--- zzzz-none-000/linux-3.10.107/crypto/testmgr.c 2017-06-27 09:49:32.000000000 +0000 +++ scorpion-7490-727/linux-3.10.107/crypto/testmgr.c 2021-02-04 17:41:59.000000000 +0000 @@ -20,13 +20,18 @@ * */ +#include #include +#include #include +#include #include #include #include #include #include +#include +#include #include "internal.h" @@ -108,6 +113,16 @@ unsigned int count; }; +struct drbg_test_suite { + struct drbg_testvec *vecs; + unsigned int count; +}; + +struct akcipher_test_suite { + struct akcipher_testvec *vecs; + unsigned int count; +}; + struct alg_test_desc { const char *alg; int (*test)(const struct alg_test_desc *desc, const char *driver, @@ -121,6 +136,8 @@ struct pcomp_test_suite pcomp; struct hash_test_suite hash; struct cprng_test_suite cprng; + struct drbg_test_suite drbg; + struct akcipher_test_suite akcipher; } suite; }; @@ -136,6 +153,8 @@ static void tcrypt_complete(struct crypto_async_request *req, int err) { struct tcrypt_result *res = req->data; + if (err) + pr_err("Error received in %s(), error = %d\n", __func__, err); if (err == -EINPROGRESS) return; @@ -171,231 +190,372 @@ free_page((unsigned long)buf[i]); } -static int do_one_async_hash_op(struct ahash_request *req, - struct tcrypt_result *tr, - int ret) +static int wait_async_op(struct tcrypt_result *tr, int ret) { if (ret == -EINPROGRESS || ret == -EBUSY) { - ret = wait_for_completion_interruptible(&tr->completion); - if (!ret) - ret = tr->err; - INIT_COMPLETION(tr->completion); + wait_for_completion(&tr->completion); + reinit_completion(&tr->completion); + ret = tr->err; } return ret; } -static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template, - unsigned int tcount, bool use_digest) +static int __test_hash(struct hash_testvec *template, unsigned int tcount, + bool use_digest, const int align_offset, + const char *driver, u32 type, u32 mask) { - const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); + struct crypto_ahash *tfm; unsigned int i, j, k, temp; struct scatterlist sg[8]; - char result[64]; + char *result; + char *key; struct ahash_request *req; struct tcrypt_result tresult; void *hash_buff; char *xbuf[XBUFSIZE]; + const char *algo; int ret = -ENOMEM; + result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL); + if (!result) + return ret; + key = kmalloc(MAX_KEYLEN, GFP_KERNEL); + if (!key) + goto out_nobuf; if (testmgr_alloc_buf(xbuf)) goto out_nobuf; - init_completion(&tresult.completion); - - req = ahash_request_alloc(tfm, GFP_KERNEL); - if (!req) { - printk(KERN_ERR "alg: hash: Failed to allocate request for " - "%s\n", algo); - goto out_noreq; - } - ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, - tcrypt_complete, &tresult); - j = 0; + pr_info("ahash test for %s driver on continuous test vectors\n", + driver); + for (i = 0; i < tcount; i++) { + const char *algo; + if (template[i].np) continue; + ret = -EINVAL; + if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE)) + goto out_noreq; + j++; - memset(result, 0, 64); + tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_warn("alg: hash: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); + + init_completion(&tresult.completion); + + req = ahash_request_alloc(tfm, GFP_KERNEL); + if (!req) { + pr_warn("alg: hash: Failed to allocate request for %s\n", + algo); + crypto_free_ahash(tfm); + goto out_noreq; + } + + ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &tresult); + + memset(result, 0, MAX_DIGEST_SIZE); hash_buff = xbuf[0]; + hash_buff += align_offset; memcpy(hash_buff, template[i].plaintext, template[i].psize); sg_init_one(&sg[0], hash_buff, template[i].psize); if (template[i].ksize) { crypto_ahash_clear_flags(tfm, ~0); - ret = crypto_ahash_setkey(tfm, template[i].key, - template[i].ksize); + if (template[i].ksize > MAX_KEYLEN) { + pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", + j, algo, template[i].ksize, MAX_KEYLEN); + ret = -EINVAL; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; + } + + memcpy(key, template[i].key, template[i].ksize); + ret = crypto_ahash_setkey(tfm, key, template[i].ksize); if (ret) { printk(KERN_ERR "alg: hash: setkey failed on " "test %d for %s: ret=%d\n", j, algo, -ret); - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } } ahash_request_set_crypt(req, sg, result, template[i].psize); if (use_digest) { - ret = do_one_async_hash_op(req, &tresult, - crypto_ahash_digest(req)); + ret = wait_async_op(&tresult, crypto_ahash_digest(req)); if (ret) { pr_err("alg: hash: digest failed on test %d " "for %s: ret=%d\n", j, algo, -ret); - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } } else { - ret = do_one_async_hash_op(req, &tresult, - crypto_ahash_init(req)); + ret = wait_async_op(&tresult, crypto_ahash_init(req)); if (ret) { pr_err("alt: hash: init failed on test %d " "for %s: ret=%d\n", j, algo, -ret); - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } - ret = do_one_async_hash_op(req, &tresult, - crypto_ahash_update(req)); + ret = wait_async_op(&tresult, crypto_ahash_update(req)); if (ret) { pr_err("alt: hash: update failed on test %d " "for %s: ret=%d\n", j, algo, -ret); - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } - ret = do_one_async_hash_op(req, &tresult, - crypto_ahash_final(req)); + ret = wait_async_op(&tresult, crypto_ahash_final(req)); if (ret) { pr_err("alt: hash: final failed on test %d " "for %s: ret=%d\n", j, algo, -ret); - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } } - if (memcmp(result, template[i].digest, - crypto_ahash_digestsize(tfm))) { - printk(KERN_ERR "alg: hash: Test %d failed for %s\n", - j, algo); + if (memcmp(result, template[i].digest, crypto_ahash_digestsize(tfm))) { + pr_warn("alg: hash: Test %d failed for %s(plaintext size: %d)\n", + j, algo, template[i].psize); hexdump(result, crypto_ahash_digestsize(tfm)); ret = -EINVAL; - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } + + crypto_free_ahash(tfm); + ahash_request_free(req); + pr_info("ahash test completed for %s algorithm(plaintext size: %d)\n", + algo, template[i].psize); } + pr_info("ahash test on noncontinuous test vectors for %s driver\n", driver); j = 0; for (i = 0; i < tcount; i++) { - if (template[i].np) { - j++; - memset(result, 0, 64); + const char *algo; - temp = 0; - sg_init_table(sg, template[i].np); - ret = -EINVAL; - for (k = 0; k < template[i].np; k++) { - if (WARN_ON(offset_in_page(IDX[k]) + - template[i].tap[k] > PAGE_SIZE)) - goto out; - sg_set_buf(&sg[k], - memcpy(xbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]), - template[i].plaintext + temp, - template[i].tap[k]), - template[i].tap[k]); - temp += template[i].tap[k]; - } - - if (template[i].ksize) { - crypto_ahash_clear_flags(tfm, ~0); - ret = crypto_ahash_setkey(tfm, template[i].key, - template[i].ksize); - - if (ret) { - printk(KERN_ERR "alg: hash: setkey " - "failed on chunking test %d " - "for %s: ret=%d\n", j, algo, - -ret); - goto out; - } - } + /* alignment tests are only done with continuous buffers */ + if (align_offset != 0) + break; - ahash_request_set_crypt(req, sg, result, - template[i].psize); - ret = crypto_ahash_digest(req); - switch (ret) { - case 0: - break; - case -EINPROGRESS: - case -EBUSY: - ret = wait_for_completion_interruptible( - &tresult.completion); - if (!ret && !(ret = tresult.err)) { - INIT_COMPLETION(tresult.completion); - break; - } - /* fall through */ - default: - printk(KERN_ERR "alg: hash: digest failed " - "on chunking test %d for %s: " - "ret=%d\n", j, algo, -ret); - goto out; - } + if (!template[i].np) + continue; + + j++; + tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_warn("alg: hash: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm)); + + init_completion(&tresult.completion); - if (memcmp(result, template[i].digest, - crypto_ahash_digestsize(tfm))) { - printk(KERN_ERR "alg: hash: Chunking test %d " - "failed for %s\n", j, algo); - hexdump(result, crypto_ahash_digestsize(tfm)); + req = ahash_request_alloc(tfm, GFP_KERNEL); + if (!req) { + printk(KERN_ERR "alg: hash: Failed to allocate request for %s\n", algo); + crypto_free_ahash(tfm); + goto out_noreq; + } + + ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &tresult); + + memset(result, 0, MAX_DIGEST_SIZE); + + temp = 0; + sg_init_table(sg, template[i].np); + ret = -EINVAL; + for (k = 0; k < template[i].np; k++) { + if (WARN_ON(offset_in_page(IDX[k]) + + template[i].tap[k] > PAGE_SIZE)) { + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; + } + sg_set_buf(&sg[k], + memcpy(xbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]), + template[i].plaintext + temp, + template[i].tap[k]), + template[i].tap[k]); + temp += template[i].tap[k]; + } + + if (template[i].ksize) { + if (template[i].ksize > MAX_KEYLEN) { + pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n", + j, algo, template[i].ksize, MAX_KEYLEN); ret = -EINVAL; - goto out; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } + crypto_ahash_clear_flags(tfm, ~0); + memcpy(key, template[i].key, template[i].ksize); + ret = crypto_ahash_setkey(tfm, key, template[i].ksize); + + if (ret) { + printk(KERN_ERR "alg: hash: setkey " + "failed on chunking test %d " + "for %s: ret=%d\n", j, algo, -ret); + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; + } + } + + ahash_request_set_crypt(req, sg, result, template[i].psize); + ret = crypto_ahash_digest(req); + switch (ret) { + case 0: + break; + case -EINPROGRESS: + case -EBUSY: + pr_info("ahash test is waiting to be completed for %s algorithm on noncontinuous " + "test vector (plaintext size: %d)\n", algo, template[i].psize); + wait_for_completion(&tresult.completion); + reinit_completion(&tresult.completion); + ret = tresult.err; + if (!ret) + break; + /* fall through */ + default: + printk(KERN_ERR "alg: hash: digest failed " + "on chunking test %d for %s: " + "ret=%d\n", j, algo, -ret); + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; } + + if (memcmp(result, template[i].digest, + crypto_ahash_digestsize(tfm))) { + printk(KERN_ERR "alg: hash: Chunking test %d " + "failed for %s\n", j, algo); + hexdump(result, crypto_ahash_digestsize(tfm)); + ret = -EINVAL; + crypto_free_ahash(tfm); + ahash_request_free(req); + goto out_noreq; + } + crypto_free_ahash(tfm); + ahash_request_free(req); + pr_info("ahash test completed for %s algorithm on noncontinuous " + "test vector(plaintext size: %d)\n", algo, template[i].psize); } + pr_info("AHASH test %s for non-continuous test vectors " + "on %s driver", j ? "completed" : "not completed", driver); ret = 0; -out: - ahash_request_free(req); out_noreq: testmgr_free_buf(xbuf); out_nobuf: + kfree(key); + kfree(result); return ret; } -static int __test_aead(struct crypto_aead *tfm, int enc, - struct aead_testvec *template, unsigned int tcount, - const bool diff_dst) +static int test_hash(struct hash_testvec *template, unsigned int tcount, + bool use_digest, const char *driver, u32 type, u32 mask) { - const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); +#ifdef CONFIG_CRYPTO_ALL_CASES + unsigned int alignmask; + struct crypto_ahash *tfm; +#endif + int ret; + + ret = __test_hash(template, tcount, use_digest, 0, driver, type, mask); + if (ret) + return ret; +#ifdef CONFIG_CRYPTO_ALL_CASES + /* test unaligned buffers, check with one byte offset */ + ret = __test_hash(template, tcount, use_digest, 1, driver, type, mask); + if (ret) + return ret; + + tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_warn("alg: hash: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + alignmask = crypto_tfm_alg_alignmask(&tfm->base); + crypto_free_ahash(tfm); + if (alignmask) { + /* Check if alignment mask for tfm is correctly set. */ + ret = __test_hash(template, tcount, use_digest, + alignmask + 1, driver, type, mask); + if (ret) + return ret; + } +#endif + return 0; +} + +static int __test_aead(struct aead_testvec *template, unsigned int tcount, + int enc, const bool diff_dst, const int align_offset, + const char *driver, u32 type, u32 mask) +{ + struct crypto_aead *tfm; + struct aead_request *req; unsigned int i, j, k, n, temp; int ret = -ENOMEM; char *q; char *key; - struct aead_request *req; struct scatterlist *sg; - struct scatterlist *asg; struct scatterlist *sgout; const char *e, *d; struct tcrypt_result result; - unsigned int authsize; + unsigned int authsize, iv_len; void *input; void *output; void *assoc; - char iv[MAX_IVLEN]; + char *iv; char *xbuf[XBUFSIZE]; char *xoutbuf[XBUFSIZE]; char *axbuf[XBUFSIZE]; + const char *algo; + iv = kzalloc(MAX_IVLEN, GFP_KERNEL); + if (!iv) + return ret; + key = kmalloc(MAX_KEYLEN, GFP_KERNEL); + if (!key) + goto out_noxbuf; if (testmgr_alloc_buf(xbuf)) goto out_noxbuf; if (testmgr_alloc_buf(axbuf)) goto out_noaxbuf; - if (diff_dst && testmgr_alloc_buf(xoutbuf)) goto out_nooutbuf; /* avoid "the frame size is larger than 1024 bytes" compiler warning */ - sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 3 : 2), GFP_KERNEL); + sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL); if (!sg) goto out_nosg; - asg = &sg[8]; - sgout = &asg[8]; + sgout = &sg[16]; if (diff_dst) d = "-ddst"; @@ -407,316 +567,418 @@ else e = "decryption"; - init_completion(&result.completion); - - req = aead_request_alloc(tfm, GFP_KERNEL); - if (!req) { - pr_err("alg: aead%s: Failed to allocate request for %s\n", - d, algo); - goto out; - } - - aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, - tcrypt_complete, &result); - + pr_info("running aead test for %s driver\n", driver); for (i = 0, j = 0; i < tcount; i++) { - if (!template[i].np) { - j++; + const char *algo; - /* some tepmplates have no input data but they will - * touch input - */ - input = xbuf[0]; - assoc = axbuf[0]; - - ret = -EINVAL; - if (WARN_ON(template[i].ilen > PAGE_SIZE || - template[i].alen > PAGE_SIZE)) - goto out; - - memcpy(input, template[i].input, template[i].ilen); - memcpy(assoc, template[i].assoc, template[i].alen); - if (template[i].iv) - memcpy(iv, template[i].iv, MAX_IVLEN); - else - memset(iv, 0, MAX_IVLEN); + if (template[i].np) + continue; + j++; + tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: aead: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); + + init_completion(&result.completion); + + req = aead_request_alloc(tfm, GFP_KERNEL); + if (!req) { + pr_err("alg: aead%s: Failed to allocate request for %s\n", + d, algo); + crypto_free_aead(tfm); + goto out; + } - crypto_aead_clear_flags(tfm, ~0); - if (template[i].wk) - crypto_aead_set_flags( - tfm, CRYPTO_TFM_REQ_WEAK_KEY); - - key = template[i].key; - - ret = crypto_aead_setkey(tfm, key, - template[i].klen); - if (!ret == template[i].fail) { - pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n", - d, j, algo, crypto_aead_get_flags(tfm)); - goto out; - } else if (ret) - continue; + aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &result); - authsize = abs(template[i].rlen - template[i].ilen); - ret = crypto_aead_setauthsize(tfm, authsize); - if (ret) { - pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n", - d, authsize, j, algo); - goto out; - } + /* some templates have no input data but they will + * touch input + */ + input = xbuf[0]; + input += align_offset; + assoc = axbuf[0]; - sg_init_one(&sg[0], input, - template[i].ilen + (enc ? authsize : 0)); + ret = -EINVAL; + if (WARN_ON(align_offset + template[i].ilen > + PAGE_SIZE || template[i].alen > PAGE_SIZE)) { + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } - if (diff_dst) { - output = xoutbuf[0]; - sg_init_one(&sgout[0], output, - template[i].ilen + - (enc ? authsize : 0)); - } else { - output = input; - } + memcpy(input, template[i].input, template[i].ilen); + memcpy(assoc, template[i].assoc, template[i].alen); + iv_len = crypto_aead_ivsize(tfm); + if (template[i].iv) + memcpy(iv, template[i].iv, iv_len); + else + memset(iv, 0, iv_len); - sg_init_one(&asg[0], assoc, template[i].alen); + crypto_aead_clear_flags(tfm, ~0); + if (template[i].wk) + crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); - aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, - template[i].ilen, iv); + if (template[i].klen > MAX_KEYLEN) { + pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", + d, j, algo, template[i].klen, + MAX_KEYLEN); + ret = -EINVAL; + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } + memcpy(key, template[i].key, template[i].klen); - aead_request_set_assoc(req, asg, template[i].alen); + ret = crypto_aead_setkey(tfm, key, template[i].klen); + if (!ret == template[i].fail) { + pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n", + d, j, algo, crypto_aead_get_flags(tfm)); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } else if (ret) + continue; - ret = enc ? - crypto_aead_encrypt(req) : - crypto_aead_decrypt(req); + authsize = abs(template[i].rlen - template[i].ilen); + ret = crypto_aead_setauthsize(tfm, authsize); + if (ret) { + pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n", + d, authsize, j, algo); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } - switch (ret) { - case 0: - if (template[i].novrfy) { - /* verification was supposed to fail */ - pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n", - d, e, j, algo); - /* so really, we got a bad message */ - ret = -EBADMSG; - goto out; - } - break; - case -EINPROGRESS: - case -EBUSY: - ret = wait_for_completion_interruptible( - &result.completion); - if (!ret && !(ret = result.err)) { - INIT_COMPLETION(result.completion); - break; - } - case -EBADMSG: - if (template[i].novrfy) - /* verification failure was expected */ - continue; - /* fall through */ - default: - pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n", - d, e, j, algo, -ret); + k = !!template[i].alen; + sg_init_table(sg, k + 1); + sg_set_buf(&sg[0], assoc, template[i].alen); + sg_set_buf(&sg[k], input, + template[i].ilen + (enc ? authsize : 0)); + output = input; + + if (diff_dst) { + sg_init_table(sgout, k + 1); + sg_set_buf(&sgout[0], assoc, template[i].alen); + + output = xoutbuf[0]; + output += align_offset; + sg_set_buf(&sgout[k], output, + template[i].rlen + (enc ? 0 : authsize)); + } + + aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, + template[i].ilen, iv); + + aead_request_set_ad(req, template[i].alen); + + ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req); + + switch (ret) { + case 0: + if (template[i].novrfy) { + /* verification was supposed to fail */ + pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n", + d, e, j, algo); + /* so really, we got a bad message */ + ret = -EBADMSG; + aead_request_free(req); + crypto_free_aead(tfm); goto out; } - - q = output; - if (memcmp(q, template[i].result, template[i].rlen)) { - pr_err("alg: aead%s: Test %d failed on %s for %s\n", - d, j, e, algo); - hexdump(q, template[i].rlen); - ret = -EINVAL; - goto out; + break; + case -EINPROGRESS: + case -EBUSY: + pr_info("aead test started for %s algorithm (cipher_keylen:%d, auth_keylen:%d) \n", algo, template[i].klen, template[i].alen); + wait_for_completion(&result.completion); + reinit_completion(&result.completion); + ret = result.err; + if (!ret) + break; + case -EBADMSG: + if (template[i].novrfy) { + /* verification failure was expected */ + aead_request_free(req); + crypto_free_aead(tfm); + continue; } + /* fall through */ + default: + pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n", + d, e, j, algo, -ret); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } + + q = output; + if (memcmp(q, template[i].result, template[i].rlen)) { + pr_err("alg: aead%s: Test %d failed on %s for %s\n", + d, j, e, algo); + hexdump(q, template[i].rlen); + ret = -EINVAL; + aead_request_free(req); + crypto_free_aead(tfm); + goto out; } + pr_info("aead test completed for %s algorithm (cipher_keylen:%d, auth_keylen:%d) \n", algo, template[i].klen, template[i].alen); + aead_request_free(req); + crypto_free_aead(tfm); } + pr_info("running aead test for %s driver on noncontinuous buffers\n", driver); for (i = 0, j = 0; i < tcount; i++) { - if (template[i].np) { - j++; + const char *algo; - if (template[i].iv) - memcpy(iv, template[i].iv, MAX_IVLEN); - else - memset(iv, 0, MAX_IVLEN); - - crypto_aead_clear_flags(tfm, ~0); - if (template[i].wk) - crypto_aead_set_flags( - tfm, CRYPTO_TFM_REQ_WEAK_KEY); - key = template[i].key; - - ret = crypto_aead_setkey(tfm, key, template[i].klen); - if (!ret == template[i].fail) { - pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n", - d, j, algo, crypto_aead_get_flags(tfm)); - goto out; - } else if (ret) - continue; + /* alignment tests are only done with continuous buffers */ + if (align_offset != 0) + break; - authsize = abs(template[i].rlen - template[i].ilen); + if (!template[i].np) + continue; - ret = -EINVAL; - sg_init_table(sg, template[i].np); - if (diff_dst) - sg_init_table(sgout, template[i].np); - for (k = 0, temp = 0; k < template[i].np; k++) { - if (WARN_ON(offset_in_page(IDX[k]) + - template[i].tap[k] > PAGE_SIZE)) - goto out; + tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: aead: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm)); + + init_completion(&result.completion); + + req = aead_request_alloc(tfm, GFP_KERNEL); + if (!req) { + pr_err("alg: aead%s: Failed to allocate request for %s\n", + d, algo); + crypto_free_aead(tfm); + goto out; + } - q = xbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); + aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &result); - memcpy(q, template[i].input + temp, - template[i].tap[k]); + j++; - n = template[i].tap[k]; - if (k == template[i].np - 1 && enc) - n += authsize; - if (offset_in_page(q) + n < PAGE_SIZE) - q[n] = 0; + if (template[i].iv) + memcpy(iv, template[i].iv, MAX_IVLEN); + else + memset(iv, 0, MAX_IVLEN); - sg_set_buf(&sg[k], q, template[i].tap[k]); + crypto_aead_clear_flags(tfm, ~0); + if (template[i].wk) + crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY); + if (template[i].klen > MAX_KEYLEN) { + pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n", + d, j, algo, template[i].klen, MAX_KEYLEN); + ret = -EINVAL; + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } + memcpy(key, template[i].key, template[i].klen); - if (diff_dst) { - q = xoutbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); + ret = crypto_aead_setkey(tfm, key, template[i].klen); + if (!ret == template[i].fail) { + pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n", + d, j, algo, crypto_aead_get_flags(tfm)); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } else if (ret) + continue; - memset(q, 0, template[i].tap[k]); - if (offset_in_page(q) + n < PAGE_SIZE) - q[n] = 0; + authsize = abs(template[i].rlen - template[i].ilen); - sg_set_buf(&sgout[k], q, - template[i].tap[k]); - } + ret = -EINVAL; + sg_init_table(sg, template[i].anp + template[i].np); + if (diff_dst) + sg_init_table(sgout, template[i].anp + template[i].np); - temp += template[i].tap[k]; + ret = -EINVAL; + for (k = 0, temp = 0; k < template[i].anp; k++) { + if (WARN_ON(offset_in_page(IDX[k]) + + template[i].atap[k] > PAGE_SIZE)) { + aead_request_free(req); + crypto_free_aead(tfm); + goto out; } - ret = crypto_aead_setauthsize(tfm, authsize); - if (ret) { - pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n", - d, authsize, j, algo); + sg_set_buf(&sg[k], + memcpy(axbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]), + template[i].assoc + temp, + template[i].atap[k]), + template[i].atap[k]); + if (diff_dst) + sg_set_buf(&sgout[k], + axbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]), + template[i].atap[k]); + temp += template[i].atap[k]; + } + + for (k = 0, temp = 0; k < template[i].np; k++) { + if (WARN_ON(offset_in_page(IDX[k]) + + template[i].tap[k] > PAGE_SIZE)) { + aead_request_free(req); + crypto_free_aead(tfm); goto out; } - if (enc) { - if (WARN_ON(sg[k - 1].offset + - sg[k - 1].length + authsize > - PAGE_SIZE)) { - ret = -EINVAL; - goto out; - } + q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); + + memcpy(q, template[i].input + temp, template[i].tap[k]); + sg_set_buf(&sg[template[i].anp + k], + q, template[i].tap[k]); - sg[k - 1].length += authsize; + if (diff_dst) { + q = xoutbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]); + + memset(q, 0, template[i].tap[k]); - if (diff_dst) - sgout[k - 1].length += authsize; + sg_set_buf(&sgout[template[i].anp + k], + q, template[i].tap[k]); } - sg_init_table(asg, template[i].anp); - ret = -EINVAL; - for (k = 0, temp = 0; k < template[i].anp; k++) { - if (WARN_ON(offset_in_page(IDX[k]) + - template[i].atap[k] > PAGE_SIZE)) - goto out; - sg_set_buf(&asg[k], - memcpy(axbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]), - template[i].assoc + temp, - template[i].atap[k]), - template[i].atap[k]); - temp += template[i].atap[k]; + n = template[i].tap[k]; + if (k == template[i].np - 1 && enc) + n += authsize; + if (offset_in_page(q) + n < PAGE_SIZE) + q[n] = 0; + + temp += template[i].tap[k]; + } + + ret = crypto_aead_setauthsize(tfm, authsize); + if (ret) { + pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n", + d, authsize, j, algo); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } + + if (enc) { + if (WARN_ON(sg[template[i].anp + k - 1].offset + + sg[template[i].anp + k - 1].length + + authsize > PAGE_SIZE)) { + ret = -EINVAL; + aead_request_free(req); + crypto_free_aead(tfm); + goto out; } - aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, - template[i].ilen, - iv); - - aead_request_set_assoc(req, asg, template[i].alen); - - ret = enc ? - crypto_aead_encrypt(req) : - crypto_aead_decrypt(req); - - switch (ret) { - case 0: - if (template[i].novrfy) { - /* verification was supposed to fail */ - pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n", - d, e, j, algo); - /* so really, we got a bad message */ - ret = -EBADMSG; - goto out; - } - break; - case -EINPROGRESS: - case -EBUSY: - ret = wait_for_completion_interruptible( - &result.completion); - if (!ret && !(ret = result.err)) { - INIT_COMPLETION(result.completion); - break; - } - case -EBADMSG: - if (template[i].novrfy) - /* verification failure was expected */ - continue; - /* fall through */ - default: - pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n", - d, e, j, algo, -ret); + if (diff_dst) + sgout[template[i].anp + k - 1].length += + authsize; + sg[template[i].anp + k - 1].length += authsize; + } + + aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, + template[i].ilen, + iv); + + aead_request_set_ad(req, template[i].alen); + + ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req); + + switch (ret) { + case 0: + if (template[i].novrfy) { + /* verification was supposed to fail */ + pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n", + d, e, j, algo); + /* so really, we got a bad message */ + ret = -EBADMSG; + aead_request_free(req); + crypto_free_aead(tfm); goto out; } + break; + case -EINPROGRESS: + case -EBUSY: + pr_info("aead on noncontinuous test vectors started for %s algorithm (cipher_keylen:%d, auth_keylen:%d) \n", algo, template[i].klen, template[i].alen); + wait_for_completion(&result.completion); + reinit_completion(&result.completion); + ret = result.err; + if (!ret) + break; + case -EBADMSG: + if (template[i].novrfy) { + /* verification failure was expected */ + aead_request_free(req); + crypto_free_aead(tfm); + continue; + } + /* fall through */ + default: + pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n", + d, e, j, algo, -ret); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } - ret = -EINVAL; - for (k = 0, temp = 0; k < template[i].np; k++) { - if (diff_dst) - q = xoutbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); - else - q = xbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); + ret = -EINVAL; + for (k = 0, temp = 0; k < template[i].np; k++) { + if (diff_dst) + q = xoutbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]); + else + q = xbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]); - n = template[i].tap[k]; - if (k == template[i].np - 1) - n += enc ? authsize : -authsize; - - if (memcmp(q, template[i].result + temp, n)) { - pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n", - d, j, e, k, algo); - hexdump(q, n); - goto out; - } - - q += n; - if (k == template[i].np - 1 && !enc) { - if (!diff_dst && - memcmp(q, template[i].input + - temp + n, authsize)) - n = authsize; - else - n = 0; - } else { - for (n = 0; offset_in_page(q + n) && - q[n]; n++) - ; - } - if (n) { - pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", - d, j, e, k, algo, n); - hexdump(q, n); - goto out; - } + n = template[i].tap[k]; + if (k == template[i].np - 1) + n += enc ? authsize : -authsize; + + if (memcmp(q, template[i].result + temp, n)) { + pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n", + d, j, e, k, algo); + hexdump(q, n); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } - temp += template[i].tap[k]; + q += n; + if (k == template[i].np - 1 && !enc) { + if (!diff_dst && + memcmp(q, template[i].input + + temp + n, authsize)) + n = authsize; + else + n = 0; + } else { + for (n = 0; offset_in_page(q + n) && q[n]; n++) + ; } + if (n) { + pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", + d, j, e, k, algo, n); + hexdump(q, n); + aead_request_free(req); + crypto_free_aead(tfm); + goto out; + } + + temp += template[i].tap[k]; } + pr_info("aead on noncontinuous test vectors completed for %s algorithm (cipher_keylen:%d, auth_keylen:%d) \n", algo, template[i].klen, template[i].alen); + aead_request_free(req); + crypto_free_aead(tfm); } ret = 0; out: - aead_request_free(req); kfree(sg); out_nosg: if (diff_dst) @@ -726,21 +988,53 @@ out_noaxbuf: testmgr_free_buf(xbuf); out_noxbuf: + kfree(key); + kfree(iv); return ret; } -static int test_aead(struct crypto_aead *tfm, int enc, - struct aead_testvec *template, unsigned int tcount) +static int test_aead(struct aead_testvec *template, unsigned int tcount, + int enc, const char *driver, u32 type, u32 mask) { +#ifdef CONFIG_CRYPTO_ALL_CASES + struct crypto_aead *tfm; + unsigned int alignmask; +#endif int ret; /* test 'dst == src' case */ - ret = __test_aead(tfm, enc, template, tcount, false); + ret = __test_aead(template, tcount, enc, false, 0, driver, type, mask); if (ret) return ret; - +#ifdef CONFIG_CRYPTO_ALL_CASES /* test 'dst != src' case */ - return __test_aead(tfm, enc, template, tcount, true); + ret = __test_aead(template, tcount, enc, true, 0, driver, type, mask); + if (ret) + return ret; + + /* test unaligned buffers, check with one byte offset */ + ret = __test_aead(template, tcount, enc, true, 1, driver, type, mask); + if (ret) + return ret; + + tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + printk(KERN_ERR "alg: aead: Failed to load transform for %s: " + "%ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + alignmask = crypto_tfm_alg_alignmask(&tfm->base); + crypto_free_aead(tfm); + if (alignmask) { + /* Check if alignment mask for tfm is correctly set. */ + ret = __test_aead(template, tcount, enc, true, + alignmask + 1, driver, type, mask); + if (ret) + return ret; + } +#endif + return 0; } static int test_cipher(struct crypto_cipher *tfm, int enc, @@ -818,15 +1112,14 @@ return ret; } -static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc, - struct cipher_testvec *template, unsigned int tcount, - const bool diff_dst) +static int __test_skcipher(struct cipher_testvec *template, unsigned int tcount, + int enc, const bool diff_dst, const int align_offset, + const char *driver, u32 type, u32 mask) { - const char *algo = - crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm)); + struct crypto_skcipher *tfm; + struct skcipher_request *req; unsigned int i, j, k, n, temp; char *q; - struct ablkcipher_request *req; struct scatterlist sg[8]; struct scatterlist sgout[8]; const char *e, *d; @@ -836,6 +1129,8 @@ char *xbuf[XBUFSIZE]; char *xoutbuf[XBUFSIZE]; int ret = -ENOMEM; + unsigned int ivsize; + const char *algo; if (testmgr_alloc_buf(xbuf)) goto out_nobuf; @@ -853,217 +1148,286 @@ else e = "decryption"; - init_completion(&result.completion); + pr_info("cipher test for %s driver\n", driver); + j = 0; + for (i = 0; i < tcount; i++) { + const char *algo; - req = ablkcipher_request_alloc(tfm, GFP_KERNEL); - if (!req) { - pr_err("alg: skcipher%s: Failed to allocate request for %s\n", - d, algo); - goto out; - } + if (template[i].np && !template[i].also_non_np) + continue; - ablkcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, - tcrypt_complete, &result); + tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: skcipher: Failed to load transform for " + "%s: %ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + + ivsize = crypto_skcipher_ivsize(tfm); + + algo = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); + init_completion(&result.completion); + + req = skcipher_request_alloc(tfm, GFP_KERNEL); + if (!req) { + pr_err("alg: skcipher%s: Failed to allocate request for %s\n", + d, algo); + crypto_free_skcipher(tfm); + goto out; + } + + skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &result); - j = 0; - for (i = 0; i < tcount; i++) { if (template[i].iv) - memcpy(iv, template[i].iv, MAX_IVLEN); + memcpy(iv, template[i].iv, ivsize); else memset(iv, 0, MAX_IVLEN); - if (!(template[i].np) || (template[i].also_non_np)) { - j++; + j++; + ret = -EINVAL; + if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE)) { + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } - ret = -EINVAL; - if (WARN_ON(template[i].ilen > PAGE_SIZE)) - goto out; + data = xbuf[0]; + data += align_offset; + memcpy(data, template[i].input, template[i].ilen); - data = xbuf[0]; - memcpy(data, template[i].input, template[i].ilen); + crypto_skcipher_clear_flags(tfm, ~0); + if (template[i].wk) + crypto_skcipher_set_flags(tfm, + CRYPTO_TFM_REQ_WEAK_KEY); - crypto_ablkcipher_clear_flags(tfm, ~0); - if (template[i].wk) - crypto_ablkcipher_set_flags( - tfm, CRYPTO_TFM_REQ_WEAK_KEY); - - ret = crypto_ablkcipher_setkey(tfm, template[i].key, - template[i].klen); - if (!ret == template[i].fail) { - pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n", - d, j, algo, - crypto_ablkcipher_get_flags(tfm)); - goto out; - } else if (ret) - continue; + ret = crypto_skcipher_setkey(tfm, template[i].key, + template[i].klen); + if (!ret == template[i].fail) { + pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n", + d, j, algo, crypto_skcipher_get_flags(tfm)); + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } else if (ret) + continue; - sg_init_one(&sg[0], data, template[i].ilen); - if (diff_dst) { - data = xoutbuf[0]; - sg_init_one(&sgout[0], data, template[i].ilen); - } + sg_init_one(&sg[0], data, template[i].ilen); + if (diff_dst) { + data = xoutbuf[0]; + data += align_offset; + sg_init_one(&sgout[0], data, template[i].ilen); + } - ablkcipher_request_set_crypt(req, sg, - (diff_dst) ? sgout : sg, - template[i].ilen, iv); - ret = enc ? - crypto_ablkcipher_encrypt(req) : - crypto_ablkcipher_decrypt(req); + skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, + template[i].ilen, iv); + ret = enc ? crypto_skcipher_encrypt(req) : + crypto_skcipher_decrypt(req); - switch (ret) { - case 0: + switch (ret) { + case 0: + break; + case -EINPROGRESS: + case -EBUSY: + pr_info("%s test started for %s algorithm (cipher_keylen:%d) \n", e, algo, template[i].klen); + wait_for_completion(&result.completion); + reinit_completion(&result.completion); + ret = result.err; + if (!ret) break; - case -EINPROGRESS: - case -EBUSY: - ret = wait_for_completion_interruptible( - &result.completion); - if (!ret && !((ret = result.err))) { - INIT_COMPLETION(result.completion); - break; - } - /* fall through */ - default: - pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n", - d, e, j, algo, -ret); - goto out; - } + /* fall through */ + default: + pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n", + d, e, j, algo, -ret); + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } - q = data; - if (memcmp(q, template[i].result, template[i].rlen)) { - pr_err("alg: skcipher%s: Test %d failed on %s for %s\n", - d, j, e, algo); - hexdump(q, template[i].rlen); - ret = -EINVAL; - goto out; - } + q = data; + if (memcmp(q, template[i].result, template[i].rlen)) { + pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n", + d, j, e, algo); + hexdump(q, template[i].rlen); + ret = -EINVAL; + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } + + if (template[i].iv_out && + memcmp(iv, template[i].iv_out, + crypto_skcipher_ivsize(tfm))) { + pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n", + d, j, e, algo); + hexdump(iv, crypto_skcipher_ivsize(tfm)); + ret = -EINVAL; + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; } + skcipher_request_free(req); + crypto_free_skcipher(tfm); + pr_info("%s test completed for %s algorithm (cipher_keylen:%d) \n", e, algo, template[i].klen); } + pr_info("cipher test on noncontinuous test vectors for %s driver\n", driver); j = 0; for (i = 0; i < tcount; i++) { + const char *algo; + + /* alignment tests are only done with continuous buffers */ + if (align_offset != 0) + break; + + if (!template[i].np) + continue; + + tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: skcipher: Failed to load transform for " + "%s: %ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + ivsize = crypto_skcipher_ivsize(tfm); + algo = crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm)); + init_completion(&result.completion); + + req = skcipher_request_alloc(tfm, GFP_KERNEL); + if (!req) { + pr_err("alg: skcipher%s: Failed to allocate request for %s\n", + d, algo); + crypto_free_skcipher(tfm); + goto out; + } + + skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &result); if (template[i].iv) - memcpy(iv, template[i].iv, MAX_IVLEN); + memcpy(iv, template[i].iv, ivsize); else memset(iv, 0, MAX_IVLEN); - if (template[i].np) { - j++; + j++; + crypto_skcipher_clear_flags(tfm, ~0); + if (template[i].wk) + crypto_skcipher_set_flags(tfm, + CRYPTO_TFM_REQ_WEAK_KEY); - crypto_ablkcipher_clear_flags(tfm, ~0); - if (template[i].wk) - crypto_ablkcipher_set_flags( - tfm, CRYPTO_TFM_REQ_WEAK_KEY); - - ret = crypto_ablkcipher_setkey(tfm, template[i].key, - template[i].klen); - if (!ret == template[i].fail) { - pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n", - d, j, algo, - crypto_ablkcipher_get_flags(tfm)); + ret = crypto_skcipher_setkey(tfm, template[i].key, + template[i].klen); + if (!ret == template[i].fail) { + pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n", + d, j, algo, crypto_skcipher_get_flags(tfm)); + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } else if (ret) + continue; + + temp = 0; + ret = -EINVAL; + sg_init_table(sg, template[i].np); + if (diff_dst) + sg_init_table(sgout, template[i].np); + for (k = 0; k < template[i].np; k++) { + if (WARN_ON(offset_in_page(IDX[k]) + + template[i].tap[k] > PAGE_SIZE)) { + skcipher_request_free(req); + crypto_free_skcipher(tfm); goto out; - } else if (ret) - continue; + } - temp = 0; - ret = -EINVAL; - sg_init_table(sg, template[i].np); - if (diff_dst) - sg_init_table(sgout, template[i].np); - for (k = 0; k < template[i].np; k++) { - if (WARN_ON(offset_in_page(IDX[k]) + - template[i].tap[k] > PAGE_SIZE)) - goto out; + q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); - q = xbuf[IDX[k] >> PAGE_SHIFT] + + memcpy(q, template[i].input + temp, template[i].tap[k]); + + if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE) + q[template[i].tap[k]] = 0; + + sg_set_buf(&sg[k], q, template[i].tap[k]); + if (diff_dst) { + q = xoutbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); - memcpy(q, template[i].input + temp, - template[i].tap[k]); + sg_set_buf(&sgout[k], q, template[i].tap[k]); - if (offset_in_page(q) + template[i].tap[k] < - PAGE_SIZE) + memset(q, 0, template[i].tap[k]); + if (offset_in_page(q) + + template[i].tap[k] < PAGE_SIZE) q[template[i].tap[k]] = 0; + } - sg_set_buf(&sg[k], q, template[i].tap[k]); - if (diff_dst) { - q = xoutbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); + temp += template[i].tap[k]; + } - sg_set_buf(&sgout[k], q, - template[i].tap[k]); + skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, + template[i].ilen, iv); - memset(q, 0, template[i].tap[k]); - if (offset_in_page(q) + - template[i].tap[k] < PAGE_SIZE) - q[template[i].tap[k]] = 0; - } + ret = enc ? crypto_skcipher_encrypt(req) : + crypto_skcipher_decrypt(req); - temp += template[i].tap[k]; - } - - ablkcipher_request_set_crypt(req, sg, - (diff_dst) ? sgout : sg, - template[i].ilen, iv); + switch (ret) { + case 0: + break; + case -EINPROGRESS: + case -EBUSY: + pr_info("%s test on noncontinuous test vectors started for %s algorithm (cipher_keylen:%d) \n", e, algo, template[i].klen); + wait_for_completion(&result.completion); + reinit_completion(&result.completion); + ret = result.err; + if (!ret) + break; + /* fall through */ + default: + pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n", + d, e, j, algo, -ret); + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; + } - ret = enc ? - crypto_ablkcipher_encrypt(req) : - crypto_ablkcipher_decrypt(req); + temp = 0; + ret = -EINVAL; + for (k = 0; k < template[i].np; k++) { + if (diff_dst) + q = xoutbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]); + else + q = xbuf[IDX[k] >> PAGE_SHIFT] + + offset_in_page(IDX[k]); - switch (ret) { - case 0: - break; - case -EINPROGRESS: - case -EBUSY: - ret = wait_for_completion_interruptible( - &result.completion); - if (!ret && !((ret = result.err))) { - INIT_COMPLETION(result.completion); - break; - } - /* fall through */ - default: - pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n", - d, e, j, algo, -ret); + if (memcmp(q, template[i].result + temp, + template[i].tap[k])) { + pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n", + d, j, e, k, algo); + hexdump(q, template[i].tap[k]); + skcipher_request_free(req); + crypto_free_skcipher(tfm); goto out; } - temp = 0; - ret = -EINVAL; - for (k = 0; k < template[i].np; k++) { - if (diff_dst) - q = xoutbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); - else - q = xbuf[IDX[k] >> PAGE_SHIFT] + - offset_in_page(IDX[k]); - - if (memcmp(q, template[i].result + temp, - template[i].tap[k])) { - pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n", - d, j, e, k, algo); - hexdump(q, template[i].tap[k]); - goto out; - } - - q += template[i].tap[k]; - for (n = 0; offset_in_page(q + n) && q[n]; n++) - ; - if (n) { - pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", - d, j, e, k, algo, n); - hexdump(q, n); - goto out; - } - temp += template[i].tap[k]; + q += template[i].tap[k]; + for (n = 0; offset_in_page(q + n) && q[n]; n++) + ; + if (n) { + pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n", + d, j, e, k, algo, n); + hexdump(q, n); + skcipher_request_free(req); + crypto_free_skcipher(tfm); + goto out; } + temp += template[i].tap[k]; } + skcipher_request_free(req); + crypto_free_skcipher(tfm); + pr_info("%s test completed on noncontinuous test vectors for %s algorithm (cipher_keylen:%d) \n", e, algo, template[i].klen); } ret = 0; - out: - ablkcipher_request_free(req); if (diff_dst) testmgr_free_buf(xoutbuf); out_nooutbuf: @@ -1072,18 +1436,47 @@ return ret; } -static int test_skcipher(struct crypto_ablkcipher *tfm, int enc, - struct cipher_testvec *template, unsigned int tcount) +static int test_skcipher(struct cipher_testvec *template, unsigned int tcount, + int enc, const char *driver, u32 type, u32 mask) { +#ifdef CONFIG_CRYPTO_ALL_CASES + struct crypto_skcipher *tfm; + unsigned int alignmask; +#endif int ret; /* test 'dst == src' case */ - ret = __test_skcipher(tfm, enc, template, tcount, false); + ret = __test_skcipher(template, tcount, enc, false, 0, driver, type, mask); if (ret) return ret; - +#ifdef CONFIG_CRYPTO_ALL_CASES /* test 'dst != src' case */ - return __test_skcipher(tfm, enc, template, tcount, true); + ret = __test_skcipher(template, tcount, enc, true, 0, driver, type, mask); + if (ret) + return ret; + + /* test unaligned buffers, check with one byte offset */ + ret = __test_skcipher(template, tcount, enc, true, 1, driver, type, mask); + if (ret) + return ret; + + tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: skcipher: Failed to load transform for " + "%s: %ld\n", driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + alignmask = crypto_tfm_alg_alignmask(&tfm->base); + crypto_free_skcipher(tfm); + if (alignmask) { + /* Check if alignment mask for tfm is correctly set. */ + ret = __test_skcipher(template, tcount, enc, true, + alignmask + 1, driver, type, mask); + if (ret) + return ret; + } +#endif + return 0; } static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate, @@ -1379,11 +1772,11 @@ for (j = 0; j < template[i].loops; j++) { err = crypto_rng_get_bytes(tfm, result, template[i].rlen); - if (err != template[i].rlen) { + if (err < 0) { printk(KERN_ERR "alg: cprng: Failed to obtain " "the correct amount of random data for " - "%s (requested %d, got %d)\n", algo, - template[i].rlen, err); + "%s (requested %d)\n", algo, + template[i].rlen); goto out; } } @@ -1407,29 +1800,24 @@ static int alg_test_aead(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { - struct crypto_aead *tfm; int err = 0; - tfm = crypto_alloc_aead(driver, type, mask); - if (IS_ERR(tfm)) { - printk(KERN_ERR "alg: aead: Failed to load transform for %s: " - "%ld\n", driver, PTR_ERR(tfm)); - return PTR_ERR(tfm); - } - if (desc->suite.aead.enc.vecs) { - err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs, - desc->suite.aead.enc.count); + err = test_aead(desc->suite.aead.enc.vecs, + desc->suite.aead.enc.count, ENCRYPT, driver, type, mask); if (err) goto out; } - if (!err && desc->suite.aead.dec.vecs) - err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs, - desc->suite.aead.dec.count); + if (!err && desc->suite.aead.dec.vecs) { + err = test_aead(desc->suite.aead.dec.vecs, + desc->suite.aead.dec.count, DECRYPT, driver, type, mask); + if (err) + goto out; + } + pr_info("AEAD test completed for %s algorithm\n", driver); out: - crypto_free_aead(tfm); return err; } @@ -1439,7 +1827,7 @@ struct crypto_cipher *tfm; int err = 0; - tfm = crypto_alloc_cipher(driver, type, mask); + tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask); if (IS_ERR(tfm)) { printk(KERN_ERR "alg: cipher: Failed to load transform for " "%s: %ld\n", driver, PTR_ERR(tfm)); @@ -1465,29 +1853,23 @@ static int alg_test_skcipher(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { - struct crypto_ablkcipher *tfm; int err = 0; - - tfm = crypto_alloc_ablkcipher(driver, type, mask); - if (IS_ERR(tfm)) { - printk(KERN_ERR "alg: skcipher: Failed to load transform for " - "%s: %ld\n", driver, PTR_ERR(tfm)); - return PTR_ERR(tfm); - } + pr_info("Starting cipher test for %s driver\n", driver); if (desc->suite.cipher.enc.vecs) { - err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs, - desc->suite.cipher.enc.count); + err = test_skcipher(desc->suite.cipher.enc.vecs, + desc->suite.cipher.enc.count, ENCRYPT, driver, type, mask); if (err) goto out; } - if (desc->suite.cipher.dec.vecs) - err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs, - desc->suite.cipher.dec.count); + if (desc->suite.cipher.dec.vecs) { + err = test_skcipher(desc->suite.cipher.dec.vecs, + desc->suite.cipher.dec.count, DECRYPT, driver, type, mask); + } out: - crypto_free_ablkcipher(tfm); + pr_info("cipher test %s for %s\n", err ? "failed" : "passed", driver); return err; } @@ -1538,23 +1920,19 @@ static int alg_test_hash(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { - struct crypto_ahash *tfm; int err; + pr_info("Starting ahash test for %s driver\n", driver); - tfm = crypto_alloc_ahash(driver, type, mask); - if (IS_ERR(tfm)) { - printk(KERN_ERR "alg: hash: Failed to load transform for %s: " - "%ld\n", driver, PTR_ERR(tfm)); - return PTR_ERR(tfm); - } + /* Test hash using digest */ + err = test_hash(desc->suite.hash.vecs, desc->suite.hash.count, + true, driver, type, mask); - err = test_hash(tfm, desc->suite.hash.vecs, - desc->suite.hash.count, true); + /* If no error, then test hash without digest */ if (!err) - err = test_hash(tfm, desc->suite.hash.vecs, - desc->suite.hash.count, false); + err = test_hash(desc->suite.hash.vecs, desc->suite.hash.count, + false, driver, type, mask); - crypto_free_ahash(tfm); + pr_info("ahash test %s for %s\n", err ? "failed" : "passed", driver); return err; } @@ -1569,7 +1947,7 @@ if (err) goto out; - tfm = crypto_alloc_shash(driver, type, mask); + tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask); if (IS_ERR(tfm)) { printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: " "%ld\n", driver, PTR_ERR(tfm)); @@ -1578,16 +1956,14 @@ } do { - struct { - struct shash_desc shash; - char ctx[crypto_shash_descsize(tfm)]; - } sdesc; + SHASH_DESC_ON_STACK(shash, tfm); + u32 *ctx = (u32 *)shash_desc_ctx(shash); - sdesc.shash.tfm = tfm; - sdesc.shash.flags = 0; + shash->tfm = tfm; + shash->flags = 0; - *(u32 *)sdesc.ctx = le32_to_cpu(420553207); - err = crypto_shash_final(&sdesc.shash, (u8 *)&val); + *ctx = le32_to_cpu(420553207); + err = crypto_shash_final(shash, (u8 *)&val); if (err) { printk(KERN_ERR "alg: crc32c: Operation failed for " "%s: %d\n", driver, err); @@ -1613,7 +1989,7 @@ struct crypto_rng *rng; int err; - rng = crypto_alloc_rng(driver, type, mask); + rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask); if (IS_ERR(rng)) { printk(KERN_ERR "alg: cprng: Failed to load transform for %s: " "%ld\n", driver, PTR_ERR(rng)); @@ -1627,6 +2003,259 @@ return err; } + +static int drbg_cavs_test(struct drbg_testvec *test, int pr, + const char *driver, u32 type, u32 mask) +{ + int ret = -EAGAIN; + struct crypto_rng *drng; + struct drbg_test_data test_data; + struct drbg_string addtl, pers, testentropy; + unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL); + + if (!buf) + return -ENOMEM; + + drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(drng)) { + printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for " + "%s\n", driver); + kzfree(buf); + return -ENOMEM; + } + + test_data.testentropy = &testentropy; + drbg_string_fill(&testentropy, test->entropy, test->entropylen); + drbg_string_fill(&pers, test->pers, test->perslen); + ret = crypto_drbg_reset_test(drng, &pers, &test_data); + if (ret) { + printk(KERN_ERR "alg: drbg: Failed to reset rng\n"); + goto outbuf; + } + + drbg_string_fill(&addtl, test->addtla, test->addtllen); + if (pr) { + drbg_string_fill(&testentropy, test->entpra, test->entprlen); + ret = crypto_drbg_get_bytes_addtl_test(drng, + buf, test->expectedlen, &addtl, &test_data); + } else { + ret = crypto_drbg_get_bytes_addtl(drng, + buf, test->expectedlen, &addtl); + } + if (ret < 0) { + printk(KERN_ERR "alg: drbg: could not obtain random data for " + "driver %s\n", driver); + goto outbuf; + } + + drbg_string_fill(&addtl, test->addtlb, test->addtllen); + if (pr) { + drbg_string_fill(&testentropy, test->entprb, test->entprlen); + ret = crypto_drbg_get_bytes_addtl_test(drng, + buf, test->expectedlen, &addtl, &test_data); + } else { + ret = crypto_drbg_get_bytes_addtl(drng, + buf, test->expectedlen, &addtl); + } + if (ret < 0) { + printk(KERN_ERR "alg: drbg: could not obtain random data for " + "driver %s\n", driver); + goto outbuf; + } + + ret = memcmp(test->expected, buf, test->expectedlen); + +outbuf: + crypto_free_rng(drng); + kzfree(buf); + return ret; +} + + +static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver, + u32 type, u32 mask) +{ + int err = 0; + int pr = 0; + int i = 0; + struct drbg_testvec *template = desc->suite.drbg.vecs; + unsigned int tcount = desc->suite.drbg.count; + + if (0 == memcmp(driver, "drbg_pr_", 8)) + pr = 1; + + for (i = 0; i < tcount; i++) { + err = drbg_cavs_test(&template[i], pr, driver, type, mask); + if (err) { + printk(KERN_ERR "alg: drbg: Test %d failed for %s\n", + i, driver); + err = -EINVAL; + break; + } + } + return err; + +} + +static int do_test_rsa(struct crypto_akcipher *tfm, + struct akcipher_testvec *vecs) +{ + char *xbuf[XBUFSIZE]; + struct akcipher_request *req; + void *outbuf_enc = NULL; + void *outbuf_dec = NULL; + struct tcrypt_result result; + unsigned int out_len_max, out_len = 0; + int err = -ENOMEM; + struct scatterlist src, dst, src_tab[2]; + + if (testmgr_alloc_buf(xbuf)) + return err; + + req = akcipher_request_alloc(tfm, GFP_KERNEL); + if (!req) + goto free_xbuf; + + init_completion(&result.completion); + + if (vecs->public_key_vec) + err = crypto_akcipher_set_pub_key(tfm, vecs->key, + vecs->key_len); + else + err = crypto_akcipher_set_priv_key(tfm, vecs->key, + vecs->key_len); + if (err) + goto free_req; + + out_len_max = crypto_akcipher_maxsize(tfm); + outbuf_enc = kzalloc(out_len_max, GFP_KERNEL); + if (!outbuf_enc) + goto free_req; + + if (WARN_ON(vecs->m_size > PAGE_SIZE)) + goto free_all; + + memcpy(xbuf[0], vecs->m, vecs->m_size); + + sg_init_table(src_tab, 2); + sg_set_buf(&src_tab[0], xbuf[0], 8); + sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8); + sg_init_one(&dst, outbuf_enc, out_len_max); + akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size, + out_len_max); + akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG, + tcrypt_complete, &result); + + /* Run RSA encrypt - c = m^e mod n;*/ + err = wait_async_op(&result, crypto_akcipher_encrypt(req)); + if (err) { + pr_err("alg: rsa: encrypt test failed. err %d\n", err); + goto free_all; + } + if (req->dst_len != vecs->c_size) { + pr_err("alg: rsa: encrypt test failed. Invalid output len\n"); + err = -EINVAL; + goto free_all; + } + /* verify that encrypted message is equal to expected */ + if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) { + pr_err("alg: rsa: encrypt test failed. Invalid output\n"); + err = -EINVAL; + goto free_all; + } + /* Don't invoke decrypt for vectors with public key */ + if (vecs->public_key_vec) { + err = 0; + goto free_all; + } + outbuf_dec = kzalloc(out_len_max, GFP_KERNEL); + if (!outbuf_dec) { + err = -ENOMEM; + goto free_all; + } + + if (WARN_ON(vecs->c_size > PAGE_SIZE)) + goto free_all; + + memcpy(xbuf[0], vecs->c, vecs->c_size); + + sg_init_one(&src, xbuf[0], vecs->c_size); + sg_init_one(&dst, outbuf_dec, out_len_max); + init_completion(&result.completion); + akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max); + + /* Run RSA decrypt - m = c^d mod n;*/ + err = wait_async_op(&result, crypto_akcipher_decrypt(req)); + if (err) { + pr_err("alg: rsa: decrypt test failed. err %d\n", err); + goto free_all; + } + out_len = req->dst_len; + if (out_len != vecs->m_size) { + pr_err("alg: rsa: decrypt test failed. Invalid output len\n"); + err = -EINVAL; + goto free_all; + } + /* verify that decrypted message is equal to the original msg */ + if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) { + pr_err("alg: rsa: decrypt test failed. Invalid output\n"); + err = -EINVAL; + } +free_all: + kfree(outbuf_dec); + kfree(outbuf_enc); +free_req: + akcipher_request_free(req); +free_xbuf: + testmgr_free_buf(xbuf); + return err; +} + +static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs, + unsigned int tcount) +{ + int ret, i; + + for (i = 0; i < tcount; i++) { + ret = do_test_rsa(tfm, vecs++); + if (ret) { + pr_err("alg: rsa: test failed on vector %d, err=%d\n", + i + 1, ret); + return ret; + } + } + return 0; +} + +static int test_akcipher(struct crypto_akcipher *tfm, const char *alg, + struct akcipher_testvec *vecs, unsigned int tcount) +{ + if (strncmp(alg, "rsa", 3) == 0) + return test_rsa(tfm, vecs, tcount); + + return 0; +} + +static int alg_test_akcipher(const struct alg_test_desc *desc, + const char *driver, u32 type, u32 mask) +{ + struct crypto_akcipher *tfm; + int err = 0; + + tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask); + if (IS_ERR(tfm)) { + pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n", + driver, PTR_ERR(tfm)); + return PTR_ERR(tfm); + } + if (desc->suite.akcipher.vecs) + err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs, + desc->suite.akcipher.count); + + crypto_free_akcipher(tfm); + return err; +} + static int alg_test_null(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { @@ -1654,16 +2283,10 @@ .alg = "__cbc-twofish-avx", .test = alg_test_null, }, { - .alg = "__cbc-twofish-avx2", - .test = alg_test_null, - }, { .alg = "__driver-cbc-aes-aesni", .test = alg_test_null, .fips_allowed = 1, }, { - .alg = "__driver-cbc-blowfish-avx2", - .test = alg_test_null, - }, { .alg = "__driver-cbc-camellia-aesni", .test = alg_test_null, }, { @@ -1688,16 +2311,10 @@ .alg = "__driver-cbc-twofish-avx", .test = alg_test_null, }, { - .alg = "__driver-cbc-twofish-avx2", - .test = alg_test_null, - }, { .alg = "__driver-ecb-aes-aesni", .test = alg_test_null, .fips_allowed = 1, }, { - .alg = "__driver-ecb-blowfish-avx2", - .test = alg_test_null, - }, { .alg = "__driver-ecb-camellia-aesni", .test = alg_test_null, }, { @@ -1722,8 +2339,9 @@ .alg = "__driver-ecb-twofish-avx", .test = alg_test_null, }, { - .alg = "__driver-ecb-twofish-avx2", + .alg = "__driver-gcm-aes-aesni", .test = alg_test_null, + .fips_allowed = 1, }, { .alg = "__ghash-pclmulqdqni", .test = alg_test_null, @@ -1739,14 +2357,103 @@ } } }, { + .alg = "authenc(hmac(md5),ecb(cipher_null))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = hmac_md5_ecb_cipher_null_enc_tv_template, + .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS + }, + .dec = { + .vecs = hmac_md5_ecb_cipher_null_dec_tv_template, + .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS + } + } + } + }, { .alg = "authenc(hmac(sha1),cbc(aes))", .test = alg_test_aead, .fips_allowed = 1, .suite = { .aead = { .enc = { - .vecs = hmac_sha1_aes_cbc_enc_tv_template, - .count = HMAC_SHA1_AES_CBC_ENC_TEST_VECTORS + .vecs = + hmac_sha1_aes_cbc_enc_tv_temp, + .count = + HMAC_SHA1_AES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha1),cbc(des))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha1_des_cbc_enc_tv_temp, + .count = + HMAC_SHA1_DES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha1),cbc(des3_ede))", + .test = alg_test_aead, + .fips_allowed = 1, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha1_des3_ede_cbc_enc_tv_temp, + .count = + HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha1),ecb(cipher_null))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha1_ecb_cipher_null_enc_tv_temp, + .count = + HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC + }, + .dec = { + .vecs = + hmac_sha1_ecb_cipher_null_dec_tv_temp, + .count = + HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha224),cbc(des))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha224_des_cbc_enc_tv_temp, + .count = + HMAC_SHA224_DES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha224),cbc(des3_ede))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha224_des3_ede_cbc_enc_tv_temp, + .count = + HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC } } } @@ -1757,20 +2464,116 @@ .suite = { .aead = { .enc = { - .vecs = hmac_sha256_aes_cbc_enc_tv_template, - .count = HMAC_SHA256_AES_CBC_ENC_TEST_VECTORS + .vecs = + hmac_sha256_aes_cbc_enc_tv_temp, + .count = + HMAC_SHA256_AES_CBC_ENC_TEST_VEC } } } }, { - .alg = "authenc(hmac(sha512),cbc(aes))", + .alg = "authenc(hmac(sha256),cbc(des))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha256_des_cbc_enc_tv_temp, + .count = + HMAC_SHA256_DES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha256),cbc(des3_ede))", .test = alg_test_aead, .fips_allowed = 1, .suite = { .aead = { .enc = { - .vecs = hmac_sha512_aes_cbc_enc_tv_template, - .count = HMAC_SHA512_AES_CBC_ENC_TEST_VECTORS + .vecs = + hmac_sha256_des3_ede_cbc_enc_tv_temp, + .count = + HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha384),cbc(aes))", + .test = alg_test_aead, + .fips_allowed = 1, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha384_aes_cbc_enc_tv_temp, + .count = + HMAC_SHA384_AES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha384),cbc(des))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha384_des_cbc_enc_tv_temp, + .count = + HMAC_SHA384_DES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha384),cbc(des3_ede))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha384_des3_ede_cbc_enc_tv_temp, + .count = + HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha512),cbc(aes))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha512_aes_cbc_enc_tv_temp, + .count = + HMAC_SHA512_AES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha512),cbc(des))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha512_des_cbc_enc_tv_temp, + .count = + HMAC_SHA512_DES_CBC_ENC_TEST_VEC + } + } + } + }, { + .alg = "authenc(hmac(sha512),cbc(des3_ede))", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = + hmac_sha512_des3_ede_cbc_enc_tv_temp, + .count = + HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC } } } @@ -1943,7 +2746,23 @@ } } }, { + .alg = "chacha20", + .test = alg_test_skcipher, + .suite = { + .cipher = { + .enc = { + .vecs = chacha20_enc_tv_template, + .count = CHACHA20_ENC_TEST_VECTORS + }, + .dec = { + .vecs = chacha20_enc_tv_template, + .count = CHACHA20_ENC_TEST_VECTORS + }, + } + } + }, { .alg = "cmac(aes)", + .fips_allowed = 1, .test = alg_test_hash, .suite = { .hash = { @@ -1953,6 +2772,7 @@ } }, { .alg = "cmac(des3_ede)", + .fips_allowed = 1, .test = alg_test_hash, .suite = { .hash = { @@ -1964,6 +2784,15 @@ .alg = "compress_null", .test = alg_test_null, }, { + .alg = "crc32", + .test = alg_test_hash, + .suite = { + .hash = { + .vecs = crc32_tv_template, + .count = CRC32_TEST_VECTORS + } + } + }, { .alg = "crc32c", .test = alg_test_crc32c, .fips_allowed = 1, @@ -1974,12 +2803,19 @@ } } }, { - .alg = "cryptd(__driver-cbc-aes-aesni)", - .test = alg_test_null, + .alg = "crct10dif", + .test = alg_test_hash, .fips_allowed = 1, + .suite = { + .hash = { + .vecs = crct10dif_tv_template, + .count = CRCT10DIF_TEST_VECTORS + } + } }, { - .alg = "cryptd(__driver-cbc-blowfish-avx2)", + .alg = "cryptd(__driver-cbc-aes-aesni)", .test = alg_test_null, + .fips_allowed = 1, }, { .alg = "cryptd(__driver-cbc-camellia-aesni)", .test = alg_test_null, @@ -1994,9 +2830,6 @@ .test = alg_test_null, .fips_allowed = 1, }, { - .alg = "cryptd(__driver-ecb-blowfish-avx2)", - .test = alg_test_null, - }, { .alg = "cryptd(__driver-ecb-camellia-aesni)", .test = alg_test_null, }, { @@ -2021,9 +2854,6 @@ .alg = "cryptd(__driver-ecb-twofish-avx)", .test = alg_test_null, }, { - .alg = "cryptd(__driver-ecb-twofish-avx2)", - .test = alg_test_null, - }, { .alg = "cryptd(__driver-gcm-aes-aesni)", .test = alg_test_null, .fips_allowed = 1, @@ -2202,6 +3032,152 @@ .alg = "digest_null", .test = alg_test_null, }, { + .alg = "drbg_nopr_ctr_aes128", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_nopr_ctr_aes128_tv_template, + .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template) + } + } + }, { + .alg = "drbg_nopr_ctr_aes192", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_nopr_ctr_aes192_tv_template, + .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template) + } + } + }, { + .alg = "drbg_nopr_ctr_aes256", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_nopr_ctr_aes256_tv_template, + .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template) + } + } + }, { + /* + * There is no need to specifically test the DRBG with every + * backend cipher -- covered by drbg_nopr_hmac_sha256 test + */ + .alg = "drbg_nopr_hmac_sha1", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_nopr_hmac_sha256", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_nopr_hmac_sha256_tv_template, + .count = + ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template) + } + } + }, { + /* covered by drbg_nopr_hmac_sha256 test */ + .alg = "drbg_nopr_hmac_sha384", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_nopr_hmac_sha512", + .test = alg_test_null, + .fips_allowed = 1, + }, { + .alg = "drbg_nopr_sha1", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_nopr_sha256", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_nopr_sha256_tv_template, + .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template) + } + } + }, { + /* covered by drbg_nopr_sha256 test */ + .alg = "drbg_nopr_sha384", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_nopr_sha512", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_ctr_aes128", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_pr_ctr_aes128_tv_template, + .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template) + } + } + }, { + /* covered by drbg_pr_ctr_aes128 test */ + .alg = "drbg_pr_ctr_aes192", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_ctr_aes256", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_hmac_sha1", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_hmac_sha256", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_pr_hmac_sha256_tv_template, + .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template) + } + } + }, { + /* covered by drbg_pr_hmac_sha256 test */ + .alg = "drbg_pr_hmac_sha384", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_hmac_sha512", + .test = alg_test_null, + .fips_allowed = 1, + }, { + .alg = "drbg_pr_sha1", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_sha256", + .test = alg_test_drbg, + .fips_allowed = 1, + .suite = { + .drbg = { + .vecs = drbg_pr_sha256_tv_template, + .count = ARRAY_SIZE(drbg_pr_sha256_tv_template) + } + } + }, { + /* covered by drbg_pr_sha256 test */ + .alg = "drbg_pr_sha384", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "drbg_pr_sha512", + .fips_allowed = 1, + .test = alg_test_null, + }, { .alg = "ecb(__aes-aesni)", .test = alg_test_null, .fips_allowed = 1, @@ -2317,7 +3293,6 @@ }, { .alg = "ecb(des)", .test = alg_test_skcipher, - .fips_allowed = 1, .suite = { .cipher = { .enc = { @@ -2594,6 +3569,26 @@ } } }, { + .alg = "jitterentropy_rng", + .fips_allowed = 1, + .test = alg_test_null, + }, { + .alg = "kw(aes)", + .test = alg_test_skcipher, + .fips_allowed = 1, + .suite = { + .cipher = { + .enc = { + .vecs = aes_kw_enc_tv_template, + .count = ARRAY_SIZE(aes_kw_enc_tv_template) + }, + .dec = { + .vecs = aes_kw_dec_tv_template, + .count = ARRAY_SIZE(aes_kw_dec_tv_template) + } + } + } + }, { .alg = "lrw(aes)", .test = alg_test_skcipher, .suite = { @@ -2669,6 +3664,38 @@ } } }, { + .alg = "lz4", + .test = alg_test_comp, + .fips_allowed = 1, + .suite = { + .comp = { + .comp = { + .vecs = lz4_comp_tv_template, + .count = LZ4_COMP_TEST_VECTORS + }, + .decomp = { + .vecs = lz4_decomp_tv_template, + .count = LZ4_DECOMP_TEST_VECTORS + } + } + } + }, { + .alg = "lz4hc", + .test = alg_test_comp, + .fips_allowed = 1, + .suite = { + .comp = { + .comp = { + .vecs = lz4hc_comp_tv_template, + .count = LZ4HC_COMP_TEST_VECTORS + }, + .decomp = { + .vecs = lz4hc_decomp_tv_template, + .count = LZ4HC_DECOMP_TEST_VECTORS + } + } + } + }, { .alg = "lzo", .test = alg_test_comp, .fips_allowed = 1, @@ -2743,6 +3770,15 @@ } } }, { + .alg = "poly1305", + .test = alg_test_hash, + .suite = { + .hash = { + .vecs = poly1305_tv_template, + .count = POLY1305_TEST_VECTORS + } + } + }, { .alg = "rfc3686(ctr(aes))", .test = alg_test_skcipher, .fips_allowed = 1, @@ -2761,6 +3797,7 @@ }, { .alg = "rfc4106(gcm(aes))", .test = alg_test_aead, + .fips_allowed = 1, .suite = { .aead = { .enc = { @@ -2805,6 +3842,36 @@ } } }, { + .alg = "rfc7539(chacha20,poly1305)", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = rfc7539_enc_tv_template, + .count = RFC7539_ENC_TEST_VECTORS + }, + .dec = { + .vecs = rfc7539_dec_tv_template, + .count = RFC7539_DEC_TEST_VECTORS + }, + } + } + }, { + .alg = "rfc7539esp(chacha20,poly1305)", + .test = alg_test_aead, + .suite = { + .aead = { + .enc = { + .vecs = rfc7539esp_enc_tv_template, + .count = RFC7539ESP_ENC_TEST_VECTORS + }, + .dec = { + .vecs = rfc7539esp_dec_tv_template, + .count = RFC7539ESP_DEC_TEST_VECTORS + }, + } + } + }, { .alg = "rmd128", .test = alg_test_hash, .suite = { @@ -2841,6 +3908,16 @@ } } }, { + .alg = "rsa", + .test = alg_test_akcipher, + .fips_allowed = 1, + .suite = { + .akcipher = { + .vecs = rsa_tv_template, + .count = RSA_TEST_VECTORS + } + } + }, { .alg = "salsa20", .test = alg_test_skcipher, .suite = { @@ -3068,6 +4145,35 @@ } }; +static bool alg_test_descs_checked; + +static void alg_test_descs_check_order(void) +{ + int i; + + /* only check once */ + if (alg_test_descs_checked) + return; + + alg_test_descs_checked = true; + + for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) { + int diff = strcmp(alg_test_descs[i - 1].alg, + alg_test_descs[i].alg); + + if (WARN_ON(diff > 0)) { + pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n", + alg_test_descs[i - 1].alg, + alg_test_descs[i].alg); + } + + if (WARN_ON(diff == 0)) { + pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n", + alg_test_descs[i].alg); + } + } +} + static int alg_find_test(const char *alg) { int start = 0; @@ -3099,6 +4205,8 @@ int j; int rc; + alg_test_descs_check_order(); + if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) { char nalg[CRYPTO_MAX_ALG_NAME]; @@ -3130,7 +4238,7 @@ if (i >= 0) rc |= alg_test_descs[i].test(alg_test_descs + i, driver, type, mask); - if (j >= 0) + if (j >= 0 && j != i) rc |= alg_test_descs[j].test(alg_test_descs + j, driver, type, mask); @@ -3139,8 +4247,7 @@ panic("%s: %s alg self test failed in fips mode!\n", driver, alg); if (fips_enabled && !rc) - printk(KERN_INFO "alg: self-tests for %s (%s) passed\n", - driver, alg); + pr_info("alg: self-tests for %s (%s) passed\n", driver, alg); return rc;