]> git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/blob - crypto/testmgr.c
projects / mirror_ubuntu-bionic-kernel.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
crypto: testmgr - add tests vectors for RSA
[mirror_ubuntu-bionic-kernel.git] / crypto / testmgr.c
1 /*
2 * Algorithm testing framework and tests.
3 *
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
6 * Copyright (c) 2007 Nokia Siemens Networks
7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
8 *
9 * Updated RFC4106 AES-GCM testing.
10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com)
11 * Adrian Hoban <adrian.hoban@intel.com>
12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
13 * Tadeusz Struk (tadeusz.struk@intel.com)
14 * Copyright (c) 2010, Intel Corporation.
15 *
16 * This program is free software; you can redistribute it and/or modify it
17 * under the terms of the GNU General Public License as published by the Free
18 * Software Foundation; either version 2 of the License, or (at your option)
19 * any later version.
20 *
21 */
22
23 #include <crypto/aead.h>
24 #include <crypto/hash.h>
25 #include <linux/err.h>
26 #include <linux/fips.h>
27 #include <linux/module.h>
28 #include <linux/scatterlist.h>
29 #include <linux/slab.h>
30 #include <linux/string.h>
31 #include <crypto/rng.h>
32 #include <crypto/drbg.h>
33 #include <crypto/akcipher.h>
34
35 #include "internal.h"
36
37 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
38
39 /* a perfect nop */
40 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
41 {
42 return 0;
43 }
44
45 #else
46
47 #include "testmgr.h"
48
49 /*
50 * Need slab memory for testing (size in number of pages).
51 */
52 #define XBUFSIZE 8
53
54 /*
55 * Indexes into the xbuf to simulate cross-page access.
56 */
57 #define IDX1 32
58 #define IDX2 32400
59 #define IDX3 1
60 #define IDX4 8193
61 #define IDX5 22222
62 #define IDX6 17101
63 #define IDX7 27333
64 #define IDX8 3000
65
66 /*
67 * Used by test_cipher()
68 */
69 #define ENCRYPT 1
70 #define DECRYPT 0
71
72 struct tcrypt_result {
73 struct completion completion;
74 int err;
75 };
76
77 struct aead_test_suite {
78 struct {
79 struct aead_testvec *vecs;
80 unsigned int count;
81 } enc, dec;
82 };
83
84 struct cipher_test_suite {
85 struct {
86 struct cipher_testvec *vecs;
87 unsigned int count;
88 } enc, dec;
89 };
90
91 struct comp_test_suite {
92 struct {
93 struct comp_testvec *vecs;
94 unsigned int count;
95 } comp, decomp;
96 };
97
98 struct pcomp_test_suite {
99 struct {
100 struct pcomp_testvec *vecs;
101 unsigned int count;
102 } comp, decomp;
103 };
104
105 struct hash_test_suite {
106 struct hash_testvec *vecs;
107 unsigned int count;
108 };
109
110 struct cprng_test_suite {
111 struct cprng_testvec *vecs;
112 unsigned int count;
113 };
114
115 struct drbg_test_suite {
116 struct drbg_testvec *vecs;
117 unsigned int count;
118 };
119
120 struct akcipher_test_suite {
121 struct akcipher_testvec *vecs;
122 unsigned int count;
123 };
124
125 struct alg_test_desc {
126 const char *alg;
127 int (*test)(const struct alg_test_desc *desc, const char *driver,
128 u32 type, u32 mask);
129 int fips_allowed; /* set if alg is allowed in fips mode */
130
131 union {
132 struct aead_test_suite aead;
133 struct cipher_test_suite cipher;
134 struct comp_test_suite comp;
135 struct pcomp_test_suite pcomp;
136 struct hash_test_suite hash;
137 struct cprng_test_suite cprng;
138 struct drbg_test_suite drbg;
139 struct akcipher_test_suite akcipher;
140 } suite;
141 };
142
143 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
144
145 static void hexdump(unsigned char *buf, unsigned int len)
146 {
147 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
148 16, 1,
149 buf, len, false);
150 }
151
152 static void tcrypt_complete(struct crypto_async_request *req, int err)
153 {
154 struct tcrypt_result *res = req->data;
155
156 if (err == -EINPROGRESS)
157 return;
158
159 res->err = err;
160 complete(&res->completion);
161 }
162
163 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
164 {
165 int i;
166
167 for (i = 0; i < XBUFSIZE; i++) {
168 buf[i] = (void *)__get_free_page(GFP_KERNEL);
169 if (!buf[i])
170 goto err_free_buf;
171 }
172
173 return 0;
174
175 err_free_buf:
176 while (i-- > 0)
177 free_page((unsigned long)buf[i]);
178
179 return -ENOMEM;
180 }
181
182 static void testmgr_free_buf(char *buf[XBUFSIZE])
183 {
184 int i;
185
186 for (i = 0; i < XBUFSIZE; i++)
187 free_page((unsigned long)buf[i]);
188 }
189
190 static int wait_async_op(struct tcrypt_result *tr, int ret)
191 {
192 if (ret == -EINPROGRESS || ret == -EBUSY) {
193 wait_for_completion(&tr->completion);
194 reinit_completion(&tr->completion);
195 ret = tr->err;
196 }
197 return ret;
198 }
199
200 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
201 unsigned int tcount, bool use_digest,
202 const int align_offset)
203 {
204 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
205 unsigned int i, j, k, temp;
206 struct scatterlist sg[8];
207 char *result;
208 char *key;
209 struct ahash_request *req;
210 struct tcrypt_result tresult;
211 void *hash_buff;
212 char *xbuf[XBUFSIZE];
213 int ret = -ENOMEM;
214
215 result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
216 if (!result)
217 return ret;
218 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
219 if (!key)
220 goto out_nobuf;
221 if (testmgr_alloc_buf(xbuf))
222 goto out_nobuf;
223
224 init_completion(&tresult.completion);
225
226 req = ahash_request_alloc(tfm, GFP_KERNEL);
227 if (!req) {
228 printk(KERN_ERR "alg: hash: Failed to allocate request for "
229 "%s\n", algo);
230 goto out_noreq;
231 }
232 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
233 tcrypt_complete, &tresult);
234
235 j = 0;
236 for (i = 0; i < tcount; i++) {
237 if (template[i].np)
238 continue;
239
240 ret = -EINVAL;
241 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
242 goto out;
243
244 j++;
245 memset(result, 0, MAX_DIGEST_SIZE);
246
247 hash_buff = xbuf[0];
248 hash_buff += align_offset;
249
250 memcpy(hash_buff, template[i].plaintext, template[i].psize);
251 sg_init_one(&sg[0], hash_buff, template[i].psize);
252
253 if (template[i].ksize) {
254 crypto_ahash_clear_flags(tfm, ~0);
255 if (template[i].ksize > MAX_KEYLEN) {
256 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
257 j, algo, template[i].ksize, MAX_KEYLEN);
258 ret = -EINVAL;
259 goto out;
260 }
261 memcpy(key, template[i].key, template[i].ksize);
262 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
263 if (ret) {
264 printk(KERN_ERR "alg: hash: setkey failed on "
265 "test %d for %s: ret=%d\n", j, algo,
266 -ret);
267 goto out;
268 }
269 }
270
271 ahash_request_set_crypt(req, sg, result, template[i].psize);
272 if (use_digest) {
273 ret = wait_async_op(&tresult, crypto_ahash_digest(req));
274 if (ret) {
275 pr_err("alg: hash: digest failed on test %d "
276 "for %s: ret=%d\n", j, algo, -ret);
277 goto out;
278 }
279 } else {
280 ret = wait_async_op(&tresult, crypto_ahash_init(req));
281 if (ret) {
282 pr_err("alt: hash: init failed on test %d "
283 "for %s: ret=%d\n", j, algo, -ret);
284 goto out;
285 }
286 ret = wait_async_op(&tresult, crypto_ahash_update(req));
287 if (ret) {
288 pr_err("alt: hash: update failed on test %d "
289 "for %s: ret=%d\n", j, algo, -ret);
290 goto out;
291 }
292 ret = wait_async_op(&tresult, crypto_ahash_final(req));
293 if (ret) {
294 pr_err("alt: hash: final failed on test %d "
295 "for %s: ret=%d\n", j, algo, -ret);
296 goto out;
297 }
298 }
299
300 if (memcmp(result, template[i].digest,
301 crypto_ahash_digestsize(tfm))) {
302 printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
303 j, algo);
304 hexdump(result, crypto_ahash_digestsize(tfm));
305 ret = -EINVAL;
306 goto out;
307 }
308 }
309
310 j = 0;
311 for (i = 0; i < tcount; i++) {
312 /* alignment tests are only done with continuous buffers */
313 if (align_offset != 0)
314 break;
315
316 if (!template[i].np)
317 continue;
318
319 j++;
320 memset(result, 0, MAX_DIGEST_SIZE);
321
322 temp = 0;
323 sg_init_table(sg, template[i].np);
324 ret = -EINVAL;
325 for (k = 0; k < template[i].np; k++) {
326 if (WARN_ON(offset_in_page(IDX[k]) +
327 template[i].tap[k] > PAGE_SIZE))
328 goto out;
329 sg_set_buf(&sg[k],
330 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
331 offset_in_page(IDX[k]),
332 template[i].plaintext + temp,
333 template[i].tap[k]),
334 template[i].tap[k]);
335 temp += template[i].tap[k];
336 }
337
338 if (template[i].ksize) {
339 if (template[i].ksize > MAX_KEYLEN) {
340 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
341 j, algo, template[i].ksize, MAX_KEYLEN);
342 ret = -EINVAL;
343 goto out;
344 }
345 crypto_ahash_clear_flags(tfm, ~0);
346 memcpy(key, template[i].key, template[i].ksize);
347 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
348
349 if (ret) {
350 printk(KERN_ERR "alg: hash: setkey "
351 "failed on chunking test %d "
352 "for %s: ret=%d\n", j, algo, -ret);
353 goto out;
354 }
355 }
356
357 ahash_request_set_crypt(req, sg, result, template[i].psize);
358 ret = crypto_ahash_digest(req);
359 switch (ret) {
360 case 0:
361 break;
362 case -EINPROGRESS:
363 case -EBUSY:
364 wait_for_completion(&tresult.completion);
365 reinit_completion(&tresult.completion);
366 ret = tresult.err;
367 if (!ret)
368 break;
369 /* fall through */
370 default:
371 printk(KERN_ERR "alg: hash: digest failed "
372 "on chunking test %d for %s: "
373 "ret=%d\n", j, algo, -ret);
374 goto out;
375 }
376
377 if (memcmp(result, template[i].digest,
378 crypto_ahash_digestsize(tfm))) {
379 printk(KERN_ERR "alg: hash: Chunking test %d "
380 "failed for %s\n", j, algo);
381 hexdump(result, crypto_ahash_digestsize(tfm));
382 ret = -EINVAL;
383 goto out;
384 }
385 }
386
387 ret = 0;
388
389 out:
390 ahash_request_free(req);
391 out_noreq:
392 testmgr_free_buf(xbuf);
393 out_nobuf:
394 kfree(key);
395 kfree(result);
396 return ret;
397 }
398
399 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
400 unsigned int tcount, bool use_digest)
401 {
402 unsigned int alignmask;
403 int ret;
404
405 ret = __test_hash(tfm, template, tcount, use_digest, 0);
406 if (ret)
407 return ret;
408
409 /* test unaligned buffers, check with one byte offset */
410 ret = __test_hash(tfm, template, tcount, use_digest, 1);
411 if (ret)
412 return ret;
413
414 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
415 if (alignmask) {
416 /* Check if alignment mask for tfm is correctly set. */
417 ret = __test_hash(tfm, template, tcount, use_digest,
418 alignmask + 1);
419 if (ret)
420 return ret;
421 }
422
423 return 0;
424 }
425
426 static int __test_aead(struct crypto_aead *tfm, int enc,
427 struct aead_testvec *template, unsigned int tcount,
428 const bool diff_dst, const int align_offset)
429 {
430 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
431 unsigned int i, j, k, n, temp;
432 int ret = -ENOMEM;
433 char *q;
434 char *key;
435 struct aead_request *req;
436 struct scatterlist *sg;
437 struct scatterlist *sgout;
438 const char *e, *d;
439 struct tcrypt_result result;
440 unsigned int authsize, iv_len;
441 void *input;
442 void *output;
443 void *assoc;
444 char *iv;
445 char *xbuf[XBUFSIZE];
446 char *xoutbuf[XBUFSIZE];
447 char *axbuf[XBUFSIZE];
448
449 iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
450 if (!iv)
451 return ret;
452 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
453 if (!key)
454 goto out_noxbuf;
455 if (testmgr_alloc_buf(xbuf))
456 goto out_noxbuf;
457 if (testmgr_alloc_buf(axbuf))
458 goto out_noaxbuf;
459 if (diff_dst && testmgr_alloc_buf(xoutbuf))
460 goto out_nooutbuf;
461
462 /* avoid "the frame size is larger than 1024 bytes" compiler warning */
463 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
464 if (!sg)
465 goto out_nosg;
466 sgout = &sg[16];
467
468 if (diff_dst)
469 d = "-ddst";
470 else
471 d = "";
472
473 if (enc == ENCRYPT)
474 e = "encryption";
475 else
476 e = "decryption";
477
478 init_completion(&result.completion);
479
480 req = aead_request_alloc(tfm, GFP_KERNEL);
481 if (!req) {
482 pr_err("alg: aead%s: Failed to allocate request for %s\n",
483 d, algo);
484 goto out;
485 }
486
487 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
488 tcrypt_complete, &result);
489
490 for (i = 0, j = 0; i < tcount; i++) {
491 if (template[i].np)
492 continue;
493
494 j++;
495
496 /* some templates have no input data but they will
497 * touch input
498 */
499 input = xbuf[0];
500 input += align_offset;
501 assoc = axbuf[0];
502
503 ret = -EINVAL;
504 if (WARN_ON(align_offset + template[i].ilen >
505 PAGE_SIZE || template[i].alen > PAGE_SIZE))
506 goto out;
507
508 memcpy(input, template[i].input, template[i].ilen);
509 memcpy(assoc, template[i].assoc, template[i].alen);
510 iv_len = crypto_aead_ivsize(tfm);
511 if (template[i].iv)
512 memcpy(iv, template[i].iv, iv_len);
513 else
514 memset(iv, 0, iv_len);
515
516 crypto_aead_clear_flags(tfm, ~0);
517 if (template[i].wk)
518 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
519
520 if (template[i].klen > MAX_KEYLEN) {
521 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
522 d, j, algo, template[i].klen,
523 MAX_KEYLEN);
524 ret = -EINVAL;
525 goto out;
526 }
527 memcpy(key, template[i].key, template[i].klen);
528
529 ret = crypto_aead_setkey(tfm, key, template[i].klen);
530 if (!ret == template[i].fail) {
531 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
532 d, j, algo, crypto_aead_get_flags(tfm));
533 goto out;
534 } else if (ret)
535 continue;
536
537 authsize = abs(template[i].rlen - template[i].ilen);
538 ret = crypto_aead_setauthsize(tfm, authsize);
539 if (ret) {
540 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
541 d, authsize, j, algo);
542 goto out;
543 }
544
545 k = !!template[i].alen;
546 sg_init_table(sg, k + 1);
547 sg_set_buf(&sg[0], assoc, template[i].alen);
548 sg_set_buf(&sg[k], input,
549 template[i].ilen + (enc ? authsize : 0));
550 output = input;
551
552 if (diff_dst) {
553 sg_init_table(sgout, k + 1);
554 sg_set_buf(&sgout[0], assoc, template[i].alen);
555
556 output = xoutbuf[0];
557 output += align_offset;
558 sg_set_buf(&sgout[k], output,
559 template[i].rlen + (enc ? 0 : authsize));
560 }
561
562 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
563 template[i].ilen, iv);
564
565 aead_request_set_ad(req, template[i].alen);
566
567 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
568
569 switch (ret) {
570 case 0:
571 if (template[i].novrfy) {
572 /* verification was supposed to fail */
573 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
574 d, e, j, algo);
575 /* so really, we got a bad message */
576 ret = -EBADMSG;
577 goto out;
578 }
579 break;
580 case -EINPROGRESS:
581 case -EBUSY:
582 wait_for_completion(&result.completion);
583 reinit_completion(&result.completion);
584 ret = result.err;
585 if (!ret)
586 break;
587 case -EBADMSG:
588 if (template[i].novrfy)
589 /* verification failure was expected */
590 continue;
591 /* fall through */
592 default:
593 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
594 d, e, j, algo, -ret);
595 goto out;
596 }
597
598 q = output;
599 if (memcmp(q, template[i].result, template[i].rlen)) {
600 pr_err("alg: aead%s: Test %d failed on %s for %s\n",
601 d, j, e, algo);
602 hexdump(q, template[i].rlen);
603 ret = -EINVAL;
604 goto out;
605 }
606 }
607
608 for (i = 0, j = 0; i < tcount; i++) {
609 /* alignment tests are only done with continuous buffers */
610 if (align_offset != 0)
611 break;
612
613 if (!template[i].np)
614 continue;
615
616 j++;
617
618 if (template[i].iv)
619 memcpy(iv, template[i].iv, MAX_IVLEN);
620 else
621 memset(iv, 0, MAX_IVLEN);
622
623 crypto_aead_clear_flags(tfm, ~0);
624 if (template[i].wk)
625 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
626 if (template[i].klen > MAX_KEYLEN) {
627 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
628 d, j, algo, template[i].klen, MAX_KEYLEN);
629 ret = -EINVAL;
630 goto out;
631 }
632 memcpy(key, template[i].key, template[i].klen);
633
634 ret = crypto_aead_setkey(tfm, key, template[i].klen);
635 if (!ret == template[i].fail) {
636 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
637 d, j, algo, crypto_aead_get_flags(tfm));
638 goto out;
639 } else if (ret)
640 continue;
641
642 authsize = abs(template[i].rlen - template[i].ilen);
643
644 ret = -EINVAL;
645 sg_init_table(sg, template[i].anp + template[i].np);
646 if (diff_dst)
647 sg_init_table(sgout, template[i].anp + template[i].np);
648
649 ret = -EINVAL;
650 for (k = 0, temp = 0; k < template[i].anp; k++) {
651 if (WARN_ON(offset_in_page(IDX[k]) +
652 template[i].atap[k] > PAGE_SIZE))
653 goto out;
654 sg_set_buf(&sg[k],
655 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
656 offset_in_page(IDX[k]),
657 template[i].assoc + temp,
658 template[i].atap[k]),
659 template[i].atap[k]);
660 if (diff_dst)
661 sg_set_buf(&sgout[k],
662 axbuf[IDX[k] >> PAGE_SHIFT] +
663 offset_in_page(IDX[k]),
664 template[i].atap[k]);
665 temp += template[i].atap[k];
666 }
667
668 for (k = 0, temp = 0; k < template[i].np; k++) {
669 if (WARN_ON(offset_in_page(IDX[k]) +
670 template[i].tap[k] > PAGE_SIZE))
671 goto out;
672
673 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
674 memcpy(q, template[i].input + temp, template[i].tap[k]);
675 sg_set_buf(&sg[template[i].anp + k],
676 q, template[i].tap[k]);
677
678 if (diff_dst) {
679 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
680 offset_in_page(IDX[k]);
681
682 memset(q, 0, template[i].tap[k]);
683
684 sg_set_buf(&sgout[template[i].anp + k],
685 q, template[i].tap[k]);
686 }
687
688 n = template[i].tap[k];
689 if (k == template[i].np - 1 && enc)
690 n += authsize;
691 if (offset_in_page(q) + n < PAGE_SIZE)
692 q[n] = 0;
693
694 temp += template[i].tap[k];
695 }
696
697 ret = crypto_aead_setauthsize(tfm, authsize);
698 if (ret) {
699 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
700 d, authsize, j, algo);
701 goto out;
702 }
703
704 if (enc) {
705 if (WARN_ON(sg[template[i].anp + k - 1].offset +
706 sg[template[i].anp + k - 1].length +
707 authsize > PAGE_SIZE)) {
708 ret = -EINVAL;
709 goto out;
710 }
711
712 if (diff_dst)
713 sgout[template[i].anp + k - 1].length +=
714 authsize;
715 sg[template[i].anp + k - 1].length += authsize;
716 }
717
718 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
719 template[i].ilen,
720 iv);
721
722 aead_request_set_ad(req, template[i].alen);
723
724 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
725
726 switch (ret) {
727 case 0:
728 if (template[i].novrfy) {
729 /* verification was supposed to fail */
730 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
731 d, e, j, algo);
732 /* so really, we got a bad message */
733 ret = -EBADMSG;
734 goto out;
735 }
736 break;
737 case -EINPROGRESS:
738 case -EBUSY:
739 wait_for_completion(&result.completion);
740 reinit_completion(&result.completion);
741 ret = result.err;
742 if (!ret)
743 break;
744 case -EBADMSG:
745 if (template[i].novrfy)
746 /* verification failure was expected */
747 continue;
748 /* fall through */
749 default:
750 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
751 d, e, j, algo, -ret);
752 goto out;
753 }
754
755 ret = -EINVAL;
756 for (k = 0, temp = 0; k < template[i].np; k++) {
757 if (diff_dst)
758 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
759 offset_in_page(IDX[k]);
760 else
761 q = xbuf[IDX[k] >> PAGE_SHIFT] +
762 offset_in_page(IDX[k]);
763
764 n = template[i].tap[k];
765 if (k == template[i].np - 1)
766 n += enc ? authsize : -authsize;
767
768 if (memcmp(q, template[i].result + temp, n)) {
769 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
770 d, j, e, k, algo);
771 hexdump(q, n);
772 goto out;
773 }
774
775 q += n;
776 if (k == template[i].np - 1 && !enc) {
777 if (!diff_dst &&
778 memcmp(q, template[i].input +
779 temp + n, authsize))
780 n = authsize;
781 else
782 n = 0;
783 } else {
784 for (n = 0; offset_in_page(q + n) && q[n]; n++)
785 ;
786 }
787 if (n) {
788 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
789 d, j, e, k, algo, n);
790 hexdump(q, n);
791 goto out;
792 }
793
794 temp += template[i].tap[k];
795 }
796 }
797
798 ret = 0;
799
800 out:
801 aead_request_free(req);
802 kfree(sg);
803 out_nosg:
804 if (diff_dst)
805 testmgr_free_buf(xoutbuf);
806 out_nooutbuf:
807 testmgr_free_buf(axbuf);
808 out_noaxbuf:
809 testmgr_free_buf(xbuf);
810 out_noxbuf:
811 kfree(key);
812 kfree(iv);
813 return ret;
814 }
815
816 static int test_aead(struct crypto_aead *tfm, int enc,
817 struct aead_testvec *template, unsigned int tcount)
818 {
819 unsigned int alignmask;
820 int ret;
821
822 /* test 'dst == src' case */
823 ret = __test_aead(tfm, enc, template, tcount, false, 0);
824 if (ret)
825 return ret;
826
827 /* test 'dst != src' case */
828 ret = __test_aead(tfm, enc, template, tcount, true, 0);
829 if (ret)
830 return ret;
831
832 /* test unaligned buffers, check with one byte offset */
833 ret = __test_aead(tfm, enc, template, tcount, true, 1);
834 if (ret)
835 return ret;
836
837 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
838 if (alignmask) {
839 /* Check if alignment mask for tfm is correctly set. */
840 ret = __test_aead(tfm, enc, template, tcount, true,
841 alignmask + 1);
842 if (ret)
843 return ret;
844 }
845
846 return 0;
847 }
848
849 static int test_cipher(struct crypto_cipher *tfm, int enc,
850 struct cipher_testvec *template, unsigned int tcount)
851 {
852 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
853 unsigned int i, j, k;
854 char *q;
855 const char *e;
856 void *data;
857 char *xbuf[XBUFSIZE];
858 int ret = -ENOMEM;
859
860 if (testmgr_alloc_buf(xbuf))
861 goto out_nobuf;
862
863 if (enc == ENCRYPT)
864 e = "encryption";
865 else
866 e = "decryption";
867
868 j = 0;
869 for (i = 0; i < tcount; i++) {
870 if (template[i].np)
871 continue;
872
873 j++;
874
875 ret = -EINVAL;
876 if (WARN_ON(template[i].ilen > PAGE_SIZE))
877 goto out;
878
879 data = xbuf[0];
880 memcpy(data, template[i].input, template[i].ilen);
881
882 crypto_cipher_clear_flags(tfm, ~0);
883 if (template[i].wk)
884 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
885
886 ret = crypto_cipher_setkey(tfm, template[i].key,
887 template[i].klen);
888 if (!ret == template[i].fail) {
889 printk(KERN_ERR "alg: cipher: setkey failed "
890 "on test %d for %s: flags=%x\n", j,
891 algo, crypto_cipher_get_flags(tfm));
892 goto out;
893 } else if (ret)
894 continue;
895
896 for (k = 0; k < template[i].ilen;
897 k += crypto_cipher_blocksize(tfm)) {
898 if (enc)
899 crypto_cipher_encrypt_one(tfm, data + k,
900 data + k);
901 else
902 crypto_cipher_decrypt_one(tfm, data + k,
903 data + k);
904 }
905
906 q = data;
907 if (memcmp(q, template[i].result, template[i].rlen)) {
908 printk(KERN_ERR "alg: cipher: Test %d failed "
909 "on %s for %s\n", j, e, algo);
910 hexdump(q, template[i].rlen);
911 ret = -EINVAL;
912 goto out;
913 }
914 }
915
916 ret = 0;
917
918 out:
919 testmgr_free_buf(xbuf);
920 out_nobuf:
921 return ret;
922 }
923
924 static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
925 struct cipher_testvec *template, unsigned int tcount,
926 const bool diff_dst, const int align_offset)
927 {
928 const char *algo =
929 crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm));
930 unsigned int i, j, k, n, temp;
931 char *q;
932 struct ablkcipher_request *req;
933 struct scatterlist sg[8];
934 struct scatterlist sgout[8];
935 const char *e, *d;
936 struct tcrypt_result result;
937 void *data;
938 char iv[MAX_IVLEN];
939 char *xbuf[XBUFSIZE];
940 char *xoutbuf[XBUFSIZE];
941 int ret = -ENOMEM;
942
943 if (testmgr_alloc_buf(xbuf))
944 goto out_nobuf;
945
946 if (diff_dst && testmgr_alloc_buf(xoutbuf))
947 goto out_nooutbuf;
948
949 if (diff_dst)
950 d = "-ddst";
951 else
952 d = "";
953
954 if (enc == ENCRYPT)
955 e = "encryption";
956 else
957 e = "decryption";
958
959 init_completion(&result.completion);
960
961 req = ablkcipher_request_alloc(tfm, GFP_KERNEL);
962 if (!req) {
963 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
964 d, algo);
965 goto out;
966 }
967
968 ablkcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
969 tcrypt_complete, &result);
970
971 j = 0;
972 for (i = 0; i < tcount; i++) {
973 if (template[i].np && !template[i].also_non_np)
974 continue;
975
976 if (template[i].iv)
977 memcpy(iv, template[i].iv, MAX_IVLEN);
978 else
979 memset(iv, 0, MAX_IVLEN);
980
981 j++;
982 ret = -EINVAL;
983 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
984 goto out;
985
986 data = xbuf[0];
987 data += align_offset;
988 memcpy(data, template[i].input, template[i].ilen);
989
990 crypto_ablkcipher_clear_flags(tfm, ~0);
991 if (template[i].wk)
992 crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
993
994 ret = crypto_ablkcipher_setkey(tfm, template[i].key,
995 template[i].klen);
996 if (!ret == template[i].fail) {
997 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
998 d, j, algo, crypto_ablkcipher_get_flags(tfm));
999 goto out;
1000 } else if (ret)
1001 continue;
1002
1003 sg_init_one(&sg[0], data, template[i].ilen);
1004 if (diff_dst) {
1005 data = xoutbuf[0];
1006 data += align_offset;
1007 sg_init_one(&sgout[0], data, template[i].ilen);
1008 }
1009
1010 ablkcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1011 template[i].ilen, iv);
1012 ret = enc ? crypto_ablkcipher_encrypt(req) :
1013 crypto_ablkcipher_decrypt(req);
1014
1015 switch (ret) {
1016 case 0:
1017 break;
1018 case -EINPROGRESS:
1019 case -EBUSY:
1020 wait_for_completion(&result.completion);
1021 reinit_completion(&result.completion);
1022 ret = result.err;
1023 if (!ret)
1024 break;
1025 /* fall through */
1026 default:
1027 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
1028 d, e, j, algo, -ret);
1029 goto out;
1030 }
1031
1032 q = data;
1033 if (memcmp(q, template[i].result, template[i].rlen)) {
1034 pr_err("alg: skcipher%s: Test %d failed on %s for %s\n",
1035 d, j, e, algo);
1036 hexdump(q, template[i].rlen);
1037 ret = -EINVAL;
1038 goto out;
1039 }
1040 }
1041
1042 j = 0;
1043 for (i = 0; i < tcount; i++) {
1044 /* alignment tests are only done with continuous buffers */
1045 if (align_offset != 0)
1046 break;
1047
1048 if (!template[i].np)
1049 continue;
1050
1051 if (template[i].iv)
1052 memcpy(iv, template[i].iv, MAX_IVLEN);
1053 else
1054 memset(iv, 0, MAX_IVLEN);
1055
1056 j++;
1057 crypto_ablkcipher_clear_flags(tfm, ~0);
1058 if (template[i].wk)
1059 crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1060
1061 ret = crypto_ablkcipher_setkey(tfm, template[i].key,
1062 template[i].klen);
1063 if (!ret == template[i].fail) {
1064 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
1065 d, j, algo, crypto_ablkcipher_get_flags(tfm));
1066 goto out;
1067 } else if (ret)
1068 continue;
1069
1070 temp = 0;
1071 ret = -EINVAL;
1072 sg_init_table(sg, template[i].np);
1073 if (diff_dst)
1074 sg_init_table(sgout, template[i].np);
1075 for (k = 0; k < template[i].np; k++) {
1076 if (WARN_ON(offset_in_page(IDX[k]) +
1077 template[i].tap[k] > PAGE_SIZE))
1078 goto out;
1079
1080 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
1081
1082 memcpy(q, template[i].input + temp, template[i].tap[k]);
1083
1084 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
1085 q[template[i].tap[k]] = 0;
1086
1087 sg_set_buf(&sg[k], q, template[i].tap[k]);
1088 if (diff_dst) {
1089 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1090 offset_in_page(IDX[k]);
1091
1092 sg_set_buf(&sgout[k], q, template[i].tap[k]);
1093
1094 memset(q, 0, template[i].tap[k]);
1095 if (offset_in_page(q) +
1096 template[i].tap[k] < PAGE_SIZE)
1097 q[template[i].tap[k]] = 0;
1098 }
1099
1100 temp += template[i].tap[k];
1101 }
1102
1103 ablkcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1104 template[i].ilen, iv);
1105
1106 ret = enc ? crypto_ablkcipher_encrypt(req) :
1107 crypto_ablkcipher_decrypt(req);
1108
1109 switch (ret) {
1110 case 0:
1111 break;
1112 case -EINPROGRESS:
1113 case -EBUSY:
1114 wait_for_completion(&result.completion);
1115 reinit_completion(&result.completion);
1116 ret = result.err;
1117 if (!ret)
1118 break;
1119 /* fall through */
1120 default:
1121 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
1122 d, e, j, algo, -ret);
1123 goto out;
1124 }
1125
1126 temp = 0;
1127 ret = -EINVAL;
1128 for (k = 0; k < template[i].np; k++) {
1129 if (diff_dst)
1130 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1131 offset_in_page(IDX[k]);
1132 else
1133 q = xbuf[IDX[k] >> PAGE_SHIFT] +
1134 offset_in_page(IDX[k]);
1135
1136 if (memcmp(q, template[i].result + temp,
1137 template[i].tap[k])) {
1138 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
1139 d, j, e, k, algo);
1140 hexdump(q, template[i].tap[k]);
1141 goto out;
1142 }
1143
1144 q += template[i].tap[k];
1145 for (n = 0; offset_in_page(q + n) && q[n]; n++)
1146 ;
1147 if (n) {
1148 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
1149 d, j, e, k, algo, n);
1150 hexdump(q, n);
1151 goto out;
1152 }
1153 temp += template[i].tap[k];
1154 }
1155 }
1156
1157 ret = 0;
1158
1159 out:
1160 ablkcipher_request_free(req);
1161 if (diff_dst)
1162 testmgr_free_buf(xoutbuf);
1163 out_nooutbuf:
1164 testmgr_free_buf(xbuf);
1165 out_nobuf:
1166 return ret;
1167 }
1168
1169 static int test_skcipher(struct crypto_ablkcipher *tfm, int enc,
1170 struct cipher_testvec *template, unsigned int tcount)
1171 {
1172 unsigned int alignmask;
1173 int ret;
1174
1175 /* test 'dst == src' case */
1176 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1177 if (ret)
1178 return ret;
1179
1180 /* test 'dst != src' case */
1181 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1182 if (ret)
1183 return ret;
1184
1185 /* test unaligned buffers, check with one byte offset */
1186 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1187 if (ret)
1188 return ret;
1189
1190 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1191 if (alignmask) {
1192 /* Check if alignment mask for tfm is correctly set. */
1193 ret = __test_skcipher(tfm, enc, template, tcount, true,
1194 alignmask + 1);
1195 if (ret)
1196 return ret;
1197 }
1198
1199 return 0;
1200 }
1201
1202 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
1203 struct comp_testvec *dtemplate, int ctcount, int dtcount)
1204 {
1205 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
1206 unsigned int i;
1207 char result[COMP_BUF_SIZE];
1208 int ret;
1209
1210 for (i = 0; i < ctcount; i++) {
1211 int ilen;
1212 unsigned int dlen = COMP_BUF_SIZE;
1213
1214 memset(result, 0, sizeof (result));
1215
1216 ilen = ctemplate[i].inlen;
1217 ret = crypto_comp_compress(tfm, ctemplate[i].input,
1218 ilen, result, &dlen);
1219 if (ret) {
1220 printk(KERN_ERR "alg: comp: compression failed "
1221 "on test %d for %s: ret=%d\n", i + 1, algo,
1222 -ret);
1223 goto out;
1224 }
1225
1226 if (dlen != ctemplate[i].outlen) {
1227 printk(KERN_ERR "alg: comp: Compression test %d "
1228 "failed for %s: output len = %d\n", i + 1, algo,
1229 dlen);
1230 ret = -EINVAL;
1231 goto out;
1232 }
1233
1234 if (memcmp(result, ctemplate[i].output, dlen)) {
1235 printk(KERN_ERR "alg: comp: Compression test %d "
1236 "failed for %s\n", i + 1, algo);
1237 hexdump(result, dlen);
1238 ret = -EINVAL;
1239 goto out;
1240 }
1241 }
1242
1243 for (i = 0; i < dtcount; i++) {
1244 int ilen;
1245 unsigned int dlen = COMP_BUF_SIZE;
1246
1247 memset(result, 0, sizeof (result));
1248
1249 ilen = dtemplate[i].inlen;
1250 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
1251 ilen, result, &dlen);
1252 if (ret) {
1253 printk(KERN_ERR "alg: comp: decompression failed "
1254 "on test %d for %s: ret=%d\n", i + 1, algo,
1255 -ret);
1256 goto out;
1257 }
1258
1259 if (dlen != dtemplate[i].outlen) {
1260 printk(KERN_ERR "alg: comp: Decompression test %d "
1261 "failed for %s: output len = %d\n", i + 1, algo,
1262 dlen);
1263 ret = -EINVAL;
1264 goto out;
1265 }
1266
1267 if (memcmp(result, dtemplate[i].output, dlen)) {
1268 printk(KERN_ERR "alg: comp: Decompression test %d "
1269 "failed for %s\n", i + 1, algo);
1270 hexdump(result, dlen);
1271 ret = -EINVAL;
1272 goto out;
1273 }
1274 }
1275
1276 ret = 0;
1277
1278 out:
1279 return ret;
1280 }
1281
1282 static int test_pcomp(struct crypto_pcomp *tfm,
1283 struct pcomp_testvec *ctemplate,
1284 struct pcomp_testvec *dtemplate, int ctcount,
1285 int dtcount)
1286 {
1287 const char *algo = crypto_tfm_alg_driver_name(crypto_pcomp_tfm(tfm));
1288 unsigned int i;
1289 char result[COMP_BUF_SIZE];
1290 int res;
1291
1292 for (i = 0; i < ctcount; i++) {
1293 struct comp_request req;
1294 unsigned int produced = 0;
1295
1296 res = crypto_compress_setup(tfm, ctemplate[i].params,
1297 ctemplate[i].paramsize);
1298 if (res) {
1299 pr_err("alg: pcomp: compression setup failed on test "
1300 "%d for %s: error=%d\n", i + 1, algo, res);
1301 return res;
1302 }
1303
1304 res = crypto_compress_init(tfm);
1305 if (res) {
1306 pr_err("alg: pcomp: compression init failed on test "
1307 "%d for %s: error=%d\n", i + 1, algo, res);
1308 return res;
1309 }
1310
1311 memset(result, 0, sizeof(result));
1312
1313 req.next_in = ctemplate[i].input;
1314 req.avail_in = ctemplate[i].inlen / 2;
1315 req.next_out = result;
1316 req.avail_out = ctemplate[i].outlen / 2;
1317
1318 res = crypto_compress_update(tfm, &req);
1319 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1320 pr_err("alg: pcomp: compression update failed on test "
1321 "%d for %s: error=%d\n", i + 1, algo, res);
1322 return res;
1323 }
1324 if (res > 0)
1325 produced += res;
1326
1327 /* Add remaining input data */
1328 req.avail_in += (ctemplate[i].inlen + 1) / 2;
1329
1330 res = crypto_compress_update(tfm, &req);
1331 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1332 pr_err("alg: pcomp: compression update failed on test "
1333 "%d for %s: error=%d\n", i + 1, algo, res);
1334 return res;
1335 }
1336 if (res > 0)
1337 produced += res;
1338
1339 /* Provide remaining output space */
1340 req.avail_out += COMP_BUF_SIZE - ctemplate[i].outlen / 2;
1341
1342 res = crypto_compress_final(tfm, &req);
1343 if (res < 0) {
1344 pr_err("alg: pcomp: compression final failed on test "
1345 "%d for %s: error=%d\n", i + 1, algo, res);
1346 return res;
1347 }
1348 produced += res;
1349
1350 if (COMP_BUF_SIZE - req.avail_out != ctemplate[i].outlen) {
1351 pr_err("alg: comp: Compression test %d failed for %s: "
1352 "output len = %d (expected %d)\n", i + 1, algo,
1353 COMP_BUF_SIZE - req.avail_out,
1354 ctemplate[i].outlen);
1355 return -EINVAL;
1356 }
1357
1358 if (produced != ctemplate[i].outlen) {
1359 pr_err("alg: comp: Compression test %d failed for %s: "
1360 "returned len = %u (expected %d)\n", i + 1,
1361 algo, produced, ctemplate[i].outlen);
1362 return -EINVAL;
1363 }
1364
1365 if (memcmp(result, ctemplate[i].output, ctemplate[i].outlen)) {
1366 pr_err("alg: pcomp: Compression test %d failed for "
1367 "%s\n", i + 1, algo);
1368 hexdump(result, ctemplate[i].outlen);
1369 return -EINVAL;
1370 }
1371 }
1372
1373 for (i = 0; i < dtcount; i++) {
1374 struct comp_request req;
1375 unsigned int produced = 0;
1376
1377 res = crypto_decompress_setup(tfm, dtemplate[i].params,
1378 dtemplate[i].paramsize);
1379 if (res) {
1380 pr_err("alg: pcomp: decompression setup failed on "
1381 "test %d for %s: error=%d\n", i + 1, algo, res);
1382 return res;
1383 }
1384
1385 res = crypto_decompress_init(tfm);
1386 if (res) {
1387 pr_err("alg: pcomp: decompression init failed on test "
1388 "%d for %s: error=%d\n", i + 1, algo, res);
1389 return res;
1390 }
1391
1392 memset(result, 0, sizeof(result));
1393
1394 req.next_in = dtemplate[i].input;
1395 req.avail_in = dtemplate[i].inlen / 2;
1396 req.next_out = result;
1397 req.avail_out = dtemplate[i].outlen / 2;
1398
1399 res = crypto_decompress_update(tfm, &req);
1400 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1401 pr_err("alg: pcomp: decompression update failed on "
1402 "test %d for %s: error=%d\n", i + 1, algo, res);
1403 return res;
1404 }
1405 if (res > 0)
1406 produced += res;
1407
1408 /* Add remaining input data */
1409 req.avail_in += (dtemplate[i].inlen + 1) / 2;
1410
1411 res = crypto_decompress_update(tfm, &req);
1412 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1413 pr_err("alg: pcomp: decompression update failed on "
1414 "test %d for %s: error=%d\n", i + 1, algo, res);
1415 return res;
1416 }
1417 if (res > 0)
1418 produced += res;
1419
1420 /* Provide remaining output space */
1421 req.avail_out += COMP_BUF_SIZE - dtemplate[i].outlen / 2;
1422
1423 res = crypto_decompress_final(tfm, &req);
1424 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1425 pr_err("alg: pcomp: decompression final failed on "
1426 "test %d for %s: error=%d\n", i + 1, algo, res);
1427 return res;
1428 }
1429 if (res > 0)
1430 produced += res;
1431
1432 if (COMP_BUF_SIZE - req.avail_out != dtemplate[i].outlen) {
1433 pr_err("alg: comp: Decompression test %d failed for "
1434 "%s: output len = %d (expected %d)\n", i + 1,
1435 algo, COMP_BUF_SIZE - req.avail_out,
1436 dtemplate[i].outlen);
1437 return -EINVAL;
1438 }
1439
1440 if (produced != dtemplate[i].outlen) {
1441 pr_err("alg: comp: Decompression test %d failed for "
1442 "%s: returned len = %u (expected %d)\n", i + 1,
1443 algo, produced, dtemplate[i].outlen);
1444 return -EINVAL;
1445 }
1446
1447 if (memcmp(result, dtemplate[i].output, dtemplate[i].outlen)) {
1448 pr_err("alg: pcomp: Decompression test %d failed for "
1449 "%s\n", i + 1, algo);
1450 hexdump(result, dtemplate[i].outlen);
1451 return -EINVAL;
1452 }
1453 }
1454
1455 return 0;
1456 }
1457
1458
1459 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template,
1460 unsigned int tcount)
1461 {
1462 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
1463 int err = 0, i, j, seedsize;
1464 u8 *seed;
1465 char result[32];
1466
1467 seedsize = crypto_rng_seedsize(tfm);
1468
1469 seed = kmalloc(seedsize, GFP_KERNEL);
1470 if (!seed) {
1471 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
1472 "for %s\n", algo);
1473 return -ENOMEM;
1474 }
1475
1476 for (i = 0; i < tcount; i++) {
1477 memset(result, 0, 32);
1478
1479 memcpy(seed, template[i].v, template[i].vlen);
1480 memcpy(seed + template[i].vlen, template[i].key,
1481 template[i].klen);
1482 memcpy(seed + template[i].vlen + template[i].klen,
1483 template[i].dt, template[i].dtlen);
1484
1485 err = crypto_rng_reset(tfm, seed, seedsize);
1486 if (err) {
1487 printk(KERN_ERR "alg: cprng: Failed to reset rng "
1488 "for %s\n", algo);
1489 goto out;
1490 }
1491
1492 for (j = 0; j < template[i].loops; j++) {
1493 err = crypto_rng_get_bytes(tfm, result,
1494 template[i].rlen);
1495 if (err < 0) {
1496 printk(KERN_ERR "alg: cprng: Failed to obtain "
1497 "the correct amount of random data for "
1498 "%s (requested %d)\n", algo,
1499 template[i].rlen);
1500 goto out;
1501 }
1502 }
1503
1504 err = memcmp(result, template[i].result,
1505 template[i].rlen);
1506 if (err) {
1507 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
1508 i, algo);
1509 hexdump(result, template[i].rlen);
1510 err = -EINVAL;
1511 goto out;
1512 }
1513 }
1514
1515 out:
1516 kfree(seed);
1517 return err;
1518 }
1519
1520 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
1521 u32 type, u32 mask)
1522 {
1523 struct crypto_aead *tfm;
1524 int err = 0;
1525
1526 tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask);
1527 if (IS_ERR(tfm)) {
1528 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
1529 "%ld\n", driver, PTR_ERR(tfm));
1530 return PTR_ERR(tfm);
1531 }
1532
1533 if (desc->suite.aead.enc.vecs) {
1534 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
1535 desc->suite.aead.enc.count);
1536 if (err)
1537 goto out;
1538 }
1539
1540 if (!err && desc->suite.aead.dec.vecs)
1541 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
1542 desc->suite.aead.dec.count);
1543
1544 out:
1545 crypto_free_aead(tfm);
1546 return err;
1547 }
1548
1549 static int alg_test_cipher(const struct alg_test_desc *desc,
1550 const char *driver, u32 type, u32 mask)
1551 {
1552 struct crypto_cipher *tfm;
1553 int err = 0;
1554
1555 tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1556 if (IS_ERR(tfm)) {
1557 printk(KERN_ERR "alg: cipher: Failed to load transform for "
1558 "%s: %ld\n", driver, PTR_ERR(tfm));
1559 return PTR_ERR(tfm);
1560 }
1561
1562 if (desc->suite.cipher.enc.vecs) {
1563 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1564 desc->suite.cipher.enc.count);
1565 if (err)
1566 goto out;
1567 }
1568
1569 if (desc->suite.cipher.dec.vecs)
1570 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1571 desc->suite.cipher.dec.count);
1572
1573 out:
1574 crypto_free_cipher(tfm);
1575 return err;
1576 }
1577
1578 static int alg_test_skcipher(const struct alg_test_desc *desc,
1579 const char *driver, u32 type, u32 mask)
1580 {
1581 struct crypto_ablkcipher *tfm;
1582 int err = 0;
1583
1584 tfm = crypto_alloc_ablkcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1585 if (IS_ERR(tfm)) {
1586 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
1587 "%s: %ld\n", driver, PTR_ERR(tfm));
1588 return PTR_ERR(tfm);
1589 }
1590
1591 if (desc->suite.cipher.enc.vecs) {
1592 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1593 desc->suite.cipher.enc.count);
1594 if (err)
1595 goto out;
1596 }
1597
1598 if (desc->suite.cipher.dec.vecs)
1599 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1600 desc->suite.cipher.dec.count);
1601
1602 out:
1603 crypto_free_ablkcipher(tfm);
1604 return err;
1605 }
1606
1607 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
1608 u32 type, u32 mask)
1609 {
1610 struct crypto_comp *tfm;
1611 int err;
1612
1613 tfm = crypto_alloc_comp(driver, type, mask);
1614 if (IS_ERR(tfm)) {
1615 printk(KERN_ERR "alg: comp: Failed to load transform for %s: "
1616 "%ld\n", driver, PTR_ERR(tfm));
1617 return PTR_ERR(tfm);
1618 }
1619
1620 err = test_comp(tfm, desc->suite.comp.comp.vecs,
1621 desc->suite.comp.decomp.vecs,
1622 desc->suite.comp.comp.count,
1623 desc->suite.comp.decomp.count);
1624
1625 crypto_free_comp(tfm);
1626 return err;
1627 }
1628
1629 static int alg_test_pcomp(const struct alg_test_desc *desc, const char *driver,
1630 u32 type, u32 mask)
1631 {
1632 struct crypto_pcomp *tfm;
1633 int err;
1634
1635 tfm = crypto_alloc_pcomp(driver, type, mask);
1636 if (IS_ERR(tfm)) {
1637 pr_err("alg: pcomp: Failed to load transform for %s: %ld\n",
1638 driver, PTR_ERR(tfm));
1639 return PTR_ERR(tfm);
1640 }
1641
1642 err = test_pcomp(tfm, desc->suite.pcomp.comp.vecs,
1643 desc->suite.pcomp.decomp.vecs,
1644 desc->suite.pcomp.comp.count,
1645 desc->suite.pcomp.decomp.count);
1646
1647 crypto_free_pcomp(tfm);
1648 return err;
1649 }
1650
1651 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
1652 u32 type, u32 mask)
1653 {
1654 struct crypto_ahash *tfm;
1655 int err;
1656
1657 tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1658 if (IS_ERR(tfm)) {
1659 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
1660 "%ld\n", driver, PTR_ERR(tfm));
1661 return PTR_ERR(tfm);
1662 }
1663
1664 err = test_hash(tfm, desc->suite.hash.vecs,
1665 desc->suite.hash.count, true);
1666 if (!err)
1667 err = test_hash(tfm, desc->suite.hash.vecs,
1668 desc->suite.hash.count, false);
1669
1670 crypto_free_ahash(tfm);
1671 return err;
1672 }
1673
1674 static int alg_test_crc32c(const struct alg_test_desc *desc,
1675 const char *driver, u32 type, u32 mask)
1676 {
1677 struct crypto_shash *tfm;
1678 u32 val;
1679 int err;
1680
1681 err = alg_test_hash(desc, driver, type, mask);
1682 if (err)
1683 goto out;
1684
1685 tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1686 if (IS_ERR(tfm)) {
1687 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
1688 "%ld\n", driver, PTR_ERR(tfm));
1689 err = PTR_ERR(tfm);
1690 goto out;
1691 }
1692
1693 do {
1694 SHASH_DESC_ON_STACK(shash, tfm);
1695 u32 *ctx = (u32 *)shash_desc_ctx(shash);
1696
1697 shash->tfm = tfm;
1698 shash->flags = 0;
1699
1700 *ctx = le32_to_cpu(420553207);
1701 err = crypto_shash_final(shash, (u8 *)&val);
1702 if (err) {
1703 printk(KERN_ERR "alg: crc32c: Operation failed for "
1704 "%s: %d\n", driver, err);
1705 break;
1706 }
1707
1708 if (val != ~420553207) {
1709 printk(KERN_ERR "alg: crc32c: Test failed for %s: "
1710 "%d\n", driver, val);
1711 err = -EINVAL;
1712 }
1713 } while (0);
1714
1715 crypto_free_shash(tfm);
1716
1717 out:
1718 return err;
1719 }
1720
1721 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1722 u32 type, u32 mask)
1723 {
1724 struct crypto_rng *rng;
1725 int err;
1726
1727 rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1728 if (IS_ERR(rng)) {
1729 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
1730 "%ld\n", driver, PTR_ERR(rng));
1731 return PTR_ERR(rng);
1732 }
1733
1734 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
1735
1736 crypto_free_rng(rng);
1737
1738 return err;
1739 }
1740
1741
1742 static int drbg_cavs_test(struct drbg_testvec *test, int pr,
1743 const char *driver, u32 type, u32 mask)
1744 {
1745 int ret = -EAGAIN;
1746 struct crypto_rng *drng;
1747 struct drbg_test_data test_data;
1748 struct drbg_string addtl, pers, testentropy;
1749 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
1750
1751 if (!buf)
1752 return -ENOMEM;
1753
1754 drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1755 if (IS_ERR(drng)) {
1756 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
1757 "%s\n", driver);
1758 kzfree(buf);
1759 return -ENOMEM;
1760 }
1761
1762 test_data.testentropy = &testentropy;
1763 drbg_string_fill(&testentropy, test->entropy, test->entropylen);
1764 drbg_string_fill(&pers, test->pers, test->perslen);
1765 ret = crypto_drbg_reset_test(drng, &pers, &test_data);
1766 if (ret) {
1767 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
1768 goto outbuf;
1769 }
1770
1771 drbg_string_fill(&addtl, test->addtla, test->addtllen);
1772 if (pr) {
1773 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
1774 ret = crypto_drbg_get_bytes_addtl_test(drng,
1775 buf, test->expectedlen, &addtl, &test_data);
1776 } else {
1777 ret = crypto_drbg_get_bytes_addtl(drng,
1778 buf, test->expectedlen, &addtl);
1779 }
1780 if (ret < 0) {
1781 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1782 "driver %s\n", driver);
1783 goto outbuf;
1784 }
1785
1786 drbg_string_fill(&addtl, test->addtlb, test->addtllen);
1787 if (pr) {
1788 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
1789 ret = crypto_drbg_get_bytes_addtl_test(drng,
1790 buf, test->expectedlen, &addtl, &test_data);
1791 } else {
1792 ret = crypto_drbg_get_bytes_addtl(drng,
1793 buf, test->expectedlen, &addtl);
1794 }
1795 if (ret < 0) {
1796 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1797 "driver %s\n", driver);
1798 goto outbuf;
1799 }
1800
1801 ret = memcmp(test->expected, buf, test->expectedlen);
1802
1803 outbuf:
1804 crypto_free_rng(drng);
1805 kzfree(buf);
1806 return ret;
1807 }
1808
1809
1810 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
1811 u32 type, u32 mask)
1812 {
1813 int err = 0;
1814 int pr = 0;
1815 int i = 0;
1816 struct drbg_testvec *template = desc->suite.drbg.vecs;
1817 unsigned int tcount = desc->suite.drbg.count;
1818
1819 if (0 == memcmp(driver, "drbg_pr_", 8))
1820 pr = 1;
1821
1822 for (i = 0; i < tcount; i++) {
1823 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
1824 if (err) {
1825 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
1826 i, driver);
1827 err = -EINVAL;
1828 break;
1829 }
1830 }
1831 return err;
1832
1833 }
1834
1835 static int do_test_rsa(struct crypto_akcipher *tfm,
1836 struct akcipher_testvec *vecs)
1837 {
1838 struct akcipher_request *req;
1839 void *outbuf_enc = NULL;
1840 void *outbuf_dec = NULL;
1841 struct tcrypt_result result;
1842 unsigned int out_len_max, out_len = 0;
1843 int err = -ENOMEM;
1844
1845 req = akcipher_request_alloc(tfm, GFP_KERNEL);
1846 if (!req)
1847 return err;
1848
1849 init_completion(&result.completion);
1850 err = crypto_akcipher_setkey(tfm, vecs->key, vecs->key_len);
1851 if (err)
1852 goto free_req;
1853
1854 akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
1855 out_len);
1856 /* expect this to fail, and update the required buf len */
1857 crypto_akcipher_encrypt(req);
1858 out_len = req->dst_len;
1859 if (!out_len) {
1860 err = -EINVAL;
1861 goto free_req;
1862 }
1863
1864 out_len_max = out_len;
1865 err = -ENOMEM;
1866 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
1867 if (!outbuf_enc)
1868 goto free_req;
1869
1870 akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
1871 out_len);
1872 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1873 tcrypt_complete, &result);
1874
1875 /* Run RSA encrypt - c = m^e mod n;*/
1876 err = wait_async_op(&result, crypto_akcipher_encrypt(req));
1877 if (err) {
1878 pr_err("alg: rsa: encrypt test failed. err %d\n", err);
1879 goto free_all;
1880 }
1881 if (out_len != vecs->c_size) {
1882 pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
1883 err = -EINVAL;
1884 goto free_all;
1885 }
1886 /* verify that encrypted message is equal to expected */
1887 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
1888 pr_err("alg: rsa: encrypt test failed. Invalid output\n");
1889 err = -EINVAL;
1890 goto free_all;
1891 }
1892 /* Don't invoke decrypt for vectors with public key */
1893 if (vecs->public_key_vec) {
1894 err = 0;
1895 goto free_all;
1896 }
1897 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
1898 if (!outbuf_dec) {
1899 err = -ENOMEM;
1900 goto free_all;
1901 }
1902 init_completion(&result.completion);
1903 akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs->c_size,
1904 out_len);
1905
1906 /* Run RSA decrypt - m = c^d mod n;*/
1907 err = wait_async_op(&result, crypto_akcipher_decrypt(req));
1908 if (err) {
1909 pr_err("alg: rsa: decrypt test failed. err %d\n", err);
1910 goto free_all;
1911 }
1912 out_len = req->dst_len;
1913 if (out_len != vecs->m_size) {
1914 pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
1915 err = -EINVAL;
1916 goto free_all;
1917 }
1918 /* verify that decrypted message is equal to the original msg */
1919 if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
1920 pr_err("alg: rsa: decrypt test failed. Invalid output\n");
1921 err = -EINVAL;
1922 }
1923 free_all:
1924 kfree(outbuf_dec);
1925 kfree(outbuf_enc);
1926 free_req:
1927 akcipher_request_free(req);
1928 return err;
1929 }
1930
1931 static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs,
1932 unsigned int tcount)
1933 {
1934 int ret, i;
1935
1936 for (i = 0; i < tcount; i++) {
1937 ret = do_test_rsa(tfm, vecs++);
1938 if (ret) {
1939 pr_err("alg: rsa: test failed on vector %d, err=%d\n",
1940 i + 1, ret);
1941 return ret;
1942 }
1943 }
1944 return 0;
1945 }
1946
1947 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
1948 struct akcipher_testvec *vecs, unsigned int tcount)
1949 {
1950 if (strncmp(alg, "rsa", 3) == 0)
1951 return test_rsa(tfm, vecs, tcount);
1952
1953 return 0;
1954 }
1955
1956 static int alg_test_akcipher(const struct alg_test_desc *desc,
1957 const char *driver, u32 type, u32 mask)
1958 {
1959 struct crypto_akcipher *tfm;
1960 int err = 0;
1961
1962 tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1963 if (IS_ERR(tfm)) {
1964 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
1965 driver, PTR_ERR(tfm));
1966 return PTR_ERR(tfm);
1967 }
1968 if (desc->suite.akcipher.vecs)
1969 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
1970 desc->suite.akcipher.count);
1971
1972 crypto_free_akcipher(tfm);
1973 return err;
1974 }
1975
1976 static int alg_test_null(const struct alg_test_desc *desc,
1977 const char *driver, u32 type, u32 mask)
1978 {
1979 return 0;
1980 }
1981
1982 /* Please keep this list sorted by algorithm name. */
1983 static const struct alg_test_desc alg_test_descs[] = {
1984 {
1985 .alg = "__cbc-cast5-avx",
1986 .test = alg_test_null,
1987 }, {
1988 .alg = "__cbc-cast6-avx",
1989 .test = alg_test_null,
1990 }, {
1991 .alg = "__cbc-serpent-avx",
1992 .test = alg_test_null,
1993 }, {
1994 .alg = "__cbc-serpent-avx2",
1995 .test = alg_test_null,
1996 }, {
1997 .alg = "__cbc-serpent-sse2",
1998 .test = alg_test_null,
1999 }, {
2000 .alg = "__cbc-twofish-avx",
2001 .test = alg_test_null,
2002 }, {
2003 .alg = "__driver-cbc-aes-aesni",
2004 .test = alg_test_null,
2005 .fips_allowed = 1,
2006 }, {
2007 .alg = "__driver-cbc-camellia-aesni",
2008 .test = alg_test_null,
2009 }, {
2010 .alg = "__driver-cbc-camellia-aesni-avx2",
2011 .test = alg_test_null,
2012 }, {
2013 .alg = "__driver-cbc-cast5-avx",
2014 .test = alg_test_null,
2015 }, {
2016 .alg = "__driver-cbc-cast6-avx",
2017 .test = alg_test_null,
2018 }, {
2019 .alg = "__driver-cbc-serpent-avx",
2020 .test = alg_test_null,
2021 }, {
2022 .alg = "__driver-cbc-serpent-avx2",
2023 .test = alg_test_null,
2024 }, {
2025 .alg = "__driver-cbc-serpent-sse2",
2026 .test = alg_test_null,
2027 }, {
2028 .alg = "__driver-cbc-twofish-avx",
2029 .test = alg_test_null,
2030 }, {
2031 .alg = "__driver-ecb-aes-aesni",
2032 .test = alg_test_null,
2033 .fips_allowed = 1,
2034 }, {
2035 .alg = "__driver-ecb-camellia-aesni",
2036 .test = alg_test_null,
2037 }, {
2038 .alg = "__driver-ecb-camellia-aesni-avx2",
2039 .test = alg_test_null,
2040 }, {
2041 .alg = "__driver-ecb-cast5-avx",
2042 .test = alg_test_null,
2043 }, {
2044 .alg = "__driver-ecb-cast6-avx",
2045 .test = alg_test_null,
2046 }, {
2047 .alg = "__driver-ecb-serpent-avx",
2048 .test = alg_test_null,
2049 }, {
2050 .alg = "__driver-ecb-serpent-avx2",
2051 .test = alg_test_null,
2052 }, {
2053 .alg = "__driver-ecb-serpent-sse2",
2054 .test = alg_test_null,
2055 }, {
2056 .alg = "__driver-ecb-twofish-avx",
2057 .test = alg_test_null,
2058 }, {
2059 .alg = "__ghash-pclmulqdqni",
2060 .test = alg_test_null,
2061 .fips_allowed = 1,
2062 }, {
2063 .alg = "ansi_cprng",
2064 .test = alg_test_cprng,
2065 .fips_allowed = 1,
2066 .suite = {
2067 .cprng = {
2068 .vecs = ansi_cprng_aes_tv_template,
2069 .count = ANSI_CPRNG_AES_TEST_VECTORS
2070 }
2071 }
2072 }, {
2073 .alg = "authenc(hmac(md5),ecb(cipher_null))",
2074 .test = alg_test_aead,
2075 .fips_allowed = 1,
2076 .suite = {
2077 .aead = {
2078 .enc = {
2079 .vecs = hmac_md5_ecb_cipher_null_enc_tv_template,
2080 .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS
2081 },
2082 .dec = {
2083 .vecs = hmac_md5_ecb_cipher_null_dec_tv_template,
2084 .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS
2085 }
2086 }
2087 }
2088 }, {
2089 .alg = "authenc(hmac(sha1),cbc(aes))",
2090 .test = alg_test_aead,
2091 .fips_allowed = 1,
2092 .suite = {
2093 .aead = {
2094 .enc = {
2095 .vecs =
2096 hmac_sha1_aes_cbc_enc_tv_temp,
2097 .count =
2098 HMAC_SHA1_AES_CBC_ENC_TEST_VEC
2099 }
2100 }
2101 }
2102 }, {
2103 .alg = "authenc(hmac(sha1),cbc(des))",
2104 .test = alg_test_aead,
2105 .fips_allowed = 1,
2106 .suite = {
2107 .aead = {
2108 .enc = {
2109 .vecs =
2110 hmac_sha1_des_cbc_enc_tv_temp,
2111 .count =
2112 HMAC_SHA1_DES_CBC_ENC_TEST_VEC
2113 }
2114 }
2115 }
2116 }, {
2117 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
2118 .test = alg_test_aead,
2119 .fips_allowed = 1,
2120 .suite = {
2121 .aead = {
2122 .enc = {
2123 .vecs =
2124 hmac_sha1_des3_ede_cbc_enc_tv_temp,
2125 .count =
2126 HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC
2127 }
2128 }
2129 }
2130 }, {
2131 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
2132 .test = alg_test_aead,
2133 .fips_allowed = 1,
2134 .suite = {
2135 .aead = {
2136 .enc = {
2137 .vecs =
2138 hmac_sha1_ecb_cipher_null_enc_tv_temp,
2139 .count =
2140 HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC
2141 },
2142 .dec = {
2143 .vecs =
2144 hmac_sha1_ecb_cipher_null_dec_tv_temp,
2145 .count =
2146 HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC
2147 }
2148 }
2149 }
2150 }, {
2151 .alg = "authenc(hmac(sha224),cbc(des))",
2152 .test = alg_test_aead,
2153 .fips_allowed = 1,
2154 .suite = {
2155 .aead = {
2156 .enc = {
2157 .vecs =
2158 hmac_sha224_des_cbc_enc_tv_temp,
2159 .count =
2160 HMAC_SHA224_DES_CBC_ENC_TEST_VEC
2161 }
2162 }
2163 }
2164 }, {
2165 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
2166 .test = alg_test_aead,
2167 .fips_allowed = 1,
2168 .suite = {
2169 .aead = {
2170 .enc = {
2171 .vecs =
2172 hmac_sha224_des3_ede_cbc_enc_tv_temp,
2173 .count =
2174 HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC
2175 }
2176 }
2177 }
2178 }, {
2179 .alg = "authenc(hmac(sha256),cbc(aes))",
2180 .test = alg_test_aead,
2181 .fips_allowed = 1,
2182 .suite = {
2183 .aead = {
2184 .enc = {
2185 .vecs =
2186 hmac_sha256_aes_cbc_enc_tv_temp,
2187 .count =
2188 HMAC_SHA256_AES_CBC_ENC_TEST_VEC
2189 }
2190 }
2191 }
2192 }, {
2193 .alg = "authenc(hmac(sha256),cbc(des))",
2194 .test = alg_test_aead,
2195 .fips_allowed = 1,
2196 .suite = {
2197 .aead = {
2198 .enc = {
2199 .vecs =
2200 hmac_sha256_des_cbc_enc_tv_temp,
2201 .count =
2202 HMAC_SHA256_DES_CBC_ENC_TEST_VEC
2203 }
2204 }
2205 }
2206 }, {
2207 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
2208 .test = alg_test_aead,
2209 .fips_allowed = 1,
2210 .suite = {
2211 .aead = {
2212 .enc = {
2213 .vecs =
2214 hmac_sha256_des3_ede_cbc_enc_tv_temp,
2215 .count =
2216 HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC
2217 }
2218 }
2219 }
2220 }, {
2221 .alg = "authenc(hmac(sha384),cbc(des))",
2222 .test = alg_test_aead,
2223 .fips_allowed = 1,
2224 .suite = {
2225 .aead = {
2226 .enc = {
2227 .vecs =
2228 hmac_sha384_des_cbc_enc_tv_temp,
2229 .count =
2230 HMAC_SHA384_DES_CBC_ENC_TEST_VEC
2231 }
2232 }
2233 }
2234 }, {
2235 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
2236 .test = alg_test_aead,
2237 .fips_allowed = 1,
2238 .suite = {
2239 .aead = {
2240 .enc = {
2241 .vecs =
2242 hmac_sha384_des3_ede_cbc_enc_tv_temp,
2243 .count =
2244 HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC
2245 }
2246 }
2247 }
2248 }, {
2249 .alg = "authenc(hmac(sha512),cbc(aes))",
2250 .test = alg_test_aead,
2251 .fips_allowed = 1,
2252 .suite = {
2253 .aead = {
2254 .enc = {
2255 .vecs =
2256 hmac_sha512_aes_cbc_enc_tv_temp,
2257 .count =
2258 HMAC_SHA512_AES_CBC_ENC_TEST_VEC
2259 }
2260 }
2261 }
2262 }, {
2263 .alg = "authenc(hmac(sha512),cbc(des))",
2264 .test = alg_test_aead,
2265 .fips_allowed = 1,
2266 .suite = {
2267 .aead = {
2268 .enc = {
2269 .vecs =
2270 hmac_sha512_des_cbc_enc_tv_temp,
2271 .count =
2272 HMAC_SHA512_DES_CBC_ENC_TEST_VEC
2273 }
2274 }
2275 }
2276 }, {
2277 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
2278 .test = alg_test_aead,
2279 .fips_allowed = 1,
2280 .suite = {
2281 .aead = {
2282 .enc = {
2283 .vecs =
2284 hmac_sha512_des3_ede_cbc_enc_tv_temp,
2285 .count =
2286 HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC
2287 }
2288 }
2289 }
2290 }, {
2291 .alg = "cbc(aes)",
2292 .test = alg_test_skcipher,
2293 .fips_allowed = 1,
2294 .suite = {
2295 .cipher = {
2296 .enc = {
2297 .vecs = aes_cbc_enc_tv_template,
2298 .count = AES_CBC_ENC_TEST_VECTORS
2299 },
2300 .dec = {
2301 .vecs = aes_cbc_dec_tv_template,
2302 .count = AES_CBC_DEC_TEST_VECTORS
2303 }
2304 }
2305 }
2306 }, {
2307 .alg = "cbc(anubis)",
2308 .test = alg_test_skcipher,
2309 .suite = {
2310 .cipher = {
2311 .enc = {
2312 .vecs = anubis_cbc_enc_tv_template,
2313 .count = ANUBIS_CBC_ENC_TEST_VECTORS
2314 },
2315 .dec = {
2316 .vecs = anubis_cbc_dec_tv_template,
2317 .count = ANUBIS_CBC_DEC_TEST_VECTORS
2318 }
2319 }
2320 }
2321 }, {
2322 .alg = "cbc(blowfish)",
2323 .test = alg_test_skcipher,
2324 .suite = {
2325 .cipher = {
2326 .enc = {
2327 .vecs = bf_cbc_enc_tv_template,
2328 .count = BF_CBC_ENC_TEST_VECTORS
2329 },
2330 .dec = {
2331 .vecs = bf_cbc_dec_tv_template,
2332 .count = BF_CBC_DEC_TEST_VECTORS
2333 }
2334 }
2335 }
2336 }, {
2337 .alg = "cbc(camellia)",
2338 .test = alg_test_skcipher,
2339 .suite = {
2340 .cipher = {
2341 .enc = {
2342 .vecs = camellia_cbc_enc_tv_template,
2343 .count = CAMELLIA_CBC_ENC_TEST_VECTORS
2344 },
2345 .dec = {
2346 .vecs = camellia_cbc_dec_tv_template,
2347 .count = CAMELLIA_CBC_DEC_TEST_VECTORS
2348 }
2349 }
2350 }
2351 }, {
2352 .alg = "cbc(cast5)",
2353 .test = alg_test_skcipher,
2354 .suite = {
2355 .cipher = {
2356 .enc = {
2357 .vecs = cast5_cbc_enc_tv_template,
2358 .count = CAST5_CBC_ENC_TEST_VECTORS
2359 },
2360 .dec = {
2361 .vecs = cast5_cbc_dec_tv_template,
2362 .count = CAST5_CBC_DEC_TEST_VECTORS
2363 }
2364 }
2365 }
2366 }, {
2367 .alg = "cbc(cast6)",
2368 .test = alg_test_skcipher,
2369 .suite = {
2370 .cipher = {
2371 .enc = {
2372 .vecs = cast6_cbc_enc_tv_template,
2373 .count = CAST6_CBC_ENC_TEST_VECTORS
2374 },
2375 .dec = {
2376 .vecs = cast6_cbc_dec_tv_template,
2377 .count = CAST6_CBC_DEC_TEST_VECTORS
2378 }
2379 }
2380 }
2381 }, {
2382 .alg = "cbc(des)",
2383 .test = alg_test_skcipher,
2384 .suite = {
2385 .cipher = {
2386 .enc = {
2387 .vecs = des_cbc_enc_tv_template,
2388 .count = DES_CBC_ENC_TEST_VECTORS
2389 },
2390 .dec = {
2391 .vecs = des_cbc_dec_tv_template,
2392 .count = DES_CBC_DEC_TEST_VECTORS
2393 }
2394 }
2395 }
2396 }, {
2397 .alg = "cbc(des3_ede)",
2398 .test = alg_test_skcipher,
2399 .fips_allowed = 1,
2400 .suite = {
2401 .cipher = {
2402 .enc = {
2403 .vecs = des3_ede_cbc_enc_tv_template,
2404 .count = DES3_EDE_CBC_ENC_TEST_VECTORS
2405 },
2406 .dec = {
2407 .vecs = des3_ede_cbc_dec_tv_template,
2408 .count = DES3_EDE_CBC_DEC_TEST_VECTORS
2409 }
2410 }
2411 }
2412 }, {
2413 .alg = "cbc(serpent)",
2414 .test = alg_test_skcipher,
2415 .suite = {
2416 .cipher = {
2417 .enc = {
2418 .vecs = serpent_cbc_enc_tv_template,
2419 .count = SERPENT_CBC_ENC_TEST_VECTORS
2420 },
2421 .dec = {
2422 .vecs = serpent_cbc_dec_tv_template,
2423 .count = SERPENT_CBC_DEC_TEST_VECTORS
2424 }
2425 }
2426 }
2427 }, {
2428 .alg = "cbc(twofish)",
2429 .test = alg_test_skcipher,
2430 .suite = {
2431 .cipher = {
2432 .enc = {
2433 .vecs = tf_cbc_enc_tv_template,
2434 .count = TF_CBC_ENC_TEST_VECTORS
2435 },
2436 .dec = {
2437 .vecs = tf_cbc_dec_tv_template,
2438 .count = TF_CBC_DEC_TEST_VECTORS
2439 }
2440 }
2441 }
2442 }, {
2443 .alg = "ccm(aes)",
2444 .test = alg_test_aead,
2445 .fips_allowed = 1,
2446 .suite = {
2447 .aead = {
2448 .enc = {
2449 .vecs = aes_ccm_enc_tv_template,
2450 .count = AES_CCM_ENC_TEST_VECTORS
2451 },
2452 .dec = {
2453 .vecs = aes_ccm_dec_tv_template,
2454 .count = AES_CCM_DEC_TEST_VECTORS
2455 }
2456 }
2457 }
2458 }, {
2459 .alg = "chacha20",
2460 .test = alg_test_skcipher,
2461 .suite = {
2462 .cipher = {
2463 .enc = {
2464 .vecs = chacha20_enc_tv_template,
2465 .count = CHACHA20_ENC_TEST_VECTORS
2466 },
2467 .dec = {
2468 .vecs = chacha20_enc_tv_template,
2469 .count = CHACHA20_ENC_TEST_VECTORS
2470 },
2471 }
2472 }
2473 }, {
2474 .alg = "cmac(aes)",
2475 .test = alg_test_hash,
2476 .suite = {
2477 .hash = {
2478 .vecs = aes_cmac128_tv_template,
2479 .count = CMAC_AES_TEST_VECTORS
2480 }
2481 }
2482 }, {
2483 .alg = "cmac(des3_ede)",
2484 .test = alg_test_hash,
2485 .suite = {
2486 .hash = {
2487 .vecs = des3_ede_cmac64_tv_template,
2488 .count = CMAC_DES3_EDE_TEST_VECTORS
2489 }
2490 }
2491 }, {
2492 .alg = "compress_null",
2493 .test = alg_test_null,
2494 }, {
2495 .alg = "crc32",
2496 .test = alg_test_hash,
2497 .suite = {
2498 .hash = {
2499 .vecs = crc32_tv_template,
2500 .count = CRC32_TEST_VECTORS
2501 }
2502 }
2503 }, {
2504 .alg = "crc32c",
2505 .test = alg_test_crc32c,
2506 .fips_allowed = 1,
2507 .suite = {
2508 .hash = {
2509 .vecs = crc32c_tv_template,
2510 .count = CRC32C_TEST_VECTORS
2511 }
2512 }
2513 }, {
2514 .alg = "crct10dif",
2515 .test = alg_test_hash,
2516 .fips_allowed = 1,
2517 .suite = {
2518 .hash = {
2519 .vecs = crct10dif_tv_template,
2520 .count = CRCT10DIF_TEST_VECTORS
2521 }
2522 }
2523 }, {
2524 .alg = "cryptd(__driver-cbc-aes-aesni)",
2525 .test = alg_test_null,
2526 .fips_allowed = 1,
2527 }, {
2528 .alg = "cryptd(__driver-cbc-camellia-aesni)",
2529 .test = alg_test_null,
2530 }, {
2531 .alg = "cryptd(__driver-cbc-camellia-aesni-avx2)",
2532 .test = alg_test_null,
2533 }, {
2534 .alg = "cryptd(__driver-cbc-serpent-avx2)",
2535 .test = alg_test_null,
2536 }, {
2537 .alg = "cryptd(__driver-ecb-aes-aesni)",
2538 .test = alg_test_null,
2539 .fips_allowed = 1,
2540 }, {
2541 .alg = "cryptd(__driver-ecb-camellia-aesni)",
2542 .test = alg_test_null,
2543 }, {
2544 .alg = "cryptd(__driver-ecb-camellia-aesni-avx2)",
2545 .test = alg_test_null,
2546 }, {
2547 .alg = "cryptd(__driver-ecb-cast5-avx)",
2548 .test = alg_test_null,
2549 }, {
2550 .alg = "cryptd(__driver-ecb-cast6-avx)",
2551 .test = alg_test_null,
2552 }, {
2553 .alg = "cryptd(__driver-ecb-serpent-avx)",
2554 .test = alg_test_null,
2555 }, {
2556 .alg = "cryptd(__driver-ecb-serpent-avx2)",
2557 .test = alg_test_null,
2558 }, {
2559 .alg = "cryptd(__driver-ecb-serpent-sse2)",
2560 .test = alg_test_null,
2561 }, {
2562 .alg = "cryptd(__driver-ecb-twofish-avx)",
2563 .test = alg_test_null,
2564 }, {
2565 .alg = "cryptd(__driver-gcm-aes-aesni)",
2566 .test = alg_test_null,
2567 .fips_allowed = 1,
2568 }, {
2569 .alg = "cryptd(__ghash-pclmulqdqni)",
2570 .test = alg_test_null,
2571 .fips_allowed = 1,
2572 }, {
2573 .alg = "ctr(aes)",
2574 .test = alg_test_skcipher,
2575 .fips_allowed = 1,
2576 .suite = {
2577 .cipher = {
2578 .enc = {
2579 .vecs = aes_ctr_enc_tv_template,
2580 .count = AES_CTR_ENC_TEST_VECTORS
2581 },
2582 .dec = {
2583 .vecs = aes_ctr_dec_tv_template,
2584 .count = AES_CTR_DEC_TEST_VECTORS
2585 }
2586 }
2587 }
2588 }, {
2589 .alg = "ctr(blowfish)",
2590 .test = alg_test_skcipher,
2591 .suite = {
2592 .cipher = {
2593 .enc = {
2594 .vecs = bf_ctr_enc_tv_template,
2595 .count = BF_CTR_ENC_TEST_VECTORS
2596 },
2597 .dec = {
2598 .vecs = bf_ctr_dec_tv_template,
2599 .count = BF_CTR_DEC_TEST_VECTORS
2600 }
2601 }
2602 }
2603 }, {
2604 .alg = "ctr(camellia)",
2605 .test = alg_test_skcipher,
2606 .suite = {
2607 .cipher = {
2608 .enc = {
2609 .vecs = camellia_ctr_enc_tv_template,
2610 .count = CAMELLIA_CTR_ENC_TEST_VECTORS
2611 },
2612 .dec = {
2613 .vecs = camellia_ctr_dec_tv_template,
2614 .count = CAMELLIA_CTR_DEC_TEST_VECTORS
2615 }
2616 }
2617 }
2618 }, {
2619 .alg = "ctr(cast5)",
2620 .test = alg_test_skcipher,
2621 .suite = {
2622 .cipher = {
2623 .enc = {
2624 .vecs = cast5_ctr_enc_tv_template,
2625 .count = CAST5_CTR_ENC_TEST_VECTORS
2626 },
2627 .dec = {
2628 .vecs = cast5_ctr_dec_tv_template,
2629 .count = CAST5_CTR_DEC_TEST_VECTORS
2630 }
2631 }
2632 }
2633 }, {
2634 .alg = "ctr(cast6)",
2635 .test = alg_test_skcipher,
2636 .suite = {
2637 .cipher = {
2638 .enc = {
2639 .vecs = cast6_ctr_enc_tv_template,
2640 .count = CAST6_CTR_ENC_TEST_VECTORS
2641 },
2642 .dec = {
2643 .vecs = cast6_ctr_dec_tv_template,
2644 .count = CAST6_CTR_DEC_TEST_VECTORS
2645 }
2646 }
2647 }
2648 }, {
2649 .alg = "ctr(des)",
2650 .test = alg_test_skcipher,
2651 .suite = {
2652 .cipher = {
2653 .enc = {
2654 .vecs = des_ctr_enc_tv_template,
2655 .count = DES_CTR_ENC_TEST_VECTORS
2656 },
2657 .dec = {
2658 .vecs = des_ctr_dec_tv_template,
2659 .count = DES_CTR_DEC_TEST_VECTORS
2660 }
2661 }
2662 }
2663 }, {
2664 .alg = "ctr(des3_ede)",
2665 .test = alg_test_skcipher,
2666 .suite = {
2667 .cipher = {
2668 .enc = {
2669 .vecs = des3_ede_ctr_enc_tv_template,
2670 .count = DES3_EDE_CTR_ENC_TEST_VECTORS
2671 },
2672 .dec = {
2673 .vecs = des3_ede_ctr_dec_tv_template,
2674 .count = DES3_EDE_CTR_DEC_TEST_VECTORS
2675 }
2676 }
2677 }
2678 }, {
2679 .alg = "ctr(serpent)",
2680 .test = alg_test_skcipher,
2681 .suite = {
2682 .cipher = {
2683 .enc = {
2684 .vecs = serpent_ctr_enc_tv_template,
2685 .count = SERPENT_CTR_ENC_TEST_VECTORS
2686 },
2687 .dec = {
2688 .vecs = serpent_ctr_dec_tv_template,
2689 .count = SERPENT_CTR_DEC_TEST_VECTORS
2690 }
2691 }
2692 }
2693 }, {
2694 .alg = "ctr(twofish)",
2695 .test = alg_test_skcipher,
2696 .suite = {
2697 .cipher = {
2698 .enc = {
2699 .vecs = tf_ctr_enc_tv_template,
2700 .count = TF_CTR_ENC_TEST_VECTORS
2701 },
2702 .dec = {
2703 .vecs = tf_ctr_dec_tv_template,
2704 .count = TF_CTR_DEC_TEST_VECTORS
2705 }
2706 }
2707 }
2708 }, {
2709 .alg = "cts(cbc(aes))",
2710 .test = alg_test_skcipher,
2711 .suite = {
2712 .cipher = {
2713 .enc = {
2714 .vecs = cts_mode_enc_tv_template,
2715 .count = CTS_MODE_ENC_TEST_VECTORS
2716 },
2717 .dec = {
2718 .vecs = cts_mode_dec_tv_template,
2719 .count = CTS_MODE_DEC_TEST_VECTORS
2720 }
2721 }
2722 }
2723 }, {
2724 .alg = "deflate",
2725 .test = alg_test_comp,
2726 .fips_allowed = 1,
2727 .suite = {
2728 .comp = {
2729 .comp = {
2730 .vecs = deflate_comp_tv_template,
2731 .count = DEFLATE_COMP_TEST_VECTORS
2732 },
2733 .decomp = {
2734 .vecs = deflate_decomp_tv_template,
2735 .count = DEFLATE_DECOMP_TEST_VECTORS
2736 }
2737 }
2738 }
2739 }, {
2740 .alg = "digest_null",
2741 .test = alg_test_null,
2742 }, {
2743 .alg = "drbg_nopr_ctr_aes128",
2744 .test = alg_test_drbg,
2745 .fips_allowed = 1,
2746 .suite = {
2747 .drbg = {
2748 .vecs = drbg_nopr_ctr_aes128_tv_template,
2749 .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template)
2750 }
2751 }
2752 }, {
2753 .alg = "drbg_nopr_ctr_aes192",
2754 .test = alg_test_drbg,
2755 .fips_allowed = 1,
2756 .suite = {
2757 .drbg = {
2758 .vecs = drbg_nopr_ctr_aes192_tv_template,
2759 .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template)
2760 }
2761 }
2762 }, {
2763 .alg = "drbg_nopr_ctr_aes256",
2764 .test = alg_test_drbg,
2765 .fips_allowed = 1,
2766 .suite = {
2767 .drbg = {
2768 .vecs = drbg_nopr_ctr_aes256_tv_template,
2769 .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template)
2770 }
2771 }
2772 }, {
2773 /*
2774 * There is no need to specifically test the DRBG with every
2775 * backend cipher -- covered by drbg_nopr_hmac_sha256 test
2776 */
2777 .alg = "drbg_nopr_hmac_sha1",
2778 .fips_allowed = 1,
2779 .test = alg_test_null,
2780 }, {
2781 .alg = "drbg_nopr_hmac_sha256",
2782 .test = alg_test_drbg,
2783 .fips_allowed = 1,
2784 .suite = {
2785 .drbg = {
2786 .vecs = drbg_nopr_hmac_sha256_tv_template,
2787 .count =
2788 ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template)
2789 }
2790 }
2791 }, {
2792 /* covered by drbg_nopr_hmac_sha256 test */
2793 .alg = "drbg_nopr_hmac_sha384",
2794 .fips_allowed = 1,
2795 .test = alg_test_null,
2796 }, {
2797 .alg = "drbg_nopr_hmac_sha512",
2798 .test = alg_test_null,
2799 .fips_allowed = 1,
2800 }, {
2801 .alg = "drbg_nopr_sha1",
2802 .fips_allowed = 1,
2803 .test = alg_test_null,
2804 }, {
2805 .alg = "drbg_nopr_sha256",
2806 .test = alg_test_drbg,
2807 .fips_allowed = 1,
2808 .suite = {
2809 .drbg = {
2810 .vecs = drbg_nopr_sha256_tv_template,
2811 .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template)
2812 }
2813 }
2814 }, {
2815 /* covered by drbg_nopr_sha256 test */
2816 .alg = "drbg_nopr_sha384",
2817 .fips_allowed = 1,
2818 .test = alg_test_null,
2819 }, {
2820 .alg = "drbg_nopr_sha512",
2821 .fips_allowed = 1,
2822 .test = alg_test_null,
2823 }, {
2824 .alg = "drbg_pr_ctr_aes128",
2825 .test = alg_test_drbg,
2826 .fips_allowed = 1,
2827 .suite = {
2828 .drbg = {
2829 .vecs = drbg_pr_ctr_aes128_tv_template,
2830 .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template)
2831 }
2832 }
2833 }, {
2834 /* covered by drbg_pr_ctr_aes128 test */
2835 .alg = "drbg_pr_ctr_aes192",
2836 .fips_allowed = 1,
2837 .test = alg_test_null,
2838 }, {
2839 .alg = "drbg_pr_ctr_aes256",
2840 .fips_allowed = 1,
2841 .test = alg_test_null,
2842 }, {
2843 .alg = "drbg_pr_hmac_sha1",
2844 .fips_allowed = 1,
2845 .test = alg_test_null,
2846 }, {
2847 .alg = "drbg_pr_hmac_sha256",
2848 .test = alg_test_drbg,
2849 .fips_allowed = 1,
2850 .suite = {
2851 .drbg = {
2852 .vecs = drbg_pr_hmac_sha256_tv_template,
2853 .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template)
2854 }
2855 }
2856 }, {
2857 /* covered by drbg_pr_hmac_sha256 test */
2858 .alg = "drbg_pr_hmac_sha384",
2859 .fips_allowed = 1,
2860 .test = alg_test_null,
2861 }, {
2862 .alg = "drbg_pr_hmac_sha512",
2863 .test = alg_test_null,
2864 .fips_allowed = 1,
2865 }, {
2866 .alg = "drbg_pr_sha1",
2867 .fips_allowed = 1,
2868 .test = alg_test_null,
2869 }, {
2870 .alg = "drbg_pr_sha256",
2871 .test = alg_test_drbg,
2872 .fips_allowed = 1,
2873 .suite = {
2874 .drbg = {
2875 .vecs = drbg_pr_sha256_tv_template,
2876 .count = ARRAY_SIZE(drbg_pr_sha256_tv_template)
2877 }
2878 }
2879 }, {
2880 /* covered by drbg_pr_sha256 test */
2881 .alg = "drbg_pr_sha384",
2882 .fips_allowed = 1,
2883 .test = alg_test_null,
2884 }, {
2885 .alg = "drbg_pr_sha512",
2886 .fips_allowed = 1,
2887 .test = alg_test_null,
2888 }, {
2889 .alg = "ecb(__aes-aesni)",
2890 .test = alg_test_null,
2891 .fips_allowed = 1,
2892 }, {
2893 .alg = "ecb(aes)",
2894 .test = alg_test_skcipher,
2895 .fips_allowed = 1,
2896 .suite = {
2897 .cipher = {
2898 .enc = {
2899 .vecs = aes_enc_tv_template,
2900 .count = AES_ENC_TEST_VECTORS
2901 },
2902 .dec = {
2903 .vecs = aes_dec_tv_template,
2904 .count = AES_DEC_TEST_VECTORS
2905 }
2906 }
2907 }
2908 }, {
2909 .alg = "ecb(anubis)",
2910 .test = alg_test_skcipher,
2911 .suite = {
2912 .cipher = {
2913 .enc = {
2914 .vecs = anubis_enc_tv_template,
2915 .count = ANUBIS_ENC_TEST_VECTORS
2916 },
2917 .dec = {
2918 .vecs = anubis_dec_tv_template,
2919 .count = ANUBIS_DEC_TEST_VECTORS
2920 }
2921 }
2922 }
2923 }, {
2924 .alg = "ecb(arc4)",
2925 .test = alg_test_skcipher,
2926 .suite = {
2927 .cipher = {
2928 .enc = {
2929 .vecs = arc4_enc_tv_template,
2930 .count = ARC4_ENC_TEST_VECTORS
2931 },
2932 .dec = {
2933 .vecs = arc4_dec_tv_template,
2934 .count = ARC4_DEC_TEST_VECTORS
2935 }
2936 }
2937 }
2938 }, {
2939 .alg = "ecb(blowfish)",
2940 .test = alg_test_skcipher,
2941 .suite = {
2942 .cipher = {
2943 .enc = {
2944 .vecs = bf_enc_tv_template,
2945 .count = BF_ENC_TEST_VECTORS
2946 },
2947 .dec = {
2948 .vecs = bf_dec_tv_template,
2949 .count = BF_DEC_TEST_VECTORS
2950 }
2951 }
2952 }
2953 }, {
2954 .alg = "ecb(camellia)",
2955 .test = alg_test_skcipher,
2956 .suite = {
2957 .cipher = {
2958 .enc = {
2959 .vecs = camellia_enc_tv_template,
2960 .count = CAMELLIA_ENC_TEST_VECTORS
2961 },
2962 .dec = {
2963 .vecs = camellia_dec_tv_template,
2964 .count = CAMELLIA_DEC_TEST_VECTORS
2965 }
2966 }
2967 }
2968 }, {
2969 .alg = "ecb(cast5)",
2970 .test = alg_test_skcipher,
2971 .suite = {
2972 .cipher = {
2973 .enc = {
2974 .vecs = cast5_enc_tv_template,
2975 .count = CAST5_ENC_TEST_VECTORS
2976 },
2977 .dec = {
2978 .vecs = cast5_dec_tv_template,
2979 .count = CAST5_DEC_TEST_VECTORS
2980 }
2981 }
2982 }
2983 }, {
2984 .alg = "ecb(cast6)",
2985 .test = alg_test_skcipher,
2986 .suite = {
2987 .cipher = {
2988 .enc = {
2989 .vecs = cast6_enc_tv_template,
2990 .count = CAST6_ENC_TEST_VECTORS
2991 },
2992 .dec = {
2993 .vecs = cast6_dec_tv_template,
2994 .count = CAST6_DEC_TEST_VECTORS
2995 }
2996 }
2997 }
2998 }, {
2999 .alg = "ecb(cipher_null)",
3000 .test = alg_test_null,
3001 }, {
3002 .alg = "ecb(des)",
3003 .test = alg_test_skcipher,
3004 .fips_allowed = 1,
3005 .suite = {
3006 .cipher = {
3007 .enc = {
3008 .vecs = des_enc_tv_template,
3009 .count = DES_ENC_TEST_VECTORS
3010 },
3011 .dec = {
3012 .vecs = des_dec_tv_template,
3013 .count = DES_DEC_TEST_VECTORS
3014 }
3015 }
3016 }
3017 }, {
3018 .alg = "ecb(des3_ede)",
3019 .test = alg_test_skcipher,
3020 .fips_allowed = 1,
3021 .suite = {
3022 .cipher = {
3023 .enc = {
3024 .vecs = des3_ede_enc_tv_template,
3025 .count = DES3_EDE_ENC_TEST_VECTORS
3026 },
3027 .dec = {
3028 .vecs = des3_ede_dec_tv_template,
3029 .count = DES3_EDE_DEC_TEST_VECTORS
3030 }
3031 }
3032 }
3033 }, {
3034 .alg = "ecb(fcrypt)",
3035 .test = alg_test_skcipher,
3036 .suite = {
3037 .cipher = {
3038 .enc = {
3039 .vecs = fcrypt_pcbc_enc_tv_template,
3040 .count = 1
3041 },
3042 .dec = {
3043 .vecs = fcrypt_pcbc_dec_tv_template,
3044 .count = 1
3045 }
3046 }
3047 }
3048 }, {
3049 .alg = "ecb(khazad)",
3050 .test = alg_test_skcipher,
3051 .suite = {
3052 .cipher = {
3053 .enc = {
3054 .vecs = khazad_enc_tv_template,
3055 .count = KHAZAD_ENC_TEST_VECTORS
3056 },
3057 .dec = {
3058 .vecs = khazad_dec_tv_template,
3059 .count = KHAZAD_DEC_TEST_VECTORS
3060 }
3061 }
3062 }
3063 }, {
3064 .alg = "ecb(seed)",
3065 .test = alg_test_skcipher,
3066 .suite = {
3067 .cipher = {
3068 .enc = {
3069 .vecs = seed_enc_tv_template,
3070 .count = SEED_ENC_TEST_VECTORS
3071 },
3072 .dec = {
3073 .vecs = seed_dec_tv_template,
3074 .count = SEED_DEC_TEST_VECTORS
3075 }
3076 }
3077 }
3078 }, {
3079 .alg = "ecb(serpent)",
3080 .test = alg_test_skcipher,
3081 .suite = {
3082 .cipher = {
3083 .enc = {
3084 .vecs = serpent_enc_tv_template,
3085 .count = SERPENT_ENC_TEST_VECTORS
3086 },
3087 .dec = {
3088 .vecs = serpent_dec_tv_template,
3089 .count = SERPENT_DEC_TEST_VECTORS
3090 }
3091 }
3092 }
3093 }, {
3094 .alg = "ecb(tea)",
3095 .test = alg_test_skcipher,
3096 .suite = {
3097 .cipher = {
3098 .enc = {
3099 .vecs = tea_enc_tv_template,
3100 .count = TEA_ENC_TEST_VECTORS
3101 },
3102 .dec = {
3103 .vecs = tea_dec_tv_template,
3104 .count = TEA_DEC_TEST_VECTORS
3105 }
3106 }
3107 }
3108 }, {
3109 .alg = "ecb(tnepres)",
3110 .test = alg_test_skcipher,
3111 .suite = {
3112 .cipher = {
3113 .enc = {
3114 .vecs = tnepres_enc_tv_template,
3115 .count = TNEPRES_ENC_TEST_VECTORS
3116 },
3117 .dec = {
3118 .vecs = tnepres_dec_tv_template,
3119 .count = TNEPRES_DEC_TEST_VECTORS
3120 }
3121 }
3122 }
3123 }, {
3124 .alg = "ecb(twofish)",
3125 .test = alg_test_skcipher,
3126 .suite = {
3127 .cipher = {
3128 .enc = {
3129 .vecs = tf_enc_tv_template,
3130 .count = TF_ENC_TEST_VECTORS
3131 },
3132 .dec = {
3133 .vecs = tf_dec_tv_template,
3134 .count = TF_DEC_TEST_VECTORS
3135 }
3136 }
3137 }
3138 }, {
3139 .alg = "ecb(xeta)",
3140 .test = alg_test_skcipher,
3141 .suite = {
3142 .cipher = {
3143 .enc = {
3144 .vecs = xeta_enc_tv_template,
3145 .count = XETA_ENC_TEST_VECTORS
3146 },
3147 .dec = {
3148 .vecs = xeta_dec_tv_template,
3149 .count = XETA_DEC_TEST_VECTORS
3150 }
3151 }
3152 }
3153 }, {
3154 .alg = "ecb(xtea)",
3155 .test = alg_test_skcipher,
3156 .suite = {
3157 .cipher = {
3158 .enc = {
3159 .vecs = xtea_enc_tv_template,
3160 .count = XTEA_ENC_TEST_VECTORS
3161 },
3162 .dec = {
3163 .vecs = xtea_dec_tv_template,
3164 .count = XTEA_DEC_TEST_VECTORS
3165 }
3166 }
3167 }
3168 }, {
3169 .alg = "gcm(aes)",
3170 .test = alg_test_aead,
3171 .fips_allowed = 1,
3172 .suite = {
3173 .aead = {
3174 .enc = {
3175 .vecs = aes_gcm_enc_tv_template,
3176 .count = AES_GCM_ENC_TEST_VECTORS
3177 },
3178 .dec = {
3179 .vecs = aes_gcm_dec_tv_template,
3180 .count = AES_GCM_DEC_TEST_VECTORS
3181 }
3182 }
3183 }
3184 }, {
3185 .alg = "ghash",
3186 .test = alg_test_hash,
3187 .fips_allowed = 1,
3188 .suite = {
3189 .hash = {
3190 .vecs = ghash_tv_template,
3191 .count = GHASH_TEST_VECTORS
3192 }
3193 }
3194 }, {
3195 .alg = "hmac(crc32)",
3196 .test = alg_test_hash,
3197 .suite = {
3198 .hash = {
3199 .vecs = bfin_crc_tv_template,
3200 .count = BFIN_CRC_TEST_VECTORS
3201 }
3202 }
3203 }, {
3204 .alg = "hmac(md5)",
3205 .test = alg_test_hash,
3206 .suite = {
3207 .hash = {
3208 .vecs = hmac_md5_tv_template,
3209 .count = HMAC_MD5_TEST_VECTORS
3210 }
3211 }
3212 }, {
3213 .alg = "hmac(rmd128)",
3214 .test = alg_test_hash,
3215 .suite = {
3216 .hash = {
3217 .vecs = hmac_rmd128_tv_template,
3218 .count = HMAC_RMD128_TEST_VECTORS
3219 }
3220 }
3221 }, {
3222 .alg = "hmac(rmd160)",
3223 .test = alg_test_hash,
3224 .suite = {
3225 .hash = {
3226 .vecs = hmac_rmd160_tv_template,
3227 .count = HMAC_RMD160_TEST_VECTORS
3228 }
3229 }
3230 }, {
3231 .alg = "hmac(sha1)",
3232 .test = alg_test_hash,
3233 .fips_allowed = 1,
3234 .suite = {
3235 .hash = {
3236 .vecs = hmac_sha1_tv_template,
3237 .count = HMAC_SHA1_TEST_VECTORS
3238 }
3239 }
3240 }, {
3241 .alg = "hmac(sha224)",
3242 .test = alg_test_hash,
3243 .fips_allowed = 1,
3244 .suite = {
3245 .hash = {
3246 .vecs = hmac_sha224_tv_template,
3247 .count = HMAC_SHA224_TEST_VECTORS
3248 }
3249 }
3250 }, {
3251 .alg = "hmac(sha256)",
3252 .test = alg_test_hash,
3253 .fips_allowed = 1,
3254 .suite = {
3255 .hash = {
3256 .vecs = hmac_sha256_tv_template,
3257 .count = HMAC_SHA256_TEST_VECTORS
3258 }
3259 }
3260 }, {
3261 .alg = "hmac(sha384)",
3262 .test = alg_test_hash,
3263 .fips_allowed = 1,
3264 .suite = {
3265 .hash = {
3266 .vecs = hmac_sha384_tv_template,
3267 .count = HMAC_SHA384_TEST_VECTORS
3268 }
3269 }
3270 }, {
3271 .alg = "hmac(sha512)",
3272 .test = alg_test_hash,
3273 .fips_allowed = 1,
3274 .suite = {
3275 .hash = {
3276 .vecs = hmac_sha512_tv_template,
3277 .count = HMAC_SHA512_TEST_VECTORS
3278 }
3279 }
3280 }, {
3281 .alg = "jitterentropy_rng",
3282 .fips_allowed = 1,
3283 .test = alg_test_null,
3284 }, {
3285 .alg = "lrw(aes)",
3286 .test = alg_test_skcipher,
3287 .suite = {
3288 .cipher = {
3289 .enc = {
3290 .vecs = aes_lrw_enc_tv_template,
3291 .count = AES_LRW_ENC_TEST_VECTORS
3292 },
3293 .dec = {
3294 .vecs = aes_lrw_dec_tv_template,
3295 .count = AES_LRW_DEC_TEST_VECTORS
3296 }
3297 }
3298 }
3299 }, {
3300 .alg = "lrw(camellia)",
3301 .test = alg_test_skcipher,
3302 .suite = {
3303 .cipher = {
3304 .enc = {
3305 .vecs = camellia_lrw_enc_tv_template,
3306 .count = CAMELLIA_LRW_ENC_TEST_VECTORS
3307 },
3308 .dec = {
3309 .vecs = camellia_lrw_dec_tv_template,
3310 .count = CAMELLIA_LRW_DEC_TEST_VECTORS
3311 }
3312 }
3313 }
3314 }, {
3315 .alg = "lrw(cast6)",
3316 .test = alg_test_skcipher,
3317 .suite = {
3318 .cipher = {
3319 .enc = {
3320 .vecs = cast6_lrw_enc_tv_template,
3321 .count = CAST6_LRW_ENC_TEST_VECTORS
3322 },
3323 .dec = {
3324 .vecs = cast6_lrw_dec_tv_template,
3325 .count = CAST6_LRW_DEC_TEST_VECTORS
3326 }
3327 }
3328 }
3329 }, {
3330 .alg = "lrw(serpent)",
3331 .test = alg_test_skcipher,
3332 .suite = {
3333 .cipher = {
3334 .enc = {
3335 .vecs = serpent_lrw_enc_tv_template,
3336 .count = SERPENT_LRW_ENC_TEST_VECTORS
3337 },
3338 .dec = {
3339 .vecs = serpent_lrw_dec_tv_template,
3340 .count = SERPENT_LRW_DEC_TEST_VECTORS
3341 }
3342 }
3343 }
3344 }, {
3345 .alg = "lrw(twofish)",
3346 .test = alg_test_skcipher,
3347 .suite = {
3348 .cipher = {
3349 .enc = {
3350 .vecs = tf_lrw_enc_tv_template,
3351 .count = TF_LRW_ENC_TEST_VECTORS
3352 },
3353 .dec = {
3354 .vecs = tf_lrw_dec_tv_template,
3355 .count = TF_LRW_DEC_TEST_VECTORS
3356 }
3357 }
3358 }
3359 }, {
3360 .alg = "lz4",
3361 .test = alg_test_comp,
3362 .fips_allowed = 1,
3363 .suite = {
3364 .comp = {
3365 .comp = {
3366 .vecs = lz4_comp_tv_template,
3367 .count = LZ4_COMP_TEST_VECTORS
3368 },
3369 .decomp = {
3370 .vecs = lz4_decomp_tv_template,
3371 .count = LZ4_DECOMP_TEST_VECTORS
3372 }
3373 }
3374 }
3375 }, {
3376 .alg = "lz4hc",
3377 .test = alg_test_comp,
3378 .fips_allowed = 1,
3379 .suite = {
3380 .comp = {
3381 .comp = {
3382 .vecs = lz4hc_comp_tv_template,
3383 .count = LZ4HC_COMP_TEST_VECTORS
3384 },
3385 .decomp = {
3386 .vecs = lz4hc_decomp_tv_template,
3387 .count = LZ4HC_DECOMP_TEST_VECTORS
3388 }
3389 }
3390 }
3391 }, {
3392 .alg = "lzo",
3393 .test = alg_test_comp,
3394 .fips_allowed = 1,
3395 .suite = {
3396 .comp = {
3397 .comp = {
3398 .vecs = lzo_comp_tv_template,
3399 .count = LZO_COMP_TEST_VECTORS
3400 },
3401 .decomp = {
3402 .vecs = lzo_decomp_tv_template,
3403 .count = LZO_DECOMP_TEST_VECTORS
3404 }
3405 }
3406 }
3407 }, {
3408 .alg = "md4",
3409 .test = alg_test_hash,
3410 .suite = {
3411 .hash = {
3412 .vecs = md4_tv_template,
3413 .count = MD4_TEST_VECTORS
3414 }
3415 }
3416 }, {
3417 .alg = "md5",
3418 .test = alg_test_hash,
3419 .suite = {
3420 .hash = {
3421 .vecs = md5_tv_template,
3422 .count = MD5_TEST_VECTORS
3423 }
3424 }
3425 }, {
3426 .alg = "michael_mic",
3427 .test = alg_test_hash,
3428 .suite = {
3429 .hash = {
3430 .vecs = michael_mic_tv_template,
3431 .count = MICHAEL_MIC_TEST_VECTORS
3432 }
3433 }
3434 }, {
3435 .alg = "ofb(aes)",
3436 .test = alg_test_skcipher,
3437 .fips_allowed = 1,
3438 .suite = {
3439 .cipher = {
3440 .enc = {
3441 .vecs = aes_ofb_enc_tv_template,
3442 .count = AES_OFB_ENC_TEST_VECTORS
3443 },
3444 .dec = {
3445 .vecs = aes_ofb_dec_tv_template,
3446 .count = AES_OFB_DEC_TEST_VECTORS
3447 }
3448 }
3449 }
3450 }, {
3451 .alg = "pcbc(fcrypt)",
3452 .test = alg_test_skcipher,
3453 .suite = {
3454 .cipher = {
3455 .enc = {
3456 .vecs = fcrypt_pcbc_enc_tv_template,
3457 .count = FCRYPT_ENC_TEST_VECTORS
3458 },
3459 .dec = {
3460 .vecs = fcrypt_pcbc_dec_tv_template,
3461 .count = FCRYPT_DEC_TEST_VECTORS
3462 }
3463 }
3464 }
3465 }, {
3466 .alg = "poly1305",
3467 .test = alg_test_hash,
3468 .suite = {
3469 .hash = {
3470 .vecs = poly1305_tv_template,
3471 .count = POLY1305_TEST_VECTORS
3472 }
3473 }
3474 }, {
3475 .alg = "rfc3686(ctr(aes))",
3476 .test = alg_test_skcipher,
3477 .fips_allowed = 1,
3478 .suite = {
3479 .cipher = {
3480 .enc = {
3481 .vecs = aes_ctr_rfc3686_enc_tv_template,
3482 .count = AES_CTR_3686_ENC_TEST_VECTORS
3483 },
3484 .dec = {
3485 .vecs = aes_ctr_rfc3686_dec_tv_template,
3486 .count = AES_CTR_3686_DEC_TEST_VECTORS
3487 }
3488 }
3489 }
3490 }, {
3491 .alg = "rfc4106(gcm(aes))",
3492 .test = alg_test_aead,
3493 .fips_allowed = 1,
3494 .suite = {
3495 .aead = {
3496 .enc = {
3497 .vecs = aes_gcm_rfc4106_enc_tv_template,
3498 .count = AES_GCM_4106_ENC_TEST_VECTORS
3499 },
3500 .dec = {
3501 .vecs = aes_gcm_rfc4106_dec_tv_template,
3502 .count = AES_GCM_4106_DEC_TEST_VECTORS
3503 }
3504 }
3505 }
3506 }, {
3507 .alg = "rfc4309(ccm(aes))",
3508 .test = alg_test_aead,
3509 .fips_allowed = 1,
3510 .suite = {
3511 .aead = {
3512 .enc = {
3513 .vecs = aes_ccm_rfc4309_enc_tv_template,
3514 .count = AES_CCM_4309_ENC_TEST_VECTORS
3515 },
3516 .dec = {
3517 .vecs = aes_ccm_rfc4309_dec_tv_template,
3518 .count = AES_CCM_4309_DEC_TEST_VECTORS
3519 }
3520 }
3521 }
3522 }, {
3523 .alg = "rfc4543(gcm(aes))",
3524 .test = alg_test_aead,
3525 .suite = {
3526 .aead = {
3527 .enc = {
3528 .vecs = aes_gcm_rfc4543_enc_tv_template,
3529 .count = AES_GCM_4543_ENC_TEST_VECTORS
3530 },
3531 .dec = {
3532 .vecs = aes_gcm_rfc4543_dec_tv_template,
3533 .count = AES_GCM_4543_DEC_TEST_VECTORS
3534 },
3535 }
3536 }
3537 }, {
3538 .alg = "rfc7539(chacha20,poly1305)",
3539 .test = alg_test_aead,
3540 .suite = {
3541 .aead = {
3542 .enc = {
3543 .vecs = rfc7539_enc_tv_template,
3544 .count = RFC7539_ENC_TEST_VECTORS
3545 },
3546 .dec = {
3547 .vecs = rfc7539_dec_tv_template,
3548 .count = RFC7539_DEC_TEST_VECTORS
3549 },
3550 }
3551 }
3552 }, {
3553 .alg = "rfc7539esp(chacha20,poly1305)",
3554 .test = alg_test_aead,
3555 .suite = {
3556 .aead = {
3557 .enc = {
3558 .vecs = rfc7539esp_enc_tv_template,
3559 .count = RFC7539ESP_ENC_TEST_VECTORS
3560 },
3561 .dec = {
3562 .vecs = rfc7539esp_dec_tv_template,
3563 .count = RFC7539ESP_DEC_TEST_VECTORS
3564 },
3565 }
3566 }
3567 }, {
3568 .alg = "rmd128",
3569 .test = alg_test_hash,
3570 .suite = {
3571 .hash = {
3572 .vecs = rmd128_tv_template,
3573 .count = RMD128_TEST_VECTORS
3574 }
3575 }
3576 }, {
3577 .alg = "rmd160",
3578 .test = alg_test_hash,
3579 .suite = {
3580 .hash = {
3581 .vecs = rmd160_tv_template,
3582 .count = RMD160_TEST_VECTORS
3583 }
3584 }
3585 }, {
3586 .alg = "rmd256",
3587 .test = alg_test_hash,
3588 .suite = {
3589 .hash = {
3590 .vecs = rmd256_tv_template,
3591 .count = RMD256_TEST_VECTORS
3592 }
3593 }
3594 }, {
3595 .alg = "rmd320",
3596 .test = alg_test_hash,
3597 .suite = {
3598 .hash = {
3599 .vecs = rmd320_tv_template,
3600 .count = RMD320_TEST_VECTORS
3601 }
3602 }
3603 }, {
3604 .alg = "rsa",
3605 .test = alg_test_akcipher,
3606 .fips_allowed = 1,
3607 .suite = {
3608 .akcipher = {
3609 .vecs = rsa_tv_template,
3610 .count = RSA_TEST_VECTORS
3611 }
3612 }
3613 }, {
3614 .alg = "salsa20",
3615 .test = alg_test_skcipher,
3616 .suite = {
3617 .cipher = {
3618 .enc = {
3619 .vecs = salsa20_stream_enc_tv_template,
3620 .count = SALSA20_STREAM_ENC_TEST_VECTORS
3621 }
3622 }
3623 }
3624 }, {
3625 .alg = "sha1",
3626 .test = alg_test_hash,
3627 .fips_allowed = 1,
3628 .suite = {
3629 .hash = {
3630 .vecs = sha1_tv_template,
3631 .count = SHA1_TEST_VECTORS
3632 }
3633 }
3634 }, {
3635 .alg = "sha224",
3636 .test = alg_test_hash,
3637 .fips_allowed = 1,
3638 .suite = {
3639 .hash = {
3640 .vecs = sha224_tv_template,
3641 .count = SHA224_TEST_VECTORS
3642 }
3643 }
3644 }, {
3645 .alg = "sha256",
3646 .test = alg_test_hash,
3647 .fips_allowed = 1,
3648 .suite = {
3649 .hash = {
3650 .vecs = sha256_tv_template,
3651 .count = SHA256_TEST_VECTORS
3652 }
3653 }
3654 }, {
3655 .alg = "sha384",
3656 .test = alg_test_hash,
3657 .fips_allowed = 1,
3658 .suite = {
3659 .hash = {
3660 .vecs = sha384_tv_template,
3661 .count = SHA384_TEST_VECTORS
3662 }
3663 }
3664 }, {
3665 .alg = "sha512",
3666 .test = alg_test_hash,
3667 .fips_allowed = 1,
3668 .suite = {
3669 .hash = {
3670 .vecs = sha512_tv_template,
3671 .count = SHA512_TEST_VECTORS
3672 }
3673 }
3674 }, {
3675 .alg = "tgr128",
3676 .test = alg_test_hash,
3677 .suite = {
3678 .hash = {
3679 .vecs = tgr128_tv_template,
3680 .count = TGR128_TEST_VECTORS
3681 }
3682 }
3683 }, {
3684 .alg = "tgr160",
3685 .test = alg_test_hash,
3686 .suite = {
3687 .hash = {
3688 .vecs = tgr160_tv_template,
3689 .count = TGR160_TEST_VECTORS
3690 }
3691 }
3692 }, {
3693 .alg = "tgr192",
3694 .test = alg_test_hash,
3695 .suite = {
3696 .hash = {
3697 .vecs = tgr192_tv_template,
3698 .count = TGR192_TEST_VECTORS
3699 }
3700 }
3701 }, {
3702 .alg = "vmac(aes)",
3703 .test = alg_test_hash,
3704 .suite = {
3705 .hash = {
3706 .vecs = aes_vmac128_tv_template,
3707 .count = VMAC_AES_TEST_VECTORS
3708 }
3709 }
3710 }, {
3711 .alg = "wp256",
3712 .test = alg_test_hash,
3713 .suite = {
3714 .hash = {
3715 .vecs = wp256_tv_template,
3716 .count = WP256_TEST_VECTORS
3717 }
3718 }
3719 }, {
3720 .alg = "wp384",
3721 .test = alg_test_hash,
3722 .suite = {
3723 .hash = {
3724 .vecs = wp384_tv_template,
3725 .count = WP384_TEST_VECTORS
3726 }
3727 }
3728 }, {
3729 .alg = "wp512",
3730 .test = alg_test_hash,
3731 .suite = {
3732 .hash = {
3733 .vecs = wp512_tv_template,
3734 .count = WP512_TEST_VECTORS
3735 }
3736 }
3737 }, {
3738 .alg = "xcbc(aes)",
3739 .test = alg_test_hash,
3740 .suite = {
3741 .hash = {
3742 .vecs = aes_xcbc128_tv_template,
3743 .count = XCBC_AES_TEST_VECTORS
3744 }
3745 }
3746 }, {
3747 .alg = "xts(aes)",
3748 .test = alg_test_skcipher,
3749 .fips_allowed = 1,
3750 .suite = {
3751 .cipher = {
3752 .enc = {
3753 .vecs = aes_xts_enc_tv_template,
3754 .count = AES_XTS_ENC_TEST_VECTORS
3755 },
3756 .dec = {
3757 .vecs = aes_xts_dec_tv_template,
3758 .count = AES_XTS_DEC_TEST_VECTORS
3759 }
3760 }
3761 }
3762 }, {
3763 .alg = "xts(camellia)",
3764 .test = alg_test_skcipher,
3765 .suite = {
3766 .cipher = {
3767 .enc = {
3768 .vecs = camellia_xts_enc_tv_template,
3769 .count = CAMELLIA_XTS_ENC_TEST_VECTORS
3770 },
3771 .dec = {
3772 .vecs = camellia_xts_dec_tv_template,
3773 .count = CAMELLIA_XTS_DEC_TEST_VECTORS
3774 }
3775 }
3776 }
3777 }, {
3778 .alg = "xts(cast6)",
3779 .test = alg_test_skcipher,
3780 .suite = {
3781 .cipher = {
3782 .enc = {
3783 .vecs = cast6_xts_enc_tv_template,
3784 .count = CAST6_XTS_ENC_TEST_VECTORS
3785 },
3786 .dec = {
3787 .vecs = cast6_xts_dec_tv_template,
3788 .count = CAST6_XTS_DEC_TEST_VECTORS
3789 }
3790 }
3791 }
3792 }, {
3793 .alg = "xts(serpent)",
3794 .test = alg_test_skcipher,
3795 .suite = {
3796 .cipher = {
3797 .enc = {
3798 .vecs = serpent_xts_enc_tv_template,
3799 .count = SERPENT_XTS_ENC_TEST_VECTORS
3800 },
3801 .dec = {
3802 .vecs = serpent_xts_dec_tv_template,
3803 .count = SERPENT_XTS_DEC_TEST_VECTORS
3804 }
3805 }
3806 }
3807 }, {
3808 .alg = "xts(twofish)",
3809 .test = alg_test_skcipher,
3810 .suite = {
3811 .cipher = {
3812 .enc = {
3813 .vecs = tf_xts_enc_tv_template,
3814 .count = TF_XTS_ENC_TEST_VECTORS
3815 },
3816 .dec = {
3817 .vecs = tf_xts_dec_tv_template,
3818 .count = TF_XTS_DEC_TEST_VECTORS
3819 }
3820 }
3821 }
3822 }, {
3823 .alg = "zlib",
3824 .test = alg_test_pcomp,
3825 .fips_allowed = 1,
3826 .suite = {
3827 .pcomp = {
3828 .comp = {
3829 .vecs = zlib_comp_tv_template,
3830 .count = ZLIB_COMP_TEST_VECTORS
3831 },
3832 .decomp = {
3833 .vecs = zlib_decomp_tv_template,
3834 .count = ZLIB_DECOMP_TEST_VECTORS
3835 }
3836 }
3837 }
3838 }
3839 };
3840
3841 static bool alg_test_descs_checked;
3842
3843 static void alg_test_descs_check_order(void)
3844 {
3845 int i;
3846
3847 /* only check once */
3848 if (alg_test_descs_checked)
3849 return;
3850
3851 alg_test_descs_checked = true;
3852
3853 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3854 int diff = strcmp(alg_test_descs[i - 1].alg,
3855 alg_test_descs[i].alg);
3856
3857 if (WARN_ON(diff > 0)) {
3858 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3859 alg_test_descs[i - 1].alg,
3860 alg_test_descs[i].alg);
3861 }
3862
3863 if (WARN_ON(diff == 0)) {
3864 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3865 alg_test_descs[i].alg);
3866 }
3867 }
3868 }
3869
3870 static int alg_find_test(const char *alg)
3871 {
3872 int start = 0;
3873 int end = ARRAY_SIZE(alg_test_descs);
3874
3875 while (start < end) {
3876 int i = (start + end) / 2;
3877 int diff = strcmp(alg_test_descs[i].alg, alg);
3878
3879 if (diff > 0) {
3880 end = i;
3881 continue;
3882 }
3883
3884 if (diff < 0) {
3885 start = i + 1;
3886 continue;
3887 }
3888
3889 return i;
3890 }
3891
3892 return -1;
3893 }
3894
3895 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3896 {
3897 int i;
3898 int j;
3899 int rc;
3900
3901 alg_test_descs_check_order();
3902
3903 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3904 char nalg[CRYPTO_MAX_ALG_NAME];
3905
3906 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
3907 sizeof(nalg))
3908 return -ENAMETOOLONG;
3909
3910 i = alg_find_test(nalg);
3911 if (i < 0)
3912 goto notest;
3913
3914 if (fips_enabled && !alg_test_descs[i].fips_allowed)
3915 goto non_fips_alg;
3916
3917 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
3918 goto test_done;
3919 }
3920
3921 i = alg_find_test(alg);
3922 j = alg_find_test(driver);
3923 if (i < 0 && j < 0)
3924 goto notest;
3925
3926 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
3927 (j >= 0 && !alg_test_descs[j].fips_allowed)))
3928 goto non_fips_alg;
3929
3930 rc = 0;
3931 if (i >= 0)
3932 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
3933 type, mask);
3934 if (j >= 0 && j != i)
3935 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
3936 type, mask);
3937
3938 test_done:
3939 if (fips_enabled && rc)
3940 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
3941
3942 if (fips_enabled && !rc)
3943 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
3944
3945 return rc;
3946
3947 notest:
3948 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
3949 return 0;
3950 non_fips_alg:
3951 return -EINVAL;
3952 }
3953
3954 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
3955
3956 EXPORT_SYMBOL_GPL(alg_test);
ubuntu-bionic-kernel mirror