1 /* 2 * Algorithm testing framework and tests. 3 * 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au> 5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org> 6 * Copyright (c) 2007 Nokia Siemens Networks 7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au> 8 * 9 * Updated RFC4106 AES-GCM testing. 10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com) 11 * Adrian Hoban <adrian.hoban@intel.com> 12 * Gabriele Paoloni <gabriele.paoloni@intel.com> 13 * Tadeusz Struk (tadeusz.struk@intel.com) 14 * Copyright (c) 2010, Intel Corporation. 15 * 16 * This program is free software; you can redistribute it and/or modify it 17 * under the terms of the GNU General Public License as published by the Free 18 * Software Foundation; either version 2 of the License, or (at your option) 19 * any later version. 20 * 21 */ 22 23 #include <crypto/aead.h> 24 #include <crypto/hash.h> 25 #include <crypto/skcipher.h> 26 #include <linux/err.h> 27 #include <linux/fips.h> 28 #include <linux/module.h> 29 #include <linux/scatterlist.h> 30 #include <linux/slab.h> 31 #include <linux/string.h> 32 #include <crypto/rng.h> 33 #include <crypto/drbg.h> 34 #include <crypto/akcipher.h> 35 #include <crypto/kpp.h> 36 #include <crypto/acompress.h> 37 38 #include "internal.h" 39 40 static bool notests; 41 module_param(notests, bool, 0644); 42 MODULE_PARM_DESC(notests, "disable crypto self-tests"); 43 44 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS 45 46 /* a perfect nop */ 47 int alg_test(const char *driver, const char *alg, u32 type, u32 mask) 48 { 49 return 0; 50 } 51 52 #else 53 54 #include "testmgr.h" 55 56 /* 57 * Need slab memory for testing (size in number of pages). 58 */ 59 #define XBUFSIZE 8 60 61 /* 62 * Indexes into the xbuf to simulate cross-page access. 63 */ 64 #define IDX1 32 65 #define IDX2 32400 66 #define IDX3 1511 67 #define IDX4 8193 68 #define IDX5 22222 69 #define IDX6 17101 70 #define IDX7 27333 71 #define IDX8 3000 72 73 /* 74 * Used by test_cipher() 75 */ 76 #define ENCRYPT 1 77 #define DECRYPT 0 78 79 struct tcrypt_result { 80 struct completion completion; 81 int err; 82 }; 83 84 struct aead_test_suite { 85 struct { 86 struct aead_testvec *vecs; 87 unsigned int count; 88 } enc, dec; 89 }; 90 91 struct cipher_test_suite { 92 struct { 93 struct cipher_testvec *vecs; 94 unsigned int count; 95 } enc, dec; 96 }; 97 98 struct comp_test_suite { 99 struct { 100 struct comp_testvec *vecs; 101 unsigned int count; 102 } comp, decomp; 103 }; 104 105 struct hash_test_suite { 106 struct hash_testvec *vecs; 107 unsigned int count; 108 }; 109 110 struct cprng_test_suite { 111 struct cprng_testvec *vecs; 112 unsigned int count; 113 }; 114 115 struct drbg_test_suite { 116 struct drbg_testvec *vecs; 117 unsigned int count; 118 }; 119 120 struct akcipher_test_suite { 121 struct akcipher_testvec *vecs; 122 unsigned int count; 123 }; 124 125 struct kpp_test_suite { 126 struct kpp_testvec *vecs; 127 unsigned int count; 128 }; 129 130 struct alg_test_desc { 131 const char *alg; 132 int (*test)(const struct alg_test_desc *desc, const char *driver, 133 u32 type, u32 mask); 134 int fips_allowed; /* set if alg is allowed in fips mode */ 135 136 union { 137 struct aead_test_suite aead; 138 struct cipher_test_suite cipher; 139 struct comp_test_suite comp; 140 struct hash_test_suite hash; 141 struct cprng_test_suite cprng; 142 struct drbg_test_suite drbg; 143 struct akcipher_test_suite akcipher; 144 struct kpp_test_suite kpp; 145 } suite; 146 }; 147 148 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 }; 149 150 static void hexdump(unsigned char *buf, unsigned int len) 151 { 152 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET, 153 16, 1, 154 buf, len, false); 155 } 156 157 static void tcrypt_complete(struct crypto_async_request *req, int err) 158 { 159 struct tcrypt_result *res = req->data; 160 161 if (err == -EINPROGRESS) 162 return; 163 164 res->err = err; 165 complete(&res->completion); 166 } 167 168 static int testmgr_alloc_buf(char *buf[XBUFSIZE]) 169 { 170 int i; 171 172 for (i = 0; i < XBUFSIZE; i++) { 173 buf[i] = (void *)__get_free_page(GFP_KERNEL); 174 if (!buf[i]) 175 goto err_free_buf; 176 } 177 178 return 0; 179 180 err_free_buf: 181 while (i-- > 0) 182 free_page((unsigned long)buf[i]); 183 184 return -ENOMEM; 185 } 186 187 static void testmgr_free_buf(char *buf[XBUFSIZE]) 188 { 189 int i; 190 191 for (i = 0; i < XBUFSIZE; i++) 192 free_page((unsigned long)buf[i]); 193 } 194 195 static int wait_async_op(struct tcrypt_result *tr, int ret) 196 { 197 if (ret == -EINPROGRESS || ret == -EBUSY) { 198 wait_for_completion(&tr->completion); 199 reinit_completion(&tr->completion); 200 ret = tr->err; 201 } 202 return ret; 203 } 204 205 static int ahash_partial_update(struct ahash_request **preq, 206 struct crypto_ahash *tfm, struct hash_testvec *template, 207 void *hash_buff, int k, int temp, struct scatterlist *sg, 208 const char *algo, char *result, struct tcrypt_result *tresult) 209 { 210 char *state; 211 struct ahash_request *req; 212 int statesize, ret = -EINVAL; 213 const char guard[] = { 0x00, 0xba, 0xad, 0x00 }; 214 215 req = *preq; 216 statesize = crypto_ahash_statesize( 217 crypto_ahash_reqtfm(req)); 218 state = kmalloc(statesize + sizeof(guard), GFP_KERNEL); 219 if (!state) { 220 pr_err("alt: hash: Failed to alloc state for %s\n", algo); 221 goto out_nostate; 222 } 223 memcpy(state + statesize, guard, sizeof(guard)); 224 ret = crypto_ahash_export(req, state); 225 WARN_ON(memcmp(state + statesize, guard, sizeof(guard))); 226 if (ret) { 227 pr_err("alt: hash: Failed to export() for %s\n", algo); 228 goto out; 229 } 230 ahash_request_free(req); 231 req = ahash_request_alloc(tfm, GFP_KERNEL); 232 if (!req) { 233 pr_err("alg: hash: Failed to alloc request for %s\n", algo); 234 goto out_noreq; 235 } 236 ahash_request_set_callback(req, 237 CRYPTO_TFM_REQ_MAY_BACKLOG, 238 tcrypt_complete, tresult); 239 240 memcpy(hash_buff, template->plaintext + temp, 241 template->tap[k]); 242 sg_init_one(&sg[0], hash_buff, template->tap[k]); 243 ahash_request_set_crypt(req, sg, result, template->tap[k]); 244 ret = crypto_ahash_import(req, state); 245 if (ret) { 246 pr_err("alg: hash: Failed to import() for %s\n", algo); 247 goto out; 248 } 249 ret = wait_async_op(tresult, crypto_ahash_update(req)); 250 if (ret) 251 goto out; 252 *preq = req; 253 ret = 0; 254 goto out_noreq; 255 out: 256 ahash_request_free(req); 257 out_noreq: 258 kfree(state); 259 out_nostate: 260 return ret; 261 } 262 263 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template, 264 unsigned int tcount, bool use_digest, 265 const int align_offset) 266 { 267 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); 268 size_t digest_size = crypto_ahash_digestsize(tfm); 269 unsigned int i, j, k, temp; 270 struct scatterlist sg[8]; 271 char *result; 272 char *key; 273 struct ahash_request *req; 274 struct tcrypt_result tresult; 275 void *hash_buff; 276 char *xbuf[XBUFSIZE]; 277 int ret = -ENOMEM; 278 279 result = kmalloc(digest_size, GFP_KERNEL); 280 if (!result) 281 return ret; 282 key = kmalloc(MAX_KEYLEN, GFP_KERNEL); 283 if (!key) 284 goto out_nobuf; 285 if (testmgr_alloc_buf(xbuf)) 286 goto out_nobuf; 287 288 init_completion(&tresult.completion); 289 290 req = ahash_request_alloc(tfm, GFP_KERNEL); 291 if (!req) { 292 printk(KERN_ERR "alg: hash: Failed to allocate request for " 293 "%s\n", algo); 294 goto out_noreq; 295 } 296 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 297 tcrypt_complete, &tresult); 298 299 j = 0; 300 for (i = 0; i < tcount; i++) { 301 if (template[i].np) 302 continue; 303 304 ret = -EINVAL; 305 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE)) 306 goto out; 307 308 j++; 309 memset(result, 0, digest_size); 310 311 hash_buff = xbuf[0]; 312 hash_buff += align_offset; 313 314 memcpy(hash_buff, template[i].plaintext, template[i].psize); 315 sg_init_one(&sg[0], hash_buff, template[i].psize); 316 317 if (template[i].ksize) { 318 crypto_ahash_clear_flags(tfm, ~0); 319 if (template[i].ksize > MAX_KEYLEN) { 320 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 321 j, algo, template[i].ksize, MAX_KEYLEN); 322 ret = -EINVAL; 323 goto out; 324 } 325 memcpy(key, template[i].key, template[i].ksize); 326 ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 327 if (ret) { 328 printk(KERN_ERR "alg: hash: setkey failed on " 329 "test %d for %s: ret=%d\n", j, algo, 330 -ret); 331 goto out; 332 } 333 } 334 335 ahash_request_set_crypt(req, sg, result, template[i].psize); 336 if (use_digest) { 337 ret = wait_async_op(&tresult, crypto_ahash_digest(req)); 338 if (ret) { 339 pr_err("alg: hash: digest failed on test %d " 340 "for %s: ret=%d\n", j, algo, -ret); 341 goto out; 342 } 343 } else { 344 ret = wait_async_op(&tresult, crypto_ahash_init(req)); 345 if (ret) { 346 pr_err("alt: hash: init failed on test %d " 347 "for %s: ret=%d\n", j, algo, -ret); 348 goto out; 349 } 350 ret = wait_async_op(&tresult, crypto_ahash_update(req)); 351 if (ret) { 352 pr_err("alt: hash: update failed on test %d " 353 "for %s: ret=%d\n", j, algo, -ret); 354 goto out; 355 } 356 ret = wait_async_op(&tresult, crypto_ahash_final(req)); 357 if (ret) { 358 pr_err("alt: hash: final failed on test %d " 359 "for %s: ret=%d\n", j, algo, -ret); 360 goto out; 361 } 362 } 363 364 if (memcmp(result, template[i].digest, 365 crypto_ahash_digestsize(tfm))) { 366 printk(KERN_ERR "alg: hash: Test %d failed for %s\n", 367 j, algo); 368 hexdump(result, crypto_ahash_digestsize(tfm)); 369 ret = -EINVAL; 370 goto out; 371 } 372 } 373 374 j = 0; 375 for (i = 0; i < tcount; i++) { 376 /* alignment tests are only done with continuous buffers */ 377 if (align_offset != 0) 378 break; 379 380 if (!template[i].np) 381 continue; 382 383 j++; 384 memset(result, 0, digest_size); 385 386 temp = 0; 387 sg_init_table(sg, template[i].np); 388 ret = -EINVAL; 389 for (k = 0; k < template[i].np; k++) { 390 if (WARN_ON(offset_in_page(IDX[k]) + 391 template[i].tap[k] > PAGE_SIZE)) 392 goto out; 393 sg_set_buf(&sg[k], 394 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] + 395 offset_in_page(IDX[k]), 396 template[i].plaintext + temp, 397 template[i].tap[k]), 398 template[i].tap[k]); 399 temp += template[i].tap[k]; 400 } 401 402 if (template[i].ksize) { 403 if (template[i].ksize > MAX_KEYLEN) { 404 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 405 j, algo, template[i].ksize, MAX_KEYLEN); 406 ret = -EINVAL; 407 goto out; 408 } 409 crypto_ahash_clear_flags(tfm, ~0); 410 memcpy(key, template[i].key, template[i].ksize); 411 ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 412 413 if (ret) { 414 printk(KERN_ERR "alg: hash: setkey " 415 "failed on chunking test %d " 416 "for %s: ret=%d\n", j, algo, -ret); 417 goto out; 418 } 419 } 420 421 ahash_request_set_crypt(req, sg, result, template[i].psize); 422 ret = crypto_ahash_digest(req); 423 switch (ret) { 424 case 0: 425 break; 426 case -EINPROGRESS: 427 case -EBUSY: 428 wait_for_completion(&tresult.completion); 429 reinit_completion(&tresult.completion); 430 ret = tresult.err; 431 if (!ret) 432 break; 433 /* fall through */ 434 default: 435 printk(KERN_ERR "alg: hash: digest failed " 436 "on chunking test %d for %s: " 437 "ret=%d\n", j, algo, -ret); 438 goto out; 439 } 440 441 if (memcmp(result, template[i].digest, 442 crypto_ahash_digestsize(tfm))) { 443 printk(KERN_ERR "alg: hash: Chunking test %d " 444 "failed for %s\n", j, algo); 445 hexdump(result, crypto_ahash_digestsize(tfm)); 446 ret = -EINVAL; 447 goto out; 448 } 449 } 450 451 /* partial update exercise */ 452 j = 0; 453 for (i = 0; i < tcount; i++) { 454 /* alignment tests are only done with continuous buffers */ 455 if (align_offset != 0) 456 break; 457 458 if (template[i].np < 2) 459 continue; 460 461 j++; 462 memset(result, 0, digest_size); 463 464 ret = -EINVAL; 465 hash_buff = xbuf[0]; 466 memcpy(hash_buff, template[i].plaintext, 467 template[i].tap[0]); 468 sg_init_one(&sg[0], hash_buff, template[i].tap[0]); 469 470 if (template[i].ksize) { 471 crypto_ahash_clear_flags(tfm, ~0); 472 if (template[i].ksize > MAX_KEYLEN) { 473 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", 474 j, algo, template[i].ksize, MAX_KEYLEN); 475 ret = -EINVAL; 476 goto out; 477 } 478 memcpy(key, template[i].key, template[i].ksize); 479 ret = crypto_ahash_setkey(tfm, key, template[i].ksize); 480 if (ret) { 481 pr_err("alg: hash: setkey failed on test %d for %s: ret=%d\n", 482 j, algo, -ret); 483 goto out; 484 } 485 } 486 487 ahash_request_set_crypt(req, sg, result, template[i].tap[0]); 488 ret = wait_async_op(&tresult, crypto_ahash_init(req)); 489 if (ret) { 490 pr_err("alt: hash: init failed on test %d for %s: ret=%d\n", 491 j, algo, -ret); 492 goto out; 493 } 494 ret = wait_async_op(&tresult, crypto_ahash_update(req)); 495 if (ret) { 496 pr_err("alt: hash: update failed on test %d for %s: ret=%d\n", 497 j, algo, -ret); 498 goto out; 499 } 500 501 temp = template[i].tap[0]; 502 for (k = 1; k < template[i].np; k++) { 503 ret = ahash_partial_update(&req, tfm, &template[i], 504 hash_buff, k, temp, &sg[0], algo, result, 505 &tresult); 506 if (ret) { 507 pr_err("hash: partial update failed on test %d for %s: ret=%d\n", 508 j, algo, -ret); 509 goto out_noreq; 510 } 511 temp += template[i].tap[k]; 512 } 513 ret = wait_async_op(&tresult, crypto_ahash_final(req)); 514 if (ret) { 515 pr_err("alt: hash: final failed on test %d for %s: ret=%d\n", 516 j, algo, -ret); 517 goto out; 518 } 519 if (memcmp(result, template[i].digest, 520 crypto_ahash_digestsize(tfm))) { 521 pr_err("alg: hash: Partial Test %d failed for %s\n", 522 j, algo); 523 hexdump(result, crypto_ahash_digestsize(tfm)); 524 ret = -EINVAL; 525 goto out; 526 } 527 } 528 529 ret = 0; 530 531 out: 532 ahash_request_free(req); 533 out_noreq: 534 testmgr_free_buf(xbuf); 535 out_nobuf: 536 kfree(key); 537 kfree(result); 538 return ret; 539 } 540 541 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template, 542 unsigned int tcount, bool use_digest) 543 { 544 unsigned int alignmask; 545 int ret; 546 547 ret = __test_hash(tfm, template, tcount, use_digest, 0); 548 if (ret) 549 return ret; 550 551 /* test unaligned buffers, check with one byte offset */ 552 ret = __test_hash(tfm, template, tcount, use_digest, 1); 553 if (ret) 554 return ret; 555 556 alignmask = crypto_tfm_alg_alignmask(&tfm->base); 557 if (alignmask) { 558 /* Check if alignment mask for tfm is correctly set. */ 559 ret = __test_hash(tfm, template, tcount, use_digest, 560 alignmask + 1); 561 if (ret) 562 return ret; 563 } 564 565 return 0; 566 } 567 568 static int __test_aead(struct crypto_aead *tfm, int enc, 569 struct aead_testvec *template, unsigned int tcount, 570 const bool diff_dst, const int align_offset) 571 { 572 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); 573 unsigned int i, j, k, n, temp; 574 int ret = -ENOMEM; 575 char *q; 576 char *key; 577 struct aead_request *req; 578 struct scatterlist *sg; 579 struct scatterlist *sgout; 580 const char *e, *d; 581 struct tcrypt_result result; 582 unsigned int authsize, iv_len; 583 void *input; 584 void *output; 585 void *assoc; 586 char *iv; 587 char *xbuf[XBUFSIZE]; 588 char *xoutbuf[XBUFSIZE]; 589 char *axbuf[XBUFSIZE]; 590 591 iv = kzalloc(MAX_IVLEN, GFP_KERNEL); 592 if (!iv) 593 return ret; 594 key = kmalloc(MAX_KEYLEN, GFP_KERNEL); 595 if (!key) 596 goto out_noxbuf; 597 if (testmgr_alloc_buf(xbuf)) 598 goto out_noxbuf; 599 if (testmgr_alloc_buf(axbuf)) 600 goto out_noaxbuf; 601 if (diff_dst && testmgr_alloc_buf(xoutbuf)) 602 goto out_nooutbuf; 603 604 /* avoid "the frame size is larger than 1024 bytes" compiler warning */ 605 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL); 606 if (!sg) 607 goto out_nosg; 608 sgout = &sg[16]; 609 610 if (diff_dst) 611 d = "-ddst"; 612 else 613 d = ""; 614 615 if (enc == ENCRYPT) 616 e = "encryption"; 617 else 618 e = "decryption"; 619 620 init_completion(&result.completion); 621 622 req = aead_request_alloc(tfm, GFP_KERNEL); 623 if (!req) { 624 pr_err("alg: aead%s: Failed to allocate request for %s\n", 625 d, algo); 626 goto out; 627 } 628 629 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 630 tcrypt_complete, &result); 631 632 iv_len = crypto_aead_ivsize(tfm); 633 634 for (i = 0, j = 0; i < tcount; i++) { 635 if (template[i].np) 636 continue; 637 638 j++; 639 640 /* some templates have no input data but they will 641 * touch input 642 */ 643 input = xbuf[0]; 644 input += align_offset; 645 assoc = axbuf[0]; 646 647 ret = -EINVAL; 648 if (WARN_ON(align_offset + template[i].ilen > 649 PAGE_SIZE || template[i].alen > PAGE_SIZE)) 650 goto out; 651 652 memcpy(input, template[i].input, template[i].ilen); 653 memcpy(assoc, template[i].assoc, template[i].alen); 654 if (template[i].iv) 655 memcpy(iv, template[i].iv, iv_len); 656 else 657 memset(iv, 0, iv_len); 658 659 crypto_aead_clear_flags(tfm, ~0); 660 if (template[i].wk) 661 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 662 663 if (template[i].klen > MAX_KEYLEN) { 664 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", 665 d, j, algo, template[i].klen, 666 MAX_KEYLEN); 667 ret = -EINVAL; 668 goto out; 669 } 670 memcpy(key, template[i].key, template[i].klen); 671 672 ret = crypto_aead_setkey(tfm, key, template[i].klen); 673 if (template[i].fail == !ret) { 674 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n", 675 d, j, algo, crypto_aead_get_flags(tfm)); 676 goto out; 677 } else if (ret) 678 continue; 679 680 authsize = abs(template[i].rlen - template[i].ilen); 681 ret = crypto_aead_setauthsize(tfm, authsize); 682 if (ret) { 683 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n", 684 d, authsize, j, algo); 685 goto out; 686 } 687 688 k = !!template[i].alen; 689 sg_init_table(sg, k + 1); 690 sg_set_buf(&sg[0], assoc, template[i].alen); 691 sg_set_buf(&sg[k], input, 692 template[i].ilen + (enc ? authsize : 0)); 693 output = input; 694 695 if (diff_dst) { 696 sg_init_table(sgout, k + 1); 697 sg_set_buf(&sgout[0], assoc, template[i].alen); 698 699 output = xoutbuf[0]; 700 output += align_offset; 701 sg_set_buf(&sgout[k], output, 702 template[i].rlen + (enc ? 0 : authsize)); 703 } 704 705 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 706 template[i].ilen, iv); 707 708 aead_request_set_ad(req, template[i].alen); 709 710 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req); 711 712 switch (ret) { 713 case 0: 714 if (template[i].novrfy) { 715 /* verification was supposed to fail */ 716 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n", 717 d, e, j, algo); 718 /* so really, we got a bad message */ 719 ret = -EBADMSG; 720 goto out; 721 } 722 break; 723 case -EINPROGRESS: 724 case -EBUSY: 725 wait_for_completion(&result.completion); 726 reinit_completion(&result.completion); 727 ret = result.err; 728 if (!ret) 729 break; 730 case -EBADMSG: 731 if (template[i].novrfy) 732 /* verification failure was expected */ 733 continue; 734 /* fall through */ 735 default: 736 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n", 737 d, e, j, algo, -ret); 738 goto out; 739 } 740 741 q = output; 742 if (memcmp(q, template[i].result, template[i].rlen)) { 743 pr_err("alg: aead%s: Test %d failed on %s for %s\n", 744 d, j, e, algo); 745 hexdump(q, template[i].rlen); 746 ret = -EINVAL; 747 goto out; 748 } 749 } 750 751 for (i = 0, j = 0; i < tcount; i++) { 752 /* alignment tests are only done with continuous buffers */ 753 if (align_offset != 0) 754 break; 755 756 if (!template[i].np) 757 continue; 758 759 j++; 760 761 if (template[i].iv) 762 memcpy(iv, template[i].iv, iv_len); 763 else 764 memset(iv, 0, MAX_IVLEN); 765 766 crypto_aead_clear_flags(tfm, ~0); 767 if (template[i].wk) 768 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 769 if (template[i].klen > MAX_KEYLEN) { 770 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", 771 d, j, algo, template[i].klen, MAX_KEYLEN); 772 ret = -EINVAL; 773 goto out; 774 } 775 memcpy(key, template[i].key, template[i].klen); 776 777 ret = crypto_aead_setkey(tfm, key, template[i].klen); 778 if (template[i].fail == !ret) { 779 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n", 780 d, j, algo, crypto_aead_get_flags(tfm)); 781 goto out; 782 } else if (ret) 783 continue; 784 785 authsize = abs(template[i].rlen - template[i].ilen); 786 787 ret = -EINVAL; 788 sg_init_table(sg, template[i].anp + template[i].np); 789 if (diff_dst) 790 sg_init_table(sgout, template[i].anp + template[i].np); 791 792 ret = -EINVAL; 793 for (k = 0, temp = 0; k < template[i].anp; k++) { 794 if (WARN_ON(offset_in_page(IDX[k]) + 795 template[i].atap[k] > PAGE_SIZE)) 796 goto out; 797 sg_set_buf(&sg[k], 798 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] + 799 offset_in_page(IDX[k]), 800 template[i].assoc + temp, 801 template[i].atap[k]), 802 template[i].atap[k]); 803 if (diff_dst) 804 sg_set_buf(&sgout[k], 805 axbuf[IDX[k] >> PAGE_SHIFT] + 806 offset_in_page(IDX[k]), 807 template[i].atap[k]); 808 temp += template[i].atap[k]; 809 } 810 811 for (k = 0, temp = 0; k < template[i].np; k++) { 812 if (WARN_ON(offset_in_page(IDX[k]) + 813 template[i].tap[k] > PAGE_SIZE)) 814 goto out; 815 816 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); 817 memcpy(q, template[i].input + temp, template[i].tap[k]); 818 sg_set_buf(&sg[template[i].anp + k], 819 q, template[i].tap[k]); 820 821 if (diff_dst) { 822 q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 823 offset_in_page(IDX[k]); 824 825 memset(q, 0, template[i].tap[k]); 826 827 sg_set_buf(&sgout[template[i].anp + k], 828 q, template[i].tap[k]); 829 } 830 831 n = template[i].tap[k]; 832 if (k == template[i].np - 1 && enc) 833 n += authsize; 834 if (offset_in_page(q) + n < PAGE_SIZE) 835 q[n] = 0; 836 837 temp += template[i].tap[k]; 838 } 839 840 ret = crypto_aead_setauthsize(tfm, authsize); 841 if (ret) { 842 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n", 843 d, authsize, j, algo); 844 goto out; 845 } 846 847 if (enc) { 848 if (WARN_ON(sg[template[i].anp + k - 1].offset + 849 sg[template[i].anp + k - 1].length + 850 authsize > PAGE_SIZE)) { 851 ret = -EINVAL; 852 goto out; 853 } 854 855 if (diff_dst) 856 sgout[template[i].anp + k - 1].length += 857 authsize; 858 sg[template[i].anp + k - 1].length += authsize; 859 } 860 861 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 862 template[i].ilen, 863 iv); 864 865 aead_request_set_ad(req, template[i].alen); 866 867 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req); 868 869 switch (ret) { 870 case 0: 871 if (template[i].novrfy) { 872 /* verification was supposed to fail */ 873 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n", 874 d, e, j, algo); 875 /* so really, we got a bad message */ 876 ret = -EBADMSG; 877 goto out; 878 } 879 break; 880 case -EINPROGRESS: 881 case -EBUSY: 882 wait_for_completion(&result.completion); 883 reinit_completion(&result.completion); 884 ret = result.err; 885 if (!ret) 886 break; 887 case -EBADMSG: 888 if (template[i].novrfy) 889 /* verification failure was expected */ 890 continue; 891 /* fall through */ 892 default: 893 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n", 894 d, e, j, algo, -ret); 895 goto out; 896 } 897 898 ret = -EINVAL; 899 for (k = 0, temp = 0; k < template[i].np; k++) { 900 if (diff_dst) 901 q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 902 offset_in_page(IDX[k]); 903 else 904 q = xbuf[IDX[k] >> PAGE_SHIFT] + 905 offset_in_page(IDX[k]); 906 907 n = template[i].tap[k]; 908 if (k == template[i].np - 1) 909 n += enc ? authsize : -authsize; 910 911 if (memcmp(q, template[i].result + temp, n)) { 912 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n", 913 d, j, e, k, algo); 914 hexdump(q, n); 915 goto out; 916 } 917 918 q += n; 919 if (k == template[i].np - 1 && !enc) { 920 if (!diff_dst && 921 memcmp(q, template[i].input + 922 temp + n, authsize)) 923 n = authsize; 924 else 925 n = 0; 926 } else { 927 for (n = 0; offset_in_page(q + n) && q[n]; n++) 928 ; 929 } 930 if (n) { 931 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", 932 d, j, e, k, algo, n); 933 hexdump(q, n); 934 goto out; 935 } 936 937 temp += template[i].tap[k]; 938 } 939 } 940 941 ret = 0; 942 943 out: 944 aead_request_free(req); 945 kfree(sg); 946 out_nosg: 947 if (diff_dst) 948 testmgr_free_buf(xoutbuf); 949 out_nooutbuf: 950 testmgr_free_buf(axbuf); 951 out_noaxbuf: 952 testmgr_free_buf(xbuf); 953 out_noxbuf: 954 kfree(key); 955 kfree(iv); 956 return ret; 957 } 958 959 static int test_aead(struct crypto_aead *tfm, int enc, 960 struct aead_testvec *template, unsigned int tcount) 961 { 962 unsigned int alignmask; 963 int ret; 964 965 /* test 'dst == src' case */ 966 ret = __test_aead(tfm, enc, template, tcount, false, 0); 967 if (ret) 968 return ret; 969 970 /* test 'dst != src' case */ 971 ret = __test_aead(tfm, enc, template, tcount, true, 0); 972 if (ret) 973 return ret; 974 975 /* test unaligned buffers, check with one byte offset */ 976 ret = __test_aead(tfm, enc, template, tcount, true, 1); 977 if (ret) 978 return ret; 979 980 alignmask = crypto_tfm_alg_alignmask(&tfm->base); 981 if (alignmask) { 982 /* Check if alignment mask for tfm is correctly set. */ 983 ret = __test_aead(tfm, enc, template, tcount, true, 984 alignmask + 1); 985 if (ret) 986 return ret; 987 } 988 989 return 0; 990 } 991 992 static int test_cipher(struct crypto_cipher *tfm, int enc, 993 struct cipher_testvec *template, unsigned int tcount) 994 { 995 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm)); 996 unsigned int i, j, k; 997 char *q; 998 const char *e; 999 void *data; 1000 char *xbuf[XBUFSIZE]; 1001 int ret = -ENOMEM; 1002 1003 if (testmgr_alloc_buf(xbuf)) 1004 goto out_nobuf; 1005 1006 if (enc == ENCRYPT) 1007 e = "encryption"; 1008 else 1009 e = "decryption"; 1010 1011 j = 0; 1012 for (i = 0; i < tcount; i++) { 1013 if (template[i].np) 1014 continue; 1015 1016 if (fips_enabled && template[i].fips_skip) 1017 continue; 1018 1019 j++; 1020 1021 ret = -EINVAL; 1022 if (WARN_ON(template[i].ilen > PAGE_SIZE)) 1023 goto out; 1024 1025 data = xbuf[0]; 1026 memcpy(data, template[i].input, template[i].ilen); 1027 1028 crypto_cipher_clear_flags(tfm, ~0); 1029 if (template[i].wk) 1030 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); 1031 1032 ret = crypto_cipher_setkey(tfm, template[i].key, 1033 template[i].klen); 1034 if (template[i].fail == !ret) { 1035 printk(KERN_ERR "alg: cipher: setkey failed " 1036 "on test %d for %s: flags=%x\n", j, 1037 algo, crypto_cipher_get_flags(tfm)); 1038 goto out; 1039 } else if (ret) 1040 continue; 1041 1042 for (k = 0; k < template[i].ilen; 1043 k += crypto_cipher_blocksize(tfm)) { 1044 if (enc) 1045 crypto_cipher_encrypt_one(tfm, data + k, 1046 data + k); 1047 else 1048 crypto_cipher_decrypt_one(tfm, data + k, 1049 data + k); 1050 } 1051 1052 q = data; 1053 if (memcmp(q, template[i].result, template[i].rlen)) { 1054 printk(KERN_ERR "alg: cipher: Test %d failed " 1055 "on %s for %s\n", j, e, algo); 1056 hexdump(q, template[i].rlen); 1057 ret = -EINVAL; 1058 goto out; 1059 } 1060 } 1061 1062 ret = 0; 1063 1064 out: 1065 testmgr_free_buf(xbuf); 1066 out_nobuf: 1067 return ret; 1068 } 1069 1070 static int __test_skcipher(struct crypto_skcipher *tfm, int enc, 1071 struct cipher_testvec *template, unsigned int tcount, 1072 const bool diff_dst, const int align_offset) 1073 { 1074 const char *algo = 1075 crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); 1076 unsigned int i, j, k, n, temp; 1077 char *q; 1078 struct skcipher_request *req; 1079 struct scatterlist sg[8]; 1080 struct scatterlist sgout[8]; 1081 const char *e, *d; 1082 struct tcrypt_result result; 1083 void *data; 1084 char iv[MAX_IVLEN]; 1085 char *xbuf[XBUFSIZE]; 1086 char *xoutbuf[XBUFSIZE]; 1087 int ret = -ENOMEM; 1088 unsigned int ivsize = crypto_skcipher_ivsize(tfm); 1089 1090 if (testmgr_alloc_buf(xbuf)) 1091 goto out_nobuf; 1092 1093 if (diff_dst && testmgr_alloc_buf(xoutbuf)) 1094 goto out_nooutbuf; 1095 1096 if (diff_dst) 1097 d = "-ddst"; 1098 else 1099 d = ""; 1100 1101 if (enc == ENCRYPT) 1102 e = "encryption"; 1103 else 1104 e = "decryption"; 1105 1106 init_completion(&result.completion); 1107 1108 req = skcipher_request_alloc(tfm, GFP_KERNEL); 1109 if (!req) { 1110 pr_err("alg: skcipher%s: Failed to allocate request for %s\n", 1111 d, algo); 1112 goto out; 1113 } 1114 1115 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 1116 tcrypt_complete, &result); 1117 1118 j = 0; 1119 for (i = 0; i < tcount; i++) { 1120 if (template[i].np && !template[i].also_non_np) 1121 continue; 1122 1123 if (fips_enabled && template[i].fips_skip) 1124 continue; 1125 1126 if (template[i].iv) 1127 memcpy(iv, template[i].iv, ivsize); 1128 else 1129 memset(iv, 0, MAX_IVLEN); 1130 1131 j++; 1132 ret = -EINVAL; 1133 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE)) 1134 goto out; 1135 1136 data = xbuf[0]; 1137 data += align_offset; 1138 memcpy(data, template[i].input, template[i].ilen); 1139 1140 crypto_skcipher_clear_flags(tfm, ~0); 1141 if (template[i].wk) 1142 crypto_skcipher_set_flags(tfm, 1143 CRYPTO_TFM_REQ_WEAK_KEY); 1144 1145 ret = crypto_skcipher_setkey(tfm, template[i].key, 1146 template[i].klen); 1147 if (template[i].fail == !ret) { 1148 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n", 1149 d, j, algo, crypto_skcipher_get_flags(tfm)); 1150 goto out; 1151 } else if (ret) 1152 continue; 1153 1154 sg_init_one(&sg[0], data, template[i].ilen); 1155 if (diff_dst) { 1156 data = xoutbuf[0]; 1157 data += align_offset; 1158 sg_init_one(&sgout[0], data, template[i].ilen); 1159 } 1160 1161 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 1162 template[i].ilen, iv); 1163 ret = enc ? crypto_skcipher_encrypt(req) : 1164 crypto_skcipher_decrypt(req); 1165 1166 switch (ret) { 1167 case 0: 1168 break; 1169 case -EINPROGRESS: 1170 case -EBUSY: 1171 wait_for_completion(&result.completion); 1172 reinit_completion(&result.completion); 1173 ret = result.err; 1174 if (!ret) 1175 break; 1176 /* fall through */ 1177 default: 1178 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n", 1179 d, e, j, algo, -ret); 1180 goto out; 1181 } 1182 1183 q = data; 1184 if (memcmp(q, template[i].result, template[i].rlen)) { 1185 pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n", 1186 d, j, e, algo); 1187 hexdump(q, template[i].rlen); 1188 ret = -EINVAL; 1189 goto out; 1190 } 1191 1192 if (template[i].iv_out && 1193 memcmp(iv, template[i].iv_out, 1194 crypto_skcipher_ivsize(tfm))) { 1195 pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n", 1196 d, j, e, algo); 1197 hexdump(iv, crypto_skcipher_ivsize(tfm)); 1198 ret = -EINVAL; 1199 goto out; 1200 } 1201 } 1202 1203 j = 0; 1204 for (i = 0; i < tcount; i++) { 1205 /* alignment tests are only done with continuous buffers */ 1206 if (align_offset != 0) 1207 break; 1208 1209 if (!template[i].np) 1210 continue; 1211 1212 if (fips_enabled && template[i].fips_skip) 1213 continue; 1214 1215 if (template[i].iv) 1216 memcpy(iv, template[i].iv, ivsize); 1217 else 1218 memset(iv, 0, MAX_IVLEN); 1219 1220 j++; 1221 crypto_skcipher_clear_flags(tfm, ~0); 1222 if (template[i].wk) 1223 crypto_skcipher_set_flags(tfm, 1224 CRYPTO_TFM_REQ_WEAK_KEY); 1225 1226 ret = crypto_skcipher_setkey(tfm, template[i].key, 1227 template[i].klen); 1228 if (template[i].fail == !ret) { 1229 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n", 1230 d, j, algo, crypto_skcipher_get_flags(tfm)); 1231 goto out; 1232 } else if (ret) 1233 continue; 1234 1235 temp = 0; 1236 ret = -EINVAL; 1237 sg_init_table(sg, template[i].np); 1238 if (diff_dst) 1239 sg_init_table(sgout, template[i].np); 1240 for (k = 0; k < template[i].np; k++) { 1241 if (WARN_ON(offset_in_page(IDX[k]) + 1242 template[i].tap[k] > PAGE_SIZE)) 1243 goto out; 1244 1245 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); 1246 1247 memcpy(q, template[i].input + temp, template[i].tap[k]); 1248 1249 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE) 1250 q[template[i].tap[k]] = 0; 1251 1252 sg_set_buf(&sg[k], q, template[i].tap[k]); 1253 if (diff_dst) { 1254 q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 1255 offset_in_page(IDX[k]); 1256 1257 sg_set_buf(&sgout[k], q, template[i].tap[k]); 1258 1259 memset(q, 0, template[i].tap[k]); 1260 if (offset_in_page(q) + 1261 template[i].tap[k] < PAGE_SIZE) 1262 q[template[i].tap[k]] = 0; 1263 } 1264 1265 temp += template[i].tap[k]; 1266 } 1267 1268 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, 1269 template[i].ilen, iv); 1270 1271 ret = enc ? crypto_skcipher_encrypt(req) : 1272 crypto_skcipher_decrypt(req); 1273 1274 switch (ret) { 1275 case 0: 1276 break; 1277 case -EINPROGRESS: 1278 case -EBUSY: 1279 wait_for_completion(&result.completion); 1280 reinit_completion(&result.completion); 1281 ret = result.err; 1282 if (!ret) 1283 break; 1284 /* fall through */ 1285 default: 1286 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n", 1287 d, e, j, algo, -ret); 1288 goto out; 1289 } 1290 1291 temp = 0; 1292 ret = -EINVAL; 1293 for (k = 0; k < template[i].np; k++) { 1294 if (diff_dst) 1295 q = xoutbuf[IDX[k] >> PAGE_SHIFT] + 1296 offset_in_page(IDX[k]); 1297 else 1298 q = xbuf[IDX[k] >> PAGE_SHIFT] + 1299 offset_in_page(IDX[k]); 1300 1301 if (memcmp(q, template[i].result + temp, 1302 template[i].tap[k])) { 1303 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n", 1304 d, j, e, k, algo); 1305 hexdump(q, template[i].tap[k]); 1306 goto out; 1307 } 1308 1309 q += template[i].tap[k]; 1310 for (n = 0; offset_in_page(q + n) && q[n]; n++) 1311 ; 1312 if (n) { 1313 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", 1314 d, j, e, k, algo, n); 1315 hexdump(q, n); 1316 goto out; 1317 } 1318 temp += template[i].tap[k]; 1319 } 1320 } 1321 1322 ret = 0; 1323 1324 out: 1325 skcipher_request_free(req); 1326 if (diff_dst) 1327 testmgr_free_buf(xoutbuf); 1328 out_nooutbuf: 1329 testmgr_free_buf(xbuf); 1330 out_nobuf: 1331 return ret; 1332 } 1333 1334 static int test_skcipher(struct crypto_skcipher *tfm, int enc, 1335 struct cipher_testvec *template, unsigned int tcount) 1336 { 1337 unsigned int alignmask; 1338 int ret; 1339 1340 /* test 'dst == src' case */ 1341 ret = __test_skcipher(tfm, enc, template, tcount, false, 0); 1342 if (ret) 1343 return ret; 1344 1345 /* test 'dst != src' case */ 1346 ret = __test_skcipher(tfm, enc, template, tcount, true, 0); 1347 if (ret) 1348 return ret; 1349 1350 /* test unaligned buffers, check with one byte offset */ 1351 ret = __test_skcipher(tfm, enc, template, tcount, true, 1); 1352 if (ret) 1353 return ret; 1354 1355 alignmask = crypto_tfm_alg_alignmask(&tfm->base); 1356 if (alignmask) { 1357 /* Check if alignment mask for tfm is correctly set. */ 1358 ret = __test_skcipher(tfm, enc, template, tcount, true, 1359 alignmask + 1); 1360 if (ret) 1361 return ret; 1362 } 1363 1364 return 0; 1365 } 1366 1367 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate, 1368 struct comp_testvec *dtemplate, int ctcount, int dtcount) 1369 { 1370 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm)); 1371 unsigned int i; 1372 char result[COMP_BUF_SIZE]; 1373 int ret; 1374 1375 for (i = 0; i < ctcount; i++) { 1376 int ilen; 1377 unsigned int dlen = COMP_BUF_SIZE; 1378 1379 memset(result, 0, sizeof (result)); 1380 1381 ilen = ctemplate[i].inlen; 1382 ret = crypto_comp_compress(tfm, ctemplate[i].input, 1383 ilen, result, &dlen); 1384 if (ret) { 1385 printk(KERN_ERR "alg: comp: compression failed " 1386 "on test %d for %s: ret=%d\n", i + 1, algo, 1387 -ret); 1388 goto out; 1389 } 1390 1391 if (dlen != ctemplate[i].outlen) { 1392 printk(KERN_ERR "alg: comp: Compression test %d " 1393 "failed for %s: output len = %d\n", i + 1, algo, 1394 dlen); 1395 ret = -EINVAL; 1396 goto out; 1397 } 1398 1399 if (memcmp(result, ctemplate[i].output, dlen)) { 1400 printk(KERN_ERR "alg: comp: Compression test %d " 1401 "failed for %s\n", i + 1, algo); 1402 hexdump(result, dlen); 1403 ret = -EINVAL; 1404 goto out; 1405 } 1406 } 1407 1408 for (i = 0; i < dtcount; i++) { 1409 int ilen; 1410 unsigned int dlen = COMP_BUF_SIZE; 1411 1412 memset(result, 0, sizeof (result)); 1413 1414 ilen = dtemplate[i].inlen; 1415 ret = crypto_comp_decompress(tfm, dtemplate[i].input, 1416 ilen, result, &dlen); 1417 if (ret) { 1418 printk(KERN_ERR "alg: comp: decompression failed " 1419 "on test %d for %s: ret=%d\n", i + 1, algo, 1420 -ret); 1421 goto out; 1422 } 1423 1424 if (dlen != dtemplate[i].outlen) { 1425 printk(KERN_ERR "alg: comp: Decompression test %d " 1426 "failed for %s: output len = %d\n", i + 1, algo, 1427 dlen); 1428 ret = -EINVAL; 1429 goto out; 1430 } 1431 1432 if (memcmp(result, dtemplate[i].output, dlen)) { 1433 printk(KERN_ERR "alg: comp: Decompression test %d " 1434 "failed for %s\n", i + 1, algo); 1435 hexdump(result, dlen); 1436 ret = -EINVAL; 1437 goto out; 1438 } 1439 } 1440 1441 ret = 0; 1442 1443 out: 1444 return ret; 1445 } 1446 1447 static int test_acomp(struct crypto_acomp *tfm, struct comp_testvec *ctemplate, 1448 struct comp_testvec *dtemplate, int ctcount, int dtcount) 1449 { 1450 const char *algo = crypto_tfm_alg_driver_name(crypto_acomp_tfm(tfm)); 1451 unsigned int i; 1452 char *output; 1453 int ret; 1454 struct scatterlist src, dst; 1455 struct acomp_req *req; 1456 struct tcrypt_result result; 1457 1458 output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL); 1459 if (!output) 1460 return -ENOMEM; 1461 1462 for (i = 0; i < ctcount; i++) { 1463 unsigned int dlen = COMP_BUF_SIZE; 1464 int ilen = ctemplate[i].inlen; 1465 void *input_vec; 1466 1467 input_vec = kmemdup(ctemplate[i].input, ilen, GFP_KERNEL); 1468 if (!input_vec) { 1469 ret = -ENOMEM; 1470 goto out; 1471 } 1472 1473 memset(output, 0, dlen); 1474 init_completion(&result.completion); 1475 sg_init_one(&src, input_vec, ilen); 1476 sg_init_one(&dst, output, dlen); 1477 1478 req = acomp_request_alloc(tfm); 1479 if (!req) { 1480 pr_err("alg: acomp: request alloc failed for %s\n", 1481 algo); 1482 kfree(input_vec); 1483 ret = -ENOMEM; 1484 goto out; 1485 } 1486 1487 acomp_request_set_params(req, &src, &dst, ilen, dlen); 1488 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 1489 tcrypt_complete, &result); 1490 1491 ret = wait_async_op(&result, crypto_acomp_compress(req)); 1492 if (ret) { 1493 pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n", 1494 i + 1, algo, -ret); 1495 kfree(input_vec); 1496 acomp_request_free(req); 1497 goto out; 1498 } 1499 1500 if (req->dlen != ctemplate[i].outlen) { 1501 pr_err("alg: acomp: Compression test %d failed for %s: output len = %d\n", 1502 i + 1, algo, req->dlen); 1503 ret = -EINVAL; 1504 kfree(input_vec); 1505 acomp_request_free(req); 1506 goto out; 1507 } 1508 1509 if (memcmp(output, ctemplate[i].output, req->dlen)) { 1510 pr_err("alg: acomp: Compression test %d failed for %s\n", 1511 i + 1, algo); 1512 hexdump(output, req->dlen); 1513 ret = -EINVAL; 1514 kfree(input_vec); 1515 acomp_request_free(req); 1516 goto out; 1517 } 1518 1519 kfree(input_vec); 1520 acomp_request_free(req); 1521 } 1522 1523 for (i = 0; i < dtcount; i++) { 1524 unsigned int dlen = COMP_BUF_SIZE; 1525 int ilen = dtemplate[i].inlen; 1526 void *input_vec; 1527 1528 input_vec = kmemdup(dtemplate[i].input, ilen, GFP_KERNEL); 1529 if (!input_vec) { 1530 ret = -ENOMEM; 1531 goto out; 1532 } 1533 1534 memset(output, 0, dlen); 1535 init_completion(&result.completion); 1536 sg_init_one(&src, input_vec, ilen); 1537 sg_init_one(&dst, output, dlen); 1538 1539 req = acomp_request_alloc(tfm); 1540 if (!req) { 1541 pr_err("alg: acomp: request alloc failed for %s\n", 1542 algo); 1543 kfree(input_vec); 1544 ret = -ENOMEM; 1545 goto out; 1546 } 1547 1548 acomp_request_set_params(req, &src, &dst, ilen, dlen); 1549 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 1550 tcrypt_complete, &result); 1551 1552 ret = wait_async_op(&result, crypto_acomp_decompress(req)); 1553 if (ret) { 1554 pr_err("alg: acomp: decompression failed on test %d for %s: ret=%d\n", 1555 i + 1, algo, -ret); 1556 kfree(input_vec); 1557 acomp_request_free(req); 1558 goto out; 1559 } 1560 1561 if (req->dlen != dtemplate[i].outlen) { 1562 pr_err("alg: acomp: Decompression test %d failed for %s: output len = %d\n", 1563 i + 1, algo, req->dlen); 1564 ret = -EINVAL; 1565 kfree(input_vec); 1566 acomp_request_free(req); 1567 goto out; 1568 } 1569 1570 if (memcmp(output, dtemplate[i].output, req->dlen)) { 1571 pr_err("alg: acomp: Decompression test %d failed for %s\n", 1572 i + 1, algo); 1573 hexdump(output, req->dlen); 1574 ret = -EINVAL; 1575 kfree(input_vec); 1576 acomp_request_free(req); 1577 goto out; 1578 } 1579 1580 kfree(input_vec); 1581 acomp_request_free(req); 1582 } 1583 1584 ret = 0; 1585 1586 out: 1587 kfree(output); 1588 return ret; 1589 } 1590 1591 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template, 1592 unsigned int tcount) 1593 { 1594 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm)); 1595 int err = 0, i, j, seedsize; 1596 u8 *seed; 1597 char result[32]; 1598 1599 seedsize = crypto_rng_seedsize(tfm); 1600 1601 seed = kmalloc(seedsize, GFP_KERNEL); 1602 if (!seed) { 1603 printk(KERN_ERR "alg: cprng: Failed to allocate seed space " 1604 "for %s\n", algo); 1605 return -ENOMEM; 1606 } 1607 1608 for (i = 0; i < tcount; i++) { 1609 memset(result, 0, 32); 1610 1611 memcpy(seed, template[i].v, template[i].vlen); 1612 memcpy(seed + template[i].vlen, template[i].key, 1613 template[i].klen); 1614 memcpy(seed + template[i].vlen + template[i].klen, 1615 template[i].dt, template[i].dtlen); 1616 1617 err = crypto_rng_reset(tfm, seed, seedsize); 1618 if (err) { 1619 printk(KERN_ERR "alg: cprng: Failed to reset rng " 1620 "for %s\n", algo); 1621 goto out; 1622 } 1623 1624 for (j = 0; j < template[i].loops; j++) { 1625 err = crypto_rng_get_bytes(tfm, result, 1626 template[i].rlen); 1627 if (err < 0) { 1628 printk(KERN_ERR "alg: cprng: Failed to obtain " 1629 "the correct amount of random data for " 1630 "%s (requested %d)\n", algo, 1631 template[i].rlen); 1632 goto out; 1633 } 1634 } 1635 1636 err = memcmp(result, template[i].result, 1637 template[i].rlen); 1638 if (err) { 1639 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n", 1640 i, algo); 1641 hexdump(result, template[i].rlen); 1642 err = -EINVAL; 1643 goto out; 1644 } 1645 } 1646 1647 out: 1648 kfree(seed); 1649 return err; 1650 } 1651 1652 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver, 1653 u32 type, u32 mask) 1654 { 1655 struct crypto_aead *tfm; 1656 int err = 0; 1657 1658 tfm = crypto_alloc_aead(driver, type, mask); 1659 if (IS_ERR(tfm)) { 1660 printk(KERN_ERR "alg: aead: Failed to load transform for %s: " 1661 "%ld\n", driver, PTR_ERR(tfm)); 1662 return PTR_ERR(tfm); 1663 } 1664 1665 if (desc->suite.aead.enc.vecs) { 1666 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs, 1667 desc->suite.aead.enc.count); 1668 if (err) 1669 goto out; 1670 } 1671 1672 if (!err && desc->suite.aead.dec.vecs) 1673 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs, 1674 desc->suite.aead.dec.count); 1675 1676 out: 1677 crypto_free_aead(tfm); 1678 return err; 1679 } 1680 1681 static int alg_test_cipher(const struct alg_test_desc *desc, 1682 const char *driver, u32 type, u32 mask) 1683 { 1684 struct crypto_cipher *tfm; 1685 int err = 0; 1686 1687 tfm = crypto_alloc_cipher(driver, type, mask); 1688 if (IS_ERR(tfm)) { 1689 printk(KERN_ERR "alg: cipher: Failed to load transform for " 1690 "%s: %ld\n", driver, PTR_ERR(tfm)); 1691 return PTR_ERR(tfm); 1692 } 1693 1694 if (desc->suite.cipher.enc.vecs) { 1695 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs, 1696 desc->suite.cipher.enc.count); 1697 if (err) 1698 goto out; 1699 } 1700 1701 if (desc->suite.cipher.dec.vecs) 1702 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs, 1703 desc->suite.cipher.dec.count); 1704 1705 out: 1706 crypto_free_cipher(tfm); 1707 return err; 1708 } 1709 1710 static int alg_test_skcipher(const struct alg_test_desc *desc, 1711 const char *driver, u32 type, u32 mask) 1712 { 1713 struct crypto_skcipher *tfm; 1714 int err = 0; 1715 1716 tfm = crypto_alloc_skcipher(driver, type, mask); 1717 if (IS_ERR(tfm)) { 1718 printk(KERN_ERR "alg: skcipher: Failed to load transform for " 1719 "%s: %ld\n", driver, PTR_ERR(tfm)); 1720 return PTR_ERR(tfm); 1721 } 1722 1723 if (desc->suite.cipher.enc.vecs) { 1724 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs, 1725 desc->suite.cipher.enc.count); 1726 if (err) 1727 goto out; 1728 } 1729 1730 if (desc->suite.cipher.dec.vecs) 1731 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs, 1732 desc->suite.cipher.dec.count); 1733 1734 out: 1735 crypto_free_skcipher(tfm); 1736 return err; 1737 } 1738 1739 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver, 1740 u32 type, u32 mask) 1741 { 1742 struct crypto_comp *comp; 1743 struct crypto_acomp *acomp; 1744 int err; 1745 u32 algo_type = type & CRYPTO_ALG_TYPE_ACOMPRESS_MASK; 1746 1747 if (algo_type == CRYPTO_ALG_TYPE_ACOMPRESS) { 1748 acomp = crypto_alloc_acomp(driver, type, mask); 1749 if (IS_ERR(acomp)) { 1750 pr_err("alg: acomp: Failed to load transform for %s: %ld\n", 1751 driver, PTR_ERR(acomp)); 1752 return PTR_ERR(acomp); 1753 } 1754 err = test_acomp(acomp, desc->suite.comp.comp.vecs, 1755 desc->suite.comp.decomp.vecs, 1756 desc->suite.comp.comp.count, 1757 desc->suite.comp.decomp.count); 1758 crypto_free_acomp(acomp); 1759 } else { 1760 comp = crypto_alloc_comp(driver, type, mask); 1761 if (IS_ERR(comp)) { 1762 pr_err("alg: comp: Failed to load transform for %s: %ld\n", 1763 driver, PTR_ERR(comp)); 1764 return PTR_ERR(comp); 1765 } 1766 1767 err = test_comp(comp, desc->suite.comp.comp.vecs, 1768 desc->suite.comp.decomp.vecs, 1769 desc->suite.comp.comp.count, 1770 desc->suite.comp.decomp.count); 1771 1772 crypto_free_comp(comp); 1773 } 1774 return err; 1775 } 1776 1777 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver, 1778 u32 type, u32 mask) 1779 { 1780 struct crypto_ahash *tfm; 1781 int err; 1782 1783 tfm = crypto_alloc_ahash(driver, type, mask); 1784 if (IS_ERR(tfm)) { 1785 printk(KERN_ERR "alg: hash: Failed to load transform for %s: " 1786 "%ld\n", driver, PTR_ERR(tfm)); 1787 return PTR_ERR(tfm); 1788 } 1789 1790 err = test_hash(tfm, desc->suite.hash.vecs, 1791 desc->suite.hash.count, true); 1792 if (!err) 1793 err = test_hash(tfm, desc->suite.hash.vecs, 1794 desc->suite.hash.count, false); 1795 1796 crypto_free_ahash(tfm); 1797 return err; 1798 } 1799 1800 static int alg_test_crc32c(const struct alg_test_desc *desc, 1801 const char *driver, u32 type, u32 mask) 1802 { 1803 struct crypto_shash *tfm; 1804 u32 val; 1805 int err; 1806 1807 err = alg_test_hash(desc, driver, type, mask); 1808 if (err) 1809 goto out; 1810 1811 tfm = crypto_alloc_shash(driver, type, mask); 1812 if (IS_ERR(tfm)) { 1813 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: " 1814 "%ld\n", driver, PTR_ERR(tfm)); 1815 err = PTR_ERR(tfm); 1816 goto out; 1817 } 1818 1819 do { 1820 SHASH_DESC_ON_STACK(shash, tfm); 1821 u32 *ctx = (u32 *)shash_desc_ctx(shash); 1822 1823 shash->tfm = tfm; 1824 shash->flags = 0; 1825 1826 *ctx = le32_to_cpu(420553207); 1827 err = crypto_shash_final(shash, (u8 *)&val); 1828 if (err) { 1829 printk(KERN_ERR "alg: crc32c: Operation failed for " 1830 "%s: %d\n", driver, err); 1831 break; 1832 } 1833 1834 if (val != ~420553207) { 1835 printk(KERN_ERR "alg: crc32c: Test failed for %s: " 1836 "%d\n", driver, val); 1837 err = -EINVAL; 1838 } 1839 } while (0); 1840 1841 crypto_free_shash(tfm); 1842 1843 out: 1844 return err; 1845 } 1846 1847 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver, 1848 u32 type, u32 mask) 1849 { 1850 struct crypto_rng *rng; 1851 int err; 1852 1853 rng = crypto_alloc_rng(driver, type, mask); 1854 if (IS_ERR(rng)) { 1855 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: " 1856 "%ld\n", driver, PTR_ERR(rng)); 1857 return PTR_ERR(rng); 1858 } 1859 1860 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count); 1861 1862 crypto_free_rng(rng); 1863 1864 return err; 1865 } 1866 1867 1868 static int drbg_cavs_test(struct drbg_testvec *test, int pr, 1869 const char *driver, u32 type, u32 mask) 1870 { 1871 int ret = -EAGAIN; 1872 struct crypto_rng *drng; 1873 struct drbg_test_data test_data; 1874 struct drbg_string addtl, pers, testentropy; 1875 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL); 1876 1877 if (!buf) 1878 return -ENOMEM; 1879 1880 drng = crypto_alloc_rng(driver, type, mask); 1881 if (IS_ERR(drng)) { 1882 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for " 1883 "%s\n", driver); 1884 kzfree(buf); 1885 return -ENOMEM; 1886 } 1887 1888 test_data.testentropy = &testentropy; 1889 drbg_string_fill(&testentropy, test->entropy, test->entropylen); 1890 drbg_string_fill(&pers, test->pers, test->perslen); 1891 ret = crypto_drbg_reset_test(drng, &pers, &test_data); 1892 if (ret) { 1893 printk(KERN_ERR "alg: drbg: Failed to reset rng\n"); 1894 goto outbuf; 1895 } 1896 1897 drbg_string_fill(&addtl, test->addtla, test->addtllen); 1898 if (pr) { 1899 drbg_string_fill(&testentropy, test->entpra, test->entprlen); 1900 ret = crypto_drbg_get_bytes_addtl_test(drng, 1901 buf, test->expectedlen, &addtl, &test_data); 1902 } else { 1903 ret = crypto_drbg_get_bytes_addtl(drng, 1904 buf, test->expectedlen, &addtl); 1905 } 1906 if (ret < 0) { 1907 printk(KERN_ERR "alg: drbg: could not obtain random data for " 1908 "driver %s\n", driver); 1909 goto outbuf; 1910 } 1911 1912 drbg_string_fill(&addtl, test->addtlb, test->addtllen); 1913 if (pr) { 1914 drbg_string_fill(&testentropy, test->entprb, test->entprlen); 1915 ret = crypto_drbg_get_bytes_addtl_test(drng, 1916 buf, test->expectedlen, &addtl, &test_data); 1917 } else { 1918 ret = crypto_drbg_get_bytes_addtl(drng, 1919 buf, test->expectedlen, &addtl); 1920 } 1921 if (ret < 0) { 1922 printk(KERN_ERR "alg: drbg: could not obtain random data for " 1923 "driver %s\n", driver); 1924 goto outbuf; 1925 } 1926 1927 ret = memcmp(test->expected, buf, test->expectedlen); 1928 1929 outbuf: 1930 crypto_free_rng(drng); 1931 kzfree(buf); 1932 return ret; 1933 } 1934 1935 1936 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, 1937 u32 type, u32 mask) 1938 { 1939 int err = 0; 1940 int pr = 0; 1941 int i = 0; 1942 struct drbg_testvec *template = desc->suite.drbg.vecs; 1943 unsigned int tcount = desc->suite.drbg.count; 1944 1945 if (0 == memcmp(driver, "drbg_pr_", 8)) 1946 pr = 1; 1947 1948 for (i = 0; i < tcount; i++) { 1949 err = drbg_cavs_test(&template[i], pr, driver, type, mask); 1950 if (err) { 1951 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n", 1952 i, driver); 1953 err = -EINVAL; 1954 break; 1955 } 1956 } 1957 return err; 1958 1959 } 1960 1961 static int do_test_kpp(struct crypto_kpp *tfm, struct kpp_testvec *vec, 1962 const char *alg) 1963 { 1964 struct kpp_request *req; 1965 void *input_buf = NULL; 1966 void *output_buf = NULL; 1967 struct tcrypt_result result; 1968 unsigned int out_len_max; 1969 int err = -ENOMEM; 1970 struct scatterlist src, dst; 1971 1972 req = kpp_request_alloc(tfm, GFP_KERNEL); 1973 if (!req) 1974 return err; 1975 1976 init_completion(&result.completion); 1977 1978 err = crypto_kpp_set_secret(tfm, vec->secret, vec->secret_size); 1979 if (err < 0) 1980 goto free_req; 1981 1982 out_len_max = crypto_kpp_maxsize(tfm); 1983 output_buf = kzalloc(out_len_max, GFP_KERNEL); 1984 if (!output_buf) { 1985 err = -ENOMEM; 1986 goto free_req; 1987 } 1988 1989 /* Use appropriate parameter as base */ 1990 kpp_request_set_input(req, NULL, 0); 1991 sg_init_one(&dst, output_buf, out_len_max); 1992 kpp_request_set_output(req, &dst, out_len_max); 1993 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 1994 tcrypt_complete, &result); 1995 1996 /* Compute public key */ 1997 err = wait_async_op(&result, crypto_kpp_generate_public_key(req)); 1998 if (err) { 1999 pr_err("alg: %s: generate public key test failed. err %d\n", 2000 alg, err); 2001 goto free_output; 2002 } 2003 /* Verify calculated public key */ 2004 if (memcmp(vec->expected_a_public, sg_virt(req->dst), 2005 vec->expected_a_public_size)) { 2006 pr_err("alg: %s: generate public key test failed. Invalid output\n", 2007 alg); 2008 err = -EINVAL; 2009 goto free_output; 2010 } 2011 2012 /* Calculate shared secret key by using counter part (b) public key. */ 2013 input_buf = kzalloc(vec->b_public_size, GFP_KERNEL); 2014 if (!input_buf) { 2015 err = -ENOMEM; 2016 goto free_output; 2017 } 2018 2019 memcpy(input_buf, vec->b_public, vec->b_public_size); 2020 sg_init_one(&src, input_buf, vec->b_public_size); 2021 sg_init_one(&dst, output_buf, out_len_max); 2022 kpp_request_set_input(req, &src, vec->b_public_size); 2023 kpp_request_set_output(req, &dst, out_len_max); 2024 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 2025 tcrypt_complete, &result); 2026 err = wait_async_op(&result, crypto_kpp_compute_shared_secret(req)); 2027 if (err) { 2028 pr_err("alg: %s: compute shard secret test failed. err %d\n", 2029 alg, err); 2030 goto free_all; 2031 } 2032 /* 2033 * verify shared secret from which the user will derive 2034 * secret key by executing whatever hash it has chosen 2035 */ 2036 if (memcmp(vec->expected_ss, sg_virt(req->dst), 2037 vec->expected_ss_size)) { 2038 pr_err("alg: %s: compute shared secret test failed. Invalid output\n", 2039 alg); 2040 err = -EINVAL; 2041 } 2042 2043 free_all: 2044 kfree(input_buf); 2045 free_output: 2046 kfree(output_buf); 2047 free_req: 2048 kpp_request_free(req); 2049 return err; 2050 } 2051 2052 static int test_kpp(struct crypto_kpp *tfm, const char *alg, 2053 struct kpp_testvec *vecs, unsigned int tcount) 2054 { 2055 int ret, i; 2056 2057 for (i = 0; i < tcount; i++) { 2058 ret = do_test_kpp(tfm, vecs++, alg); 2059 if (ret) { 2060 pr_err("alg: %s: test failed on vector %d, err=%d\n", 2061 alg, i + 1, ret); 2062 return ret; 2063 } 2064 } 2065 return 0; 2066 } 2067 2068 static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver, 2069 u32 type, u32 mask) 2070 { 2071 struct crypto_kpp *tfm; 2072 int err = 0; 2073 2074 tfm = crypto_alloc_kpp(driver, type, mask); 2075 if (IS_ERR(tfm)) { 2076 pr_err("alg: kpp: Failed to load tfm for %s: %ld\n", 2077 driver, PTR_ERR(tfm)); 2078 return PTR_ERR(tfm); 2079 } 2080 if (desc->suite.kpp.vecs) 2081 err = test_kpp(tfm, desc->alg, desc->suite.kpp.vecs, 2082 desc->suite.kpp.count); 2083 2084 crypto_free_kpp(tfm); 2085 return err; 2086 } 2087 2088 static int test_akcipher_one(struct crypto_akcipher *tfm, 2089 struct akcipher_testvec *vecs) 2090 { 2091 char *xbuf[XBUFSIZE]; 2092 struct akcipher_request *req; 2093 void *outbuf_enc = NULL; 2094 void *outbuf_dec = NULL; 2095 struct tcrypt_result result; 2096 unsigned int out_len_max, out_len = 0; 2097 int err = -ENOMEM; 2098 struct scatterlist src, dst, src_tab[2]; 2099 2100 if (testmgr_alloc_buf(xbuf)) 2101 return err; 2102 2103 req = akcipher_request_alloc(tfm, GFP_KERNEL); 2104 if (!req) 2105 goto free_xbuf; 2106 2107 init_completion(&result.completion); 2108 2109 if (vecs->public_key_vec) 2110 err = crypto_akcipher_set_pub_key(tfm, vecs->key, 2111 vecs->key_len); 2112 else 2113 err = crypto_akcipher_set_priv_key(tfm, vecs->key, 2114 vecs->key_len); 2115 if (err) 2116 goto free_req; 2117 2118 err = -ENOMEM; 2119 out_len_max = crypto_akcipher_maxsize(tfm); 2120 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL); 2121 if (!outbuf_enc) 2122 goto free_req; 2123 2124 if (WARN_ON(vecs->m_size > PAGE_SIZE)) 2125 goto free_all; 2126 2127 memcpy(xbuf[0], vecs->m, vecs->m_size); 2128 2129 sg_init_table(src_tab, 2); 2130 sg_set_buf(&src_tab[0], xbuf[0], 8); 2131 sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8); 2132 sg_init_one(&dst, outbuf_enc, out_len_max); 2133 akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size, 2134 out_len_max); 2135 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, 2136 tcrypt_complete, &result); 2137 2138 /* Run RSA encrypt - c = m^e mod n;*/ 2139 err = wait_async_op(&result, crypto_akcipher_encrypt(req)); 2140 if (err) { 2141 pr_err("alg: akcipher: encrypt test failed. err %d\n", err); 2142 goto free_all; 2143 } 2144 if (req->dst_len != vecs->c_size) { 2145 pr_err("alg: akcipher: encrypt test failed. Invalid output len\n"); 2146 err = -EINVAL; 2147 goto free_all; 2148 } 2149 /* verify that encrypted message is equal to expected */ 2150 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) { 2151 pr_err("alg: akcipher: encrypt test failed. Invalid output\n"); 2152 hexdump(outbuf_enc, vecs->c_size); 2153 err = -EINVAL; 2154 goto free_all; 2155 } 2156 /* Don't invoke decrypt for vectors with public key */ 2157 if (vecs->public_key_vec) { 2158 err = 0; 2159 goto free_all; 2160 } 2161 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL); 2162 if (!outbuf_dec) { 2163 err = -ENOMEM; 2164 goto free_all; 2165 } 2166 2167 if (WARN_ON(vecs->c_size > PAGE_SIZE)) 2168 goto free_all; 2169 2170 memcpy(xbuf[0], vecs->c, vecs->c_size); 2171 2172 sg_init_one(&src, xbuf[0], vecs->c_size); 2173 sg_init_one(&dst, outbuf_dec, out_len_max); 2174 init_completion(&result.completion); 2175 akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max); 2176 2177 /* Run RSA decrypt - m = c^d mod n;*/ 2178 err = wait_async_op(&result, crypto_akcipher_decrypt(req)); 2179 if (err) { 2180 pr_err("alg: akcipher: decrypt test failed. err %d\n", err); 2181 goto free_all; 2182 } 2183 out_len = req->dst_len; 2184 if (out_len < vecs->m_size) { 2185 pr_err("alg: akcipher: decrypt test failed. " 2186 "Invalid output len %u\n", out_len); 2187 err = -EINVAL; 2188 goto free_all; 2189 } 2190 /* verify that decrypted message is equal to the original msg */ 2191 if (memchr_inv(outbuf_dec, 0, out_len - vecs->m_size) || 2192 memcmp(vecs->m, outbuf_dec + out_len - vecs->m_size, 2193 vecs->m_size)) { 2194 pr_err("alg: akcipher: decrypt test failed. Invalid output\n"); 2195 hexdump(outbuf_dec, out_len); 2196 err = -EINVAL; 2197 } 2198 free_all: 2199 kfree(outbuf_dec); 2200 kfree(outbuf_enc); 2201 free_req: 2202 akcipher_request_free(req); 2203 free_xbuf: 2204 testmgr_free_buf(xbuf); 2205 return err; 2206 } 2207 2208 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg, 2209 struct akcipher_testvec *vecs, unsigned int tcount) 2210 { 2211 const char *algo = 2212 crypto_tfm_alg_driver_name(crypto_akcipher_tfm(tfm)); 2213 int ret, i; 2214 2215 for (i = 0; i < tcount; i++) { 2216 ret = test_akcipher_one(tfm, vecs++); 2217 if (!ret) 2218 continue; 2219 2220 pr_err("alg: akcipher: test %d failed for %s, err=%d\n", 2221 i + 1, algo, ret); 2222 return ret; 2223 } 2224 return 0; 2225 } 2226 2227 static int alg_test_akcipher(const struct alg_test_desc *desc, 2228 const char *driver, u32 type, u32 mask) 2229 { 2230 struct crypto_akcipher *tfm; 2231 int err = 0; 2232 2233 tfm = crypto_alloc_akcipher(driver, type, mask); 2234 if (IS_ERR(tfm)) { 2235 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n", 2236 driver, PTR_ERR(tfm)); 2237 return PTR_ERR(tfm); 2238 } 2239 if (desc->suite.akcipher.vecs) 2240 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs, 2241 desc->suite.akcipher.count); 2242 2243 crypto_free_akcipher(tfm); 2244 return err; 2245 } 2246 2247 static int alg_test_null(const struct alg_test_desc *desc, 2248 const char *driver, u32 type, u32 mask) 2249 { 2250 return 0; 2251 } 2252 2253 #define __VECS(tv) { .vecs = tv, .count = ARRAY_SIZE(tv) } 2254 2255 /* Please keep this list sorted by algorithm name. */ 2256 static const struct alg_test_desc alg_test_descs[] = { 2257 { 2258 .alg = "ansi_cprng", 2259 .test = alg_test_cprng, 2260 .suite = { 2261 .cprng = __VECS(ansi_cprng_aes_tv_template) 2262 } 2263 }, { 2264 .alg = "authenc(hmac(md5),ecb(cipher_null))", 2265 .test = alg_test_aead, 2266 .suite = { 2267 .aead = { 2268 .enc = __VECS(hmac_md5_ecb_cipher_null_enc_tv_template), 2269 .dec = __VECS(hmac_md5_ecb_cipher_null_dec_tv_template) 2270 } 2271 } 2272 }, { 2273 .alg = "authenc(hmac(sha1),cbc(aes))", 2274 .test = alg_test_aead, 2275 .suite = { 2276 .aead = { 2277 .enc = __VECS(hmac_sha1_aes_cbc_enc_tv_temp) 2278 } 2279 } 2280 }, { 2281 .alg = "authenc(hmac(sha1),cbc(des))", 2282 .test = alg_test_aead, 2283 .suite = { 2284 .aead = { 2285 .enc = __VECS(hmac_sha1_des_cbc_enc_tv_temp) 2286 } 2287 } 2288 }, { 2289 .alg = "authenc(hmac(sha1),cbc(des3_ede))", 2290 .test = alg_test_aead, 2291 .fips_allowed = 1, 2292 .suite = { 2293 .aead = { 2294 .enc = __VECS(hmac_sha1_des3_ede_cbc_enc_tv_temp) 2295 } 2296 } 2297 }, { 2298 .alg = "authenc(hmac(sha1),ctr(aes))", 2299 .test = alg_test_null, 2300 .fips_allowed = 1, 2301 }, { 2302 .alg = "authenc(hmac(sha1),ecb(cipher_null))", 2303 .test = alg_test_aead, 2304 .suite = { 2305 .aead = { 2306 .enc = __VECS(hmac_sha1_ecb_cipher_null_enc_tv_temp), 2307 .dec = __VECS(hmac_sha1_ecb_cipher_null_dec_tv_temp) 2308 } 2309 } 2310 }, { 2311 .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))", 2312 .test = alg_test_null, 2313 .fips_allowed = 1, 2314 }, { 2315 .alg = "authenc(hmac(sha224),cbc(des))", 2316 .test = alg_test_aead, 2317 .suite = { 2318 .aead = { 2319 .enc = __VECS(hmac_sha224_des_cbc_enc_tv_temp) 2320 } 2321 } 2322 }, { 2323 .alg = "authenc(hmac(sha224),cbc(des3_ede))", 2324 .test = alg_test_aead, 2325 .fips_allowed = 1, 2326 .suite = { 2327 .aead = { 2328 .enc = __VECS(hmac_sha224_des3_ede_cbc_enc_tv_temp) 2329 } 2330 } 2331 }, { 2332 .alg = "authenc(hmac(sha256),cbc(aes))", 2333 .test = alg_test_aead, 2334 .fips_allowed = 1, 2335 .suite = { 2336 .aead = { 2337 .enc = __VECS(hmac_sha256_aes_cbc_enc_tv_temp) 2338 } 2339 } 2340 }, { 2341 .alg = "authenc(hmac(sha256),cbc(des))", 2342 .test = alg_test_aead, 2343 .suite = { 2344 .aead = { 2345 .enc = __VECS(hmac_sha256_des_cbc_enc_tv_temp) 2346 } 2347 } 2348 }, { 2349 .alg = "authenc(hmac(sha256),cbc(des3_ede))", 2350 .test = alg_test_aead, 2351 .fips_allowed = 1, 2352 .suite = { 2353 .aead = { 2354 .enc = __VECS(hmac_sha256_des3_ede_cbc_enc_tv_temp) 2355 } 2356 } 2357 }, { 2358 .alg = "authenc(hmac(sha256),ctr(aes))", 2359 .test = alg_test_null, 2360 .fips_allowed = 1, 2361 }, { 2362 .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))", 2363 .test = alg_test_null, 2364 .fips_allowed = 1, 2365 }, { 2366 .alg = "authenc(hmac(sha384),cbc(des))", 2367 .test = alg_test_aead, 2368 .suite = { 2369 .aead = { 2370 .enc = __VECS(hmac_sha384_des_cbc_enc_tv_temp) 2371 } 2372 } 2373 }, { 2374 .alg = "authenc(hmac(sha384),cbc(des3_ede))", 2375 .test = alg_test_aead, 2376 .fips_allowed = 1, 2377 .suite = { 2378 .aead = { 2379 .enc = __VECS(hmac_sha384_des3_ede_cbc_enc_tv_temp) 2380 } 2381 } 2382 }, { 2383 .alg = "authenc(hmac(sha384),ctr(aes))", 2384 .test = alg_test_null, 2385 .fips_allowed = 1, 2386 }, { 2387 .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))", 2388 .test = alg_test_null, 2389 .fips_allowed = 1, 2390 }, { 2391 .alg = "authenc(hmac(sha512),cbc(aes))", 2392 .fips_allowed = 1, 2393 .test = alg_test_aead, 2394 .suite = { 2395 .aead = { 2396 .enc = __VECS(hmac_sha512_aes_cbc_enc_tv_temp) 2397 } 2398 } 2399 }, { 2400 .alg = "authenc(hmac(sha512),cbc(des))", 2401 .test = alg_test_aead, 2402 .suite = { 2403 .aead = { 2404 .enc = __VECS(hmac_sha512_des_cbc_enc_tv_temp) 2405 } 2406 } 2407 }, { 2408 .alg = "authenc(hmac(sha512),cbc(des3_ede))", 2409 .test = alg_test_aead, 2410 .fips_allowed = 1, 2411 .suite = { 2412 .aead = { 2413 .enc = __VECS(hmac_sha512_des3_ede_cbc_enc_tv_temp) 2414 } 2415 } 2416 }, { 2417 .alg = "authenc(hmac(sha512),ctr(aes))", 2418 .test = alg_test_null, 2419 .fips_allowed = 1, 2420 }, { 2421 .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))", 2422 .test = alg_test_null, 2423 .fips_allowed = 1, 2424 }, { 2425 .alg = "cbc(aes)", 2426 .test = alg_test_skcipher, 2427 .fips_allowed = 1, 2428 .suite = { 2429 .cipher = { 2430 .enc = __VECS(aes_cbc_enc_tv_template), 2431 .dec = __VECS(aes_cbc_dec_tv_template) 2432 } 2433 } 2434 }, { 2435 .alg = "cbc(anubis)", 2436 .test = alg_test_skcipher, 2437 .suite = { 2438 .cipher = { 2439 .enc = __VECS(anubis_cbc_enc_tv_template), 2440 .dec = __VECS(anubis_cbc_dec_tv_template) 2441 } 2442 } 2443 }, { 2444 .alg = "cbc(blowfish)", 2445 .test = alg_test_skcipher, 2446 .suite = { 2447 .cipher = { 2448 .enc = __VECS(bf_cbc_enc_tv_template), 2449 .dec = __VECS(bf_cbc_dec_tv_template) 2450 } 2451 } 2452 }, { 2453 .alg = "cbc(camellia)", 2454 .test = alg_test_skcipher, 2455 .suite = { 2456 .cipher = { 2457 .enc = __VECS(camellia_cbc_enc_tv_template), 2458 .dec = __VECS(camellia_cbc_dec_tv_template) 2459 } 2460 } 2461 }, { 2462 .alg = "cbc(cast5)", 2463 .test = alg_test_skcipher, 2464 .suite = { 2465 .cipher = { 2466 .enc = __VECS(cast5_cbc_enc_tv_template), 2467 .dec = __VECS(cast5_cbc_dec_tv_template) 2468 } 2469 } 2470 }, { 2471 .alg = "cbc(cast6)", 2472 .test = alg_test_skcipher, 2473 .suite = { 2474 .cipher = { 2475 .enc = __VECS(cast6_cbc_enc_tv_template), 2476 .dec = __VECS(cast6_cbc_dec_tv_template) 2477 } 2478 } 2479 }, { 2480 .alg = "cbc(des)", 2481 .test = alg_test_skcipher, 2482 .suite = { 2483 .cipher = { 2484 .enc = __VECS(des_cbc_enc_tv_template), 2485 .dec = __VECS(des_cbc_dec_tv_template) 2486 } 2487 } 2488 }, { 2489 .alg = "cbc(des3_ede)", 2490 .test = alg_test_skcipher, 2491 .fips_allowed = 1, 2492 .suite = { 2493 .cipher = { 2494 .enc = __VECS(des3_ede_cbc_enc_tv_template), 2495 .dec = __VECS(des3_ede_cbc_dec_tv_template) 2496 } 2497 } 2498 }, { 2499 .alg = "cbc(serpent)", 2500 .test = alg_test_skcipher, 2501 .suite = { 2502 .cipher = { 2503 .enc = __VECS(serpent_cbc_enc_tv_template), 2504 .dec = __VECS(serpent_cbc_dec_tv_template) 2505 } 2506 } 2507 }, { 2508 .alg = "cbc(twofish)", 2509 .test = alg_test_skcipher, 2510 .suite = { 2511 .cipher = { 2512 .enc = __VECS(tf_cbc_enc_tv_template), 2513 .dec = __VECS(tf_cbc_dec_tv_template) 2514 } 2515 } 2516 }, { 2517 .alg = "cbcmac(aes)", 2518 .fips_allowed = 1, 2519 .test = alg_test_hash, 2520 .suite = { 2521 .hash = __VECS(aes_cbcmac_tv_template) 2522 } 2523 }, { 2524 .alg = "ccm(aes)", 2525 .test = alg_test_aead, 2526 .fips_allowed = 1, 2527 .suite = { 2528 .aead = { 2529 .enc = __VECS(aes_ccm_enc_tv_template), 2530 .dec = __VECS(aes_ccm_dec_tv_template) 2531 } 2532 } 2533 }, { 2534 .alg = "chacha20", 2535 .test = alg_test_skcipher, 2536 .suite = { 2537 .cipher = { 2538 .enc = __VECS(chacha20_enc_tv_template), 2539 .dec = __VECS(chacha20_enc_tv_template), 2540 } 2541 } 2542 }, { 2543 .alg = "cmac(aes)", 2544 .fips_allowed = 1, 2545 .test = alg_test_hash, 2546 .suite = { 2547 .hash = __VECS(aes_cmac128_tv_template) 2548 } 2549 }, { 2550 .alg = "cmac(des3_ede)", 2551 .fips_allowed = 1, 2552 .test = alg_test_hash, 2553 .suite = { 2554 .hash = __VECS(des3_ede_cmac64_tv_template) 2555 } 2556 }, { 2557 .alg = "compress_null", 2558 .test = alg_test_null, 2559 }, { 2560 .alg = "crc32", 2561 .test = alg_test_hash, 2562 .suite = { 2563 .hash = __VECS(crc32_tv_template) 2564 } 2565 }, { 2566 .alg = "crc32c", 2567 .test = alg_test_crc32c, 2568 .fips_allowed = 1, 2569 .suite = { 2570 .hash = __VECS(crc32c_tv_template) 2571 } 2572 }, { 2573 .alg = "crct10dif", 2574 .test = alg_test_hash, 2575 .fips_allowed = 1, 2576 .suite = { 2577 .hash = __VECS(crct10dif_tv_template) 2578 } 2579 }, { 2580 .alg = "ctr(aes)", 2581 .test = alg_test_skcipher, 2582 .fips_allowed = 1, 2583 .suite = { 2584 .cipher = { 2585 .enc = __VECS(aes_ctr_enc_tv_template), 2586 .dec = __VECS(aes_ctr_dec_tv_template) 2587 } 2588 } 2589 }, { 2590 .alg = "ctr(blowfish)", 2591 .test = alg_test_skcipher, 2592 .suite = { 2593 .cipher = { 2594 .enc = __VECS(bf_ctr_enc_tv_template), 2595 .dec = __VECS(bf_ctr_dec_tv_template) 2596 } 2597 } 2598 }, { 2599 .alg = "ctr(camellia)", 2600 .test = alg_test_skcipher, 2601 .suite = { 2602 .cipher = { 2603 .enc = __VECS(camellia_ctr_enc_tv_template), 2604 .dec = __VECS(camellia_ctr_dec_tv_template) 2605 } 2606 } 2607 }, { 2608 .alg = "ctr(cast5)", 2609 .test = alg_test_skcipher, 2610 .suite = { 2611 .cipher = { 2612 .enc = __VECS(cast5_ctr_enc_tv_template), 2613 .dec = __VECS(cast5_ctr_dec_tv_template) 2614 } 2615 } 2616 }, { 2617 .alg = "ctr(cast6)", 2618 .test = alg_test_skcipher, 2619 .suite = { 2620 .cipher = { 2621 .enc = __VECS(cast6_ctr_enc_tv_template), 2622 .dec = __VECS(cast6_ctr_dec_tv_template) 2623 } 2624 } 2625 }, { 2626 .alg = "ctr(des)", 2627 .test = alg_test_skcipher, 2628 .suite = { 2629 .cipher = { 2630 .enc = __VECS(des_ctr_enc_tv_template), 2631 .dec = __VECS(des_ctr_dec_tv_template) 2632 } 2633 } 2634 }, { 2635 .alg = "ctr(des3_ede)", 2636 .test = alg_test_skcipher, 2637 .suite = { 2638 .cipher = { 2639 .enc = __VECS(des3_ede_ctr_enc_tv_template), 2640 .dec = __VECS(des3_ede_ctr_dec_tv_template) 2641 } 2642 } 2643 }, { 2644 .alg = "ctr(serpent)", 2645 .test = alg_test_skcipher, 2646 .suite = { 2647 .cipher = { 2648 .enc = __VECS(serpent_ctr_enc_tv_template), 2649 .dec = __VECS(serpent_ctr_dec_tv_template) 2650 } 2651 } 2652 }, { 2653 .alg = "ctr(twofish)", 2654 .test = alg_test_skcipher, 2655 .suite = { 2656 .cipher = { 2657 .enc = __VECS(tf_ctr_enc_tv_template), 2658 .dec = __VECS(tf_ctr_dec_tv_template) 2659 } 2660 } 2661 }, { 2662 .alg = "cts(cbc(aes))", 2663 .test = alg_test_skcipher, 2664 .suite = { 2665 .cipher = { 2666 .enc = __VECS(cts_mode_enc_tv_template), 2667 .dec = __VECS(cts_mode_dec_tv_template) 2668 } 2669 } 2670 }, { 2671 .alg = "deflate", 2672 .test = alg_test_comp, 2673 .fips_allowed = 1, 2674 .suite = { 2675 .comp = { 2676 .comp = __VECS(deflate_comp_tv_template), 2677 .decomp = __VECS(deflate_decomp_tv_template) 2678 } 2679 } 2680 }, { 2681 .alg = "dh", 2682 .test = alg_test_kpp, 2683 .fips_allowed = 1, 2684 .suite = { 2685 .kpp = __VECS(dh_tv_template) 2686 } 2687 }, { 2688 .alg = "digest_null", 2689 .test = alg_test_null, 2690 }, { 2691 .alg = "drbg_nopr_ctr_aes128", 2692 .test = alg_test_drbg, 2693 .fips_allowed = 1, 2694 .suite = { 2695 .drbg = __VECS(drbg_nopr_ctr_aes128_tv_template) 2696 } 2697 }, { 2698 .alg = "drbg_nopr_ctr_aes192", 2699 .test = alg_test_drbg, 2700 .fips_allowed = 1, 2701 .suite = { 2702 .drbg = __VECS(drbg_nopr_ctr_aes192_tv_template) 2703 } 2704 }, { 2705 .alg = "drbg_nopr_ctr_aes256", 2706 .test = alg_test_drbg, 2707 .fips_allowed = 1, 2708 .suite = { 2709 .drbg = __VECS(drbg_nopr_ctr_aes256_tv_template) 2710 } 2711 }, { 2712 /* 2713 * There is no need to specifically test the DRBG with every 2714 * backend cipher -- covered by drbg_nopr_hmac_sha256 test 2715 */ 2716 .alg = "drbg_nopr_hmac_sha1", 2717 .fips_allowed = 1, 2718 .test = alg_test_null, 2719 }, { 2720 .alg = "drbg_nopr_hmac_sha256", 2721 .test = alg_test_drbg, 2722 .fips_allowed = 1, 2723 .suite = { 2724 .drbg = __VECS(drbg_nopr_hmac_sha256_tv_template) 2725 } 2726 }, { 2727 /* covered by drbg_nopr_hmac_sha256 test */ 2728 .alg = "drbg_nopr_hmac_sha384", 2729 .fips_allowed = 1, 2730 .test = alg_test_null, 2731 }, { 2732 .alg = "drbg_nopr_hmac_sha512", 2733 .test = alg_test_null, 2734 .fips_allowed = 1, 2735 }, { 2736 .alg = "drbg_nopr_sha1", 2737 .fips_allowed = 1, 2738 .test = alg_test_null, 2739 }, { 2740 .alg = "drbg_nopr_sha256", 2741 .test = alg_test_drbg, 2742 .fips_allowed = 1, 2743 .suite = { 2744 .drbg = __VECS(drbg_nopr_sha256_tv_template) 2745 } 2746 }, { 2747 /* covered by drbg_nopr_sha256 test */ 2748 .alg = "drbg_nopr_sha384", 2749 .fips_allowed = 1, 2750 .test = alg_test_null, 2751 }, { 2752 .alg = "drbg_nopr_sha512", 2753 .fips_allowed = 1, 2754 .test = alg_test_null, 2755 }, { 2756 .alg = "drbg_pr_ctr_aes128", 2757 .test = alg_test_drbg, 2758 .fips_allowed = 1, 2759 .suite = { 2760 .drbg = __VECS(drbg_pr_ctr_aes128_tv_template) 2761 } 2762 }, { 2763 /* covered by drbg_pr_ctr_aes128 test */ 2764 .alg = "drbg_pr_ctr_aes192", 2765 .fips_allowed = 1, 2766 .test = alg_test_null, 2767 }, { 2768 .alg = "drbg_pr_ctr_aes256", 2769 .fips_allowed = 1, 2770 .test = alg_test_null, 2771 }, { 2772 .alg = "drbg_pr_hmac_sha1", 2773 .fips_allowed = 1, 2774 .test = alg_test_null, 2775 }, { 2776 .alg = "drbg_pr_hmac_sha256", 2777 .test = alg_test_drbg, 2778 .fips_allowed = 1, 2779 .suite = { 2780 .drbg = __VECS(drbg_pr_hmac_sha256_tv_template) 2781 } 2782 }, { 2783 /* covered by drbg_pr_hmac_sha256 test */ 2784 .alg = "drbg_pr_hmac_sha384", 2785 .fips_allowed = 1, 2786 .test = alg_test_null, 2787 }, { 2788 .alg = "drbg_pr_hmac_sha512", 2789 .test = alg_test_null, 2790 .fips_allowed = 1, 2791 }, { 2792 .alg = "drbg_pr_sha1", 2793 .fips_allowed = 1, 2794 .test = alg_test_null, 2795 }, { 2796 .alg = "drbg_pr_sha256", 2797 .test = alg_test_drbg, 2798 .fips_allowed = 1, 2799 .suite = { 2800 .drbg = __VECS(drbg_pr_sha256_tv_template) 2801 } 2802 }, { 2803 /* covered by drbg_pr_sha256 test */ 2804 .alg = "drbg_pr_sha384", 2805 .fips_allowed = 1, 2806 .test = alg_test_null, 2807 }, { 2808 .alg = "drbg_pr_sha512", 2809 .fips_allowed = 1, 2810 .test = alg_test_null, 2811 }, { 2812 .alg = "ecb(aes)", 2813 .test = alg_test_skcipher, 2814 .fips_allowed = 1, 2815 .suite = { 2816 .cipher = { 2817 .enc = __VECS(aes_enc_tv_template), 2818 .dec = __VECS(aes_dec_tv_template) 2819 } 2820 } 2821 }, { 2822 .alg = "ecb(anubis)", 2823 .test = alg_test_skcipher, 2824 .suite = { 2825 .cipher = { 2826 .enc = __VECS(anubis_enc_tv_template), 2827 .dec = __VECS(anubis_dec_tv_template) 2828 } 2829 } 2830 }, { 2831 .alg = "ecb(arc4)", 2832 .test = alg_test_skcipher, 2833 .suite = { 2834 .cipher = { 2835 .enc = __VECS(arc4_enc_tv_template), 2836 .dec = __VECS(arc4_dec_tv_template) 2837 } 2838 } 2839 }, { 2840 .alg = "ecb(blowfish)", 2841 .test = alg_test_skcipher, 2842 .suite = { 2843 .cipher = { 2844 .enc = __VECS(bf_enc_tv_template), 2845 .dec = __VECS(bf_dec_tv_template) 2846 } 2847 } 2848 }, { 2849 .alg = "ecb(camellia)", 2850 .test = alg_test_skcipher, 2851 .suite = { 2852 .cipher = { 2853 .enc = __VECS(camellia_enc_tv_template), 2854 .dec = __VECS(camellia_dec_tv_template) 2855 } 2856 } 2857 }, { 2858 .alg = "ecb(cast5)", 2859 .test = alg_test_skcipher, 2860 .suite = { 2861 .cipher = { 2862 .enc = __VECS(cast5_enc_tv_template), 2863 .dec = __VECS(cast5_dec_tv_template) 2864 } 2865 } 2866 }, { 2867 .alg = "ecb(cast6)", 2868 .test = alg_test_skcipher, 2869 .suite = { 2870 .cipher = { 2871 .enc = __VECS(cast6_enc_tv_template), 2872 .dec = __VECS(cast6_dec_tv_template) 2873 } 2874 } 2875 }, { 2876 .alg = "ecb(cipher_null)", 2877 .test = alg_test_null, 2878 }, { 2879 .alg = "ecb(des)", 2880 .test = alg_test_skcipher, 2881 .suite = { 2882 .cipher = { 2883 .enc = __VECS(des_enc_tv_template), 2884 .dec = __VECS(des_dec_tv_template) 2885 } 2886 } 2887 }, { 2888 .alg = "ecb(des3_ede)", 2889 .test = alg_test_skcipher, 2890 .fips_allowed = 1, 2891 .suite = { 2892 .cipher = { 2893 .enc = __VECS(des3_ede_enc_tv_template), 2894 .dec = __VECS(des3_ede_dec_tv_template) 2895 } 2896 } 2897 }, { 2898 .alg = "ecb(fcrypt)", 2899 .test = alg_test_skcipher, 2900 .suite = { 2901 .cipher = { 2902 .enc = { 2903 .vecs = fcrypt_pcbc_enc_tv_template, 2904 .count = 1 2905 }, 2906 .dec = { 2907 .vecs = fcrypt_pcbc_dec_tv_template, 2908 .count = 1 2909 } 2910 } 2911 } 2912 }, { 2913 .alg = "ecb(khazad)", 2914 .test = alg_test_skcipher, 2915 .suite = { 2916 .cipher = { 2917 .enc = __VECS(khazad_enc_tv_template), 2918 .dec = __VECS(khazad_dec_tv_template) 2919 } 2920 } 2921 }, { 2922 .alg = "ecb(seed)", 2923 .test = alg_test_skcipher, 2924 .suite = { 2925 .cipher = { 2926 .enc = __VECS(seed_enc_tv_template), 2927 .dec = __VECS(seed_dec_tv_template) 2928 } 2929 } 2930 }, { 2931 .alg = "ecb(serpent)", 2932 .test = alg_test_skcipher, 2933 .suite = { 2934 .cipher = { 2935 .enc = __VECS(serpent_enc_tv_template), 2936 .dec = __VECS(serpent_dec_tv_template) 2937 } 2938 } 2939 }, { 2940 .alg = "ecb(tea)", 2941 .test = alg_test_skcipher, 2942 .suite = { 2943 .cipher = { 2944 .enc = __VECS(tea_enc_tv_template), 2945 .dec = __VECS(tea_dec_tv_template) 2946 } 2947 } 2948 }, { 2949 .alg = "ecb(tnepres)", 2950 .test = alg_test_skcipher, 2951 .suite = { 2952 .cipher = { 2953 .enc = __VECS(tnepres_enc_tv_template), 2954 .dec = __VECS(tnepres_dec_tv_template) 2955 } 2956 } 2957 }, { 2958 .alg = "ecb(twofish)", 2959 .test = alg_test_skcipher, 2960 .suite = { 2961 .cipher = { 2962 .enc = __VECS(tf_enc_tv_template), 2963 .dec = __VECS(tf_dec_tv_template) 2964 } 2965 } 2966 }, { 2967 .alg = "ecb(xeta)", 2968 .test = alg_test_skcipher, 2969 .suite = { 2970 .cipher = { 2971 .enc = __VECS(xeta_enc_tv_template), 2972 .dec = __VECS(xeta_dec_tv_template) 2973 } 2974 } 2975 }, { 2976 .alg = "ecb(xtea)", 2977 .test = alg_test_skcipher, 2978 .suite = { 2979 .cipher = { 2980 .enc = __VECS(xtea_enc_tv_template), 2981 .dec = __VECS(xtea_dec_tv_template) 2982 } 2983 } 2984 }, { 2985 .alg = "ecdh", 2986 .test = alg_test_kpp, 2987 .fips_allowed = 1, 2988 .suite = { 2989 .kpp = __VECS(ecdh_tv_template) 2990 } 2991 }, { 2992 .alg = "gcm(aes)", 2993 .test = alg_test_aead, 2994 .fips_allowed = 1, 2995 .suite = { 2996 .aead = { 2997 .enc = __VECS(aes_gcm_enc_tv_template), 2998 .dec = __VECS(aes_gcm_dec_tv_template) 2999 } 3000 } 3001 }, { 3002 .alg = "ghash", 3003 .test = alg_test_hash, 3004 .fips_allowed = 1, 3005 .suite = { 3006 .hash = __VECS(ghash_tv_template) 3007 } 3008 }, { 3009 .alg = "hmac(crc32)", 3010 .test = alg_test_hash, 3011 .suite = { 3012 .hash = __VECS(bfin_crc_tv_template) 3013 } 3014 }, { 3015 .alg = "hmac(md5)", 3016 .test = alg_test_hash, 3017 .suite = { 3018 .hash = __VECS(hmac_md5_tv_template) 3019 } 3020 }, { 3021 .alg = "hmac(rmd128)", 3022 .test = alg_test_hash, 3023 .suite = { 3024 .hash = __VECS(hmac_rmd128_tv_template) 3025 } 3026 }, { 3027 .alg = "hmac(rmd160)", 3028 .test = alg_test_hash, 3029 .suite = { 3030 .hash = __VECS(hmac_rmd160_tv_template) 3031 } 3032 }, { 3033 .alg = "hmac(sha1)", 3034 .test = alg_test_hash, 3035 .fips_allowed = 1, 3036 .suite = { 3037 .hash = __VECS(hmac_sha1_tv_template) 3038 } 3039 }, { 3040 .alg = "hmac(sha224)", 3041 .test = alg_test_hash, 3042 .fips_allowed = 1, 3043 .suite = { 3044 .hash = __VECS(hmac_sha224_tv_template) 3045 } 3046 }, { 3047 .alg = "hmac(sha256)", 3048 .test = alg_test_hash, 3049 .fips_allowed = 1, 3050 .suite = { 3051 .hash = __VECS(hmac_sha256_tv_template) 3052 } 3053 }, { 3054 .alg = "hmac(sha3-224)", 3055 .test = alg_test_hash, 3056 .fips_allowed = 1, 3057 .suite = { 3058 .hash = __VECS(hmac_sha3_224_tv_template) 3059 } 3060 }, { 3061 .alg = "hmac(sha3-256)", 3062 .test = alg_test_hash, 3063 .fips_allowed = 1, 3064 .suite = { 3065 .hash = __VECS(hmac_sha3_256_tv_template) 3066 } 3067 }, { 3068 .alg = "hmac(sha3-384)", 3069 .test = alg_test_hash, 3070 .fips_allowed = 1, 3071 .suite = { 3072 .hash = __VECS(hmac_sha3_384_tv_template) 3073 } 3074 }, { 3075 .alg = "hmac(sha3-512)", 3076 .test = alg_test_hash, 3077 .fips_allowed = 1, 3078 .suite = { 3079 .hash = __VECS(hmac_sha3_512_tv_template) 3080 } 3081 }, { 3082 .alg = "hmac(sha384)", 3083 .test = alg_test_hash, 3084 .fips_allowed = 1, 3085 .suite = { 3086 .hash = __VECS(hmac_sha384_tv_template) 3087 } 3088 }, { 3089 .alg = "hmac(sha512)", 3090 .test = alg_test_hash, 3091 .fips_allowed = 1, 3092 .suite = { 3093 .hash = __VECS(hmac_sha512_tv_template) 3094 } 3095 }, { 3096 .alg = "jitterentropy_rng", 3097 .fips_allowed = 1, 3098 .test = alg_test_null, 3099 }, { 3100 .alg = "kw(aes)", 3101 .test = alg_test_skcipher, 3102 .fips_allowed = 1, 3103 .suite = { 3104 .cipher = { 3105 .enc = __VECS(aes_kw_enc_tv_template), 3106 .dec = __VECS(aes_kw_dec_tv_template) 3107 } 3108 } 3109 }, { 3110 .alg = "lrw(aes)", 3111 .test = alg_test_skcipher, 3112 .suite = { 3113 .cipher = { 3114 .enc = __VECS(aes_lrw_enc_tv_template), 3115 .dec = __VECS(aes_lrw_dec_tv_template) 3116 } 3117 } 3118 }, { 3119 .alg = "lrw(camellia)", 3120 .test = alg_test_skcipher, 3121 .suite = { 3122 .cipher = { 3123 .enc = __VECS(camellia_lrw_enc_tv_template), 3124 .dec = __VECS(camellia_lrw_dec_tv_template) 3125 } 3126 } 3127 }, { 3128 .alg = "lrw(cast6)", 3129 .test = alg_test_skcipher, 3130 .suite = { 3131 .cipher = { 3132 .enc = __VECS(cast6_lrw_enc_tv_template), 3133 .dec = __VECS(cast6_lrw_dec_tv_template) 3134 } 3135 } 3136 }, { 3137 .alg = "lrw(serpent)", 3138 .test = alg_test_skcipher, 3139 .suite = { 3140 .cipher = { 3141 .enc = __VECS(serpent_lrw_enc_tv_template), 3142 .dec = __VECS(serpent_lrw_dec_tv_template) 3143 } 3144 } 3145 }, { 3146 .alg = "lrw(twofish)", 3147 .test = alg_test_skcipher, 3148 .suite = { 3149 .cipher = { 3150 .enc = __VECS(tf_lrw_enc_tv_template), 3151 .dec = __VECS(tf_lrw_dec_tv_template) 3152 } 3153 } 3154 }, { 3155 .alg = "lz4", 3156 .test = alg_test_comp, 3157 .fips_allowed = 1, 3158 .suite = { 3159 .comp = { 3160 .comp = __VECS(lz4_comp_tv_template), 3161 .decomp = __VECS(lz4_decomp_tv_template) 3162 } 3163 } 3164 }, { 3165 .alg = "lz4hc", 3166 .test = alg_test_comp, 3167 .fips_allowed = 1, 3168 .suite = { 3169 .comp = { 3170 .comp = __VECS(lz4hc_comp_tv_template), 3171 .decomp = __VECS(lz4hc_decomp_tv_template) 3172 } 3173 } 3174 }, { 3175 .alg = "lzo", 3176 .test = alg_test_comp, 3177 .fips_allowed = 1, 3178 .suite = { 3179 .comp = { 3180 .comp = __VECS(lzo_comp_tv_template), 3181 .decomp = __VECS(lzo_decomp_tv_template) 3182 } 3183 } 3184 }, { 3185 .alg = "md4", 3186 .test = alg_test_hash, 3187 .suite = { 3188 .hash = __VECS(md4_tv_template) 3189 } 3190 }, { 3191 .alg = "md5", 3192 .test = alg_test_hash, 3193 .suite = { 3194 .hash = __VECS(md5_tv_template) 3195 } 3196 }, { 3197 .alg = "michael_mic", 3198 .test = alg_test_hash, 3199 .suite = { 3200 .hash = __VECS(michael_mic_tv_template) 3201 } 3202 }, { 3203 .alg = "ofb(aes)", 3204 .test = alg_test_skcipher, 3205 .fips_allowed = 1, 3206 .suite = { 3207 .cipher = { 3208 .enc = __VECS(aes_ofb_enc_tv_template), 3209 .dec = __VECS(aes_ofb_dec_tv_template) 3210 } 3211 } 3212 }, { 3213 .alg = "pcbc(fcrypt)", 3214 .test = alg_test_skcipher, 3215 .suite = { 3216 .cipher = { 3217 .enc = __VECS(fcrypt_pcbc_enc_tv_template), 3218 .dec = __VECS(fcrypt_pcbc_dec_tv_template) 3219 } 3220 } 3221 }, { 3222 .alg = "poly1305", 3223 .test = alg_test_hash, 3224 .suite = { 3225 .hash = __VECS(poly1305_tv_template) 3226 } 3227 }, { 3228 .alg = "rfc3686(ctr(aes))", 3229 .test = alg_test_skcipher, 3230 .fips_allowed = 1, 3231 .suite = { 3232 .cipher = { 3233 .enc = __VECS(aes_ctr_rfc3686_enc_tv_template), 3234 .dec = __VECS(aes_ctr_rfc3686_dec_tv_template) 3235 } 3236 } 3237 }, { 3238 .alg = "rfc4106(gcm(aes))", 3239 .test = alg_test_aead, 3240 .fips_allowed = 1, 3241 .suite = { 3242 .aead = { 3243 .enc = __VECS(aes_gcm_rfc4106_enc_tv_template), 3244 .dec = __VECS(aes_gcm_rfc4106_dec_tv_template) 3245 } 3246 } 3247 }, { 3248 .alg = "rfc4309(ccm(aes))", 3249 .test = alg_test_aead, 3250 .fips_allowed = 1, 3251 .suite = { 3252 .aead = { 3253 .enc = __VECS(aes_ccm_rfc4309_enc_tv_template), 3254 .dec = __VECS(aes_ccm_rfc4309_dec_tv_template) 3255 } 3256 } 3257 }, { 3258 .alg = "rfc4543(gcm(aes))", 3259 .test = alg_test_aead, 3260 .suite = { 3261 .aead = { 3262 .enc = __VECS(aes_gcm_rfc4543_enc_tv_template), 3263 .dec = __VECS(aes_gcm_rfc4543_dec_tv_template), 3264 } 3265 } 3266 }, { 3267 .alg = "rfc7539(chacha20,poly1305)", 3268 .test = alg_test_aead, 3269 .suite = { 3270 .aead = { 3271 .enc = __VECS(rfc7539_enc_tv_template), 3272 .dec = __VECS(rfc7539_dec_tv_template), 3273 } 3274 } 3275 }, { 3276 .alg = "rfc7539esp(chacha20,poly1305)", 3277 .test = alg_test_aead, 3278 .suite = { 3279 .aead = { 3280 .enc = __VECS(rfc7539esp_enc_tv_template), 3281 .dec = __VECS(rfc7539esp_dec_tv_template), 3282 } 3283 } 3284 }, { 3285 .alg = "rmd128", 3286 .test = alg_test_hash, 3287 .suite = { 3288 .hash = __VECS(rmd128_tv_template) 3289 } 3290 }, { 3291 .alg = "rmd160", 3292 .test = alg_test_hash, 3293 .suite = { 3294 .hash = __VECS(rmd160_tv_template) 3295 } 3296 }, { 3297 .alg = "rmd256", 3298 .test = alg_test_hash, 3299 .suite = { 3300 .hash = __VECS(rmd256_tv_template) 3301 } 3302 }, { 3303 .alg = "rmd320", 3304 .test = alg_test_hash, 3305 .suite = { 3306 .hash = __VECS(rmd320_tv_template) 3307 } 3308 }, { 3309 .alg = "rsa", 3310 .test = alg_test_akcipher, 3311 .fips_allowed = 1, 3312 .suite = { 3313 .akcipher = __VECS(rsa_tv_template) 3314 } 3315 }, { 3316 .alg = "salsa20", 3317 .test = alg_test_skcipher, 3318 .suite = { 3319 .cipher = { 3320 .enc = __VECS(salsa20_stream_enc_tv_template) 3321 } 3322 } 3323 }, { 3324 .alg = "sha1", 3325 .test = alg_test_hash, 3326 .fips_allowed = 1, 3327 .suite = { 3328 .hash = __VECS(sha1_tv_template) 3329 } 3330 }, { 3331 .alg = "sha224", 3332 .test = alg_test_hash, 3333 .fips_allowed = 1, 3334 .suite = { 3335 .hash = __VECS(sha224_tv_template) 3336 } 3337 }, { 3338 .alg = "sha256", 3339 .test = alg_test_hash, 3340 .fips_allowed = 1, 3341 .suite = { 3342 .hash = __VECS(sha256_tv_template) 3343 } 3344 }, { 3345 .alg = "sha3-224", 3346 .test = alg_test_hash, 3347 .fips_allowed = 1, 3348 .suite = { 3349 .hash = __VECS(sha3_224_tv_template) 3350 } 3351 }, { 3352 .alg = "sha3-256", 3353 .test = alg_test_hash, 3354 .fips_allowed = 1, 3355 .suite = { 3356 .hash = __VECS(sha3_256_tv_template) 3357 } 3358 }, { 3359 .alg = "sha3-384", 3360 .test = alg_test_hash, 3361 .fips_allowed = 1, 3362 .suite = { 3363 .hash = __VECS(sha3_384_tv_template) 3364 } 3365 }, { 3366 .alg = "sha3-512", 3367 .test = alg_test_hash, 3368 .fips_allowed = 1, 3369 .suite = { 3370 .hash = __VECS(sha3_512_tv_template) 3371 } 3372 }, { 3373 .alg = "sha384", 3374 .test = alg_test_hash, 3375 .fips_allowed = 1, 3376 .suite = { 3377 .hash = __VECS(sha384_tv_template) 3378 } 3379 }, { 3380 .alg = "sha512", 3381 .test = alg_test_hash, 3382 .fips_allowed = 1, 3383 .suite = { 3384 .hash = __VECS(sha512_tv_template) 3385 } 3386 }, { 3387 .alg = "tgr128", 3388 .test = alg_test_hash, 3389 .suite = { 3390 .hash = __VECS(tgr128_tv_template) 3391 } 3392 }, { 3393 .alg = "tgr160", 3394 .test = alg_test_hash, 3395 .suite = { 3396 .hash = __VECS(tgr160_tv_template) 3397 } 3398 }, { 3399 .alg = "tgr192", 3400 .test = alg_test_hash, 3401 .suite = { 3402 .hash = __VECS(tgr192_tv_template) 3403 } 3404 }, { 3405 .alg = "vmac(aes)", 3406 .test = alg_test_hash, 3407 .suite = { 3408 .hash = __VECS(aes_vmac128_tv_template) 3409 } 3410 }, { 3411 .alg = "wp256", 3412 .test = alg_test_hash, 3413 .suite = { 3414 .hash = __VECS(wp256_tv_template) 3415 } 3416 }, { 3417 .alg = "wp384", 3418 .test = alg_test_hash, 3419 .suite = { 3420 .hash = __VECS(wp384_tv_template) 3421 } 3422 }, { 3423 .alg = "wp512", 3424 .test = alg_test_hash, 3425 .suite = { 3426 .hash = __VECS(wp512_tv_template) 3427 } 3428 }, { 3429 .alg = "xcbc(aes)", 3430 .test = alg_test_hash, 3431 .suite = { 3432 .hash = __VECS(aes_xcbc128_tv_template) 3433 } 3434 }, { 3435 .alg = "xts(aes)", 3436 .test = alg_test_skcipher, 3437 .fips_allowed = 1, 3438 .suite = { 3439 .cipher = { 3440 .enc = __VECS(aes_xts_enc_tv_template), 3441 .dec = __VECS(aes_xts_dec_tv_template) 3442 } 3443 } 3444 }, { 3445 .alg = "xts(camellia)", 3446 .test = alg_test_skcipher, 3447 .suite = { 3448 .cipher = { 3449 .enc = __VECS(camellia_xts_enc_tv_template), 3450 .dec = __VECS(camellia_xts_dec_tv_template) 3451 } 3452 } 3453 }, { 3454 .alg = "xts(cast6)", 3455 .test = alg_test_skcipher, 3456 .suite = { 3457 .cipher = { 3458 .enc = __VECS(cast6_xts_enc_tv_template), 3459 .dec = __VECS(cast6_xts_dec_tv_template) 3460 } 3461 } 3462 }, { 3463 .alg = "xts(serpent)", 3464 .test = alg_test_skcipher, 3465 .suite = { 3466 .cipher = { 3467 .enc = __VECS(serpent_xts_enc_tv_template), 3468 .dec = __VECS(serpent_xts_dec_tv_template) 3469 } 3470 } 3471 }, { 3472 .alg = "xts(twofish)", 3473 .test = alg_test_skcipher, 3474 .suite = { 3475 .cipher = { 3476 .enc = __VECS(tf_xts_enc_tv_template), 3477 .dec = __VECS(tf_xts_dec_tv_template) 3478 } 3479 } 3480 } 3481 }; 3482 3483 static bool alg_test_descs_checked; 3484 3485 static void alg_test_descs_check_order(void) 3486 { 3487 int i; 3488 3489 /* only check once */ 3490 if (alg_test_descs_checked) 3491 return; 3492 3493 alg_test_descs_checked = true; 3494 3495 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) { 3496 int diff = strcmp(alg_test_descs[i - 1].alg, 3497 alg_test_descs[i].alg); 3498 3499 if (WARN_ON(diff > 0)) { 3500 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n", 3501 alg_test_descs[i - 1].alg, 3502 alg_test_descs[i].alg); 3503 } 3504 3505 if (WARN_ON(diff == 0)) { 3506 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n", 3507 alg_test_descs[i].alg); 3508 } 3509 } 3510 } 3511 3512 static int alg_find_test(const char *alg) 3513 { 3514 int start = 0; 3515 int end = ARRAY_SIZE(alg_test_descs); 3516 3517 while (start < end) { 3518 int i = (start + end) / 2; 3519 int diff = strcmp(alg_test_descs[i].alg, alg); 3520 3521 if (diff > 0) { 3522 end = i; 3523 continue; 3524 } 3525 3526 if (diff < 0) { 3527 start = i + 1; 3528 continue; 3529 } 3530 3531 return i; 3532 } 3533 3534 return -1; 3535 } 3536 3537 int alg_test(const char *driver, const char *alg, u32 type, u32 mask) 3538 { 3539 int i; 3540 int j; 3541 int rc; 3542 3543 if (!fips_enabled && notests) { 3544 printk_once(KERN_INFO "alg: self-tests disabled\n"); 3545 return 0; 3546 } 3547 3548 alg_test_descs_check_order(); 3549 3550 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { 3551 char nalg[CRYPTO_MAX_ALG_NAME]; 3552 3553 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >= 3554 sizeof(nalg)) 3555 return -ENAMETOOLONG; 3556 3557 i = alg_find_test(nalg); 3558 if (i < 0) 3559 goto notest; 3560 3561 if (fips_enabled && !alg_test_descs[i].fips_allowed) 3562 goto non_fips_alg; 3563 3564 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask); 3565 goto test_done; 3566 } 3567 3568 i = alg_find_test(alg); 3569 j = alg_find_test(driver); 3570 if (i < 0 && j < 0) 3571 goto notest; 3572 3573 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) || 3574 (j >= 0 && !alg_test_descs[j].fips_allowed))) 3575 goto non_fips_alg; 3576 3577 rc = 0; 3578 if (i >= 0) 3579 rc |= alg_test_descs[i].test(alg_test_descs + i, driver, 3580 type, mask); 3581 if (j >= 0 && j != i) 3582 rc |= alg_test_descs[j].test(alg_test_descs + j, driver, 3583 type, mask); 3584 3585 test_done: 3586 if (fips_enabled && rc) 3587 panic("%s: %s alg self test failed in fips mode!\n", driver, alg); 3588 3589 if (fips_enabled && !rc) 3590 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg); 3591 3592 return rc; 3593 3594 notest: 3595 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver); 3596 return 0; 3597 non_fips_alg: 3598 return -EINVAL; 3599 } 3600 3601 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */ 3602 3603 EXPORT_SYMBOL_GPL(alg_test); 3604