search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge tag 'scsi-fixes' of git://git.kernel.org/pub/scm/linux/kernel/git/jejb/scsi
[cris-mirror.git] / crypto / testmgr.c
blobd5e23a142a0471ba4cffca85d5412e9ebe96eb75
1 /*
2 * Algorithm testing framework and tests.
3 *
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
6 * Copyright (c) 2007 Nokia Siemens Networks
7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
8 *
9 * Updated RFC4106 AES-GCM testing.
10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com)
11 * Adrian Hoban <adrian.hoban@intel.com>
12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
13 * Tadeusz Struk (tadeusz.struk@intel.com)
14 * Copyright (c) 2010, Intel Corporation.
15 *
16 * This program is free software; you can redistribute it and/or modify it
17 * under the terms of the GNU General Public License as published by the Free
18 * Software Foundation; either version 2 of the License, or (at your option)
19 * any later version.
20 *
21 */
22
23 #include <crypto/aead.h>
24 #include <crypto/hash.h>
25 #include <crypto/skcipher.h>
26 #include <linux/err.h>
27 #include <linux/fips.h>
28 #include <linux/module.h>
29 #include <linux/scatterlist.h>
30 #include <linux/slab.h>
31 #include <linux/string.h>
32 #include <crypto/rng.h>
33 #include <crypto/drbg.h>
34 #include <crypto/akcipher.h>
35 #include <crypto/kpp.h>
36 #include <crypto/acompress.h>
37
38 #include "internal.h"
39
40 static bool notests;
41 module_param(notests, bool, 0644);
42 MODULE_PARM_DESC(notests, "disable crypto self-tests");
43
44 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
45
46 /* a perfect nop */
47 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
48 {
49 return 0;
50 }
51
52 #else
53
54 #include "testmgr.h"
55
56 /*
57 * Need slab memory for testing (size in number of pages).
58 */
59 #define XBUFSIZE 8
60
61 /*
62 * Indexes into the xbuf to simulate cross-page access.
63 */
64 #define IDX1 32
65 #define IDX2 32400
66 #define IDX3 1511
67 #define IDX4 8193
68 #define IDX5 22222
69 #define IDX6 17101
70 #define IDX7 27333
71 #define IDX8 3000
72
73 /*
74 * Used by test_cipher()
75 */
76 #define ENCRYPT 1
77 #define DECRYPT 0
78
79 struct aead_test_suite {
80 struct {
81 const struct aead_testvec *vecs;
82 unsigned int count;
83 } enc, dec;
84 };
85
86 struct cipher_test_suite {
87 struct {
88 const struct cipher_testvec *vecs;
89 unsigned int count;
90 } enc, dec;
91 };
92
93 struct comp_test_suite {
94 struct {
95 const struct comp_testvec *vecs;
96 unsigned int count;
97 } comp, decomp;
98 };
99
100 struct hash_test_suite {
101 const struct hash_testvec *vecs;
102 unsigned int count;
103 };
104
105 struct cprng_test_suite {
106 const struct cprng_testvec *vecs;
107 unsigned int count;
108 };
109
110 struct drbg_test_suite {
111 const struct drbg_testvec *vecs;
112 unsigned int count;
113 };
114
115 struct akcipher_test_suite {
116 const struct akcipher_testvec *vecs;
117 unsigned int count;
118 };
119
120 struct kpp_test_suite {
121 const struct kpp_testvec *vecs;
122 unsigned int count;
123 };
124
125 struct alg_test_desc {
126 const char *alg;
127 int (*test)(const struct alg_test_desc *desc, const char *driver,
128 u32 type, u32 mask);
129 int fips_allowed; /* set if alg is allowed in fips mode */
130
131 union {
132 struct aead_test_suite aead;
133 struct cipher_test_suite cipher;
134 struct comp_test_suite comp;
135 struct hash_test_suite hash;
136 struct cprng_test_suite cprng;
137 struct drbg_test_suite drbg;
138 struct akcipher_test_suite akcipher;
139 struct kpp_test_suite kpp;
140 } suite;
141 };
142
143 static const unsigned int IDX[8] = {
144 IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
145
146 static void hexdump(unsigned char *buf, unsigned int len)
147 {
148 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
149 16, 1,
150 buf, len, false);
151 }
152
153 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
154 {
155 int i;
156
157 for (i = 0; i < XBUFSIZE; i++) {
158 buf[i] = (void *)__get_free_page(GFP_KERNEL);
159 if (!buf[i])
160 goto err_free_buf;
161 }
162
163 return 0;
164
165 err_free_buf:
166 while (i-- > 0)
167 free_page((unsigned long)buf[i]);
168
169 return -ENOMEM;
170 }
171
172 static void testmgr_free_buf(char *buf[XBUFSIZE])
173 {
174 int i;
175
176 for (i = 0; i < XBUFSIZE; i++)
177 free_page((unsigned long)buf[i]);
178 }
179
180 static int ahash_guard_result(char *result, char c, int size)
181 {
182 int i;
183
184 for (i = 0; i < size; i++) {
185 if (result[i] != c)
186 return -EINVAL;
187 }
188
189 return 0;
190 }
191
192 static int ahash_partial_update(struct ahash_request **preq,
193 struct crypto_ahash *tfm, const struct hash_testvec *template,
194 void *hash_buff, int k, int temp, struct scatterlist *sg,
195 const char *algo, char *result, struct crypto_wait *wait)
196 {
197 char *state;
198 struct ahash_request *req;
199 int statesize, ret = -EINVAL;
200 static const unsigned char guard[] = { 0x00, 0xba, 0xad, 0x00 };
201 int digestsize = crypto_ahash_digestsize(tfm);
202
203 req = *preq;
204 statesize = crypto_ahash_statesize(
205 crypto_ahash_reqtfm(req));
206 state = kmalloc(statesize + sizeof(guard), GFP_KERNEL);
207 if (!state) {
208 pr_err("alg: hash: Failed to alloc state for %s\n", algo);
209 goto out_nostate;
210 }
211 memcpy(state + statesize, guard, sizeof(guard));
212 memset(result, 1, digestsize);
213 ret = crypto_ahash_export(req, state);
214 WARN_ON(memcmp(state + statesize, guard, sizeof(guard)));
215 if (ret) {
216 pr_err("alg: hash: Failed to export() for %s\n", algo);
217 goto out;
218 }
219 ret = ahash_guard_result(result, 1, digestsize);
220 if (ret) {
221 pr_err("alg: hash: Failed, export used req->result for %s\n",
222 algo);
223 goto out;
224 }
225 ahash_request_free(req);
226 req = ahash_request_alloc(tfm, GFP_KERNEL);
227 if (!req) {
228 pr_err("alg: hash: Failed to alloc request for %s\n", algo);
229 goto out_noreq;
230 }
231 ahash_request_set_callback(req,
232 CRYPTO_TFM_REQ_MAY_BACKLOG,
233 crypto_req_done, wait);
234
235 memcpy(hash_buff, template->plaintext + temp,
236 template->tap[k]);
237 sg_init_one(&sg[0], hash_buff, template->tap[k]);
238 ahash_request_set_crypt(req, sg, result, template->tap[k]);
239 ret = crypto_ahash_import(req, state);
240 if (ret) {
241 pr_err("alg: hash: Failed to import() for %s\n", algo);
242 goto out;
243 }
244 ret = ahash_guard_result(result, 1, digestsize);
245 if (ret) {
246 pr_err("alg: hash: Failed, import used req->result for %s\n",
247 algo);
248 goto out;
249 }
250 ret = crypto_wait_req(crypto_ahash_update(req), wait);
251 if (ret)
252 goto out;
253 *preq = req;
254 ret = 0;
255 goto out_noreq;
256 out:
257 ahash_request_free(req);
258 out_noreq:
259 kfree(state);
260 out_nostate:
261 return ret;
262 }
263
264 static int __test_hash(struct crypto_ahash *tfm,
265 const struct hash_testvec *template, unsigned int tcount,
266 bool use_digest, const int align_offset)
267 {
268 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
269 size_t digest_size = crypto_ahash_digestsize(tfm);
270 unsigned int i, j, k, temp;
271 struct scatterlist sg[8];
272 char *result;
273 char *key;
274 struct ahash_request *req;
275 struct crypto_wait wait;
276 void *hash_buff;
277 char *xbuf[XBUFSIZE];
278 int ret = -ENOMEM;
279
280 result = kmalloc(digest_size, GFP_KERNEL);
281 if (!result)
282 return ret;
283 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
284 if (!key)
285 goto out_nobuf;
286 if (testmgr_alloc_buf(xbuf))
287 goto out_nobuf;
288
289 crypto_init_wait(&wait);
290
291 req = ahash_request_alloc(tfm, GFP_KERNEL);
292 if (!req) {
293 printk(KERN_ERR "alg: hash: Failed to allocate request for "
294 "%s\n", algo);
295 goto out_noreq;
296 }
297 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
298 crypto_req_done, &wait);
299
300 j = 0;
301 for (i = 0; i < tcount; i++) {
302 if (template[i].np)
303 continue;
304
305 ret = -EINVAL;
306 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
307 goto out;
308
309 j++;
310 memset(result, 0, digest_size);
311
312 hash_buff = xbuf[0];
313 hash_buff += align_offset;
314
315 memcpy(hash_buff, template[i].plaintext, template[i].psize);
316 sg_init_one(&sg[0], hash_buff, template[i].psize);
317
318 if (template[i].ksize) {
319 crypto_ahash_clear_flags(tfm, ~0);
320 if (template[i].ksize > MAX_KEYLEN) {
321 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
322 j, algo, template[i].ksize, MAX_KEYLEN);
323 ret = -EINVAL;
324 goto out;
325 }
326 memcpy(key, template[i].key, template[i].ksize);
327 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
328 if (ret) {
329 printk(KERN_ERR "alg: hash: setkey failed on "
330 "test %d for %s: ret=%d\n", j, algo,
331 -ret);
332 goto out;
333 }
334 }
335
336 ahash_request_set_crypt(req, sg, result, template[i].psize);
337 if (use_digest) {
338 ret = crypto_wait_req(crypto_ahash_digest(req), &wait);
339 if (ret) {
340 pr_err("alg: hash: digest failed on test %d "
341 "for %s: ret=%d\n", j, algo, -ret);
342 goto out;
343 }
344 } else {
345 memset(result, 1, digest_size);
346 ret = crypto_wait_req(crypto_ahash_init(req), &wait);
347 if (ret) {
348 pr_err("alg: hash: init failed on test %d "
349 "for %s: ret=%d\n", j, algo, -ret);
350 goto out;
351 }
352 ret = ahash_guard_result(result, 1, digest_size);
353 if (ret) {
354 pr_err("alg: hash: init failed on test %d "
355 "for %s: used req->result\n", j, algo);
356 goto out;
357 }
358 ret = crypto_wait_req(crypto_ahash_update(req), &wait);
359 if (ret) {
360 pr_err("alg: hash: update failed on test %d "
361 "for %s: ret=%d\n", j, algo, -ret);
362 goto out;
363 }
364 ret = ahash_guard_result(result, 1, digest_size);
365 if (ret) {
366 pr_err("alg: hash: update failed on test %d "
367 "for %s: used req->result\n", j, algo);
368 goto out;
369 }
370 ret = crypto_wait_req(crypto_ahash_final(req), &wait);
371 if (ret) {
372 pr_err("alg: hash: final failed on test %d "
373 "for %s: ret=%d\n", j, algo, -ret);
374 goto out;
375 }
376 }
377
378 if (memcmp(result, template[i].digest,
379 crypto_ahash_digestsize(tfm))) {
380 printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
381 j, algo);
382 hexdump(result, crypto_ahash_digestsize(tfm));
383 ret = -EINVAL;
384 goto out;
385 }
386 }
387
388 j = 0;
389 for (i = 0; i < tcount; i++) {
390 /* alignment tests are only done with continuous buffers */
391 if (align_offset != 0)
392 break;
393
394 if (!template[i].np)
395 continue;
396
397 j++;
398 memset(result, 0, digest_size);
399
400 temp = 0;
401 sg_init_table(sg, template[i].np);
402 ret = -EINVAL;
403 for (k = 0; k < template[i].np; k++) {
404 if (WARN_ON(offset_in_page(IDX[k]) +
405 template[i].tap[k] > PAGE_SIZE))
406 goto out;
407 sg_set_buf(&sg[k],
408 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
409 offset_in_page(IDX[k]),
410 template[i].plaintext + temp,
411 template[i].tap[k]),
412 template[i].tap[k]);
413 temp += template[i].tap[k];
414 }
415
416 if (template[i].ksize) {
417 if (template[i].ksize > MAX_KEYLEN) {
418 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
419 j, algo, template[i].ksize, MAX_KEYLEN);
420 ret = -EINVAL;
421 goto out;
422 }
423 crypto_ahash_clear_flags(tfm, ~0);
424 memcpy(key, template[i].key, template[i].ksize);
425 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
426
427 if (ret) {
428 printk(KERN_ERR "alg: hash: setkey "
429 "failed on chunking test %d "
430 "for %s: ret=%d\n", j, algo, -ret);
431 goto out;
432 }
433 }
434
435 ahash_request_set_crypt(req, sg, result, template[i].psize);
436 ret = crypto_wait_req(crypto_ahash_digest(req), &wait);
437 if (ret) {
438 pr_err("alg: hash: digest failed on chunking test %d for %s: ret=%d\n",
439 j, algo, -ret);
440 goto out;
441 }
442
443 if (memcmp(result, template[i].digest,
444 crypto_ahash_digestsize(tfm))) {
445 printk(KERN_ERR "alg: hash: Chunking test %d "
446 "failed for %s\n", j, algo);
447 hexdump(result, crypto_ahash_digestsize(tfm));
448 ret = -EINVAL;
449 goto out;
450 }
451 }
452
453 /* partial update exercise */
454 j = 0;
455 for (i = 0; i < tcount; i++) {
456 /* alignment tests are only done with continuous buffers */
457 if (align_offset != 0)
458 break;
459
460 if (template[i].np < 2)
461 continue;
462
463 j++;
464 memset(result, 0, digest_size);
465
466 ret = -EINVAL;
467 hash_buff = xbuf[0];
468 memcpy(hash_buff, template[i].plaintext,
469 template[i].tap[0]);
470 sg_init_one(&sg[0], hash_buff, template[i].tap[0]);
471
472 if (template[i].ksize) {
473 crypto_ahash_clear_flags(tfm, ~0);
474 if (template[i].ksize > MAX_KEYLEN) {
475 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
476 j, algo, template[i].ksize, MAX_KEYLEN);
477 ret = -EINVAL;
478 goto out;
479 }
480 memcpy(key, template[i].key, template[i].ksize);
481 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
482 if (ret) {
483 pr_err("alg: hash: setkey failed on test %d for %s: ret=%d\n",
484 j, algo, -ret);
485 goto out;
486 }
487 }
488
489 ahash_request_set_crypt(req, sg, result, template[i].tap[0]);
490 ret = crypto_wait_req(crypto_ahash_init(req), &wait);
491 if (ret) {
492 pr_err("alg: hash: init failed on test %d for %s: ret=%d\n",
493 j, algo, -ret);
494 goto out;
495 }
496 ret = crypto_wait_req(crypto_ahash_update(req), &wait);
497 if (ret) {
498 pr_err("alg: hash: update failed on test %d for %s: ret=%d\n",
499 j, algo, -ret);
500 goto out;
501 }
502
503 temp = template[i].tap[0];
504 for (k = 1; k < template[i].np; k++) {
505 ret = ahash_partial_update(&req, tfm, &template[i],
506 hash_buff, k, temp, &sg[0], algo, result,
507 &wait);
508 if (ret) {
509 pr_err("alg: hash: partial update failed on test %d for %s: ret=%d\n",
510 j, algo, -ret);
511 goto out_noreq;
512 }
513 temp += template[i].tap[k];
514 }
515 ret = crypto_wait_req(crypto_ahash_final(req), &wait);
516 if (ret) {
517 pr_err("alg: hash: final failed on test %d for %s: ret=%d\n",
518 j, algo, -ret);
519 goto out;
520 }
521 if (memcmp(result, template[i].digest,
522 crypto_ahash_digestsize(tfm))) {
523 pr_err("alg: hash: Partial Test %d failed for %s\n",
524 j, algo);
525 hexdump(result, crypto_ahash_digestsize(tfm));
526 ret = -EINVAL;
527 goto out;
528 }
529 }
530
531 ret = 0;
532
533 out:
534 ahash_request_free(req);
535 out_noreq:
536 testmgr_free_buf(xbuf);
537 out_nobuf:
538 kfree(key);
539 kfree(result);
540 return ret;
541 }
542
543 static int test_hash(struct crypto_ahash *tfm,
544 const struct hash_testvec *template,
545 unsigned int tcount, bool use_digest)
546 {
547 unsigned int alignmask;
548 int ret;
549
550 ret = __test_hash(tfm, template, tcount, use_digest, 0);
551 if (ret)
552 return ret;
553
554 /* test unaligned buffers, check with one byte offset */
555 ret = __test_hash(tfm, template, tcount, use_digest, 1);
556 if (ret)
557 return ret;
558
559 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
560 if (alignmask) {
561 /* Check if alignment mask for tfm is correctly set. */
562 ret = __test_hash(tfm, template, tcount, use_digest,
563 alignmask + 1);
564 if (ret)
565 return ret;
566 }
567
568 return 0;
569 }
570
571 static int __test_aead(struct crypto_aead *tfm, int enc,
572 const struct aead_testvec *template, unsigned int tcount,
573 const bool diff_dst, const int align_offset)
574 {
575 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
576 unsigned int i, j, k, n, temp;
577 int ret = -ENOMEM;
578 char *q;
579 char *key;
580 struct aead_request *req;
581 struct scatterlist *sg;
582 struct scatterlist *sgout;
583 const char *e, *d;
584 struct crypto_wait wait;
585 unsigned int authsize, iv_len;
586 void *input;
587 void *output;
588 void *assoc;
589 char *iv;
590 char *xbuf[XBUFSIZE];
591 char *xoutbuf[XBUFSIZE];
592 char *axbuf[XBUFSIZE];
593
594 iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
595 if (!iv)
596 return ret;
597 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
598 if (!key)
599 goto out_noxbuf;
600 if (testmgr_alloc_buf(xbuf))
601 goto out_noxbuf;
602 if (testmgr_alloc_buf(axbuf))
603 goto out_noaxbuf;
604 if (diff_dst && testmgr_alloc_buf(xoutbuf))
605 goto out_nooutbuf;
606
607 /* avoid "the frame size is larger than 1024 bytes" compiler warning */
608 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
609 if (!sg)
610 goto out_nosg;
611 sgout = &sg[16];
612
613 if (diff_dst)
614 d = "-ddst";
615 else
616 d = "";
617
618 if (enc == ENCRYPT)
619 e = "encryption";
620 else
621 e = "decryption";
622
623 crypto_init_wait(&wait);
624
625 req = aead_request_alloc(tfm, GFP_KERNEL);
626 if (!req) {
627 pr_err("alg: aead%s: Failed to allocate request for %s\n",
628 d, algo);
629 goto out;
630 }
631
632 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
633 crypto_req_done, &wait);
634
635 iv_len = crypto_aead_ivsize(tfm);
636
637 for (i = 0, j = 0; i < tcount; i++) {
638 if (template[i].np)
639 continue;
640
641 j++;
642
643 /* some templates have no input data but they will
644 * touch input
645 */
646 input = xbuf[0];
647 input += align_offset;
648 assoc = axbuf[0];
649
650 ret = -EINVAL;
651 if (WARN_ON(align_offset + template[i].ilen >
652 PAGE_SIZE || template[i].alen > PAGE_SIZE))
653 goto out;
654
655 memcpy(input, template[i].input, template[i].ilen);
656 memcpy(assoc, template[i].assoc, template[i].alen);
657 if (template[i].iv)
658 memcpy(iv, template[i].iv, iv_len);
659 else
660 memset(iv, 0, iv_len);
661
662 crypto_aead_clear_flags(tfm, ~0);
663 if (template[i].wk)
664 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
665
666 if (template[i].klen > MAX_KEYLEN) {
667 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
668 d, j, algo, template[i].klen,
669 MAX_KEYLEN);
670 ret = -EINVAL;
671 goto out;
672 }
673 memcpy(key, template[i].key, template[i].klen);
674
675 ret = crypto_aead_setkey(tfm, key, template[i].klen);
676 if (template[i].fail == !ret) {
677 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
678 d, j, algo, crypto_aead_get_flags(tfm));
679 goto out;
680 } else if (ret)
681 continue;
682
683 authsize = abs(template[i].rlen - template[i].ilen);
684 ret = crypto_aead_setauthsize(tfm, authsize);
685 if (ret) {
686 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
687 d, authsize, j, algo);
688 goto out;
689 }
690
691 k = !!template[i].alen;
692 sg_init_table(sg, k + 1);
693 sg_set_buf(&sg[0], assoc, template[i].alen);
694 sg_set_buf(&sg[k], input,
695 template[i].ilen + (enc ? authsize : 0));
696 output = input;
697
698 if (diff_dst) {
699 sg_init_table(sgout, k + 1);
700 sg_set_buf(&sgout[0], assoc, template[i].alen);
701
702 output = xoutbuf[0];
703 output += align_offset;
704 sg_set_buf(&sgout[k], output,
705 template[i].rlen + (enc ? 0 : authsize));
706 }
707
708 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
709 template[i].ilen, iv);
710
711 aead_request_set_ad(req, template[i].alen);
712
713 ret = crypto_wait_req(enc ? crypto_aead_encrypt(req)
714 : crypto_aead_decrypt(req), &wait);
715
716 switch (ret) {
717 case 0:
718 if (template[i].novrfy) {
719 /* verification was supposed to fail */
720 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
721 d, e, j, algo);
722 /* so really, we got a bad message */
723 ret = -EBADMSG;
724 goto out;
725 }
726 break;
727 case -EBADMSG:
728 if (template[i].novrfy)
729 /* verification failure was expected */
730 continue;
731 /* fall through */
732 default:
733 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
734 d, e, j, algo, -ret);
735 goto out;
736 }
737
738 q = output;
739 if (memcmp(q, template[i].result, template[i].rlen)) {
740 pr_err("alg: aead%s: Test %d failed on %s for %s\n",
741 d, j, e, algo);
742 hexdump(q, template[i].rlen);
743 ret = -EINVAL;
744 goto out;
745 }
746 }
747
748 for (i = 0, j = 0; i < tcount; i++) {
749 /* alignment tests are only done with continuous buffers */
750 if (align_offset != 0)
751 break;
752
753 if (!template[i].np)
754 continue;
755
756 j++;
757
758 if (template[i].iv)
759 memcpy(iv, template[i].iv, iv_len);
760 else
761 memset(iv, 0, MAX_IVLEN);
762
763 crypto_aead_clear_flags(tfm, ~0);
764 if (template[i].wk)
765 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
766 if (template[i].klen > MAX_KEYLEN) {
767 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
768 d, j, algo, template[i].klen, MAX_KEYLEN);
769 ret = -EINVAL;
770 goto out;
771 }
772 memcpy(key, template[i].key, template[i].klen);
773
774 ret = crypto_aead_setkey(tfm, key, template[i].klen);
775 if (template[i].fail == !ret) {
776 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
777 d, j, algo, crypto_aead_get_flags(tfm));
778 goto out;
779 } else if (ret)
780 continue;
781
782 authsize = abs(template[i].rlen - template[i].ilen);
783
784 ret = -EINVAL;
785 sg_init_table(sg, template[i].anp + template[i].np);
786 if (diff_dst)
787 sg_init_table(sgout, template[i].anp + template[i].np);
788
789 ret = -EINVAL;
790 for (k = 0, temp = 0; k < template[i].anp; k++) {
791 if (WARN_ON(offset_in_page(IDX[k]) +
792 template[i].atap[k] > PAGE_SIZE))
793 goto out;
794 sg_set_buf(&sg[k],
795 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
796 offset_in_page(IDX[k]),
797 template[i].assoc + temp,
798 template[i].atap[k]),
799 template[i].atap[k]);
800 if (diff_dst)
801 sg_set_buf(&sgout[k],
802 axbuf[IDX[k] >> PAGE_SHIFT] +
803 offset_in_page(IDX[k]),
804 template[i].atap[k]);
805 temp += template[i].atap[k];
806 }
807
808 for (k = 0, temp = 0; k < template[i].np; k++) {
809 if (WARN_ON(offset_in_page(IDX[k]) +
810 template[i].tap[k] > PAGE_SIZE))
811 goto out;
812
813 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
814 memcpy(q, template[i].input + temp, template[i].tap[k]);
815 sg_set_buf(&sg[template[i].anp + k],
816 q, template[i].tap[k]);
817
818 if (diff_dst) {
819 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
820 offset_in_page(IDX[k]);
821
822 memset(q, 0, template[i].tap[k]);
823
824 sg_set_buf(&sgout[template[i].anp + k],
825 q, template[i].tap[k]);
826 }
827
828 n = template[i].tap[k];
829 if (k == template[i].np - 1 && enc)
830 n += authsize;
831 if (offset_in_page(q) + n < PAGE_SIZE)
832 q[n] = 0;
833
834 temp += template[i].tap[k];
835 }
836
837 ret = crypto_aead_setauthsize(tfm, authsize);
838 if (ret) {
839 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
840 d, authsize, j, algo);
841 goto out;
842 }
843
844 if (enc) {
845 if (WARN_ON(sg[template[i].anp + k - 1].offset +
846 sg[template[i].anp + k - 1].length +
847 authsize > PAGE_SIZE)) {
848 ret = -EINVAL;
849 goto out;
850 }
851
852 if (diff_dst)
853 sgout[template[i].anp + k - 1].length +=
854 authsize;
855 sg[template[i].anp + k - 1].length += authsize;
856 }
857
858 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
859 template[i].ilen,
860 iv);
861
862 aead_request_set_ad(req, template[i].alen);
863
864 ret = crypto_wait_req(enc ? crypto_aead_encrypt(req)
865 : crypto_aead_decrypt(req), &wait);
866
867 switch (ret) {
868 case 0:
869 if (template[i].novrfy) {
870 /* verification was supposed to fail */
871 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
872 d, e, j, algo);
873 /* so really, we got a bad message */
874 ret = -EBADMSG;
875 goto out;
876 }
877 break;
878 case -EBADMSG:
879 if (template[i].novrfy)
880 /* verification failure was expected */
881 continue;
882 /* fall through */
883 default:
884 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
885 d, e, j, algo, -ret);
886 goto out;
887 }
888
889 ret = -EINVAL;
890 for (k = 0, temp = 0; k < template[i].np; k++) {
891 if (diff_dst)
892 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
893 offset_in_page(IDX[k]);
894 else
895 q = xbuf[IDX[k] >> PAGE_SHIFT] +
896 offset_in_page(IDX[k]);
897
898 n = template[i].tap[k];
899 if (k == template[i].np - 1)
900 n += enc ? authsize : -authsize;
901
902 if (memcmp(q, template[i].result + temp, n)) {
903 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
904 d, j, e, k, algo);
905 hexdump(q, n);
906 goto out;
907 }
908
909 q += n;
910 if (k == template[i].np - 1 && !enc) {
911 if (!diff_dst &&
912 memcmp(q, template[i].input +
913 temp + n, authsize))
914 n = authsize;
915 else
916 n = 0;
917 } else {
918 for (n = 0; offset_in_page(q + n) && q[n]; n++)
919 ;
920 }
921 if (n) {
922 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
923 d, j, e, k, algo, n);
924 hexdump(q, n);
925 goto out;
926 }
927
928 temp += template[i].tap[k];
929 }
930 }
931
932 ret = 0;
933
934 out:
935 aead_request_free(req);
936 kfree(sg);
937 out_nosg:
938 if (diff_dst)
939 testmgr_free_buf(xoutbuf);
940 out_nooutbuf:
941 testmgr_free_buf(axbuf);
942 out_noaxbuf:
943 testmgr_free_buf(xbuf);
944 out_noxbuf:
945 kfree(key);
946 kfree(iv);
947 return ret;
948 }
949
950 static int test_aead(struct crypto_aead *tfm, int enc,
951 const struct aead_testvec *template, unsigned int tcount)
952 {
953 unsigned int alignmask;
954 int ret;
955
956 /* test 'dst == src' case */
957 ret = __test_aead(tfm, enc, template, tcount, false, 0);
958 if (ret)
959 return ret;
960
961 /* test 'dst != src' case */
962 ret = __test_aead(tfm, enc, template, tcount, true, 0);
963 if (ret)
964 return ret;
965
966 /* test unaligned buffers, check with one byte offset */
967 ret = __test_aead(tfm, enc, template, tcount, true, 1);
968 if (ret)
969 return ret;
970
971 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
972 if (alignmask) {
973 /* Check if alignment mask for tfm is correctly set. */
974 ret = __test_aead(tfm, enc, template, tcount, true,
975 alignmask + 1);
976 if (ret)
977 return ret;
978 }
979
980 return 0;
981 }
982
983 static int test_cipher(struct crypto_cipher *tfm, int enc,
984 const struct cipher_testvec *template,
985 unsigned int tcount)
986 {
987 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
988 unsigned int i, j, k;
989 char *q;
990 const char *e;
991 void *data;
992 char *xbuf[XBUFSIZE];
993 int ret = -ENOMEM;
994
995 if (testmgr_alloc_buf(xbuf))
996 goto out_nobuf;
997
998 if (enc == ENCRYPT)
999 e = "encryption";
1000 else
1001 e = "decryption";
1002
1003 j = 0;
1004 for (i = 0; i < tcount; i++) {
1005 if (template[i].np)
1006 continue;
1007
1008 if (fips_enabled && template[i].fips_skip)
1009 continue;
1010
1011 j++;
1012
1013 ret = -EINVAL;
1014 if (WARN_ON(template[i].ilen > PAGE_SIZE))
1015 goto out;
1016
1017 data = xbuf[0];
1018 memcpy(data, template[i].input, template[i].ilen);
1019
1020 crypto_cipher_clear_flags(tfm, ~0);
1021 if (template[i].wk)
1022 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1023
1024 ret = crypto_cipher_setkey(tfm, template[i].key,
1025 template[i].klen);
1026 if (template[i].fail == !ret) {
1027 printk(KERN_ERR "alg: cipher: setkey failed "
1028 "on test %d for %s: flags=%x\n", j,
1029 algo, crypto_cipher_get_flags(tfm));
1030 goto out;
1031 } else if (ret)
1032 continue;
1033
1034 for (k = 0; k < template[i].ilen;
1035 k += crypto_cipher_blocksize(tfm)) {
1036 if (enc)
1037 crypto_cipher_encrypt_one(tfm, data + k,
1038 data + k);
1039 else
1040 crypto_cipher_decrypt_one(tfm, data + k,
1041 data + k);
1042 }
1043
1044 q = data;
1045 if (memcmp(q, template[i].result, template[i].rlen)) {
1046 printk(KERN_ERR "alg: cipher: Test %d failed "
1047 "on %s for %s\n", j, e, algo);
1048 hexdump(q, template[i].rlen);
1049 ret = -EINVAL;
1050 goto out;
1051 }
1052 }
1053
1054 ret = 0;
1055
1056 out:
1057 testmgr_free_buf(xbuf);
1058 out_nobuf:
1059 return ret;
1060 }
1061
1062 static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
1063 const struct cipher_testvec *template,
1064 unsigned int tcount,
1065 const bool diff_dst, const int align_offset)
1066 {
1067 const char *algo =
1068 crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
1069 unsigned int i, j, k, n, temp;
1070 char *q;
1071 struct skcipher_request *req;
1072 struct scatterlist sg[8];
1073 struct scatterlist sgout[8];
1074 const char *e, *d;
1075 struct crypto_wait wait;
1076 void *data;
1077 char iv[MAX_IVLEN];
1078 char *xbuf[XBUFSIZE];
1079 char *xoutbuf[XBUFSIZE];
1080 int ret = -ENOMEM;
1081 unsigned int ivsize = crypto_skcipher_ivsize(tfm);
1082
1083 if (testmgr_alloc_buf(xbuf))
1084 goto out_nobuf;
1085
1086 if (diff_dst && testmgr_alloc_buf(xoutbuf))
1087 goto out_nooutbuf;
1088
1089 if (diff_dst)
1090 d = "-ddst";
1091 else
1092 d = "";
1093
1094 if (enc == ENCRYPT)
1095 e = "encryption";
1096 else
1097 e = "decryption";
1098
1099 crypto_init_wait(&wait);
1100
1101 req = skcipher_request_alloc(tfm, GFP_KERNEL);
1102 if (!req) {
1103 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
1104 d, algo);
1105 goto out;
1106 }
1107
1108 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1109 crypto_req_done, &wait);
1110
1111 j = 0;
1112 for (i = 0; i < tcount; i++) {
1113 if (template[i].np && !template[i].also_non_np)
1114 continue;
1115
1116 if (fips_enabled && template[i].fips_skip)
1117 continue;
1118
1119 if (template[i].iv)
1120 memcpy(iv, template[i].iv, ivsize);
1121 else
1122 memset(iv, 0, MAX_IVLEN);
1123
1124 j++;
1125 ret = -EINVAL;
1126 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
1127 goto out;
1128
1129 data = xbuf[0];
1130 data += align_offset;
1131 memcpy(data, template[i].input, template[i].ilen);
1132
1133 crypto_skcipher_clear_flags(tfm, ~0);
1134 if (template[i].wk)
1135 crypto_skcipher_set_flags(tfm,
1136 CRYPTO_TFM_REQ_WEAK_KEY);
1137
1138 ret = crypto_skcipher_setkey(tfm, template[i].key,
1139 template[i].klen);
1140 if (template[i].fail == !ret) {
1141 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
1142 d, j, algo, crypto_skcipher_get_flags(tfm));
1143 goto out;
1144 } else if (ret)
1145 continue;
1146
1147 sg_init_one(&sg[0], data, template[i].ilen);
1148 if (diff_dst) {
1149 data = xoutbuf[0];
1150 data += align_offset;
1151 sg_init_one(&sgout[0], data, template[i].ilen);
1152 }
1153
1154 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1155 template[i].ilen, iv);
1156 ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) :
1157 crypto_skcipher_decrypt(req), &wait);
1158
1159 if (ret) {
1160 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
1161 d, e, j, algo, -ret);
1162 goto out;
1163 }
1164
1165 q = data;
1166 if (memcmp(q, template[i].result, template[i].rlen)) {
1167 pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
1168 d, j, e, algo);
1169 hexdump(q, template[i].rlen);
1170 ret = -EINVAL;
1171 goto out;
1172 }
1173
1174 if (template[i].iv_out &&
1175 memcmp(iv, template[i].iv_out,
1176 crypto_skcipher_ivsize(tfm))) {
1177 pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n",
1178 d, j, e, algo);
1179 hexdump(iv, crypto_skcipher_ivsize(tfm));
1180 ret = -EINVAL;
1181 goto out;
1182 }
1183 }
1184
1185 j = 0;
1186 for (i = 0; i < tcount; i++) {
1187 /* alignment tests are only done with continuous buffers */
1188 if (align_offset != 0)
1189 break;
1190
1191 if (!template[i].np)
1192 continue;
1193
1194 if (fips_enabled && template[i].fips_skip)
1195 continue;
1196
1197 if (template[i].iv)
1198 memcpy(iv, template[i].iv, ivsize);
1199 else
1200 memset(iv, 0, MAX_IVLEN);
1201
1202 j++;
1203 crypto_skcipher_clear_flags(tfm, ~0);
1204 if (template[i].wk)
1205 crypto_skcipher_set_flags(tfm,
1206 CRYPTO_TFM_REQ_WEAK_KEY);
1207
1208 ret = crypto_skcipher_setkey(tfm, template[i].key,
1209 template[i].klen);
1210 if (template[i].fail == !ret) {
1211 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
1212 d, j, algo, crypto_skcipher_get_flags(tfm));
1213 goto out;
1214 } else if (ret)
1215 continue;
1216
1217 temp = 0;
1218 ret = -EINVAL;
1219 sg_init_table(sg, template[i].np);
1220 if (diff_dst)
1221 sg_init_table(sgout, template[i].np);
1222 for (k = 0; k < template[i].np; k++) {
1223 if (WARN_ON(offset_in_page(IDX[k]) +
1224 template[i].tap[k] > PAGE_SIZE))
1225 goto out;
1226
1227 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
1228
1229 memcpy(q, template[i].input + temp, template[i].tap[k]);
1230
1231 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
1232 q[template[i].tap[k]] = 0;
1233
1234 sg_set_buf(&sg[k], q, template[i].tap[k]);
1235 if (diff_dst) {
1236 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1237 offset_in_page(IDX[k]);
1238
1239 sg_set_buf(&sgout[k], q, template[i].tap[k]);
1240
1241 memset(q, 0, template[i].tap[k]);
1242 if (offset_in_page(q) +
1243 template[i].tap[k] < PAGE_SIZE)
1244 q[template[i].tap[k]] = 0;
1245 }
1246
1247 temp += template[i].tap[k];
1248 }
1249
1250 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1251 template[i].ilen, iv);
1252
1253 ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) :
1254 crypto_skcipher_decrypt(req), &wait);
1255
1256 if (ret) {
1257 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
1258 d, e, j, algo, -ret);
1259 goto out;
1260 }
1261
1262 temp = 0;
1263 ret = -EINVAL;
1264 for (k = 0; k < template[i].np; k++) {
1265 if (diff_dst)
1266 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1267 offset_in_page(IDX[k]);
1268 else
1269 q = xbuf[IDX[k] >> PAGE_SHIFT] +
1270 offset_in_page(IDX[k]);
1271
1272 if (memcmp(q, template[i].result + temp,
1273 template[i].tap[k])) {
1274 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
1275 d, j, e, k, algo);
1276 hexdump(q, template[i].tap[k]);
1277 goto out;
1278 }
1279
1280 q += template[i].tap[k];
1281 for (n = 0; offset_in_page(q + n) && q[n]; n++)
1282 ;
1283 if (n) {
1284 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
1285 d, j, e, k, algo, n);
1286 hexdump(q, n);
1287 goto out;
1288 }
1289 temp += template[i].tap[k];
1290 }
1291 }
1292
1293 ret = 0;
1294
1295 out:
1296 skcipher_request_free(req);
1297 if (diff_dst)
1298 testmgr_free_buf(xoutbuf);
1299 out_nooutbuf:
1300 testmgr_free_buf(xbuf);
1301 out_nobuf:
1302 return ret;
1303 }
1304
1305 static int test_skcipher(struct crypto_skcipher *tfm, int enc,
1306 const struct cipher_testvec *template,
1307 unsigned int tcount)
1308 {
1309 unsigned int alignmask;
1310 int ret;
1311
1312 /* test 'dst == src' case */
1313 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1314 if (ret)
1315 return ret;
1316
1317 /* test 'dst != src' case */
1318 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1319 if (ret)
1320 return ret;
1321
1322 /* test unaligned buffers, check with one byte offset */
1323 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1324 if (ret)
1325 return ret;
1326
1327 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1328 if (alignmask) {
1329 /* Check if alignment mask for tfm is correctly set. */
1330 ret = __test_skcipher(tfm, enc, template, tcount, true,
1331 alignmask + 1);
1332 if (ret)
1333 return ret;
1334 }
1335
1336 return 0;
1337 }
1338
1339 static int test_comp(struct crypto_comp *tfm,
1340 const struct comp_testvec *ctemplate,
1341 const struct comp_testvec *dtemplate,
1342 int ctcount, int dtcount)
1343 {
1344 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
1345 unsigned int i;
1346 char result[COMP_BUF_SIZE];
1347 int ret;
1348
1349 for (i = 0; i < ctcount; i++) {
1350 int ilen;
1351 unsigned int dlen = COMP_BUF_SIZE;
1352
1353 memset(result, 0, sizeof (result));
1354
1355 ilen = ctemplate[i].inlen;
1356 ret = crypto_comp_compress(tfm, ctemplate[i].input,
1357 ilen, result, &dlen);
1358 if (ret) {
1359 printk(KERN_ERR "alg: comp: compression failed "
1360 "on test %d for %s: ret=%d\n", i + 1, algo,
1361 -ret);
1362 goto out;
1363 }
1364
1365 if (dlen != ctemplate[i].outlen) {
1366 printk(KERN_ERR "alg: comp: Compression test %d "
1367 "failed for %s: output len = %d\n", i + 1, algo,
1368 dlen);
1369 ret = -EINVAL;
1370 goto out;
1371 }
1372
1373 if (memcmp(result, ctemplate[i].output, dlen)) {
1374 printk(KERN_ERR "alg: comp: Compression test %d "
1375 "failed for %s\n", i + 1, algo);
1376 hexdump(result, dlen);
1377 ret = -EINVAL;
1378 goto out;
1379 }
1380 }
1381
1382 for (i = 0; i < dtcount; i++) {
1383 int ilen;
1384 unsigned int dlen = COMP_BUF_SIZE;
1385
1386 memset(result, 0, sizeof (result));
1387
1388 ilen = dtemplate[i].inlen;
1389 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
1390 ilen, result, &dlen);
1391 if (ret) {
1392 printk(KERN_ERR "alg: comp: decompression failed "
1393 "on test %d for %s: ret=%d\n", i + 1, algo,
1394 -ret);
1395 goto out;
1396 }
1397
1398 if (dlen != dtemplate[i].outlen) {
1399 printk(KERN_ERR "alg: comp: Decompression test %d "
1400 "failed for %s: output len = %d\n", i + 1, algo,
1401 dlen);
1402 ret = -EINVAL;
1403 goto out;
1404 }
1405
1406 if (memcmp(result, dtemplate[i].output, dlen)) {
1407 printk(KERN_ERR "alg: comp: Decompression test %d "
1408 "failed for %s\n", i + 1, algo);
1409 hexdump(result, dlen);
1410 ret = -EINVAL;
1411 goto out;
1412 }
1413 }
1414
1415 ret = 0;
1416
1417 out:
1418 return ret;
1419 }
1420
1421 static int test_acomp(struct crypto_acomp *tfm,
1422 const struct comp_testvec *ctemplate,
1423 const struct comp_testvec *dtemplate,
1424 int ctcount, int dtcount)
1425 {
1426 const char *algo = crypto_tfm_alg_driver_name(crypto_acomp_tfm(tfm));
1427 unsigned int i;
1428 char *output, *decomp_out;
1429 int ret;
1430 struct scatterlist src, dst;
1431 struct acomp_req *req;
1432 struct crypto_wait wait;
1433
1434 output = kmalloc(COMP_BUF_SIZE, GFP_KERNEL);
1435 if (!output)
1436 return -ENOMEM;
1437
1438 decomp_out = kmalloc(COMP_BUF_SIZE, GFP_KERNEL);
1439 if (!decomp_out) {
1440 kfree(output);
1441 return -ENOMEM;
1442 }
1443
1444 for (i = 0; i < ctcount; i++) {
1445 unsigned int dlen = COMP_BUF_SIZE;
1446 int ilen = ctemplate[i].inlen;
1447 void *input_vec;
1448
1449 input_vec = kmemdup(ctemplate[i].input, ilen, GFP_KERNEL);
1450 if (!input_vec) {
1451 ret = -ENOMEM;
1452 goto out;
1453 }
1454
1455 memset(output, 0, dlen);
1456 crypto_init_wait(&wait);
1457 sg_init_one(&src, input_vec, ilen);
1458 sg_init_one(&dst, output, dlen);
1459
1460 req = acomp_request_alloc(tfm);
1461 if (!req) {
1462 pr_err("alg: acomp: request alloc failed for %s\n",
1463 algo);
1464 kfree(input_vec);
1465 ret = -ENOMEM;
1466 goto out;
1467 }
1468
1469 acomp_request_set_params(req, &src, &dst, ilen, dlen);
1470 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1471 crypto_req_done, &wait);
1472
1473 ret = crypto_wait_req(crypto_acomp_compress(req), &wait);
1474 if (ret) {
1475 pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n",
1476 i + 1, algo, -ret);
1477 kfree(input_vec);
1478 acomp_request_free(req);
1479 goto out;
1480 }
1481
1482 ilen = req->dlen;
1483 dlen = COMP_BUF_SIZE;
1484 sg_init_one(&src, output, ilen);
1485 sg_init_one(&dst, decomp_out, dlen);
1486 crypto_init_wait(&wait);
1487 acomp_request_set_params(req, &src, &dst, ilen, dlen);
1488
1489 ret = crypto_wait_req(crypto_acomp_decompress(req), &wait);
1490 if (ret) {
1491 pr_err("alg: acomp: compression failed on test %d for %s: ret=%d\n",
1492 i + 1, algo, -ret);
1493 kfree(input_vec);
1494 acomp_request_free(req);
1495 goto out;
1496 }
1497
1498 if (req->dlen != ctemplate[i].inlen) {
1499 pr_err("alg: acomp: Compression test %d failed for %s: output len = %d\n",
1500 i + 1, algo, req->dlen);
1501 ret = -EINVAL;
1502 kfree(input_vec);
1503 acomp_request_free(req);
1504 goto out;
1505 }
1506
1507 if (memcmp(input_vec, decomp_out, req->dlen)) {
1508 pr_err("alg: acomp: Compression test %d failed for %s\n",
1509 i + 1, algo);
1510 hexdump(output, req->dlen);
1511 ret = -EINVAL;
1512 kfree(input_vec);
1513 acomp_request_free(req);
1514 goto out;
1515 }
1516
1517 kfree(input_vec);
1518 acomp_request_free(req);
1519 }
1520
1521 for (i = 0; i < dtcount; i++) {
1522 unsigned int dlen = COMP_BUF_SIZE;
1523 int ilen = dtemplate[i].inlen;
1524 void *input_vec;
1525
1526 input_vec = kmemdup(dtemplate[i].input, ilen, GFP_KERNEL);
1527 if (!input_vec) {
1528 ret = -ENOMEM;
1529 goto out;
1530 }
1531
1532 memset(output, 0, dlen);
1533 crypto_init_wait(&wait);
1534 sg_init_one(&src, input_vec, ilen);
1535 sg_init_one(&dst, output, dlen);
1536
1537 req = acomp_request_alloc(tfm);
1538 if (!req) {
1539 pr_err("alg: acomp: request alloc failed for %s\n",
1540 algo);
1541 kfree(input_vec);
1542 ret = -ENOMEM;
1543 goto out;
1544 }
1545
1546 acomp_request_set_params(req, &src, &dst, ilen, dlen);
1547 acomp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1548 crypto_req_done, &wait);
1549
1550 ret = crypto_wait_req(crypto_acomp_decompress(req), &wait);
1551 if (ret) {
1552 pr_err("alg: acomp: decompression failed on test %d for %s: ret=%d\n",
1553 i + 1, algo, -ret);
1554 kfree(input_vec);
1555 acomp_request_free(req);
1556 goto out;
1557 }
1558
1559 if (req->dlen != dtemplate[i].outlen) {
1560 pr_err("alg: acomp: Decompression test %d failed for %s: output len = %d\n",
1561 i + 1, algo, req->dlen);
1562 ret = -EINVAL;
1563 kfree(input_vec);
1564 acomp_request_free(req);
1565 goto out;
1566 }
1567
1568 if (memcmp(output, dtemplate[i].output, req->dlen)) {
1569 pr_err("alg: acomp: Decompression test %d failed for %s\n",
1570 i + 1, algo);
1571 hexdump(output, req->dlen);
1572 ret = -EINVAL;
1573 kfree(input_vec);
1574 acomp_request_free(req);
1575 goto out;
1576 }
1577
1578 kfree(input_vec);
1579 acomp_request_free(req);
1580 }
1581
1582 ret = 0;
1583
1584 out:
1585 kfree(decomp_out);
1586 kfree(output);
1587 return ret;
1588 }
1589
1590 static int test_cprng(struct crypto_rng *tfm,
1591 const struct cprng_testvec *template,
1592 unsigned int tcount)
1593 {
1594 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
1595 int err = 0, i, j, seedsize;
1596 u8 *seed;
1597 char result[32];
1598
1599 seedsize = crypto_rng_seedsize(tfm);
1600
1601 seed = kmalloc(seedsize, GFP_KERNEL);
1602 if (!seed) {
1603 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
1604 "for %s\n", algo);
1605 return -ENOMEM;
1606 }
1607
1608 for (i = 0; i < tcount; i++) {
1609 memset(result, 0, 32);
1610
1611 memcpy(seed, template[i].v, template[i].vlen);
1612 memcpy(seed + template[i].vlen, template[i].key,
1613 template[i].klen);
1614 memcpy(seed + template[i].vlen + template[i].klen,
1615 template[i].dt, template[i].dtlen);
1616
1617 err = crypto_rng_reset(tfm, seed, seedsize);
1618 if (err) {
1619 printk(KERN_ERR "alg: cprng: Failed to reset rng "
1620 "for %s\n", algo);
1621 goto out;
1622 }
1623
1624 for (j = 0; j < template[i].loops; j++) {
1625 err = crypto_rng_get_bytes(tfm, result,
1626 template[i].rlen);
1627 if (err < 0) {
1628 printk(KERN_ERR "alg: cprng: Failed to obtain "
1629 "the correct amount of random data for "
1630 "%s (requested %d)\n", algo,
1631 template[i].rlen);
1632 goto out;
1633 }
1634 }
1635
1636 err = memcmp(result, template[i].result,
1637 template[i].rlen);
1638 if (err) {
1639 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
1640 i, algo);
1641 hexdump(result, template[i].rlen);
1642 err = -EINVAL;
1643 goto out;
1644 }
1645 }
1646
1647 out:
1648 kfree(seed);
1649 return err;
1650 }
1651
1652 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
1653 u32 type, u32 mask)
1654 {
1655 struct crypto_aead *tfm;
1656 int err = 0;
1657
1658 tfm = crypto_alloc_aead(driver, type, mask);
1659 if (IS_ERR(tfm)) {
1660 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
1661 "%ld\n", driver, PTR_ERR(tfm));
1662 return PTR_ERR(tfm);
1663 }
1664
1665 if (desc->suite.aead.enc.vecs) {
1666 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
1667 desc->suite.aead.enc.count);
1668 if (err)
1669 goto out;
1670 }
1671
1672 if (!err && desc->suite.aead.dec.vecs)
1673 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
1674 desc->suite.aead.dec.count);
1675
1676 out:
1677 crypto_free_aead(tfm);
1678 return err;
1679 }
1680
1681 static int alg_test_cipher(const struct alg_test_desc *desc,
1682 const char *driver, u32 type, u32 mask)
1683 {
1684 struct crypto_cipher *tfm;
1685 int err = 0;
1686
1687 tfm = crypto_alloc_cipher(driver, type, mask);
1688 if (IS_ERR(tfm)) {
1689 printk(KERN_ERR "alg: cipher: Failed to load transform for "
1690 "%s: %ld\n", driver, PTR_ERR(tfm));
1691 return PTR_ERR(tfm);
1692 }
1693
1694 if (desc->suite.cipher.enc.vecs) {
1695 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1696 desc->suite.cipher.enc.count);
1697 if (err)
1698 goto out;
1699 }
1700
1701 if (desc->suite.cipher.dec.vecs)
1702 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1703 desc->suite.cipher.dec.count);
1704
1705 out:
1706 crypto_free_cipher(tfm);
1707 return err;
1708 }
1709
1710 static int alg_test_skcipher(const struct alg_test_desc *desc,
1711 const char *driver, u32 type, u32 mask)
1712 {
1713 struct crypto_skcipher *tfm;
1714 int err = 0;
1715
1716 tfm = crypto_alloc_skcipher(driver, type, mask);
1717 if (IS_ERR(tfm)) {
1718 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
1719 "%s: %ld\n", driver, PTR_ERR(tfm));
1720 return PTR_ERR(tfm);
1721 }
1722
1723 if (desc->suite.cipher.enc.vecs) {
1724 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1725 desc->suite.cipher.enc.count);
1726 if (err)
1727 goto out;
1728 }
1729
1730 if (desc->suite.cipher.dec.vecs)
1731 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1732 desc->suite.cipher.dec.count);
1733
1734 out:
1735 crypto_free_skcipher(tfm);
1736 return err;
1737 }
1738
1739 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
1740 u32 type, u32 mask)
1741 {
1742 struct crypto_comp *comp;
1743 struct crypto_acomp *acomp;
1744 int err;
1745 u32 algo_type = type & CRYPTO_ALG_TYPE_ACOMPRESS_MASK;
1746
1747 if (algo_type == CRYPTO_ALG_TYPE_ACOMPRESS) {
1748 acomp = crypto_alloc_acomp(driver, type, mask);
1749 if (IS_ERR(acomp)) {
1750 pr_err("alg: acomp: Failed to load transform for %s: %ld\n",
1751 driver, PTR_ERR(acomp));
1752 return PTR_ERR(acomp);
1753 }
1754 err = test_acomp(acomp, desc->suite.comp.comp.vecs,
1755 desc->suite.comp.decomp.vecs,
1756 desc->suite.comp.comp.count,
1757 desc->suite.comp.decomp.count);
1758 crypto_free_acomp(acomp);
1759 } else {
1760 comp = crypto_alloc_comp(driver, type, mask);
1761 if (IS_ERR(comp)) {
1762 pr_err("alg: comp: Failed to load transform for %s: %ld\n",
1763 driver, PTR_ERR(comp));
1764 return PTR_ERR(comp);
1765 }
1766
1767 err = test_comp(comp, desc->suite.comp.comp.vecs,
1768 desc->suite.comp.decomp.vecs,
1769 desc->suite.comp.comp.count,
1770 desc->suite.comp.decomp.count);
1771
1772 crypto_free_comp(comp);
1773 }
1774 return err;
1775 }
1776
1777 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
1778 u32 type, u32 mask)
1779 {
1780 struct crypto_ahash *tfm;
1781 int err;
1782
1783 tfm = crypto_alloc_ahash(driver, type, mask);
1784 if (IS_ERR(tfm)) {
1785 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
1786 "%ld\n", driver, PTR_ERR(tfm));
1787 return PTR_ERR(tfm);
1788 }
1789
1790 err = test_hash(tfm, desc->suite.hash.vecs,
1791 desc->suite.hash.count, true);
1792 if (!err)
1793 err = test_hash(tfm, desc->suite.hash.vecs,
1794 desc->suite.hash.count, false);
1795
1796 crypto_free_ahash(tfm);
1797 return err;
1798 }
1799
1800 static int alg_test_crc32c(const struct alg_test_desc *desc,
1801 const char *driver, u32 type, u32 mask)
1802 {
1803 struct crypto_shash *tfm;
1804 u32 val;
1805 int err;
1806
1807 err = alg_test_hash(desc, driver, type, mask);
1808 if (err)
1809 goto out;
1810
1811 tfm = crypto_alloc_shash(driver, type, mask);
1812 if (IS_ERR(tfm)) {
1813 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
1814 "%ld\n", driver, PTR_ERR(tfm));
1815 err = PTR_ERR(tfm);
1816 goto out;
1817 }
1818
1819 do {
1820 SHASH_DESC_ON_STACK(shash, tfm);
1821 u32 *ctx = (u32 *)shash_desc_ctx(shash);
1822
1823 shash->tfm = tfm;
1824 shash->flags = 0;
1825
1826 *ctx = le32_to_cpu(420553207);
1827 err = crypto_shash_final(shash, (u8 *)&val);
1828 if (err) {
1829 printk(KERN_ERR "alg: crc32c: Operation failed for "
1830 "%s: %d\n", driver, err);
1831 break;
1832 }
1833
1834 if (val != ~420553207) {
1835 printk(KERN_ERR "alg: crc32c: Test failed for %s: "
1836 "%d\n", driver, val);
1837 err = -EINVAL;
1838 }
1839 } while (0);
1840
1841 crypto_free_shash(tfm);
1842
1843 out:
1844 return err;
1845 }
1846
1847 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1848 u32 type, u32 mask)
1849 {
1850 struct crypto_rng *rng;
1851 int err;
1852
1853 rng = crypto_alloc_rng(driver, type, mask);
1854 if (IS_ERR(rng)) {
1855 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
1856 "%ld\n", driver, PTR_ERR(rng));
1857 return PTR_ERR(rng);
1858 }
1859
1860 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
1861
1862 crypto_free_rng(rng);
1863
1864 return err;
1865 }
1866
1867
1868 static int drbg_cavs_test(const struct drbg_testvec *test, int pr,
1869 const char *driver, u32 type, u32 mask)
1870 {
1871 int ret = -EAGAIN;
1872 struct crypto_rng *drng;
1873 struct drbg_test_data test_data;
1874 struct drbg_string addtl, pers, testentropy;
1875 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
1876
1877 if (!buf)
1878 return -ENOMEM;
1879
1880 drng = crypto_alloc_rng(driver, type, mask);
1881 if (IS_ERR(drng)) {
1882 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
1883 "%s\n", driver);
1884 kzfree(buf);
1885 return -ENOMEM;
1886 }
1887
1888 test_data.testentropy = &testentropy;
1889 drbg_string_fill(&testentropy, test->entropy, test->entropylen);
1890 drbg_string_fill(&pers, test->pers, test->perslen);
1891 ret = crypto_drbg_reset_test(drng, &pers, &test_data);
1892 if (ret) {
1893 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
1894 goto outbuf;
1895 }
1896
1897 drbg_string_fill(&addtl, test->addtla, test->addtllen);
1898 if (pr) {
1899 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
1900 ret = crypto_drbg_get_bytes_addtl_test(drng,
1901 buf, test->expectedlen, &addtl, &test_data);
1902 } else {
1903 ret = crypto_drbg_get_bytes_addtl(drng,
1904 buf, test->expectedlen, &addtl);
1905 }
1906 if (ret < 0) {
1907 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1908 "driver %s\n", driver);
1909 goto outbuf;
1910 }
1911
1912 drbg_string_fill(&addtl, test->addtlb, test->addtllen);
1913 if (pr) {
1914 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
1915 ret = crypto_drbg_get_bytes_addtl_test(drng,
1916 buf, test->expectedlen, &addtl, &test_data);
1917 } else {
1918 ret = crypto_drbg_get_bytes_addtl(drng,
1919 buf, test->expectedlen, &addtl);
1920 }
1921 if (ret < 0) {
1922 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1923 "driver %s\n", driver);
1924 goto outbuf;
1925 }
1926
1927 ret = memcmp(test->expected, buf, test->expectedlen);
1928
1929 outbuf:
1930 crypto_free_rng(drng);
1931 kzfree(buf);
1932 return ret;
1933 }
1934
1935
1936 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
1937 u32 type, u32 mask)
1938 {
1939 int err = 0;
1940 int pr = 0;
1941 int i = 0;
1942 const struct drbg_testvec *template = desc->suite.drbg.vecs;
1943 unsigned int tcount = desc->suite.drbg.count;
1944
1945 if (0 == memcmp(driver, "drbg_pr_", 8))
1946 pr = 1;
1947
1948 for (i = 0; i < tcount; i++) {
1949 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
1950 if (err) {
1951 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
1952 i, driver);
1953 err = -EINVAL;
1954 break;
1955 }
1956 }
1957 return err;
1958
1959 }
1960
1961 static int do_test_kpp(struct crypto_kpp *tfm, const struct kpp_testvec *vec,
1962 const char *alg)
1963 {
1964 struct kpp_request *req;
1965 void *input_buf = NULL;
1966 void *output_buf = NULL;
1967 void *a_public = NULL;
1968 void *a_ss = NULL;
1969 void *shared_secret = NULL;
1970 struct crypto_wait wait;
1971 unsigned int out_len_max;
1972 int err = -ENOMEM;
1973 struct scatterlist src, dst;
1974
1975 req = kpp_request_alloc(tfm, GFP_KERNEL);
1976 if (!req)
1977 return err;
1978
1979 crypto_init_wait(&wait);
1980
1981 err = crypto_kpp_set_secret(tfm, vec->secret, vec->secret_size);
1982 if (err < 0)
1983 goto free_req;
1984
1985 out_len_max = crypto_kpp_maxsize(tfm);
1986 output_buf = kzalloc(out_len_max, GFP_KERNEL);
1987 if (!output_buf) {
1988 err = -ENOMEM;
1989 goto free_req;
1990 }
1991
1992 /* Use appropriate parameter as base */
1993 kpp_request_set_input(req, NULL, 0);
1994 sg_init_one(&dst, output_buf, out_len_max);
1995 kpp_request_set_output(req, &dst, out_len_max);
1996 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1997 crypto_req_done, &wait);
1998
1999 /* Compute party A's public key */
2000 err = crypto_wait_req(crypto_kpp_generate_public_key(req), &wait);
2001 if (err) {
2002 pr_err("alg: %s: Party A: generate public key test failed. err %d\n",
2003 alg, err);
2004 goto free_output;
2005 }
2006
2007 if (vec->genkey) {
2008 /* Save party A's public key */
2009 a_public = kzalloc(out_len_max, GFP_KERNEL);
2010 if (!a_public) {
2011 err = -ENOMEM;
2012 goto free_output;
2013 }
2014 memcpy(a_public, sg_virt(req->dst), out_len_max);
2015 } else {
2016 /* Verify calculated public key */
2017 if (memcmp(vec->expected_a_public, sg_virt(req->dst),
2018 vec->expected_a_public_size)) {
2019 pr_err("alg: %s: Party A: generate public key test failed. Invalid output\n",
2020 alg);
2021 err = -EINVAL;
2022 goto free_output;
2023 }
2024 }
2025
2026 /* Calculate shared secret key by using counter part (b) public key. */
2027 input_buf = kzalloc(vec->b_public_size, GFP_KERNEL);
2028 if (!input_buf) {
2029 err = -ENOMEM;
2030 goto free_output;
2031 }
2032
2033 memcpy(input_buf, vec->b_public, vec->b_public_size);
2034 sg_init_one(&src, input_buf, vec->b_public_size);
2035 sg_init_one(&dst, output_buf, out_len_max);
2036 kpp_request_set_input(req, &src, vec->b_public_size);
2037 kpp_request_set_output(req, &dst, out_len_max);
2038 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
2039 crypto_req_done, &wait);
2040 err = crypto_wait_req(crypto_kpp_compute_shared_secret(req), &wait);
2041 if (err) {
2042 pr_err("alg: %s: Party A: compute shared secret test failed. err %d\n",
2043 alg, err);
2044 goto free_all;
2045 }
2046
2047 if (vec->genkey) {
2048 /* Save the shared secret obtained by party A */
2049 a_ss = kzalloc(vec->expected_ss_size, GFP_KERNEL);
2050 if (!a_ss) {
2051 err = -ENOMEM;
2052 goto free_all;
2053 }
2054 memcpy(a_ss, sg_virt(req->dst), vec->expected_ss_size);
2055
2056 /*
2057 * Calculate party B's shared secret by using party A's
2058 * public key.
2059 */
2060 err = crypto_kpp_set_secret(tfm, vec->b_secret,
2061 vec->b_secret_size);
2062 if (err < 0)
2063 goto free_all;
2064
2065 sg_init_one(&src, a_public, vec->expected_a_public_size);
2066 sg_init_one(&dst, output_buf, out_len_max);
2067 kpp_request_set_input(req, &src, vec->expected_a_public_size);
2068 kpp_request_set_output(req, &dst, out_len_max);
2069 kpp_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
2070 crypto_req_done, &wait);
2071 err = crypto_wait_req(crypto_kpp_compute_shared_secret(req),
2072 &wait);
2073 if (err) {
2074 pr_err("alg: %s: Party B: compute shared secret failed. err %d\n",
2075 alg, err);
2076 goto free_all;
2077 }
2078
2079 shared_secret = a_ss;
2080 } else {
2081 shared_secret = (void *)vec->expected_ss;
2082 }
2083
2084 /*
2085 * verify shared secret from which the user will derive
2086 * secret key by executing whatever hash it has chosen
2087 */
2088 if (memcmp(shared_secret, sg_virt(req->dst),
2089 vec->expected_ss_size)) {
2090 pr_err("alg: %s: compute shared secret test failed. Invalid output\n",
2091 alg);
2092 err = -EINVAL;
2093 }
2094
2095 free_all:
2096 kfree(a_ss);
2097 kfree(input_buf);
2098 free_output:
2099 kfree(a_public);
2100 kfree(output_buf);
2101 free_req:
2102 kpp_request_free(req);
2103 return err;
2104 }
2105
2106 static int test_kpp(struct crypto_kpp *tfm, const char *alg,
2107 const struct kpp_testvec *vecs, unsigned int tcount)
2108 {
2109 int ret, i;
2110
2111 for (i = 0; i < tcount; i++) {
2112 ret = do_test_kpp(tfm, vecs++, alg);
2113 if (ret) {
2114 pr_err("alg: %s: test failed on vector %d, err=%d\n",
2115 alg, i + 1, ret);
2116 return ret;
2117 }
2118 }
2119 return 0;
2120 }
2121
2122 static int alg_test_kpp(const struct alg_test_desc *desc, const char *driver,
2123 u32 type, u32 mask)
2124 {
2125 struct crypto_kpp *tfm;
2126 int err = 0;
2127
2128 tfm = crypto_alloc_kpp(driver, type, mask);
2129 if (IS_ERR(tfm)) {
2130 pr_err("alg: kpp: Failed to load tfm for %s: %ld\n",
2131 driver, PTR_ERR(tfm));
2132 return PTR_ERR(tfm);
2133 }
2134 if (desc->suite.kpp.vecs)
2135 err = test_kpp(tfm, desc->alg, desc->suite.kpp.vecs,
2136 desc->suite.kpp.count);
2137
2138 crypto_free_kpp(tfm);
2139 return err;
2140 }
2141
2142 static int test_akcipher_one(struct crypto_akcipher *tfm,
2143 const struct akcipher_testvec *vecs)
2144 {
2145 char *xbuf[XBUFSIZE];
2146 struct akcipher_request *req;
2147 void *outbuf_enc = NULL;
2148 void *outbuf_dec = NULL;
2149 struct crypto_wait wait;
2150 unsigned int out_len_max, out_len = 0;
2151 int err = -ENOMEM;
2152 struct scatterlist src, dst, src_tab[2];
2153
2154 if (testmgr_alloc_buf(xbuf))
2155 return err;
2156
2157 req = akcipher_request_alloc(tfm, GFP_KERNEL);
2158 if (!req)
2159 goto free_xbuf;
2160
2161 crypto_init_wait(&wait);
2162
2163 if (vecs->public_key_vec)
2164 err = crypto_akcipher_set_pub_key(tfm, vecs->key,
2165 vecs->key_len);
2166 else
2167 err = crypto_akcipher_set_priv_key(tfm, vecs->key,
2168 vecs->key_len);
2169 if (err)
2170 goto free_req;
2171
2172 err = -ENOMEM;
2173 out_len_max = crypto_akcipher_maxsize(tfm);
2174 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
2175 if (!outbuf_enc)
2176 goto free_req;
2177
2178 if (WARN_ON(vecs->m_size > PAGE_SIZE))
2179 goto free_all;
2180
2181 memcpy(xbuf[0], vecs->m, vecs->m_size);
2182
2183 sg_init_table(src_tab, 2);
2184 sg_set_buf(&src_tab[0], xbuf[0], 8);
2185 sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8);
2186 sg_init_one(&dst, outbuf_enc, out_len_max);
2187 akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size,
2188 out_len_max);
2189 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
2190 crypto_req_done, &wait);
2191
2192 err = crypto_wait_req(vecs->siggen_sigver_test ?
2193 /* Run asymmetric signature generation */
2194 crypto_akcipher_sign(req) :
2195 /* Run asymmetric encrypt */
2196 crypto_akcipher_encrypt(req), &wait);
2197 if (err) {
2198 pr_err("alg: akcipher: encrypt test failed. err %d\n", err);
2199 goto free_all;
2200 }
2201 if (req->dst_len != vecs->c_size) {
2202 pr_err("alg: akcipher: encrypt test failed. Invalid output len\n");
2203 err = -EINVAL;
2204 goto free_all;
2205 }
2206 /* verify that encrypted message is equal to expected */
2207 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
2208 pr_err("alg: akcipher: encrypt test failed. Invalid output\n");
2209 hexdump(outbuf_enc, vecs->c_size);
2210 err = -EINVAL;
2211 goto free_all;
2212 }
2213 /* Don't invoke decrypt for vectors with public key */
2214 if (vecs->public_key_vec) {
2215 err = 0;
2216 goto free_all;
2217 }
2218 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
2219 if (!outbuf_dec) {
2220 err = -ENOMEM;
2221 goto free_all;
2222 }
2223
2224 if (WARN_ON(vecs->c_size > PAGE_SIZE))
2225 goto free_all;
2226
2227 memcpy(xbuf[0], vecs->c, vecs->c_size);
2228
2229 sg_init_one(&src, xbuf[0], vecs->c_size);
2230 sg_init_one(&dst, outbuf_dec, out_len_max);
2231 crypto_init_wait(&wait);
2232 akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max);
2233
2234 err = crypto_wait_req(vecs->siggen_sigver_test ?
2235 /* Run asymmetric signature verification */
2236 crypto_akcipher_verify(req) :
2237 /* Run asymmetric decrypt */
2238 crypto_akcipher_decrypt(req), &wait);
2239 if (err) {
2240 pr_err("alg: akcipher: decrypt test failed. err %d\n", err);
2241 goto free_all;
2242 }
2243 out_len = req->dst_len;
2244 if (out_len < vecs->m_size) {
2245 pr_err("alg: akcipher: decrypt test failed. "
2246 "Invalid output len %u\n", out_len);
2247 err = -EINVAL;
2248 goto free_all;
2249 }
2250 /* verify that decrypted message is equal to the original msg */
2251 if (memchr_inv(outbuf_dec, 0, out_len - vecs->m_size) ||
2252 memcmp(vecs->m, outbuf_dec + out_len - vecs->m_size,
2253 vecs->m_size)) {
2254 pr_err("alg: akcipher: decrypt test failed. Invalid output\n");
2255 hexdump(outbuf_dec, out_len);
2256 err = -EINVAL;
2257 }
2258 free_all:
2259 kfree(outbuf_dec);
2260 kfree(outbuf_enc);
2261 free_req:
2262 akcipher_request_free(req);
2263 free_xbuf:
2264 testmgr_free_buf(xbuf);
2265 return err;
2266 }
2267
2268 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
2269 const struct akcipher_testvec *vecs,
2270 unsigned int tcount)
2271 {
2272 const char *algo =
2273 crypto_tfm_alg_driver_name(crypto_akcipher_tfm(tfm));
2274 int ret, i;
2275
2276 for (i = 0; i < tcount; i++) {
2277 ret = test_akcipher_one(tfm, vecs++);
2278 if (!ret)
2279 continue;
2280
2281 pr_err("alg: akcipher: test %d failed for %s, err=%d\n",
2282 i + 1, algo, ret);
2283 return ret;
2284 }
2285 return 0;
2286 }
2287
2288 static int alg_test_akcipher(const struct alg_test_desc *desc,
2289 const char *driver, u32 type, u32 mask)
2290 {
2291 struct crypto_akcipher *tfm;
2292 int err = 0;
2293
2294 tfm = crypto_alloc_akcipher(driver, type, mask);
2295 if (IS_ERR(tfm)) {
2296 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
2297 driver, PTR_ERR(tfm));
2298 return PTR_ERR(tfm);
2299 }
2300 if (desc->suite.akcipher.vecs)
2301 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
2302 desc->suite.akcipher.count);
2303
2304 crypto_free_akcipher(tfm);
2305 return err;
2306 }
2307
2308 static int alg_test_null(const struct alg_test_desc *desc,
2309 const char *driver, u32 type, u32 mask)
2310 {
2311 return 0;
2312 }
2313
2314 #define __VECS(tv) { .vecs = tv, .count = ARRAY_SIZE(tv) }
2315
2316 /* Please keep this list sorted by algorithm name. */
2317 static const struct alg_test_desc alg_test_descs[] = {
2318 {
2319 .alg = "ansi_cprng",
2320 .test = alg_test_cprng,
2321 .suite = {
2322 .cprng = __VECS(ansi_cprng_aes_tv_template)
2323 }
2324 }, {
2325 .alg = "authenc(hmac(md5),ecb(cipher_null))",
2326 .test = alg_test_aead,
2327 .suite = {
2328 .aead = {
2329 .enc = __VECS(hmac_md5_ecb_cipher_null_enc_tv_template),
2330 .dec = __VECS(hmac_md5_ecb_cipher_null_dec_tv_template)
2331 }
2332 }
2333 }, {
2334 .alg = "authenc(hmac(sha1),cbc(aes))",
2335 .test = alg_test_aead,
2336 .fips_allowed = 1,
2337 .suite = {
2338 .aead = {
2339 .enc = __VECS(hmac_sha1_aes_cbc_enc_tv_temp)
2340 }
2341 }
2342 }, {
2343 .alg = "authenc(hmac(sha1),cbc(des))",
2344 .test = alg_test_aead,
2345 .suite = {
2346 .aead = {
2347 .enc = __VECS(hmac_sha1_des_cbc_enc_tv_temp)
2348 }
2349 }
2350 }, {
2351 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
2352 .test = alg_test_aead,
2353 .fips_allowed = 1,
2354 .suite = {
2355 .aead = {
2356 .enc = __VECS(hmac_sha1_des3_ede_cbc_enc_tv_temp)
2357 }
2358 }
2359 }, {
2360 .alg = "authenc(hmac(sha1),ctr(aes))",
2361 .test = alg_test_null,
2362 .fips_allowed = 1,
2363 }, {
2364 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
2365 .test = alg_test_aead,
2366 .suite = {
2367 .aead = {
2368 .enc = __VECS(hmac_sha1_ecb_cipher_null_enc_tv_temp),
2369 .dec = __VECS(hmac_sha1_ecb_cipher_null_dec_tv_temp)
2370 }
2371 }
2372 }, {
2373 .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
2374 .test = alg_test_null,
2375 .fips_allowed = 1,
2376 }, {
2377 .alg = "authenc(hmac(sha224),cbc(des))",
2378 .test = alg_test_aead,
2379 .suite = {
2380 .aead = {
2381 .enc = __VECS(hmac_sha224_des_cbc_enc_tv_temp)
2382 }
2383 }
2384 }, {
2385 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
2386 .test = alg_test_aead,
2387 .fips_allowed = 1,
2388 .suite = {
2389 .aead = {
2390 .enc = __VECS(hmac_sha224_des3_ede_cbc_enc_tv_temp)
2391 }
2392 }
2393 }, {
2394 .alg = "authenc(hmac(sha256),cbc(aes))",
2395 .test = alg_test_aead,
2396 .fips_allowed = 1,
2397 .suite = {
2398 .aead = {
2399 .enc = __VECS(hmac_sha256_aes_cbc_enc_tv_temp)
2400 }
2401 }
2402 }, {
2403 .alg = "authenc(hmac(sha256),cbc(des))",
2404 .test = alg_test_aead,
2405 .suite = {
2406 .aead = {
2407 .enc = __VECS(hmac_sha256_des_cbc_enc_tv_temp)
2408 }
2409 }
2410 }, {
2411 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
2412 .test = alg_test_aead,
2413 .fips_allowed = 1,
2414 .suite = {
2415 .aead = {
2416 .enc = __VECS(hmac_sha256_des3_ede_cbc_enc_tv_temp)
2417 }
2418 }
2419 }, {
2420 .alg = "authenc(hmac(sha256),ctr(aes))",
2421 .test = alg_test_null,
2422 .fips_allowed = 1,
2423 }, {
2424 .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
2425 .test = alg_test_null,
2426 .fips_allowed = 1,
2427 }, {
2428 .alg = "authenc(hmac(sha384),cbc(des))",
2429 .test = alg_test_aead,
2430 .suite = {
2431 .aead = {
2432 .enc = __VECS(hmac_sha384_des_cbc_enc_tv_temp)
2433 }
2434 }
2435 }, {
2436 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
2437 .test = alg_test_aead,
2438 .fips_allowed = 1,
2439 .suite = {
2440 .aead = {
2441 .enc = __VECS(hmac_sha384_des3_ede_cbc_enc_tv_temp)
2442 }
2443 }
2444 }, {
2445 .alg = "authenc(hmac(sha384),ctr(aes))",
2446 .test = alg_test_null,
2447 .fips_allowed = 1,
2448 }, {
2449 .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
2450 .test = alg_test_null,
2451 .fips_allowed = 1,
2452 }, {
2453 .alg = "authenc(hmac(sha512),cbc(aes))",
2454 .fips_allowed = 1,
2455 .test = alg_test_aead,
2456 .suite = {
2457 .aead = {
2458 .enc = __VECS(hmac_sha512_aes_cbc_enc_tv_temp)
2459 }
2460 }
2461 }, {
2462 .alg = "authenc(hmac(sha512),cbc(des))",
2463 .test = alg_test_aead,
2464 .suite = {
2465 .aead = {
2466 .enc = __VECS(hmac_sha512_des_cbc_enc_tv_temp)
2467 }
2468 }
2469 }, {
2470 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
2471 .test = alg_test_aead,
2472 .fips_allowed = 1,
2473 .suite = {
2474 .aead = {
2475 .enc = __VECS(hmac_sha512_des3_ede_cbc_enc_tv_temp)
2476 }
2477 }
2478 }, {
2479 .alg = "authenc(hmac(sha512),ctr(aes))",
2480 .test = alg_test_null,
2481 .fips_allowed = 1,
2482 }, {
2483 .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
2484 .test = alg_test_null,
2485 .fips_allowed = 1,
2486 }, {
2487 .alg = "cbc(aes)",
2488 .test = alg_test_skcipher,
2489 .fips_allowed = 1,
2490 .suite = {
2491 .cipher = {
2492 .enc = __VECS(aes_cbc_enc_tv_template),
2493 .dec = __VECS(aes_cbc_dec_tv_template)
2494 }
2495 }
2496 }, {
2497 .alg = "cbc(anubis)",
2498 .test = alg_test_skcipher,
2499 .suite = {
2500 .cipher = {
2501 .enc = __VECS(anubis_cbc_enc_tv_template),
2502 .dec = __VECS(anubis_cbc_dec_tv_template)
2503 }
2504 }
2505 }, {
2506 .alg = "cbc(blowfish)",
2507 .test = alg_test_skcipher,
2508 .suite = {
2509 .cipher = {
2510 .enc = __VECS(bf_cbc_enc_tv_template),
2511 .dec = __VECS(bf_cbc_dec_tv_template)
2512 }
2513 }
2514 }, {
2515 .alg = "cbc(camellia)",
2516 .test = alg_test_skcipher,
2517 .suite = {
2518 .cipher = {
2519 .enc = __VECS(camellia_cbc_enc_tv_template),
2520 .dec = __VECS(camellia_cbc_dec_tv_template)
2521 }
2522 }
2523 }, {
2524 .alg = "cbc(cast5)",
2525 .test = alg_test_skcipher,
2526 .suite = {
2527 .cipher = {
2528 .enc = __VECS(cast5_cbc_enc_tv_template),
2529 .dec = __VECS(cast5_cbc_dec_tv_template)
2530 }
2531 }
2532 }, {
2533 .alg = "cbc(cast6)",
2534 .test = alg_test_skcipher,
2535 .suite = {
2536 .cipher = {
2537 .enc = __VECS(cast6_cbc_enc_tv_template),
2538 .dec = __VECS(cast6_cbc_dec_tv_template)
2539 }
2540 }
2541 }, {
2542 .alg = "cbc(des)",
2543 .test = alg_test_skcipher,
2544 .suite = {
2545 .cipher = {
2546 .enc = __VECS(des_cbc_enc_tv_template),
2547 .dec = __VECS(des_cbc_dec_tv_template)
2548 }
2549 }
2550 }, {
2551 .alg = "cbc(des3_ede)",
2552 .test = alg_test_skcipher,
2553 .fips_allowed = 1,
2554 .suite = {
2555 .cipher = {
2556 .enc = __VECS(des3_ede_cbc_enc_tv_template),
2557 .dec = __VECS(des3_ede_cbc_dec_tv_template)
2558 }
2559 }
2560 }, {
2561 .alg = "cbc(serpent)",
2562 .test = alg_test_skcipher,
2563 .suite = {
2564 .cipher = {
2565 .enc = __VECS(serpent_cbc_enc_tv_template),
2566 .dec = __VECS(serpent_cbc_dec_tv_template)
2567 }
2568 }
2569 }, {
2570 .alg = "cbc(twofish)",
2571 .test = alg_test_skcipher,
2572 .suite = {
2573 .cipher = {
2574 .enc = __VECS(tf_cbc_enc_tv_template),
2575 .dec = __VECS(tf_cbc_dec_tv_template)
2576 }
2577 }
2578 }, {
2579 .alg = "cbcmac(aes)",
2580 .fips_allowed = 1,
2581 .test = alg_test_hash,
2582 .suite = {
2583 .hash = __VECS(aes_cbcmac_tv_template)
2584 }
2585 }, {
2586 .alg = "ccm(aes)",
2587 .test = alg_test_aead,
2588 .fips_allowed = 1,
2589 .suite = {
2590 .aead = {
2591 .enc = __VECS(aes_ccm_enc_tv_template),
2592 .dec = __VECS(aes_ccm_dec_tv_template)
2593 }
2594 }
2595 }, {
2596 .alg = "chacha20",
2597 .test = alg_test_skcipher,
2598 .suite = {
2599 .cipher = {
2600 .enc = __VECS(chacha20_enc_tv_template),
2601 .dec = __VECS(chacha20_enc_tv_template),
2602 }
2603 }
2604 }, {
2605 .alg = "cmac(aes)",
2606 .fips_allowed = 1,
2607 .test = alg_test_hash,
2608 .suite = {
2609 .hash = __VECS(aes_cmac128_tv_template)
2610 }
2611 }, {
2612 .alg = "cmac(des3_ede)",
2613 .fips_allowed = 1,
2614 .test = alg_test_hash,
2615 .suite = {
2616 .hash = __VECS(des3_ede_cmac64_tv_template)
2617 }
2618 }, {
2619 .alg = "compress_null",
2620 .test = alg_test_null,
2621 }, {
2622 .alg = "crc32",
2623 .test = alg_test_hash,
2624 .suite = {
2625 .hash = __VECS(crc32_tv_template)
2626 }
2627 }, {
2628 .alg = "crc32c",
2629 .test = alg_test_crc32c,
2630 .fips_allowed = 1,
2631 .suite = {
2632 .hash = __VECS(crc32c_tv_template)
2633 }
2634 }, {
2635 .alg = "crct10dif",
2636 .test = alg_test_hash,
2637 .fips_allowed = 1,
2638 .suite = {
2639 .hash = __VECS(crct10dif_tv_template)
2640 }
2641 }, {
2642 .alg = "ctr(aes)",
2643 .test = alg_test_skcipher,
2644 .fips_allowed = 1,
2645 .suite = {
2646 .cipher = {
2647 .enc = __VECS(aes_ctr_enc_tv_template),
2648 .dec = __VECS(aes_ctr_dec_tv_template)
2649 }
2650 }
2651 }, {
2652 .alg = "ctr(blowfish)",
2653 .test = alg_test_skcipher,
2654 .suite = {
2655 .cipher = {
2656 .enc = __VECS(bf_ctr_enc_tv_template),
2657 .dec = __VECS(bf_ctr_dec_tv_template)
2658 }
2659 }
2660 }, {
2661 .alg = "ctr(camellia)",
2662 .test = alg_test_skcipher,
2663 .suite = {
2664 .cipher = {
2665 .enc = __VECS(camellia_ctr_enc_tv_template),
2666 .dec = __VECS(camellia_ctr_dec_tv_template)
2667 }
2668 }
2669 }, {
2670 .alg = "ctr(cast5)",
2671 .test = alg_test_skcipher,
2672 .suite = {
2673 .cipher = {
2674 .enc = __VECS(cast5_ctr_enc_tv_template),
2675 .dec = __VECS(cast5_ctr_dec_tv_template)
2676 }
2677 }
2678 }, {
2679 .alg = "ctr(cast6)",
2680 .test = alg_test_skcipher,
2681 .suite = {
2682 .cipher = {
2683 .enc = __VECS(cast6_ctr_enc_tv_template),
2684 .dec = __VECS(cast6_ctr_dec_tv_template)
2685 }
2686 }
2687 }, {
2688 .alg = "ctr(des)",
2689 .test = alg_test_skcipher,
2690 .suite = {
2691 .cipher = {
2692 .enc = __VECS(des_ctr_enc_tv_template),
2693 .dec = __VECS(des_ctr_dec_tv_template)
2694 }
2695 }
2696 }, {
2697 .alg = "ctr(des3_ede)",
2698 .test = alg_test_skcipher,
2699 .fips_allowed = 1,
2700 .suite = {
2701 .cipher = {
2702 .enc = __VECS(des3_ede_ctr_enc_tv_template),
2703 .dec = __VECS(des3_ede_ctr_dec_tv_template)
2704 }
2705 }
2706 }, {
2707 .alg = "ctr(serpent)",
2708 .test = alg_test_skcipher,
2709 .suite = {
2710 .cipher = {
2711 .enc = __VECS(serpent_ctr_enc_tv_template),
2712 .dec = __VECS(serpent_ctr_dec_tv_template)
2713 }
2714 }
2715 }, {
2716 .alg = "ctr(twofish)",
2717 .test = alg_test_skcipher,
2718 .suite = {
2719 .cipher = {
2720 .enc = __VECS(tf_ctr_enc_tv_template),
2721 .dec = __VECS(tf_ctr_dec_tv_template)
2722 }
2723 }
2724 }, {
2725 .alg = "cts(cbc(aes))",
2726 .test = alg_test_skcipher,
2727 .suite = {
2728 .cipher = {
2729 .enc = __VECS(cts_mode_enc_tv_template),
2730 .dec = __VECS(cts_mode_dec_tv_template)
2731 }
2732 }
2733 }, {
2734 .alg = "deflate",
2735 .test = alg_test_comp,
2736 .fips_allowed = 1,
2737 .suite = {
2738 .comp = {
2739 .comp = __VECS(deflate_comp_tv_template),
2740 .decomp = __VECS(deflate_decomp_tv_template)
2741 }
2742 }
2743 }, {
2744 .alg = "dh",
2745 .test = alg_test_kpp,
2746 .fips_allowed = 1,
2747 .suite = {
2748 .kpp = __VECS(dh_tv_template)
2749 }
2750 }, {
2751 .alg = "digest_null",
2752 .test = alg_test_null,
2753 }, {
2754 .alg = "drbg_nopr_ctr_aes128",
2755 .test = alg_test_drbg,
2756 .fips_allowed = 1,
2757 .suite = {
2758 .drbg = __VECS(drbg_nopr_ctr_aes128_tv_template)
2759 }
2760 }, {
2761 .alg = "drbg_nopr_ctr_aes192",
2762 .test = alg_test_drbg,
2763 .fips_allowed = 1,
2764 .suite = {
2765 .drbg = __VECS(drbg_nopr_ctr_aes192_tv_template)
2766 }
2767 }, {
2768 .alg = "drbg_nopr_ctr_aes256",
2769 .test = alg_test_drbg,
2770 .fips_allowed = 1,
2771 .suite = {
2772 .drbg = __VECS(drbg_nopr_ctr_aes256_tv_template)
2773 }
2774 }, {
2775 /*
2776 * There is no need to specifically test the DRBG with every
2777 * backend cipher -- covered by drbg_nopr_hmac_sha256 test
2778 */
2779 .alg = "drbg_nopr_hmac_sha1",
2780 .fips_allowed = 1,
2781 .test = alg_test_null,
2782 }, {
2783 .alg = "drbg_nopr_hmac_sha256",
2784 .test = alg_test_drbg,
2785 .fips_allowed = 1,
2786 .suite = {
2787 .drbg = __VECS(drbg_nopr_hmac_sha256_tv_template)
2788 }
2789 }, {
2790 /* covered by drbg_nopr_hmac_sha256 test */
2791 .alg = "drbg_nopr_hmac_sha384",
2792 .fips_allowed = 1,
2793 .test = alg_test_null,
2794 }, {
2795 .alg = "drbg_nopr_hmac_sha512",
2796 .test = alg_test_null,
2797 .fips_allowed = 1,
2798 }, {
2799 .alg = "drbg_nopr_sha1",
2800 .fips_allowed = 1,
2801 .test = alg_test_null,
2802 }, {
2803 .alg = "drbg_nopr_sha256",
2804 .test = alg_test_drbg,
2805 .fips_allowed = 1,
2806 .suite = {
2807 .drbg = __VECS(drbg_nopr_sha256_tv_template)
2808 }
2809 }, {
2810 /* covered by drbg_nopr_sha256 test */
2811 .alg = "drbg_nopr_sha384",
2812 .fips_allowed = 1,
2813 .test = alg_test_null,
2814 }, {
2815 .alg = "drbg_nopr_sha512",
2816 .fips_allowed = 1,
2817 .test = alg_test_null,
2818 }, {
2819 .alg = "drbg_pr_ctr_aes128",
2820 .test = alg_test_drbg,
2821 .fips_allowed = 1,
2822 .suite = {
2823 .drbg = __VECS(drbg_pr_ctr_aes128_tv_template)
2824 }
2825 }, {
2826 /* covered by drbg_pr_ctr_aes128 test */
2827 .alg = "drbg_pr_ctr_aes192",
2828 .fips_allowed = 1,
2829 .test = alg_test_null,
2830 }, {
2831 .alg = "drbg_pr_ctr_aes256",
2832 .fips_allowed = 1,
2833 .test = alg_test_null,
2834 }, {
2835 .alg = "drbg_pr_hmac_sha1",
2836 .fips_allowed = 1,
2837 .test = alg_test_null,
2838 }, {
2839 .alg = "drbg_pr_hmac_sha256",
2840 .test = alg_test_drbg,
2841 .fips_allowed = 1,
2842 .suite = {
2843 .drbg = __VECS(drbg_pr_hmac_sha256_tv_template)
2844 }
2845 }, {
2846 /* covered by drbg_pr_hmac_sha256 test */
2847 .alg = "drbg_pr_hmac_sha384",
2848 .fips_allowed = 1,
2849 .test = alg_test_null,
2850 }, {
2851 .alg = "drbg_pr_hmac_sha512",
2852 .test = alg_test_null,
2853 .fips_allowed = 1,
2854 }, {
2855 .alg = "drbg_pr_sha1",
2856 .fips_allowed = 1,
2857 .test = alg_test_null,
2858 }, {
2859 .alg = "drbg_pr_sha256",
2860 .test = alg_test_drbg,
2861 .fips_allowed = 1,
2862 .suite = {
2863 .drbg = __VECS(drbg_pr_sha256_tv_template)
2864 }
2865 }, {
2866 /* covered by drbg_pr_sha256 test */
2867 .alg = "drbg_pr_sha384",
2868 .fips_allowed = 1,
2869 .test = alg_test_null,
2870 }, {
2871 .alg = "drbg_pr_sha512",
2872 .fips_allowed = 1,
2873 .test = alg_test_null,
2874 }, {
2875 .alg = "ecb(aes)",
2876 .test = alg_test_skcipher,
2877 .fips_allowed = 1,
2878 .suite = {
2879 .cipher = {
2880 .enc = __VECS(aes_enc_tv_template),
2881 .dec = __VECS(aes_dec_tv_template)
2882 }
2883 }
2884 }, {
2885 .alg = "ecb(anubis)",
2886 .test = alg_test_skcipher,
2887 .suite = {
2888 .cipher = {
2889 .enc = __VECS(anubis_enc_tv_template),
2890 .dec = __VECS(anubis_dec_tv_template)
2891 }
2892 }
2893 }, {
2894 .alg = "ecb(arc4)",
2895 .test = alg_test_skcipher,
2896 .suite = {
2897 .cipher = {
2898 .enc = __VECS(arc4_enc_tv_template),
2899 .dec = __VECS(arc4_dec_tv_template)
2900 }
2901 }
2902 }, {
2903 .alg = "ecb(blowfish)",
2904 .test = alg_test_skcipher,
2905 .suite = {
2906 .cipher = {
2907 .enc = __VECS(bf_enc_tv_template),
2908 .dec = __VECS(bf_dec_tv_template)
2909 }
2910 }
2911 }, {
2912 .alg = "ecb(camellia)",
2913 .test = alg_test_skcipher,
2914 .suite = {
2915 .cipher = {
2916 .enc = __VECS(camellia_enc_tv_template),
2917 .dec = __VECS(camellia_dec_tv_template)
2918 }
2919 }
2920 }, {
2921 .alg = "ecb(cast5)",
2922 .test = alg_test_skcipher,
2923 .suite = {
2924 .cipher = {
2925 .enc = __VECS(cast5_enc_tv_template),
2926 .dec = __VECS(cast5_dec_tv_template)
2927 }
2928 }
2929 }, {
2930 .alg = "ecb(cast6)",
2931 .test = alg_test_skcipher,
2932 .suite = {
2933 .cipher = {
2934 .enc = __VECS(cast6_enc_tv_template),
2935 .dec = __VECS(cast6_dec_tv_template)
2936 }
2937 }
2938 }, {
2939 .alg = "ecb(cipher_null)",
2940 .test = alg_test_null,
2941 .fips_allowed = 1,
2942 }, {
2943 .alg = "ecb(des)",
2944 .test = alg_test_skcipher,
2945 .suite = {
2946 .cipher = {
2947 .enc = __VECS(des_enc_tv_template),
2948 .dec = __VECS(des_dec_tv_template)
2949 }
2950 }
2951 }, {
2952 .alg = "ecb(des3_ede)",
2953 .test = alg_test_skcipher,
2954 .fips_allowed = 1,
2955 .suite = {
2956 .cipher = {
2957 .enc = __VECS(des3_ede_enc_tv_template),
2958 .dec = __VECS(des3_ede_dec_tv_template)
2959 }
2960 }
2961 }, {
2962 .alg = "ecb(fcrypt)",
2963 .test = alg_test_skcipher,
2964 .suite = {
2965 .cipher = {
2966 .enc = {
2967 .vecs = fcrypt_pcbc_enc_tv_template,
2968 .count = 1
2969 },
2970 .dec = {
2971 .vecs = fcrypt_pcbc_dec_tv_template,
2972 .count = 1
2973 }
2974 }
2975 }
2976 }, {
2977 .alg = "ecb(khazad)",
2978 .test = alg_test_skcipher,
2979 .suite = {
2980 .cipher = {
2981 .enc = __VECS(khazad_enc_tv_template),
2982 .dec = __VECS(khazad_dec_tv_template)
2983 }
2984 }
2985 }, {
2986 .alg = "ecb(seed)",
2987 .test = alg_test_skcipher,
2988 .suite = {
2989 .cipher = {
2990 .enc = __VECS(seed_enc_tv_template),
2991 .dec = __VECS(seed_dec_tv_template)
2992 }
2993 }
2994 }, {
2995 .alg = "ecb(serpent)",
2996 .test = alg_test_skcipher,
2997 .suite = {
2998 .cipher = {
2999 .enc = __VECS(serpent_enc_tv_template),
3000 .dec = __VECS(serpent_dec_tv_template)
3001 }
3002 }
3003 }, {
3004 .alg = "ecb(tea)",
3005 .test = alg_test_skcipher,
3006 .suite = {
3007 .cipher = {
3008 .enc = __VECS(tea_enc_tv_template),
3009 .dec = __VECS(tea_dec_tv_template)
3010 }
3011 }
3012 }, {
3013 .alg = "ecb(tnepres)",
3014 .test = alg_test_skcipher,
3015 .suite = {
3016 .cipher = {
3017 .enc = __VECS(tnepres_enc_tv_template),
3018 .dec = __VECS(tnepres_dec_tv_template)
3019 }
3020 }
3021 }, {
3022 .alg = "ecb(twofish)",
3023 .test = alg_test_skcipher,
3024 .suite = {
3025 .cipher = {
3026 .enc = __VECS(tf_enc_tv_template),
3027 .dec = __VECS(tf_dec_tv_template)
3028 }
3029 }
3030 }, {
3031 .alg = "ecb(xeta)",
3032 .test = alg_test_skcipher,
3033 .suite = {
3034 .cipher = {
3035 .enc = __VECS(xeta_enc_tv_template),
3036 .dec = __VECS(xeta_dec_tv_template)
3037 }
3038 }
3039 }, {
3040 .alg = "ecb(xtea)",
3041 .test = alg_test_skcipher,
3042 .suite = {
3043 .cipher = {
3044 .enc = __VECS(xtea_enc_tv_template),
3045 .dec = __VECS(xtea_dec_tv_template)
3046 }
3047 }
3048 }, {
3049 .alg = "ecdh",
3050 .test = alg_test_kpp,
3051 .fips_allowed = 1,
3052 .suite = {
3053 .kpp = __VECS(ecdh_tv_template)
3054 }
3055 }, {
3056 .alg = "gcm(aes)",
3057 .test = alg_test_aead,
3058 .fips_allowed = 1,
3059 .suite = {
3060 .aead = {
3061 .enc = __VECS(aes_gcm_enc_tv_template),
3062 .dec = __VECS(aes_gcm_dec_tv_template)
3063 }
3064 }
3065 }, {
3066 .alg = "ghash",
3067 .test = alg_test_hash,
3068 .fips_allowed = 1,
3069 .suite = {
3070 .hash = __VECS(ghash_tv_template)
3071 }
3072 }, {
3073 .alg = "hmac(crc32)",
3074 .test = alg_test_hash,
3075 .suite = {
3076 .hash = __VECS(bfin_crc_tv_template)
3077 }
3078 }, {
3079 .alg = "hmac(md5)",
3080 .test = alg_test_hash,
3081 .suite = {
3082 .hash = __VECS(hmac_md5_tv_template)
3083 }
3084 }, {
3085 .alg = "hmac(rmd128)",
3086 .test = alg_test_hash,
3087 .suite = {
3088 .hash = __VECS(hmac_rmd128_tv_template)
3089 }
3090 }, {
3091 .alg = "hmac(rmd160)",
3092 .test = alg_test_hash,
3093 .suite = {
3094 .hash = __VECS(hmac_rmd160_tv_template)
3095 }
3096 }, {
3097 .alg = "hmac(sha1)",
3098 .test = alg_test_hash,
3099 .fips_allowed = 1,
3100 .suite = {
3101 .hash = __VECS(hmac_sha1_tv_template)
3102 }
3103 }, {
3104 .alg = "hmac(sha224)",
3105 .test = alg_test_hash,
3106 .fips_allowed = 1,
3107 .suite = {
3108 .hash = __VECS(hmac_sha224_tv_template)
3109 }
3110 }, {
3111 .alg = "hmac(sha256)",
3112 .test = alg_test_hash,
3113 .fips_allowed = 1,
3114 .suite = {
3115 .hash = __VECS(hmac_sha256_tv_template)
3116 }
3117 }, {
3118 .alg = "hmac(sha3-224)",
3119 .test = alg_test_hash,
3120 .fips_allowed = 1,
3121 .suite = {
3122 .hash = __VECS(hmac_sha3_224_tv_template)
3123 }
3124 }, {
3125 .alg = "hmac(sha3-256)",
3126 .test = alg_test_hash,
3127 .fips_allowed = 1,
3128 .suite = {
3129 .hash = __VECS(hmac_sha3_256_tv_template)
3130 }
3131 }, {
3132 .alg = "hmac(sha3-384)",
3133 .test = alg_test_hash,
3134 .fips_allowed = 1,
3135 .suite = {
3136 .hash = __VECS(hmac_sha3_384_tv_template)
3137 }
3138 }, {
3139 .alg = "hmac(sha3-512)",
3140 .test = alg_test_hash,
3141 .fips_allowed = 1,
3142 .suite = {
3143 .hash = __VECS(hmac_sha3_512_tv_template)
3144 }
3145 }, {
3146 .alg = "hmac(sha384)",
3147 .test = alg_test_hash,
3148 .fips_allowed = 1,
3149 .suite = {
3150 .hash = __VECS(hmac_sha384_tv_template)
3151 }
3152 }, {
3153 .alg = "hmac(sha512)",
3154 .test = alg_test_hash,
3155 .fips_allowed = 1,
3156 .suite = {
3157 .hash = __VECS(hmac_sha512_tv_template)
3158 }
3159 }, {
3160 .alg = "jitterentropy_rng",
3161 .fips_allowed = 1,
3162 .test = alg_test_null,
3163 }, {
3164 .alg = "kw(aes)",
3165 .test = alg_test_skcipher,
3166 .fips_allowed = 1,
3167 .suite = {
3168 .cipher = {
3169 .enc = __VECS(aes_kw_enc_tv_template),
3170 .dec = __VECS(aes_kw_dec_tv_template)
3171 }
3172 }
3173 }, {
3174 .alg = "lrw(aes)",
3175 .test = alg_test_skcipher,
3176 .suite = {
3177 .cipher = {
3178 .enc = __VECS(aes_lrw_enc_tv_template),
3179 .dec = __VECS(aes_lrw_dec_tv_template)
3180 }
3181 }
3182 }, {
3183 .alg = "lrw(camellia)",
3184 .test = alg_test_skcipher,
3185 .suite = {
3186 .cipher = {
3187 .enc = __VECS(camellia_lrw_enc_tv_template),
3188 .dec = __VECS(camellia_lrw_dec_tv_template)
3189 }
3190 }
3191 }, {
3192 .alg = "lrw(cast6)",
3193 .test = alg_test_skcipher,
3194 .suite = {
3195 .cipher = {
3196 .enc = __VECS(cast6_lrw_enc_tv_template),
3197 .dec = __VECS(cast6_lrw_dec_tv_template)
3198 }
3199 }
3200 }, {
3201 .alg = "lrw(serpent)",
3202 .test = alg_test_skcipher,
3203 .suite = {
3204 .cipher = {
3205 .enc = __VECS(serpent_lrw_enc_tv_template),
3206 .dec = __VECS(serpent_lrw_dec_tv_template)
3207 }
3208 }
3209 }, {
3210 .alg = "lrw(twofish)",
3211 .test = alg_test_skcipher,
3212 .suite = {
3213 .cipher = {
3214 .enc = __VECS(tf_lrw_enc_tv_template),
3215 .dec = __VECS(tf_lrw_dec_tv_template)
3216 }
3217 }
3218 }, {
3219 .alg = "lz4",
3220 .test = alg_test_comp,
3221 .fips_allowed = 1,
3222 .suite = {
3223 .comp = {
3224 .comp = __VECS(lz4_comp_tv_template),
3225 .decomp = __VECS(lz4_decomp_tv_template)
3226 }
3227 }
3228 }, {
3229 .alg = "lz4hc",
3230 .test = alg_test_comp,
3231 .fips_allowed = 1,
3232 .suite = {
3233 .comp = {
3234 .comp = __VECS(lz4hc_comp_tv_template),
3235 .decomp = __VECS(lz4hc_decomp_tv_template)
3236 }
3237 }
3238 }, {
3239 .alg = "lzo",
3240 .test = alg_test_comp,
3241 .fips_allowed = 1,
3242 .suite = {
3243 .comp = {
3244 .comp = __VECS(lzo_comp_tv_template),
3245 .decomp = __VECS(lzo_decomp_tv_template)
3246 }
3247 }
3248 }, {
3249 .alg = "md4",
3250 .test = alg_test_hash,
3251 .suite = {
3252 .hash = __VECS(md4_tv_template)
3253 }
3254 }, {
3255 .alg = "md5",
3256 .test = alg_test_hash,
3257 .suite = {
3258 .hash = __VECS(md5_tv_template)
3259 }
3260 }, {
3261 .alg = "michael_mic",
3262 .test = alg_test_hash,
3263 .suite = {
3264 .hash = __VECS(michael_mic_tv_template)
3265 }
3266 }, {
3267 .alg = "ofb(aes)",
3268 .test = alg_test_skcipher,
3269 .fips_allowed = 1,
3270 .suite = {
3271 .cipher = {
3272 .enc = __VECS(aes_ofb_enc_tv_template),
3273 .dec = __VECS(aes_ofb_dec_tv_template)
3274 }
3275 }
3276 }, {
3277 .alg = "pcbc(fcrypt)",
3278 .test = alg_test_skcipher,
3279 .suite = {
3280 .cipher = {
3281 .enc = __VECS(fcrypt_pcbc_enc_tv_template),
3282 .dec = __VECS(fcrypt_pcbc_dec_tv_template)
3283 }
3284 }
3285 }, {
3286 .alg = "pkcs1pad(rsa,sha224)",
3287 .test = alg_test_null,
3288 .fips_allowed = 1,
3289 }, {
3290 .alg = "pkcs1pad(rsa,sha256)",
3291 .test = alg_test_akcipher,
3292 .fips_allowed = 1,
3293 .suite = {
3294 .akcipher = __VECS(pkcs1pad_rsa_tv_template)
3295 }
3296 }, {
3297 .alg = "pkcs1pad(rsa,sha384)",
3298 .test = alg_test_null,
3299 .fips_allowed = 1,
3300 }, {
3301 .alg = "pkcs1pad(rsa,sha512)",
3302 .test = alg_test_null,
3303 .fips_allowed = 1,
3304 }, {
3305 .alg = "poly1305",
3306 .test = alg_test_hash,
3307 .suite = {
3308 .hash = __VECS(poly1305_tv_template)
3309 }
3310 }, {
3311 .alg = "rfc3686(ctr(aes))",
3312 .test = alg_test_skcipher,
3313 .fips_allowed = 1,
3314 .suite = {
3315 .cipher = {
3316 .enc = __VECS(aes_ctr_rfc3686_enc_tv_template),
3317 .dec = __VECS(aes_ctr_rfc3686_dec_tv_template)
3318 }
3319 }
3320 }, {
3321 .alg = "rfc4106(gcm(aes))",
3322 .test = alg_test_aead,
3323 .fips_allowed = 1,
3324 .suite = {
3325 .aead = {
3326 .enc = __VECS(aes_gcm_rfc4106_enc_tv_template),
3327 .dec = __VECS(aes_gcm_rfc4106_dec_tv_template)
3328 }
3329 }
3330 }, {
3331 .alg = "rfc4309(ccm(aes))",
3332 .test = alg_test_aead,
3333 .fips_allowed = 1,
3334 .suite = {
3335 .aead = {
3336 .enc = __VECS(aes_ccm_rfc4309_enc_tv_template),
3337 .dec = __VECS(aes_ccm_rfc4309_dec_tv_template)
3338 }
3339 }
3340 }, {
3341 .alg = "rfc4543(gcm(aes))",
3342 .test = alg_test_aead,
3343 .suite = {
3344 .aead = {
3345 .enc = __VECS(aes_gcm_rfc4543_enc_tv_template),
3346 .dec = __VECS(aes_gcm_rfc4543_dec_tv_template),
3347 }
3348 }
3349 }, {
3350 .alg = "rfc7539(chacha20,poly1305)",
3351 .test = alg_test_aead,
3352 .suite = {
3353 .aead = {
3354 .enc = __VECS(rfc7539_enc_tv_template),
3355 .dec = __VECS(rfc7539_dec_tv_template),
3356 }
3357 }
3358 }, {
3359 .alg = "rfc7539esp(chacha20,poly1305)",
3360 .test = alg_test_aead,
3361 .suite = {
3362 .aead = {
3363 .enc = __VECS(rfc7539esp_enc_tv_template),
3364 .dec = __VECS(rfc7539esp_dec_tv_template),
3365 }
3366 }
3367 }, {
3368 .alg = "rmd128",
3369 .test = alg_test_hash,
3370 .suite = {
3371 .hash = __VECS(rmd128_tv_template)
3372 }
3373 }, {
3374 .alg = "rmd160",
3375 .test = alg_test_hash,
3376 .suite = {
3377 .hash = __VECS(rmd160_tv_template)
3378 }
3379 }, {
3380 .alg = "rmd256",
3381 .test = alg_test_hash,
3382 .suite = {
3383 .hash = __VECS(rmd256_tv_template)
3384 }
3385 }, {
3386 .alg = "rmd320",
3387 .test = alg_test_hash,
3388 .suite = {
3389 .hash = __VECS(rmd320_tv_template)
3390 }
3391 }, {
3392 .alg = "rsa",
3393 .test = alg_test_akcipher,
3394 .fips_allowed = 1,
3395 .suite = {
3396 .akcipher = __VECS(rsa_tv_template)
3397 }
3398 }, {
3399 .alg = "salsa20",
3400 .test = alg_test_skcipher,
3401 .suite = {
3402 .cipher = {
3403 .enc = __VECS(salsa20_stream_enc_tv_template)
3404 }
3405 }
3406 }, {
3407 .alg = "sha1",
3408 .test = alg_test_hash,
3409 .fips_allowed = 1,
3410 .suite = {
3411 .hash = __VECS(sha1_tv_template)
3412 }
3413 }, {
3414 .alg = "sha224",
3415 .test = alg_test_hash,
3416 .fips_allowed = 1,
3417 .suite = {
3418 .hash = __VECS(sha224_tv_template)
3419 }
3420 }, {
3421 .alg = "sha256",
3422 .test = alg_test_hash,
3423 .fips_allowed = 1,
3424 .suite = {
3425 .hash = __VECS(sha256_tv_template)
3426 }
3427 }, {
3428 .alg = "sha3-224",
3429 .test = alg_test_hash,
3430 .fips_allowed = 1,
3431 .suite = {
3432 .hash = __VECS(sha3_224_tv_template)
3433 }
3434 }, {
3435 .alg = "sha3-256",
3436 .test = alg_test_hash,
3437 .fips_allowed = 1,
3438 .suite = {
3439 .hash = __VECS(sha3_256_tv_template)
3440 }
3441 }, {
3442 .alg = "sha3-384",
3443 .test = alg_test_hash,
3444 .fips_allowed = 1,
3445 .suite = {
3446 .hash = __VECS(sha3_384_tv_template)
3447 }
3448 }, {
3449 .alg = "sha3-512",
3450 .test = alg_test_hash,
3451 .fips_allowed = 1,
3452 .suite = {
3453 .hash = __VECS(sha3_512_tv_template)
3454 }
3455 }, {
3456 .alg = "sha384",
3457 .test = alg_test_hash,
3458 .fips_allowed = 1,
3459 .suite = {
3460 .hash = __VECS(sha384_tv_template)
3461 }
3462 }, {
3463 .alg = "sha512",
3464 .test = alg_test_hash,
3465 .fips_allowed = 1,
3466 .suite = {
3467 .hash = __VECS(sha512_tv_template)
3468 }
3469 }, {
3470 .alg = "sm3",
3471 .test = alg_test_hash,
3472 .suite = {
3473 .hash = __VECS(sm3_tv_template)
3474 }
3475 }, {
3476 .alg = "tgr128",
3477 .test = alg_test_hash,
3478 .suite = {
3479 .hash = __VECS(tgr128_tv_template)
3480 }
3481 }, {
3482 .alg = "tgr160",
3483 .test = alg_test_hash,
3484 .suite = {
3485 .hash = __VECS(tgr160_tv_template)
3486 }
3487 }, {
3488 .alg = "tgr192",
3489 .test = alg_test_hash,
3490 .suite = {
3491 .hash = __VECS(tgr192_tv_template)
3492 }
3493 }, {
3494 .alg = "vmac(aes)",
3495 .test = alg_test_hash,
3496 .suite = {
3497 .hash = __VECS(aes_vmac128_tv_template)
3498 }
3499 }, {
3500 .alg = "wp256",
3501 .test = alg_test_hash,
3502 .suite = {
3503 .hash = __VECS(wp256_tv_template)
3504 }
3505 }, {
3506 .alg = "wp384",
3507 .test = alg_test_hash,
3508 .suite = {
3509 .hash = __VECS(wp384_tv_template)
3510 }
3511 }, {
3512 .alg = "wp512",
3513 .test = alg_test_hash,
3514 .suite = {
3515 .hash = __VECS(wp512_tv_template)
3516 }
3517 }, {
3518 .alg = "xcbc(aes)",
3519 .test = alg_test_hash,
3520 .suite = {
3521 .hash = __VECS(aes_xcbc128_tv_template)
3522 }
3523 }, {
3524 .alg = "xts(aes)",
3525 .test = alg_test_skcipher,
3526 .fips_allowed = 1,
3527 .suite = {
3528 .cipher = {
3529 .enc = __VECS(aes_xts_enc_tv_template),
3530 .dec = __VECS(aes_xts_dec_tv_template)
3531 }
3532 }
3533 }, {
3534 .alg = "xts(camellia)",
3535 .test = alg_test_skcipher,
3536 .suite = {
3537 .cipher = {
3538 .enc = __VECS(camellia_xts_enc_tv_template),
3539 .dec = __VECS(camellia_xts_dec_tv_template)
3540 }
3541 }
3542 }, {
3543 .alg = "xts(cast6)",
3544 .test = alg_test_skcipher,
3545 .suite = {
3546 .cipher = {
3547 .enc = __VECS(cast6_xts_enc_tv_template),
3548 .dec = __VECS(cast6_xts_dec_tv_template)
3549 }
3550 }
3551 }, {
3552 .alg = "xts(serpent)",
3553 .test = alg_test_skcipher,
3554 .suite = {
3555 .cipher = {
3556 .enc = __VECS(serpent_xts_enc_tv_template),
3557 .dec = __VECS(serpent_xts_dec_tv_template)
3558 }
3559 }
3560 }, {
3561 .alg = "xts(twofish)",
3562 .test = alg_test_skcipher,
3563 .suite = {
3564 .cipher = {
3565 .enc = __VECS(tf_xts_enc_tv_template),
3566 .dec = __VECS(tf_xts_dec_tv_template)
3567 }
3568 }
3569 }, {
3570 .alg = "zlib-deflate",
3571 .test = alg_test_comp,
3572 .fips_allowed = 1,
3573 .suite = {
3574 .comp = {
3575 .comp = __VECS(zlib_deflate_comp_tv_template),
3576 .decomp = __VECS(zlib_deflate_decomp_tv_template)
3577 }
3578 }
3579 }
3580 };
3581
3582 static bool alg_test_descs_checked;
3583
3584 static void alg_test_descs_check_order(void)
3585 {
3586 int i;
3587
3588 /* only check once */
3589 if (alg_test_descs_checked)
3590 return;
3591
3592 alg_test_descs_checked = true;
3593
3594 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3595 int diff = strcmp(alg_test_descs[i - 1].alg,
3596 alg_test_descs[i].alg);
3597
3598 if (WARN_ON(diff > 0)) {
3599 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3600 alg_test_descs[i - 1].alg,
3601 alg_test_descs[i].alg);
3602 }
3603
3604 if (WARN_ON(diff == 0)) {
3605 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3606 alg_test_descs[i].alg);
3607 }
3608 }
3609 }
3610
3611 static int alg_find_test(const char *alg)
3612 {
3613 int start = 0;
3614 int end = ARRAY_SIZE(alg_test_descs);
3615
3616 while (start < end) {
3617 int i = (start + end) / 2;
3618 int diff = strcmp(alg_test_descs[i].alg, alg);
3619
3620 if (diff > 0) {
3621 end = i;
3622 continue;
3623 }
3624
3625 if (diff < 0) {
3626 start = i + 1;
3627 continue;
3628 }
3629
3630 return i;
3631 }
3632
3633 return -1;
3634 }
3635
3636 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3637 {
3638 int i;
3639 int j;
3640 int rc;
3641
3642 if (!fips_enabled && notests) {
3643 printk_once(KERN_INFO "alg: self-tests disabled\n");
3644 return 0;
3645 }
3646
3647 alg_test_descs_check_order();
3648
3649 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3650 char nalg[CRYPTO_MAX_ALG_NAME];
3651
3652 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
3653 sizeof(nalg))
3654 return -ENAMETOOLONG;
3655
3656 i = alg_find_test(nalg);
3657 if (i < 0)
3658 goto notest;
3659
3660 if (fips_enabled && !alg_test_descs[i].fips_allowed)
3661 goto non_fips_alg;
3662
3663 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
3664 goto test_done;
3665 }
3666
3667 i = alg_find_test(alg);
3668 j = alg_find_test(driver);
3669 if (i < 0 && j < 0)
3670 goto notest;
3671
3672 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
3673 (j >= 0 && !alg_test_descs[j].fips_allowed)))
3674 goto non_fips_alg;
3675
3676 rc = 0;
3677 if (i >= 0)
3678 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
3679 type, mask);
3680 if (j >= 0 && j != i)
3681 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
3682 type, mask);
3683
3684 test_done:
3685 if (fips_enabled && rc)
3686 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
3687
3688 if (fips_enabled && !rc)
3689 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
3690
3691 return rc;
3692
3693 notest:
3694 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
3695 return 0;
3696 non_fips_alg:
3697 return -EINVAL;
3698 }
3699
3700 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
3701
3702 EXPORT_SYMBOL_GPL(alg_test);
CRIS linux kernel tree