 3863da7f033dSHerbert Xu } 3864da7f033dSHerbert Xu }, { 3865946cc463STadeusz Struk .alg = "rsa", 3866946cc463STadeusz Struk .test = alg_test_akcipher, 3867946cc463STadeusz Struk .fips_allowed = 1, 3868946cc463STadeusz Struk .suite = { 386921c8e720SArd Biesheuvel .akcipher = __VECS(rsa_tv_template) 3870946cc463STadeusz Struk } 3871946cc463STadeusz Struk }, { 3872da7f033dSHerbert Xu .alg = "salsa20", 38731aa4ecd9SHerbert Xu .test = alg_test_skcipher, 3874da7f033dSHerbert Xu .suite = { 387592a4c9feSEric Biggers .cipher = __VECS(salsa20_stream_tv_template) 3876da7f033dSHerbert Xu } 3877da7f033dSHerbert Xu }, { 3878da7f033dSHerbert Xu .alg = "sha1", 3879da7f033dSHerbert Xu .test = alg_test_hash, 3880a1915d51SJarod Wilson .fips_allowed = 1, 3881da7f033dSHerbert Xu .suite = { 388221c8e720SArd Biesheuvel .hash = __VECS(sha1_tv_template) 3883da7f033dSHerbert Xu } 3884da7f033dSHerbert Xu }, { 3885da7f033dSHerbert Xu .alg = "sha224", 3886da7f033dSHerbert Xu .test = alg_test_hash, 3887a1915d51SJarod Wilson .fips_allowed = 1, 3888da7f033dSHerbert Xu .suite = { 388921c8e720SArd Biesheuvel .hash = __VECS(sha224_tv_template) 3890da7f033dSHerbert Xu } 3891da7f033dSHerbert Xu }, { 3892da7f033dSHerbert Xu .alg = "sha256", 3893da7f033dSHerbert Xu .test = alg_test_hash, 3894a1915d51SJarod Wilson .fips_allowed = 1, 3895da7f033dSHerbert Xu .suite = { 389621c8e720SArd Biesheuvel .hash = __VECS(sha256_tv_template) 3897da7f033dSHerbert Xu } 3898da7f033dSHerbert Xu }, { 389979cc6ab8Sraveendra padasalagi .alg = "sha3-224", 390079cc6ab8Sraveendra padasalagi .test = alg_test_hash, 390179cc6ab8Sraveendra padasalagi .fips_allowed = 1, 390279cc6ab8Sraveendra padasalagi .suite = { 390321c8e720SArd Biesheuvel .hash = __VECS(sha3_224_tv_template) 390479cc6ab8Sraveendra padasalagi } 390579cc6ab8Sraveendra padasalagi }, { 390679cc6ab8Sraveendra padasalagi .alg = "sha3-256", 390779cc6ab8Sraveendra padasalagi .test = alg_test_hash, 390879cc6ab8Sraveendra padasalagi .fips_allowed = 1, 390979cc6ab8Sraveendra padasalagi .suite = { 391021c8e720SArd Biesheuvel .hash = __VECS(sha3_256_tv_template) 391179cc6ab8Sraveendra padasalagi } 391279cc6ab8Sraveendra padasalagi }, { 391379cc6ab8Sraveendra padasalagi .alg = "sha3-384", 391479cc6ab8Sraveendra padasalagi .test = alg_test_hash, 391579cc6ab8Sraveendra padasalagi .fips_allowed = 1, 391679cc6ab8Sraveendra padasalagi .suite = { 391721c8e720SArd Biesheuvel .hash = __VECS(sha3_384_tv_template) 391879cc6ab8Sraveendra padasalagi } 391979cc6ab8Sraveendra padasalagi }, { 392079cc6ab8Sraveendra padasalagi .alg = "sha3-512", 392179cc6ab8Sraveendra padasalagi .test = alg_test_hash, 392279cc6ab8Sraveendra padasalagi .fips_allowed = 1, 392379cc6ab8Sraveendra padasalagi .suite = { 392421c8e720SArd Biesheuvel .hash = __VECS(sha3_512_tv_template) 392579cc6ab8Sraveendra padasalagi } 392679cc6ab8Sraveendra padasalagi }, { 3927da7f033dSHerbert Xu .alg = "sha384", 3928da7f033dSHerbert Xu .test = alg_test_hash, 3929a1915d51SJarod Wilson .fips_allowed = 1, 3930da7f033dSHerbert Xu .suite = { 393121c8e720SArd Biesheuvel .hash = __VECS(sha384_tv_template) 3932da7f033dSHerbert Xu } 3933da7f033dSHerbert Xu }, { 3934da7f033dSHerbert Xu .alg = "sha512", 3935da7f033dSHerbert Xu .test = alg_test_hash, 3936a1915d51SJarod Wilson .fips_allowed = 1, 3937da7f033dSHerbert Xu .suite = { 393821c8e720SArd Biesheuvel .hash = __VECS(sha512_tv_template) 3939da7f033dSHerbert Xu } 3940da7f033dSHerbert Xu }, { 3941b7e27530SGilad Ben-Yossef .alg = "sm3", 3942b7e27530SGilad Ben-Yossef .test = alg_test_hash, 3943b7e27530SGilad Ben-Yossef .suite = { 3944b7e27530SGilad Ben-Yossef .hash = __VECS(sm3_tv_template) 3945b7e27530SGilad Ben-Yossef } 3946b7e27530SGilad Ben-Yossef }, { 394725a0b9d4SVitaly Chikunov .alg = "streebog256", 394825a0b9d4SVitaly Chikunov .test = alg_test_hash, 394925a0b9d4SVitaly Chikunov .suite = { 395025a0b9d4SVitaly Chikunov .hash = __VECS(streebog256_tv_template) 395125a0b9d4SVitaly Chikunov } 395225a0b9d4SVitaly Chikunov }, { 395325a0b9d4SVitaly Chikunov .alg = "streebog512", 395425a0b9d4SVitaly Chikunov .test = alg_test_hash, 395525a0b9d4SVitaly Chikunov .suite = { 395625a0b9d4SVitaly Chikunov .hash = __VECS(streebog512_tv_template) 395725a0b9d4SVitaly Chikunov } 395825a0b9d4SVitaly Chikunov }, { 3959da7f033dSHerbert Xu .alg = "tgr128", 3960da7f033dSHerbert Xu .test = alg_test_hash, 3961da7f033dSHerbert Xu .suite = { 396221c8e720SArd Biesheuvel .hash = __VECS(tgr128_tv_template) 3963da7f033dSHerbert Xu } 3964da7f033dSHerbert Xu }, { 3965da7f033dSHerbert Xu .alg = "tgr160", 3966da7f033dSHerbert Xu .test = alg_test_hash, 3967da7f033dSHerbert Xu .suite = { 396821c8e720SArd Biesheuvel .hash = __VECS(tgr160_tv_template) 3969da7f033dSHerbert Xu } 3970da7f033dSHerbert Xu }, { 3971da7f033dSHerbert Xu .alg = "tgr192", 3972da7f033dSHerbert Xu .test = alg_test_hash, 3973da7f033dSHerbert Xu .suite = { 397421c8e720SArd Biesheuvel .hash = __VECS(tgr192_tv_template) 3975da7f033dSHerbert Xu } 3976da7f033dSHerbert Xu }, { 3977ed331adaSEric Biggers .alg = "vmac64(aes)", 3978ed331adaSEric Biggers .test = alg_test_hash, 3979ed331adaSEric Biggers .suite = { 3980ed331adaSEric Biggers .hash = __VECS(vmac64_aes_tv_template) 3981ed331adaSEric Biggers } 3982ed331adaSEric Biggers }, { 3983da7f033dSHerbert Xu .alg = "wp256", 3984da7f033dSHerbert Xu .test = alg_test_hash, 3985da7f033dSHerbert Xu .suite = { 398621c8e720SArd Biesheuvel .hash = __VECS(wp256_tv_template) 3987da7f033dSHerbert Xu } 3988da7f033dSHerbert Xu }, { 3989da7f033dSHerbert Xu .alg = "wp384", 3990da7f033dSHerbert Xu .test = alg_test_hash, 3991da7f033dSHerbert Xu .suite = { 399221c8e720SArd Biesheuvel .hash = __VECS(wp384_tv_template) 3993da7f033dSHerbert Xu } 3994da7f033dSHerbert Xu }, { 3995da7f033dSHerbert Xu .alg = "wp512", 3996da7f033dSHerbert Xu .test = alg_test_hash, 3997da7f033dSHerbert Xu .suite = { 399821c8e720SArd Biesheuvel .hash = __VECS(wp512_tv_template) 3999da7f033dSHerbert Xu } 4000da7f033dSHerbert Xu }, { 4001da7f033dSHerbert Xu .alg = "xcbc(aes)", 4002da7f033dSHerbert Xu .test = alg_test_hash, 4003da7f033dSHerbert Xu .suite = { 400421c8e720SArd Biesheuvel .hash = __VECS(aes_xcbc128_tv_template) 4005da7f033dSHerbert Xu } 4006da7f033dSHerbert Xu }, { 4007aa762409SEric Biggers .alg = "xchacha12", 4008aa762409SEric Biggers .test = alg_test_skcipher, 4009aa762409SEric Biggers .suite = { 4010aa762409SEric Biggers .cipher = __VECS(xchacha12_tv_template) 4011aa762409SEric Biggers }, 4012aa762409SEric Biggers }, { 4013de61d7aeSEric Biggers .alg = "xchacha20", 4014de61d7aeSEric Biggers .test = alg_test_skcipher, 4015de61d7aeSEric Biggers .suite = { 4016de61d7aeSEric Biggers .cipher = __VECS(xchacha20_tv_template) 4017de61d7aeSEric Biggers }, 4018de61d7aeSEric Biggers }, { 4019da7f033dSHerbert Xu .alg = "xts(aes)", 40201aa4ecd9SHerbert Xu .test = alg_test_skcipher, 40212918aa8dSJarod Wilson .fips_allowed = 1, 4022da7f033dSHerbert Xu .suite = { 402392a4c9feSEric Biggers .cipher = __VECS(aes_xts_tv_template) 4024da7f033dSHerbert Xu } 40250c01aed5SGeert Uytterhoeven }, { 40260840605eSJussi Kivilinna .alg = "xts(camellia)", 40270840605eSJussi Kivilinna .test = alg_test_skcipher, 40280840605eSJussi Kivilinna .suite = { 402992a4c9feSEric Biggers .cipher = __VECS(camellia_xts_tv_template) 40300840605eSJussi Kivilinna } 40310840605eSJussi Kivilinna }, { 40329b8b0405SJohannes Goetzfried .alg = "xts(cast6)", 40339b8b0405SJohannes Goetzfried .test = alg_test_skcipher, 40349b8b0405SJohannes Goetzfried .suite = { 403592a4c9feSEric Biggers .cipher = __VECS(cast6_xts_tv_template) 40369b8b0405SJohannes Goetzfried } 40379b8b0405SJohannes Goetzfried }, { 403815f47ce5SGilad Ben-Yossef /* Same as xts(aes) except the key is stored in 403915f47ce5SGilad Ben-Yossef * hardware secure memory which we reference by index 404015f47ce5SGilad Ben-Yossef */ 404115f47ce5SGilad Ben-Yossef .alg = "xts(paes)", 404215f47ce5SGilad Ben-Yossef .test = alg_test_null, 404315f47ce5SGilad Ben-Yossef .fips_allowed = 1, 404415f47ce5SGilad Ben-Yossef }, { 404518be20b9SJussi Kivilinna .alg = "xts(serpent)", 404618be20b9SJussi Kivilinna .test = alg_test_skcipher, 404718be20b9SJussi Kivilinna .suite = { 404892a4c9feSEric Biggers .cipher = __VECS(serpent_xts_tv_template) 404918be20b9SJussi Kivilinna } 405018be20b9SJussi Kivilinna }, { 4051aed265b9SJussi Kivilinna .alg = "xts(twofish)", 4052aed265b9SJussi Kivilinna .test = alg_test_skcipher, 4053aed265b9SJussi Kivilinna .suite = { 405492a4c9feSEric Biggers .cipher = __VECS(tf_xts_tv_template) 4055aed265b9SJussi Kivilinna } 4056a368f43dSGiovanni Cabiddu }, { 405715f47ce5SGilad Ben-Yossef .alg = "xts4096(paes)", 405815f47ce5SGilad Ben-Yossef .test = alg_test_null, 405915f47ce5SGilad Ben-Yossef .fips_allowed = 1, 406015f47ce5SGilad Ben-Yossef }, { 406115f47ce5SGilad Ben-Yossef .alg = "xts512(paes)", 406215f47ce5SGilad Ben-Yossef .test = alg_test_null, 406315f47ce5SGilad Ben-Yossef .fips_allowed = 1, 406415f47ce5SGilad Ben-Yossef }, { 4065a368f43dSGiovanni Cabiddu .alg = "zlib-deflate", 4066a368f43dSGiovanni Cabiddu .test = alg_test_comp, 4067a368f43dSGiovanni Cabiddu .fips_allowed = 1, 4068a368f43dSGiovanni Cabiddu .suite = { 4069a368f43dSGiovanni Cabiddu .comp = { 4070a368f43dSGiovanni Cabiddu .comp = __VECS(zlib_deflate_comp_tv_template), 4071a368f43dSGiovanni Cabiddu .decomp = __VECS(zlib_deflate_decomp_tv_template) 4072a368f43dSGiovanni Cabiddu } 4073a368f43dSGiovanni Cabiddu } 4074d28fc3dbSNick Terrell }, { 4075d28fc3dbSNick Terrell .alg = "zstd", 4076d28fc3dbSNick Terrell .test = alg_test_comp, 4077d28fc3dbSNick Terrell .fips_allowed = 1, 4078d28fc3dbSNick Terrell .suite = { 4079d28fc3dbSNick Terrell .comp = { 4080d28fc3dbSNick Terrell .comp = __VECS(zstd_comp_tv_template), 4081d28fc3dbSNick Terrell .decomp = __VECS(zstd_decomp_tv_template) 4082d28fc3dbSNick Terrell } 4083d28fc3dbSNick Terrell } 4084da7f033dSHerbert Xu } 4085da7f033dSHerbert Xu }; 4086da7f033dSHerbert Xu 40873f47a03dSEric Biggers static void alg_check_test_descs_order(void) 40885714758bSJussi Kivilinna { 40895714758bSJussi Kivilinna int i; 40905714758bSJussi Kivilinna 40915714758bSJussi Kivilinna for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) { 40925714758bSJussi Kivilinna int diff = strcmp(alg_test_descs[i - 1].alg, 40935714758bSJussi Kivilinna alg_test_descs[i].alg); 40945714758bSJussi Kivilinna 40955714758bSJussi Kivilinna if (WARN_ON(diff > 0)) { 40965714758bSJussi Kivilinna pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n", 40975714758bSJussi Kivilinna alg_test_descs[i - 1].alg, 40985714758bSJussi Kivilinna alg_test_descs[i].alg); 40995714758bSJussi Kivilinna } 41005714758bSJussi Kivilinna 41015714758bSJussi Kivilinna if (WARN_ON(diff == 0)) { 41025714758bSJussi Kivilinna pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n", 41035714758bSJussi Kivilinna alg_test_descs[i].alg); 41045714758bSJussi Kivilinna } 41055714758bSJussi Kivilinna } 41065714758bSJussi Kivilinna } 41075714758bSJussi Kivilinna 41083f47a03dSEric Biggers static void alg_check_testvec_configs(void) 41093f47a03dSEric Biggers { 41103f47a03dSEric Biggers } 41113f47a03dSEric Biggers 41123f47a03dSEric Biggers static void testmgr_onetime_init(void) 41133f47a03dSEric Biggers { 41143f47a03dSEric Biggers alg_check_test_descs_order(); 41153f47a03dSEric Biggers alg_check_testvec_configs(); 41165b2706a4SEric Biggers 41175b2706a4SEric Biggers #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS 41185b2706a4SEric Biggers pr_warn("alg: extra crypto tests enabled. This is intended for developer use only.\n"); 41195b2706a4SEric Biggers #endif 41203f47a03dSEric Biggers } 41213f47a03dSEric Biggers 41221aa4ecd9SHerbert Xu static int alg_find_test(const char *alg) 4123da7f033dSHerbert Xu { 4124da7f033dSHerbert Xu int start = 0; 4125da7f033dSHerbert Xu int end = ARRAY_SIZE(alg_test_descs); 4126da7f033dSHerbert Xu 4127da7f033dSHerbert Xu while (start < end) { 4128da7f033dSHerbert Xu int i = (start + end) / 2; 4129da7f033dSHerbert Xu int diff = strcmp(alg_test_descs[i].alg, alg); 4130da7f033dSHerbert Xu 4131da7f033dSHerbert Xu if (diff > 0) { 4132da7f033dSHerbert Xu end = i; 4133da7f033dSHerbert Xu continue; 4134da7f033dSHerbert Xu } 4135da7f033dSHerbert Xu 4136da7f033dSHerbert Xu if (diff < 0) { 4137da7f033dSHerbert Xu start = i + 1; 4138da7f033dSHerbert Xu continue; 4139da7f033dSHerbert Xu } 4140da7f033dSHerbert Xu 41411aa4ecd9SHerbert Xu return i; 4142da7f033dSHerbert Xu } 4143da7f033dSHerbert Xu 41441aa4ecd9SHerbert Xu return -1; 41451aa4ecd9SHerbert Xu } 41461aa4ecd9SHerbert Xu 41471aa4ecd9SHerbert Xu int alg_test(const char *driver, const char *alg, u32 type, u32 mask) 41481aa4ecd9SHerbert Xu { 41491aa4ecd9SHerbert Xu int i; 4150a68f6610SHerbert Xu int j; 4151d12d6b6dSNeil Horman int rc; 41521aa4ecd9SHerbert Xu 41539e5c9fe4SRichard W.M. Jones if (!fips_enabled && notests) { 41549e5c9fe4SRichard W.M. Jones printk_once(KERN_INFO "alg: self-tests disabled\n"); 41559e5c9fe4SRichard W.M. Jones return 0; 41569e5c9fe4SRichard W.M. Jones } 41579e5c9fe4SRichard W.M. Jones 41583f47a03dSEric Biggers DO_ONCE(testmgr_onetime_init); 41595714758bSJussi Kivilinna 41601aa4ecd9SHerbert Xu if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { 41611aa4ecd9SHerbert Xu char nalg[CRYPTO_MAX_ALG_NAME]; 41621aa4ecd9SHerbert Xu 41631aa4ecd9SHerbert Xu if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >= 41641aa4ecd9SHerbert Xu sizeof(nalg)) 41651aa4ecd9SHerbert Xu return -ENAMETOOLONG; 41661aa4ecd9SHerbert Xu 41671aa4ecd9SHerbert Xu i = alg_find_test(nalg); 41681aa4ecd9SHerbert Xu if (i < 0) 41691aa4ecd9SHerbert Xu goto notest; 41701aa4ecd9SHerbert Xu 4171a3bef3a3SJarod Wilson if (fips_enabled && !alg_test_descs[i].fips_allowed) 4172a3bef3a3SJarod Wilson goto non_fips_alg; 4173a3bef3a3SJarod Wilson 4174941fb328SJarod Wilson rc = alg_test_cipher(alg_test_descs + i, driver, type, mask); 4175941fb328SJarod Wilson goto test_done; 41761aa4ecd9SHerbert Xu } 41771aa4ecd9SHerbert Xu 41781aa4ecd9SHerbert Xu i = alg_find_test(alg); 4179a68f6610SHerbert Xu j = alg_find_test(driver); 4180a68f6610SHerbert Xu if (i < 0 && j < 0) 41811aa4ecd9SHerbert Xu goto notest; 41821aa4ecd9SHerbert Xu 4183a68f6610SHerbert Xu if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) || 4184a68f6610SHerbert Xu (j >= 0 && !alg_test_descs[j].fips_allowed))) 4185a3bef3a3SJarod Wilson goto non_fips_alg; 4186a3bef3a3SJarod Wilson 4187a68f6610SHerbert Xu rc = 0; 4188a68f6610SHerbert Xu if (i >= 0) 4189a68f6610SHerbert Xu rc |= alg_test_descs[i].test(alg_test_descs + i, driver, 41901aa4ecd9SHerbert Xu type, mask); 4191032c8cacSCristian Stoica if (j >= 0 && j != i) 4192a68f6610SHerbert Xu rc |= alg_test_descs[j].test(alg_test_descs + j, driver, 4193a68f6610SHerbert Xu type, mask); 4194a68f6610SHerbert Xu 4195941fb328SJarod Wilson test_done: 4196d12d6b6dSNeil Horman if (fips_enabled && rc) 4197d12d6b6dSNeil Horman panic("%s: %s alg self test failed in fips mode!\n", driver, alg); 4198d12d6b6dSNeil Horman 419929ecd4abSJarod Wilson if (fips_enabled && !rc) 42003e8cffd4SMasanari Iida pr_info("alg: self-tests for %s (%s) passed\n", driver, alg); 420129ecd4abSJarod Wilson 4202d12d6b6dSNeil Horman return rc; 42031aa4ecd9SHerbert Xu 42041aa4ecd9SHerbert Xu notest: 4205da7f033dSHerbert Xu printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver); 4206da7f033dSHerbert Xu return 0; 4207a3bef3a3SJarod Wilson non_fips_alg: 4208a3bef3a3SJarod Wilson return -EINVAL; 4209da7f033dSHerbert Xu } 42100b767f96SAlexander Shishkin 4211326a6346SHerbert Xu #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */ 42120b767f96SAlexander Shishkin 4213da7f033dSHerbert Xu EXPORT_SYMBOL_GPL(alg_test); 4214