1 // SPDX-License-Identifier: GPL-2.0-or-later <<
2 /* 1 /*
3 * Algorithm testing framework and tests. 2 * Algorithm testing framework and tests.
4 * 3 *
5 * Copyright (c) 2002 James Morris <jmorris@in 4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
6 * Copyright (c) 2002 Jean-Francois Dive <jef@ 5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
7 * Copyright (c) 2007 Nokia Siemens Networks 6 * Copyright (c) 2007 Nokia Siemens Networks
8 * Copyright (c) 2008 Herbert Xu <herbert@gond 7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
9 * Copyright (c) 2019 Google LLC <<
10 * 8 *
11 * Updated RFC4106 AES-GCM testing. 9 * Updated RFC4106 AES-GCM testing.
12 * Authors: Aidan O'Mahony (aidan.o.mahony@ 10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com)
13 * Adrian Hoban <adrian.hoban@inte 11 * Adrian Hoban <adrian.hoban@intel.com>
14 * Gabriele Paoloni <gabriele.paol 12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
15 * Tadeusz Struk (tadeusz.struk@in 13 * Tadeusz Struk (tadeusz.struk@intel.com)
16 * Copyright (c) 2010, Intel Corporation. 14 * Copyright (c) 2010, Intel Corporation.
>> 15 *
>> 16 * This program is free software; you can redistribute it and/or modify it
>> 17 * under the terms of the GNU General Public License as published by the Free
>> 18 * Software Foundation; either version 2 of the License, or (at your option)
>> 19 * any later version.
>> 20 *
17 */ 21 */
18 22
19 #include <crypto/aead.h> 23 #include <crypto/aead.h>
20 #include <crypto/hash.h> 24 #include <crypto/hash.h>
21 #include <crypto/skcipher.h> 25 #include <crypto/skcipher.h>
22 #include <linux/err.h> 26 #include <linux/err.h>
23 #include <linux/fips.h> 27 #include <linux/fips.h>
24 #include <linux/module.h> 28 #include <linux/module.h>
25 #include <linux/once.h> <<
26 #include <linux/random.h> <<
27 #include <linux/scatterlist.h> 29 #include <linux/scatterlist.h>
28 #include <linux/slab.h> 30 #include <linux/slab.h>
29 #include <linux/string.h> 31 #include <linux/string.h>
30 #include <linux/uio.h> <<
31 #include <crypto/rng.h> 32 #include <crypto/rng.h>
32 #include <crypto/drbg.h> 33 #include <crypto/drbg.h>
33 #include <crypto/akcipher.h> 34 #include <crypto/akcipher.h>
34 #include <crypto/kpp.h> 35 #include <crypto/kpp.h>
35 #include <crypto/acompress.h> 36 #include <crypto/acompress.h>
36 #include <crypto/internal/cipher.h> <<
37 #include <crypto/internal/simd.h> <<
38 37
39 #include "internal.h" 38 #include "internal.h"
40 39
41 MODULE_IMPORT_NS(CRYPTO_INTERNAL); <<
42 <<
43 static bool notests; 40 static bool notests;
44 module_param(notests, bool, 0644); 41 module_param(notests, bool, 0644);
45 MODULE_PARM_DESC(notests, "disable crypto self 42 MODULE_PARM_DESC(notests, "disable crypto self-tests");
46 43
47 static bool panic_on_fail; <<
48 module_param(panic_on_fail, bool, 0444); <<
49 <<
50 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
51 static bool noextratests; <<
52 module_param(noextratests, bool, 0644); <<
53 MODULE_PARM_DESC(noextratests, "disable expens <<
54 <<
55 static unsigned int fuzz_iterations = 100; <<
56 module_param(fuzz_iterations, uint, 0644); <<
57 MODULE_PARM_DESC(fuzz_iterations, "number of f <<
58 #endif <<
59 <<
60 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS 44 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
61 45
62 /* a perfect nop */ 46 /* a perfect nop */
63 int alg_test(const char *driver, const char *a 47 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
64 { 48 {
65 return 0; 49 return 0;
66 } 50 }
67 51
68 #else 52 #else
69 53
70 #include "testmgr.h" 54 #include "testmgr.h"
71 55
72 /* 56 /*
73 * Need slab memory for testing (size in numbe 57 * Need slab memory for testing (size in number of pages).
74 */ 58 */
75 #define XBUFSIZE 8 59 #define XBUFSIZE 8
76 60
77 /* 61 /*
>> 62 * Indexes into the xbuf to simulate cross-page access.
>> 63 */
>> 64 #define IDX1 32
>> 65 #define IDX2 32400
>> 66 #define IDX3 1511
>> 67 #define IDX4 8193
>> 68 #define IDX5 22222
>> 69 #define IDX6 17101
>> 70 #define IDX7 27333
>> 71 #define IDX8 3000
>> 72
>> 73 /*
78 * Used by test_cipher() 74 * Used by test_cipher()
79 */ 75 */
80 #define ENCRYPT 1 76 #define ENCRYPT 1
81 #define DECRYPT 0 77 #define DECRYPT 0
82 78
83 struct aead_test_suite { !! 79 struct tcrypt_result {
84 const struct aead_testvec *vecs; !! 80 struct completion completion;
85 unsigned int count; !! 81 int err;
86 !! 82 };
87 /* <<
88 * Set if trying to decrypt an inauthe <<
89 * algorithm might result in EINVAL ra <<
90 * validation the algorithm does on th <<
91 */ <<
92 unsigned int einval_allowed : 1; <<
93 83
94 /* !! 84 struct aead_test_suite {
95 * Set if this algorithm requires that !! 85 struct {
96 * the AAD buffer, in addition to bein !! 86 struct aead_testvec *vecs;
97 * behavior when the two IV copies dif !! 87 unsigned int count;
98 */ !! 88 } enc, dec;
99 unsigned int aad_iv : 1; <<
100 }; 89 };
101 90
102 struct cipher_test_suite { 91 struct cipher_test_suite {
103 const struct cipher_testvec *vecs; !! 92 struct {
104 unsigned int count; !! 93 struct cipher_testvec *vecs;
>> 94 unsigned int count;
>> 95 } enc, dec;
105 }; 96 };
106 97
107 struct comp_test_suite { 98 struct comp_test_suite {
108 struct { 99 struct {
109 const struct comp_testvec *vec !! 100 struct comp_testvec *vecs;
110 unsigned int count; 101 unsigned int count;
111 } comp, decomp; 102 } comp, decomp;
112 }; 103 };
113 104
114 struct hash_test_suite { 105 struct hash_test_suite {
115 const struct hash_testvec *vecs; !! 106 struct hash_testvec *vecs;
116 unsigned int count; 107 unsigned int count;
117 }; 108 };
118 109
119 struct cprng_test_suite { 110 struct cprng_test_suite {
120 const struct cprng_testvec *vecs; !! 111 struct cprng_testvec *vecs;
121 unsigned int count; 112 unsigned int count;
122 }; 113 };
123 114
124 struct drbg_test_suite { 115 struct drbg_test_suite {
125 const struct drbg_testvec *vecs; !! 116 struct drbg_testvec *vecs;
126 unsigned int count; 117 unsigned int count;
127 }; 118 };
128 119
129 struct akcipher_test_suite { 120 struct akcipher_test_suite {
130 const struct akcipher_testvec *vecs; !! 121 struct akcipher_testvec *vecs;
131 unsigned int count; 122 unsigned int count;
132 }; 123 };
133 124
134 struct kpp_test_suite { 125 struct kpp_test_suite {
135 const struct kpp_testvec *vecs; !! 126 struct kpp_testvec *vecs;
136 unsigned int count; 127 unsigned int count;
137 }; 128 };
138 129
139 struct alg_test_desc { 130 struct alg_test_desc {
140 const char *alg; 131 const char *alg;
141 const char *generic_driver; <<
142 int (*test)(const struct alg_test_desc 132 int (*test)(const struct alg_test_desc *desc, const char *driver,
143 u32 type, u32 mask); 133 u32 type, u32 mask);
144 int fips_allowed; /* set if alg 134 int fips_allowed; /* set if alg is allowed in fips mode */
145 135
146 union { 136 union {
147 struct aead_test_suite aead; 137 struct aead_test_suite aead;
148 struct cipher_test_suite ciphe 138 struct cipher_test_suite cipher;
149 struct comp_test_suite comp; 139 struct comp_test_suite comp;
150 struct hash_test_suite hash; 140 struct hash_test_suite hash;
151 struct cprng_test_suite cprng; 141 struct cprng_test_suite cprng;
152 struct drbg_test_suite drbg; 142 struct drbg_test_suite drbg;
153 struct akcipher_test_suite akc 143 struct akcipher_test_suite akcipher;
154 struct kpp_test_suite kpp; 144 struct kpp_test_suite kpp;
155 } suite; 145 } suite;
156 }; 146 };
157 147
>> 148 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
>> 149
158 static void hexdump(unsigned char *buf, unsign 150 static void hexdump(unsigned char *buf, unsigned int len)
159 { 151 {
160 print_hex_dump(KERN_CONT, "", DUMP_PRE 152 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
161 16, 1, 153 16, 1,
162 buf, len, false); 154 buf, len, false);
163 } 155 }
164 156
165 static int __testmgr_alloc_buf(char *buf[XBUFS !! 157 static void tcrypt_complete(struct crypto_async_request *req, int err)
>> 158 {
>> 159 struct tcrypt_result *res = req->data;
>> 160
>> 161 if (err == -EINPROGRESS)
>> 162 return;
>> 163
>> 164 res->err = err;
>> 165 complete(&res->completion);
>> 166 }
>> 167
>> 168 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
166 { 169 {
167 int i; 170 int i;
168 171
169 for (i = 0; i < XBUFSIZE; i++) { 172 for (i = 0; i < XBUFSIZE; i++) {
170 buf[i] = (char *)__get_free_pa !! 173 buf[i] = (void *)__get_free_page(GFP_KERNEL);
171 if (!buf[i]) 174 if (!buf[i])
172 goto err_free_buf; 175 goto err_free_buf;
173 } 176 }
174 177
175 return 0; 178 return 0;
176 179
177 err_free_buf: 180 err_free_buf:
178 while (i-- > 0) 181 while (i-- > 0)
179 free_pages((unsigned long)buf[ !! 182 free_page((unsigned long)buf[i]);
180 183
181 return -ENOMEM; 184 return -ENOMEM;
182 } 185 }
183 186
184 static int testmgr_alloc_buf(char *buf[XBUFSIZ !! 187 static void testmgr_free_buf(char *buf[XBUFSIZE])
185 { <<
186 return __testmgr_alloc_buf(buf, 0); <<
187 } <<
188 <<
189 static void __testmgr_free_buf(char *buf[XBUFS <<
190 { 188 {
191 int i; 189 int i;
192 190
193 for (i = 0; i < XBUFSIZE; i++) 191 for (i = 0; i < XBUFSIZE; i++)
194 free_pages((unsigned long)buf[ !! 192 free_page((unsigned long)buf[i]);
195 } <<
196 <<
197 static void testmgr_free_buf(char *buf[XBUFSIZ <<
198 { <<
199 __testmgr_free_buf(buf, 0); <<
200 } <<
201 <<
202 #define TESTMGR_POISON_BYTE 0xfe <<
203 #define TESTMGR_POISON_LEN 16 <<
204 <<
205 static inline void testmgr_poison(void *addr, <<
206 { <<
207 memset(addr, TESTMGR_POISON_BYTE, len) <<
208 } <<
209 <<
210 /* Is the memory region still fully poisoned? <<
211 static inline bool testmgr_is_poison(const voi <<
212 { <<
213 return memchr_inv(addr, TESTMGR_POISON <<
214 } <<
215 <<
216 /* flush type for hash algorithms */ <<
217 enum flush_type { <<
218 /* merge with update of previous buffe <<
219 FLUSH_TYPE_NONE = 0, <<
220 <<
221 /* update with previous buffer(s) befo <<
222 FLUSH_TYPE_FLUSH, <<
223 <<
224 /* likewise, but also export and re-im <<
225 FLUSH_TYPE_REIMPORT, <<
226 }; <<
227 <<
228 /* finalization function for hash algorithms * <<
229 enum finalization_type { <<
230 FINALIZATION_TYPE_FINAL, /* use <<
231 FINALIZATION_TYPE_FINUP, /* use <<
232 FINALIZATION_TYPE_DIGEST, /* use <<
233 }; <<
234 <<
235 /* <<
236 * Whether the crypto operation will occur in- <<
237 * source and destination scatterlist pointers <<
238 * req->dst), or whether they'll merely point <<
239 * (req->src != req->dst) that reference the s <<
240 * <<
241 * This is only relevant for algorithm types t <<
242 */ <<
243 enum inplace_mode { <<
244 OUT_OF_PLACE, <<
245 INPLACE_ONE_SGLIST, <<
246 INPLACE_TWO_SGLISTS, <<
247 }; <<
248 <<
249 #define TEST_SG_TOTAL 10000 <<
250 <<
251 /** <<
252 * struct test_sg_division - description of a <<
253 * <<
254 * This struct describes one entry of a scatte <<
255 * crypto test vector. <<
256 * <<
257 * @proportion_of_total: length of this chunk <<
258 * given as a proportion <<
259 * scales to fit any tes <<
260 * @offset: byte offset into a 2-page buffer a <<
261 * @offset_relative_to_alignmask: if true, add <<
262 * @offset <<
263 * @flush_type: for hashes, whether an update( <<
264 * continuing to accumulate data <<
265 * @nosimd: if doing the pending update(), do <<
266 */ <<
267 struct test_sg_division { <<
268 unsigned int proportion_of_total; <<
269 unsigned int offset; <<
270 bool offset_relative_to_alignmask; <<
271 enum flush_type flush_type; <<
272 bool nosimd; <<
273 }; <<
274 <<
275 /** <<
276 * struct testvec_config - configuration for t <<
277 * <<
278 * This struct describes the data layout and o <<
279 * crypto test vector can be tested. <<
280 * <<
281 * @name: name of this config, logged for debu <<
282 * @inplace_mode: whether and how to operate o <<
283 * @req_flags: extra request_flags, e.g. CRYPT <<
284 * @src_divs: description of how to arrange th <<
285 * @dst_divs: description of how to arrange th <<
286 * for the algorithm type. Default <<
287 * @iv_offset: misalignment of the IV in the r <<
288 * where 0 is aligned to a 2*(MAX_ <<
289 * @iv_offset_relative_to_alignmask: if true, <<
290 * the @iv_o <<
291 * @key_offset: misalignment of the key, where <<
292 * @key_offset_relative_to_alignmask: if true, <<
293 * the @key <<
294 * @finalization_type: what finalization funct <<
295 * @nosimd: execute with SIMD disabled? Requi <<
296 * This applies to the parts of the o <<
297 * individually by @nosimd_setkey or <<
298 * @nosimd_setkey: set the key (if applicable) <<
299 * !CRYPTO_TFM_REQ_MAY_SLEEP. <<
300 */ <<
301 struct testvec_config { <<
302 const char *name; <<
303 enum inplace_mode inplace_mode; <<
304 u32 req_flags; <<
305 struct test_sg_division src_divs[XBUFS <<
306 struct test_sg_division dst_divs[XBUFS <<
307 unsigned int iv_offset; <<
308 unsigned int key_offset; <<
309 bool iv_offset_relative_to_alignmask; <<
310 bool key_offset_relative_to_alignmask; <<
311 enum finalization_type finalization_ty <<
312 bool nosimd; <<
313 bool nosimd_setkey; <<
314 }; <<
315 <<
316 #define TESTVEC_CONFIG_NAMELEN 192 <<
317 <<
318 /* <<
319 * The following are the lists of testvec_conf <<
320 * type when the basic crypto self-tests are e <<
321 * CONFIG_CRYPTO_MANAGER_DISABLE_TESTS is unse <<
322 * coverage, while keeping the test time much <<
323 * so that the basic tests can be enabled in a <<
324 */ <<
325 <<
326 /* Configs for skciphers and aeads */ <<
327 static const struct testvec_config default_cip <<
328 { <<
329 .name = "in-place (one sglist) <<
330 .inplace_mode = INPLACE_ONE_SG <<
331 .src_divs = { { .proportion_of <<
332 }, { <<
333 .name = "in-place (two sglists <<
334 .inplace_mode = INPLACE_TWO_SG <<
335 .src_divs = { { .proportion_of <<
336 }, { <<
337 .name = "out-of-place", <<
338 .inplace_mode = OUT_OF_PLACE, <<
339 .src_divs = { { .proportion_of <<
340 }, { <<
341 .name = "unaligned buffer, off <<
342 .src_divs = { { .proportion_of <<
343 .iv_offset = 1, <<
344 .key_offset = 1, <<
345 }, { <<
346 .name = "buffer aligned only t <<
347 .src_divs = { <<
348 { <<
349 .proportion_of <<
350 .offset = 1, <<
351 .offset_relati <<
352 }, <<
353 }, <<
354 .iv_offset = 1, <<
355 .iv_offset_relative_to_alignma <<
356 .key_offset = 1, <<
357 .key_offset_relative_to_alignm <<
358 }, { <<
359 .name = "two even aligned spli <<
360 .src_divs = { <<
361 { .proportion_of_total <<
362 { .proportion_of_total <<
363 }, <<
364 }, { <<
365 .name = "one src, two even spl <<
366 .inplace_mode = OUT_OF_PLACE, <<
367 .src_divs = { { .proportion_of <<
368 .dst_divs = { <<
369 { .proportion_of_total <<
370 { .proportion_of_total <<
371 }, <<
372 }, { <<
373 .name = "uneven misaligned spl <<
374 .req_flags = CRYPTO_TFM_REQ_MA <<
375 .src_divs = { <<
376 { .proportion_of_total <<
377 { .proportion_of_total <<
378 { .proportion_of_total <<
379 }, <<
380 .iv_offset = 3, <<
381 .key_offset = 3, <<
382 }, { <<
383 .name = "misaligned splits cro <<
384 .inplace_mode = INPLACE_ONE_SG <<
385 .src_divs = { <<
386 { <<
387 .proportion_of <<
388 .offset = PAGE <<
389 }, { <<
390 .proportion_of <<
391 .offset = PAGE <<
392 }, <<
393 }, <<
394 } <<
395 }; <<
396 <<
397 static const struct testvec_config default_has <<
398 { <<
399 .name = "init+update+final ali <<
400 .src_divs = { { .proportion_of <<
401 .finalization_type = FINALIZAT <<
402 }, { <<
403 .name = "init+finup aligned bu <<
404 .src_divs = { { .proportion_of <<
405 .finalization_type = FINALIZAT <<
406 }, { <<
407 .name = "digest aligned buffer <<
408 .src_divs = { { .proportion_of <<
409 .finalization_type = FINALIZAT <<
410 }, { <<
411 .name = "init+update+final mis <<
412 .src_divs = { { .proportion_of <<
413 .finalization_type = FINALIZAT <<
414 .key_offset = 1, <<
415 }, { <<
416 .name = "digest misaligned buf <<
417 .src_divs = { <<
418 { <<
419 .proportion_of <<
420 .offset = 1, <<
421 }, <<
422 }, <<
423 .finalization_type = FINALIZAT <<
424 .key_offset = 1, <<
425 }, { <<
426 .name = "init+update+update+fi <<
427 .src_divs = { <<
428 { .proportion_of_total <<
429 { <<
430 .proportion_of <<
431 .flush_type = <<
432 }, <<
433 }, <<
434 .finalization_type = FINALIZAT <<
435 }, { <<
436 .name = "digest uneven misalig <<
437 .req_flags = CRYPTO_TFM_REQ_MA <<
438 .src_divs = { <<
439 { .proportion_of_total <<
440 { .proportion_of_total <<
441 { .proportion_of_total <<
442 }, <<
443 .finalization_type = FINALIZAT <<
444 }, { <<
445 .name = "digest misaligned spl <<
446 .src_divs = { <<
447 { <<
448 .proportion_of <<
449 .offset = PAGE <<
450 }, { <<
451 .proportion_of <<
452 .offset = PAGE <<
453 }, <<
454 }, <<
455 .finalization_type = FINALIZAT <<
456 }, { <<
457 .name = "import/export", <<
458 .src_divs = { <<
459 { <<
460 .proportion_of <<
461 .flush_type = <<
462 }, { <<
463 .proportion_of <<
464 .flush_type = <<
465 }, <<
466 }, <<
467 .finalization_type = FINALIZAT <<
468 } <<
469 }; <<
470 <<
471 static unsigned int count_test_sg_divisions(co <<
472 { <<
473 unsigned int remaining = TEST_SG_TOTAL <<
474 unsigned int ndivs = 0; <<
475 <<
476 do { <<
477 remaining -= divs[ndivs++].pro <<
478 } while (remaining); <<
479 <<
480 return ndivs; <<
481 } <<
482 <<
483 #define SGDIVS_HAVE_FLUSHES BIT(0) <<
484 #define SGDIVS_HAVE_NOSIMD BIT(1) <<
485 <<
486 static bool valid_sg_divisions(const struct te <<
487 unsigned int co <<
488 { <<
489 unsigned int total = 0; <<
490 unsigned int i; <<
491 <<
492 for (i = 0; i < count && total != TEST <<
493 if (divs[i].proportion_of_tota <<
494 divs[i].proportion_of_tota <<
495 return false; <<
496 total += divs[i].proportion_of <<
497 if (divs[i].flush_type != FLUS <<
498 *flags_ret |= SGDIVS_H <<
499 if (divs[i].nosimd) <<
500 *flags_ret |= SGDIVS_H <<
501 } <<
502 return total == TEST_SG_TOTAL && <<
503 memchr_inv(&divs[i], 0, (count <<
504 } <<
505 <<
506 /* <<
507 * Check whether the given testvec_config is v <<
508 * since every testvec_config should be valid, <<
509 * don't unknowingly add broken configs that d <<
510 */ <<
511 static bool valid_testvec_config(const struct <<
512 { <<
513 int flags = 0; <<
514 <<
515 if (cfg->name == NULL) <<
516 return false; <<
517 <<
518 if (!valid_sg_divisions(cfg->src_divs, <<
519 &flags)) <<
520 return false; <<
521 <<
522 if (cfg->dst_divs[0].proportion_of_tot <<
523 if (!valid_sg_divisions(cfg->d <<
524 ARRAY_ <<
525 return false; <<
526 } else { <<
527 if (memchr_inv(cfg->dst_divs, <<
528 return false; <<
529 /* defaults to dst_divs=src_di <<
530 } <<
531 <<
532 if (cfg->iv_offset + <<
533 (cfg->iv_offset_relative_to_alignm <<
534 MAX_ALGAPI_ALIGNMASK + 1) <<
535 return false; <<
536 <<
537 if ((flags & (SGDIVS_HAVE_FLUSHES | SG <<
538 cfg->finalization_type == FINALIZA <<
539 return false; <<
540 <<
541 if ((cfg->nosimd || cfg->nosimd_setkey <<
542 (flags & SGDIVS_HAVE_NOSIMD)) && <<
543 (cfg->req_flags & CRYPTO_TFM_REQ_M <<
544 return false; <<
545 <<
546 return true; <<
547 } <<
548 <<
549 struct test_sglist { <<
550 char *bufs[XBUFSIZE]; <<
551 struct scatterlist sgl[XBUFSIZE]; <<
552 struct scatterlist sgl_saved[XBUFSIZE] <<
553 struct scatterlist *sgl_ptr; <<
554 unsigned int nents; <<
555 }; <<
556 <<
557 static int init_test_sglist(struct test_sglist <<
558 { <<
559 return __testmgr_alloc_buf(tsgl->bufs, <<
560 } <<
561 <<
562 static void destroy_test_sglist(struct test_sg <<
563 { <<
564 return __testmgr_free_buf(tsgl->bufs, <<
565 } 193 }
566 194
567 /** !! 195 static int wait_async_op(struct tcrypt_result *tr, int ret)
568 * build_test_sglist() - build a scatterlist f <<
569 * <<
570 * @tsgl: the scatterlist to build. @tsgl->bu <<
571 * buffers which the scatterlist @tsgl- <<
572 * @divs: the layout specification on which th <<
573 * @alignmask: the algorithm's alignmask <<
574 * @total_len: the total length of the scatter <<
575 * @data: if non-NULL, the buffers will be fil <<
576 * Otherwise the buffers will be poison <<
577 * past the end of each buffer will be <<
578 * @out_divs: if non-NULL, the test_sg_divisio <<
579 * corresponds will be returned her <<
580 * that divisions resolving to a le <<
581 * not included in the scatterlist. <<
582 * <<
583 * Return: 0 or a -errno value <<
584 */ <<
585 static int build_test_sglist(struct test_sglis <<
586 const struct test <<
587 const unsigned in <<
588 const unsigned in <<
589 struct iov_iter * <<
590 const struct test <<
591 { 196 {
592 struct { !! 197 if (ret == -EINPROGRESS || ret == -EBUSY) {
593 const struct test_sg_division !! 198 wait_for_completion(&tr->completion);
594 size_t length; !! 199 reinit_completion(&tr->completion);
595 } partitions[XBUFSIZE]; !! 200 ret = tr->err;
596 const unsigned int ndivs = count_test_ <<
597 unsigned int len_remaining = total_len <<
598 unsigned int i; <<
599 <<
600 BUILD_BUG_ON(ARRAY_SIZE(partitions) != <<
601 if (WARN_ON(ndivs > ARRAY_SIZE(partiti <<
602 return -EINVAL; <<
603 <<
604 /* Calculate the (div, length) pairs * <<
605 tsgl->nents = 0; <<
606 for (i = 0; i < ndivs; i++) { <<
607 unsigned int len_this_sg = <<
608 min(len_remaining, <<
609 (total_len * divs[ <<
610 TEST_SG_TOTAL / 2 <<
611 <<
612 if (len_this_sg != 0) { <<
613 partitions[tsgl->nents <<
614 partitions[tsgl->nents <<
615 tsgl->nents++; <<
616 len_remaining -= len_t <<
617 } <<
618 } <<
619 if (tsgl->nents == 0) { <<
620 partitions[tsgl->nents].div = <<
621 partitions[tsgl->nents].length <<
622 tsgl->nents++; <<
623 } <<
624 partitions[tsgl->nents - 1].length += <<
625 <<
626 /* Set up the sgl entries and fill the <<
627 sg_init_table(tsgl->sgl, tsgl->nents); <<
628 for (i = 0; i < tsgl->nents; i++) { <<
629 unsigned int offset = partitio <<
630 void *addr; <<
631 <<
632 if (partitions[i].div->offset_ <<
633 offset += alignmask; <<
634 <<
635 while (offset + partitions[i]. <<
636 2 * PAGE_SIZE) { <<
637 if (WARN_ON(offset <= <<
638 return -EINVAL <<
639 offset /= 2; <<
640 } <<
641 <<
642 addr = &tsgl->bufs[i][offset]; <<
643 sg_set_buf(&tsgl->sgl[i], addr <<
644 <<
645 if (out_divs) <<
646 out_divs[i] = partitio <<
647 <<
648 if (data) { <<
649 size_t copy_len, copie <<
650 <<
651 copy_len = min(partiti <<
652 copied = copy_from_ite <<
653 if (WARN_ON(copied != <<
654 return -EINVAL <<
655 testmgr_poison(addr + <<
656 TESTMGR <<
657 } else { <<
658 testmgr_poison(addr, p <<
659 TESTMGR <<
660 } <<
661 } 201 }
662 !! 202 return ret;
663 sg_mark_end(&tsgl->sgl[tsgl->nents - 1 <<
664 tsgl->sgl_ptr = tsgl->sgl; <<
665 memcpy(tsgl->sgl_saved, tsgl->sgl, tsg <<
666 return 0; <<
667 } 203 }
668 204
669 /* !! 205 static int ahash_partial_update(struct ahash_request **preq,
670 * Verify that a scatterlist crypto operation !! 206 struct crypto_ahash *tfm, struct hash_testvec *template,
671 * !! 207 void *hash_buff, int k, int temp, struct scatterlist *sg,
672 * @tsgl: scatterlist containing the actual ou !! 208 const char *algo, char *result, struct tcrypt_result *tresult)
673 * @expected_output: buffer containing the exp !! 209 {
674 * @len_to_check: length of @expected_output i !! 210 char *state;
675 * @unchecked_prefix_len: number of ignored by !! 211 struct ahash_request *req;
676 * @check_poison: verify that the poison bytes !! 212 int statesize, ret = -EINVAL;
677 * !! 213 const char guard[] = { 0x00, 0xba, 0xad, 0x00 };
678 * Return: 0 if correct, -EINVAL if incorrect, !! 214
679 */ !! 215 req = *preq;
680 static int verify_correct_output(const struct !! 216 statesize = crypto_ahash_statesize(
681 const char *e !! 217 crypto_ahash_reqtfm(req));
682 unsigned int !! 218 state = kmalloc(statesize + sizeof(guard), GFP_KERNEL);
683 unsigned int !! 219 if (!state) {
684 bool check_po !! 220 pr_err("alt: hash: Failed to alloc state for %s\n", algo);
685 { !! 221 goto out_nostate;
686 unsigned int i; !! 222 }
687 !! 223 memcpy(state + statesize, guard, sizeof(guard));
688 for (i = 0; i < tsgl->nents; i++) { !! 224 ret = crypto_ahash_export(req, state);
689 struct scatterlist *sg = &tsgl !! 225 WARN_ON(memcmp(state + statesize, guard, sizeof(guard)));
690 unsigned int len = sg->length; !! 226 if (ret) {
691 unsigned int offset = sg->offs !! 227 pr_err("alt: hash: Failed to export() for %s\n", algo);
692 const char *actual_output; !! 228 goto out;
693 <<
694 if (unchecked_prefix_len) { <<
695 if (unchecked_prefix_l <<
696 unchecked_pref <<
697 continue; <<
698 } <<
699 offset += unchecked_pr <<
700 len -= unchecked_prefi <<
701 unchecked_prefix_len = <<
702 } <<
703 len = min(len, len_to_check); <<
704 actual_output = page_address(s <<
705 if (memcmp(expected_output, ac <<
706 return -EINVAL; <<
707 if (check_poison && <<
708 !testmgr_is_poison(actual_ <<
709 return -EOVERFLOW; <<
710 len_to_check -= len; <<
711 expected_output += len; <<
712 } 229 }
713 if (WARN_ON(len_to_check != 0)) !! 230 ahash_request_free(req);
714 return -EINVAL; !! 231 req = ahash_request_alloc(tfm, GFP_KERNEL);
715 return 0; !! 232 if (!req) {
716 } !! 233 pr_err("alg: hash: Failed to alloc request for %s\n", algo);
717 !! 234 goto out_noreq;
718 static bool is_test_sglist_corrupted(const str <<
719 { <<
720 unsigned int i; <<
721 <<
722 for (i = 0; i < tsgl->nents; i++) { <<
723 if (tsgl->sgl[i].page_link != <<
724 return true; <<
725 if (tsgl->sgl[i].offset != tsg <<
726 return true; <<
727 if (tsgl->sgl[i].length != tsg <<
728 return true; <<
729 } 235 }
730 return false; !! 236 ahash_request_set_callback(req,
731 } !! 237 CRYPTO_TFM_REQ_MAY_BACKLOG,
732 !! 238 tcrypt_complete, tresult);
733 struct cipher_test_sglists { !! 239
734 struct test_sglist src; !! 240 memcpy(hash_buff, template->plaintext + temp,
735 struct test_sglist dst; !! 241 template->tap[k]);
736 }; !! 242 sg_init_one(&sg[0], hash_buff, template->tap[k]);
737 !! 243 ahash_request_set_crypt(req, sg, result, template->tap[k]);
738 static struct cipher_test_sglists *alloc_ciphe !! 244 ret = crypto_ahash_import(req, state);
739 { !! 245 if (ret) {
740 struct cipher_test_sglists *tsgls; !! 246 pr_err("alg: hash: Failed to import() for %s\n", algo);
741 !! 247 goto out;
742 tsgls = kmalloc(sizeof(*tsgls), GFP_KE <<
743 if (!tsgls) <<
744 return NULL; <<
745 <<
746 if (init_test_sglist(&tsgls->src) != 0 <<
747 goto fail_kfree; <<
748 if (init_test_sglist(&tsgls->dst) != 0 <<
749 goto fail_destroy_src; <<
750 <<
751 return tsgls; <<
752 <<
753 fail_destroy_src: <<
754 destroy_test_sglist(&tsgls->src); <<
755 fail_kfree: <<
756 kfree(tsgls); <<
757 return NULL; <<
758 } <<
759 <<
760 static void free_cipher_test_sglists(struct ci <<
761 { <<
762 if (tsgls) { <<
763 destroy_test_sglist(&tsgls->sr <<
764 destroy_test_sglist(&tsgls->ds <<
765 kfree(tsgls); <<
766 } 248 }
>> 249 ret = wait_async_op(tresult, crypto_ahash_update(req));
>> 250 if (ret)
>> 251 goto out;
>> 252 *preq = req;
>> 253 ret = 0;
>> 254 goto out_noreq;
>> 255 out:
>> 256 ahash_request_free(req);
>> 257 out_noreq:
>> 258 kfree(state);
>> 259 out_nostate:
>> 260 return ret;
767 } 261 }
768 262
769 /* Build the src and dst scatterlists for an s !! 263 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
770 static int build_cipher_test_sglists(struct ci !! 264 unsigned int tcount, bool use_digest,
771 const str !! 265 const int align_offset)
772 unsigned !! 266 {
773 unsigned !! 267 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
774 unsigned !! 268 unsigned int i, j, k, temp;
775 const str !! 269 struct scatterlist sg[8];
776 unsigned !! 270 char *result;
777 { !! 271 char *key;
778 struct iov_iter input; !! 272 struct ahash_request *req;
779 int err; !! 273 struct tcrypt_result tresult;
780 !! 274 void *hash_buff;
781 iov_iter_kvec(&input, ITER_SOURCE, inp !! 275 char *xbuf[XBUFSIZE];
782 err = build_test_sglist(&tsgls->src, c !! 276 int ret = -ENOMEM;
783 cfg->inplace_m <<
784 max(ds <<
785 src_to <<
786 &input, NULL); <<
787 if (err) <<
788 return err; <<
789 277
790 /* !! 278 result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
791 * In-place crypto operations can use !! 279 if (!result)
792 * source and destination (req->src == !! 280 return ret;
793 * scatterlists (req->src != req->dst) !! 281 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
794 * underlying memory. Make sure to te !! 282 if (!key)
795 */ !! 283 goto out_nobuf;
796 if (cfg->inplace_mode == INPLACE_ONE_S !! 284 if (testmgr_alloc_buf(xbuf))
797 tsgls->dst.sgl_ptr = tsgls->sr !! 285 goto out_nobuf;
798 tsgls->dst.nents = tsgls->src. <<
799 return 0; <<
800 } <<
801 if (cfg->inplace_mode == INPLACE_TWO_S <<
802 /* <<
803 * For now we keep it simple a <<
804 * two scatterlists have ident <<
805 * different entries that spli <<
806 */ <<
807 memcpy(tsgls->dst.sgl, tsgls-> <<
808 tsgls->src.nents * size <<
809 memcpy(tsgls->dst.sgl_saved, t <<
810 tsgls->src.nents * size <<
811 tsgls->dst.sgl_ptr = tsgls->ds <<
812 tsgls->dst.nents = tsgls->src. <<
813 return 0; <<
814 } <<
815 /* Out of place */ <<
816 return build_test_sglist(&tsgls->dst, <<
817 cfg->dst_divs <<
818 cfg->d <<
819 alignmask, ds <<
820 } <<
821 286
822 /* !! 287 init_completion(&tresult.completion);
823 * Support for testing passing a misaligned ke <<
824 * <<
825 * If cfg->key_offset is set, copy the key int <<
826 * optionally adding alignmask. Else, just us <<
827 */ <<
828 static int prepare_keybuf(const u8 *key, unsig <<
829 const struct testvec <<
830 unsigned int alignma <<
831 const u8 **keybuf_re <<
832 { <<
833 unsigned int key_offset = cfg->key_off <<
834 u8 *keybuf = NULL, *keyptr = (u8 *)key <<
835 288
836 if (key_offset != 0) { !! 289 req = ahash_request_alloc(tfm, GFP_KERNEL);
837 if (cfg->key_offset_relative_t !! 290 if (!req) {
838 key_offset += alignmas !! 291 printk(KERN_ERR "alg: hash: Failed to allocate request for "
839 keybuf = kmalloc(key_offset + !! 292 "%s\n", algo);
840 if (!keybuf) !! 293 goto out_noreq;
841 return -ENOMEM; <<
842 keyptr = keybuf + key_offset; <<
843 memcpy(keyptr, key, ksize); <<
844 } 294 }
845 *keybuf_ret = keybuf; !! 295 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
846 *keyptr_ret = keyptr; !! 296 tcrypt_complete, &tresult);
847 return 0; <<
848 } <<
849 <<
850 /* <<
851 * Like setkey_f(tfm, key, ksize), but sometim <<
852 * In addition, run the setkey function in no- <<
853 */ <<
854 #define do_setkey(setkey_f, tfm, key, ksize, c <<
855 ({ <<
856 const u8 *keybuf, *keyptr; <<
857 int err; <<
858 <<
859 err = prepare_keybuf((key), (ksize), ( <<
860 &keybuf, &keyptr) <<
861 if (err == 0) { <<
862 if ((cfg)->nosimd_setkey) <<
863 crypto_disable_simd_fo <<
864 err = setkey_f((tfm), keyptr, <<
865 if ((cfg)->nosimd_setkey) <<
866 crypto_reenable_simd_f <<
867 kfree(keybuf); <<
868 } <<
869 err; <<
870 }) <<
871 297
872 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS !! 298 j = 0;
873 !! 299 for (i = 0; i < tcount; i++) {
874 /* !! 300 if (template[i].np)
875 * The fuzz tests use prandom instead of the n !! 301 continue;
876 * need cryptographically secure random number <<
877 * performance of these tests, especially if t <<
878 * has been initialized or if they are run on <<
879 */ <<
880 <<
881 static inline void init_rnd_state(struct rnd_s <<
882 { <<
883 prandom_seed_state(rng, get_random_u64 <<
884 } <<
885 <<
886 static inline u8 prandom_u8(struct rnd_state * <<
887 { <<
888 return prandom_u32_state(rng); <<
889 } <<
890 <<
891 static inline u32 prandom_u32_below(struct rnd <<
892 { <<
893 /* <<
894 * This is slightly biased for non-pow <<
895 * isn't important here. <<
896 */ <<
897 return prandom_u32_state(rng) % ceil; <<
898 } <<
899 <<
900 static inline bool prandom_bool(struct rnd_sta <<
901 { <<
902 return prandom_u32_below(rng, 2); <<
903 } <<
904 <<
905 static inline u32 prandom_u32_inclusive(struct <<
906 u32 fl <<
907 { <<
908 return floor + prandom_u32_below(rng, <<
909 } <<
910 302
911 /* Generate a random length in range [0, max_l !! 303 ret = -EINVAL;
912 static unsigned int generate_random_length(str !! 304 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
913 uns !! 305 goto out;
914 { <<
915 unsigned int len = prandom_u32_below(r <<
916 306
917 switch (prandom_u32_below(rng, 4)) { !! 307 j++;
918 case 0: !! 308 memset(result, 0, MAX_DIGEST_SIZE);
919 len %= 64; <<
920 break; <<
921 case 1: <<
922 len %= 256; <<
923 break; <<
924 case 2: <<
925 len %= 1024; <<
926 break; <<
927 default: <<
928 break; <<
929 } <<
930 if (len && prandom_u32_below(rng, 4) = <<
931 len = rounddown_pow_of_two(len <<
932 return len; <<
933 } <<
934 309
935 /* Flip a random bit in the given nonempty dat !! 310 hash_buff = xbuf[0];
936 static void flip_random_bit(struct rnd_state * !! 311 hash_buff += align_offset;
937 { <<
938 size_t bitpos; <<
939 312
940 bitpos = prandom_u32_below(rng, size * !! 313 memcpy(hash_buff, template[i].plaintext, template[i].psize);
941 buf[bitpos / 8] ^= 1 << (bitpos % 8); !! 314 sg_init_one(&sg[0], hash_buff, template[i].psize);
942 } <<
943 315
944 /* Flip a random byte in the given nonempty da !! 316 if (template[i].ksize) {
945 static void flip_random_byte(struct rnd_state !! 317 crypto_ahash_clear_flags(tfm, ~0);
946 { !! 318 if (template[i].ksize > MAX_KEYLEN) {
947 buf[prandom_u32_below(rng, size)] ^= 0 !! 319 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
948 } !! 320 j, algo, template[i].ksize, MAX_KEYLEN);
>> 321 ret = -EINVAL;
>> 322 goto out;
>> 323 }
>> 324 memcpy(key, template[i].key, template[i].ksize);
>> 325 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
>> 326 if (ret) {
>> 327 printk(KERN_ERR "alg: hash: setkey failed on "
>> 328 "test %d for %s: ret=%d\n", j, algo,
>> 329 -ret);
>> 330 goto out;
>> 331 }
>> 332 }
949 333
950 /* Sometimes make some random changes to the g !! 334 ahash_request_set_crypt(req, sg, result, template[i].psize);
951 static void mutate_buffer(struct rnd_state *rn !! 335 if (use_digest) {
952 { !! 336 ret = wait_async_op(&tresult, crypto_ahash_digest(req));
953 size_t num_flips; !! 337 if (ret) {
954 size_t i; !! 338 pr_err("alg: hash: digest failed on test %d "
>> 339 "for %s: ret=%d\n", j, algo, -ret);
>> 340 goto out;
>> 341 }
>> 342 } else {
>> 343 ret = wait_async_op(&tresult, crypto_ahash_init(req));
>> 344 if (ret) {
>> 345 pr_err("alt: hash: init failed on test %d "
>> 346 "for %s: ret=%d\n", j, algo, -ret);
>> 347 goto out;
>> 348 }
>> 349 ret = wait_async_op(&tresult, crypto_ahash_update(req));
>> 350 if (ret) {
>> 351 pr_err("alt: hash: update failed on test %d "
>> 352 "for %s: ret=%d\n", j, algo, -ret);
>> 353 goto out;
>> 354 }
>> 355 ret = wait_async_op(&tresult, crypto_ahash_final(req));
>> 356 if (ret) {
>> 357 pr_err("alt: hash: final failed on test %d "
>> 358 "for %s: ret=%d\n", j, algo, -ret);
>> 359 goto out;
>> 360 }
>> 361 }
955 362
956 /* Sometimes flip some bits */ !! 363 if (memcmp(result, template[i].digest,
957 if (prandom_u32_below(rng, 4) == 0) { !! 364 crypto_ahash_digestsize(tfm))) {
958 num_flips = min_t(size_t, 1 << !! 365 printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
959 size * 8); !! 366 j, algo);
960 for (i = 0; i < num_flips; i++ !! 367 hexdump(result, crypto_ahash_digestsize(tfm));
961 flip_random_bit(rng, b !! 368 ret = -EINVAL;
962 } !! 369 goto out;
963 !! 370 }
964 /* Sometimes flip some bytes */ <<
965 if (prandom_u32_below(rng, 4) == 0) { <<
966 num_flips = min_t(size_t, 1 << <<
967 for (i = 0; i < num_flips; i++ <<
968 flip_random_byte(rng, <<
969 } 371 }
970 } <<
971 <<
972 /* Randomly generate 'count' bytes, but someti <<
973 static void generate_random_bytes(struct rnd_s <<
974 { <<
975 u8 b; <<
976 u8 increment; <<
977 size_t i; <<
978 <<
979 if (count == 0) <<
980 return; <<
981 372
982 switch (prandom_u32_below(rng, 8)) { / !! 373 j = 0;
983 case 0: !! 374 for (i = 0; i < tcount; i++) {
984 case 1: !! 375 /* alignment tests are only done with continuous buffers */
985 /* All the same byte, plus opt !! 376 if (align_offset != 0)
986 switch (prandom_u32_below(rng, <<
987 case 0: <<
988 b = 0x00; <<
989 break; <<
990 case 1: <<
991 b = 0xff; <<
992 break; <<
993 default: <<
994 b = prandom_u8(rng); <<
995 break; 377 break;
996 } <<
997 memset(buf, b, count); <<
998 mutate_buffer(rng, buf, count) <<
999 break; <<
1000 case 2: <<
1001 /* Ascending or descending by <<
1002 increment = prandom_u8(rng); <<
1003 b = prandom_u8(rng); <<
1004 for (i = 0; i < count; i++, b <<
1005 buf[i] = b; <<
1006 mutate_buffer(rng, buf, count <<
1007 break; <<
1008 default: <<
1009 /* Fully random bytes */ <<
1010 prandom_bytes_state(rng, buf, <<
1011 } <<
1012 } <<
1013 378
1014 static char *generate_random_sgl_divisions(st !! 379 if (!template[i].np)
1015 st !! 380 continue;
1016 si <<
1017 bo <<
1018 { <<
1019 struct test_sg_division *div = divs; <<
1020 unsigned int remaining = TEST_SG_TOTA <<
1021 381
1022 do { !! 382 j++;
1023 unsigned int this_len; !! 383 memset(result, 0, MAX_DIGEST_SIZE);
1024 const char *flushtype_str; <<
1025 384
1026 if (div == &divs[max_divs - 1 !! 385 temp = 0;
1027 this_len = remaining; !! 386 sg_init_table(sg, template[i].np);
1028 else if (prandom_u32_below(rn !! 387 ret = -EINVAL;
1029 this_len = (remaining !! 388 for (k = 0; k < template[i].np; k++) {
1030 else !! 389 if (WARN_ON(offset_in_page(IDX[k]) +
1031 this_len = prandom_u3 !! 390 template[i].tap[k] > PAGE_SIZE))
1032 div->proportion_of_total = th !! 391 goto out;
>> 392 sg_set_buf(&sg[k],
>> 393 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
>> 394 offset_in_page(IDX[k]),
>> 395 template[i].plaintext + temp,
>> 396 template[i].tap[k]),
>> 397 template[i].tap[k]);
>> 398 temp += template[i].tap[k];
>> 399 }
1033 400
1034 if (prandom_u32_below(rng, 4) !! 401 if (template[i].ksize) {
1035 div->offset = prandom !! 402 if (template[i].ksize > MAX_KEYLEN) {
1036 !! 403 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
1037 !! 404 j, algo, template[i].ksize, MAX_KEYLEN);
1038 else if (prandom_bool(rng)) !! 405 ret = -EINVAL;
1039 div->offset = prandom !! 406 goto out;
1040 else !! 407 }
1041 div->offset = prandom !! 408 crypto_ahash_clear_flags(tfm, ~0);
1042 if (prandom_u32_below(rng, 8) !! 409 memcpy(key, template[i].key, template[i].ksize);
1043 div->offset_relative_ !! 410 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
1044 !! 411
1045 div->flush_type = FLUSH_TYPE_ !! 412 if (ret) {
1046 if (gen_flushes) { !! 413 printk(KERN_ERR "alg: hash: setkey "
1047 switch (prandom_u32_b !! 414 "failed on chunking test %d "
1048 case 0: !! 415 "for %s: ret=%d\n", j, algo, -ret);
1049 div->flush_ty !! 416 goto out;
1050 break; <<
1051 case 1: <<
1052 div->flush_ty <<
1053 break; <<
1054 } 417 }
1055 } 418 }
1056 419
1057 if (div->flush_type != FLUSH_ !! 420 ahash_request_set_crypt(req, sg, result, template[i].psize);
1058 !(req_flags & CRYPTO_TFM_ !! 421 ret = crypto_ahash_digest(req);
1059 prandom_bool(rng)) !! 422 switch (ret) {
1060 div->nosimd = true; !! 423 case 0:
1061 <<
1062 switch (div->flush_type) { <<
1063 case FLUSH_TYPE_FLUSH: <<
1064 if (div->nosimd) <<
1065 flushtype_str <<
1066 else <<
1067 flushtype_str <<
1068 break; <<
1069 case FLUSH_TYPE_REIMPORT: <<
1070 if (div->nosimd) <<
1071 flushtype_str <<
1072 else <<
1073 flushtype_str <<
1074 break; 424 break;
>> 425 case -EINPROGRESS:
>> 426 case -EBUSY:
>> 427 wait_for_completion(&tresult.completion);
>> 428 reinit_completion(&tresult.completion);
>> 429 ret = tresult.err;
>> 430 if (!ret)
>> 431 break;
>> 432 /* fall through */
1075 default: 433 default:
1076 flushtype_str = ""; !! 434 printk(KERN_ERR "alg: hash: digest failed "
1077 break; !! 435 "on chunking test %d for %s: "
>> 436 "ret=%d\n", j, algo, -ret);
>> 437 goto out;
1078 } 438 }
1079 439
1080 BUILD_BUG_ON(TEST_SG_TOTAL != !! 440 if (memcmp(result, template[i].digest,
1081 p += scnprintf(p, end - p, "% !! 441 crypto_ahash_digestsize(tfm))) {
1082 this_len / 100 !! 442 printk(KERN_ERR "alg: hash: Chunking test %d "
1083 div->offset_re !! 443 "failed for %s\n", j, algo);
1084 "alig !! 444 hexdump(result, crypto_ahash_digestsize(tfm));
1085 div->offset, t !! 445 ret = -EINVAL;
1086 remaining -= this_len; !! 446 goto out;
1087 div++; !! 447 }
1088 } while (remaining); <<
1089 <<
1090 return p; <<
1091 } <<
1092 <<
1093 /* Generate a random testvec_config for fuzz <<
1094 static void generate_random_testvec_config(st <<
1095 st <<
1096 ch <<
1097 { <<
1098 char *p = name; <<
1099 char * const end = name + max_namelen <<
1100 <<
1101 memset(cfg, 0, sizeof(*cfg)); <<
1102 <<
1103 cfg->name = name; <<
1104 <<
1105 p += scnprintf(p, end - p, "random:") <<
1106 <<
1107 switch (prandom_u32_below(rng, 4)) { <<
1108 case 0: <<
1109 case 1: <<
1110 cfg->inplace_mode = OUT_OF_PL <<
1111 break; <<
1112 case 2: <<
1113 cfg->inplace_mode = INPLACE_O <<
1114 p += scnprintf(p, end - p, " <<
1115 break; <<
1116 default: <<
1117 cfg->inplace_mode = INPLACE_T <<
1118 p += scnprintf(p, end - p, " <<
1119 break; <<
1120 } <<
1121 <<
1122 if (prandom_bool(rng)) { <<
1123 cfg->req_flags |= CRYPTO_TFM_ <<
1124 p += scnprintf(p, end - p, " <<
1125 } <<
1126 <<
1127 switch (prandom_u32_below(rng, 4)) { <<
1128 case 0: <<
1129 cfg->finalization_type = FINA <<
1130 p += scnprintf(p, end - p, " <<
1131 break; <<
1132 case 1: <<
1133 cfg->finalization_type = FINA <<
1134 p += scnprintf(p, end - p, " <<
1135 break; <<
1136 default: <<
1137 cfg->finalization_type = FINA <<
1138 p += scnprintf(p, end - p, " <<
1139 break; <<
1140 } <<
1141 <<
1142 if (!(cfg->req_flags & CRYPTO_TFM_REQ <<
1143 if (prandom_bool(rng)) { <<
1144 cfg->nosimd = true; <<
1145 p += scnprintf(p, end <<
1146 } <<
1147 if (prandom_bool(rng)) { <<
1148 cfg->nosimd_setkey = <<
1149 p += scnprintf(p, end <<
1150 } <<
1151 } <<
1152 <<
1153 p += scnprintf(p, end - p, " src_divs <<
1154 p = generate_random_sgl_divisions(rng <<
1155 ARR <<
1156 (cf <<
1157 FI <<
1158 cfg <<
1159 p += scnprintf(p, end - p, "]"); <<
1160 <<
1161 if (cfg->inplace_mode == OUT_OF_PLACE <<
1162 p += scnprintf(p, end - p, " <<
1163 p = generate_random_sgl_divis <<
1164 <<
1165 <<
1166 <<
1167 p += scnprintf(p, end - p, "] <<
1168 } <<
1169 <<
1170 if (prandom_bool(rng)) { <<
1171 cfg->iv_offset = prandom_u32_ <<
1172 <<
1173 p += scnprintf(p, end - p, " <<
1174 } <<
1175 <<
1176 if (prandom_bool(rng)) { <<
1177 cfg->key_offset = prandom_u32 <<
1178 <<
1179 p += scnprintf(p, end - p, " <<
1180 } 448 }
1181 449
1182 WARN_ON_ONCE(!valid_testvec_config(cf !! 450 /* partial update exercise */
1183 } !! 451 j = 0;
1184 !! 452 for (i = 0; i < tcount; i++) {
1185 static void crypto_disable_simd_for_test(void !! 453 /* alignment tests are only done with continuous buffers */
1186 { !! 454 if (align_offset != 0)
1187 migrate_disable(); !! 455 break;
1188 __this_cpu_write(crypto_simd_disabled <<
1189 } <<
1190 <<
1191 static void crypto_reenable_simd_for_test(voi <<
1192 { <<
1193 __this_cpu_write(crypto_simd_disabled <<
1194 migrate_enable(); <<
1195 } <<
1196 456
1197 /* !! 457 if (template[i].np < 2)
1198 * Given an algorithm name, build the name of !! 458 continue;
1199 * algorithm, assuming the usual naming conve <<
1200 * "-generic" to every part of the name that <<
1201 * <<
1202 * aes => aes-generic <<
1203 * cbc(aes) => cbc(aes-generic) <<
1204 * cts(cbc(aes)) => cts(cbc(aes-generic) <<
1205 * rfc7539(chacha20,poly1305) => rfc7539 <<
1206 * <<
1207 * Return: 0 on success, or -ENAMETOOLONG if <<
1208 */ <<
1209 static int build_generic_driver_name(const ch <<
1210 char dri <<
1211 { <<
1212 const char *in = algname; <<
1213 char *out = driver_name; <<
1214 size_t len = strlen(algname); <<
1215 459
1216 if (len >= CRYPTO_MAX_ALG_NAME) !! 460 j++;
1217 goto too_long; !! 461 memset(result, 0, MAX_DIGEST_SIZE);
1218 do { <<
1219 const char *in_saved = in; <<
1220 462
1221 while (*in && *in != '(' && * !! 463 ret = -EINVAL;
1222 *out++ = *in++; !! 464 hash_buff = xbuf[0];
1223 if (*in != '(' && in > in_sav !! 465 memcpy(hash_buff, template[i].plaintext,
1224 len += 8; !! 466 template[i].tap[0]);
1225 if (len >= CRYPTO_MAX !! 467 sg_init_one(&sg[0], hash_buff, template[i].tap[0]);
1226 goto too_long !! 468
1227 memcpy(out, "-generic !! 469 if (template[i].ksize) {
1228 out += 8; !! 470 crypto_ahash_clear_flags(tfm, ~0);
>> 471 if (template[i].ksize > MAX_KEYLEN) {
>> 472 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
>> 473 j, algo, template[i].ksize, MAX_KEYLEN);
>> 474 ret = -EINVAL;
>> 475 goto out;
>> 476 }
>> 477 memcpy(key, template[i].key, template[i].ksize);
>> 478 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
>> 479 if (ret) {
>> 480 pr_err("alg: hash: setkey failed on test %d for %s: ret=%d\n",
>> 481 j, algo, -ret);
>> 482 goto out;
>> 483 }
1229 } 484 }
1230 } while ((*out++ = *in++) != '\0'); <<
1231 return 0; <<
1232 <<
1233 too_long: <<
1234 pr_err("alg: generic driver name for <<
1235 algname); <<
1236 return -ENAMETOOLONG; <<
1237 } <<
1238 #else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS * <<
1239 static void crypto_disable_simd_for_test(void <<
1240 { <<
1241 } <<
1242 <<
1243 static void crypto_reenable_simd_for_test(voi <<
1244 { <<
1245 } <<
1246 #endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
1247 <<
1248 static int build_hash_sglist(struct test_sgli <<
1249 const struct has <<
1250 const struct tes <<
1251 unsigned int ali <<
1252 const struct tes <<
1253 { <<
1254 struct kvec kv; <<
1255 struct iov_iter input; <<
1256 <<
1257 kv.iov_base = (void *)vec->plaintext; <<
1258 kv.iov_len = vec->psize; <<
1259 iov_iter_kvec(&input, ITER_SOURCE, &k <<
1260 return build_test_sglist(tsgl, cfg->s <<
1261 &input, divs <<
1262 } <<
1263 <<
1264 static int check_hash_result(const char *type <<
1265 const u8 *result <<
1266 const struct has <<
1267 const char *vec_ <<
1268 const char *driv <<
1269 const struct tes <<
1270 { <<
1271 if (memcmp(result, vec->digest, diges <<
1272 pr_err("alg: %s: %s test fail <<
1273 type, driver, vec_name <<
1274 return -EINVAL; <<
1275 } <<
1276 if (!testmgr_is_poison(&result[digest <<
1277 pr_err("alg: %s: %s overran r <<
1278 type, driver, vec_name <<
1279 return -EOVERFLOW; <<
1280 } <<
1281 return 0; <<
1282 } <<
1283 <<
1284 static inline int check_shash_op(const char * <<
1285 const char * <<
1286 const struct <<
1287 { <<
1288 if (err) <<
1289 pr_err("alg: shash: %s %s() f <<
1290 driver, op, err, vec_n <<
1291 return err; <<
1292 } <<
1293 485
1294 /* Test one hash test vector in one configura !! 486 ahash_request_set_crypt(req, sg, result, template[i].tap[0]);
1295 static int test_shash_vec_cfg(const struct ha !! 487 ret = wait_async_op(&tresult, crypto_ahash_init(req));
1296 const char *vec !! 488 if (ret) {
1297 const struct te !! 489 pr_err("alt: hash: init failed on test %d for %s: ret=%d\n",
1298 struct shash_de !! 490 j, algo, -ret);
1299 struct test_sgl !! 491 goto out;
1300 u8 *hashstate) <<
1301 { <<
1302 struct crypto_shash *tfm = desc->tfm; <<
1303 const unsigned int digestsize = crypt <<
1304 const unsigned int statesize = crypto <<
1305 const char *driver = crypto_shash_dri <<
1306 const struct test_sg_division *divs[X <<
1307 unsigned int i; <<
1308 u8 result[HASH_MAX_DIGESTSIZE + TESTM <<
1309 int err; <<
1310 <<
1311 /* Set the key, if specified */ <<
1312 if (vec->ksize) { <<
1313 err = do_setkey(crypto_shash_ <<
1314 cfg, 0); <<
1315 if (err) { <<
1316 if (err == vec->setke <<
1317 return 0; <<
1318 pr_err("alg: shash: % <<
1319 driver, vec_na <<
1320 crypto_shash_g <<
1321 return err; <<
1322 } <<
1323 if (vec->setkey_error) { <<
1324 pr_err("alg: shash: % <<
1325 driver, vec_na <<
1326 return -EINVAL; <<
1327 } 492 }
1328 } !! 493 ret = wait_async_op(&tresult, crypto_ahash_update(req));
1329 !! 494 if (ret) {
1330 /* Build the scatterlist for the sour !! 495 pr_err("alt: hash: update failed on test %d for %s: ret=%d\n",
1331 err = build_hash_sglist(tsgl, vec, cf !! 496 j, algo, -ret);
1332 if (err) { !! 497 goto out;
1333 pr_err("alg: shash: %s: error <<
1334 driver, vec_name, cfg- <<
1335 return err; <<
1336 } <<
1337 <<
1338 /* Do the actual hashing */ <<
1339 <<
1340 testmgr_poison(desc->__ctx, crypto_sh <<
1341 testmgr_poison(result, digestsize + T <<
1342 <<
1343 if (cfg->finalization_type == FINALIZ <<
1344 vec->digest_error) { <<
1345 /* Just using digest() */ <<
1346 if (tsgl->nents != 1) <<
1347 return 0; <<
1348 if (cfg->nosimd) <<
1349 crypto_disable_simd_f <<
1350 err = crypto_shash_digest(des <<
1351 tsg <<
1352 if (cfg->nosimd) <<
1353 crypto_reenable_simd_ <<
1354 if (err) { <<
1355 if (err == vec->diges <<
1356 return 0; <<
1357 pr_err("alg: shash: % <<
1358 driver, vec_na <<
1359 cfg->name); <<
1360 return err; <<
1361 } <<
1362 if (vec->digest_error) { <<
1363 pr_err("alg: shash: % <<
1364 driver, vec_na <<
1365 return -EINVAL; <<
1366 } <<
1367 goto result_ready; <<
1368 } <<
1369 <<
1370 /* Using init(), zero or more update( <<
1371 <<
1372 if (cfg->nosimd) <<
1373 crypto_disable_simd_for_test( <<
1374 err = crypto_shash_init(desc); <<
1375 if (cfg->nosimd) <<
1376 crypto_reenable_simd_for_test <<
1377 err = check_shash_op("init", err, dri <<
1378 if (err) <<
1379 return err; <<
1380 <<
1381 for (i = 0; i < tsgl->nents; i++) { <<
1382 if (i + 1 == tsgl->nents && <<
1383 cfg->finalization_type == <<
1384 if (divs[i]->nosimd) <<
1385 crypto_disabl <<
1386 err = crypto_shash_fi <<
1387 <<
1388 if (divs[i]->nosimd) <<
1389 crypto_reenab <<
1390 err = check_shash_op( <<
1391 <<
1392 if (err) <<
1393 return err; <<
1394 goto result_ready; <<
1395 } <<
1396 if (divs[i]->nosimd) <<
1397 crypto_disable_simd_f <<
1398 err = crypto_shash_update(des <<
1399 tsg <<
1400 if (divs[i]->nosimd) <<
1401 crypto_reenable_simd_ <<
1402 err = check_shash_op("update" <<
1403 if (err) <<
1404 return err; <<
1405 if (divs[i]->flush_type == FL <<
1406 /* Test ->export() an <<
1407 testmgr_poison(hashst <<
1408 TESTMG <<
1409 err = crypto_shash_ex <<
1410 err = check_shash_op( <<
1411 <<
1412 if (err) <<
1413 return err; <<
1414 if (!testmgr_is_poiso <<
1415 <<
1416 pr_err("alg: <<
1417 driver <<
1418 return -EOVER <<
1419 } <<
1420 testmgr_poison(desc-> <<
1421 err = crypto_shash_im <<
1422 err = check_shash_op( <<
1423 <<
1424 if (err) <<
1425 return err; <<
1426 } 498 }
1427 } <<
1428 499
1429 if (cfg->nosimd) !! 500 temp = template[i].tap[0];
1430 crypto_disable_simd_for_test( !! 501 for (k = 1; k < template[i].np; k++) {
1431 err = crypto_shash_final(desc, result !! 502 ret = ahash_partial_update(&req, tfm, &template[i],
1432 if (cfg->nosimd) !! 503 hash_buff, k, temp, &sg[0], algo, result,
1433 crypto_reenable_simd_for_test !! 504 &tresult);
1434 err = check_shash_op("final", err, dr !! 505 if (ret) {
1435 if (err) !! 506 pr_err("hash: partial update failed on test %d for %s: ret=%d\n",
1436 return err; !! 507 j, algo, -ret);
1437 result_ready: !! 508 goto out_noreq;
1438 return check_hash_result("shash", res !! 509 }
1439 driver, cfg) !! 510 temp += template[i].tap[k];
1440 } <<
1441 <<
1442 static int do_ahash_op(int (*op)(struct ahash <<
1443 struct ahash_request * <<
1444 struct crypto_wait *wa <<
1445 { <<
1446 int err; <<
1447 <<
1448 if (nosimd) <<
1449 crypto_disable_simd_for_test( <<
1450 <<
1451 err = op(req); <<
1452 <<
1453 if (nosimd) <<
1454 crypto_reenable_simd_for_test <<
1455 <<
1456 return crypto_wait_req(err, wait); <<
1457 } <<
1458 <<
1459 static int check_nonfinal_ahash_op(const char <<
1460 u8 *result <<
1461 const char <<
1462 const stru <<
1463 { <<
1464 if (err) { <<
1465 pr_err("alg: ahash: %s %s() f <<
1466 driver, op, err, vec_n <<
1467 return err; <<
1468 } <<
1469 if (!testmgr_is_poison(result, digest <<
1470 pr_err("alg: ahash: %s %s() u <<
1471 driver, op, vec_name, <<
1472 return -EINVAL; <<
1473 } <<
1474 return 0; <<
1475 } <<
1476 <<
1477 /* Test one hash test vector in one configura <<
1478 static int test_ahash_vec_cfg(const struct ha <<
1479 const char *vec <<
1480 const struct te <<
1481 struct ahash_re <<
1482 struct test_sgl <<
1483 u8 *hashstate) <<
1484 { <<
1485 struct crypto_ahash *tfm = crypto_aha <<
1486 const unsigned int digestsize = crypt <<
1487 const unsigned int statesize = crypto <<
1488 const char *driver = crypto_ahash_dri <<
1489 const u32 req_flags = CRYPTO_TFM_REQ_ <<
1490 const struct test_sg_division *divs[X <<
1491 DECLARE_CRYPTO_WAIT(wait); <<
1492 unsigned int i; <<
1493 struct scatterlist *pending_sgl; <<
1494 unsigned int pending_len; <<
1495 u8 result[HASH_MAX_DIGESTSIZE + TESTM <<
1496 int err; <<
1497 <<
1498 /* Set the key, if specified */ <<
1499 if (vec->ksize) { <<
1500 err = do_setkey(crypto_ahash_ <<
1501 cfg, 0); <<
1502 if (err) { <<
1503 if (err == vec->setke <<
1504 return 0; <<
1505 pr_err("alg: ahash: % <<
1506 driver, vec_na <<
1507 crypto_ahash_g <<
1508 return err; <<
1509 } <<
1510 if (vec->setkey_error) { <<
1511 pr_err("alg: ahash: % <<
1512 driver, vec_na <<
1513 return -EINVAL; <<
1514 } 511 }
1515 } !! 512 ret = wait_async_op(&tresult, crypto_ahash_final(req));
1516 !! 513 if (ret) {
1517 /* Build the scatterlist for the sour !! 514 pr_err("alt: hash: final failed on test %d for %s: ret=%d\n",
1518 err = build_hash_sglist(tsgl, vec, cf !! 515 j, algo, -ret);
1519 if (err) { !! 516 goto out;
1520 pr_err("alg: ahash: %s: error <<
1521 driver, vec_name, cfg- <<
1522 return err; <<
1523 } <<
1524 <<
1525 /* Do the actual hashing */ <<
1526 <<
1527 testmgr_poison(req->__ctx, crypto_aha <<
1528 testmgr_poison(result, digestsize + T <<
1529 <<
1530 if (cfg->finalization_type == FINALIZ <<
1531 vec->digest_error) { <<
1532 /* Just using digest() */ <<
1533 ahash_request_set_callback(re <<
1534 &w <<
1535 ahash_request_set_crypt(req, <<
1536 err = do_ahash_op(crypto_ahas <<
1537 if (err) { <<
1538 if (err == vec->diges <<
1539 return 0; <<
1540 pr_err("alg: ahash: % <<
1541 driver, vec_na <<
1542 cfg->name); <<
1543 return err; <<
1544 } <<
1545 if (vec->digest_error) { <<
1546 pr_err("alg: ahash: % <<
1547 driver, vec_na <<
1548 return -EINVAL; <<
1549 } <<
1550 goto result_ready; <<
1551 } <<
1552 <<
1553 /* Using init(), zero or more update( <<
1554 <<
1555 ahash_request_set_callback(req, req_f <<
1556 ahash_request_set_crypt(req, NULL, re <<
1557 err = do_ahash_op(crypto_ahash_init, <<
1558 err = check_nonfinal_ahash_op("init", <<
1559 driver, <<
1560 if (err) <<
1561 return err; <<
1562 <<
1563 pending_sgl = NULL; <<
1564 pending_len = 0; <<
1565 for (i = 0; i < tsgl->nents; i++) { <<
1566 if (divs[i]->flush_type != FL <<
1567 pending_sgl != NULL) { <<
1568 /* update() with the <<
1569 ahash_request_set_cal <<
1570 <<
1571 ahash_request_set_cry <<
1572 <<
1573 err = do_ahash_op(cry <<
1574 div <<
1575 err = check_nonfinal_ <<
1576 <<
1577 <<
1578 if (err) <<
1579 return err; <<
1580 pending_sgl = NULL; <<
1581 pending_len = 0; <<
1582 } <<
1583 if (divs[i]->flush_type == FL <<
1584 /* Test ->export() an <<
1585 testmgr_poison(hashst <<
1586 TESTMG <<
1587 err = crypto_ahash_ex <<
1588 err = check_nonfinal_ <<
1589 <<
1590 <<
1591 if (err) <<
1592 return err; <<
1593 if (!testmgr_is_poiso <<
1594 <<
1595 pr_err("alg: <<
1596 driver <<
1597 return -EOVER <<
1598 } <<
1599 <<
1600 testmgr_poison(req->_ <<
1601 err = crypto_ahash_im <<
1602 err = check_nonfinal_ <<
1603 <<
1604 <<
1605 if (err) <<
1606 return err; <<
1607 } <<
1608 if (pending_sgl == NULL) <<
1609 pending_sgl = &tsgl-> <<
1610 pending_len += tsgl->sgl[i].l <<
1611 } <<
1612 <<
1613 ahash_request_set_callback(req, req_f <<
1614 ahash_request_set_crypt(req, pending_ <<
1615 if (cfg->finalization_type == FINALIZ <<
1616 /* finish with update() and f <<
1617 err = do_ahash_op(crypto_ahas <<
1618 err = check_nonfinal_ahash_op <<
1619 <<
1620 if (err) <<
1621 return err; <<
1622 err = do_ahash_op(crypto_ahas <<
1623 if (err) { <<
1624 pr_err("alg: ahash: % <<
1625 driver, err, v <<
1626 return err; <<
1627 } 517 }
1628 } else { !! 518 if (memcmp(result, template[i].digest,
1629 /* finish with finup() */ !! 519 crypto_ahash_digestsize(tfm))) {
1630 err = do_ahash_op(crypto_ahas !! 520 pr_err("alg: hash: Partial Test %d failed for %s\n",
1631 if (err) { !! 521 j, algo);
1632 pr_err("alg: ahash: % !! 522 hexdump(result, crypto_ahash_digestsize(tfm));
1633 driver, err, v !! 523 ret = -EINVAL;
1634 return err; !! 524 goto out;
1635 } 525 }
1636 } 526 }
1637 527
1638 result_ready: !! 528 ret = 0;
1639 return check_hash_result("ahash", res <<
1640 driver, cfg) <<
1641 } <<
1642 <<
1643 static int test_hash_vec_cfg(const struct has <<
1644 const char *vec_ <<
1645 const struct tes <<
1646 struct ahash_req <<
1647 struct shash_des <<
1648 struct test_sgli <<
1649 u8 *hashstate) <<
1650 { <<
1651 int err; <<
1652 <<
1653 /* <<
1654 * For algorithms implemented as "sha <<
1655 * both the shash and ahash tests. T <<
1656 * failures involve less indirection, <<
1657 */ <<
1658 <<
1659 if (desc) { <<
1660 err = test_shash_vec_cfg(vec, <<
1661 hash <<
1662 if (err) <<
1663 return err; <<
1664 } <<
1665 529
1666 return test_ahash_vec_cfg(vec, vec_na !! 530 out:
>> 531 ahash_request_free(req);
>> 532 out_noreq:
>> 533 testmgr_free_buf(xbuf);
>> 534 out_nobuf:
>> 535 kfree(key);
>> 536 kfree(result);
>> 537 return ret;
1667 } 538 }
1668 539
1669 static int test_hash_vec(const struct hash_te !! 540 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
1670 struct ahash_request !! 541 unsigned int tcount, bool use_digest)
1671 struct test_sglist * <<
1672 { 542 {
1673 char vec_name[16]; !! 543 unsigned int alignmask;
1674 unsigned int i; !! 544 int ret;
1675 int err; <<
1676 <<
1677 sprintf(vec_name, "%u", vec_num); <<
1678 <<
1679 for (i = 0; i < ARRAY_SIZE(default_ha <<
1680 err = test_hash_vec_cfg(vec, <<
1681 &defa <<
1682 req, <<
1683 if (err) <<
1684 return err; <<
1685 } <<
1686 545
1687 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS !! 546 ret = __test_hash(tfm, template, tcount, use_digest, 0);
1688 if (!noextratests) { !! 547 if (ret)
1689 struct rnd_state rng; !! 548 return ret;
1690 struct testvec_config cfg; <<
1691 char cfgname[TESTVEC_CONFIG_N <<
1692 549
1693 init_rnd_state(&rng); !! 550 /* test unaligned buffers, check with one byte offset */
>> 551 ret = __test_hash(tfm, template, tcount, use_digest, 1);
>> 552 if (ret)
>> 553 return ret;
1694 554
1695 for (i = 0; i < fuzz_iteratio !! 555 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1696 generate_random_testv !! 556 if (alignmask) {
1697 !! 557 /* Check if alignment mask for tfm is correctly set. */
1698 err = test_hash_vec_c !! 558 ret = __test_hash(tfm, template, tcount, use_digest,
1699 !! 559 alignmask + 1);
1700 if (err) !! 560 if (ret)
1701 return err; !! 561 return ret;
1702 cond_resched(); <<
1703 } <<
1704 } 562 }
1705 #endif <<
1706 return 0; <<
1707 } <<
1708 <<
1709 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
1710 /* <<
1711 * Generate a hash test vector from the given <<
1712 * Assumes the buffers in 'vec' were already <<
1713 */ <<
1714 static void generate_random_hash_testvec(stru <<
1715 stru <<
1716 stru <<
1717 unsi <<
1718 unsi <<
1719 char <<
1720 { <<
1721 /* Data */ <<
1722 vec->psize = generate_random_length(r <<
1723 generate_random_bytes(rng, (u8 *)vec- <<
1724 563
1725 /* !! 564 return 0;
1726 * Key: length in range [1, maxkeysiz <<
1727 * If algorithm is unkeyed, then maxk <<
1728 */ <<
1729 vec->setkey_error = 0; <<
1730 vec->ksize = 0; <<
1731 if (maxkeysize) { <<
1732 vec->ksize = maxkeysize; <<
1733 if (prandom_u32_below(rng, 4) <<
1734 vec->ksize = prandom_ <<
1735 generate_random_bytes(rng, (u <<
1736 <<
1737 vec->setkey_error = crypto_sh <<
1738 <<
1739 /* If the key couldn't be set <<
1740 if (vec->setkey_error) <<
1741 goto done; <<
1742 } <<
1743 <<
1744 /* Digest */ <<
1745 vec->digest_error = crypto_shash_dige <<
1746 <<
1747 done: <<
1748 snprintf(name, max_namelen, "\"random <<
1749 vec->psize, vec->ksize); <<
1750 } 565 }
1751 566
1752 /* !! 567 static int __test_aead(struct crypto_aead *tfm, int enc,
1753 * Test the hash algorithm represented by @re !! 568 struct aead_testvec *template, unsigned int tcount,
1754 * implementation, if one is available. !! 569 const bool diff_dst, const int align_offset)
1755 */ <<
1756 static int test_hash_vs_generic_impl(const ch <<
1757 unsigned <<
1758 struct a <<
1759 struct s <<
1760 struct t <<
1761 u8 *hash <<
1762 { 570 {
1763 struct crypto_ahash *tfm = crypto_aha !! 571 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
1764 const unsigned int digestsize = crypt !! 572 unsigned int i, j, k, n, temp;
1765 const unsigned int blocksize = crypto !! 573 int ret = -ENOMEM;
1766 const unsigned int maxdatasize = (2 * !! 574 char *q;
1767 const char *algname = crypto_hash_alg !! 575 char *key;
1768 const char *driver = crypto_ahash_dri !! 576 struct aead_request *req;
1769 struct rnd_state rng; !! 577 struct scatterlist *sg;
1770 char _generic_driver[CRYPTO_MAX_ALG_N !! 578 struct scatterlist *sgout;
1771 struct crypto_shash *generic_tfm = NU !! 579 const char *e, *d;
1772 struct shash_desc *generic_desc = NUL !! 580 struct tcrypt_result result;
1773 unsigned int i; !! 581 unsigned int authsize, iv_len;
1774 struct hash_testvec vec = { 0 }; !! 582 void *input;
1775 char vec_name[64]; !! 583 void *output;
1776 struct testvec_config *cfg; !! 584 void *assoc;
1777 char cfgname[TESTVEC_CONFIG_NAMELEN]; !! 585 char *iv;
1778 int err; !! 586 char *xbuf[XBUFSIZE];
1779 !! 587 char *xoutbuf[XBUFSIZE];
1780 if (noextratests) !! 588 char *axbuf[XBUFSIZE];
1781 return 0; <<
1782 589
1783 init_rnd_state(&rng); !! 590 iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
>> 591 if (!iv)
>> 592 return ret;
>> 593 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
>> 594 if (!key)
>> 595 goto out_noxbuf;
>> 596 if (testmgr_alloc_buf(xbuf))
>> 597 goto out_noxbuf;
>> 598 if (testmgr_alloc_buf(axbuf))
>> 599 goto out_noaxbuf;
>> 600 if (diff_dst && testmgr_alloc_buf(xoutbuf))
>> 601 goto out_nooutbuf;
>> 602
>> 603 /* avoid "the frame size is larger than 1024 bytes" compiler warning */
>> 604 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
>> 605 if (!sg)
>> 606 goto out_nosg;
>> 607 sgout = &sg[16];
1784 608
1785 if (!generic_driver) { /* Use default !! 609 if (diff_dst)
1786 err = build_generic_driver_na !! 610 d = "-ddst";
1787 if (err) !! 611 else
1788 return err; !! 612 d = "";
1789 generic_driver = _generic_dri <<
1790 } <<
1791 613
1792 if (strcmp(generic_driver, driver) == !! 614 if (enc == ENCRYPT)
1793 return 0; !! 615 e = "encryption";
>> 616 else
>> 617 e = "decryption";
1794 618
1795 generic_tfm = crypto_alloc_shash(gene !! 619 init_completion(&result.completion);
1796 if (IS_ERR(generic_tfm)) { <<
1797 err = PTR_ERR(generic_tfm); <<
1798 if (err == -ENOENT) { <<
1799 pr_warn("alg: hash: s <<
1800 driver, gener <<
1801 return 0; <<
1802 } <<
1803 pr_err("alg: hash: error allo <<
1804 generic_driver, algnam <<
1805 return err; <<
1806 } <<
1807 620
1808 cfg = kzalloc(sizeof(*cfg), GFP_KERNE !! 621 req = aead_request_alloc(tfm, GFP_KERNEL);
1809 if (!cfg) { !! 622 if (!req) {
1810 err = -ENOMEM; !! 623 pr_err("alg: aead%s: Failed to allocate request for %s\n",
>> 624 d, algo);
1811 goto out; 625 goto out;
1812 } 626 }
1813 627
1814 generic_desc = kzalloc(sizeof(*desc) !! 628 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1815 crypto_shash_d !! 629 tcrypt_complete, &result);
1816 if (!generic_desc) { <<
1817 err = -ENOMEM; <<
1818 goto out; <<
1819 } <<
1820 generic_desc->tfm = generic_tfm; <<
1821 630
1822 /* Check the algorithm properties for !! 631 iv_len = crypto_aead_ivsize(tfm);
1823 632
1824 if (digestsize != crypto_shash_digest !! 633 for (i = 0, j = 0; i < tcount; i++) {
1825 pr_err("alg: hash: digestsize !! 634 if (template[i].np)
1826 driver, digestsize, !! 635 continue;
1827 crypto_shash_digestsiz <<
1828 err = -EINVAL; <<
1829 goto out; <<
1830 } <<
1831 <<
1832 if (blocksize != crypto_shash_blocksi <<
1833 pr_err("alg: hash: blocksize <<
1834 driver, blocksize, cry <<
1835 err = -EINVAL; <<
1836 goto out; <<
1837 } <<
1838 <<
1839 /* <<
1840 * Now generate test vectors using th <<
1841 * the other implementation against t <<
1842 */ <<
1843 636
1844 vec.key = kmalloc(maxkeysize, GFP_KER !! 637 j++;
1845 vec.plaintext = kmalloc(maxdatasize, <<
1846 vec.digest = kmalloc(digestsize, GFP_ <<
1847 if (!vec.key || !vec.plaintext || !ve <<
1848 err = -ENOMEM; <<
1849 goto out; <<
1850 } <<
1851 638
1852 for (i = 0; i < fuzz_iterations * 8; !! 639 /* some templates have no input data but they will
1853 generate_random_hash_testvec( !! 640 * touch input
1854 !! 641 */
1855 !! 642 input = xbuf[0];
1856 generate_random_testvec_confi !! 643 input += align_offset;
1857 !! 644 assoc = axbuf[0];
1858 645
1859 err = test_hash_vec_cfg(&vec, !! 646 ret = -EINVAL;
1860 req, !! 647 if (WARN_ON(align_offset + template[i].ilen >
1861 if (err) !! 648 PAGE_SIZE || template[i].alen > PAGE_SIZE))
1862 goto out; 649 goto out;
1863 cond_resched(); <<
1864 } <<
1865 err = 0; <<
1866 out: <<
1867 kfree(cfg); <<
1868 kfree(vec.key); <<
1869 kfree(vec.plaintext); <<
1870 kfree(vec.digest); <<
1871 crypto_free_shash(generic_tfm); <<
1872 kfree_sensitive(generic_desc); <<
1873 return err; <<
1874 } <<
1875 #else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS * <<
1876 static int test_hash_vs_generic_impl(const ch <<
1877 unsigned <<
1878 struct a <<
1879 struct s <<
1880 struct t <<
1881 u8 *hash <<
1882 { <<
1883 return 0; <<
1884 } <<
1885 #endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
1886 <<
1887 static int alloc_shash(const char *driver, u3 <<
1888 struct crypto_shash ** <<
1889 struct shash_desc **de <<
1890 { <<
1891 struct crypto_shash *tfm; <<
1892 struct shash_desc *desc; <<
1893 <<
1894 tfm = crypto_alloc_shash(driver, type <<
1895 if (IS_ERR(tfm)) { <<
1896 if (PTR_ERR(tfm) == -ENOENT) <<
1897 /* <<
1898 * This algorithm is <<
1899 * API, not the shash <<
1900 */ <<
1901 return 0; <<
1902 } <<
1903 pr_err("alg: hash: failed to <<
1904 driver, PTR_ERR(tfm)); <<
1905 return PTR_ERR(tfm); <<
1906 } <<
1907 <<
1908 desc = kmalloc(sizeof(*desc) + crypto <<
1909 if (!desc) { <<
1910 crypto_free_shash(tfm); <<
1911 return -ENOMEM; <<
1912 } <<
1913 desc->tfm = tfm; <<
1914 <<
1915 *tfm_ret = tfm; <<
1916 *desc_ret = desc; <<
1917 return 0; <<
1918 } <<
1919 <<
1920 static int __alg_test_hash(const struct hash_ <<
1921 unsigned int num_v <<
1922 u32 type, u32 mask <<
1923 const char *generi <<
1924 { <<
1925 struct crypto_ahash *atfm = NULL; <<
1926 struct ahash_request *req = NULL; <<
1927 struct crypto_shash *stfm = NULL; <<
1928 struct shash_desc *desc = NULL; <<
1929 struct test_sglist *tsgl = NULL; <<
1930 u8 *hashstate = NULL; <<
1931 unsigned int statesize; <<
1932 unsigned int i; <<
1933 int err; <<
1934 <<
1935 /* <<
1936 * Always test the ahash API. This w <<
1937 * algorithm is implemented as ahash <<
1938 */ <<
1939 <<
1940 atfm = crypto_alloc_ahash(driver, typ <<
1941 if (IS_ERR(atfm)) { <<
1942 if (PTR_ERR(atfm) == -ENOENT) <<
1943 return 0; <<
1944 pr_err("alg: hash: failed to <<
1945 driver, PTR_ERR(atfm)) <<
1946 return PTR_ERR(atfm); <<
1947 } <<
1948 driver = crypto_ahash_driver_name(atf <<
1949 650
1950 req = ahash_request_alloc(atfm, GFP_K !! 651 memcpy(input, template[i].input, template[i].ilen);
1951 if (!req) { !! 652 memcpy(assoc, template[i].assoc, template[i].alen);
1952 pr_err("alg: hash: failed to !! 653 if (template[i].iv)
1953 driver); !! 654 memcpy(iv, template[i].iv, iv_len);
1954 err = -ENOMEM; !! 655 else
1955 goto out; !! 656 memset(iv, 0, iv_len);
1956 } <<
1957 <<
1958 /* <<
1959 * If available also test the shash A <<
1960 * be missed by testing the ahash API <<
1961 */ <<
1962 err = alloc_shash(driver, type, mask, <<
1963 if (err) <<
1964 goto out; <<
1965 657
1966 tsgl = kmalloc(sizeof(*tsgl), GFP_KER !! 658 crypto_aead_clear_flags(tfm, ~0);
1967 if (!tsgl || init_test_sglist(tsgl) ! !! 659 if (template[i].wk)
1968 pr_err("alg: hash: failed to !! 660 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1969 driver); <<
1970 kfree(tsgl); <<
1971 tsgl = NULL; <<
1972 err = -ENOMEM; <<
1973 goto out; <<
1974 } <<
1975 661
1976 statesize = crypto_ahash_statesize(at !! 662 if (template[i].klen > MAX_KEYLEN) {
1977 if (stfm) !! 663 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
1978 statesize = max(statesize, cr !! 664 d, j, algo, template[i].klen,
1979 hashstate = kmalloc(statesize + TESTM !! 665 MAX_KEYLEN);
1980 if (!hashstate) { !! 666 ret = -EINVAL;
1981 pr_err("alg: hash: failed to !! 667 goto out;
1982 driver); !! 668 }
1983 err = -ENOMEM; !! 669 memcpy(key, template[i].key, template[i].klen);
1984 goto out; <<
1985 } <<
1986 670
1987 for (i = 0; i < num_vecs; i++) { !! 671 ret = crypto_aead_setkey(tfm, key, template[i].klen);
1988 if (fips_enabled && vecs[i].f !! 672 if (template[i].fail == !ret) {
>> 673 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
>> 674 d, j, algo, crypto_aead_get_flags(tfm));
>> 675 goto out;
>> 676 } else if (ret)
1989 continue; 677 continue;
1990 678
1991 err = test_hash_vec(&vecs[i], !! 679 authsize = abs(template[i].rlen - template[i].ilen);
1992 if (err) !! 680 ret = crypto_aead_setauthsize(tfm, authsize);
>> 681 if (ret) {
>> 682 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
>> 683 d, authsize, j, algo);
1993 goto out; 684 goto out;
1994 cond_resched(); !! 685 }
1995 } <<
1996 err = test_hash_vs_generic_impl(gener <<
1997 desc, <<
1998 out: <<
1999 kfree(hashstate); <<
2000 if (tsgl) { <<
2001 destroy_test_sglist(tsgl); <<
2002 kfree(tsgl); <<
2003 } <<
2004 kfree(desc); <<
2005 crypto_free_shash(stfm); <<
2006 ahash_request_free(req); <<
2007 crypto_free_ahash(atfm); <<
2008 return err; <<
2009 } <<
2010 686
2011 static int alg_test_hash(const struct alg_tes !! 687 k = !!template[i].alen;
2012 u32 type, u32 mask) !! 688 sg_init_table(sg, k + 1);
2013 { !! 689 sg_set_buf(&sg[0], assoc, template[i].alen);
2014 const struct hash_testvec *template = !! 690 sg_set_buf(&sg[k], input,
2015 unsigned int tcount = desc->suite.has !! 691 template[i].ilen + (enc ? authsize : 0));
2016 unsigned int nr_unkeyed, nr_keyed; !! 692 output = input;
2017 unsigned int maxkeysize = 0; <<
2018 int err; <<
2019 693
2020 /* !! 694 if (diff_dst) {
2021 * For OPTIONAL_KEY algorithms, we ha !! 695 sg_init_table(sgout, k + 1);
2022 * first, before setting a key on the !! 696 sg_set_buf(&sgout[0], assoc, template[i].alen);
2023 * require that the unkeyed test vect <<
2024 */ <<
2025 697
2026 for (nr_unkeyed = 0; nr_unkeyed < tco !! 698 output = xoutbuf[0];
2027 if (template[nr_unkeyed].ksiz !! 699 output += align_offset;
2028 break; !! 700 sg_set_buf(&sgout[k], output,
2029 } !! 701 template[i].rlen + (enc ? 0 : authsize));
2030 for (nr_keyed = 0; nr_unkeyed + nr_ke !! 702 }
2031 if (!template[nr_unkeyed + nr <<
2032 pr_err("alg: hash: te <<
2033 "unkeyed ones <<
2034 return -EINVAL; <<
2035 } <<
2036 maxkeysize = max_t(unsigned i <<
2037 template[n <<
2038 } <<
2039 <<
2040 err = 0; <<
2041 if (nr_unkeyed) { <<
2042 err = __alg_test_hash(templat <<
2043 desc->g <<
2044 template += nr_unkeyed; <<
2045 } <<
2046 <<
2047 if (!err && nr_keyed) <<
2048 err = __alg_test_hash(templat <<
2049 desc->g <<
2050 703
2051 return err; !! 704 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
2052 } !! 705 template[i].ilen, iv);
2053 706
2054 static int test_aead_vec_cfg(int enc, const s !! 707 aead_request_set_ad(req, template[i].alen);
2055 const char *vec_ <<
2056 const struct tes <<
2057 struct aead_requ <<
2058 struct cipher_te <<
2059 { <<
2060 struct crypto_aead *tfm = crypto_aead <<
2061 const unsigned int alignmask = crypto <<
2062 const unsigned int ivsize = crypto_ae <<
2063 const unsigned int authsize = vec->cl <<
2064 const char *driver = crypto_aead_driv <<
2065 const u32 req_flags = CRYPTO_TFM_REQ_ <<
2066 const char *op = enc ? "encryption" : <<
2067 DECLARE_CRYPTO_WAIT(wait); <<
2068 u8 _iv[3 * (MAX_ALGAPI_ALIGNMASK + 1) <<
2069 u8 *iv = PTR_ALIGN(&_iv[0], 2 * (MAX_ <<
2070 cfg->iv_offset + <<
2071 (cfg->iv_offset_relative_to_ <<
2072 struct kvec input[2]; <<
2073 int err; <<
2074 708
2075 /* Set the key */ !! 709 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
2076 if (vec->wk) <<
2077 crypto_aead_set_flags(tfm, CR <<
2078 else <<
2079 crypto_aead_clear_flags(tfm, <<
2080 710
2081 err = do_setkey(crypto_aead_setkey, t !! 711 switch (ret) {
2082 cfg, alignmask); !! 712 case 0:
2083 if (err && err != vec->setkey_error) !! 713 if (template[i].novrfy) {
2084 pr_err("alg: aead: %s setkey !! 714 /* verification was supposed to fail */
2085 driver, vec_name, vec- !! 715 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
2086 crypto_aead_get_flags( !! 716 d, e, j, algo);
2087 return err; !! 717 /* so really, we got a bad message */
2088 } !! 718 ret = -EBADMSG;
2089 if (!err && vec->setkey_error) { !! 719 goto out;
2090 pr_err("alg: aead: %s setkey !! 720 }
2091 driver, vec_name, vec- !! 721 break;
2092 return -EINVAL; !! 722 case -EINPROGRESS:
2093 } !! 723 case -EBUSY:
>> 724 wait_for_completion(&result.completion);
>> 725 reinit_completion(&result.completion);
>> 726 ret = result.err;
>> 727 if (!ret)
>> 728 break;
>> 729 case -EBADMSG:
>> 730 if (template[i].novrfy)
>> 731 /* verification failure was expected */
>> 732 continue;
>> 733 /* fall through */
>> 734 default:
>> 735 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
>> 736 d, e, j, algo, -ret);
>> 737 goto out;
>> 738 }
2094 739
2095 /* Set the authentication tag size */ !! 740 q = output;
2096 err = crypto_aead_setauthsize(tfm, au !! 741 if (memcmp(q, template[i].result, template[i].rlen)) {
2097 if (err && err != vec->setauthsize_er !! 742 pr_err("alg: aead%s: Test %d failed on %s for %s\n",
2098 pr_err("alg: aead: %s setauth !! 743 d, j, e, algo);
2099 driver, vec_name, vec- !! 744 hexdump(q, template[i].rlen);
2100 return err; !! 745 ret = -EINVAL;
2101 } !! 746 goto out;
2102 if (!err && vec->setauthsize_error) { !! 747 }
2103 pr_err("alg: aead: %s setauth <<
2104 driver, vec_name, vec- <<
2105 return -EINVAL; <<
2106 } 748 }
2107 749
2108 if (vec->setkey_error || vec->setauth !! 750 for (i = 0, j = 0; i < tcount; i++) {
2109 return 0; !! 751 /* alignment tests are only done with continuous buffers */
>> 752 if (align_offset != 0)
>> 753 break;
2110 754
2111 /* The IV must be copied to a buffer, !! 755 if (!template[i].np)
2112 if (WARN_ON(ivsize > MAX_IVLEN)) !! 756 continue;
2113 return -EINVAL; <<
2114 if (vec->iv) <<
2115 memcpy(iv, vec->iv, ivsize); <<
2116 else <<
2117 memset(iv, 0, ivsize); <<
2118 757
2119 /* Build the src/dst scatterlists */ !! 758 j++;
2120 input[0].iov_base = (void *)vec->asso <<
2121 input[0].iov_len = vec->alen; <<
2122 input[1].iov_base = enc ? (void *)vec <<
2123 input[1].iov_len = enc ? vec->plen : <<
2124 err = build_cipher_test_sglists(tsgls <<
2125 vec-> <<
2126 <<
2127 vec-> <<
2128 <<
2129 input <<
2130 if (err) { <<
2131 pr_err("alg: aead: %s %s: err <<
2132 driver, op, vec_name, <<
2133 return err; <<
2134 } <<
2135 759
2136 /* Do the actual encryption or decryp !! 760 if (template[i].iv)
2137 testmgr_poison(req->__ctx, crypto_aea !! 761 memcpy(iv, template[i].iv, iv_len);
2138 aead_request_set_callback(req, req_fl <<
2139 aead_request_set_crypt(req, tsgls->sr <<
2140 enc ? vec->ple <<
2141 aead_request_set_ad(req, vec->alen); <<
2142 if (cfg->nosimd) <<
2143 crypto_disable_simd_for_test( <<
2144 err = enc ? crypto_aead_encrypt(req) <<
2145 if (cfg->nosimd) <<
2146 crypto_reenable_simd_for_test <<
2147 err = crypto_wait_req(err, &wait); <<
2148 <<
2149 /* Check that the algorithm didn't ov <<
2150 if (req->cryptlen != (enc ? vec->plen <<
2151 req->assoclen != vec->alen || <<
2152 req->iv != iv || <<
2153 req->src != tsgls->src.sgl_ptr || <<
2154 req->dst != tsgls->dst.sgl_ptr || <<
2155 crypto_aead_reqtfm(req) != tfm || <<
2156 req->base.complete != crypto_req_ <<
2157 req->base.flags != req_flags || <<
2158 req->base.data != &wait) { <<
2159 pr_err("alg: aead: %s %s corr <<
2160 driver, op, vec_name, <<
2161 if (req->cryptlen != (enc ? v <<
2162 pr_err("alg: aead: ch <<
2163 if (req->assoclen != vec->ale <<
2164 pr_err("alg: aead: ch <<
2165 if (req->iv != iv) <<
2166 pr_err("alg: aead: ch <<
2167 if (req->src != tsgls->src.sg <<
2168 pr_err("alg: aead: ch <<
2169 if (req->dst != tsgls->dst.sg <<
2170 pr_err("alg: aead: ch <<
2171 if (crypto_aead_reqtfm(req) ! <<
2172 pr_err("alg: aead: ch <<
2173 if (req->base.complete != cry <<
2174 pr_err("alg: aead: ch <<
2175 if (req->base.flags != req_fl <<
2176 pr_err("alg: aead: ch <<
2177 if (req->base.data != &wait) <<
2178 pr_err("alg: aead: ch <<
2179 return -EINVAL; <<
2180 } <<
2181 if (is_test_sglist_corrupted(&tsgls-> <<
2182 pr_err("alg: aead: %s %s corr <<
2183 driver, op, vec_name, <<
2184 return -EINVAL; <<
2185 } <<
2186 if (tsgls->dst.sgl_ptr != tsgls->src. <<
2187 is_test_sglist_corrupted(&tsgls-> <<
2188 pr_err("alg: aead: %s %s corr <<
2189 driver, op, vec_name, <<
2190 return -EINVAL; <<
2191 } <<
2192 <<
2193 /* Check for unexpected success or fa <<
2194 if ((err == 0 && vec->novrfy) || <<
2195 (err != vec->crypt_error && !(err <<
2196 char expected_error[32]; <<
2197 <<
2198 if (vec->novrfy && <<
2199 vec->crypt_error != 0 && <<
2200 sprintf(expected_erro <<
2201 vec->crypt_er <<
2202 else if (vec->novrfy) <<
2203 sprintf(expected_erro <<
2204 else 762 else
2205 sprintf(expected_erro !! 763 memset(iv, 0, MAX_IVLEN);
2206 if (err) { <<
2207 pr_err("alg: aead: %s <<
2208 driver, op, ve <<
2209 cfg->name); <<
2210 return err; <<
2211 } <<
2212 pr_err("alg: aead: %s %s unex <<
2213 driver, op, vec_name, <<
2214 return -EINVAL; <<
2215 } <<
2216 if (err) /* Expectedly failed. */ <<
2217 return 0; <<
2218 764
2219 /* Check for the correct output (ciph !! 765 crypto_aead_clear_flags(tfm, ~0);
2220 err = verify_correct_output(&tsgls->d !! 766 if (template[i].wk)
2221 enc ? vec !! 767 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
2222 vec->alen !! 768 if (template[i].klen > MAX_KEYLEN) {
2223 enc || cf !! 769 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
2224 if (err == -EOVERFLOW) { !! 770 d, j, algo, template[i].klen, MAX_KEYLEN);
2225 pr_err("alg: aead: %s %s over !! 771 ret = -EINVAL;
2226 driver, op, vec_name, !! 772 goto out;
2227 return err; <<
2228 } <<
2229 if (err) { <<
2230 pr_err("alg: aead: %s %s test <<
2231 driver, op, vec_name, <<
2232 return err; <<
2233 } <<
2234 <<
2235 return 0; <<
2236 } <<
2237 <<
2238 static int test_aead_vec(int enc, const struc <<
2239 unsigned int vec_num <<
2240 struct cipher_test_s <<
2241 { <<
2242 char vec_name[16]; <<
2243 unsigned int i; <<
2244 int err; <<
2245 <<
2246 if (enc && vec->novrfy) <<
2247 return 0; <<
2248 <<
2249 sprintf(vec_name, "%u", vec_num); <<
2250 <<
2251 for (i = 0; i < ARRAY_SIZE(default_ci <<
2252 err = test_aead_vec_cfg(enc, <<
2253 &defa <<
2254 req, <<
2255 if (err) <<
2256 return err; <<
2257 } <<
2258 <<
2259 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
2260 if (!noextratests) { <<
2261 struct rnd_state rng; <<
2262 struct testvec_config cfg; <<
2263 char cfgname[TESTVEC_CONFIG_N <<
2264 <<
2265 init_rnd_state(&rng); <<
2266 <<
2267 for (i = 0; i < fuzz_iteratio <<
2268 generate_random_testv <<
2269 <<
2270 err = test_aead_vec_c <<
2271 <<
2272 if (err) <<
2273 return err; <<
2274 cond_resched(); <<
2275 } 773 }
2276 } !! 774 memcpy(key, template[i].key, template[i].klen);
2277 #endif <<
2278 return 0; <<
2279 } <<
2280 <<
2281 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
2282 775
2283 struct aead_extra_tests_ctx { !! 776 ret = crypto_aead_setkey(tfm, key, template[i].klen);
2284 struct rnd_state rng; !! 777 if (template[i].fail == !ret) {
2285 struct aead_request *req; !! 778 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
2286 struct crypto_aead *tfm; !! 779 d, j, algo, crypto_aead_get_flags(tfm));
2287 const struct alg_test_desc *test_desc !! 780 goto out;
2288 struct cipher_test_sglists *tsgls; !! 781 } else if (ret)
2289 unsigned int maxdatasize; !! 782 continue;
2290 unsigned int maxkeysize; <<
2291 <<
2292 struct aead_testvec vec; <<
2293 char vec_name[64]; <<
2294 char cfgname[TESTVEC_CONFIG_NAMELEN]; <<
2295 struct testvec_config cfg; <<
2296 }; <<
2297 <<
2298 /* <<
2299 * Make at least one random change to a (ciph <<
2300 * here means the full ciphertext including t <<
2301 * authentication tag (and hence also the cip <<
2302 */ <<
2303 static void mutate_aead_message(struct rnd_st <<
2304 struct aead_t <<
2305 unsigned int <<
2306 { <<
2307 const unsigned int aad_tail_size = aa <<
2308 const unsigned int authsize = vec->cl <<
2309 <<
2310 if (prandom_bool(rng) && vec->alen > <<
2311 /* Mutate the AAD */ <<
2312 flip_random_bit(rng, (u8 *)ve <<
2313 vec->alen - a <<
2314 if (prandom_bool(rng)) <<
2315 return; <<
2316 } <<
2317 if (prandom_bool(rng)) { <<
2318 /* Mutate auth tag (assuming <<
2319 flip_random_bit(rng, (u8 *)ve <<
2320 } else { <<
2321 /* Mutate any part of the cip <<
2322 flip_random_bit(rng, (u8 *)ve <<
2323 } <<
2324 } <<
2325 783
2326 /* !! 784 authsize = abs(template[i].rlen - template[i].ilen);
2327 * Minimum authentication tag size in bytes a <<
2328 * reliably generate inauthentic messages, i. <<
2329 * message by chance. <<
2330 */ <<
2331 #define MIN_COLLISION_FREE_AUTHSIZE 8 <<
2332 785
2333 static void generate_aead_message(struct rnd_ !! 786 ret = -EINVAL;
2334 struct aead !! 787 sg_init_table(sg, template[i].anp + template[i].np);
2335 const struc !! 788 if (diff_dst)
2336 struct aead !! 789 sg_init_table(sgout, template[i].anp + template[i].np);
2337 bool prefer <<
2338 { <<
2339 struct crypto_aead *tfm = crypto_aead <<
2340 const unsigned int ivsize = crypto_ae <<
2341 const unsigned int authsize = vec->cl <<
2342 const bool inauthentic = (authsize >= <<
2343 (prefer_inau <<
2344 prandom_u32 <<
2345 <<
2346 /* Generate the AAD. */ <<
2347 generate_random_bytes(rng, (u8 *)vec- <<
2348 if (suite->aad_iv && vec->alen >= ivs <<
2349 /* Avoid implementation-defin <<
2350 memcpy((u8 *)vec->assoc + vec <<
2351 <<
2352 if (inauthentic && prandom_bool(rng)) <<
2353 /* Generate a random cipherte <<
2354 generate_random_bytes(rng, (u <<
2355 } else { <<
2356 int i = 0; <<
2357 struct scatterlist src[2], ds <<
2358 u8 iv[MAX_IVLEN]; <<
2359 DECLARE_CRYPTO_WAIT(wait); <<
2360 <<
2361 /* Generate a random plaintex <<
2362 sg_init_table(src, 2); <<
2363 if (vec->alen) <<
2364 sg_set_buf(&src[i++], <<
2365 if (vec->plen) { <<
2366 generate_random_bytes <<
2367 sg_set_buf(&src[i++], <<
2368 } <<
2369 sg_init_one(&dst, vec->ctext, <<
2370 memcpy(iv, vec->iv, ivsize); <<
2371 aead_request_set_callback(req <<
2372 aead_request_set_crypt(req, s <<
2373 aead_request_set_ad(req, vec- <<
2374 vec->crypt_error = crypto_wai <<
2375 <<
2376 /* If encryption failed, we'r <<
2377 if (vec->crypt_error != 0) <<
2378 return; <<
2379 memmove((u8 *)vec->ctext, vec <<
2380 if (!inauthentic) <<
2381 return; <<
2382 /* <<
2383 * Mutate the authentic (ciph <<
2384 * inauthentic one. <<
2385 */ <<
2386 mutate_aead_message(rng, vec, <<
2387 } <<
2388 vec->novrfy = 1; <<
2389 if (suite->einval_allowed) <<
2390 vec->crypt_error = -EINVAL; <<
2391 } <<
2392 790
2393 /* !! 791 ret = -EINVAL;
2394 * Generate an AEAD test vector 'vec' using t !! 792 for (k = 0, temp = 0; k < template[i].anp; k++) {
2395 * 'req'. The buffers in 'vec' must already !! 793 if (WARN_ON(offset_in_page(IDX[k]) +
2396 * !! 794 template[i].atap[k] > PAGE_SIZE))
2397 * If 'prefer_inauthentic' is true, then this !! 795 goto out;
2398 * test vectors (i.e. vectors with 'vec->novr !! 796 sg_set_buf(&sg[k],
2399 */ !! 797 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
2400 static void generate_random_aead_testvec(stru !! 798 offset_in_page(IDX[k]),
2401 stru !! 799 template[i].assoc + temp,
2402 stru !! 800 template[i].atap[k]),
2403 cons !! 801 template[i].atap[k]);
2404 unsi !! 802 if (diff_dst)
2405 unsi !! 803 sg_set_buf(&sgout[k],
2406 char !! 804 axbuf[IDX[k] >> PAGE_SHIFT] +
2407 bool !! 805 offset_in_page(IDX[k]),
2408 { !! 806 template[i].atap[k]);
2409 struct crypto_aead *tfm = crypto_aead !! 807 temp += template[i].atap[k];
2410 const unsigned int ivsize = crypto_ae !! 808 }
2411 const unsigned int maxauthsize = cryp !! 809
2412 unsigned int authsize; !! 810 for (k = 0, temp = 0; k < template[i].np; k++) {
2413 unsigned int total_len; !! 811 if (WARN_ON(offset_in_page(IDX[k]) +
2414 !! 812 template[i].tap[k] > PAGE_SIZE))
2415 /* Key: length in [0, maxkeysize], bu !! 813 goto out;
2416 vec->klen = maxkeysize; <<
2417 if (prandom_u32_below(rng, 4) == 0) <<
2418 vec->klen = prandom_u32_below <<
2419 generate_random_bytes(rng, (u8 *)vec- <<
2420 vec->setkey_error = crypto_aead_setke <<
2421 <<
2422 /* IV */ <<
2423 generate_random_bytes(rng, (u8 *)vec- <<
2424 <<
2425 /* Tag length: in [0, maxauthsize], b <<
2426 authsize = maxauthsize; <<
2427 if (prandom_u32_below(rng, 4) == 0) <<
2428 authsize = prandom_u32_below( <<
2429 if (prefer_inauthentic && authsize < <<
2430 authsize = MIN_COLLISION_FREE <<
2431 if (WARN_ON(authsize > maxdatasize)) <<
2432 authsize = maxdatasize; <<
2433 maxdatasize -= authsize; <<
2434 vec->setauthsize_error = crypto_aead_ <<
2435 <<
2436 /* AAD, plaintext, and ciphertext len <<
2437 total_len = generate_random_length(rn <<
2438 if (prandom_u32_below(rng, 4) == 0) <<
2439 vec->alen = 0; <<
2440 else <<
2441 vec->alen = generate_random_l <<
2442 vec->plen = total_len - vec->alen; <<
2443 vec->clen = vec->plen + authsize; <<
2444 814
2445 /* !! 815 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
2446 * Generate the AAD, plaintext, and c !! 816 memcpy(q, template[i].input + temp, template[i].tap[k]);
2447 * key or the authentication tag size !! 817 sg_set_buf(&sg[template[i].anp + k],
2448 */ !! 818 q, template[i].tap[k]);
2449 vec->novrfy = 0; !! 819
2450 vec->crypt_error = 0; !! 820 if (diff_dst) {
2451 if (vec->setkey_error == 0 && vec->se !! 821 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
2452 generate_aead_message(rng, re !! 822 offset_in_page(IDX[k]);
2453 snprintf(name, max_namelen, <<
2454 "\"random: alen=%u plen=%u a <<
2455 vec->alen, vec->plen, authsi <<
2456 } <<
2457 823
2458 static void try_to_generate_inauthentic_testv !! 824 memset(q, 0, template[i].tap[k]);
2459 struc <<
2460 { <<
2461 int i; <<
2462 825
2463 for (i = 0; i < 10; i++) { !! 826 sg_set_buf(&sgout[template[i].anp + k],
2464 generate_random_aead_testvec( !! 827 q, template[i].tap[k]);
2465 !! 828 }
2466 <<
2467 <<
2468 <<
2469 if (ctx->vec.novrfy) <<
2470 return; <<
2471 } <<
2472 } <<
2473 829
2474 /* !! 830 n = template[i].tap[k];
2475 * Generate inauthentic test vectors (i.e. ci !! 831 if (k == template[i].np - 1 && enc)
2476 * result of an encryption with the key) and !! 832 n += authsize;
2477 */ !! 833 if (offset_in_page(q) + n < PAGE_SIZE)
2478 static int test_aead_inauthentic_inputs(struc !! 834 q[n] = 0;
2479 { <<
2480 unsigned int i; <<
2481 int err; <<
2482 835
2483 for (i = 0; i < fuzz_iterations * 8; !! 836 temp += template[i].tap[k];
2484 /* <<
2485 * Since this part of the tes <<
2486 * implementation to another, <<
2487 * test vectors other than in <<
2488 * <<
2489 * If we're having trouble ge <<
2490 * if the algorithm keeps rej <<
2491 * retry forever; just contin <<
2492 */ <<
2493 try_to_generate_inauthentic_t <<
2494 if (ctx->vec.novrfy) { <<
2495 generate_random_testv <<
2496 <<
2497 <<
2498 err = test_aead_vec_c <<
2499 <<
2500 <<
2501 if (err) <<
2502 return err; <<
2503 } 837 }
2504 cond_resched(); <<
2505 } <<
2506 return 0; <<
2507 } <<
2508 <<
2509 /* <<
2510 * Test the AEAD algorithm against the corres <<
2511 * one is available. <<
2512 */ <<
2513 static int test_aead_vs_generic_impl(struct a <<
2514 { <<
2515 struct crypto_aead *tfm = ctx->tfm; <<
2516 const char *algname = crypto_aead_alg <<
2517 const char *driver = crypto_aead_driv <<
2518 const char *generic_driver = ctx->tes <<
2519 char _generic_driver[CRYPTO_MAX_ALG_N <<
2520 struct crypto_aead *generic_tfm = NUL <<
2521 struct aead_request *generic_req = NU <<
2522 unsigned int i; <<
2523 int err; <<
2524 838
2525 if (!generic_driver) { /* Use default !! 839 ret = crypto_aead_setauthsize(tfm, authsize);
2526 err = build_generic_driver_na !! 840 if (ret) {
2527 if (err) !! 841 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
2528 return err; !! 842 d, authsize, j, algo);
2529 generic_driver = _generic_dri !! 843 goto out;
2530 } !! 844 }
2531 845
2532 if (strcmp(generic_driver, driver) == !! 846 if (enc) {
2533 return 0; !! 847 if (WARN_ON(sg[template[i].anp + k - 1].offset +
>> 848 sg[template[i].anp + k - 1].length +
>> 849 authsize > PAGE_SIZE)) {
>> 850 ret = -EINVAL;
>> 851 goto out;
>> 852 }
2534 853
2535 generic_tfm = crypto_alloc_aead(gener !! 854 if (diff_dst)
2536 if (IS_ERR(generic_tfm)) { !! 855 sgout[template[i].anp + k - 1].length +=
2537 err = PTR_ERR(generic_tfm); !! 856 authsize;
2538 if (err == -ENOENT) { !! 857 sg[template[i].anp + k - 1].length += authsize;
2539 pr_warn("alg: aead: s <<
2540 driver, gener <<
2541 return 0; <<
2542 } 858 }
2543 pr_err("alg: aead: error allo <<
2544 generic_driver, algnam <<
2545 return err; <<
2546 } <<
2547 859
2548 generic_req = aead_request_alloc(gene !! 860 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
2549 if (!generic_req) { !! 861 template[i].ilen,
2550 err = -ENOMEM; !! 862 iv);
2551 goto out; <<
2552 } <<
2553 863
2554 /* Check the algorithm properties for !! 864 aead_request_set_ad(req, template[i].alen);
2555 865
2556 if (crypto_aead_maxauthsize(tfm) != !! 866 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
2557 crypto_aead_maxauthsize(generic_t <<
2558 pr_err("alg: aead: maxauthsiz <<
2559 driver, crypto_aead_ma <<
2560 crypto_aead_maxauthsiz <<
2561 err = -EINVAL; <<
2562 goto out; <<
2563 } <<
2564 867
2565 if (crypto_aead_ivsize(tfm) != crypto !! 868 switch (ret) {
2566 pr_err("alg: aead: ivsize for !! 869 case 0:
2567 driver, crypto_aead_iv !! 870 if (template[i].novrfy) {
2568 crypto_aead_ivsize(gen !! 871 /* verification was supposed to fail */
2569 err = -EINVAL; !! 872 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
2570 goto out; !! 873 d, e, j, algo);
2571 } !! 874 /* so really, we got a bad message */
2572 !! 875 ret = -EBADMSG;
2573 if (crypto_aead_blocksize(tfm) != cry <<
2574 pr_err("alg: aead: blocksize <<
2575 driver, crypto_aead_bl <<
2576 crypto_aead_blocksize( <<
2577 err = -EINVAL; <<
2578 goto out; <<
2579 } <<
2580 <<
2581 /* <<
2582 * Now generate test vectors using th <<
2583 * the other implementation against t <<
2584 */ <<
2585 for (i = 0; i < fuzz_iterations * 8; <<
2586 generate_random_aead_testvec( <<
2587 <<
2588 <<
2589 <<
2590 <<
2591 generate_random_testvec_confi <<
2592 <<
2593 <<
2594 if (!ctx->vec.novrfy) { <<
2595 err = test_aead_vec_c <<
2596 <<
2597 <<
2598 if (err) <<
2599 goto out; <<
2600 } <<
2601 if (ctx->vec.crypt_error == 0 <<
2602 err = test_aead_vec_c <<
2603 <<
2604 <<
2605 if (err) <<
2606 goto out; 876 goto out;
>> 877 }
>> 878 break;
>> 879 case -EINPROGRESS:
>> 880 case -EBUSY:
>> 881 wait_for_completion(&result.completion);
>> 882 reinit_completion(&result.completion);
>> 883 ret = result.err;
>> 884 if (!ret)
>> 885 break;
>> 886 case -EBADMSG:
>> 887 if (template[i].novrfy)
>> 888 /* verification failure was expected */
>> 889 continue;
>> 890 /* fall through */
>> 891 default:
>> 892 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
>> 893 d, e, j, algo, -ret);
>> 894 goto out;
2607 } 895 }
2608 cond_resched(); <<
2609 } <<
2610 err = 0; <<
2611 out: <<
2612 crypto_free_aead(generic_tfm); <<
2613 aead_request_free(generic_req); <<
2614 return err; <<
2615 } <<
2616 896
2617 static int test_aead_extra(const struct alg_t !! 897 ret = -EINVAL;
2618 struct aead_reques !! 898 for (k = 0, temp = 0; k < template[i].np; k++) {
2619 struct cipher_test !! 899 if (diff_dst)
2620 { !! 900 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
2621 struct aead_extra_tests_ctx *ctx; !! 901 offset_in_page(IDX[k]);
2622 unsigned int i; !! 902 else
2623 int err; !! 903 q = xbuf[IDX[k] >> PAGE_SHIFT] +
>> 904 offset_in_page(IDX[k]);
2624 905
2625 if (noextratests) !! 906 n = template[i].tap[k];
2626 return 0; !! 907 if (k == template[i].np - 1)
>> 908 n += enc ? authsize : -authsize;
>> 909
>> 910 if (memcmp(q, template[i].result + temp, n)) {
>> 911 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
>> 912 d, j, e, k, algo);
>> 913 hexdump(q, n);
>> 914 goto out;
>> 915 }
2627 916
2628 ctx = kzalloc(sizeof(*ctx), GFP_KERNE !! 917 q += n;
2629 if (!ctx) !! 918 if (k == template[i].np - 1 && !enc) {
2630 return -ENOMEM; !! 919 if (!diff_dst &&
2631 init_rnd_state(&ctx->rng); !! 920 memcmp(q, template[i].input +
2632 ctx->req = req; !! 921 temp + n, authsize))
2633 ctx->tfm = crypto_aead_reqtfm(req); !! 922 n = authsize;
2634 ctx->test_desc = test_desc; !! 923 else
2635 ctx->tsgls = tsgls; !! 924 n = 0;
2636 ctx->maxdatasize = (2 * PAGE_SIZE) - !! 925 } else {
2637 ctx->maxkeysize = 0; !! 926 for (n = 0; offset_in_page(q + n) && q[n]; n++)
2638 for (i = 0; i < test_desc->suite.aead !! 927 ;
2639 ctx->maxkeysize = max_t(unsig !! 928 }
2640 test_ !! 929 if (n) {
2641 !! 930 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
2642 ctx->vec.key = kmalloc(ctx->maxkeysiz !! 931 d, j, e, k, algo, n);
2643 ctx->vec.iv = kmalloc(crypto_aead_ivs !! 932 hexdump(q, n);
2644 ctx->vec.assoc = kmalloc(ctx->maxdata !! 933 goto out;
2645 ctx->vec.ptext = kmalloc(ctx->maxdata !! 934 }
2646 ctx->vec.ctext = kmalloc(ctx->maxdata !! 935
2647 if (!ctx->vec.key || !ctx->vec.iv || !! 936 temp += template[i].tap[k];
2648 !ctx->vec.ptext || !ctx->vec.ctex !! 937 }
2649 err = -ENOMEM; <<
2650 goto out; <<
2651 } 938 }
2652 939
2653 err = test_aead_vs_generic_impl(ctx); !! 940 ret = 0;
2654 if (err) <<
2655 goto out; <<
2656 941
2657 err = test_aead_inauthentic_inputs(ct <<
2658 out: 942 out:
2659 kfree(ctx->vec.key); !! 943 aead_request_free(req);
2660 kfree(ctx->vec.iv); !! 944 kfree(sg);
2661 kfree(ctx->vec.assoc); !! 945 out_nosg:
2662 kfree(ctx->vec.ptext); !! 946 if (diff_dst)
2663 kfree(ctx->vec.ctext); !! 947 testmgr_free_buf(xoutbuf);
2664 kfree(ctx); !! 948 out_nooutbuf:
2665 return err; !! 949 testmgr_free_buf(axbuf);
2666 } !! 950 out_noaxbuf:
2667 #else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS * !! 951 testmgr_free_buf(xbuf);
2668 static int test_aead_extra(const struct alg_t !! 952 out_noxbuf:
2669 struct aead_reques !! 953 kfree(key);
2670 struct cipher_test !! 954 kfree(iv);
2671 { !! 955 return ret;
2672 return 0; <<
2673 } <<
2674 #endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
2675 <<
2676 static int test_aead(int enc, const struct ae <<
2677 struct aead_request *req <<
2678 struct cipher_test_sglis <<
2679 { <<
2680 unsigned int i; <<
2681 int err; <<
2682 <<
2683 for (i = 0; i < suite->count; i++) { <<
2684 err = test_aead_vec(enc, &sui <<
2685 if (err) <<
2686 return err; <<
2687 cond_resched(); <<
2688 } <<
2689 return 0; <<
2690 } 956 }
2691 957
2692 static int alg_test_aead(const struct alg_tes !! 958 static int test_aead(struct crypto_aead *tfm, int enc,
2693 u32 type, u32 mask) !! 959 struct aead_testvec *template, unsigned int tcount)
2694 { 960 {
2695 const struct aead_test_suite *suite = !! 961 unsigned int alignmask;
2696 struct crypto_aead *tfm; !! 962 int ret;
2697 struct aead_request *req = NULL; <<
2698 struct cipher_test_sglists *tsgls = N <<
2699 int err; <<
2700 963
2701 if (suite->count <= 0) { !! 964 /* test 'dst == src' case */
2702 pr_err("alg: aead: empty test !! 965 ret = __test_aead(tfm, enc, template, tcount, false, 0);
2703 return -EINVAL; !! 966 if (ret)
2704 } !! 967 return ret;
2705 968
2706 tfm = crypto_alloc_aead(driver, type, !! 969 /* test 'dst != src' case */
2707 if (IS_ERR(tfm)) { !! 970 ret = __test_aead(tfm, enc, template, tcount, true, 0);
2708 if (PTR_ERR(tfm) == -ENOENT) !! 971 if (ret)
2709 return 0; !! 972 return ret;
2710 pr_err("alg: aead: failed to <<
2711 driver, PTR_ERR(tfm)); <<
2712 return PTR_ERR(tfm); <<
2713 } <<
2714 driver = crypto_aead_driver_name(tfm) <<
2715 973
2716 req = aead_request_alloc(tfm, GFP_KER !! 974 /* test unaligned buffers, check with one byte offset */
2717 if (!req) { !! 975 ret = __test_aead(tfm, enc, template, tcount, true, 1);
2718 pr_err("alg: aead: failed to !! 976 if (ret)
2719 driver); !! 977 return ret;
2720 err = -ENOMEM; <<
2721 goto out; <<
2722 } <<
2723 978
2724 tsgls = alloc_cipher_test_sglists(); !! 979 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
2725 if (!tsgls) { !! 980 if (alignmask) {
2726 pr_err("alg: aead: failed to !! 981 /* Check if alignment mask for tfm is correctly set. */
2727 driver); !! 982 ret = __test_aead(tfm, enc, template, tcount, true,
2728 err = -ENOMEM; !! 983 alignmask + 1);
2729 goto out; !! 984 if (ret)
>> 985 return ret;
2730 } 986 }
2731 987
2732 err = test_aead(ENCRYPT, suite, req, !! 988 return 0;
2733 if (err) <<
2734 goto out; <<
2735 <<
2736 err = test_aead(DECRYPT, suite, req, <<
2737 if (err) <<
2738 goto out; <<
2739 <<
2740 err = test_aead_extra(desc, req, tsgl <<
2741 out: <<
2742 free_cipher_test_sglists(tsgls); <<
2743 aead_request_free(req); <<
2744 crypto_free_aead(tfm); <<
2745 return err; <<
2746 } 989 }
2747 990
2748 static int test_cipher(struct crypto_cipher * 991 static int test_cipher(struct crypto_cipher *tfm, int enc,
2749 const struct cipher_te !! 992 struct cipher_testvec *template, unsigned int tcount)
2750 unsigned int tcount) <<
2751 { 993 {
2752 const char *algo = crypto_tfm_alg_dri 994 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
2753 unsigned int i, j, k; 995 unsigned int i, j, k;
2754 char *q; 996 char *q;
2755 const char *e; 997 const char *e;
2756 const char *input, *result; <<
2757 void *data; 998 void *data;
2758 char *xbuf[XBUFSIZE]; 999 char *xbuf[XBUFSIZE];
2759 int ret = -ENOMEM; 1000 int ret = -ENOMEM;
2760 1001
2761 if (testmgr_alloc_buf(xbuf)) 1002 if (testmgr_alloc_buf(xbuf))
2762 goto out_nobuf; 1003 goto out_nobuf;
2763 1004
2764 if (enc == ENCRYPT) 1005 if (enc == ENCRYPT)
2765 e = "encryption"; 1006 e = "encryption";
2766 else 1007 else
2767 e = "decryption"; 1008 e = "decryption";
2768 1009
2769 j = 0; 1010 j = 0;
2770 for (i = 0; i < tcount; i++) { 1011 for (i = 0; i < tcount; i++) {
>> 1012 if (template[i].np)
>> 1013 continue;
2771 1014
2772 if (fips_enabled && template[ 1015 if (fips_enabled && template[i].fips_skip)
2773 continue; 1016 continue;
2774 1017
2775 input = enc ? template[i].pt <<
2776 result = enc ? template[i].ct <<
2777 j++; 1018 j++;
2778 1019
2779 ret = -EINVAL; 1020 ret = -EINVAL;
2780 if (WARN_ON(template[i].len > !! 1021 if (WARN_ON(template[i].ilen > PAGE_SIZE))
2781 goto out; 1022 goto out;
2782 1023
2783 data = xbuf[0]; 1024 data = xbuf[0];
2784 memcpy(data, input, template[ !! 1025 memcpy(data, template[i].input, template[i].ilen);
2785 1026
2786 crypto_cipher_clear_flags(tfm 1027 crypto_cipher_clear_flags(tfm, ~0);
2787 if (template[i].wk) 1028 if (template[i].wk)
2788 crypto_cipher_set_fla !! 1029 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
2789 1030
2790 ret = crypto_cipher_setkey(tf 1031 ret = crypto_cipher_setkey(tfm, template[i].key,
2791 te 1032 template[i].klen);
2792 if (ret) { !! 1033 if (template[i].fail == !ret) {
2793 if (ret == template[i !! 1034 printk(KERN_ERR "alg: cipher: setkey failed "
2794 continue; !! 1035 "on test %d for %s: flags=%x\n", j,
2795 pr_err("alg: cipher: !! 1036 algo, crypto_cipher_get_flags(tfm));
2796 algo, j, templ <<
2797 crypto_cipher_ <<
2798 goto out; <<
2799 } <<
2800 if (template[i].setkey_error) <<
2801 pr_err("alg: cipher: <<
2802 algo, j, templ <<
2803 ret = -EINVAL; <<
2804 goto out; 1037 goto out;
2805 } !! 1038 } else if (ret)
>> 1039 continue;
2806 1040
2807 for (k = 0; k < template[i].l !! 1041 for (k = 0; k < template[i].ilen;
2808 k += crypto_cipher_block 1042 k += crypto_cipher_blocksize(tfm)) {
2809 if (enc) 1043 if (enc)
2810 crypto_cipher 1044 crypto_cipher_encrypt_one(tfm, data + k,
2811 1045 data + k);
2812 else 1046 else
2813 crypto_cipher 1047 crypto_cipher_decrypt_one(tfm, data + k,
2814 1048 data + k);
2815 } 1049 }
2816 1050
2817 q = data; 1051 q = data;
2818 if (memcmp(q, result, templat !! 1052 if (memcmp(q, template[i].result, template[i].rlen)) {
2819 printk(KERN_ERR "alg: 1053 printk(KERN_ERR "alg: cipher: Test %d failed "
2820 "on %s for %s\ 1054 "on %s for %s\n", j, e, algo);
2821 hexdump(q, template[i !! 1055 hexdump(q, template[i].rlen);
2822 ret = -EINVAL; 1056 ret = -EINVAL;
2823 goto out; 1057 goto out;
2824 } 1058 }
2825 } 1059 }
2826 1060
2827 ret = 0; 1061 ret = 0;
2828 1062
2829 out: 1063 out:
2830 testmgr_free_buf(xbuf); 1064 testmgr_free_buf(xbuf);
2831 out_nobuf: 1065 out_nobuf:
2832 return ret; 1066 return ret;
2833 } 1067 }
2834 1068
2835 static int test_skcipher_vec_cfg(int enc, con !! 1069 static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
2836 const char * !! 1070 struct cipher_testvec *template, unsigned int tcount,
2837 const struct !! 1071 const bool diff_dst, const int align_offset)
2838 struct skcip <<
2839 struct ciphe <<
2840 { 1072 {
2841 struct crypto_skcipher *tfm = crypto_ !! 1073 const char *algo =
2842 const unsigned int alignmask = crypto !! 1074 crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
2843 const unsigned int ivsize = crypto_sk !! 1075 unsigned int i, j, k, n, temp;
2844 const char *driver = crypto_skcipher_ !! 1076 char *q;
2845 const u32 req_flags = CRYPTO_TFM_REQ_ !! 1077 struct skcipher_request *req;
2846 const char *op = enc ? "encryption" : !! 1078 struct scatterlist sg[8];
2847 DECLARE_CRYPTO_WAIT(wait); !! 1079 struct scatterlist sgout[8];
2848 u8 _iv[3 * (MAX_ALGAPI_ALIGNMASK + 1) !! 1080 const char *e, *d;
2849 u8 *iv = PTR_ALIGN(&_iv[0], 2 * (MAX_ !! 1081 struct tcrypt_result result;
2850 cfg->iv_offset + !! 1082 void *data;
2851 (cfg->iv_offset_relative_to_ !! 1083 char iv[MAX_IVLEN];
2852 struct kvec input; !! 1084 char *xbuf[XBUFSIZE];
2853 int err; !! 1085 char *xoutbuf[XBUFSIZE];
>> 1086 int ret = -ENOMEM;
>> 1087 unsigned int ivsize = crypto_skcipher_ivsize(tfm);
2854 1088
2855 /* Set the key */ !! 1089 if (testmgr_alloc_buf(xbuf))
2856 if (vec->wk) !! 1090 goto out_nobuf;
2857 crypto_skcipher_set_flags(tfm !! 1091
>> 1092 if (diff_dst && testmgr_alloc_buf(xoutbuf))
>> 1093 goto out_nooutbuf;
>> 1094
>> 1095 if (diff_dst)
>> 1096 d = "-ddst";
2858 else 1097 else
2859 crypto_skcipher_clear_flags(t !! 1098 d = "";
2860 C <<
2861 err = do_setkey(crypto_skcipher_setke <<
2862 cfg, alignmask); <<
2863 if (err) { <<
2864 if (err == vec->setkey_error) <<
2865 return 0; <<
2866 pr_err("alg: skcipher: %s set <<
2867 driver, vec_name, vec- <<
2868 crypto_skcipher_get_fl <<
2869 return err; <<
2870 } <<
2871 if (vec->setkey_error) { <<
2872 pr_err("alg: skcipher: %s set <<
2873 driver, vec_name, vec- <<
2874 return -EINVAL; <<
2875 } <<
2876 1099
2877 /* The IV must be copied to a buffer, !! 1100 if (enc == ENCRYPT)
2878 if (ivsize) { !! 1101 e = "encryption";
2879 if (WARN_ON(ivsize > MAX_IVLE !! 1102 else
2880 return -EINVAL; !! 1103 e = "decryption";
2881 if (vec->generates_iv && !enc <<
2882 memcpy(iv, vec->iv_ou <<
2883 else if (vec->iv) <<
2884 memcpy(iv, vec->iv, i <<
2885 else <<
2886 memset(iv, 0, ivsize) <<
2887 } else { <<
2888 if (vec->generates_iv) { <<
2889 pr_err("alg: skcipher <<
2890 driver, vec_na <<
2891 return -EINVAL; <<
2892 } <<
2893 iv = NULL; <<
2894 } <<
2895 1104
2896 /* Build the src/dst scatterlists */ !! 1105 init_completion(&result.completion);
2897 input.iov_base = enc ? (void *)vec->p <<
2898 input.iov_len = vec->len; <<
2899 err = build_cipher_test_sglists(tsgls <<
2900 vec-> <<
2901 if (err) { <<
2902 pr_err("alg: skcipher: %s %s: <<
2903 driver, op, vec_name, <<
2904 return err; <<
2905 } <<
2906 1106
2907 /* Do the actual encryption or decryp !! 1107 req = skcipher_request_alloc(tfm, GFP_KERNEL);
2908 testmgr_poison(req->__ctx, crypto_skc !! 1108 if (!req) {
2909 skcipher_request_set_callback(req, re !! 1109 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
2910 skcipher_request_set_crypt(req, tsgls !! 1110 d, algo);
2911 vec->len, !! 1111 goto out;
2912 if (cfg->nosimd) <<
2913 crypto_disable_simd_for_test( <<
2914 err = enc ? crypto_skcipher_encrypt(r <<
2915 if (cfg->nosimd) <<
2916 crypto_reenable_simd_for_test <<
2917 err = crypto_wait_req(err, &wait); <<
2918 <<
2919 /* Check that the algorithm didn't ov <<
2920 if (req->cryptlen != vec->len || <<
2921 req->iv != iv || <<
2922 req->src != tsgls->src.sgl_ptr || <<
2923 req->dst != tsgls->dst.sgl_ptr || <<
2924 crypto_skcipher_reqtfm(req) != tf <<
2925 req->base.complete != crypto_req_ <<
2926 req->base.flags != req_flags || <<
2927 req->base.data != &wait) { <<
2928 pr_err("alg: skcipher: %s %s <<
2929 driver, op, vec_name, <<
2930 if (req->cryptlen != vec->len <<
2931 pr_err("alg: skcipher <<
2932 if (req->iv != iv) <<
2933 pr_err("alg: skcipher <<
2934 if (req->src != tsgls->src.sg <<
2935 pr_err("alg: skcipher <<
2936 if (req->dst != tsgls->dst.sg <<
2937 pr_err("alg: skcipher <<
2938 if (crypto_skcipher_reqtfm(re <<
2939 pr_err("alg: skcipher <<
2940 if (req->base.complete != cry <<
2941 pr_err("alg: skcipher <<
2942 if (req->base.flags != req_fl <<
2943 pr_err("alg: skcipher <<
2944 if (req->base.data != &wait) <<
2945 pr_err("alg: skcipher <<
2946 return -EINVAL; <<
2947 } <<
2948 if (is_test_sglist_corrupted(&tsgls-> <<
2949 pr_err("alg: skcipher: %s %s <<
2950 driver, op, vec_name, <<
2951 return -EINVAL; <<
2952 } <<
2953 if (tsgls->dst.sgl_ptr != tsgls->src. <<
2954 is_test_sglist_corrupted(&tsgls-> <<
2955 pr_err("alg: skcipher: %s %s <<
2956 driver, op, vec_name, <<
2957 return -EINVAL; <<
2958 } 1112 }
2959 1113
2960 /* Check for success or failure */ !! 1114 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
2961 if (err) { !! 1115 tcrypt_complete, &result);
2962 if (err == vec->crypt_error) <<
2963 return 0; <<
2964 pr_err("alg: skcipher: %s %s <<
2965 driver, op, vec_name, <<
2966 return err; <<
2967 } <<
2968 if (vec->crypt_error) { <<
2969 pr_err("alg: skcipher: %s %s <<
2970 driver, op, vec_name, <<
2971 return -EINVAL; <<
2972 } <<
2973 1116
2974 /* Check for the correct output (ciph !! 1117 j = 0;
2975 err = verify_correct_output(&tsgls->d !! 1118 for (i = 0; i < tcount; i++) {
2976 vec->len, !! 1119 if (template[i].np && !template[i].also_non_np)
2977 if (err == -EOVERFLOW) { !! 1120 continue;
2978 pr_err("alg: skcipher: %s %s <<
2979 driver, op, vec_name, <<
2980 return err; <<
2981 } <<
2982 if (err) { <<
2983 pr_err("alg: skcipher: %s %s <<
2984 driver, op, vec_name, <<
2985 return err; <<
2986 } <<
2987 1121
2988 /* If applicable, check that the algo !! 1122 if (fips_enabled && template[i].fips_skip)
2989 if (vec->iv_out && memcmp(iv, vec->iv !! 1123 continue;
2990 pr_err("alg: skcipher: %s %s <<
2991 driver, op, vec_name, <<
2992 hexdump(iv, ivsize); <<
2993 return -EINVAL; <<
2994 } <<
2995 1124
2996 return 0; !! 1125 if (template[i].iv)
2997 } !! 1126 memcpy(iv, template[i].iv, ivsize);
>> 1127 else
>> 1128 memset(iv, 0, MAX_IVLEN);
2998 1129
2999 static int test_skcipher_vec(int enc, const s !! 1130 j++;
3000 unsigned int vec !! 1131 ret = -EINVAL;
3001 struct skcipher_ !! 1132 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
3002 struct cipher_te !! 1133 goto out;
3003 { <<
3004 char vec_name[16]; <<
3005 unsigned int i; <<
3006 int err; <<
3007 1134
3008 if (fips_enabled && vec->fips_skip) !! 1135 data = xbuf[0];
3009 return 0; !! 1136 data += align_offset;
>> 1137 memcpy(data, template[i].input, template[i].ilen);
3010 1138
3011 sprintf(vec_name, "%u", vec_num); !! 1139 crypto_skcipher_clear_flags(tfm, ~0);
>> 1140 if (template[i].wk)
>> 1141 crypto_skcipher_set_flags(tfm,
>> 1142 CRYPTO_TFM_REQ_WEAK_KEY);
3012 1143
3013 for (i = 0; i < ARRAY_SIZE(default_ci !! 1144 ret = crypto_skcipher_setkey(tfm, template[i].key,
3014 err = test_skcipher_vec_cfg(e !! 1145 template[i].klen);
3015 & !! 1146 if (template[i].fail == !ret) {
3016 r !! 1147 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
3017 if (err) !! 1148 d, j, algo, crypto_skcipher_get_flags(tfm));
3018 return err; !! 1149 goto out;
3019 } !! 1150 } else if (ret)
>> 1151 continue;
3020 1152
3021 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS !! 1153 sg_init_one(&sg[0], data, template[i].ilen);
3022 if (!noextratests) { !! 1154 if (diff_dst) {
3023 struct rnd_state rng; !! 1155 data = xoutbuf[0];
3024 struct testvec_config cfg; !! 1156 data += align_offset;
3025 char cfgname[TESTVEC_CONFIG_N !! 1157 sg_init_one(&sgout[0], data, template[i].ilen);
>> 1158 }
3026 1159
3027 init_rnd_state(&rng); !! 1160 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
>> 1161 template[i].ilen, iv);
>> 1162 ret = enc ? crypto_skcipher_encrypt(req) :
>> 1163 crypto_skcipher_decrypt(req);
3028 1164
3029 for (i = 0; i < fuzz_iteratio !! 1165 switch (ret) {
3030 generate_random_testv !! 1166 case 0:
3031 !! 1167 break;
3032 err = test_skcipher_v !! 1168 case -EINPROGRESS:
3033 !! 1169 case -EBUSY:
3034 if (err) !! 1170 wait_for_completion(&result.completion);
3035 return err; !! 1171 reinit_completion(&result.completion);
3036 cond_resched(); !! 1172 ret = result.err;
>> 1173 if (!ret)
>> 1174 break;
>> 1175 /* fall through */
>> 1176 default:
>> 1177 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
>> 1178 d, e, j, algo, -ret);
>> 1179 goto out;
3037 } 1180 }
3038 } <<
3039 #endif <<
3040 return 0; <<
3041 } <<
3042 1181
3043 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS !! 1182 q = data;
3044 /* !! 1183 if (memcmp(q, template[i].result, template[i].rlen)) {
3045 * Generate a symmetric cipher test vector fr !! 1184 pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
3046 * Assumes the buffers in 'vec' were already !! 1185 d, j, e, algo);
3047 */ !! 1186 hexdump(q, template[i].rlen);
3048 static void generate_random_cipher_testvec(st !! 1187 ret = -EINVAL;
3049 st !! 1188 goto out;
3050 st !! 1189 }
3051 un <<
3052 ch <<
3053 { <<
3054 struct crypto_skcipher *tfm = crypto_ <<
3055 const unsigned int maxkeysize = crypt <<
3056 const unsigned int ivsize = crypto_sk <<
3057 struct scatterlist src, dst; <<
3058 u8 iv[MAX_IVLEN]; <<
3059 DECLARE_CRYPTO_WAIT(wait); <<
3060 1190
3061 /* Key: length in [0, maxkeysize], bu !! 1191 if (template[i].iv_out &&
3062 vec->klen = maxkeysize; !! 1192 memcmp(iv, template[i].iv_out,
3063 if (prandom_u32_below(rng, 4) == 0) !! 1193 crypto_skcipher_ivsize(tfm))) {
3064 vec->klen = prandom_u32_below !! 1194 pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n",
3065 generate_random_bytes(rng, (u8 *)vec- !! 1195 d, j, e, algo);
3066 vec->setkey_error = crypto_skcipher_s !! 1196 hexdump(iv, crypto_skcipher_ivsize(tfm));
3067 !! 1197 ret = -EINVAL;
3068 /* IV */ !! 1198 goto out;
3069 generate_random_bytes(rng, (u8 *)vec- !! 1199 }
3070 <<
3071 /* Plaintext */ <<
3072 vec->len = generate_random_length(rng <<
3073 generate_random_bytes(rng, (u8 *)vec- <<
3074 <<
3075 /* If the key couldn't be set, no nee <<
3076 if (vec->setkey_error) <<
3077 goto done; <<
3078 <<
3079 /* Ciphertext */ <<
3080 sg_init_one(&src, vec->ptext, vec->le <<
3081 sg_init_one(&dst, vec->ctext, vec->le <<
3082 memcpy(iv, vec->iv, ivsize); <<
3083 skcipher_request_set_callback(req, 0, <<
3084 skcipher_request_set_crypt(req, &src, <<
3085 vec->crypt_error = crypto_wait_req(cr <<
3086 if (vec->crypt_error != 0) { <<
3087 /* <<
3088 * The only acceptable error <<
3089 * skcipher decryption should <<
3090 * We'll test for this. But <<
3091 * explicitly initialize the <<
3092 */ <<
3093 memset((u8 *)vec->ctext, 0, v <<
3094 } 1200 }
3095 done: <<
3096 snprintf(name, max_namelen, "\"random <<
3097 vec->len, vec->klen); <<
3098 } <<
3099 1201
3100 /* !! 1202 j = 0;
3101 * Test the skcipher algorithm represented by !! 1203 for (i = 0; i < tcount; i++) {
3102 * generic implementation, if one is availabl !! 1204 /* alignment tests are only done with continuous buffers */
3103 */ !! 1205 if (align_offset != 0)
3104 static int test_skcipher_vs_generic_impl(cons !! 1206 break;
3105 stru <<
3106 stru <<
3107 { <<
3108 struct crypto_skcipher *tfm = crypto_ <<
3109 const unsigned int maxkeysize = crypt <<
3110 const unsigned int ivsize = crypto_sk <<
3111 const unsigned int blocksize = crypto <<
3112 const unsigned int maxdatasize = (2 * <<
3113 const char *algname = crypto_skcipher <<
3114 const char *driver = crypto_skcipher_ <<
3115 struct rnd_state rng; <<
3116 char _generic_driver[CRYPTO_MAX_ALG_N <<
3117 struct crypto_skcipher *generic_tfm = <<
3118 struct skcipher_request *generic_req <<
3119 unsigned int i; <<
3120 struct cipher_testvec vec = { 0 }; <<
3121 char vec_name[64]; <<
3122 struct testvec_config *cfg; <<
3123 char cfgname[TESTVEC_CONFIG_NAMELEN]; <<
3124 int err; <<
3125 <<
3126 if (noextratests) <<
3127 return 0; <<
3128 1207
3129 /* Keywrap isn't supported here yet a !! 1208 if (!template[i].np)
3130 if (strncmp(algname, "kw(", 3) == 0) !! 1209 continue;
3131 return 0; <<
3132 1210
3133 init_rnd_state(&rng); !! 1211 if (fips_enabled && template[i].fips_skip)
>> 1212 continue;
3134 1213
3135 if (!generic_driver) { /* Use default !! 1214 if (template[i].iv)
3136 err = build_generic_driver_na !! 1215 memcpy(iv, template[i].iv, ivsize);
3137 if (err) !! 1216 else
3138 return err; !! 1217 memset(iv, 0, MAX_IVLEN);
3139 generic_driver = _generic_dri <<
3140 } <<
3141 1218
3142 if (strcmp(generic_driver, driver) == !! 1219 j++;
3143 return 0; !! 1220 crypto_skcipher_clear_flags(tfm, ~0);
>> 1221 if (template[i].wk)
>> 1222 crypto_skcipher_set_flags(tfm,
>> 1223 CRYPTO_TFM_REQ_WEAK_KEY);
3144 1224
3145 generic_tfm = crypto_alloc_skcipher(g !! 1225 ret = crypto_skcipher_setkey(tfm, template[i].key,
3146 if (IS_ERR(generic_tfm)) { !! 1226 template[i].klen);
3147 err = PTR_ERR(generic_tfm); !! 1227 if (template[i].fail == !ret) {
3148 if (err == -ENOENT) { !! 1228 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
3149 pr_warn("alg: skciphe !! 1229 d, j, algo, crypto_skcipher_get_flags(tfm));
3150 driver, gener !! 1230 goto out;
3151 return 0; !! 1231 } else if (ret)
3152 } !! 1232 continue;
3153 pr_err("alg: skcipher: error <<
3154 generic_driver, algnam <<
3155 return err; <<
3156 } <<
3157 1233
3158 cfg = kzalloc(sizeof(*cfg), GFP_KERNE !! 1234 temp = 0;
3159 if (!cfg) { !! 1235 ret = -EINVAL;
3160 err = -ENOMEM; !! 1236 sg_init_table(sg, template[i].np);
3161 goto out; !! 1237 if (diff_dst)
3162 } !! 1238 sg_init_table(sgout, template[i].np);
>> 1239 for (k = 0; k < template[i].np; k++) {
>> 1240 if (WARN_ON(offset_in_page(IDX[k]) +
>> 1241 template[i].tap[k] > PAGE_SIZE))
>> 1242 goto out;
3163 1243
3164 generic_req = skcipher_request_alloc( !! 1244 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
3165 if (!generic_req) { <<
3166 err = -ENOMEM; <<
3167 goto out; <<
3168 } <<
3169 1245
3170 /* Check the algorithm properties for !! 1246 memcpy(q, template[i].input + temp, template[i].tap[k]);
3171 1247
3172 if (crypto_skcipher_min_keysize(tfm) !! 1248 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
3173 crypto_skcipher_min_keysize(gener !! 1249 q[template[i].tap[k]] = 0;
3174 pr_err("alg: skcipher: min ke <<
3175 driver, crypto_skciphe <<
3176 crypto_skcipher_min_ke <<
3177 err = -EINVAL; <<
3178 goto out; <<
3179 } <<
3180 1250
3181 if (maxkeysize != crypto_skcipher_max !! 1251 sg_set_buf(&sg[k], q, template[i].tap[k]);
3182 pr_err("alg: skcipher: max ke !! 1252 if (diff_dst) {
3183 driver, maxkeysize, !! 1253 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
3184 crypto_skcipher_max_ke !! 1254 offset_in_page(IDX[k]);
3185 err = -EINVAL; <<
3186 goto out; <<
3187 } <<
3188 1255
3189 if (ivsize != crypto_skcipher_ivsize( !! 1256 sg_set_buf(&sgout[k], q, template[i].tap[k]);
3190 pr_err("alg: skcipher: ivsize <<
3191 driver, ivsize, crypto <<
3192 err = -EINVAL; <<
3193 goto out; <<
3194 } <<
3195 1257
3196 if (blocksize != crypto_skcipher_bloc !! 1258 memset(q, 0, template[i].tap[k]);
3197 pr_err("alg: skcipher: blocks !! 1259 if (offset_in_page(q) +
3198 driver, blocksize, !! 1260 template[i].tap[k] < PAGE_SIZE)
3199 crypto_skcipher_blocks !! 1261 q[template[i].tap[k]] = 0;
3200 err = -EINVAL; !! 1262 }
3201 goto out; <<
3202 } <<
3203 1263
3204 /* !! 1264 temp += template[i].tap[k];
3205 * Now generate test vectors using th !! 1265 }
3206 * the other implementation against t <<
3207 */ <<
3208 1266
3209 vec.key = kmalloc(maxkeysize, GFP_KER !! 1267 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
3210 vec.iv = kmalloc(ivsize, GFP_KERNEL); !! 1268 template[i].ilen, iv);
3211 vec.ptext = kmalloc(maxdatasize, GFP_ <<
3212 vec.ctext = kmalloc(maxdatasize, GFP_ <<
3213 if (!vec.key || !vec.iv || !vec.ptext <<
3214 err = -ENOMEM; <<
3215 goto out; <<
3216 } <<
3217 1269
3218 for (i = 0; i < fuzz_iterations * 8; !! 1270 ret = enc ? crypto_skcipher_encrypt(req) :
3219 generate_random_cipher_testve !! 1271 crypto_skcipher_decrypt(req);
3220 <<
3221 <<
3222 generate_random_testvec_confi <<
3223 <<
3224 1272
3225 err = test_skcipher_vec_cfg(E !! 1273 switch (ret) {
3226 c !! 1274 case 0:
3227 if (err) !! 1275 break;
3228 goto out; !! 1276 case -EINPROGRESS:
3229 err = test_skcipher_vec_cfg(D !! 1277 case -EBUSY:
3230 c !! 1278 wait_for_completion(&result.completion);
3231 if (err) !! 1279 reinit_completion(&result.completion);
>> 1280 ret = result.err;
>> 1281 if (!ret)
>> 1282 break;
>> 1283 /* fall through */
>> 1284 default:
>> 1285 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
>> 1286 d, e, j, algo, -ret);
3232 goto out; 1287 goto out;
3233 cond_resched(); !! 1288 }
3234 } <<
3235 err = 0; <<
3236 out: <<
3237 kfree(cfg); <<
3238 kfree(vec.key); <<
3239 kfree(vec.iv); <<
3240 kfree(vec.ptext); <<
3241 kfree(vec.ctext); <<
3242 crypto_free_skcipher(generic_tfm); <<
3243 skcipher_request_free(generic_req); <<
3244 return err; <<
3245 } <<
3246 #else /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS * <<
3247 static int test_skcipher_vs_generic_impl(cons <<
3248 stru <<
3249 stru <<
3250 { <<
3251 return 0; <<
3252 } <<
3253 #endif /* !CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
3254 1289
3255 static int test_skcipher(int enc, const struc !! 1290 temp = 0;
3256 struct skcipher_requ !! 1291 ret = -EINVAL;
3257 struct cipher_test_s !! 1292 for (k = 0; k < template[i].np; k++) {
3258 { !! 1293 if (diff_dst)
3259 unsigned int i; !! 1294 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
3260 int err; !! 1295 offset_in_page(IDX[k]);
>> 1296 else
>> 1297 q = xbuf[IDX[k] >> PAGE_SHIFT] +
>> 1298 offset_in_page(IDX[k]);
3261 1299
3262 for (i = 0; i < suite->count; i++) { !! 1300 if (memcmp(q, template[i].result + temp,
3263 err = test_skcipher_vec(enc, !! 1301 template[i].tap[k])) {
3264 if (err) !! 1302 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
3265 return err; !! 1303 d, j, e, k, algo);
3266 cond_resched(); !! 1304 hexdump(q, template[i].tap[k]);
>> 1305 goto out;
>> 1306 }
>> 1307
>> 1308 q += template[i].tap[k];
>> 1309 for (n = 0; offset_in_page(q + n) && q[n]; n++)
>> 1310 ;
>> 1311 if (n) {
>> 1312 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
>> 1313 d, j, e, k, algo, n);
>> 1314 hexdump(q, n);
>> 1315 goto out;
>> 1316 }
>> 1317 temp += template[i].tap[k];
>> 1318 }
3267 } 1319 }
3268 return 0; !! 1320
>> 1321 ret = 0;
>> 1322
>> 1323 out:
>> 1324 skcipher_request_free(req);
>> 1325 if (diff_dst)
>> 1326 testmgr_free_buf(xoutbuf);
>> 1327 out_nooutbuf:
>> 1328 testmgr_free_buf(xbuf);
>> 1329 out_nobuf:
>> 1330 return ret;
3269 } 1331 }
3270 1332
3271 static int alg_test_skcipher(const struct alg !! 1333 static int test_skcipher(struct crypto_skcipher *tfm, int enc,
3272 const char *driv !! 1334 struct cipher_testvec *template, unsigned int tcount)
3273 { 1335 {
3274 const struct cipher_test_suite *suite !! 1336 unsigned int alignmask;
3275 struct crypto_skcipher *tfm; !! 1337 int ret;
3276 struct skcipher_request *req = NULL; <<
3277 struct cipher_test_sglists *tsgls = N <<
3278 int err; <<
3279 1338
3280 if (suite->count <= 0) { !! 1339 /* test 'dst == src' case */
3281 pr_err("alg: skcipher: empty !! 1340 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
3282 return -EINVAL; !! 1341 if (ret)
3283 } !! 1342 return ret;
3284 1343
3285 tfm = crypto_alloc_skcipher(driver, t !! 1344 /* test 'dst != src' case */
3286 if (IS_ERR(tfm)) { !! 1345 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
3287 if (PTR_ERR(tfm) == -ENOENT) !! 1346 if (ret)
3288 return 0; !! 1347 return ret;
3289 pr_err("alg: skcipher: failed <<
3290 driver, PTR_ERR(tfm)); <<
3291 return PTR_ERR(tfm); <<
3292 } <<
3293 driver = crypto_skcipher_driver_name( <<
3294 1348
3295 req = skcipher_request_alloc(tfm, GFP !! 1349 /* test unaligned buffers, check with one byte offset */
3296 if (!req) { !! 1350 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
3297 pr_err("alg: skcipher: failed !! 1351 if (ret)
3298 driver); !! 1352 return ret;
3299 err = -ENOMEM; <<
3300 goto out; <<
3301 } <<
3302 1353
3303 tsgls = alloc_cipher_test_sglists(); !! 1354 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
3304 if (!tsgls) { !! 1355 if (alignmask) {
3305 pr_err("alg: skcipher: failed !! 1356 /* Check if alignment mask for tfm is correctly set. */
3306 driver); !! 1357 ret = __test_skcipher(tfm, enc, template, tcount, true,
3307 err = -ENOMEM; !! 1358 alignmask + 1);
3308 goto out; !! 1359 if (ret)
>> 1360 return ret;
3309 } 1361 }
3310 1362
3311 err = test_skcipher(ENCRYPT, suite, r !! 1363 return 0;
3312 if (err) <<
3313 goto out; <<
3314 <<
3315 err = test_skcipher(DECRYPT, suite, r <<
3316 if (err) <<
3317 goto out; <<
3318 <<
3319 err = test_skcipher_vs_generic_impl(d <<
3320 out: <<
3321 free_cipher_test_sglists(tsgls); <<
3322 skcipher_request_free(req); <<
3323 crypto_free_skcipher(tfm); <<
3324 return err; <<
3325 } 1364 }
3326 1365
3327 static int test_comp(struct crypto_comp *tfm, !! 1366 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
3328 const struct comp_testve !! 1367 struct comp_testvec *dtemplate, int ctcount, int dtcount)
3329 const struct comp_testve <<
3330 int ctcount, int dtcount <<
3331 { 1368 {
3332 const char *algo = crypto_tfm_alg_dri 1369 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
3333 char *output, *decomp_output; <<
3334 unsigned int i; 1370 unsigned int i;
>> 1371 char result[COMP_BUF_SIZE];
3335 int ret; 1372 int ret;
3336 1373
3337 output = kmalloc(COMP_BUF_SIZE, GFP_K <<
3338 if (!output) <<
3339 return -ENOMEM; <<
3340 <<
3341 decomp_output = kmalloc(COMP_BUF_SIZE <<
3342 if (!decomp_output) { <<
3343 kfree(output); <<
3344 return -ENOMEM; <<
3345 } <<
3346 <<
3347 for (i = 0; i < ctcount; i++) { 1374 for (i = 0; i < ctcount; i++) {
3348 int ilen; 1375 int ilen;
3349 unsigned int dlen = COMP_BUF_ 1376 unsigned int dlen = COMP_BUF_SIZE;
3350 1377
3351 memset(output, 0, COMP_BUF_SI !! 1378 memset(result, 0, sizeof (result));
3352 memset(decomp_output, 0, COMP <<
3353 1379
3354 ilen = ctemplate[i].inlen; 1380 ilen = ctemplate[i].inlen;
3355 ret = crypto_comp_compress(tf 1381 ret = crypto_comp_compress(tfm, ctemplate[i].input,
3356 il !! 1382 ilen, result, &dlen);
3357 if (ret) { 1383 if (ret) {
3358 printk(KERN_ERR "alg: 1384 printk(KERN_ERR "alg: comp: compression failed "
3359 "on test %d fo 1385 "on test %d for %s: ret=%d\n", i + 1, algo,
3360 -ret); 1386 -ret);
3361 goto out; 1387 goto out;
3362 } 1388 }
3363 1389
3364 ilen = dlen; !! 1390 if (dlen != ctemplate[i].outlen) {
3365 dlen = COMP_BUF_SIZE; <<
3366 ret = crypto_comp_decompress( <<
3367 <<
3368 if (ret) { <<
3369 pr_err("alg: comp: co <<
3370 i + 1, algo, - <<
3371 goto out; <<
3372 } <<
3373 <<
3374 if (dlen != ctemplate[i].inle <<
3375 printk(KERN_ERR "alg: 1391 printk(KERN_ERR "alg: comp: Compression test %d "
3376 "failed for %s 1392 "failed for %s: output len = %d\n", i + 1, algo,
3377 dlen); 1393 dlen);
3378 ret = -EINVAL; 1394 ret = -EINVAL;
3379 goto out; 1395 goto out;
3380 } 1396 }
3381 1397
3382 if (memcmp(decomp_output, cte !! 1398 if (memcmp(result, ctemplate[i].output, dlen)) {
3383 ctemplate[i].inlen !! 1399 printk(KERN_ERR "alg: comp: Compression test %d "
3384 pr_err("alg: comp: co !! 1400 "failed for %s\n", i + 1, algo);
3385 i + 1, algo); !! 1401 hexdump(result, dlen);
3386 hexdump(decomp_output <<
3387 ret = -EINVAL; 1402 ret = -EINVAL;
3388 goto out; 1403 goto out;
3389 } 1404 }
3390 } 1405 }
3391 1406
3392 for (i = 0; i < dtcount; i++) { 1407 for (i = 0; i < dtcount; i++) {
3393 int ilen; 1408 int ilen;
3394 unsigned int dlen = COMP_BUF_ 1409 unsigned int dlen = COMP_BUF_SIZE;
3395 1410
3396 memset(decomp_output, 0, COMP !! 1411 memset(result, 0, sizeof (result));
3397 1412
3398 ilen = dtemplate[i].inlen; 1413 ilen = dtemplate[i].inlen;
3399 ret = crypto_comp_decompress( 1414 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
3400 !! 1415 ilen, result, &dlen);
3401 if (ret) { 1416 if (ret) {
3402 printk(KERN_ERR "alg: 1417 printk(KERN_ERR "alg: comp: decompression failed "
3403 "on test %d fo 1418 "on test %d for %s: ret=%d\n", i + 1, algo,
3404 -ret); 1419 -ret);
3405 goto out; 1420 goto out;
3406 } 1421 }
3407 1422
3408 if (dlen != dtemplate[i].outl 1423 if (dlen != dtemplate[i].outlen) {
3409 printk(KERN_ERR "alg: 1424 printk(KERN_ERR "alg: comp: Decompression test %d "
3410 "failed for %s 1425 "failed for %s: output len = %d\n", i + 1, algo,
3411 dlen); 1426 dlen);
3412 ret = -EINVAL; 1427 ret = -EINVAL;
3413 goto out; 1428 goto out;
3414 } 1429 }
3415 1430
3416 if (memcmp(decomp_output, dte !! 1431 if (memcmp(result, dtemplate[i].output, dlen)) {
3417 printk(KERN_ERR "alg: 1432 printk(KERN_ERR "alg: comp: Decompression test %d "
3418 "failed for %s 1433 "failed for %s\n", i + 1, algo);
3419 hexdump(decomp_output !! 1434 hexdump(result, dlen);
3420 ret = -EINVAL; 1435 ret = -EINVAL;
3421 goto out; 1436 goto out;
3422 } 1437 }
3423 } 1438 }
3424 1439
3425 ret = 0; 1440 ret = 0;
3426 1441
3427 out: 1442 out:
3428 kfree(decomp_output); <<
3429 kfree(output); <<
3430 return ret; 1443 return ret;
3431 } 1444 }
3432 1445
3433 static int test_acomp(struct crypto_acomp *tf !! 1446 static int test_acomp(struct crypto_acomp *tfm, struct comp_testvec *ctemplate,
3434 const struct comp_testv !! 1447 struct comp_testvec *dtemplate, int ctcount, int dtcount)
3435 const struct comp_testv <<
3436 int ctcount, int dtcoun <<
3437 { 1448 {
3438 const char *algo = crypto_tfm_alg_dri 1449 const char *algo = crypto_tfm_alg_driver_name(crypto_acomp_tfm(tfm));
3439 unsigned int i; 1450 unsigned int i;
3440 char *output, *decomp_out; !! 1451 char *output;
3441 int ret; 1452 int ret;
3442 struct scatterlist src, dst; 1453 struct scatterlist src, dst;
3443 struct acomp_req *req; 1454 struct acomp_req *req;
3444 struct crypto_wait wait; !! 1455 struct tcrypt_result result;
3445 1456
3446 output = kmalloc(COMP_BUF_SIZE, GFP_K 1457 output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL);
3447 if (!output) 1458 if (!output)
3448 return -ENOMEM; 1459 return -ENOMEM;
3449 1460
3450 decomp_out = kmalloc(COMP_BUF_SIZE, G <<
3451 if (!decomp_out) { <<
3452 kfree(output); <<
3453 return -ENOMEM; <<
3454 } <<
3455 <<
3456 for (i = 0; i < ctcount; i++) { 1461 for (i = 0; i < ctcount; i++) {
3457 unsigned int dlen = COMP_BUF_ 1462 unsigned int dlen = COMP_BUF_SIZE;
3458 int ilen = ctemplate[i].inlen 1463 int ilen = ctemplate[i].inlen;
3459 void *input_vec; 1464 void *input_vec;
3460 1465
3461 input_vec = kmemdup(ctemplate !! 1466 input_vec = kmalloc(ilen, GFP_KERNEL);
3462 if (!input_vec) { 1467 if (!input_vec) {
3463 ret = -ENOMEM; 1468 ret = -ENOMEM;
3464 goto out; 1469 goto out;
3465 } 1470 }
3466 1471
>> 1472 memcpy(input_vec, ctemplate[i].input, ilen);
3467 memset(output, 0, dlen); 1473 memset(output, 0, dlen);
3468 crypto_init_wait(&wait); !! 1474 init_completion(&result.completion);
3469 sg_init_one(&src, input_vec, 1475 sg_init_one(&src, input_vec, ilen);
3470 sg_init_one(&dst, output, dle 1476 sg_init_one(&dst, output, dlen);
3471 1477
3472 req = acomp_request_alloc(tfm 1478 req = acomp_request_alloc(tfm);
3473 if (!req) { 1479 if (!req) {
3474 pr_err("alg: acomp: r 1480 pr_err("alg: acomp: request alloc failed for %s\n",
3475 algo); 1481 algo);
3476 kfree(input_vec); 1482 kfree(input_vec);
3477 ret = -ENOMEM; 1483 ret = -ENOMEM;
3478 goto out; 1484 goto out;
3479 } 1485 }
3480 1486
3481 acomp_request_set_params(req, 1487 acomp_request_set_params(req, &src, &dst, ilen, dlen);
3482 acomp_request_set_callback(re 1488 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
3483 cr !! 1489 tcrypt_complete, &result);
3484 1490
3485 ret = crypto_wait_req(crypto_ !! 1491 ret = wait_async_op(&result, crypto_acomp_compress(req));
3486 if (ret) { 1492 if (ret) {
3487 pr_err("alg: acomp: c 1493 pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n",
3488 i + 1, algo, - 1494 i + 1, algo, -ret);
3489 kfree(input_vec); 1495 kfree(input_vec);
3490 acomp_request_free(re 1496 acomp_request_free(req);
3491 goto out; 1497 goto out;
3492 } 1498 }
3493 1499
3494 ilen = req->dlen; !! 1500 if (req->dlen != ctemplate[i].outlen) {
3495 dlen = COMP_BUF_SIZE; <<
3496 sg_init_one(&src, output, ile <<
3497 sg_init_one(&dst, decomp_out, <<
3498 crypto_init_wait(&wait); <<
3499 acomp_request_set_params(req, <<
3500 <<
3501 ret = crypto_wait_req(crypto_ <<
3502 if (ret) { <<
3503 pr_err("alg: acomp: c <<
3504 i + 1, algo, - <<
3505 kfree(input_vec); <<
3506 acomp_request_free(re <<
3507 goto out; <<
3508 } <<
3509 <<
3510 if (req->dlen != ctemplate[i] <<
3511 pr_err("alg: acomp: C 1501 pr_err("alg: acomp: Compression test %d failed for %s: output len = %d\n",
3512 i + 1, algo, r 1502 i + 1, algo, req->dlen);
3513 ret = -EINVAL; 1503 ret = -EINVAL;
3514 kfree(input_vec); 1504 kfree(input_vec);
3515 acomp_request_free(re 1505 acomp_request_free(req);
3516 goto out; 1506 goto out;
3517 } 1507 }
3518 1508
3519 if (memcmp(input_vec, decomp_ !! 1509 if (memcmp(output, ctemplate[i].output, req->dlen)) {
3520 pr_err("alg: acomp: C 1510 pr_err("alg: acomp: Compression test %d failed for %s\n",
3521 i + 1, algo); 1511 i + 1, algo);
3522 hexdump(output, req-> 1512 hexdump(output, req->dlen);
3523 ret = -EINVAL; 1513 ret = -EINVAL;
3524 kfree(input_vec); 1514 kfree(input_vec);
3525 acomp_request_free(re 1515 acomp_request_free(req);
3526 goto out; 1516 goto out;
3527 } 1517 }
3528 1518
3529 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
3530 crypto_init_wait(&wait); <<
3531 sg_init_one(&src, input_vec, <<
3532 acomp_request_set_params(req, <<
3533 <<
3534 ret = crypto_wait_req(crypto_ <<
3535 if (ret) { <<
3536 pr_err("alg: acomp: c <<
3537 i + 1, algo, - <<
3538 kfree(input_vec); <<
3539 acomp_request_free(re <<
3540 goto out; <<
3541 } <<
3542 #endif <<
3543 <<
3544 kfree(input_vec); 1519 kfree(input_vec);
3545 acomp_request_free(req); 1520 acomp_request_free(req);
3546 } 1521 }
3547 1522
3548 for (i = 0; i < dtcount; i++) { 1523 for (i = 0; i < dtcount; i++) {
3549 unsigned int dlen = COMP_BUF_ 1524 unsigned int dlen = COMP_BUF_SIZE;
3550 int ilen = dtemplate[i].inlen 1525 int ilen = dtemplate[i].inlen;
3551 void *input_vec; 1526 void *input_vec;
3552 1527
3553 input_vec = kmemdup(dtemplate !! 1528 input_vec = kmalloc(ilen, GFP_KERNEL);
3554 if (!input_vec) { 1529 if (!input_vec) {
3555 ret = -ENOMEM; 1530 ret = -ENOMEM;
3556 goto out; 1531 goto out;
3557 } 1532 }
3558 1533
>> 1534 memcpy(input_vec, dtemplate[i].input, ilen);
3559 memset(output, 0, dlen); 1535 memset(output, 0, dlen);
3560 crypto_init_wait(&wait); !! 1536 init_completion(&result.completion);
3561 sg_init_one(&src, input_vec, 1537 sg_init_one(&src, input_vec, ilen);
3562 sg_init_one(&dst, output, dle 1538 sg_init_one(&dst, output, dlen);
3563 1539
3564 req = acomp_request_alloc(tfm 1540 req = acomp_request_alloc(tfm);
3565 if (!req) { 1541 if (!req) {
3566 pr_err("alg: acomp: r 1542 pr_err("alg: acomp: request alloc failed for %s\n",
3567 algo); 1543 algo);
3568 kfree(input_vec); 1544 kfree(input_vec);
3569 ret = -ENOMEM; 1545 ret = -ENOMEM;
3570 goto out; 1546 goto out;
3571 } 1547 }
3572 1548
3573 acomp_request_set_params(req, 1549 acomp_request_set_params(req, &src, &dst, ilen, dlen);
3574 acomp_request_set_callback(re 1550 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
3575 cr !! 1551 tcrypt_complete, &result);
3576 1552
3577 ret = crypto_wait_req(crypto_ !! 1553 ret = wait_async_op(&result, crypto_acomp_decompress(req));
3578 if (ret) { 1554 if (ret) {
3579 pr_err("alg: acomp: d 1555 pr_err("alg: acomp: decompression failed on test %d for %s: ret=%d\n",
3580 i + 1, algo, - 1556 i + 1, algo, -ret);
3581 kfree(input_vec); 1557 kfree(input_vec);
3582 acomp_request_free(re 1558 acomp_request_free(req);
3583 goto out; 1559 goto out;
3584 } 1560 }
3585 1561
3586 if (req->dlen != dtemplate[i] 1562 if (req->dlen != dtemplate[i].outlen) {
3587 pr_err("alg: acomp: D 1563 pr_err("alg: acomp: Decompression test %d failed for %s: output len = %d\n",
3588 i + 1, algo, r 1564 i + 1, algo, req->dlen);
3589 ret = -EINVAL; 1565 ret = -EINVAL;
3590 kfree(input_vec); 1566 kfree(input_vec);
3591 acomp_request_free(re 1567 acomp_request_free(req);
3592 goto out; 1568 goto out;
3593 } 1569 }
3594 1570
3595 if (memcmp(output, dtemplate[ 1571 if (memcmp(output, dtemplate[i].output, req->dlen)) {
3596 pr_err("alg: acomp: D 1572 pr_err("alg: acomp: Decompression test %d failed for %s\n",
3597 i + 1, algo); 1573 i + 1, algo);
3598 hexdump(output, req-> 1574 hexdump(output, req->dlen);
3599 ret = -EINVAL; 1575 ret = -EINVAL;
3600 kfree(input_vec); 1576 kfree(input_vec);
3601 acomp_request_free(re 1577 acomp_request_free(req);
3602 goto out; 1578 goto out;
3603 } 1579 }
3604 1580
3605 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
3606 crypto_init_wait(&wait); <<
3607 acomp_request_set_params(req, <<
3608 <<
3609 ret = crypto_wait_req(crypto_ <<
3610 if (ret) { <<
3611 pr_err("alg: acomp: d <<
3612 i + 1, algo, - <<
3613 kfree(input_vec); <<
3614 acomp_request_free(re <<
3615 goto out; <<
3616 } <<
3617 #endif <<
3618 <<
3619 kfree(input_vec); 1581 kfree(input_vec);
3620 acomp_request_free(req); 1582 acomp_request_free(req);
3621 } 1583 }
3622 1584
3623 ret = 0; 1585 ret = 0;
3624 1586
3625 out: 1587 out:
3626 kfree(decomp_out); <<
3627 kfree(output); 1588 kfree(output);
3628 return ret; 1589 return ret;
3629 } 1590 }
3630 1591
3631 static int test_cprng(struct crypto_rng *tfm, !! 1592 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template,
3632 const struct cprng_test <<
3633 unsigned int tcount) 1593 unsigned int tcount)
3634 { 1594 {
3635 const char *algo = crypto_tfm_alg_dri 1595 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
3636 int err = 0, i, j, seedsize; 1596 int err = 0, i, j, seedsize;
3637 u8 *seed; 1597 u8 *seed;
3638 char result[32]; 1598 char result[32];
3639 1599
3640 seedsize = crypto_rng_seedsize(tfm); 1600 seedsize = crypto_rng_seedsize(tfm);
3641 1601
3642 seed = kmalloc(seedsize, GFP_KERNEL); 1602 seed = kmalloc(seedsize, GFP_KERNEL);
3643 if (!seed) { 1603 if (!seed) {
3644 printk(KERN_ERR "alg: cprng: 1604 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
3645 "for %s\n", algo); 1605 "for %s\n", algo);
3646 return -ENOMEM; 1606 return -ENOMEM;
3647 } 1607 }
3648 1608
3649 for (i = 0; i < tcount; i++) { 1609 for (i = 0; i < tcount; i++) {
3650 memset(result, 0, 32); 1610 memset(result, 0, 32);
3651 1611
3652 memcpy(seed, template[i].v, t 1612 memcpy(seed, template[i].v, template[i].vlen);
3653 memcpy(seed + template[i].vle 1613 memcpy(seed + template[i].vlen, template[i].key,
3654 template[i].klen); 1614 template[i].klen);
3655 memcpy(seed + template[i].vle 1615 memcpy(seed + template[i].vlen + template[i].klen,
3656 template[i].dt, templa 1616 template[i].dt, template[i].dtlen);
3657 1617
3658 err = crypto_rng_reset(tfm, s 1618 err = crypto_rng_reset(tfm, seed, seedsize);
3659 if (err) { 1619 if (err) {
3660 printk(KERN_ERR "alg: 1620 printk(KERN_ERR "alg: cprng: Failed to reset rng "
3661 "for %s\n", al 1621 "for %s\n", algo);
3662 goto out; 1622 goto out;
3663 } 1623 }
3664 1624
3665 for (j = 0; j < template[i].l 1625 for (j = 0; j < template[i].loops; j++) {
3666 err = crypto_rng_get_ 1626 err = crypto_rng_get_bytes(tfm, result,
3667 1627 template[i].rlen);
3668 if (err < 0) { 1628 if (err < 0) {
3669 printk(KERN_E 1629 printk(KERN_ERR "alg: cprng: Failed to obtain "
3670 "the c 1630 "the correct amount of random data for "
3671 "%s (r 1631 "%s (requested %d)\n", algo,
3672 templa 1632 template[i].rlen);
3673 goto out; 1633 goto out;
3674 } 1634 }
3675 } 1635 }
3676 1636
3677 err = memcmp(result, template 1637 err = memcmp(result, template[i].result,
3678 template[i].rlen 1638 template[i].rlen);
3679 if (err) { 1639 if (err) {
3680 printk(KERN_ERR "alg: 1640 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
3681 i, algo); 1641 i, algo);
3682 hexdump(result, templ 1642 hexdump(result, template[i].rlen);
3683 err = -EINVAL; 1643 err = -EINVAL;
3684 goto out; 1644 goto out;
3685 } 1645 }
3686 } 1646 }
3687 1647
3688 out: 1648 out:
3689 kfree(seed); 1649 kfree(seed);
3690 return err; 1650 return err;
3691 } 1651 }
3692 1652
>> 1653 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
>> 1654 u32 type, u32 mask)
>> 1655 {
>> 1656 struct crypto_aead *tfm;
>> 1657 int err = 0;
>> 1658
>> 1659 tfm = crypto_alloc_aead(driver, type, mask);
>> 1660 if (IS_ERR(tfm)) {
>> 1661 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
>> 1662 "%ld\n", driver, PTR_ERR(tfm));
>> 1663 return PTR_ERR(tfm);
>> 1664 }
>> 1665
>> 1666 if (desc->suite.aead.enc.vecs) {
>> 1667 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
>> 1668 desc->suite.aead.enc.count);
>> 1669 if (err)
>> 1670 goto out;
>> 1671 }
>> 1672
>> 1673 if (!err && desc->suite.aead.dec.vecs)
>> 1674 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
>> 1675 desc->suite.aead.dec.count);
>> 1676
>> 1677 out:
>> 1678 crypto_free_aead(tfm);
>> 1679 return err;
>> 1680 }
>> 1681
3693 static int alg_test_cipher(const struct alg_t 1682 static int alg_test_cipher(const struct alg_test_desc *desc,
3694 const char *driver 1683 const char *driver, u32 type, u32 mask)
3695 { 1684 {
3696 const struct cipher_test_suite *suite <<
3697 struct crypto_cipher *tfm; 1685 struct crypto_cipher *tfm;
3698 int err; !! 1686 int err = 0;
3699 1687
3700 tfm = crypto_alloc_cipher(driver, typ 1688 tfm = crypto_alloc_cipher(driver, type, mask);
3701 if (IS_ERR(tfm)) { 1689 if (IS_ERR(tfm)) {
3702 if (PTR_ERR(tfm) == -ENOENT) <<
3703 return 0; <<
3704 printk(KERN_ERR "alg: cipher: 1690 printk(KERN_ERR "alg: cipher: Failed to load transform for "
3705 "%s: %ld\n", driver, P 1691 "%s: %ld\n", driver, PTR_ERR(tfm));
3706 return PTR_ERR(tfm); 1692 return PTR_ERR(tfm);
3707 } 1693 }
3708 1694
3709 err = test_cipher(tfm, ENCRYPT, suite !! 1695 if (desc->suite.cipher.enc.vecs) {
3710 if (!err) !! 1696 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
3711 err = test_cipher(tfm, DECRYP !! 1697 desc->suite.cipher.enc.count);
>> 1698 if (err)
>> 1699 goto out;
>> 1700 }
>> 1701
>> 1702 if (desc->suite.cipher.dec.vecs)
>> 1703 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
>> 1704 desc->suite.cipher.dec.count);
3712 1705
>> 1706 out:
3713 crypto_free_cipher(tfm); 1707 crypto_free_cipher(tfm);
3714 return err; 1708 return err;
3715 } 1709 }
3716 1710
>> 1711 static int alg_test_skcipher(const struct alg_test_desc *desc,
>> 1712 const char *driver, u32 type, u32 mask)
>> 1713 {
>> 1714 struct crypto_skcipher *tfm;
>> 1715 int err = 0;
>> 1716
>> 1717 tfm = crypto_alloc_skcipher(driver, type, mask);
>> 1718 if (IS_ERR(tfm)) {
>> 1719 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
>> 1720 "%s: %ld\n", driver, PTR_ERR(tfm));
>> 1721 return PTR_ERR(tfm);
>> 1722 }
>> 1723
>> 1724 if (desc->suite.cipher.enc.vecs) {
>> 1725 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
>> 1726 desc->suite.cipher.enc.count);
>> 1727 if (err)
>> 1728 goto out;
>> 1729 }
>> 1730
>> 1731 if (desc->suite.cipher.dec.vecs)
>> 1732 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
>> 1733 desc->suite.cipher.dec.count);
>> 1734
>> 1735 out:
>> 1736 crypto_free_skcipher(tfm);
>> 1737 return err;
>> 1738 }
>> 1739
3717 static int alg_test_comp(const struct alg_tes 1740 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
3718 u32 type, u32 mask) 1741 u32 type, u32 mask)
3719 { 1742 {
3720 struct crypto_comp *comp; 1743 struct crypto_comp *comp;
3721 struct crypto_acomp *acomp; 1744 struct crypto_acomp *acomp;
3722 int err; 1745 int err;
3723 u32 algo_type = type & CRYPTO_ALG_TYP 1746 u32 algo_type = type & CRYPTO_ALG_TYPE_ACOMPRESS_MASK;
3724 1747
3725 if (algo_type == CRYPTO_ALG_TYPE_ACOM 1748 if (algo_type == CRYPTO_ALG_TYPE_ACOMPRESS) {
3726 acomp = crypto_alloc_acomp(dr 1749 acomp = crypto_alloc_acomp(driver, type, mask);
3727 if (IS_ERR(acomp)) { 1750 if (IS_ERR(acomp)) {
3728 if (PTR_ERR(acomp) == <<
3729 return 0; <<
3730 pr_err("alg: acomp: F 1751 pr_err("alg: acomp: Failed to load transform for %s: %ld\n",
3731 driver, PTR_ER 1752 driver, PTR_ERR(acomp));
3732 return PTR_ERR(acomp) 1753 return PTR_ERR(acomp);
3733 } 1754 }
3734 err = test_acomp(acomp, desc- 1755 err = test_acomp(acomp, desc->suite.comp.comp.vecs,
3735 desc->suite. 1756 desc->suite.comp.decomp.vecs,
3736 desc->suite. 1757 desc->suite.comp.comp.count,
3737 desc->suite. 1758 desc->suite.comp.decomp.count);
3738 crypto_free_acomp(acomp); 1759 crypto_free_acomp(acomp);
3739 } else { 1760 } else {
3740 comp = crypto_alloc_comp(driv 1761 comp = crypto_alloc_comp(driver, type, mask);
3741 if (IS_ERR(comp)) { 1762 if (IS_ERR(comp)) {
3742 if (PTR_ERR(comp) == <<
3743 return 0; <<
3744 pr_err("alg: comp: Fa 1763 pr_err("alg: comp: Failed to load transform for %s: %ld\n",
3745 driver, PTR_ER 1764 driver, PTR_ERR(comp));
3746 return PTR_ERR(comp); 1765 return PTR_ERR(comp);
3747 } 1766 }
3748 1767
3749 err = test_comp(comp, desc->s 1768 err = test_comp(comp, desc->suite.comp.comp.vecs,
3750 desc->suite.c 1769 desc->suite.comp.decomp.vecs,
3751 desc->suite.c 1770 desc->suite.comp.comp.count,
3752 desc->suite.c 1771 desc->suite.comp.decomp.count);
3753 1772
3754 crypto_free_comp(comp); 1773 crypto_free_comp(comp);
3755 } 1774 }
3756 return err; 1775 return err;
3757 } 1776 }
3758 1777
>> 1778 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
>> 1779 u32 type, u32 mask)
>> 1780 {
>> 1781 struct crypto_ahash *tfm;
>> 1782 int err;
>> 1783
>> 1784 tfm = crypto_alloc_ahash(driver, type, mask);
>> 1785 if (IS_ERR(tfm)) {
>> 1786 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
>> 1787 "%ld\n", driver, PTR_ERR(tfm));
>> 1788 return PTR_ERR(tfm);
>> 1789 }
>> 1790
>> 1791 err = test_hash(tfm, desc->suite.hash.vecs,
>> 1792 desc->suite.hash.count, true);
>> 1793 if (!err)
>> 1794 err = test_hash(tfm, desc->suite.hash.vecs,
>> 1795 desc->suite.hash.count, false);
>> 1796
>> 1797 crypto_free_ahash(tfm);
>> 1798 return err;
>> 1799 }
>> 1800
3759 static int alg_test_crc32c(const struct alg_t 1801 static int alg_test_crc32c(const struct alg_test_desc *desc,
3760 const char *driver 1802 const char *driver, u32 type, u32 mask)
3761 { 1803 {
3762 struct crypto_shash *tfm; 1804 struct crypto_shash *tfm;
3763 __le32 val; !! 1805 u32 val;
3764 int err; 1806 int err;
3765 1807
3766 err = alg_test_hash(desc, driver, typ 1808 err = alg_test_hash(desc, driver, type, mask);
3767 if (err) 1809 if (err)
3768 return err; !! 1810 goto out;
3769 1811
3770 tfm = crypto_alloc_shash(driver, type 1812 tfm = crypto_alloc_shash(driver, type, mask);
3771 if (IS_ERR(tfm)) { 1813 if (IS_ERR(tfm)) {
3772 if (PTR_ERR(tfm) == -ENOENT) <<
3773 /* <<
3774 * This crc32c implem <<
3775 * ahash API, not the <<
3776 * of the test is not <<
3777 */ <<
3778 return 0; <<
3779 } <<
3780 printk(KERN_ERR "alg: crc32c: 1814 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
3781 "%ld\n", driver, PTR_E 1815 "%ld\n", driver, PTR_ERR(tfm));
3782 return PTR_ERR(tfm); !! 1816 err = PTR_ERR(tfm);
>> 1817 goto out;
3783 } 1818 }
3784 driver = crypto_shash_driver_name(tfm <<
3785 1819
3786 do { 1820 do {
3787 SHASH_DESC_ON_STACK(shash, tf 1821 SHASH_DESC_ON_STACK(shash, tfm);
3788 u32 *ctx = (u32 *)shash_desc_ 1822 u32 *ctx = (u32 *)shash_desc_ctx(shash);
3789 1823
3790 shash->tfm = tfm; 1824 shash->tfm = tfm;
>> 1825 shash->flags = 0;
3791 1826
3792 *ctx = 420553207; !! 1827 *ctx = le32_to_cpu(420553207);
3793 err = crypto_shash_final(shas 1828 err = crypto_shash_final(shash, (u8 *)&val);
3794 if (err) { 1829 if (err) {
3795 printk(KERN_ERR "alg: 1830 printk(KERN_ERR "alg: crc32c: Operation failed for "
3796 "%s: %d\n", dr 1831 "%s: %d\n", driver, err);
3797 break; 1832 break;
3798 } 1833 }
3799 1834
3800 if (val != cpu_to_le32(~42055 !! 1835 if (val != ~420553207) {
3801 pr_err("alg: crc32c: !! 1836 printk(KERN_ERR "alg: crc32c: Test failed for %s: "
3802 driver, le32_t !! 1837 "%d\n", driver, val);
3803 err = -EINVAL; 1838 err = -EINVAL;
3804 } 1839 }
3805 } while (0); 1840 } while (0);
3806 1841
3807 crypto_free_shash(tfm); 1842 crypto_free_shash(tfm);
3808 1843
>> 1844 out:
3809 return err; 1845 return err;
3810 } 1846 }
3811 1847
3812 static int alg_test_cprng(const struct alg_te 1848 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
3813 u32 type, u32 mask) 1849 u32 type, u32 mask)
3814 { 1850 {
3815 struct crypto_rng *rng; 1851 struct crypto_rng *rng;
3816 int err; 1852 int err;
3817 1853
3818 rng = crypto_alloc_rng(driver, type, 1854 rng = crypto_alloc_rng(driver, type, mask);
3819 if (IS_ERR(rng)) { 1855 if (IS_ERR(rng)) {
3820 if (PTR_ERR(rng) == -ENOENT) <<
3821 return 0; <<
3822 printk(KERN_ERR "alg: cprng: 1856 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
3823 "%ld\n", driver, PTR_E 1857 "%ld\n", driver, PTR_ERR(rng));
3824 return PTR_ERR(rng); 1858 return PTR_ERR(rng);
3825 } 1859 }
3826 1860
3827 err = test_cprng(rng, desc->suite.cpr 1861 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
3828 1862
3829 crypto_free_rng(rng); 1863 crypto_free_rng(rng);
3830 1864
3831 return err; 1865 return err;
3832 } 1866 }
3833 1867
3834 1868
3835 static int drbg_cavs_test(const struct drbg_t !! 1869 static int drbg_cavs_test(struct drbg_testvec *test, int pr,
3836 const char *driver, 1870 const char *driver, u32 type, u32 mask)
3837 { 1871 {
3838 int ret = -EAGAIN; 1872 int ret = -EAGAIN;
3839 struct crypto_rng *drng; 1873 struct crypto_rng *drng;
3840 struct drbg_test_data test_data; 1874 struct drbg_test_data test_data;
3841 struct drbg_string addtl, pers, teste 1875 struct drbg_string addtl, pers, testentropy;
3842 unsigned char *buf = kzalloc(test->ex 1876 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
3843 1877
3844 if (!buf) 1878 if (!buf)
3845 return -ENOMEM; 1879 return -ENOMEM;
3846 1880
3847 drng = crypto_alloc_rng(driver, type, 1881 drng = crypto_alloc_rng(driver, type, mask);
3848 if (IS_ERR(drng)) { 1882 if (IS_ERR(drng)) {
3849 kfree_sensitive(buf); <<
3850 if (PTR_ERR(drng) == -ENOENT) <<
3851 return 0; <<
3852 printk(KERN_ERR "alg: drbg: c 1883 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
3853 "%s\n", driver); 1884 "%s\n", driver);
3854 return PTR_ERR(drng); !! 1885 kzfree(buf);
>> 1886 return -ENOMEM;
3855 } 1887 }
3856 1888
3857 test_data.testentropy = &testentropy; 1889 test_data.testentropy = &testentropy;
3858 drbg_string_fill(&testentropy, test-> 1890 drbg_string_fill(&testentropy, test->entropy, test->entropylen);
3859 drbg_string_fill(&pers, test->pers, t 1891 drbg_string_fill(&pers, test->pers, test->perslen);
3860 ret = crypto_drbg_reset_test(drng, &p 1892 ret = crypto_drbg_reset_test(drng, &pers, &test_data);
3861 if (ret) { 1893 if (ret) {
3862 printk(KERN_ERR "alg: drbg: F 1894 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
3863 goto outbuf; 1895 goto outbuf;
3864 } 1896 }
3865 1897
3866 drbg_string_fill(&addtl, test->addtla 1898 drbg_string_fill(&addtl, test->addtla, test->addtllen);
3867 if (pr) { 1899 if (pr) {
3868 drbg_string_fill(&testentropy 1900 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
3869 ret = crypto_drbg_get_bytes_a 1901 ret = crypto_drbg_get_bytes_addtl_test(drng,
3870 buf, test->expectedle 1902 buf, test->expectedlen, &addtl, &test_data);
3871 } else { 1903 } else {
3872 ret = crypto_drbg_get_bytes_a 1904 ret = crypto_drbg_get_bytes_addtl(drng,
3873 buf, test->expectedle 1905 buf, test->expectedlen, &addtl);
3874 } 1906 }
3875 if (ret < 0) { 1907 if (ret < 0) {
3876 printk(KERN_ERR "alg: drbg: c 1908 printk(KERN_ERR "alg: drbg: could not obtain random data for "
3877 "driver %s\n", driver) 1909 "driver %s\n", driver);
3878 goto outbuf; 1910 goto outbuf;
3879 } 1911 }
3880 1912
3881 drbg_string_fill(&addtl, test->addtlb 1913 drbg_string_fill(&addtl, test->addtlb, test->addtllen);
3882 if (pr) { 1914 if (pr) {
3883 drbg_string_fill(&testentropy 1915 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
3884 ret = crypto_drbg_get_bytes_a 1916 ret = crypto_drbg_get_bytes_addtl_test(drng,
3885 buf, test->expectedle 1917 buf, test->expectedlen, &addtl, &test_data);
3886 } else { 1918 } else {
3887 ret = crypto_drbg_get_bytes_a 1919 ret = crypto_drbg_get_bytes_addtl(drng,
3888 buf, test->expectedle 1920 buf, test->expectedlen, &addtl);
3889 } 1921 }
3890 if (ret < 0) { 1922 if (ret < 0) {
3891 printk(KERN_ERR "alg: drbg: c 1923 printk(KERN_ERR "alg: drbg: could not obtain random data for "
3892 "driver %s\n", driver) 1924 "driver %s\n", driver);
3893 goto outbuf; 1925 goto outbuf;
3894 } 1926 }
3895 1927
3896 ret = memcmp(test->expected, buf, tes 1928 ret = memcmp(test->expected, buf, test->expectedlen);
3897 1929
3898 outbuf: 1930 outbuf:
3899 crypto_free_rng(drng); 1931 crypto_free_rng(drng);
3900 kfree_sensitive(buf); !! 1932 kzfree(buf);
3901 return ret; 1933 return ret;
3902 } 1934 }
3903 1935
3904 1936
3905 static int alg_test_drbg(const struct alg_tes 1937 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
3906 u32 type, u32 mask) 1938 u32 type, u32 mask)
3907 { 1939 {
3908 int err = 0; 1940 int err = 0;
3909 int pr = 0; 1941 int pr = 0;
3910 int i = 0; 1942 int i = 0;
3911 const struct drbg_testvec *template = !! 1943 struct drbg_testvec *template = desc->suite.drbg.vecs;
3912 unsigned int tcount = desc->suite.drb 1944 unsigned int tcount = desc->suite.drbg.count;
3913 1945
3914 if (0 == memcmp(driver, "drbg_pr_", 8 1946 if (0 == memcmp(driver, "drbg_pr_", 8))
3915 pr = 1; 1947 pr = 1;
3916 1948
3917 for (i = 0; i < tcount; i++) { 1949 for (i = 0; i < tcount; i++) {
3918 err = drbg_cavs_test(&templat 1950 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
3919 if (err) { 1951 if (err) {
3920 printk(KERN_ERR "alg: 1952 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
3921 i, driver); 1953 i, driver);
3922 err = -EINVAL; 1954 err = -EINVAL;
3923 break; 1955 break;
3924 } 1956 }
3925 } 1957 }
3926 return err; 1958 return err;
3927 1959
3928 } 1960 }
3929 1961
3930 static int do_test_kpp(struct crypto_kpp *tfm !! 1962 static int do_test_kpp(struct crypto_kpp *tfm, struct kpp_testvec *vec,
3931 const char *alg) 1963 const char *alg)
3932 { 1964 {
3933 struct kpp_request *req; 1965 struct kpp_request *req;
3934 void *input_buf = NULL; 1966 void *input_buf = NULL;
3935 void *output_buf = NULL; 1967 void *output_buf = NULL;
3936 void *a_public = NULL; !! 1968 struct tcrypt_result result;
3937 void *a_ss = NULL; <<
3938 void *shared_secret = NULL; <<
3939 struct crypto_wait wait; <<
3940 unsigned int out_len_max; 1969 unsigned int out_len_max;
3941 int err = -ENOMEM; 1970 int err = -ENOMEM;
3942 struct scatterlist src, dst; 1971 struct scatterlist src, dst;
3943 1972
3944 req = kpp_request_alloc(tfm, GFP_KERN 1973 req = kpp_request_alloc(tfm, GFP_KERNEL);
3945 if (!req) 1974 if (!req)
3946 return err; 1975 return err;
3947 1976
3948 crypto_init_wait(&wait); !! 1977 init_completion(&result.completion);
3949 1978
3950 err = crypto_kpp_set_secret(tfm, vec- 1979 err = crypto_kpp_set_secret(tfm, vec->secret, vec->secret_size);
3951 if (err < 0) 1980 if (err < 0)
3952 goto free_req; 1981 goto free_req;
3953 1982
3954 out_len_max = crypto_kpp_maxsize(tfm) 1983 out_len_max = crypto_kpp_maxsize(tfm);
3955 output_buf = kzalloc(out_len_max, GFP 1984 output_buf = kzalloc(out_len_max, GFP_KERNEL);
3956 if (!output_buf) { 1985 if (!output_buf) {
3957 err = -ENOMEM; 1986 err = -ENOMEM;
3958 goto free_req; 1987 goto free_req;
3959 } 1988 }
3960 1989
3961 /* Use appropriate parameter as base 1990 /* Use appropriate parameter as base */
3962 kpp_request_set_input(req, NULL, 0); 1991 kpp_request_set_input(req, NULL, 0);
3963 sg_init_one(&dst, output_buf, out_len 1992 sg_init_one(&dst, output_buf, out_len_max);
3964 kpp_request_set_output(req, &dst, out 1993 kpp_request_set_output(req, &dst, out_len_max);
3965 kpp_request_set_callback(req, CRYPTO_ 1994 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
3966 crypto_req_d !! 1995 tcrypt_complete, &result);
3967 1996
3968 /* Compute party A's public key */ !! 1997 /* Compute public key */
3969 err = crypto_wait_req(crypto_kpp_gene !! 1998 err = wait_async_op(&result, crypto_kpp_generate_public_key(req));
3970 if (err) { 1999 if (err) {
3971 pr_err("alg: %s: Party A: gen !! 2000 pr_err("alg: %s: generate public key test failed. err %d\n",
3972 alg, err); 2001 alg, err);
3973 goto free_output; 2002 goto free_output;
3974 } 2003 }
3975 !! 2004 /* Verify calculated public key */
3976 if (vec->genkey) { !! 2005 if (memcmp(vec->expected_a_public, sg_virt(req->dst),
3977 /* Save party A's public key !! 2006 vec->expected_a_public_size)) {
3978 a_public = kmemdup(sg_virt(re !! 2007 pr_err("alg: %s: generate public key test failed. Invalid output\n",
3979 if (!a_public) { !! 2008 alg);
3980 err = -ENOMEM; !! 2009 err = -EINVAL;
3981 goto free_output; !! 2010 goto free_output;
3982 } <<
3983 } else { <<
3984 /* Verify calculated public k <<
3985 if (memcmp(vec->expected_a_pu <<
3986 vec->expected_a_pu <<
3987 pr_err("alg: %s: Part <<
3988 alg); <<
3989 err = -EINVAL; <<
3990 goto free_output; <<
3991 } <<
3992 } 2011 }
3993 2012
3994 /* Calculate shared secret key by usi 2013 /* Calculate shared secret key by using counter part (b) public key. */
3995 input_buf = kmemdup(vec->b_public, ve !! 2014 input_buf = kzalloc(vec->b_public_size, GFP_KERNEL);
3996 if (!input_buf) { 2015 if (!input_buf) {
3997 err = -ENOMEM; 2016 err = -ENOMEM;
3998 goto free_output; 2017 goto free_output;
3999 } 2018 }
4000 2019
>> 2020 memcpy(input_buf, vec->b_public, vec->b_public_size);
4001 sg_init_one(&src, input_buf, vec->b_p 2021 sg_init_one(&src, input_buf, vec->b_public_size);
4002 sg_init_one(&dst, output_buf, out_len 2022 sg_init_one(&dst, output_buf, out_len_max);
4003 kpp_request_set_input(req, &src, vec- 2023 kpp_request_set_input(req, &src, vec->b_public_size);
4004 kpp_request_set_output(req, &dst, out 2024 kpp_request_set_output(req, &dst, out_len_max);
4005 kpp_request_set_callback(req, CRYPTO_ 2025 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
4006 crypto_req_d !! 2026 tcrypt_complete, &result);
4007 err = crypto_wait_req(crypto_kpp_comp !! 2027 err = wait_async_op(&result, crypto_kpp_compute_shared_secret(req));
4008 if (err) { 2028 if (err) {
4009 pr_err("alg: %s: Party A: com !! 2029 pr_err("alg: %s: compute shard secret test failed. err %d\n",
4010 alg, err); 2030 alg, err);
4011 goto free_all; 2031 goto free_all;
4012 } 2032 }
4013 <<
4014 if (vec->genkey) { <<
4015 /* Save the shared secret obt <<
4016 a_ss = kmemdup(sg_virt(req->d <<
4017 if (!a_ss) { <<
4018 err = -ENOMEM; <<
4019 goto free_all; <<
4020 } <<
4021 <<
4022 /* <<
4023 * Calculate party B's shared <<
4024 * public key. <<
4025 */ <<
4026 err = crypto_kpp_set_secret(t <<
4027 v <<
4028 if (err < 0) <<
4029 goto free_all; <<
4030 <<
4031 sg_init_one(&src, a_public, v <<
4032 sg_init_one(&dst, output_buf, <<
4033 kpp_request_set_input(req, &s <<
4034 kpp_request_set_output(req, & <<
4035 kpp_request_set_callback(req, <<
4036 cryp <<
4037 err = crypto_wait_req(crypto_ <<
4038 &wait); <<
4039 if (err) { <<
4040 pr_err("alg: %s: Part <<
4041 alg, err); <<
4042 goto free_all; <<
4043 } <<
4044 <<
4045 shared_secret = a_ss; <<
4046 } else { <<
4047 shared_secret = (void *)vec-> <<
4048 } <<
4049 <<
4050 /* 2033 /*
4051 * verify shared secret from which th 2034 * verify shared secret from which the user will derive
4052 * secret key by executing whatever h 2035 * secret key by executing whatever hash it has chosen
4053 */ 2036 */
4054 if (memcmp(shared_secret, sg_virt(req !! 2037 if (memcmp(vec->expected_ss, sg_virt(req->dst),
4055 vec->expected_ss_size)) { 2038 vec->expected_ss_size)) {
4056 pr_err("alg: %s: compute shar 2039 pr_err("alg: %s: compute shared secret test failed. Invalid output\n",
4057 alg); 2040 alg);
4058 err = -EINVAL; 2041 err = -EINVAL;
4059 } 2042 }
4060 2043
4061 free_all: 2044 free_all:
4062 kfree(a_ss); <<
4063 kfree(input_buf); 2045 kfree(input_buf);
4064 free_output: 2046 free_output:
4065 kfree(a_public); <<
4066 kfree(output_buf); 2047 kfree(output_buf);
4067 free_req: 2048 free_req:
4068 kpp_request_free(req); 2049 kpp_request_free(req);
4069 return err; 2050 return err;
4070 } 2051 }
4071 2052
4072 static int test_kpp(struct crypto_kpp *tfm, c 2053 static int test_kpp(struct crypto_kpp *tfm, const char *alg,
4073 const struct kpp_testvec !! 2054 struct kpp_testvec *vecs, unsigned int tcount)
4074 { 2055 {
4075 int ret, i; 2056 int ret, i;
4076 2057
4077 for (i = 0; i < tcount; i++) { 2058 for (i = 0; i < tcount; i++) {
4078 ret = do_test_kpp(tfm, vecs++ 2059 ret = do_test_kpp(tfm, vecs++, alg);
4079 if (ret) { 2060 if (ret) {
4080 pr_err("alg: %s: test 2061 pr_err("alg: %s: test failed on vector %d, err=%d\n",
4081 alg, i + 1, re 2062 alg, i + 1, ret);
4082 return ret; 2063 return ret;
4083 } 2064 }
4084 } 2065 }
4085 return 0; 2066 return 0;
4086 } 2067 }
4087 2068
4088 static int alg_test_kpp(const struct alg_test 2069 static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver,
4089 u32 type, u32 mask) 2070 u32 type, u32 mask)
4090 { 2071 {
4091 struct crypto_kpp *tfm; 2072 struct crypto_kpp *tfm;
4092 int err = 0; 2073 int err = 0;
4093 2074
4094 tfm = crypto_alloc_kpp(driver, type, 2075 tfm = crypto_alloc_kpp(driver, type, mask);
4095 if (IS_ERR(tfm)) { 2076 if (IS_ERR(tfm)) {
4096 if (PTR_ERR(tfm) == -ENOENT) <<
4097 return 0; <<
4098 pr_err("alg: kpp: Failed to l 2077 pr_err("alg: kpp: Failed to load tfm for %s: %ld\n",
4099 driver, PTR_ERR(tfm)); 2078 driver, PTR_ERR(tfm));
4100 return PTR_ERR(tfm); 2079 return PTR_ERR(tfm);
4101 } 2080 }
4102 if (desc->suite.kpp.vecs) 2081 if (desc->suite.kpp.vecs)
4103 err = test_kpp(tfm, desc->alg 2082 err = test_kpp(tfm, desc->alg, desc->suite.kpp.vecs,
4104 desc->suite.kp 2083 desc->suite.kpp.count);
4105 2084
4106 crypto_free_kpp(tfm); 2085 crypto_free_kpp(tfm);
4107 return err; 2086 return err;
4108 } 2087 }
4109 2088
4110 static u8 *test_pack_u32(u8 *dst, u32 val) <<
4111 { <<
4112 memcpy(dst, &val, sizeof(val)); <<
4113 return dst + sizeof(val); <<
4114 } <<
4115 <<
4116 static int test_akcipher_one(struct crypto_ak 2089 static int test_akcipher_one(struct crypto_akcipher *tfm,
4117 const struct akc !! 2090 struct akcipher_testvec *vecs)
4118 { 2091 {
4119 char *xbuf[XBUFSIZE]; 2092 char *xbuf[XBUFSIZE];
4120 struct akcipher_request *req; 2093 struct akcipher_request *req;
4121 void *outbuf_enc = NULL; 2094 void *outbuf_enc = NULL;
4122 void *outbuf_dec = NULL; 2095 void *outbuf_dec = NULL;
4123 struct crypto_wait wait; !! 2096 struct tcrypt_result result;
4124 unsigned int out_len_max, out_len = 0 2097 unsigned int out_len_max, out_len = 0;
4125 int err = -ENOMEM; 2098 int err = -ENOMEM;
4126 struct scatterlist src, dst, src_tab[ !! 2099 struct scatterlist src, dst, src_tab[2];
4127 const char *m, *c; <<
4128 unsigned int m_size, c_size; <<
4129 const char *op; <<
4130 u8 *key, *ptr; <<
4131 2100
4132 if (testmgr_alloc_buf(xbuf)) 2101 if (testmgr_alloc_buf(xbuf))
4133 return err; 2102 return err;
4134 2103
4135 req = akcipher_request_alloc(tfm, GFP 2104 req = akcipher_request_alloc(tfm, GFP_KERNEL);
4136 if (!req) 2105 if (!req)
4137 goto free_xbuf; 2106 goto free_xbuf;
4138 2107
4139 crypto_init_wait(&wait); !! 2108 init_completion(&result.completion);
4140 <<
4141 key = kmalloc(vecs->key_len + sizeof( <<
4142 GFP_KERNEL); <<
4143 if (!key) <<
4144 goto free_req; <<
4145 memcpy(key, vecs->key, vecs->key_len) <<
4146 ptr = key + vecs->key_len; <<
4147 ptr = test_pack_u32(ptr, vecs->algo); <<
4148 ptr = test_pack_u32(ptr, vecs->param_ <<
4149 memcpy(ptr, vecs->params, vecs->param <<
4150 2109
4151 if (vecs->public_key_vec) 2110 if (vecs->public_key_vec)
4152 err = crypto_akcipher_set_pub !! 2111 err = crypto_akcipher_set_pub_key(tfm, vecs->key,
>> 2112 vecs->key_len);
4153 else 2113 else
4154 err = crypto_akcipher_set_pri !! 2114 err = crypto_akcipher_set_priv_key(tfm, vecs->key,
>> 2115 vecs->key_len);
4155 if (err) 2116 if (err)
4156 goto free_key; !! 2117 goto free_req;
4157 2118
4158 /* <<
4159 * First run test which do not requir <<
4160 * encrypt or verify. <<
4161 */ <<
4162 err = -ENOMEM; 2119 err = -ENOMEM;
4163 out_len_max = crypto_akcipher_maxsize 2120 out_len_max = crypto_akcipher_maxsize(tfm);
4164 outbuf_enc = kzalloc(out_len_max, GFP 2121 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
4165 if (!outbuf_enc) 2122 if (!outbuf_enc)
4166 goto free_key; !! 2123 goto free_req;
4167 <<
4168 if (!vecs->siggen_sigver_test) { <<
4169 m = vecs->m; <<
4170 m_size = vecs->m_size; <<
4171 c = vecs->c; <<
4172 c_size = vecs->c_size; <<
4173 op = "encrypt"; <<
4174 } else { <<
4175 /* Swap args so we could keep <<
4176 * in vecs->m, and cooked sig <<
4177 */ <<
4178 m = vecs->c; /* signature */ <<
4179 m_size = vecs->c_size; <<
4180 c = vecs->m; /* digest */ <<
4181 c_size = vecs->m_size; <<
4182 op = "verify"; <<
4183 } <<
4184 2124
4185 err = -E2BIG; !! 2125 if (WARN_ON(vecs->m_size > PAGE_SIZE))
4186 if (WARN_ON(m_size > PAGE_SIZE)) <<
4187 goto free_all; 2126 goto free_all;
4188 memcpy(xbuf[0], m, m_size); <<
4189 2127
4190 sg_init_table(src_tab, 3); !! 2128 memcpy(xbuf[0], vecs->m, vecs->m_size);
>> 2129
>> 2130 sg_init_table(src_tab, 2);
4191 sg_set_buf(&src_tab[0], xbuf[0], 8); 2131 sg_set_buf(&src_tab[0], xbuf[0], 8);
4192 sg_set_buf(&src_tab[1], xbuf[0] + 8, !! 2132 sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8);
4193 if (vecs->siggen_sigver_test) { !! 2133 sg_init_one(&dst, outbuf_enc, out_len_max);
4194 if (WARN_ON(c_size > PAGE_SIZ !! 2134 akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size,
4195 goto free_all; !! 2135 out_len_max);
4196 memcpy(xbuf[1], c, c_size); <<
4197 sg_set_buf(&src_tab[2], xbuf[ <<
4198 akcipher_request_set_crypt(re <<
4199 } else { <<
4200 sg_init_one(&dst, outbuf_enc, <<
4201 akcipher_request_set_crypt(re <<
4202 ou <<
4203 } <<
4204 akcipher_request_set_callback(req, CR 2136 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
4205 crypto_ !! 2137 tcrypt_complete, &result);
4206 2138
4207 err = crypto_wait_req(vecs->siggen_si !! 2139 /* Run RSA encrypt - c = m^e mod n;*/
4208 /* Run asymmetr !! 2140 err = wait_async_op(&result, crypto_akcipher_encrypt(req));
4209 crypto_akcipher <<
4210 /* Run asymmetr <<
4211 crypto_akcipher <<
4212 if (err) { 2141 if (err) {
4213 pr_err("alg: akcipher: %s tes !! 2142 pr_err("alg: akcipher: encrypt test failed. err %d\n", err);
4214 goto free_all; 2143 goto free_all;
4215 } 2144 }
4216 if (!vecs->siggen_sigver_test && c) { !! 2145 if (req->dst_len != vecs->c_size) {
4217 if (req->dst_len != c_size) { !! 2146 pr_err("alg: akcipher: encrypt test failed. Invalid output len\n");
4218 pr_err("alg: akcipher !! 2147 err = -EINVAL;
4219 op); !! 2148 goto free_all;
4220 err = -EINVAL; <<
4221 goto free_all; <<
4222 } <<
4223 /* verify that encrypted mess <<
4224 if (memcmp(c, outbuf_enc, c_s <<
4225 pr_err("alg: akcipher <<
4226 op); <<
4227 hexdump(outbuf_enc, c <<
4228 err = -EINVAL; <<
4229 goto free_all; <<
4230 } <<
4231 } 2149 }
4232 !! 2150 /* verify that encrypted message is equal to expected */
4233 /* !! 2151 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
4234 * Don't invoke (decrypt or sign) tes !! 2152 pr_err("alg: akcipher: encrypt test failed. Invalid output\n");
4235 * for vectors with only a public key !! 2153 hexdump(outbuf_enc, vecs->c_size);
4236 */ !! 2154 err = -EINVAL;
>> 2155 goto free_all;
>> 2156 }
>> 2157 /* Don't invoke decrypt for vectors with public key */
4237 if (vecs->public_key_vec) { 2158 if (vecs->public_key_vec) {
4238 err = 0; 2159 err = 0;
4239 goto free_all; 2160 goto free_all;
4240 } 2161 }
4241 outbuf_dec = kzalloc(out_len_max, GFP 2162 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
4242 if (!outbuf_dec) { 2163 if (!outbuf_dec) {
4243 err = -ENOMEM; 2164 err = -ENOMEM;
4244 goto free_all; 2165 goto free_all;
4245 } 2166 }
4246 2167
4247 if (!vecs->siggen_sigver_test && !c) !! 2168 if (WARN_ON(vecs->c_size > PAGE_SIZE))
4248 c = outbuf_enc; <<
4249 c_size = req->dst_len; <<
4250 } <<
4251 <<
4252 err = -E2BIG; <<
4253 op = vecs->siggen_sigver_test ? "sign <<
4254 if (WARN_ON(c_size > PAGE_SIZE)) <<
4255 goto free_all; 2169 goto free_all;
4256 memcpy(xbuf[0], c, c_size); <<
4257 2170
4258 sg_init_one(&src, xbuf[0], c_size); !! 2171 memcpy(xbuf[0], vecs->c, vecs->c_size);
>> 2172
>> 2173 sg_init_one(&src, xbuf[0], vecs->c_size);
4259 sg_init_one(&dst, outbuf_dec, out_len 2174 sg_init_one(&dst, outbuf_dec, out_len_max);
4260 crypto_init_wait(&wait); !! 2175 init_completion(&result.completion);
4261 akcipher_request_set_crypt(req, &src, !! 2176 akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max);
4262 2177
4263 err = crypto_wait_req(vecs->siggen_si !! 2178 /* Run RSA decrypt - m = c^d mod n;*/
4264 /* Run asymmetr !! 2179 err = wait_async_op(&result, crypto_akcipher_decrypt(req));
4265 crypto_akcipher <<
4266 /* Run asymmetr <<
4267 crypto_akcipher <<
4268 if (err) { 2180 if (err) {
4269 pr_err("alg: akcipher: %s tes !! 2181 pr_err("alg: akcipher: decrypt test failed. err %d\n", err);
4270 goto free_all; 2182 goto free_all;
4271 } 2183 }
4272 out_len = req->dst_len; 2184 out_len = req->dst_len;
4273 if (out_len < m_size) { !! 2185 if (out_len < vecs->m_size) {
4274 pr_err("alg: akcipher: %s tes !! 2186 pr_err("alg: akcipher: decrypt test failed. "
4275 op, out_len); !! 2187 "Invalid output len %u\n", out_len);
4276 err = -EINVAL; 2188 err = -EINVAL;
4277 goto free_all; 2189 goto free_all;
4278 } 2190 }
4279 /* verify that decrypted message is e 2191 /* verify that decrypted message is equal to the original msg */
4280 if (memchr_inv(outbuf_dec, 0, out_len !! 2192 if (memchr_inv(outbuf_dec, 0, out_len - vecs->m_size) ||
4281 memcmp(m, outbuf_dec + out_len - !! 2193 memcmp(vecs->m, outbuf_dec + out_len - vecs->m_size,
4282 pr_err("alg: akcipher: %s tes !! 2194 vecs->m_size)) {
>> 2195 pr_err("alg: akcipher: decrypt test failed. Invalid output\n");
4283 hexdump(outbuf_dec, out_len); 2196 hexdump(outbuf_dec, out_len);
4284 err = -EINVAL; 2197 err = -EINVAL;
4285 } 2198 }
4286 free_all: 2199 free_all:
4287 kfree(outbuf_dec); 2200 kfree(outbuf_dec);
4288 kfree(outbuf_enc); 2201 kfree(outbuf_enc);
4289 free_key: <<
4290 kfree(key); <<
4291 free_req: 2202 free_req:
4292 akcipher_request_free(req); 2203 akcipher_request_free(req);
4293 free_xbuf: 2204 free_xbuf:
4294 testmgr_free_buf(xbuf); 2205 testmgr_free_buf(xbuf);
4295 return err; 2206 return err;
4296 } 2207 }
4297 2208
4298 static int test_akcipher(struct crypto_akciph 2209 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
4299 const struct akciphe !! 2210 struct akcipher_testvec *vecs, unsigned int tcount)
4300 unsigned int tcount) <<
4301 { 2211 {
4302 const char *algo = 2212 const char *algo =
4303 crypto_tfm_alg_driver_name(cr 2213 crypto_tfm_alg_driver_name(crypto_akcipher_tfm(tfm));
4304 int ret, i; 2214 int ret, i;
4305 2215
4306 for (i = 0; i < tcount; i++) { 2216 for (i = 0; i < tcount; i++) {
4307 ret = test_akcipher_one(tfm, 2217 ret = test_akcipher_one(tfm, vecs++);
4308 if (!ret) 2218 if (!ret)
4309 continue; 2219 continue;
4310 2220
4311 pr_err("alg: akcipher: test % 2221 pr_err("alg: akcipher: test %d failed for %s, err=%d\n",
4312 i + 1, algo, ret); 2222 i + 1, algo, ret);
4313 return ret; 2223 return ret;
4314 } 2224 }
4315 return 0; 2225 return 0;
4316 } 2226 }
4317 2227
4318 static int alg_test_akcipher(const struct alg 2228 static int alg_test_akcipher(const struct alg_test_desc *desc,
4319 const char *driv 2229 const char *driver, u32 type, u32 mask)
4320 { 2230 {
4321 struct crypto_akcipher *tfm; 2231 struct crypto_akcipher *tfm;
4322 int err = 0; 2232 int err = 0;
4323 2233
4324 tfm = crypto_alloc_akcipher(driver, t 2234 tfm = crypto_alloc_akcipher(driver, type, mask);
4325 if (IS_ERR(tfm)) { 2235 if (IS_ERR(tfm)) {
4326 if (PTR_ERR(tfm) == -ENOENT) <<
4327 return 0; <<
4328 pr_err("alg: akcipher: Failed 2236 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
4329 driver, PTR_ERR(tfm)); 2237 driver, PTR_ERR(tfm));
4330 return PTR_ERR(tfm); 2238 return PTR_ERR(tfm);
4331 } 2239 }
4332 if (desc->suite.akcipher.vecs) 2240 if (desc->suite.akcipher.vecs)
4333 err = test_akcipher(tfm, desc 2241 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
4334 desc->sui 2242 desc->suite.akcipher.count);
4335 2243
4336 crypto_free_akcipher(tfm); 2244 crypto_free_akcipher(tfm);
4337 return err; 2245 return err;
4338 } 2246 }
4339 2247
4340 static int alg_test_null(const struct alg_tes 2248 static int alg_test_null(const struct alg_test_desc *desc,
4341 const char *driv 2249 const char *driver, u32 type, u32 mask)
4342 { 2250 {
4343 return 0; 2251 return 0;
4344 } 2252 }
4345 2253
4346 #define ____VECS(tv) .vecs = tv, .count = <<
4347 #define __VECS(tv) { ____VECS(tv) } <<
4348 <<
4349 /* Please keep this list sorted by algorithm 2254 /* Please keep this list sorted by algorithm name. */
4350 static const struct alg_test_desc alg_test_de 2255 static const struct alg_test_desc alg_test_descs[] = {
4351 { 2256 {
4352 .alg = "adiantum(xchacha12,ae <<
4353 .generic_driver = "adiantum(x <<
4354 .test = alg_test_skcipher, <<
4355 .suite = { <<
4356 .cipher = __VECS(adia <<
4357 }, <<
4358 }, { <<
4359 .alg = "adiantum(xchacha20,ae <<
4360 .generic_driver = "adiantum(x <<
4361 .test = alg_test_skcipher, <<
4362 .suite = { <<
4363 .cipher = __VECS(adia <<
4364 }, <<
4365 }, { <<
4366 .alg = "aegis128", <<
4367 .test = alg_test_aead, <<
4368 .suite = { <<
4369 .aead = __VECS(aegis1 <<
4370 } <<
4371 }, { <<
4372 .alg = "ansi_cprng", 2257 .alg = "ansi_cprng",
4373 .test = alg_test_cprng, 2258 .test = alg_test_cprng,
4374 .suite = { 2259 .suite = {
4375 .cprng = __VECS(ansi_ !! 2260 .cprng = {
>> 2261 .vecs = ansi_cprng_aes_tv_template,
>> 2262 .count = ANSI_CPRNG_AES_TEST_VECTORS
>> 2263 }
4376 } 2264 }
4377 }, { 2265 }, {
4378 .alg = "authenc(hmac(md5),ecb 2266 .alg = "authenc(hmac(md5),ecb(cipher_null))",
4379 .test = alg_test_aead, 2267 .test = alg_test_aead,
4380 .suite = { 2268 .suite = {
4381 .aead = __VECS(hmac_m !! 2269 .aead = {
>> 2270 .enc = {
>> 2271 .vecs = hmac_md5_ecb_cipher_null_enc_tv_template,
>> 2272 .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS
>> 2273 },
>> 2274 .dec = {
>> 2275 .vecs = hmac_md5_ecb_cipher_null_dec_tv_template,
>> 2276 .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS
>> 2277 }
>> 2278 }
4382 } 2279 }
4383 }, { 2280 }, {
4384 .alg = "authenc(hmac(sha1),cb 2281 .alg = "authenc(hmac(sha1),cbc(aes))",
4385 .test = alg_test_aead, 2282 .test = alg_test_aead,
4386 .fips_allowed = 1, <<
4387 .suite = { 2283 .suite = {
4388 .aead = __VECS(hmac_s !! 2284 .aead = {
>> 2285 .enc = {
>> 2286 .vecs =
>> 2287 hmac_sha1_aes_cbc_enc_tv_temp,
>> 2288 .count =
>> 2289 HMAC_SHA1_AES_CBC_ENC_TEST_VEC
>> 2290 }
>> 2291 }
4389 } 2292 }
4390 }, { 2293 }, {
4391 .alg = "authenc(hmac(sha1),cb 2294 .alg = "authenc(hmac(sha1),cbc(des))",
4392 .test = alg_test_aead, 2295 .test = alg_test_aead,
4393 .suite = { 2296 .suite = {
4394 .aead = __VECS(hmac_s !! 2297 .aead = {
>> 2298 .enc = {
>> 2299 .vecs =
>> 2300 hmac_sha1_des_cbc_enc_tv_temp,
>> 2301 .count =
>> 2302 HMAC_SHA1_DES_CBC_ENC_TEST_VEC
>> 2303 }
>> 2304 }
4395 } 2305 }
4396 }, { 2306 }, {
4397 .alg = "authenc(hmac(sha1),cb 2307 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
4398 .test = alg_test_aead, 2308 .test = alg_test_aead,
>> 2309 .fips_allowed = 1,
4399 .suite = { 2310 .suite = {
4400 .aead = __VECS(hmac_s !! 2311 .aead = {
>> 2312 .enc = {
>> 2313 .vecs =
>> 2314 hmac_sha1_des3_ede_cbc_enc_tv_temp,
>> 2315 .count =
>> 2316 HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC
>> 2317 }
>> 2318 }
4401 } 2319 }
4402 }, { 2320 }, {
4403 .alg = "authenc(hmac(sha1),ct 2321 .alg = "authenc(hmac(sha1),ctr(aes))",
4404 .test = alg_test_null, 2322 .test = alg_test_null,
4405 .fips_allowed = 1, 2323 .fips_allowed = 1,
4406 }, { 2324 }, {
4407 .alg = "authenc(hmac(sha1),ec 2325 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
4408 .test = alg_test_aead, 2326 .test = alg_test_aead,
4409 .suite = { 2327 .suite = {
4410 .aead = __VECS(hmac_s !! 2328 .aead = {
>> 2329 .enc = {
>> 2330 .vecs =
>> 2331 hmac_sha1_ecb_cipher_null_enc_tv_temp,
>> 2332 .count =
>> 2333 HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC
>> 2334 },
>> 2335 .dec = {
>> 2336 .vecs =
>> 2337 hmac_sha1_ecb_cipher_null_dec_tv_temp,
>> 2338 .count =
>> 2339 HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC
>> 2340 }
>> 2341 }
4411 } 2342 }
4412 }, { 2343 }, {
4413 .alg = "authenc(hmac(sha1),rf 2344 .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
4414 .test = alg_test_null, 2345 .test = alg_test_null,
4415 .fips_allowed = 1, 2346 .fips_allowed = 1,
4416 }, { 2347 }, {
4417 .alg = "authenc(hmac(sha224), 2348 .alg = "authenc(hmac(sha224),cbc(des))",
4418 .test = alg_test_aead, 2349 .test = alg_test_aead,
4419 .suite = { 2350 .suite = {
4420 .aead = __VECS(hmac_s !! 2351 .aead = {
>> 2352 .enc = {
>> 2353 .vecs =
>> 2354 hmac_sha224_des_cbc_enc_tv_temp,
>> 2355 .count =
>> 2356 HMAC_SHA224_DES_CBC_ENC_TEST_VEC
>> 2357 }
>> 2358 }
4421 } 2359 }
4422 }, { 2360 }, {
4423 .alg = "authenc(hmac(sha224), 2361 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
4424 .test = alg_test_aead, 2362 .test = alg_test_aead,
>> 2363 .fips_allowed = 1,
4425 .suite = { 2364 .suite = {
4426 .aead = __VECS(hmac_s !! 2365 .aead = {
>> 2366 .enc = {
>> 2367 .vecs =
>> 2368 hmac_sha224_des3_ede_cbc_enc_tv_temp,
>> 2369 .count =
>> 2370 HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC
>> 2371 }
>> 2372 }
4427 } 2373 }
4428 }, { 2374 }, {
4429 .alg = "authenc(hmac(sha256), 2375 .alg = "authenc(hmac(sha256),cbc(aes))",
4430 .test = alg_test_aead, 2376 .test = alg_test_aead,
4431 .fips_allowed = 1, 2377 .fips_allowed = 1,
4432 .suite = { 2378 .suite = {
4433 .aead = __VECS(hmac_s !! 2379 .aead = {
>> 2380 .enc = {
>> 2381 .vecs =
>> 2382 hmac_sha256_aes_cbc_enc_tv_temp,
>> 2383 .count =
>> 2384 HMAC_SHA256_AES_CBC_ENC_TEST_VEC
>> 2385 }
>> 2386 }
4434 } 2387 }
4435 }, { 2388 }, {
4436 .alg = "authenc(hmac(sha256), 2389 .alg = "authenc(hmac(sha256),cbc(des))",
4437 .test = alg_test_aead, 2390 .test = alg_test_aead,
4438 .suite = { 2391 .suite = {
4439 .aead = __VECS(hmac_s !! 2392 .aead = {
>> 2393 .enc = {
>> 2394 .vecs =
>> 2395 hmac_sha256_des_cbc_enc_tv_temp,
>> 2396 .count =
>> 2397 HMAC_SHA256_DES_CBC_ENC_TEST_VEC
>> 2398 }
>> 2399 }
4440 } 2400 }
4441 }, { 2401 }, {
4442 .alg = "authenc(hmac(sha256), 2402 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
4443 .test = alg_test_aead, 2403 .test = alg_test_aead,
>> 2404 .fips_allowed = 1,
4444 .suite = { 2405 .suite = {
4445 .aead = __VECS(hmac_s !! 2406 .aead = {
>> 2407 .enc = {
>> 2408 .vecs =
>> 2409 hmac_sha256_des3_ede_cbc_enc_tv_temp,
>> 2410 .count =
>> 2411 HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC
>> 2412 }
>> 2413 }
4446 } 2414 }
4447 }, { 2415 }, {
4448 .alg = "authenc(hmac(sha256), 2416 .alg = "authenc(hmac(sha256),ctr(aes))",
4449 .test = alg_test_null, 2417 .test = alg_test_null,
4450 .fips_allowed = 1, 2418 .fips_allowed = 1,
4451 }, { 2419 }, {
4452 .alg = "authenc(hmac(sha256), 2420 .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
4453 .test = alg_test_null, 2421 .test = alg_test_null,
4454 .fips_allowed = 1, 2422 .fips_allowed = 1,
4455 }, { 2423 }, {
4456 .alg = "authenc(hmac(sha384), 2424 .alg = "authenc(hmac(sha384),cbc(des))",
4457 .test = alg_test_aead, 2425 .test = alg_test_aead,
4458 .suite = { 2426 .suite = {
4459 .aead = __VECS(hmac_s !! 2427 .aead = {
>> 2428 .enc = {
>> 2429 .vecs =
>> 2430 hmac_sha384_des_cbc_enc_tv_temp,
>> 2431 .count =
>> 2432 HMAC_SHA384_DES_CBC_ENC_TEST_VEC
>> 2433 }
>> 2434 }
4460 } 2435 }
4461 }, { 2436 }, {
4462 .alg = "authenc(hmac(sha384), 2437 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
4463 .test = alg_test_aead, 2438 .test = alg_test_aead,
>> 2439 .fips_allowed = 1,
4464 .suite = { 2440 .suite = {
4465 .aead = __VECS(hmac_s !! 2441 .aead = {
>> 2442 .enc = {
>> 2443 .vecs =
>> 2444 hmac_sha384_des3_ede_cbc_enc_tv_temp,
>> 2445 .count =
>> 2446 HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC
>> 2447 }
>> 2448 }
4466 } 2449 }
4467 }, { 2450 }, {
4468 .alg = "authenc(hmac(sha384), 2451 .alg = "authenc(hmac(sha384),ctr(aes))",
4469 .test = alg_test_null, 2452 .test = alg_test_null,
4470 .fips_allowed = 1, 2453 .fips_allowed = 1,
4471 }, { 2454 }, {
4472 .alg = "authenc(hmac(sha384), 2455 .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
4473 .test = alg_test_null, 2456 .test = alg_test_null,
4474 .fips_allowed = 1, 2457 .fips_allowed = 1,
4475 }, { 2458 }, {
4476 .alg = "authenc(hmac(sha512), 2459 .alg = "authenc(hmac(sha512),cbc(aes))",
4477 .fips_allowed = 1, 2460 .fips_allowed = 1,
4478 .test = alg_test_aead, 2461 .test = alg_test_aead,
4479 .suite = { 2462 .suite = {
4480 .aead = __VECS(hmac_s !! 2463 .aead = {
>> 2464 .enc = {
>> 2465 .vecs =
>> 2466 hmac_sha512_aes_cbc_enc_tv_temp,
>> 2467 .count =
>> 2468 HMAC_SHA512_AES_CBC_ENC_TEST_VEC
>> 2469 }
>> 2470 }
4481 } 2471 }
4482 }, { 2472 }, {
4483 .alg = "authenc(hmac(sha512), 2473 .alg = "authenc(hmac(sha512),cbc(des))",
4484 .test = alg_test_aead, 2474 .test = alg_test_aead,
4485 .suite = { 2475 .suite = {
4486 .aead = __VECS(hmac_s !! 2476 .aead = {
>> 2477 .enc = {
>> 2478 .vecs =
>> 2479 hmac_sha512_des_cbc_enc_tv_temp,
>> 2480 .count =
>> 2481 HMAC_SHA512_DES_CBC_ENC_TEST_VEC
>> 2482 }
>> 2483 }
4487 } 2484 }
4488 }, { 2485 }, {
4489 .alg = "authenc(hmac(sha512), 2486 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
4490 .test = alg_test_aead, 2487 .test = alg_test_aead,
>> 2488 .fips_allowed = 1,
4491 .suite = { 2489 .suite = {
4492 .aead = __VECS(hmac_s !! 2490 .aead = {
>> 2491 .enc = {
>> 2492 .vecs =
>> 2493 hmac_sha512_des3_ede_cbc_enc_tv_temp,
>> 2494 .count =
>> 2495 HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC
>> 2496 }
>> 2497 }
4493 } 2498 }
4494 }, { 2499 }, {
4495 .alg = "authenc(hmac(sha512), 2500 .alg = "authenc(hmac(sha512),ctr(aes))",
4496 .test = alg_test_null, 2501 .test = alg_test_null,
4497 .fips_allowed = 1, 2502 .fips_allowed = 1,
4498 }, { 2503 }, {
4499 .alg = "authenc(hmac(sha512), 2504 .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
4500 .test = alg_test_null, 2505 .test = alg_test_null,
4501 .fips_allowed = 1, 2506 .fips_allowed = 1,
4502 }, { 2507 }, {
4503 .alg = "blake2b-160", <<
4504 .test = alg_test_hash, <<
4505 .fips_allowed = 0, <<
4506 .suite = { <<
4507 .hash = __VECS(blake2 <<
4508 } <<
4509 }, { <<
4510 .alg = "blake2b-256", <<
4511 .test = alg_test_hash, <<
4512 .fips_allowed = 0, <<
4513 .suite = { <<
4514 .hash = __VECS(blake2 <<
4515 } <<
4516 }, { <<
4517 .alg = "blake2b-384", <<
4518 .test = alg_test_hash, <<
4519 .fips_allowed = 0, <<
4520 .suite = { <<
4521 .hash = __VECS(blake2 <<
4522 } <<
4523 }, { <<
4524 .alg = "blake2b-512", <<
4525 .test = alg_test_hash, <<
4526 .fips_allowed = 0, <<
4527 .suite = { <<
4528 .hash = __VECS(blake2 <<
4529 } <<
4530 }, { <<
4531 .alg = "cbc(aes)", 2508 .alg = "cbc(aes)",
4532 .test = alg_test_skcipher, 2509 .test = alg_test_skcipher,
4533 .fips_allowed = 1, 2510 .fips_allowed = 1,
4534 .suite = { 2511 .suite = {
4535 .cipher = __VECS(aes_ !! 2512 .cipher = {
4536 }, !! 2513 .enc = {
>> 2514 .vecs = aes_cbc_enc_tv_template,
>> 2515 .count = AES_CBC_ENC_TEST_VECTORS
>> 2516 },
>> 2517 .dec = {
>> 2518 .vecs = aes_cbc_dec_tv_template,
>> 2519 .count = AES_CBC_DEC_TEST_VECTORS
>> 2520 }
>> 2521 }
>> 2522 }
4537 }, { 2523 }, {
4538 .alg = "cbc(anubis)", 2524 .alg = "cbc(anubis)",
4539 .test = alg_test_skcipher, 2525 .test = alg_test_skcipher,
4540 .suite = { 2526 .suite = {
4541 .cipher = __VECS(anub !! 2527 .cipher = {
4542 }, !! 2528 .enc = {
4543 }, { !! 2529 .vecs = anubis_cbc_enc_tv_template,
4544 .alg = "cbc(aria)", !! 2530 .count = ANUBIS_CBC_ENC_TEST_VECTORS
4545 .test = alg_test_skcipher, !! 2531 },
4546 .suite = { !! 2532 .dec = {
4547 .cipher = __VECS(aria !! 2533 .vecs = anubis_cbc_dec_tv_template,
4548 }, !! 2534 .count = ANUBIS_CBC_DEC_TEST_VECTORS
>> 2535 }
>> 2536 }
>> 2537 }
4549 }, { 2538 }, {
4550 .alg = "cbc(blowfish)", 2539 .alg = "cbc(blowfish)",
4551 .test = alg_test_skcipher, 2540 .test = alg_test_skcipher,
4552 .suite = { 2541 .suite = {
4553 .cipher = __VECS(bf_c !! 2542 .cipher = {
4554 }, !! 2543 .enc = {
>> 2544 .vecs = bf_cbc_enc_tv_template,
>> 2545 .count = BF_CBC_ENC_TEST_VECTORS
>> 2546 },
>> 2547 .dec = {
>> 2548 .vecs = bf_cbc_dec_tv_template,
>> 2549 .count = BF_CBC_DEC_TEST_VECTORS
>> 2550 }
>> 2551 }
>> 2552 }
4555 }, { 2553 }, {
4556 .alg = "cbc(camellia)", 2554 .alg = "cbc(camellia)",
4557 .test = alg_test_skcipher, 2555 .test = alg_test_skcipher,
4558 .suite = { 2556 .suite = {
4559 .cipher = __VECS(came !! 2557 .cipher = {
4560 }, !! 2558 .enc = {
>> 2559 .vecs = camellia_cbc_enc_tv_template,
>> 2560 .count = CAMELLIA_CBC_ENC_TEST_VECTORS
>> 2561 },
>> 2562 .dec = {
>> 2563 .vecs = camellia_cbc_dec_tv_template,
>> 2564 .count = CAMELLIA_CBC_DEC_TEST_VECTORS
>> 2565 }
>> 2566 }
>> 2567 }
4561 }, { 2568 }, {
4562 .alg = "cbc(cast5)", 2569 .alg = "cbc(cast5)",
4563 .test = alg_test_skcipher, 2570 .test = alg_test_skcipher,
4564 .suite = { 2571 .suite = {
4565 .cipher = __VECS(cast !! 2572 .cipher = {
4566 }, !! 2573 .enc = {
>> 2574 .vecs = cast5_cbc_enc_tv_template,
>> 2575 .count = CAST5_CBC_ENC_TEST_VECTORS
>> 2576 },
>> 2577 .dec = {
>> 2578 .vecs = cast5_cbc_dec_tv_template,
>> 2579 .count = CAST5_CBC_DEC_TEST_VECTORS
>> 2580 }
>> 2581 }
>> 2582 }
4567 }, { 2583 }, {
4568 .alg = "cbc(cast6)", 2584 .alg = "cbc(cast6)",
4569 .test = alg_test_skcipher, 2585 .test = alg_test_skcipher,
4570 .suite = { 2586 .suite = {
4571 .cipher = __VECS(cast !! 2587 .cipher = {
4572 }, !! 2588 .enc = {
>> 2589 .vecs = cast6_cbc_enc_tv_template,
>> 2590 .count = CAST6_CBC_ENC_TEST_VECTORS
>> 2591 },
>> 2592 .dec = {
>> 2593 .vecs = cast6_cbc_dec_tv_template,
>> 2594 .count = CAST6_CBC_DEC_TEST_VECTORS
>> 2595 }
>> 2596 }
>> 2597 }
4573 }, { 2598 }, {
4574 .alg = "cbc(des)", 2599 .alg = "cbc(des)",
4575 .test = alg_test_skcipher, 2600 .test = alg_test_skcipher,
4576 .suite = { 2601 .suite = {
4577 .cipher = __VECS(des_ !! 2602 .cipher = {
4578 }, !! 2603 .enc = {
>> 2604 .vecs = des_cbc_enc_tv_template,
>> 2605 .count = DES_CBC_ENC_TEST_VECTORS
>> 2606 },
>> 2607 .dec = {
>> 2608 .vecs = des_cbc_dec_tv_template,
>> 2609 .count = DES_CBC_DEC_TEST_VECTORS
>> 2610 }
>> 2611 }
>> 2612 }
4579 }, { 2613 }, {
4580 .alg = "cbc(des3_ede)", 2614 .alg = "cbc(des3_ede)",
4581 .test = alg_test_skcipher, 2615 .test = alg_test_skcipher,
4582 .suite = { <<
4583 .cipher = __VECS(des3 <<
4584 }, <<
4585 }, { <<
4586 /* Same as cbc(aes) except th <<
4587 * hardware secure memory whi <<
4588 */ <<
4589 .alg = "cbc(paes)", <<
4590 .test = alg_test_null, <<
4591 .fips_allowed = 1, 2616 .fips_allowed = 1,
4592 }, { <<
4593 /* Same as cbc(sm4) except th <<
4594 * hardware secure memory whi <<
4595 */ <<
4596 .alg = "cbc(psm4)", <<
4597 .test = alg_test_null, <<
4598 }, { <<
4599 .alg = "cbc(serpent)", <<
4600 .test = alg_test_skcipher, <<
4601 .suite = { 2617 .suite = {
4602 .cipher = __VECS(serp !! 2618 .cipher = {
4603 }, !! 2619 .enc = {
>> 2620 .vecs = des3_ede_cbc_enc_tv_template,
>> 2621 .count = DES3_EDE_CBC_ENC_TEST_VECTORS
>> 2622 },
>> 2623 .dec = {
>> 2624 .vecs = des3_ede_cbc_dec_tv_template,
>> 2625 .count = DES3_EDE_CBC_DEC_TEST_VECTORS
>> 2626 }
>> 2627 }
>> 2628 }
4604 }, { 2629 }, {
4605 .alg = "cbc(sm4)", !! 2630 .alg = "cbc(serpent)",
4606 .test = alg_test_skcipher, 2631 .test = alg_test_skcipher,
4607 .suite = { 2632 .suite = {
4608 .cipher = __VECS(sm4_ !! 2633 .cipher = {
>> 2634 .enc = {
>> 2635 .vecs = serpent_cbc_enc_tv_template,
>> 2636 .count = SERPENT_CBC_ENC_TEST_VECTORS
>> 2637 },
>> 2638 .dec = {
>> 2639 .vecs = serpent_cbc_dec_tv_template,
>> 2640 .count = SERPENT_CBC_DEC_TEST_VECTORS
>> 2641 }
>> 2642 }
4609 } 2643 }
4610 }, { 2644 }, {
4611 .alg = "cbc(twofish)", 2645 .alg = "cbc(twofish)",
4612 .test = alg_test_skcipher, 2646 .test = alg_test_skcipher,
4613 .suite = { 2647 .suite = {
4614 .cipher = __VECS(tf_c !! 2648 .cipher = {
4615 }, !! 2649 .enc = {
4616 }, { !! 2650 .vecs = tf_cbc_enc_tv_template,
4617 #if IS_ENABLED(CONFIG_CRYPTO_PAES_S390) !! 2651 .count = TF_CBC_ENC_TEST_VECTORS
4618 .alg = "cbc-paes-s390", !! 2652 },
4619 .fips_allowed = 1, !! 2653 .dec = {
4620 .test = alg_test_skcipher, !! 2654 .vecs = tf_cbc_dec_tv_template,
4621 .suite = { !! 2655 .count = TF_CBC_DEC_TEST_VECTORS
4622 .cipher = __VECS(aes_ !! 2656 }
4623 } !! 2657 }
4624 }, { <<
4625 #endif <<
4626 .alg = "cbcmac(aes)", <<
4627 .test = alg_test_hash, <<
4628 .suite = { <<
4629 .hash = __VECS(aes_cb <<
4630 } <<
4631 }, { <<
4632 .alg = "cbcmac(sm4)", <<
4633 .test = alg_test_hash, <<
4634 .suite = { <<
4635 .hash = __VECS(sm4_cb <<
4636 } 2658 }
4637 }, { 2659 }, {
4638 .alg = "ccm(aes)", 2660 .alg = "ccm(aes)",
4639 .generic_driver = "ccm_base(c <<
4640 .test = alg_test_aead, 2661 .test = alg_test_aead,
4641 .fips_allowed = 1, 2662 .fips_allowed = 1,
4642 .suite = { 2663 .suite = {
4643 .aead = { 2664 .aead = {
4644 ____VECS(aes_ !! 2665 .enc = {
4645 .einval_allow !! 2666 .vecs = aes_ccm_enc_tv_template,
4646 } !! 2667 .count = AES_CCM_ENC_TEST_VECTORS
4647 } !! 2668 },
4648 }, { !! 2669 .dec = {
4649 .alg = "ccm(sm4)", !! 2670 .vecs = aes_ccm_dec_tv_template,
4650 .generic_driver = "ccm_base(c !! 2671 .count = AES_CCM_DEC_TEST_VECTORS
4651 .test = alg_test_aead, !! 2672 }
4652 .suite = { <<
4653 .aead = { <<
4654 ____VECS(sm4_ <<
4655 .einval_allow <<
4656 } 2673 }
4657 } 2674 }
4658 }, { 2675 }, {
4659 .alg = "chacha20", 2676 .alg = "chacha20",
4660 .test = alg_test_skcipher, 2677 .test = alg_test_skcipher,
4661 .suite = { 2678 .suite = {
4662 .cipher = __VECS(chac !! 2679 .cipher = {
4663 }, !! 2680 .enc = {
>> 2681 .vecs = chacha20_enc_tv_template,
>> 2682 .count = CHACHA20_ENC_TEST_VECTORS
>> 2683 },
>> 2684 .dec = {
>> 2685 .vecs = chacha20_enc_tv_template,
>> 2686 .count = CHACHA20_ENC_TEST_VECTORS
>> 2687 },
>> 2688 }
>> 2689 }
4664 }, { 2690 }, {
4665 .alg = "cmac(aes)", 2691 .alg = "cmac(aes)",
4666 .fips_allowed = 1, 2692 .fips_allowed = 1,
4667 .test = alg_test_hash, 2693 .test = alg_test_hash,
4668 .suite = { 2694 .suite = {
4669 .hash = __VECS(aes_cm !! 2695 .hash = {
4670 } !! 2696 .vecs = aes_cmac128_tv_template,
4671 }, { !! 2697 .count = CMAC_AES_TEST_VECTORS
4672 .alg = "cmac(camellia)", !! 2698 }
4673 .test = alg_test_hash, <<
4674 .suite = { <<
4675 .hash = __VECS(camell <<
4676 } 2699 }
4677 }, { 2700 }, {
4678 .alg = "cmac(des3_ede)", 2701 .alg = "cmac(des3_ede)",
>> 2702 .fips_allowed = 1,
4679 .test = alg_test_hash, 2703 .test = alg_test_hash,
4680 .suite = { 2704 .suite = {
4681 .hash = __VECS(des3_e !! 2705 .hash = {
4682 } !! 2706 .vecs = des3_ede_cmac64_tv_template,
4683 }, { !! 2707 .count = CMAC_DES3_EDE_TEST_VECTORS
4684 .alg = "cmac(sm4)", !! 2708 }
4685 .test = alg_test_hash, <<
4686 .suite = { <<
4687 .hash = __VECS(sm4_cm <<
4688 } 2709 }
4689 }, { 2710 }, {
4690 .alg = "compress_null", 2711 .alg = "compress_null",
4691 .test = alg_test_null, 2712 .test = alg_test_null,
4692 }, { 2713 }, {
4693 .alg = "crc32", 2714 .alg = "crc32",
4694 .test = alg_test_hash, 2715 .test = alg_test_hash,
4695 .fips_allowed = 1, <<
4696 .suite = { 2716 .suite = {
4697 .hash = __VECS(crc32_ !! 2717 .hash = {
>> 2718 .vecs = crc32_tv_template,
>> 2719 .count = CRC32_TEST_VECTORS
>> 2720 }
4698 } 2721 }
4699 }, { 2722 }, {
4700 .alg = "crc32c", 2723 .alg = "crc32c",
4701 .test = alg_test_crc32c, 2724 .test = alg_test_crc32c,
4702 .fips_allowed = 1, 2725 .fips_allowed = 1,
4703 .suite = { 2726 .suite = {
4704 .hash = __VECS(crc32c !! 2727 .hash = {
4705 } !! 2728 .vecs = crc32c_tv_template,
4706 }, { !! 2729 .count = CRC32C_TEST_VECTORS
4707 .alg = "crc64-rocksoft", !! 2730 }
4708 .test = alg_test_hash, <<
4709 .fips_allowed = 1, <<
4710 .suite = { <<
4711 .hash = __VECS(crc64_ <<
4712 } 2731 }
4713 }, { 2732 }, {
4714 .alg = "crct10dif", 2733 .alg = "crct10dif",
4715 .test = alg_test_hash, 2734 .test = alg_test_hash,
4716 .fips_allowed = 1, 2735 .fips_allowed = 1,
4717 .suite = { 2736 .suite = {
4718 .hash = __VECS(crct10 !! 2737 .hash = {
>> 2738 .vecs = crct10dif_tv_template,
>> 2739 .count = CRCT10DIF_TEST_VECTORS
>> 2740 }
4719 } 2741 }
4720 }, { 2742 }, {
4721 .alg = "ctr(aes)", 2743 .alg = "ctr(aes)",
4722 .test = alg_test_skcipher, 2744 .test = alg_test_skcipher,
4723 .fips_allowed = 1, 2745 .fips_allowed = 1,
4724 .suite = { 2746 .suite = {
4725 .cipher = __VECS(aes_ !! 2747 .cipher = {
4726 } !! 2748 .enc = {
4727 }, { !! 2749 .vecs = aes_ctr_enc_tv_template,
4728 .alg = "ctr(aria)", !! 2750 .count = AES_CTR_ENC_TEST_VECTORS
4729 .test = alg_test_skcipher, !! 2751 },
4730 .suite = { !! 2752 .dec = {
4731 .cipher = __VECS(aria !! 2753 .vecs = aes_ctr_dec_tv_template,
>> 2754 .count = AES_CTR_DEC_TEST_VECTORS
>> 2755 }
>> 2756 }
4732 } 2757 }
4733 }, { 2758 }, {
4734 .alg = "ctr(blowfish)", 2759 .alg = "ctr(blowfish)",
4735 .test = alg_test_skcipher, 2760 .test = alg_test_skcipher,
4736 .suite = { 2761 .suite = {
4737 .cipher = __VECS(bf_c !! 2762 .cipher = {
>> 2763 .enc = {
>> 2764 .vecs = bf_ctr_enc_tv_template,
>> 2765 .count = BF_CTR_ENC_TEST_VECTORS
>> 2766 },
>> 2767 .dec = {
>> 2768 .vecs = bf_ctr_dec_tv_template,
>> 2769 .count = BF_CTR_DEC_TEST_VECTORS
>> 2770 }
>> 2771 }
4738 } 2772 }
4739 }, { 2773 }, {
4740 .alg = "ctr(camellia)", 2774 .alg = "ctr(camellia)",
4741 .test = alg_test_skcipher, 2775 .test = alg_test_skcipher,
4742 .suite = { 2776 .suite = {
4743 .cipher = __VECS(came !! 2777 .cipher = {
>> 2778 .enc = {
>> 2779 .vecs = camellia_ctr_enc_tv_template,
>> 2780 .count = CAMELLIA_CTR_ENC_TEST_VECTORS
>> 2781 },
>> 2782 .dec = {
>> 2783 .vecs = camellia_ctr_dec_tv_template,
>> 2784 .count = CAMELLIA_CTR_DEC_TEST_VECTORS
>> 2785 }
>> 2786 }
4744 } 2787 }
4745 }, { 2788 }, {
4746 .alg = "ctr(cast5)", 2789 .alg = "ctr(cast5)",
4747 .test = alg_test_skcipher, 2790 .test = alg_test_skcipher,
4748 .suite = { 2791 .suite = {
4749 .cipher = __VECS(cast !! 2792 .cipher = {
>> 2793 .enc = {
>> 2794 .vecs = cast5_ctr_enc_tv_template,
>> 2795 .count = CAST5_CTR_ENC_TEST_VECTORS
>> 2796 },
>> 2797 .dec = {
>> 2798 .vecs = cast5_ctr_dec_tv_template,
>> 2799 .count = CAST5_CTR_DEC_TEST_VECTORS
>> 2800 }
>> 2801 }
4750 } 2802 }
4751 }, { 2803 }, {
4752 .alg = "ctr(cast6)", 2804 .alg = "ctr(cast6)",
4753 .test = alg_test_skcipher, 2805 .test = alg_test_skcipher,
4754 .suite = { 2806 .suite = {
4755 .cipher = __VECS(cast !! 2807 .cipher = {
>> 2808 .enc = {
>> 2809 .vecs = cast6_ctr_enc_tv_template,
>> 2810 .count = CAST6_CTR_ENC_TEST_VECTORS
>> 2811 },
>> 2812 .dec = {
>> 2813 .vecs = cast6_ctr_dec_tv_template,
>> 2814 .count = CAST6_CTR_DEC_TEST_VECTORS
>> 2815 }
>> 2816 }
4756 } 2817 }
4757 }, { 2818 }, {
4758 .alg = "ctr(des)", 2819 .alg = "ctr(des)",
4759 .test = alg_test_skcipher, 2820 .test = alg_test_skcipher,
4760 .suite = { 2821 .suite = {
4761 .cipher = __VECS(des_ !! 2822 .cipher = {
>> 2823 .enc = {
>> 2824 .vecs = des_ctr_enc_tv_template,
>> 2825 .count = DES_CTR_ENC_TEST_VECTORS
>> 2826 },
>> 2827 .dec = {
>> 2828 .vecs = des_ctr_dec_tv_template,
>> 2829 .count = DES_CTR_DEC_TEST_VECTORS
>> 2830 }
>> 2831 }
4762 } 2832 }
4763 }, { 2833 }, {
4764 .alg = "ctr(des3_ede)", 2834 .alg = "ctr(des3_ede)",
4765 .test = alg_test_skcipher, 2835 .test = alg_test_skcipher,
4766 .suite = { 2836 .suite = {
4767 .cipher = __VECS(des3 !! 2837 .cipher = {
>> 2838 .enc = {
>> 2839 .vecs = des3_ede_ctr_enc_tv_template,
>> 2840 .count = DES3_EDE_CTR_ENC_TEST_VECTORS
>> 2841 },
>> 2842 .dec = {
>> 2843 .vecs = des3_ede_ctr_dec_tv_template,
>> 2844 .count = DES3_EDE_CTR_DEC_TEST_VECTORS
>> 2845 }
>> 2846 }
4768 } 2847 }
4769 }, { 2848 }, {
4770 /* Same as ctr(aes) except th <<
4771 * hardware secure memory whi <<
4772 */ <<
4773 .alg = "ctr(paes)", <<
4774 .test = alg_test_null, <<
4775 .fips_allowed = 1, <<
4776 }, { <<
4777 <<
4778 /* Same as ctr(sm4) except th <<
4779 * hardware secure memory whi <<
4780 */ <<
4781 .alg = "ctr(psm4)", <<
4782 .test = alg_test_null, <<
4783 }, { <<
4784 .alg = "ctr(serpent)", 2849 .alg = "ctr(serpent)",
4785 .test = alg_test_skcipher, 2850 .test = alg_test_skcipher,
4786 .suite = { 2851 .suite = {
4787 .cipher = __VECS(serp !! 2852 .cipher = {
4788 } !! 2853 .enc = {
4789 }, { !! 2854 .vecs = serpent_ctr_enc_tv_template,
4790 .alg = "ctr(sm4)", !! 2855 .count = SERPENT_CTR_ENC_TEST_VECTORS
4791 .test = alg_test_skcipher, !! 2856 },
4792 .suite = { !! 2857 .dec = {
4793 .cipher = __VECS(sm4_ !! 2858 .vecs = serpent_ctr_dec_tv_template,
>> 2859 .count = SERPENT_CTR_DEC_TEST_VECTORS
>> 2860 }
>> 2861 }
4794 } 2862 }
4795 }, { 2863 }, {
4796 .alg = "ctr(twofish)", 2864 .alg = "ctr(twofish)",
4797 .test = alg_test_skcipher, 2865 .test = alg_test_skcipher,
4798 .suite = { 2866 .suite = {
4799 .cipher = __VECS(tf_c !! 2867 .cipher = {
4800 } !! 2868 .enc = {
4801 }, { !! 2869 .vecs = tf_ctr_enc_tv_template,
4802 #if IS_ENABLED(CONFIG_CRYPTO_PAES_S390) !! 2870 .count = TF_CTR_ENC_TEST_VECTORS
4803 .alg = "ctr-paes-s390", !! 2871 },
4804 .fips_allowed = 1, !! 2872 .dec = {
4805 .test = alg_test_skcipher, !! 2873 .vecs = tf_ctr_dec_tv_template,
4806 .suite = { !! 2874 .count = TF_CTR_DEC_TEST_VECTORS
4807 .cipher = __VECS(aes_ !! 2875 }
>> 2876 }
4808 } 2877 }
4809 }, { 2878 }, {
4810 #endif <<
4811 .alg = "cts(cbc(aes))", 2879 .alg = "cts(cbc(aes))",
4812 .test = alg_test_skcipher, 2880 .test = alg_test_skcipher,
4813 .fips_allowed = 1, <<
4814 .suite = { <<
4815 .cipher = __VECS(cts_ <<
4816 } <<
4817 }, { <<
4818 /* Same as cts(cbc((aes)) exc <<
4819 * hardware secure memory whi <<
4820 */ <<
4821 .alg = "cts(cbc(paes))", <<
4822 .test = alg_test_null, <<
4823 .fips_allowed = 1, <<
4824 }, { <<
4825 .alg = "cts(cbc(sm4))", <<
4826 .test = alg_test_skcipher, <<
4827 .suite = { <<
4828 .cipher = __VECS(sm4_ <<
4829 } <<
4830 }, { <<
4831 .alg = "curve25519", <<
4832 .test = alg_test_kpp, <<
4833 .suite = { 2881 .suite = {
4834 .kpp = __VECS(curve25 !! 2882 .cipher = {
4835 } !! 2883 .enc = {
4836 }, { !! 2884 .vecs = cts_mode_enc_tv_template,
4837 .alg = "deflate", !! 2885 .count = CTS_MODE_ENC_TEST_VECTORS
4838 .test = alg_test_comp, !! 2886 },
4839 .fips_allowed = 1, !! 2887 .dec = {
4840 .suite = { !! 2888 .vecs = cts_mode_dec_tv_template,
4841 .comp = { !! 2889 .count = CTS_MODE_DEC_TEST_VECTORS
4842 .comp = __VEC !! 2890 }
4843 .decomp = __V <<
4844 } 2891 }
4845 } 2892 }
4846 }, { 2893 }, {
4847 .alg = "deflate-iaa", !! 2894 .alg = "deflate",
4848 .test = alg_test_comp, 2895 .test = alg_test_comp,
4849 .fips_allowed = 1, 2896 .fips_allowed = 1,
4850 .suite = { 2897 .suite = {
4851 .comp = { 2898 .comp = {
4852 .comp = __VEC !! 2899 .comp = {
4853 .decomp = __V !! 2900 .vecs = deflate_comp_tv_template,
>> 2901 .count = DEFLATE_COMP_TEST_VECTORS
>> 2902 },
>> 2903 .decomp = {
>> 2904 .vecs = deflate_decomp_tv_template,
>> 2905 .count = DEFLATE_DECOMP_TEST_VECTORS
>> 2906 }
4854 } 2907 }
4855 } 2908 }
4856 }, { 2909 }, {
4857 .alg = "dh", 2910 .alg = "dh",
4858 .test = alg_test_kpp, 2911 .test = alg_test_kpp,
>> 2912 .fips_allowed = 1,
4859 .suite = { 2913 .suite = {
4860 .kpp = __VECS(dh_tv_t !! 2914 .kpp = {
>> 2915 .vecs = dh_tv_template,
>> 2916 .count = DH_TEST_VECTORS
>> 2917 }
4861 } 2918 }
4862 }, { 2919 }, {
4863 .alg = "digest_null", 2920 .alg = "digest_null",
4864 .test = alg_test_null, 2921 .test = alg_test_null,
4865 }, { 2922 }, {
4866 .alg = "drbg_nopr_ctr_aes128" 2923 .alg = "drbg_nopr_ctr_aes128",
4867 .test = alg_test_drbg, 2924 .test = alg_test_drbg,
4868 .fips_allowed = 1, 2925 .fips_allowed = 1,
4869 .suite = { 2926 .suite = {
4870 .drbg = __VECS(drbg_n !! 2927 .drbg = {
>> 2928 .vecs = drbg_nopr_ctr_aes128_tv_template,
>> 2929 .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template)
>> 2930 }
4871 } 2931 }
4872 }, { 2932 }, {
4873 .alg = "drbg_nopr_ctr_aes192" 2933 .alg = "drbg_nopr_ctr_aes192",
4874 .test = alg_test_drbg, 2934 .test = alg_test_drbg,
4875 .fips_allowed = 1, 2935 .fips_allowed = 1,
4876 .suite = { 2936 .suite = {
4877 .drbg = __VECS(drbg_n !! 2937 .drbg = {
>> 2938 .vecs = drbg_nopr_ctr_aes192_tv_template,
>> 2939 .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template)
>> 2940 }
4878 } 2941 }
4879 }, { 2942 }, {
4880 .alg = "drbg_nopr_ctr_aes256" 2943 .alg = "drbg_nopr_ctr_aes256",
4881 .test = alg_test_drbg, 2944 .test = alg_test_drbg,
4882 .fips_allowed = 1, 2945 .fips_allowed = 1,
4883 .suite = { 2946 .suite = {
4884 .drbg = __VECS(drbg_n !! 2947 .drbg = {
>> 2948 .vecs = drbg_nopr_ctr_aes256_tv_template,
>> 2949 .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template)
>> 2950 }
4885 } 2951 }
4886 }, { 2952 }, {
>> 2953 /*
>> 2954 * There is no need to specifically test the DRBG with every
>> 2955 * backend cipher -- covered by drbg_nopr_hmac_sha256 test
>> 2956 */
>> 2957 .alg = "drbg_nopr_hmac_sha1",
>> 2958 .fips_allowed = 1,
>> 2959 .test = alg_test_null,
>> 2960 }, {
4887 .alg = "drbg_nopr_hmac_sha256 2961 .alg = "drbg_nopr_hmac_sha256",
4888 .test = alg_test_drbg, 2962 .test = alg_test_drbg,
4889 .fips_allowed = 1, 2963 .fips_allowed = 1,
4890 .suite = { 2964 .suite = {
4891 .drbg = __VECS(drbg_n !! 2965 .drbg = {
>> 2966 .vecs = drbg_nopr_hmac_sha256_tv_template,
>> 2967 .count =
>> 2968 ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template)
>> 2969 }
4892 } 2970 }
4893 }, { 2971 }, {
4894 /* !! 2972 /* covered by drbg_nopr_hmac_sha256 test */
4895 * There is no need to specif <<
4896 * backend cipher -- covered <<
4897 */ <<
4898 .alg = "drbg_nopr_hmac_sha384 2973 .alg = "drbg_nopr_hmac_sha384",
>> 2974 .fips_allowed = 1,
4899 .test = alg_test_null, 2975 .test = alg_test_null,
4900 }, { 2976 }, {
4901 .alg = "drbg_nopr_hmac_sha512 2977 .alg = "drbg_nopr_hmac_sha512",
4902 .test = alg_test_drbg, !! 2978 .test = alg_test_null,
4903 .fips_allowed = 1, 2979 .fips_allowed = 1,
4904 .suite = { !! 2980 }, {
4905 .drbg = __VECS(drbg_n !! 2981 .alg = "drbg_nopr_sha1",
4906 } !! 2982 .fips_allowed = 1,
>> 2983 .test = alg_test_null,
4907 }, { 2984 }, {
4908 .alg = "drbg_nopr_sha256", 2985 .alg = "drbg_nopr_sha256",
4909 .test = alg_test_drbg, 2986 .test = alg_test_drbg,
4910 .fips_allowed = 1, 2987 .fips_allowed = 1,
4911 .suite = { 2988 .suite = {
4912 .drbg = __VECS(drbg_n !! 2989 .drbg = {
>> 2990 .vecs = drbg_nopr_sha256_tv_template,
>> 2991 .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template)
>> 2992 }
4913 } 2993 }
4914 }, { 2994 }, {
4915 /* covered by drbg_nopr_sha25 2995 /* covered by drbg_nopr_sha256 test */
4916 .alg = "drbg_nopr_sha384", 2996 .alg = "drbg_nopr_sha384",
>> 2997 .fips_allowed = 1,
4917 .test = alg_test_null, 2998 .test = alg_test_null,
4918 }, { 2999 }, {
4919 .alg = "drbg_nopr_sha512", 3000 .alg = "drbg_nopr_sha512",
4920 .fips_allowed = 1, 3001 .fips_allowed = 1,
4921 .test = alg_test_null, 3002 .test = alg_test_null,
4922 }, { 3003 }, {
4923 .alg = "drbg_pr_ctr_aes128", 3004 .alg = "drbg_pr_ctr_aes128",
4924 .test = alg_test_drbg, 3005 .test = alg_test_drbg,
4925 .fips_allowed = 1, 3006 .fips_allowed = 1,
4926 .suite = { 3007 .suite = {
4927 .drbg = __VECS(drbg_p !! 3008 .drbg = {
>> 3009 .vecs = drbg_pr_ctr_aes128_tv_template,
>> 3010 .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template)
>> 3011 }
4928 } 3012 }
4929 }, { 3013 }, {
4930 /* covered by drbg_pr_ctr_aes 3014 /* covered by drbg_pr_ctr_aes128 test */
4931 .alg = "drbg_pr_ctr_aes192", 3015 .alg = "drbg_pr_ctr_aes192",
4932 .fips_allowed = 1, 3016 .fips_allowed = 1,
4933 .test = alg_test_null, 3017 .test = alg_test_null,
4934 }, { 3018 }, {
4935 .alg = "drbg_pr_ctr_aes256", 3019 .alg = "drbg_pr_ctr_aes256",
4936 .fips_allowed = 1, 3020 .fips_allowed = 1,
4937 .test = alg_test_null, 3021 .test = alg_test_null,
4938 }, { 3022 }, {
>> 3023 .alg = "drbg_pr_hmac_sha1",
>> 3024 .fips_allowed = 1,
>> 3025 .test = alg_test_null,
>> 3026 }, {
4939 .alg = "drbg_pr_hmac_sha256", 3027 .alg = "drbg_pr_hmac_sha256",
4940 .test = alg_test_drbg, 3028 .test = alg_test_drbg,
4941 .fips_allowed = 1, 3029 .fips_allowed = 1,
4942 .suite = { 3030 .suite = {
4943 .drbg = __VECS(drbg_p !! 3031 .drbg = {
>> 3032 .vecs = drbg_pr_hmac_sha256_tv_template,
>> 3033 .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template)
>> 3034 }
4944 } 3035 }
4945 }, { 3036 }, {
4946 /* covered by drbg_pr_hmac_sh 3037 /* covered by drbg_pr_hmac_sha256 test */
4947 .alg = "drbg_pr_hmac_sha384", 3038 .alg = "drbg_pr_hmac_sha384",
>> 3039 .fips_allowed = 1,
4948 .test = alg_test_null, 3040 .test = alg_test_null,
4949 }, { 3041 }, {
4950 .alg = "drbg_pr_hmac_sha512", 3042 .alg = "drbg_pr_hmac_sha512",
4951 .test = alg_test_null, 3043 .test = alg_test_null,
4952 .fips_allowed = 1, 3044 .fips_allowed = 1,
4953 }, { 3045 }, {
>> 3046 .alg = "drbg_pr_sha1",
>> 3047 .fips_allowed = 1,
>> 3048 .test = alg_test_null,
>> 3049 }, {
4954 .alg = "drbg_pr_sha256", 3050 .alg = "drbg_pr_sha256",
4955 .test = alg_test_drbg, 3051 .test = alg_test_drbg,
4956 .fips_allowed = 1, 3052 .fips_allowed = 1,
4957 .suite = { 3053 .suite = {
4958 .drbg = __VECS(drbg_p !! 3054 .drbg = {
>> 3055 .vecs = drbg_pr_sha256_tv_template,
>> 3056 .count = ARRAY_SIZE(drbg_pr_sha256_tv_template)
>> 3057 }
4959 } 3058 }
4960 }, { 3059 }, {
4961 /* covered by drbg_pr_sha256 3060 /* covered by drbg_pr_sha256 test */
4962 .alg = "drbg_pr_sha384", 3061 .alg = "drbg_pr_sha384",
>> 3062 .fips_allowed = 1,
4963 .test = alg_test_null, 3063 .test = alg_test_null,
4964 }, { 3064 }, {
4965 .alg = "drbg_pr_sha512", 3065 .alg = "drbg_pr_sha512",
4966 .fips_allowed = 1, 3066 .fips_allowed = 1,
4967 .test = alg_test_null, 3067 .test = alg_test_null,
4968 }, { 3068 }, {
4969 .alg = "ecb(aes)", 3069 .alg = "ecb(aes)",
4970 .test = alg_test_skcipher, 3070 .test = alg_test_skcipher,
4971 .fips_allowed = 1, 3071 .fips_allowed = 1,
4972 .suite = { 3072 .suite = {
4973 .cipher = __VECS(aes_ !! 3073 .cipher = {
>> 3074 .enc = {
>> 3075 .vecs = aes_enc_tv_template,
>> 3076 .count = AES_ENC_TEST_VECTORS
>> 3077 },
>> 3078 .dec = {
>> 3079 .vecs = aes_dec_tv_template,
>> 3080 .count = AES_DEC_TEST_VECTORS
>> 3081 }
>> 3082 }
4974 } 3083 }
4975 }, { 3084 }, {
4976 .alg = "ecb(anubis)", 3085 .alg = "ecb(anubis)",
4977 .test = alg_test_skcipher, 3086 .test = alg_test_skcipher,
4978 .suite = { 3087 .suite = {
4979 .cipher = __VECS(anub !! 3088 .cipher = {
>> 3089 .enc = {
>> 3090 .vecs = anubis_enc_tv_template,
>> 3091 .count = ANUBIS_ENC_TEST_VECTORS
>> 3092 },
>> 3093 .dec = {
>> 3094 .vecs = anubis_dec_tv_template,
>> 3095 .count = ANUBIS_DEC_TEST_VECTORS
>> 3096 }
>> 3097 }
4980 } 3098 }
4981 }, { 3099 }, {
4982 .alg = "ecb(arc4)", 3100 .alg = "ecb(arc4)",
4983 .generic_driver = "arc4-gener <<
4984 .test = alg_test_skcipher, 3101 .test = alg_test_skcipher,
4985 .suite = { 3102 .suite = {
4986 .cipher = __VECS(arc4 !! 3103 .cipher = {
4987 } !! 3104 .enc = {
4988 }, { !! 3105 .vecs = arc4_enc_tv_template,
4989 .alg = "ecb(aria)", !! 3106 .count = ARC4_ENC_TEST_VECTORS
4990 .test = alg_test_skcipher, !! 3107 },
4991 .suite = { !! 3108 .dec = {
4992 .cipher = __VECS(aria !! 3109 .vecs = arc4_dec_tv_template,
>> 3110 .count = ARC4_DEC_TEST_VECTORS
>> 3111 }
>> 3112 }
4993 } 3113 }
4994 }, { 3114 }, {
4995 .alg = "ecb(blowfish)", 3115 .alg = "ecb(blowfish)",
4996 .test = alg_test_skcipher, 3116 .test = alg_test_skcipher,
4997 .suite = { 3117 .suite = {
4998 .cipher = __VECS(bf_t !! 3118 .cipher = {
>> 3119 .enc = {
>> 3120 .vecs = bf_enc_tv_template,
>> 3121 .count = BF_ENC_TEST_VECTORS
>> 3122 },
>> 3123 .dec = {
>> 3124 .vecs = bf_dec_tv_template,
>> 3125 .count = BF_DEC_TEST_VECTORS
>> 3126 }
>> 3127 }
4999 } 3128 }
5000 }, { 3129 }, {
5001 .alg = "ecb(camellia)", 3130 .alg = "ecb(camellia)",
5002 .test = alg_test_skcipher, 3131 .test = alg_test_skcipher,
5003 .suite = { 3132 .suite = {
5004 .cipher = __VECS(came !! 3133 .cipher = {
>> 3134 .enc = {
>> 3135 .vecs = camellia_enc_tv_template,
>> 3136 .count = CAMELLIA_ENC_TEST_VECTORS
>> 3137 },
>> 3138 .dec = {
>> 3139 .vecs = camellia_dec_tv_template,
>> 3140 .count = CAMELLIA_DEC_TEST_VECTORS
>> 3141 }
>> 3142 }
5005 } 3143 }
5006 }, { 3144 }, {
5007 .alg = "ecb(cast5)", 3145 .alg = "ecb(cast5)",
5008 .test = alg_test_skcipher, 3146 .test = alg_test_skcipher,
5009 .suite = { 3147 .suite = {
5010 .cipher = __VECS(cast !! 3148 .cipher = {
>> 3149 .enc = {
>> 3150 .vecs = cast5_enc_tv_template,
>> 3151 .count = CAST5_ENC_TEST_VECTORS
>> 3152 },
>> 3153 .dec = {
>> 3154 .vecs = cast5_dec_tv_template,
>> 3155 .count = CAST5_DEC_TEST_VECTORS
>> 3156 }
>> 3157 }
5011 } 3158 }
5012 }, { 3159 }, {
5013 .alg = "ecb(cast6)", 3160 .alg = "ecb(cast6)",
5014 .test = alg_test_skcipher, 3161 .test = alg_test_skcipher,
5015 .suite = { 3162 .suite = {
5016 .cipher = __VECS(cast !! 3163 .cipher = {
>> 3164 .enc = {
>> 3165 .vecs = cast6_enc_tv_template,
>> 3166 .count = CAST6_ENC_TEST_VECTORS
>> 3167 },
>> 3168 .dec = {
>> 3169 .vecs = cast6_dec_tv_template,
>> 3170 .count = CAST6_DEC_TEST_VECTORS
>> 3171 }
>> 3172 }
5017 } 3173 }
5018 }, { 3174 }, {
5019 .alg = "ecb(cipher_null)", 3175 .alg = "ecb(cipher_null)",
5020 .test = alg_test_null, 3176 .test = alg_test_null,
5021 .fips_allowed = 1, <<
5022 }, { 3177 }, {
5023 .alg = "ecb(des)", 3178 .alg = "ecb(des)",
5024 .test = alg_test_skcipher, 3179 .test = alg_test_skcipher,
5025 .suite = { 3180 .suite = {
5026 .cipher = __VECS(des_ !! 3181 .cipher = {
>> 3182 .enc = {
>> 3183 .vecs = des_enc_tv_template,
>> 3184 .count = DES_ENC_TEST_VECTORS
>> 3185 },
>> 3186 .dec = {
>> 3187 .vecs = des_dec_tv_template,
>> 3188 .count = DES_DEC_TEST_VECTORS
>> 3189 }
>> 3190 }
5027 } 3191 }
5028 }, { 3192 }, {
5029 .alg = "ecb(des3_ede)", 3193 .alg = "ecb(des3_ede)",
5030 .test = alg_test_skcipher, 3194 .test = alg_test_skcipher,
>> 3195 .fips_allowed = 1,
5031 .suite = { 3196 .suite = {
5032 .cipher = __VECS(des3 !! 3197 .cipher = {
>> 3198 .enc = {
>> 3199 .vecs = des3_ede_enc_tv_template,
>> 3200 .count = DES3_EDE_ENC_TEST_VECTORS
>> 3201 },
>> 3202 .dec = {
>> 3203 .vecs = des3_ede_dec_tv_template,
>> 3204 .count = DES3_EDE_DEC_TEST_VECTORS
>> 3205 }
>> 3206 }
5033 } 3207 }
5034 }, { 3208 }, {
5035 .alg = "ecb(fcrypt)", 3209 .alg = "ecb(fcrypt)",
5036 .test = alg_test_skcipher, 3210 .test = alg_test_skcipher,
5037 .suite = { 3211 .suite = {
5038 .cipher = { 3212 .cipher = {
5039 .vecs = fcryp !! 3213 .enc = {
5040 .count = 1 !! 3214 .vecs = fcrypt_pcbc_enc_tv_template,
>> 3215 .count = 1
>> 3216 },
>> 3217 .dec = {
>> 3218 .vecs = fcrypt_pcbc_dec_tv_template,
>> 3219 .count = 1
>> 3220 }
5041 } 3221 }
5042 } 3222 }
5043 }, { 3223 }, {
5044 .alg = "ecb(khazad)", 3224 .alg = "ecb(khazad)",
5045 .test = alg_test_skcipher, 3225 .test = alg_test_skcipher,
5046 .suite = { 3226 .suite = {
5047 .cipher = __VECS(khaz !! 3227 .cipher = {
>> 3228 .enc = {
>> 3229 .vecs = khazad_enc_tv_template,
>> 3230 .count = KHAZAD_ENC_TEST_VECTORS
>> 3231 },
>> 3232 .dec = {
>> 3233 .vecs = khazad_dec_tv_template,
>> 3234 .count = KHAZAD_DEC_TEST_VECTORS
>> 3235 }
>> 3236 }
5048 } 3237 }
5049 }, { 3238 }, {
5050 /* Same as ecb(aes) except th <<
5051 * hardware secure memory whi <<
5052 */ <<
5053 .alg = "ecb(paes)", <<
5054 .test = alg_test_null, <<
5055 .fips_allowed = 1, <<
5056 }, { <<
5057 .alg = "ecb(seed)", 3239 .alg = "ecb(seed)",
5058 .test = alg_test_skcipher, 3240 .test = alg_test_skcipher,
5059 .suite = { 3241 .suite = {
5060 .cipher = __VECS(seed !! 3242 .cipher = {
>> 3243 .enc = {
>> 3244 .vecs = seed_enc_tv_template,
>> 3245 .count = SEED_ENC_TEST_VECTORS
>> 3246 },
>> 3247 .dec = {
>> 3248 .vecs = seed_dec_tv_template,
>> 3249 .count = SEED_DEC_TEST_VECTORS
>> 3250 }
>> 3251 }
5061 } 3252 }
5062 }, { 3253 }, {
5063 .alg = "ecb(serpent)", 3254 .alg = "ecb(serpent)",
5064 .test = alg_test_skcipher, 3255 .test = alg_test_skcipher,
5065 .suite = { 3256 .suite = {
5066 .cipher = __VECS(serp !! 3257 .cipher = {
>> 3258 .enc = {
>> 3259 .vecs = serpent_enc_tv_template,
>> 3260 .count = SERPENT_ENC_TEST_VECTORS
>> 3261 },
>> 3262 .dec = {
>> 3263 .vecs = serpent_dec_tv_template,
>> 3264 .count = SERPENT_DEC_TEST_VECTORS
>> 3265 }
>> 3266 }
5067 } 3267 }
5068 }, { 3268 }, {
5069 .alg = "ecb(sm4)", !! 3269 .alg = "ecb(tea)",
5070 .test = alg_test_skcipher, 3270 .test = alg_test_skcipher,
5071 .suite = { 3271 .suite = {
5072 .cipher = __VECS(sm4_ !! 3272 .cipher = {
>> 3273 .enc = {
>> 3274 .vecs = tea_enc_tv_template,
>> 3275 .count = TEA_ENC_TEST_VECTORS
>> 3276 },
>> 3277 .dec = {
>> 3278 .vecs = tea_dec_tv_template,
>> 3279 .count = TEA_DEC_TEST_VECTORS
>> 3280 }
>> 3281 }
5073 } 3282 }
5074 }, { 3283 }, {
5075 .alg = "ecb(tea)", !! 3284 .alg = "ecb(tnepres)",
5076 .test = alg_test_skcipher, 3285 .test = alg_test_skcipher,
5077 .suite = { 3286 .suite = {
5078 .cipher = __VECS(tea_ !! 3287 .cipher = {
>> 3288 .enc = {
>> 3289 .vecs = tnepres_enc_tv_template,
>> 3290 .count = TNEPRES_ENC_TEST_VECTORS
>> 3291 },
>> 3292 .dec = {
>> 3293 .vecs = tnepres_dec_tv_template,
>> 3294 .count = TNEPRES_DEC_TEST_VECTORS
>> 3295 }
>> 3296 }
5079 } 3297 }
5080 }, { 3298 }, {
5081 .alg = "ecb(twofish)", 3299 .alg = "ecb(twofish)",
5082 .test = alg_test_skcipher, 3300 .test = alg_test_skcipher,
5083 .suite = { 3301 .suite = {
5084 .cipher = __VECS(tf_t !! 3302 .cipher = {
>> 3303 .enc = {
>> 3304 .vecs = tf_enc_tv_template,
>> 3305 .count = TF_ENC_TEST_VECTORS
>> 3306 },
>> 3307 .dec = {
>> 3308 .vecs = tf_dec_tv_template,
>> 3309 .count = TF_DEC_TEST_VECTORS
>> 3310 }
>> 3311 }
5085 } 3312 }
5086 }, { 3313 }, {
5087 .alg = "ecb(xeta)", 3314 .alg = "ecb(xeta)",
5088 .test = alg_test_skcipher, 3315 .test = alg_test_skcipher,
5089 .suite = { 3316 .suite = {
5090 .cipher = __VECS(xeta !! 3317 .cipher = {
>> 3318 .enc = {
>> 3319 .vecs = xeta_enc_tv_template,
>> 3320 .count = XETA_ENC_TEST_VECTORS
>> 3321 },
>> 3322 .dec = {
>> 3323 .vecs = xeta_dec_tv_template,
>> 3324 .count = XETA_DEC_TEST_VECTORS
>> 3325 }
>> 3326 }
5091 } 3327 }
5092 }, { 3328 }, {
5093 .alg = "ecb(xtea)", 3329 .alg = "ecb(xtea)",
5094 .test = alg_test_skcipher, 3330 .test = alg_test_skcipher,
5095 .suite = { 3331 .suite = {
5096 .cipher = __VECS(xtea !! 3332 .cipher = {
5097 } !! 3333 .enc = {
5098 }, { !! 3334 .vecs = xtea_enc_tv_template,
5099 #if IS_ENABLED(CONFIG_CRYPTO_PAES_S390) !! 3335 .count = XTEA_ENC_TEST_VECTORS
5100 .alg = "ecb-paes-s390", !! 3336 },
5101 .fips_allowed = 1, !! 3337 .dec = {
5102 .test = alg_test_skcipher, !! 3338 .vecs = xtea_dec_tv_template,
5103 .suite = { !! 3339 .count = XTEA_DEC_TEST_VECTORS
5104 .cipher = __VECS(aes_ !! 3340 }
5105 } !! 3341 }
5106 }, { <<
5107 #endif <<
5108 .alg = "ecdh-nist-p192", <<
5109 .test = alg_test_kpp, <<
5110 .suite = { <<
5111 .kpp = __VECS(ecdh_p1 <<
5112 } <<
5113 }, { <<
5114 .alg = "ecdh-nist-p256", <<
5115 .test = alg_test_kpp, <<
5116 .fips_allowed = 1, <<
5117 .suite = { <<
5118 .kpp = __VECS(ecdh_p2 <<
5119 } <<
5120 }, { <<
5121 .alg = "ecdh-nist-p384", <<
5122 .test = alg_test_kpp, <<
5123 .fips_allowed = 1, <<
5124 .suite = { <<
5125 .kpp = __VECS(ecdh_p3 <<
5126 } <<
5127 }, { <<
5128 .alg = "ecdsa-nist-p192", <<
5129 .test = alg_test_akcipher, <<
5130 .suite = { <<
5131 .akcipher = __VECS(ec <<
5132 } <<
5133 }, { <<
5134 .alg = "ecdsa-nist-p256", <<
5135 .test = alg_test_akcipher, <<
5136 .fips_allowed = 1, <<
5137 .suite = { <<
5138 .akcipher = __VECS(ec <<
5139 } <<
5140 }, { <<
5141 .alg = "ecdsa-nist-p384", <<
5142 .test = alg_test_akcipher, <<
5143 .fips_allowed = 1, <<
5144 .suite = { <<
5145 .akcipher = __VECS(ec <<
5146 } <<
5147 }, { <<
5148 .alg = "ecdsa-nist-p521", <<
5149 .test = alg_test_akcipher, <<
5150 .fips_allowed = 1, <<
5151 .suite = { <<
5152 .akcipher = __VECS(ec <<
5153 } <<
5154 }, { <<
5155 .alg = "ecrdsa", <<
5156 .test = alg_test_akcipher, <<
5157 .suite = { <<
5158 .akcipher = __VECS(ec <<
5159 } <<
5160 }, { <<
5161 .alg = "essiv(authenc(hmac(sh <<
5162 .test = alg_test_aead, <<
5163 .fips_allowed = 1, <<
5164 .suite = { <<
5165 .aead = __VECS(essiv_ <<
5166 } <<
5167 }, { <<
5168 .alg = "essiv(cbc(aes),sha256 <<
5169 .test = alg_test_skcipher, <<
5170 .fips_allowed = 1, <<
5171 .suite = { <<
5172 .cipher = __VECS(essi <<
5173 } <<
5174 }, { <<
5175 #if IS_ENABLED(CONFIG_CRYPTO_DH_RFC7919_GROUP <<
5176 .alg = "ffdhe2048(dh)", <<
5177 .test = alg_test_kpp, <<
5178 .fips_allowed = 1, <<
5179 .suite = { <<
5180 .kpp = __VECS(ffdhe20 <<
5181 } <<
5182 }, { <<
5183 .alg = "ffdhe3072(dh)", <<
5184 .test = alg_test_kpp, <<
5185 .fips_allowed = 1, <<
5186 .suite = { <<
5187 .kpp = __VECS(ffdhe30 <<
5188 } <<
5189 }, { <<
5190 .alg = "ffdhe4096(dh)", <<
5191 .test = alg_test_kpp, <<
5192 .fips_allowed = 1, <<
5193 .suite = { <<
5194 .kpp = __VECS(ffdhe40 <<
5195 } <<
5196 }, { <<
5197 .alg = "ffdhe6144(dh)", <<
5198 .test = alg_test_kpp, <<
5199 .fips_allowed = 1, <<
5200 .suite = { <<
5201 .kpp = __VECS(ffdhe61 <<
5202 } 3342 }
5203 }, { 3343 }, {
5204 .alg = "ffdhe8192(dh)", !! 3344 .alg = "ecdh",
5205 .test = alg_test_kpp, 3345 .test = alg_test_kpp,
5206 .fips_allowed = 1, 3346 .fips_allowed = 1,
5207 .suite = { 3347 .suite = {
5208 .kpp = __VECS(ffdhe81 !! 3348 .kpp = {
>> 3349 .vecs = ecdh_tv_template,
>> 3350 .count = ECDH_TEST_VECTORS
>> 3351 }
5209 } 3352 }
5210 }, { 3353 }, {
5211 #endif /* CONFIG_CRYPTO_DH_RFC7919_GROUPS */ <<
5212 .alg = "gcm(aes)", 3354 .alg = "gcm(aes)",
5213 .generic_driver = "gcm_base(c <<
5214 .test = alg_test_aead, 3355 .test = alg_test_aead,
5215 .fips_allowed = 1, 3356 .fips_allowed = 1,
5216 .suite = { 3357 .suite = {
5217 .aead = __VECS(aes_gc !! 3358 .aead = {
5218 } !! 3359 .enc = {
5219 }, { !! 3360 .vecs = aes_gcm_enc_tv_template,
5220 .alg = "gcm(aria)", !! 3361 .count = AES_GCM_ENC_TEST_VECTORS
5221 .generic_driver = "gcm_base(c !! 3362 },
5222 .test = alg_test_aead, !! 3363 .dec = {
5223 .suite = { !! 3364 .vecs = aes_gcm_dec_tv_template,
5224 .aead = __VECS(aria_g !! 3365 .count = AES_GCM_DEC_TEST_VECTORS
>> 3366 }
>> 3367 }
5225 } 3368 }
5226 }, { 3369 }, {
5227 .alg = "gcm(sm4)", !! 3370 .alg = "ghash",
5228 .generic_driver = "gcm_base(c !! 3371 .test = alg_test_hash,
5229 .test = alg_test_aead, !! 3372 .fips_allowed = 1,
5230 .suite = { 3373 .suite = {
5231 .aead = __VECS(sm4_gc !! 3374 .hash = {
>> 3375 .vecs = ghash_tv_template,
>> 3376 .count = GHASH_TEST_VECTORS
>> 3377 }
5232 } 3378 }
5233 }, { 3379 }, {
5234 .alg = "ghash", !! 3380 .alg = "hmac(crc32)",
5235 .test = alg_test_hash, 3381 .test = alg_test_hash,
5236 .suite = { 3382 .suite = {
5237 .hash = __VECS(ghash_ !! 3383 .hash = {
>> 3384 .vecs = bfin_crc_tv_template,
>> 3385 .count = BFIN_CRC_TEST_VECTORS
>> 3386 }
5238 } 3387 }
5239 }, { 3388 }, {
5240 .alg = "hctr2(aes)", !! 3389 .alg = "hmac(md5)",
5241 .generic_driver = !! 3390 .test = alg_test_hash,
5242 "hctr2_base(xctr(aes-gene <<
5243 .test = alg_test_skcipher, <<
5244 .suite = { 3391 .suite = {
5245 .cipher = __VECS(aes_ !! 3392 .hash = {
>> 3393 .vecs = hmac_md5_tv_template,
>> 3394 .count = HMAC_MD5_TEST_VECTORS
>> 3395 }
5246 } 3396 }
5247 }, { 3397 }, {
5248 .alg = "hmac(md5)", !! 3398 .alg = "hmac(rmd128)",
5249 .test = alg_test_hash, 3399 .test = alg_test_hash,
5250 .suite = { 3400 .suite = {
5251 .hash = __VECS(hmac_m !! 3401 .hash = {
>> 3402 .vecs = hmac_rmd128_tv_template,
>> 3403 .count = HMAC_RMD128_TEST_VECTORS
>> 3404 }
5252 } 3405 }
5253 }, { 3406 }, {
5254 .alg = "hmac(rmd160)", 3407 .alg = "hmac(rmd160)",
5255 .test = alg_test_hash, 3408 .test = alg_test_hash,
5256 .suite = { 3409 .suite = {
5257 .hash = __VECS(hmac_r !! 3410 .hash = {
>> 3411 .vecs = hmac_rmd160_tv_template,
>> 3412 .count = HMAC_RMD160_TEST_VECTORS
>> 3413 }
5258 } 3414 }
5259 }, { 3415 }, {
5260 .alg = "hmac(sha1)", 3416 .alg = "hmac(sha1)",
5261 .test = alg_test_hash, 3417 .test = alg_test_hash,
5262 .fips_allowed = 1, 3418 .fips_allowed = 1,
5263 .suite = { 3419 .suite = {
5264 .hash = __VECS(hmac_s !! 3420 .hash = {
>> 3421 .vecs = hmac_sha1_tv_template,
>> 3422 .count = HMAC_SHA1_TEST_VECTORS
>> 3423 }
5265 } 3424 }
5266 }, { 3425 }, {
5267 .alg = "hmac(sha224)", 3426 .alg = "hmac(sha224)",
5268 .test = alg_test_hash, 3427 .test = alg_test_hash,
5269 .fips_allowed = 1, 3428 .fips_allowed = 1,
5270 .suite = { 3429 .suite = {
5271 .hash = __VECS(hmac_s !! 3430 .hash = {
>> 3431 .vecs = hmac_sha224_tv_template,
>> 3432 .count = HMAC_SHA224_TEST_VECTORS
>> 3433 }
5272 } 3434 }
5273 }, { 3435 }, {
5274 .alg = "hmac(sha256)", 3436 .alg = "hmac(sha256)",
5275 .test = alg_test_hash, 3437 .test = alg_test_hash,
5276 .fips_allowed = 1, 3438 .fips_allowed = 1,
5277 .suite = { 3439 .suite = {
5278 .hash = __VECS(hmac_s !! 3440 .hash = {
>> 3441 .vecs = hmac_sha256_tv_template,
>> 3442 .count = HMAC_SHA256_TEST_VECTORS
>> 3443 }
5279 } 3444 }
5280 }, { 3445 }, {
5281 .alg = "hmac(sha3-224)", 3446 .alg = "hmac(sha3-224)",
5282 .test = alg_test_hash, 3447 .test = alg_test_hash,
5283 .fips_allowed = 1, 3448 .fips_allowed = 1,
5284 .suite = { 3449 .suite = {
5285 .hash = __VECS(hmac_s !! 3450 .hash = {
>> 3451 .vecs = hmac_sha3_224_tv_template,
>> 3452 .count = HMAC_SHA3_224_TEST_VECTORS
>> 3453 }
5286 } 3454 }
5287 }, { 3455 }, {
5288 .alg = "hmac(sha3-256)", 3456 .alg = "hmac(sha3-256)",
5289 .test = alg_test_hash, 3457 .test = alg_test_hash,
5290 .fips_allowed = 1, 3458 .fips_allowed = 1,
5291 .suite = { 3459 .suite = {
5292 .hash = __VECS(hmac_s !! 3460 .hash = {
>> 3461 .vecs = hmac_sha3_256_tv_template,
>> 3462 .count = HMAC_SHA3_256_TEST_VECTORS
>> 3463 }
5293 } 3464 }
5294 }, { 3465 }, {
5295 .alg = "hmac(sha3-384)", 3466 .alg = "hmac(sha3-384)",
5296 .test = alg_test_hash, 3467 .test = alg_test_hash,
5297 .fips_allowed = 1, 3468 .fips_allowed = 1,
5298 .suite = { 3469 .suite = {
5299 .hash = __VECS(hmac_s !! 3470 .hash = {
>> 3471 .vecs = hmac_sha3_384_tv_template,
>> 3472 .count = HMAC_SHA3_384_TEST_VECTORS
>> 3473 }
5300 } 3474 }
5301 }, { 3475 }, {
5302 .alg = "hmac(sha3-512)", 3476 .alg = "hmac(sha3-512)",
5303 .test = alg_test_hash, 3477 .test = alg_test_hash,
5304 .fips_allowed = 1, 3478 .fips_allowed = 1,
5305 .suite = { 3479 .suite = {
5306 .hash = __VECS(hmac_s !! 3480 .hash = {
>> 3481 .vecs = hmac_sha3_512_tv_template,
>> 3482 .count = HMAC_SHA3_512_TEST_VECTORS
>> 3483 }
5307 } 3484 }
5308 }, { 3485 }, {
5309 .alg = "hmac(sha384)", 3486 .alg = "hmac(sha384)",
5310 .test = alg_test_hash, 3487 .test = alg_test_hash,
5311 .fips_allowed = 1, 3488 .fips_allowed = 1,
5312 .suite = { 3489 .suite = {
5313 .hash = __VECS(hmac_s !! 3490 .hash = {
>> 3491 .vecs = hmac_sha384_tv_template,
>> 3492 .count = HMAC_SHA384_TEST_VECTORS
>> 3493 }
5314 } 3494 }
5315 }, { 3495 }, {
5316 .alg = "hmac(sha512)", 3496 .alg = "hmac(sha512)",
5317 .test = alg_test_hash, 3497 .test = alg_test_hash,
5318 .fips_allowed = 1, 3498 .fips_allowed = 1,
5319 .suite = { 3499 .suite = {
5320 .hash = __VECS(hmac_s !! 3500 .hash = {
5321 } !! 3501 .vecs = hmac_sha512_tv_template,
5322 }, { !! 3502 .count = HMAC_SHA512_TEST_VECTORS
5323 .alg = "hmac(sm3)", !! 3503 }
5324 .test = alg_test_hash, <<
5325 .suite = { <<
5326 .hash = __VECS(hmac_s <<
5327 } <<
5328 }, { <<
5329 .alg = "hmac(streebog256)", <<
5330 .test = alg_test_hash, <<
5331 .suite = { <<
5332 .hash = __VECS(hmac_s <<
5333 } <<
5334 }, { <<
5335 .alg = "hmac(streebog512)", <<
5336 .test = alg_test_hash, <<
5337 .suite = { <<
5338 .hash = __VECS(hmac_s <<
5339 } 3504 }
5340 }, { 3505 }, {
5341 .alg = "jitterentropy_rng", 3506 .alg = "jitterentropy_rng",
5342 .fips_allowed = 1, 3507 .fips_allowed = 1,
5343 .test = alg_test_null, 3508 .test = alg_test_null,
5344 }, { 3509 }, {
5345 .alg = "kw(aes)", 3510 .alg = "kw(aes)",
5346 .test = alg_test_skcipher, 3511 .test = alg_test_skcipher,
5347 .fips_allowed = 1, 3512 .fips_allowed = 1,
5348 .suite = { 3513 .suite = {
5349 .cipher = __VECS(aes_ !! 3514 .cipher = {
>> 3515 .enc = {
>> 3516 .vecs = aes_kw_enc_tv_template,
>> 3517 .count = ARRAY_SIZE(aes_kw_enc_tv_template)
>> 3518 },
>> 3519 .dec = {
>> 3520 .vecs = aes_kw_dec_tv_template,
>> 3521 .count = ARRAY_SIZE(aes_kw_dec_tv_template)
>> 3522 }
>> 3523 }
5350 } 3524 }
5351 }, { 3525 }, {
5352 .alg = "lrw(aes)", 3526 .alg = "lrw(aes)",
5353 .generic_driver = "lrw(ecb(ae <<
5354 .test = alg_test_skcipher, 3527 .test = alg_test_skcipher,
5355 .suite = { 3528 .suite = {
5356 .cipher = __VECS(aes_ !! 3529 .cipher = {
>> 3530 .enc = {
>> 3531 .vecs = aes_lrw_enc_tv_template,
>> 3532 .count = AES_LRW_ENC_TEST_VECTORS
>> 3533 },
>> 3534 .dec = {
>> 3535 .vecs = aes_lrw_dec_tv_template,
>> 3536 .count = AES_LRW_DEC_TEST_VECTORS
>> 3537 }
>> 3538 }
5357 } 3539 }
5358 }, { 3540 }, {
5359 .alg = "lrw(camellia)", 3541 .alg = "lrw(camellia)",
5360 .generic_driver = "lrw(ecb(ca <<
5361 .test = alg_test_skcipher, 3542 .test = alg_test_skcipher,
5362 .suite = { 3543 .suite = {
5363 .cipher = __VECS(came !! 3544 .cipher = {
>> 3545 .enc = {
>> 3546 .vecs = camellia_lrw_enc_tv_template,
>> 3547 .count = CAMELLIA_LRW_ENC_TEST_VECTORS
>> 3548 },
>> 3549 .dec = {
>> 3550 .vecs = camellia_lrw_dec_tv_template,
>> 3551 .count = CAMELLIA_LRW_DEC_TEST_VECTORS
>> 3552 }
>> 3553 }
5364 } 3554 }
5365 }, { 3555 }, {
5366 .alg = "lrw(cast6)", 3556 .alg = "lrw(cast6)",
5367 .generic_driver = "lrw(ecb(ca <<
5368 .test = alg_test_skcipher, 3557 .test = alg_test_skcipher,
5369 .suite = { 3558 .suite = {
5370 .cipher = __VECS(cast !! 3559 .cipher = {
>> 3560 .enc = {
>> 3561 .vecs = cast6_lrw_enc_tv_template,
>> 3562 .count = CAST6_LRW_ENC_TEST_VECTORS
>> 3563 },
>> 3564 .dec = {
>> 3565 .vecs = cast6_lrw_dec_tv_template,
>> 3566 .count = CAST6_LRW_DEC_TEST_VECTORS
>> 3567 }
>> 3568 }
5371 } 3569 }
5372 }, { 3570 }, {
5373 .alg = "lrw(serpent)", 3571 .alg = "lrw(serpent)",
5374 .generic_driver = "lrw(ecb(se <<
5375 .test = alg_test_skcipher, 3572 .test = alg_test_skcipher,
5376 .suite = { 3573 .suite = {
5377 .cipher = __VECS(serp !! 3574 .cipher = {
>> 3575 .enc = {
>> 3576 .vecs = serpent_lrw_enc_tv_template,
>> 3577 .count = SERPENT_LRW_ENC_TEST_VECTORS
>> 3578 },
>> 3579 .dec = {
>> 3580 .vecs = serpent_lrw_dec_tv_template,
>> 3581 .count = SERPENT_LRW_DEC_TEST_VECTORS
>> 3582 }
>> 3583 }
5378 } 3584 }
5379 }, { 3585 }, {
5380 .alg = "lrw(twofish)", 3586 .alg = "lrw(twofish)",
5381 .generic_driver = "lrw(ecb(tw <<
5382 .test = alg_test_skcipher, 3587 .test = alg_test_skcipher,
5383 .suite = { 3588 .suite = {
5384 .cipher = __VECS(tf_l !! 3589 .cipher = {
>> 3590 .enc = {
>> 3591 .vecs = tf_lrw_enc_tv_template,
>> 3592 .count = TF_LRW_ENC_TEST_VECTORS
>> 3593 },
>> 3594 .dec = {
>> 3595 .vecs = tf_lrw_dec_tv_template,
>> 3596 .count = TF_LRW_DEC_TEST_VECTORS
>> 3597 }
>> 3598 }
5385 } 3599 }
5386 }, { 3600 }, {
5387 .alg = "lz4", 3601 .alg = "lz4",
5388 .test = alg_test_comp, 3602 .test = alg_test_comp,
5389 .fips_allowed = 1, 3603 .fips_allowed = 1,
5390 .suite = { 3604 .suite = {
5391 .comp = { 3605 .comp = {
5392 .comp = __VEC !! 3606 .comp = {
5393 .decomp = __V !! 3607 .vecs = lz4_comp_tv_template,
>> 3608 .count = LZ4_COMP_TEST_VECTORS
>> 3609 },
>> 3610 .decomp = {
>> 3611 .vecs = lz4_decomp_tv_template,
>> 3612 .count = LZ4_DECOMP_TEST_VECTORS
>> 3613 }
5394 } 3614 }
5395 } 3615 }
5396 }, { 3616 }, {
5397 .alg = "lz4hc", 3617 .alg = "lz4hc",
5398 .test = alg_test_comp, 3618 .test = alg_test_comp,
5399 .fips_allowed = 1, 3619 .fips_allowed = 1,
5400 .suite = { 3620 .suite = {
5401 .comp = { 3621 .comp = {
5402 .comp = __VEC !! 3622 .comp = {
5403 .decomp = __V !! 3623 .vecs = lz4hc_comp_tv_template,
>> 3624 .count = LZ4HC_COMP_TEST_VECTORS
>> 3625 },
>> 3626 .decomp = {
>> 3627 .vecs = lz4hc_decomp_tv_template,
>> 3628 .count = LZ4HC_DECOMP_TEST_VECTORS
>> 3629 }
5404 } 3630 }
5405 } 3631 }
5406 }, { 3632 }, {
5407 .alg = "lzo", 3633 .alg = "lzo",
5408 .test = alg_test_comp, 3634 .test = alg_test_comp,
5409 .fips_allowed = 1, 3635 .fips_allowed = 1,
5410 .suite = { 3636 .suite = {
5411 .comp = { 3637 .comp = {
5412 .comp = __VEC !! 3638 .comp = {
5413 .decomp = __V !! 3639 .vecs = lzo_comp_tv_template,
5414 } !! 3640 .count = LZO_COMP_TEST_VECTORS
5415 } !! 3641 },
5416 }, { !! 3642 .decomp = {
5417 .alg = "lzo-rle", !! 3643 .vecs = lzo_decomp_tv_template,
5418 .test = alg_test_comp, !! 3644 .count = LZO_DECOMP_TEST_VECTORS
5419 .fips_allowed = 1, !! 3645 }
5420 .suite = { <<
5421 .comp = { <<
5422 .comp = __VEC <<
5423 .decomp = __V <<
5424 } 3646 }
5425 } 3647 }
5426 }, { 3648 }, {
5427 .alg = "md4", 3649 .alg = "md4",
5428 .test = alg_test_hash, 3650 .test = alg_test_hash,
5429 .suite = { 3651 .suite = {
5430 .hash = __VECS(md4_tv !! 3652 .hash = {
>> 3653 .vecs = md4_tv_template,
>> 3654 .count = MD4_TEST_VECTORS
>> 3655 }
5431 } 3656 }
5432 }, { 3657 }, {
5433 .alg = "md5", 3658 .alg = "md5",
5434 .test = alg_test_hash, 3659 .test = alg_test_hash,
5435 .suite = { 3660 .suite = {
5436 .hash = __VECS(md5_tv !! 3661 .hash = {
>> 3662 .vecs = md5_tv_template,
>> 3663 .count = MD5_TEST_VECTORS
>> 3664 }
5437 } 3665 }
5438 }, { 3666 }, {
5439 .alg = "michael_mic", 3667 .alg = "michael_mic",
5440 .test = alg_test_hash, 3668 .test = alg_test_hash,
5441 .suite = { 3669 .suite = {
5442 .hash = __VECS(michae !! 3670 .hash = {
>> 3671 .vecs = michael_mic_tv_template,
>> 3672 .count = MICHAEL_MIC_TEST_VECTORS
>> 3673 }
5443 } 3674 }
5444 }, { 3675 }, {
5445 .alg = "nhpoly1305", !! 3676 .alg = "ofb(aes)",
5446 .test = alg_test_hash, !! 3677 .test = alg_test_skcipher,
>> 3678 .fips_allowed = 1,
5447 .suite = { 3679 .suite = {
5448 .hash = __VECS(nhpoly !! 3680 .cipher = {
>> 3681 .enc = {
>> 3682 .vecs = aes_ofb_enc_tv_template,
>> 3683 .count = AES_OFB_ENC_TEST_VECTORS
>> 3684 },
>> 3685 .dec = {
>> 3686 .vecs = aes_ofb_dec_tv_template,
>> 3687 .count = AES_OFB_DEC_TEST_VECTORS
>> 3688 }
>> 3689 }
5449 } 3690 }
5450 }, { 3691 }, {
5451 .alg = "pcbc(fcrypt)", 3692 .alg = "pcbc(fcrypt)",
5452 .test = alg_test_skcipher, 3693 .test = alg_test_skcipher,
5453 .suite = { 3694 .suite = {
5454 .cipher = __VECS(fcry !! 3695 .cipher = {
5455 } !! 3696 .enc = {
5456 }, { !! 3697 .vecs = fcrypt_pcbc_enc_tv_template,
5457 .alg = "pkcs1pad(rsa,sha224)" !! 3698 .count = FCRYPT_ENC_TEST_VECTORS
5458 .test = alg_test_null, !! 3699 },
5459 .fips_allowed = 1, !! 3700 .dec = {
5460 }, { !! 3701 .vecs = fcrypt_pcbc_dec_tv_template,
5461 .alg = "pkcs1pad(rsa,sha256)" !! 3702 .count = FCRYPT_DEC_TEST_VECTORS
5462 .test = alg_test_akcipher, !! 3703 }
5463 .fips_allowed = 1, !! 3704 }
5464 .suite = { <<
5465 .akcipher = __VECS(pk <<
5466 } 3705 }
5467 }, { 3706 }, {
5468 .alg = "pkcs1pad(rsa,sha3-256 <<
5469 .test = alg_test_null, <<
5470 .fips_allowed = 1, <<
5471 }, { <<
5472 .alg = "pkcs1pad(rsa,sha3-384 <<
5473 .test = alg_test_null, <<
5474 .fips_allowed = 1, <<
5475 }, { <<
5476 .alg = "pkcs1pad(rsa,sha3-512 <<
5477 .test = alg_test_null, <<
5478 .fips_allowed = 1, <<
5479 }, { <<
5480 .alg = "pkcs1pad(rsa,sha384)" <<
5481 .test = alg_test_null, <<
5482 .fips_allowed = 1, <<
5483 }, { <<
5484 .alg = "pkcs1pad(rsa,sha512)" <<
5485 .test = alg_test_null, <<
5486 .fips_allowed = 1, <<
5487 }, { <<
5488 .alg = "poly1305", 3707 .alg = "poly1305",
5489 .test = alg_test_hash, 3708 .test = alg_test_hash,
5490 .suite = { 3709 .suite = {
5491 .hash = __VECS(poly13 !! 3710 .hash = {
5492 } !! 3711 .vecs = poly1305_tv_template,
5493 }, { !! 3712 .count = POLY1305_TEST_VECTORS
5494 .alg = "polyval", !! 3713 }
5495 .test = alg_test_hash, <<
5496 .suite = { <<
5497 .hash = __VECS(polyva <<
5498 } 3714 }
5499 }, { 3715 }, {
5500 .alg = "rfc3686(ctr(aes))", 3716 .alg = "rfc3686(ctr(aes))",
5501 .test = alg_test_skcipher, 3717 .test = alg_test_skcipher,
5502 .fips_allowed = 1, 3718 .fips_allowed = 1,
5503 .suite = { 3719 .suite = {
5504 .cipher = __VECS(aes_ !! 3720 .cipher = {
5505 } !! 3721 .enc = {
5506 }, { !! 3722 .vecs = aes_ctr_rfc3686_enc_tv_template,
5507 .alg = "rfc3686(ctr(sm4))", !! 3723 .count = AES_CTR_3686_ENC_TEST_VECTORS
5508 .test = alg_test_skcipher, !! 3724 },
5509 .suite = { !! 3725 .dec = {
5510 .cipher = __VECS(sm4_ !! 3726 .vecs = aes_ctr_rfc3686_dec_tv_template,
>> 3727 .count = AES_CTR_3686_DEC_TEST_VECTORS
>> 3728 }
>> 3729 }
5511 } 3730 }
5512 }, { 3731 }, {
5513 .alg = "rfc4106(gcm(aes))", 3732 .alg = "rfc4106(gcm(aes))",
5514 .generic_driver = "rfc4106(gc <<
5515 .test = alg_test_aead, 3733 .test = alg_test_aead,
5516 .fips_allowed = 1, 3734 .fips_allowed = 1,
5517 .suite = { 3735 .suite = {
5518 .aead = { 3736 .aead = {
5519 ____VECS(aes_ !! 3737 .enc = {
5520 .einval_allow !! 3738 .vecs = aes_gcm_rfc4106_enc_tv_template,
5521 .aad_iv = 1, !! 3739 .count = AES_GCM_4106_ENC_TEST_VECTORS
>> 3740 },
>> 3741 .dec = {
>> 3742 .vecs = aes_gcm_rfc4106_dec_tv_template,
>> 3743 .count = AES_GCM_4106_DEC_TEST_VECTORS
>> 3744 }
5522 } 3745 }
5523 } 3746 }
5524 }, { 3747 }, {
5525 .alg = "rfc4309(ccm(aes))", 3748 .alg = "rfc4309(ccm(aes))",
5526 .generic_driver = "rfc4309(cc <<
5527 .test = alg_test_aead, 3749 .test = alg_test_aead,
5528 .fips_allowed = 1, 3750 .fips_allowed = 1,
5529 .suite = { 3751 .suite = {
5530 .aead = { 3752 .aead = {
5531 ____VECS(aes_ !! 3753 .enc = {
5532 .einval_allow !! 3754 .vecs = aes_ccm_rfc4309_enc_tv_template,
5533 .aad_iv = 1, !! 3755 .count = AES_CCM_4309_ENC_TEST_VECTORS
>> 3756 },
>> 3757 .dec = {
>> 3758 .vecs = aes_ccm_rfc4309_dec_tv_template,
>> 3759 .count = AES_CCM_4309_DEC_TEST_VECTORS
>> 3760 }
5534 } 3761 }
5535 } 3762 }
5536 }, { 3763 }, {
5537 .alg = "rfc4543(gcm(aes))", 3764 .alg = "rfc4543(gcm(aes))",
5538 .generic_driver = "rfc4543(gc <<
5539 .test = alg_test_aead, 3765 .test = alg_test_aead,
5540 .suite = { 3766 .suite = {
5541 .aead = { 3767 .aead = {
5542 ____VECS(aes_ !! 3768 .enc = {
5543 .einval_allow !! 3769 .vecs = aes_gcm_rfc4543_enc_tv_template,
5544 .aad_iv = 1, !! 3770 .count = AES_GCM_4543_ENC_TEST_VECTORS
>> 3771 },
>> 3772 .dec = {
>> 3773 .vecs = aes_gcm_rfc4543_dec_tv_template,
>> 3774 .count = AES_GCM_4543_DEC_TEST_VECTORS
>> 3775 },
5545 } 3776 }
5546 } 3777 }
5547 }, { 3778 }, {
5548 .alg = "rfc7539(chacha20,poly 3779 .alg = "rfc7539(chacha20,poly1305)",
5549 .test = alg_test_aead, 3780 .test = alg_test_aead,
5550 .suite = { 3781 .suite = {
5551 .aead = __VECS(rfc753 !! 3782 .aead = {
>> 3783 .enc = {
>> 3784 .vecs = rfc7539_enc_tv_template,
>> 3785 .count = RFC7539_ENC_TEST_VECTORS
>> 3786 },
>> 3787 .dec = {
>> 3788 .vecs = rfc7539_dec_tv_template,
>> 3789 .count = RFC7539_DEC_TEST_VECTORS
>> 3790 },
>> 3791 }
5552 } 3792 }
5553 }, { 3793 }, {
5554 .alg = "rfc7539esp(chacha20,p 3794 .alg = "rfc7539esp(chacha20,poly1305)",
5555 .test = alg_test_aead, 3795 .test = alg_test_aead,
5556 .suite = { 3796 .suite = {
5557 .aead = { 3797 .aead = {
5558 ____VECS(rfc7 !! 3798 .enc = {
5559 .einval_allow !! 3799 .vecs = rfc7539esp_enc_tv_template,
5560 .aad_iv = 1, !! 3800 .count = RFC7539ESP_ENC_TEST_VECTORS
>> 3801 },
>> 3802 .dec = {
>> 3803 .vecs = rfc7539esp_dec_tv_template,
>> 3804 .count = RFC7539ESP_DEC_TEST_VECTORS
>> 3805 },
>> 3806 }
>> 3807 }
>> 3808 }, {
>> 3809 .alg = "rmd128",
>> 3810 .test = alg_test_hash,
>> 3811 .suite = {
>> 3812 .hash = {
>> 3813 .vecs = rmd128_tv_template,
>> 3814 .count = RMD128_TEST_VECTORS
5561 } 3815 }
5562 } 3816 }
5563 }, { 3817 }, {
5564 .alg = "rmd160", 3818 .alg = "rmd160",
5565 .test = alg_test_hash, 3819 .test = alg_test_hash,
5566 .suite = { 3820 .suite = {
5567 .hash = __VECS(rmd160 !! 3821 .hash = {
>> 3822 .vecs = rmd160_tv_template,
>> 3823 .count = RMD160_TEST_VECTORS
>> 3824 }
>> 3825 }
>> 3826 }, {
>> 3827 .alg = "rmd256",
>> 3828 .test = alg_test_hash,
>> 3829 .suite = {
>> 3830 .hash = {
>> 3831 .vecs = rmd256_tv_template,
>> 3832 .count = RMD256_TEST_VECTORS
>> 3833 }
>> 3834 }
>> 3835 }, {
>> 3836 .alg = "rmd320",
>> 3837 .test = alg_test_hash,
>> 3838 .suite = {
>> 3839 .hash = {
>> 3840 .vecs = rmd320_tv_template,
>> 3841 .count = RMD320_TEST_VECTORS
>> 3842 }
5568 } 3843 }
5569 }, { 3844 }, {
5570 .alg = "rsa", 3845 .alg = "rsa",
5571 .test = alg_test_akcipher, 3846 .test = alg_test_akcipher,
5572 .fips_allowed = 1, 3847 .fips_allowed = 1,
5573 .suite = { 3848 .suite = {
5574 .akcipher = __VECS(rs !! 3849 .akcipher = {
>> 3850 .vecs = rsa_tv_template,
>> 3851 .count = RSA_TEST_VECTORS
>> 3852 }
>> 3853 }
>> 3854 }, {
>> 3855 .alg = "salsa20",
>> 3856 .test = alg_test_skcipher,
>> 3857 .suite = {
>> 3858 .cipher = {
>> 3859 .enc = {
>> 3860 .vecs = salsa20_stream_enc_tv_template,
>> 3861 .count = SALSA20_STREAM_ENC_TEST_VECTORS
>> 3862 }
>> 3863 }
5575 } 3864 }
5576 }, { 3865 }, {
5577 .alg = "sha1", 3866 .alg = "sha1",
5578 .test = alg_test_hash, 3867 .test = alg_test_hash,
5579 .fips_allowed = 1, 3868 .fips_allowed = 1,
5580 .suite = { 3869 .suite = {
5581 .hash = __VECS(sha1_t !! 3870 .hash = {
>> 3871 .vecs = sha1_tv_template,
>> 3872 .count = SHA1_TEST_VECTORS
>> 3873 }
5582 } 3874 }
5583 }, { 3875 }, {
5584 .alg = "sha224", 3876 .alg = "sha224",
5585 .test = alg_test_hash, 3877 .test = alg_test_hash,
5586 .fips_allowed = 1, 3878 .fips_allowed = 1,
5587 .suite = { 3879 .suite = {
5588 .hash = __VECS(sha224 !! 3880 .hash = {
>> 3881 .vecs = sha224_tv_template,
>> 3882 .count = SHA224_TEST_VECTORS
>> 3883 }
5589 } 3884 }
5590 }, { 3885 }, {
5591 .alg = "sha256", 3886 .alg = "sha256",
5592 .test = alg_test_hash, 3887 .test = alg_test_hash,
5593 .fips_allowed = 1, 3888 .fips_allowed = 1,
5594 .suite = { 3889 .suite = {
5595 .hash = __VECS(sha256 !! 3890 .hash = {
>> 3891 .vecs = sha256_tv_template,
>> 3892 .count = SHA256_TEST_VECTORS
>> 3893 }
5596 } 3894 }
5597 }, { 3895 }, {
5598 .alg = "sha3-224", 3896 .alg = "sha3-224",
5599 .test = alg_test_hash, 3897 .test = alg_test_hash,
5600 .fips_allowed = 1, 3898 .fips_allowed = 1,
5601 .suite = { 3899 .suite = {
5602 .hash = __VECS(sha3_2 !! 3900 .hash = {
>> 3901 .vecs = sha3_224_tv_template,
>> 3902 .count = SHA3_224_TEST_VECTORS
>> 3903 }
5603 } 3904 }
5604 }, { 3905 }, {
5605 .alg = "sha3-256", 3906 .alg = "sha3-256",
5606 .test = alg_test_hash, 3907 .test = alg_test_hash,
5607 .fips_allowed = 1, 3908 .fips_allowed = 1,
5608 .suite = { 3909 .suite = {
5609 .hash = __VECS(sha3_2 !! 3910 .hash = {
>> 3911 .vecs = sha3_256_tv_template,
>> 3912 .count = SHA3_256_TEST_VECTORS
>> 3913 }
5610 } 3914 }
5611 }, { 3915 }, {
5612 .alg = "sha3-384", 3916 .alg = "sha3-384",
5613 .test = alg_test_hash, 3917 .test = alg_test_hash,
5614 .fips_allowed = 1, 3918 .fips_allowed = 1,
5615 .suite = { 3919 .suite = {
5616 .hash = __VECS(sha3_3 !! 3920 .hash = {
>> 3921 .vecs = sha3_384_tv_template,
>> 3922 .count = SHA3_384_TEST_VECTORS
>> 3923 }
5617 } 3924 }
5618 }, { 3925 }, {
5619 .alg = "sha3-512", 3926 .alg = "sha3-512",
5620 .test = alg_test_hash, 3927 .test = alg_test_hash,
5621 .fips_allowed = 1, 3928 .fips_allowed = 1,
5622 .suite = { 3929 .suite = {
5623 .hash = __VECS(sha3_5 !! 3930 .hash = {
>> 3931 .vecs = sha3_512_tv_template,
>> 3932 .count = SHA3_512_TEST_VECTORS
>> 3933 }
5624 } 3934 }
5625 }, { 3935 }, {
5626 .alg = "sha384", 3936 .alg = "sha384",
5627 .test = alg_test_hash, 3937 .test = alg_test_hash,
5628 .fips_allowed = 1, 3938 .fips_allowed = 1,
5629 .suite = { 3939 .suite = {
5630 .hash = __VECS(sha384 !! 3940 .hash = {
>> 3941 .vecs = sha384_tv_template,
>> 3942 .count = SHA384_TEST_VECTORS
>> 3943 }
5631 } 3944 }
5632 }, { 3945 }, {
5633 .alg = "sha512", 3946 .alg = "sha512",
5634 .test = alg_test_hash, 3947 .test = alg_test_hash,
5635 .fips_allowed = 1, 3948 .fips_allowed = 1,
5636 .suite = { 3949 .suite = {
5637 .hash = __VECS(sha512 !! 3950 .hash = {
>> 3951 .vecs = sha512_tv_template,
>> 3952 .count = SHA512_TEST_VECTORS
>> 3953 }
5638 } 3954 }
5639 }, { 3955 }, {
5640 .alg = "sm3", !! 3956 .alg = "tgr128",
5641 .test = alg_test_hash, 3957 .test = alg_test_hash,
5642 .suite = { 3958 .suite = {
5643 .hash = __VECS(sm3_tv !! 3959 .hash = {
>> 3960 .vecs = tgr128_tv_template,
>> 3961 .count = TGR128_TEST_VECTORS
>> 3962 }
5644 } 3963 }
5645 }, { 3964 }, {
5646 .alg = "streebog256", !! 3965 .alg = "tgr160",
5647 .test = alg_test_hash, 3966 .test = alg_test_hash,
5648 .suite = { 3967 .suite = {
5649 .hash = __VECS(streeb !! 3968 .hash = {
>> 3969 .vecs = tgr160_tv_template,
>> 3970 .count = TGR160_TEST_VECTORS
>> 3971 }
5650 } 3972 }
5651 }, { 3973 }, {
5652 .alg = "streebog512", !! 3974 .alg = "tgr192",
5653 .test = alg_test_hash, 3975 .test = alg_test_hash,
5654 .suite = { 3976 .suite = {
5655 .hash = __VECS(streeb !! 3977 .hash = {
>> 3978 .vecs = tgr192_tv_template,
>> 3979 .count = TGR192_TEST_VECTORS
>> 3980 }
5656 } 3981 }
5657 }, { 3982 }, {
5658 .alg = "vmac64(aes)", !! 3983 .alg = "vmac(aes)",
5659 .test = alg_test_hash, 3984 .test = alg_test_hash,
5660 .suite = { 3985 .suite = {
5661 .hash = __VECS(vmac64 !! 3986 .hash = {
>> 3987 .vecs = aes_vmac128_tv_template,
>> 3988 .count = VMAC_AES_TEST_VECTORS
>> 3989 }
5662 } 3990 }
5663 }, { 3991 }, {
5664 .alg = "wp256", 3992 .alg = "wp256",
5665 .test = alg_test_hash, 3993 .test = alg_test_hash,
5666 .suite = { 3994 .suite = {
5667 .hash = __VECS(wp256_ !! 3995 .hash = {
>> 3996 .vecs = wp256_tv_template,
>> 3997 .count = WP256_TEST_VECTORS
>> 3998 }
5668 } 3999 }
5669 }, { 4000 }, {
5670 .alg = "wp384", 4001 .alg = "wp384",
5671 .test = alg_test_hash, 4002 .test = alg_test_hash,
5672 .suite = { 4003 .suite = {
5673 .hash = __VECS(wp384_ !! 4004 .hash = {
>> 4005 .vecs = wp384_tv_template,
>> 4006 .count = WP384_TEST_VECTORS
>> 4007 }
5674 } 4008 }
5675 }, { 4009 }, {
5676 .alg = "wp512", 4010 .alg = "wp512",
5677 .test = alg_test_hash, 4011 .test = alg_test_hash,
5678 .suite = { 4012 .suite = {
5679 .hash = __VECS(wp512_ !! 4013 .hash = {
>> 4014 .vecs = wp512_tv_template,
>> 4015 .count = WP512_TEST_VECTORS
>> 4016 }
5680 } 4017 }
5681 }, { 4018 }, {
5682 .alg = "xcbc(aes)", 4019 .alg = "xcbc(aes)",
5683 .test = alg_test_hash, 4020 .test = alg_test_hash,
5684 .suite = { 4021 .suite = {
5685 .hash = __VECS(aes_xc !! 4022 .hash = {
5686 } !! 4023 .vecs = aes_xcbc128_tv_template,
5687 }, { !! 4024 .count = XCBC_AES_TEST_VECTORS
5688 .alg = "xcbc(sm4)", !! 4025 }
5689 .test = alg_test_hash, <<
5690 .suite = { <<
5691 .hash = __VECS(sm4_xc <<
5692 } <<
5693 }, { <<
5694 .alg = "xchacha12", <<
5695 .test = alg_test_skcipher, <<
5696 .suite = { <<
5697 .cipher = __VECS(xcha <<
5698 }, <<
5699 }, { <<
5700 .alg = "xchacha20", <<
5701 .test = alg_test_skcipher, <<
5702 .suite = { <<
5703 .cipher = __VECS(xcha <<
5704 }, <<
5705 }, { <<
5706 .alg = "xctr(aes)", <<
5707 .test = alg_test_skcipher, <<
5708 .suite = { <<
5709 .cipher = __VECS(aes_ <<
5710 } 4026 }
5711 }, { 4027 }, {
5712 .alg = "xts(aes)", 4028 .alg = "xts(aes)",
5713 .generic_driver = "xts(ecb(ae <<
5714 .test = alg_test_skcipher, 4029 .test = alg_test_skcipher,
5715 .fips_allowed = 1, 4030 .fips_allowed = 1,
5716 .suite = { 4031 .suite = {
5717 .cipher = __VECS(aes_ !! 4032 .cipher = {
>> 4033 .enc = {
>> 4034 .vecs = aes_xts_enc_tv_template,
>> 4035 .count = AES_XTS_ENC_TEST_VECTORS
>> 4036 },
>> 4037 .dec = {
>> 4038 .vecs = aes_xts_dec_tv_template,
>> 4039 .count = AES_XTS_DEC_TEST_VECTORS
>> 4040 }
>> 4041 }
5718 } 4042 }
5719 }, { 4043 }, {
5720 .alg = "xts(camellia)", 4044 .alg = "xts(camellia)",
5721 .generic_driver = "xts(ecb(ca <<
5722 .test = alg_test_skcipher, 4045 .test = alg_test_skcipher,
5723 .suite = { 4046 .suite = {
5724 .cipher = __VECS(came !! 4047 .cipher = {
>> 4048 .enc = {
>> 4049 .vecs = camellia_xts_enc_tv_template,
>> 4050 .count = CAMELLIA_XTS_ENC_TEST_VECTORS
>> 4051 },
>> 4052 .dec = {
>> 4053 .vecs = camellia_xts_dec_tv_template,
>> 4054 .count = CAMELLIA_XTS_DEC_TEST_VECTORS
>> 4055 }
>> 4056 }
5725 } 4057 }
5726 }, { 4058 }, {
5727 .alg = "xts(cast6)", 4059 .alg = "xts(cast6)",
5728 .generic_driver = "xts(ecb(ca <<
5729 .test = alg_test_skcipher, 4060 .test = alg_test_skcipher,
5730 .suite = { 4061 .suite = {
5731 .cipher = __VECS(cast !! 4062 .cipher = {
>> 4063 .enc = {
>> 4064 .vecs = cast6_xts_enc_tv_template,
>> 4065 .count = CAST6_XTS_ENC_TEST_VECTORS
>> 4066 },
>> 4067 .dec = {
>> 4068 .vecs = cast6_xts_dec_tv_template,
>> 4069 .count = CAST6_XTS_DEC_TEST_VECTORS
>> 4070 }
>> 4071 }
5732 } 4072 }
5733 }, { 4073 }, {
5734 /* Same as xts(aes) except th <<
5735 * hardware secure memory whi <<
5736 */ <<
5737 .alg = "xts(paes)", <<
5738 .test = alg_test_null, <<
5739 .fips_allowed = 1, <<
5740 }, { <<
5741 .alg = "xts(serpent)", 4074 .alg = "xts(serpent)",
5742 .generic_driver = "xts(ecb(se <<
5743 .test = alg_test_skcipher, 4075 .test = alg_test_skcipher,
5744 .suite = { 4076 .suite = {
5745 .cipher = __VECS(serp !! 4077 .cipher = {
5746 } !! 4078 .enc = {
5747 }, { !! 4079 .vecs = serpent_xts_enc_tv_template,
5748 .alg = "xts(sm4)", !! 4080 .count = SERPENT_XTS_ENC_TEST_VECTORS
5749 .generic_driver = "xts(ecb(sm !! 4081 },
5750 .test = alg_test_skcipher, !! 4082 .dec = {
5751 .suite = { !! 4083 .vecs = serpent_xts_dec_tv_template,
5752 .cipher = __VECS(sm4_ !! 4084 .count = SERPENT_XTS_DEC_TEST_VECTORS
>> 4085 }
>> 4086 }
5753 } 4087 }
5754 }, { 4088 }, {
5755 .alg = "xts(twofish)", 4089 .alg = "xts(twofish)",
5756 .generic_driver = "xts(ecb(tw <<
5757 .test = alg_test_skcipher, 4090 .test = alg_test_skcipher,
5758 .suite = { 4091 .suite = {
5759 .cipher = __VECS(tf_x !! 4092 .cipher = {
5760 } !! 4093 .enc = {
5761 }, { !! 4094 .vecs = tf_xts_enc_tv_template,
5762 #if IS_ENABLED(CONFIG_CRYPTO_PAES_S390) !! 4095 .count = TF_XTS_ENC_TEST_VECTORS
5763 .alg = "xts-paes-s390", !! 4096 },
5764 .fips_allowed = 1, !! 4097 .dec = {
5765 .test = alg_test_skcipher, !! 4098 .vecs = tf_xts_dec_tv_template,
5766 .suite = { !! 4099 .count = TF_XTS_DEC_TEST_VECTORS
5767 .cipher = __VECS(aes_ !! 4100 }
5768 } <<
5769 }, { <<
5770 #endif <<
5771 .alg = "xxhash64", <<
5772 .test = alg_test_hash, <<
5773 .fips_allowed = 1, <<
5774 .suite = { <<
5775 .hash = __VECS(xxhash <<
5776 } <<
5777 }, { <<
5778 .alg = "zstd", <<
5779 .test = alg_test_comp, <<
5780 .fips_allowed = 1, <<
5781 .suite = { <<
5782 .comp = { <<
5783 .comp = __VEC <<
5784 .decomp = __V <<
5785 } 4101 }
5786 } 4102 }
5787 } 4103 }
5788 }; 4104 };
5789 4105
5790 static void alg_check_test_descs_order(void) !! 4106 static bool alg_test_descs_checked;
>> 4107
>> 4108 static void alg_test_descs_check_order(void)
5791 { 4109 {
5792 int i; 4110 int i;
5793 4111
>> 4112 /* only check once */
>> 4113 if (alg_test_descs_checked)
>> 4114 return;
>> 4115
>> 4116 alg_test_descs_checked = true;
>> 4117
5794 for (i = 1; i < ARRAY_SIZE(alg_test_d 4118 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
5795 int diff = strcmp(alg_test_de 4119 int diff = strcmp(alg_test_descs[i - 1].alg,
5796 alg_test_de 4120 alg_test_descs[i].alg);
5797 4121
5798 if (WARN_ON(diff > 0)) { 4122 if (WARN_ON(diff > 0)) {
5799 pr_warn("testmgr: alg 4123 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
5800 alg_test_desc 4124 alg_test_descs[i - 1].alg,
5801 alg_test_desc 4125 alg_test_descs[i].alg);
5802 } 4126 }
5803 4127
5804 if (WARN_ON(diff == 0)) { 4128 if (WARN_ON(diff == 0)) {
5805 pr_warn("testmgr: dup 4129 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
5806 alg_test_desc 4130 alg_test_descs[i].alg);
5807 } 4131 }
5808 } 4132 }
5809 } 4133 }
5810 4134
5811 static void alg_check_testvec_configs(void) <<
5812 { <<
5813 int i; <<
5814 <<
5815 for (i = 0; i < ARRAY_SIZE(default_ci <<
5816 WARN_ON(!valid_testvec_config <<
5817 &default_ciph <<
5818 <<
5819 for (i = 0; i < ARRAY_SIZE(default_ha <<
5820 WARN_ON(!valid_testvec_config <<
5821 &default_hash <<
5822 } <<
5823 <<
5824 static void testmgr_onetime_init(void) <<
5825 { <<
5826 alg_check_test_descs_order(); <<
5827 alg_check_testvec_configs(); <<
5828 <<
5829 #ifdef CONFIG_CRYPTO_MANAGER_EXTRA_TESTS <<
5830 pr_warn("alg: extra crypto tests enab <<
5831 #endif <<
5832 } <<
5833 <<
5834 static int alg_find_test(const char *alg) 4135 static int alg_find_test(const char *alg)
5835 { 4136 {
5836 int start = 0; 4137 int start = 0;
5837 int end = ARRAY_SIZE(alg_test_descs); 4138 int end = ARRAY_SIZE(alg_test_descs);
5838 4139
5839 while (start < end) { 4140 while (start < end) {
5840 int i = (start + end) / 2; 4141 int i = (start + end) / 2;
5841 int diff = strcmp(alg_test_de 4142 int diff = strcmp(alg_test_descs[i].alg, alg);
5842 4143
5843 if (diff > 0) { 4144 if (diff > 0) {
5844 end = i; 4145 end = i;
5845 continue; 4146 continue;
5846 } 4147 }
5847 4148
5848 if (diff < 0) { 4149 if (diff < 0) {
5849 start = i + 1; 4150 start = i + 1;
5850 continue; 4151 continue;
5851 } 4152 }
5852 4153
5853 return i; 4154 return i;
5854 } 4155 }
5855 4156
5856 return -1; 4157 return -1;
5857 } 4158 }
5858 4159
5859 static int alg_fips_disabled(const char *driv <<
5860 { <<
5861 pr_info("alg: %s (%s) is disabled due <<
5862 <<
5863 return -ECANCELED; <<
5864 } <<
5865 <<
5866 int alg_test(const char *driver, const char * 4160 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
5867 { 4161 {
5868 int i; 4162 int i;
5869 int j; 4163 int j;
5870 int rc; 4164 int rc;
5871 4165
5872 if (!fips_enabled && notests) { 4166 if (!fips_enabled && notests) {
5873 printk_once(KERN_INFO "alg: s 4167 printk_once(KERN_INFO "alg: self-tests disabled\n");
5874 return 0; 4168 return 0;
5875 } 4169 }
5876 4170
5877 DO_ONCE(testmgr_onetime_init); !! 4171 alg_test_descs_check_order();
5878 4172
5879 if ((type & CRYPTO_ALG_TYPE_MASK) == 4173 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
5880 char nalg[CRYPTO_MAX_ALG_NAME 4174 char nalg[CRYPTO_MAX_ALG_NAME];
5881 4175
5882 if (snprintf(nalg, sizeof(nal 4176 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
5883 sizeof(nalg)) 4177 sizeof(nalg))
5884 return -ENAMETOOLONG; 4178 return -ENAMETOOLONG;
5885 4179
5886 i = alg_find_test(nalg); 4180 i = alg_find_test(nalg);
5887 if (i < 0) 4181 if (i < 0)
5888 goto notest; 4182 goto notest;
5889 4183
5890 if (fips_enabled && !alg_test 4184 if (fips_enabled && !alg_test_descs[i].fips_allowed)
5891 goto non_fips_alg; 4185 goto non_fips_alg;
5892 4186
5893 rc = alg_test_cipher(alg_test 4187 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
5894 goto test_done; 4188 goto test_done;
5895 } 4189 }
5896 4190
5897 i = alg_find_test(alg); 4191 i = alg_find_test(alg);
5898 j = alg_find_test(driver); 4192 j = alg_find_test(driver);
5899 if (i < 0 && j < 0) 4193 if (i < 0 && j < 0)
5900 goto notest; 4194 goto notest;
5901 4195
5902 if (fips_enabled) { !! 4196 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
5903 if (j >= 0 && !alg_test_descs !! 4197 (j >= 0 && !alg_test_descs[j].fips_allowed)))
5904 return -EINVAL; !! 4198 goto non_fips_alg;
5905 <<
5906 if (i >= 0 && !alg_test_descs <<
5907 goto non_fips_alg; <<
5908 } <<
5909 4199
5910 rc = 0; 4200 rc = 0;
5911 if (i >= 0) 4201 if (i >= 0)
5912 rc |= alg_test_descs[i].test( 4202 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
5913 4203 type, mask);
5914 if (j >= 0 && j != i) 4204 if (j >= 0 && j != i)
5915 rc |= alg_test_descs[j].test( 4205 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
5916 4206 type, mask);
5917 4207
5918 test_done: 4208 test_done:
5919 if (rc) { !! 4209 if (fips_enabled && rc)
5920 if (fips_enabled || panic_on_ !! 4210 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
5921 fips_fail_notify(); !! 4211
5922 panic("alg: self-test !! 4212 if (fips_enabled && !rc)
5923 driver, alg, !! 4213 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
5924 fips_enabled ? <<
5925 } <<
5926 pr_warn("alg: self-tests for <<
5927 alg, driver, rc); <<
5928 WARN(rc != -ENOENT, <<
5929 "alg: self-tests for %s <<
5930 alg, driver, rc); <<
5931 } else { <<
5932 if (fips_enabled) <<
5933 pr_info("alg: self-te <<
5934 driver, alg); <<
5935 } <<
5936 4214
5937 return rc; 4215 return rc;
5938 4216
5939 notest: 4217 notest:
5940 if ((type & CRYPTO_ALG_TYPE_MASK) == <<
5941 char nalg[CRYPTO_MAX_ALG_NAME <<
5942 <<
5943 if (snprintf(nalg, sizeof(nal <<
5944 sizeof(nalg)) <<
5945 goto notest2; <<
5946 <<
5947 i = alg_find_test(nalg); <<
5948 if (i < 0) <<
5949 goto notest2; <<
5950 <<
5951 if (fips_enabled && !alg_test <<
5952 goto non_fips_alg; <<
5953 <<
5954 rc = alg_test_skcipher(alg_te <<
5955 goto test_done; <<
5956 } <<
5957 <<
5958 notest2: <<
5959 printk(KERN_INFO "alg: No test for %s 4218 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
5960 <<
5961 if (type & CRYPTO_ALG_FIPS_INTERNAL) <<
5962 return alg_fips_disabled(driv <<
5963 <<
5964 return 0; 4219 return 0;
5965 non_fips_alg: 4220 non_fips_alg:
5966 return alg_fips_disabled(driver, alg) !! 4221 return -EINVAL;
5967 } 4222 }
5968 4223
5969 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS 4224 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
5970 4225
5971 EXPORT_SYMBOL_GPL(alg_test); 4226 EXPORT_SYMBOL_GPL(alg_test);
5972 4227
Linux® is a registered trademark of Linus Torvalds in the United States and other countries.
TOMOYO® is a registered trademark of NTT DATA CORPORATION.