2 * Algorithm testing framework and tests.
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
6 * Copyright (c) 2007 Nokia Siemens Networks
7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
9 * Updated RFC4106 AES-GCM testing.
10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com)
11 * Adrian Hoban <adrian.hoban@intel.com>
12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
13 * Tadeusz Struk (tadeusz.struk@intel.com)
14 * Copyright (c) 2010, Intel Corporation.
16 * This program is free software; you can redistribute it and/or modify it
17 * under the terms of the GNU General Public License as published by the Free
18 * Software Foundation; either version 2 of the License, or (at your option)
23 #include <crypto/aead.h>
24 #include <crypto/hash.h>
25 #include <crypto/skcipher.h>
26 #include <linux/err.h>
27 #include <linux/fips.h>
28 #include <linux/module.h>
29 #include <linux/scatterlist.h>
30 #include <linux/slab.h>
31 #include <linux/string.h>
32 #include <crypto/rng.h>
33 #include <crypto/drbg.h>
34 #include <crypto/akcipher.h>
39 module_param(notests, bool, 0644);
40 MODULE_PARM_DESC(notests, "disable crypto self-tests");
42 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
45 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
55 * Need slab memory for testing (size in number of pages).
60 * Indexes into the xbuf to simulate cross-page access.
72 * Used by test_cipher()
77 struct tcrypt_result {
78 struct completion completion;
82 struct aead_test_suite {
84 struct aead_testvec *vecs;
89 struct cipher_test_suite {
91 struct cipher_testvec *vecs;
96 struct comp_test_suite {
98 struct comp_testvec *vecs;
103 struct hash_test_suite {
104 struct hash_testvec *vecs;
108 struct cprng_test_suite {
109 struct cprng_testvec *vecs;
113 struct drbg_test_suite {
114 struct drbg_testvec *vecs;
118 struct akcipher_test_suite {
119 struct akcipher_testvec *vecs;
123 struct alg_test_desc {
125 int (*test)(const struct alg_test_desc *desc, const char *driver,
127 int fips_allowed; /* set if alg is allowed in fips mode */
130 struct aead_test_suite aead;
131 struct cipher_test_suite cipher;
132 struct comp_test_suite comp;
133 struct hash_test_suite hash;
134 struct cprng_test_suite cprng;
135 struct drbg_test_suite drbg;
136 struct akcipher_test_suite akcipher;
140 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
142 static void hexdump(unsigned char *buf, unsigned int len)
144 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
149 static void tcrypt_complete(struct crypto_async_request *req, int err)
151 struct tcrypt_result *res = req->data;
153 if (err == -EINPROGRESS)
157 complete(&res->completion);
160 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
164 for (i = 0; i < XBUFSIZE; i++) {
165 buf[i] = (void *)__get_free_page(GFP_KERNEL);
174 free_page((unsigned long)buf[i]);
179 static void testmgr_free_buf(char *buf[XBUFSIZE])
183 for (i = 0; i < XBUFSIZE; i++)
184 free_page((unsigned long)buf[i]);
187 static int wait_async_op(struct tcrypt_result *tr, int ret)
189 if (ret == -EINPROGRESS || ret == -EBUSY) {
190 wait_for_completion(&tr->completion);
191 reinit_completion(&tr->completion);
197 static int ahash_partial_update(struct ahash_request **preq,
198 struct crypto_ahash *tfm, struct hash_testvec *template,
199 void *hash_buff, int k, int temp, struct scatterlist *sg,
200 const char *algo, char *result, struct tcrypt_result *tresult)
203 struct ahash_request *req;
204 int statesize, ret = -EINVAL;
207 statesize = crypto_ahash_statesize(
208 crypto_ahash_reqtfm(req));
209 state = kmalloc(statesize, GFP_KERNEL);
211 pr_err("alt: hash: Failed to alloc state for %s\n", algo);
214 ret = crypto_ahash_export(req, state);
216 pr_err("alt: hash: Failed to export() for %s\n", algo);
219 ahash_request_free(req);
220 req = ahash_request_alloc(tfm, GFP_KERNEL);
222 pr_err("alg: hash: Failed to alloc request for %s\n", algo);
225 ahash_request_set_callback(req,
226 CRYPTO_TFM_REQ_MAY_BACKLOG,
227 tcrypt_complete, tresult);
229 memcpy(hash_buff, template->plaintext + temp,
231 sg_init_one(&sg[0], hash_buff, template->tap[k]);
232 ahash_request_set_crypt(req, sg, result, template->tap[k]);
233 ret = crypto_ahash_import(req, state);
235 pr_err("alg: hash: Failed to import() for %s\n", algo);
238 ret = wait_async_op(tresult, crypto_ahash_update(req));
245 ahash_request_free(req);
252 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
253 unsigned int tcount, bool use_digest,
254 const int align_offset)
256 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
257 unsigned int i, j, k, temp;
258 struct scatterlist sg[8];
261 struct ahash_request *req;
262 struct tcrypt_result tresult;
264 char *xbuf[XBUFSIZE];
267 result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
270 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
273 if (testmgr_alloc_buf(xbuf))
276 init_completion(&tresult.completion);
278 req = ahash_request_alloc(tfm, GFP_KERNEL);
280 printk(KERN_ERR "alg: hash: Failed to allocate request for "
284 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
285 tcrypt_complete, &tresult);
288 for (i = 0; i < tcount; i++) {
293 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
297 memset(result, 0, MAX_DIGEST_SIZE);
300 hash_buff += align_offset;
302 memcpy(hash_buff, template[i].plaintext, template[i].psize);
303 sg_init_one(&sg[0], hash_buff, template[i].psize);
305 if (template[i].ksize) {
306 crypto_ahash_clear_flags(tfm, ~0);
307 if (template[i].ksize > MAX_KEYLEN) {
308 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
309 j, algo, template[i].ksize, MAX_KEYLEN);
313 memcpy(key, template[i].key, template[i].ksize);
314 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
316 printk(KERN_ERR "alg: hash: setkey failed on "
317 "test %d for %s: ret=%d\n", j, algo,
323 ahash_request_set_crypt(req, sg, result, template[i].psize);
325 ret = wait_async_op(&tresult, crypto_ahash_digest(req));
327 pr_err("alg: hash: digest failed on test %d "
328 "for %s: ret=%d\n", j, algo, -ret);
332 ret = wait_async_op(&tresult, crypto_ahash_init(req));
334 pr_err("alt: hash: init failed on test %d "
335 "for %s: ret=%d\n", j, algo, -ret);
338 ret = wait_async_op(&tresult, crypto_ahash_update(req));
340 pr_err("alt: hash: update failed on test %d "
341 "for %s: ret=%d\n", j, algo, -ret);
344 ret = wait_async_op(&tresult, crypto_ahash_final(req));
346 pr_err("alt: hash: final failed on test %d "
347 "for %s: ret=%d\n", j, algo, -ret);
352 if (memcmp(result, template[i].digest,
353 crypto_ahash_digestsize(tfm))) {
354 printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
356 hexdump(result, crypto_ahash_digestsize(tfm));
363 for (i = 0; i < tcount; i++) {
364 /* alignment tests are only done with continuous buffers */
365 if (align_offset != 0)
372 memset(result, 0, MAX_DIGEST_SIZE);
375 sg_init_table(sg, template[i].np);
377 for (k = 0; k < template[i].np; k++) {
378 if (WARN_ON(offset_in_page(IDX[k]) +
379 template[i].tap[k] > PAGE_SIZE))
382 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
383 offset_in_page(IDX[k]),
384 template[i].plaintext + temp,
387 temp += template[i].tap[k];
390 if (template[i].ksize) {
391 if (template[i].ksize > MAX_KEYLEN) {
392 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
393 j, algo, template[i].ksize, MAX_KEYLEN);
397 crypto_ahash_clear_flags(tfm, ~0);
398 memcpy(key, template[i].key, template[i].ksize);
399 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
402 printk(KERN_ERR "alg: hash: setkey "
403 "failed on chunking test %d "
404 "for %s: ret=%d\n", j, algo, -ret);
409 ahash_request_set_crypt(req, sg, result, template[i].psize);
410 ret = crypto_ahash_digest(req);
416 wait_for_completion(&tresult.completion);
417 reinit_completion(&tresult.completion);
423 printk(KERN_ERR "alg: hash: digest failed "
424 "on chunking test %d for %s: "
425 "ret=%d\n", j, algo, -ret);
429 if (memcmp(result, template[i].digest,
430 crypto_ahash_digestsize(tfm))) {
431 printk(KERN_ERR "alg: hash: Chunking test %d "
432 "failed for %s\n", j, algo);
433 hexdump(result, crypto_ahash_digestsize(tfm));
439 /* partial update exercise */
441 for (i = 0; i < tcount; i++) {
442 /* alignment tests are only done with continuous buffers */
443 if (align_offset != 0)
446 if (template[i].np < 2)
450 memset(result, 0, MAX_DIGEST_SIZE);
454 memcpy(hash_buff, template[i].plaintext,
456 sg_init_one(&sg[0], hash_buff, template[i].tap[0]);
458 if (template[i].ksize) {
459 crypto_ahash_clear_flags(tfm, ~0);
460 if (template[i].ksize > MAX_KEYLEN) {
461 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
462 j, algo, template[i].ksize, MAX_KEYLEN);
466 memcpy(key, template[i].key, template[i].ksize);
467 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
469 pr_err("alg: hash: setkey failed on test %d for %s: ret=%d\n",
475 ahash_request_set_crypt(req, sg, result, template[i].tap[0]);
476 ret = wait_async_op(&tresult, crypto_ahash_init(req));
478 pr_err("alt: hash: init failed on test %d for %s: ret=%d\n",
482 ret = wait_async_op(&tresult, crypto_ahash_update(req));
484 pr_err("alt: hash: update failed on test %d for %s: ret=%d\n",
489 temp = template[i].tap[0];
490 for (k = 1; k < template[i].np; k++) {
491 ret = ahash_partial_update(&req, tfm, &template[i],
492 hash_buff, k, temp, &sg[0], algo, result,
495 pr_err("hash: partial update failed on test %d for %s: ret=%d\n",
499 temp += template[i].tap[k];
501 ret = wait_async_op(&tresult, crypto_ahash_final(req));
503 pr_err("alt: hash: final failed on test %d for %s: ret=%d\n",
507 if (memcmp(result, template[i].digest,
508 crypto_ahash_digestsize(tfm))) {
509 pr_err("alg: hash: Partial Test %d failed for %s\n",
511 hexdump(result, crypto_ahash_digestsize(tfm));
520 ahash_request_free(req);
522 testmgr_free_buf(xbuf);
529 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
530 unsigned int tcount, bool use_digest)
532 unsigned int alignmask;
535 ret = __test_hash(tfm, template, tcount, use_digest, 0);
539 /* test unaligned buffers, check with one byte offset */
540 ret = __test_hash(tfm, template, tcount, use_digest, 1);
544 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
546 /* Check if alignment mask for tfm is correctly set. */
547 ret = __test_hash(tfm, template, tcount, use_digest,
556 static int __test_aead(struct crypto_aead *tfm, int enc,
557 struct aead_testvec *template, unsigned int tcount,
558 const bool diff_dst, const int align_offset)
560 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
561 unsigned int i, j, k, n, temp;
565 struct aead_request *req;
566 struct scatterlist *sg;
567 struct scatterlist *sgout;
569 struct tcrypt_result result;
570 unsigned int authsize, iv_len;
575 char *xbuf[XBUFSIZE];
576 char *xoutbuf[XBUFSIZE];
577 char *axbuf[XBUFSIZE];
579 iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
582 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
585 if (testmgr_alloc_buf(xbuf))
587 if (testmgr_alloc_buf(axbuf))
589 if (diff_dst && testmgr_alloc_buf(xoutbuf))
592 /* avoid "the frame size is larger than 1024 bytes" compiler warning */
593 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
608 init_completion(&result.completion);
610 req = aead_request_alloc(tfm, GFP_KERNEL);
612 pr_err("alg: aead%s: Failed to allocate request for %s\n",
617 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
618 tcrypt_complete, &result);
620 iv_len = crypto_aead_ivsize(tfm);
622 for (i = 0, j = 0; i < tcount; i++) {
628 /* some templates have no input data but they will
632 input += align_offset;
636 if (WARN_ON(align_offset + template[i].ilen >
637 PAGE_SIZE || template[i].alen > PAGE_SIZE))
640 memcpy(input, template[i].input, template[i].ilen);
641 memcpy(assoc, template[i].assoc, template[i].alen);
643 memcpy(iv, template[i].iv, iv_len);
645 memset(iv, 0, iv_len);
647 crypto_aead_clear_flags(tfm, ~0);
649 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
651 if (template[i].klen > MAX_KEYLEN) {
652 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
653 d, j, algo, template[i].klen,
658 memcpy(key, template[i].key, template[i].klen);
660 ret = crypto_aead_setkey(tfm, key, template[i].klen);
661 if (!ret == template[i].fail) {
662 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
663 d, j, algo, crypto_aead_get_flags(tfm));
668 authsize = abs(template[i].rlen - template[i].ilen);
669 ret = crypto_aead_setauthsize(tfm, authsize);
671 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
672 d, authsize, j, algo);
676 k = !!template[i].alen;
677 sg_init_table(sg, k + 1);
678 sg_set_buf(&sg[0], assoc, template[i].alen);
679 sg_set_buf(&sg[k], input,
680 template[i].ilen + (enc ? authsize : 0));
684 sg_init_table(sgout, k + 1);
685 sg_set_buf(&sgout[0], assoc, template[i].alen);
688 output += align_offset;
689 sg_set_buf(&sgout[k], output,
690 template[i].rlen + (enc ? 0 : authsize));
693 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
694 template[i].ilen, iv);
696 aead_request_set_ad(req, template[i].alen);
698 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
702 if (template[i].novrfy) {
703 /* verification was supposed to fail */
704 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
706 /* so really, we got a bad message */
713 wait_for_completion(&result.completion);
714 reinit_completion(&result.completion);
719 if (template[i].novrfy)
720 /* verification failure was expected */
724 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
725 d, e, j, algo, -ret);
730 if (memcmp(q, template[i].result, template[i].rlen)) {
731 pr_err("alg: aead%s: Test %d failed on %s for %s\n",
733 hexdump(q, template[i].rlen);
739 for (i = 0, j = 0; i < tcount; i++) {
740 /* alignment tests are only done with continuous buffers */
741 if (align_offset != 0)
750 memcpy(iv, template[i].iv, iv_len);
752 memset(iv, 0, MAX_IVLEN);
754 crypto_aead_clear_flags(tfm, ~0);
756 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
757 if (template[i].klen > MAX_KEYLEN) {
758 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
759 d, j, algo, template[i].klen, MAX_KEYLEN);
763 memcpy(key, template[i].key, template[i].klen);
765 ret = crypto_aead_setkey(tfm, key, template[i].klen);
766 if (!ret == template[i].fail) {
767 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
768 d, j, algo, crypto_aead_get_flags(tfm));
773 authsize = abs(template[i].rlen - template[i].ilen);
776 sg_init_table(sg, template[i].anp + template[i].np);
778 sg_init_table(sgout, template[i].anp + template[i].np);
781 for (k = 0, temp = 0; k < template[i].anp; k++) {
782 if (WARN_ON(offset_in_page(IDX[k]) +
783 template[i].atap[k] > PAGE_SIZE))
786 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
787 offset_in_page(IDX[k]),
788 template[i].assoc + temp,
789 template[i].atap[k]),
790 template[i].atap[k]);
792 sg_set_buf(&sgout[k],
793 axbuf[IDX[k] >> PAGE_SHIFT] +
794 offset_in_page(IDX[k]),
795 template[i].atap[k]);
796 temp += template[i].atap[k];
799 for (k = 0, temp = 0; k < template[i].np; k++) {
800 if (WARN_ON(offset_in_page(IDX[k]) +
801 template[i].tap[k] > PAGE_SIZE))
804 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
805 memcpy(q, template[i].input + temp, template[i].tap[k]);
806 sg_set_buf(&sg[template[i].anp + k],
807 q, template[i].tap[k]);
810 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
811 offset_in_page(IDX[k]);
813 memset(q, 0, template[i].tap[k]);
815 sg_set_buf(&sgout[template[i].anp + k],
816 q, template[i].tap[k]);
819 n = template[i].tap[k];
820 if (k == template[i].np - 1 && enc)
822 if (offset_in_page(q) + n < PAGE_SIZE)
825 temp += template[i].tap[k];
828 ret = crypto_aead_setauthsize(tfm, authsize);
830 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
831 d, authsize, j, algo);
836 if (WARN_ON(sg[template[i].anp + k - 1].offset +
837 sg[template[i].anp + k - 1].length +
838 authsize > PAGE_SIZE)) {
844 sgout[template[i].anp + k - 1].length +=
846 sg[template[i].anp + k - 1].length += authsize;
849 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
853 aead_request_set_ad(req, template[i].alen);
855 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
859 if (template[i].novrfy) {
860 /* verification was supposed to fail */
861 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
863 /* so really, we got a bad message */
870 wait_for_completion(&result.completion);
871 reinit_completion(&result.completion);
876 if (template[i].novrfy)
877 /* verification failure was expected */
881 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
882 d, e, j, algo, -ret);
887 for (k = 0, temp = 0; k < template[i].np; k++) {
889 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
890 offset_in_page(IDX[k]);
892 q = xbuf[IDX[k] >> PAGE_SHIFT] +
893 offset_in_page(IDX[k]);
895 n = template[i].tap[k];
896 if (k == template[i].np - 1)
897 n += enc ? authsize : -authsize;
899 if (memcmp(q, template[i].result + temp, n)) {
900 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
907 if (k == template[i].np - 1 && !enc) {
909 memcmp(q, template[i].input +
915 for (n = 0; offset_in_page(q + n) && q[n]; n++)
919 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
920 d, j, e, k, algo, n);
925 temp += template[i].tap[k];
932 aead_request_free(req);
936 testmgr_free_buf(xoutbuf);
938 testmgr_free_buf(axbuf);
940 testmgr_free_buf(xbuf);
947 static int test_aead(struct crypto_aead *tfm, int enc,
948 struct aead_testvec *template, unsigned int tcount)
950 unsigned int alignmask;
953 /* test 'dst == src' case */
954 ret = __test_aead(tfm, enc, template, tcount, false, 0);
958 /* test 'dst != src' case */
959 ret = __test_aead(tfm, enc, template, tcount, true, 0);
963 /* test unaligned buffers, check with one byte offset */
964 ret = __test_aead(tfm, enc, template, tcount, true, 1);
968 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
970 /* Check if alignment mask for tfm is correctly set. */
971 ret = __test_aead(tfm, enc, template, tcount, true,
980 static int test_cipher(struct crypto_cipher *tfm, int enc,
981 struct cipher_testvec *template, unsigned int tcount)
983 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
984 unsigned int i, j, k;
988 char *xbuf[XBUFSIZE];
991 if (testmgr_alloc_buf(xbuf))
1000 for (i = 0; i < tcount; i++) {
1007 if (WARN_ON(template[i].ilen > PAGE_SIZE))
1011 memcpy(data, template[i].input, template[i].ilen);
1013 crypto_cipher_clear_flags(tfm, ~0);
1015 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1017 ret = crypto_cipher_setkey(tfm, template[i].key,
1019 if (!ret == template[i].fail) {
1020 printk(KERN_ERR "alg: cipher: setkey failed "
1021 "on test %d for %s: flags=%x\n", j,
1022 algo, crypto_cipher_get_flags(tfm));
1027 for (k = 0; k < template[i].ilen;
1028 k += crypto_cipher_blocksize(tfm)) {
1030 crypto_cipher_encrypt_one(tfm, data + k,
1033 crypto_cipher_decrypt_one(tfm, data + k,
1038 if (memcmp(q, template[i].result, template[i].rlen)) {
1039 printk(KERN_ERR "alg: cipher: Test %d failed "
1040 "on %s for %s\n", j, e, algo);
1041 hexdump(q, template[i].rlen);
1050 testmgr_free_buf(xbuf);
1055 static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
1056 struct cipher_testvec *template, unsigned int tcount,
1057 const bool diff_dst, const int align_offset)
1060 crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
1061 unsigned int i, j, k, n, temp;
1063 struct skcipher_request *req;
1064 struct scatterlist sg[8];
1065 struct scatterlist sgout[8];
1067 struct tcrypt_result result;
1070 char *xbuf[XBUFSIZE];
1071 char *xoutbuf[XBUFSIZE];
1073 unsigned int ivsize = crypto_skcipher_ivsize(tfm);
1075 if (testmgr_alloc_buf(xbuf))
1078 if (diff_dst && testmgr_alloc_buf(xoutbuf))
1091 init_completion(&result.completion);
1093 req = skcipher_request_alloc(tfm, GFP_KERNEL);
1095 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
1100 skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1101 tcrypt_complete, &result);
1104 for (i = 0; i < tcount; i++) {
1105 if (template[i].np && !template[i].also_non_np)
1109 memcpy(iv, template[i].iv, ivsize);
1111 memset(iv, 0, MAX_IVLEN);
1115 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
1119 data += align_offset;
1120 memcpy(data, template[i].input, template[i].ilen);
1122 crypto_skcipher_clear_flags(tfm, ~0);
1124 crypto_skcipher_set_flags(tfm,
1125 CRYPTO_TFM_REQ_WEAK_KEY);
1127 ret = crypto_skcipher_setkey(tfm, template[i].key,
1129 if (!ret == template[i].fail) {
1130 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
1131 d, j, algo, crypto_skcipher_get_flags(tfm));
1136 sg_init_one(&sg[0], data, template[i].ilen);
1139 data += align_offset;
1140 sg_init_one(&sgout[0], data, template[i].ilen);
1143 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1144 template[i].ilen, iv);
1145 ret = enc ? crypto_skcipher_encrypt(req) :
1146 crypto_skcipher_decrypt(req);
1153 wait_for_completion(&result.completion);
1154 reinit_completion(&result.completion);
1160 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
1161 d, e, j, algo, -ret);
1166 if (memcmp(q, template[i].result, template[i].rlen)) {
1167 pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
1169 hexdump(q, template[i].rlen);
1174 if (template[i].iv_out &&
1175 memcmp(iv, template[i].iv_out,
1176 crypto_skcipher_ivsize(tfm))) {
1177 pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n",
1179 hexdump(iv, crypto_skcipher_ivsize(tfm));
1186 for (i = 0; i < tcount; i++) {
1187 /* alignment tests are only done with continuous buffers */
1188 if (align_offset != 0)
1191 if (!template[i].np)
1195 memcpy(iv, template[i].iv, ivsize);
1197 memset(iv, 0, MAX_IVLEN);
1200 crypto_skcipher_clear_flags(tfm, ~0);
1202 crypto_skcipher_set_flags(tfm,
1203 CRYPTO_TFM_REQ_WEAK_KEY);
1205 ret = crypto_skcipher_setkey(tfm, template[i].key,
1207 if (!ret == template[i].fail) {
1208 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
1209 d, j, algo, crypto_skcipher_get_flags(tfm));
1216 sg_init_table(sg, template[i].np);
1218 sg_init_table(sgout, template[i].np);
1219 for (k = 0; k < template[i].np; k++) {
1220 if (WARN_ON(offset_in_page(IDX[k]) +
1221 template[i].tap[k] > PAGE_SIZE))
1224 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
1226 memcpy(q, template[i].input + temp, template[i].tap[k]);
1228 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
1229 q[template[i].tap[k]] = 0;
1231 sg_set_buf(&sg[k], q, template[i].tap[k]);
1233 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1234 offset_in_page(IDX[k]);
1236 sg_set_buf(&sgout[k], q, template[i].tap[k]);
1238 memset(q, 0, template[i].tap[k]);
1239 if (offset_in_page(q) +
1240 template[i].tap[k] < PAGE_SIZE)
1241 q[template[i].tap[k]] = 0;
1244 temp += template[i].tap[k];
1247 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1248 template[i].ilen, iv);
1250 ret = enc ? crypto_skcipher_encrypt(req) :
1251 crypto_skcipher_decrypt(req);
1258 wait_for_completion(&result.completion);
1259 reinit_completion(&result.completion);
1265 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
1266 d, e, j, algo, -ret);
1272 for (k = 0; k < template[i].np; k++) {
1274 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1275 offset_in_page(IDX[k]);
1277 q = xbuf[IDX[k] >> PAGE_SHIFT] +
1278 offset_in_page(IDX[k]);
1280 if (memcmp(q, template[i].result + temp,
1281 template[i].tap[k])) {
1282 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
1284 hexdump(q, template[i].tap[k]);
1288 q += template[i].tap[k];
1289 for (n = 0; offset_in_page(q + n) && q[n]; n++)
1292 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
1293 d, j, e, k, algo, n);
1297 temp += template[i].tap[k];
1304 skcipher_request_free(req);
1306 testmgr_free_buf(xoutbuf);
1308 testmgr_free_buf(xbuf);
1313 static int test_skcipher(struct crypto_skcipher *tfm, int enc,
1314 struct cipher_testvec *template, unsigned int tcount)
1316 unsigned int alignmask;
1319 /* test 'dst == src' case */
1320 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1324 /* test 'dst != src' case */
1325 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1329 /* test unaligned buffers, check with one byte offset */
1330 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1334 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1336 /* Check if alignment mask for tfm is correctly set. */
1337 ret = __test_skcipher(tfm, enc, template, tcount, true,
1346 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
1347 struct comp_testvec *dtemplate, int ctcount, int dtcount)
1349 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
1351 char result[COMP_BUF_SIZE];
1354 for (i = 0; i < ctcount; i++) {
1356 unsigned int dlen = COMP_BUF_SIZE;
1358 memset(result, 0, sizeof (result));
1360 ilen = ctemplate[i].inlen;
1361 ret = crypto_comp_compress(tfm, ctemplate[i].input,
1362 ilen, result, &dlen);
1364 printk(KERN_ERR "alg: comp: compression failed "
1365 "on test %d for %s: ret=%d\n", i + 1, algo,
1370 if (dlen != ctemplate[i].outlen) {
1371 printk(KERN_ERR "alg: comp: Compression test %d "
1372 "failed for %s: output len = %d\n", i + 1, algo,
1378 if (memcmp(result, ctemplate[i].output, dlen)) {
1379 printk(KERN_ERR "alg: comp: Compression test %d "
1380 "failed for %s\n", i + 1, algo);
1381 hexdump(result, dlen);
1387 for (i = 0; i < dtcount; i++) {
1389 unsigned int dlen = COMP_BUF_SIZE;
1391 memset(result, 0, sizeof (result));
1393 ilen = dtemplate[i].inlen;
1394 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
1395 ilen, result, &dlen);
1397 printk(KERN_ERR "alg: comp: decompression failed "
1398 "on test %d for %s: ret=%d\n", i + 1, algo,
1403 if (dlen != dtemplate[i].outlen) {
1404 printk(KERN_ERR "alg: comp: Decompression test %d "
1405 "failed for %s: output len = %d\n", i + 1, algo,
1411 if (memcmp(result, dtemplate[i].output, dlen)) {
1412 printk(KERN_ERR "alg: comp: Decompression test %d "
1413 "failed for %s\n", i + 1, algo);
1414 hexdump(result, dlen);
1426 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template,
1427 unsigned int tcount)
1429 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
1430 int err = 0, i, j, seedsize;
1434 seedsize = crypto_rng_seedsize(tfm);
1436 seed = kmalloc(seedsize, GFP_KERNEL);
1438 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
1443 for (i = 0; i < tcount; i++) {
1444 memset(result, 0, 32);
1446 memcpy(seed, template[i].v, template[i].vlen);
1447 memcpy(seed + template[i].vlen, template[i].key,
1449 memcpy(seed + template[i].vlen + template[i].klen,
1450 template[i].dt, template[i].dtlen);
1452 err = crypto_rng_reset(tfm, seed, seedsize);
1454 printk(KERN_ERR "alg: cprng: Failed to reset rng "
1459 for (j = 0; j < template[i].loops; j++) {
1460 err = crypto_rng_get_bytes(tfm, result,
1463 printk(KERN_ERR "alg: cprng: Failed to obtain "
1464 "the correct amount of random data for "
1465 "%s (requested %d)\n", algo,
1471 err = memcmp(result, template[i].result,
1474 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
1476 hexdump(result, template[i].rlen);
1487 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
1490 struct crypto_aead *tfm;
1493 tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask);
1495 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
1496 "%ld\n", driver, PTR_ERR(tfm));
1497 return PTR_ERR(tfm);
1500 if (desc->suite.aead.enc.vecs) {
1501 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
1502 desc->suite.aead.enc.count);
1507 if (!err && desc->suite.aead.dec.vecs)
1508 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
1509 desc->suite.aead.dec.count);
1512 crypto_free_aead(tfm);
1516 static int alg_test_cipher(const struct alg_test_desc *desc,
1517 const char *driver, u32 type, u32 mask)
1519 struct crypto_cipher *tfm;
1522 tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1524 printk(KERN_ERR "alg: cipher: Failed to load transform for "
1525 "%s: %ld\n", driver, PTR_ERR(tfm));
1526 return PTR_ERR(tfm);
1529 if (desc->suite.cipher.enc.vecs) {
1530 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1531 desc->suite.cipher.enc.count);
1536 if (desc->suite.cipher.dec.vecs)
1537 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1538 desc->suite.cipher.dec.count);
1541 crypto_free_cipher(tfm);
1545 static int alg_test_skcipher(const struct alg_test_desc *desc,
1546 const char *driver, u32 type, u32 mask)
1548 struct crypto_skcipher *tfm;
1551 tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1553 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
1554 "%s: %ld\n", driver, PTR_ERR(tfm));
1555 return PTR_ERR(tfm);
1558 if (desc->suite.cipher.enc.vecs) {
1559 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1560 desc->suite.cipher.enc.count);
1565 if (desc->suite.cipher.dec.vecs)
1566 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1567 desc->suite.cipher.dec.count);
1570 crypto_free_skcipher(tfm);
1574 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
1577 struct crypto_comp *tfm;
1580 tfm = crypto_alloc_comp(driver, type, mask);
1582 printk(KERN_ERR "alg: comp: Failed to load transform for %s: "
1583 "%ld\n", driver, PTR_ERR(tfm));
1584 return PTR_ERR(tfm);
1587 err = test_comp(tfm, desc->suite.comp.comp.vecs,
1588 desc->suite.comp.decomp.vecs,
1589 desc->suite.comp.comp.count,
1590 desc->suite.comp.decomp.count);
1592 crypto_free_comp(tfm);
1596 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
1599 struct crypto_ahash *tfm;
1602 tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1604 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
1605 "%ld\n", driver, PTR_ERR(tfm));
1606 return PTR_ERR(tfm);
1609 err = test_hash(tfm, desc->suite.hash.vecs,
1610 desc->suite.hash.count, true);
1612 err = test_hash(tfm, desc->suite.hash.vecs,
1613 desc->suite.hash.count, false);
1615 crypto_free_ahash(tfm);
1619 static int alg_test_crc32c(const struct alg_test_desc *desc,
1620 const char *driver, u32 type, u32 mask)
1622 struct crypto_shash *tfm;
1626 err = alg_test_hash(desc, driver, type, mask);
1630 tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1632 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
1633 "%ld\n", driver, PTR_ERR(tfm));
1639 SHASH_DESC_ON_STACK(shash, tfm);
1640 u32 *ctx = (u32 *)shash_desc_ctx(shash);
1645 *ctx = le32_to_cpu(420553207);
1646 err = crypto_shash_final(shash, (u8 *)&val);
1648 printk(KERN_ERR "alg: crc32c: Operation failed for "
1649 "%s: %d\n", driver, err);
1653 if (val != ~420553207) {
1654 printk(KERN_ERR "alg: crc32c: Test failed for %s: "
1655 "%d\n", driver, val);
1660 crypto_free_shash(tfm);
1666 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1669 struct crypto_rng *rng;
1672 rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1674 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
1675 "%ld\n", driver, PTR_ERR(rng));
1676 return PTR_ERR(rng);
1679 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
1681 crypto_free_rng(rng);
1687 static int drbg_cavs_test(struct drbg_testvec *test, int pr,
1688 const char *driver, u32 type, u32 mask)
1691 struct crypto_rng *drng;
1692 struct drbg_test_data test_data;
1693 struct drbg_string addtl, pers, testentropy;
1694 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
1699 drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1701 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
1707 test_data.testentropy = &testentropy;
1708 drbg_string_fill(&testentropy, test->entropy, test->entropylen);
1709 drbg_string_fill(&pers, test->pers, test->perslen);
1710 ret = crypto_drbg_reset_test(drng, &pers, &test_data);
1712 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
1716 drbg_string_fill(&addtl, test->addtla, test->addtllen);
1718 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
1719 ret = crypto_drbg_get_bytes_addtl_test(drng,
1720 buf, test->expectedlen, &addtl, &test_data);
1722 ret = crypto_drbg_get_bytes_addtl(drng,
1723 buf, test->expectedlen, &addtl);
1726 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1727 "driver %s\n", driver);
1731 drbg_string_fill(&addtl, test->addtlb, test->addtllen);
1733 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
1734 ret = crypto_drbg_get_bytes_addtl_test(drng,
1735 buf, test->expectedlen, &addtl, &test_data);
1737 ret = crypto_drbg_get_bytes_addtl(drng,
1738 buf, test->expectedlen, &addtl);
1741 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1742 "driver %s\n", driver);
1746 ret = memcmp(test->expected, buf, test->expectedlen);
1749 crypto_free_rng(drng);
1755 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
1761 struct drbg_testvec *template = desc->suite.drbg.vecs;
1762 unsigned int tcount = desc->suite.drbg.count;
1764 if (0 == memcmp(driver, "drbg_pr_", 8))
1767 for (i = 0; i < tcount; i++) {
1768 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
1770 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
1780 static int do_test_rsa(struct crypto_akcipher *tfm,
1781 struct akcipher_testvec *vecs)
1783 char *xbuf[XBUFSIZE];
1784 struct akcipher_request *req;
1785 void *outbuf_enc = NULL;
1786 void *outbuf_dec = NULL;
1787 struct tcrypt_result result;
1788 unsigned int out_len_max, out_len = 0;
1790 struct scatterlist src, dst, src_tab[2];
1792 if (testmgr_alloc_buf(xbuf))
1795 req = akcipher_request_alloc(tfm, GFP_KERNEL);
1799 init_completion(&result.completion);
1801 if (vecs->public_key_vec)
1802 err = crypto_akcipher_set_pub_key(tfm, vecs->key,
1805 err = crypto_akcipher_set_priv_key(tfm, vecs->key,
1810 out_len_max = crypto_akcipher_maxsize(tfm);
1811 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
1815 if (WARN_ON(vecs->m_size > PAGE_SIZE))
1818 memcpy(xbuf[0], vecs->m, vecs->m_size);
1820 sg_init_table(src_tab, 2);
1821 sg_set_buf(&src_tab[0], xbuf[0], 8);
1822 sg_set_buf(&src_tab[1], xbuf[0] + 8, vecs->m_size - 8);
1823 sg_init_one(&dst, outbuf_enc, out_len_max);
1824 akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size,
1826 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1827 tcrypt_complete, &result);
1829 /* Run RSA encrypt - c = m^e mod n;*/
1830 err = wait_async_op(&result, crypto_akcipher_encrypt(req));
1832 pr_err("alg: rsa: encrypt test failed. err %d\n", err);
1835 if (req->dst_len != vecs->c_size) {
1836 pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
1840 /* verify that encrypted message is equal to expected */
1841 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
1842 pr_err("alg: rsa: encrypt test failed. Invalid output\n");
1846 /* Don't invoke decrypt for vectors with public key */
1847 if (vecs->public_key_vec) {
1851 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
1857 if (WARN_ON(vecs->c_size > PAGE_SIZE))
1860 memcpy(xbuf[0], vecs->c, vecs->c_size);
1862 sg_init_one(&src, xbuf[0], vecs->c_size);
1863 sg_init_one(&dst, outbuf_dec, out_len_max);
1864 init_completion(&result.completion);
1865 akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max);
1867 /* Run RSA decrypt - m = c^d mod n;*/
1868 err = wait_async_op(&result, crypto_akcipher_decrypt(req));
1870 pr_err("alg: rsa: decrypt test failed. err %d\n", err);
1873 out_len = req->dst_len;
1874 if (out_len != vecs->m_size) {
1875 pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
1879 /* verify that decrypted message is equal to the original msg */
1880 if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
1881 pr_err("alg: rsa: decrypt test failed. Invalid output\n");
1888 akcipher_request_free(req);
1890 testmgr_free_buf(xbuf);
1894 static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs,
1895 unsigned int tcount)
1899 for (i = 0; i < tcount; i++) {
1900 ret = do_test_rsa(tfm, vecs++);
1902 pr_err("alg: rsa: test failed on vector %d, err=%d\n",
1910 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
1911 struct akcipher_testvec *vecs, unsigned int tcount)
1913 if (strncmp(alg, "rsa", 3) == 0)
1914 return test_rsa(tfm, vecs, tcount);
1919 static int alg_test_akcipher(const struct alg_test_desc *desc,
1920 const char *driver, u32 type, u32 mask)
1922 struct crypto_akcipher *tfm;
1925 tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1927 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
1928 driver, PTR_ERR(tfm));
1929 return PTR_ERR(tfm);
1931 if (desc->suite.akcipher.vecs)
1932 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
1933 desc->suite.akcipher.count);
1935 crypto_free_akcipher(tfm);
1939 static int alg_test_null(const struct alg_test_desc *desc,
1940 const char *driver, u32 type, u32 mask)
1945 /* Please keep this list sorted by algorithm name. */
1946 static const struct alg_test_desc alg_test_descs[] = {
1948 .alg = "__cbc-cast5-avx",
1949 .test = alg_test_null,
1951 .alg = "__cbc-cast6-avx",
1952 .test = alg_test_null,
1954 .alg = "__cbc-serpent-avx",
1955 .test = alg_test_null,
1957 .alg = "__cbc-serpent-avx2",
1958 .test = alg_test_null,
1960 .alg = "__cbc-serpent-sse2",
1961 .test = alg_test_null,
1963 .alg = "__cbc-twofish-avx",
1964 .test = alg_test_null,
1966 .alg = "__driver-cbc-aes-aesni",
1967 .test = alg_test_null,
1970 .alg = "__driver-cbc-camellia-aesni",
1971 .test = alg_test_null,
1973 .alg = "__driver-cbc-camellia-aesni-avx2",
1974 .test = alg_test_null,
1976 .alg = "__driver-cbc-cast5-avx",
1977 .test = alg_test_null,
1979 .alg = "__driver-cbc-cast6-avx",
1980 .test = alg_test_null,
1982 .alg = "__driver-cbc-serpent-avx",
1983 .test = alg_test_null,
1985 .alg = "__driver-cbc-serpent-avx2",
1986 .test = alg_test_null,
1988 .alg = "__driver-cbc-serpent-sse2",
1989 .test = alg_test_null,
1991 .alg = "__driver-cbc-twofish-avx",
1992 .test = alg_test_null,
1994 .alg = "__driver-ecb-aes-aesni",
1995 .test = alg_test_null,
1998 .alg = "__driver-ecb-camellia-aesni",
1999 .test = alg_test_null,
2001 .alg = "__driver-ecb-camellia-aesni-avx2",
2002 .test = alg_test_null,
2004 .alg = "__driver-ecb-cast5-avx",
2005 .test = alg_test_null,
2007 .alg = "__driver-ecb-cast6-avx",
2008 .test = alg_test_null,
2010 .alg = "__driver-ecb-serpent-avx",
2011 .test = alg_test_null,
2013 .alg = "__driver-ecb-serpent-avx2",
2014 .test = alg_test_null,
2016 .alg = "__driver-ecb-serpent-sse2",
2017 .test = alg_test_null,
2019 .alg = "__driver-ecb-twofish-avx",
2020 .test = alg_test_null,
2022 .alg = "__driver-gcm-aes-aesni",
2023 .test = alg_test_null,
2026 .alg = "__ghash-pclmulqdqni",
2027 .test = alg_test_null,
2030 .alg = "ansi_cprng",
2031 .test = alg_test_cprng,
2034 .vecs = ansi_cprng_aes_tv_template,
2035 .count = ANSI_CPRNG_AES_TEST_VECTORS
2039 .alg = "authenc(hmac(md5),ecb(cipher_null))",
2040 .test = alg_test_aead,
2044 .vecs = hmac_md5_ecb_cipher_null_enc_tv_template,
2045 .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS
2048 .vecs = hmac_md5_ecb_cipher_null_dec_tv_template,
2049 .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS
2054 .alg = "authenc(hmac(sha1),cbc(aes))",
2055 .test = alg_test_aead,
2060 hmac_sha1_aes_cbc_enc_tv_temp,
2062 HMAC_SHA1_AES_CBC_ENC_TEST_VEC
2067 .alg = "authenc(hmac(sha1),cbc(des))",
2068 .test = alg_test_aead,
2073 hmac_sha1_des_cbc_enc_tv_temp,
2075 HMAC_SHA1_DES_CBC_ENC_TEST_VEC
2080 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
2081 .test = alg_test_aead,
2087 hmac_sha1_des3_ede_cbc_enc_tv_temp,
2089 HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC
2094 .alg = "authenc(hmac(sha1),ctr(aes))",
2095 .test = alg_test_null,
2098 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
2099 .test = alg_test_aead,
2104 hmac_sha1_ecb_cipher_null_enc_tv_temp,
2106 HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC
2110 hmac_sha1_ecb_cipher_null_dec_tv_temp,
2112 HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC
2117 .alg = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
2118 .test = alg_test_null,
2121 .alg = "authenc(hmac(sha224),cbc(des))",
2122 .test = alg_test_aead,
2127 hmac_sha224_des_cbc_enc_tv_temp,
2129 HMAC_SHA224_DES_CBC_ENC_TEST_VEC
2134 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
2135 .test = alg_test_aead,
2141 hmac_sha224_des3_ede_cbc_enc_tv_temp,
2143 HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC
2148 .alg = "authenc(hmac(sha256),cbc(aes))",
2149 .test = alg_test_aead,
2155 hmac_sha256_aes_cbc_enc_tv_temp,
2157 HMAC_SHA256_AES_CBC_ENC_TEST_VEC
2162 .alg = "authenc(hmac(sha256),cbc(des))",
2163 .test = alg_test_aead,
2168 hmac_sha256_des_cbc_enc_tv_temp,
2170 HMAC_SHA256_DES_CBC_ENC_TEST_VEC
2175 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
2176 .test = alg_test_aead,
2182 hmac_sha256_des3_ede_cbc_enc_tv_temp,
2184 HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC
2189 .alg = "authenc(hmac(sha256),ctr(aes))",
2190 .test = alg_test_null,
2193 .alg = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
2194 .test = alg_test_null,
2197 .alg = "authenc(hmac(sha384),cbc(des))",
2198 .test = alg_test_aead,
2203 hmac_sha384_des_cbc_enc_tv_temp,
2205 HMAC_SHA384_DES_CBC_ENC_TEST_VEC
2210 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
2211 .test = alg_test_aead,
2217 hmac_sha384_des3_ede_cbc_enc_tv_temp,
2219 HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC
2224 .alg = "authenc(hmac(sha384),ctr(aes))",
2225 .test = alg_test_null,
2228 .alg = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
2229 .test = alg_test_null,
2232 .alg = "authenc(hmac(sha512),cbc(aes))",
2234 .test = alg_test_aead,
2239 hmac_sha512_aes_cbc_enc_tv_temp,
2241 HMAC_SHA512_AES_CBC_ENC_TEST_VEC
2246 .alg = "authenc(hmac(sha512),cbc(des))",
2247 .test = alg_test_aead,
2252 hmac_sha512_des_cbc_enc_tv_temp,
2254 HMAC_SHA512_DES_CBC_ENC_TEST_VEC
2259 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
2260 .test = alg_test_aead,
2266 hmac_sha512_des3_ede_cbc_enc_tv_temp,
2268 HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC
2273 .alg = "authenc(hmac(sha512),ctr(aes))",
2274 .test = alg_test_null,
2277 .alg = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
2278 .test = alg_test_null,
2282 .test = alg_test_skcipher,
2287 .vecs = aes_cbc_enc_tv_template,
2288 .count = AES_CBC_ENC_TEST_VECTORS
2291 .vecs = aes_cbc_dec_tv_template,
2292 .count = AES_CBC_DEC_TEST_VECTORS
2297 .alg = "cbc(anubis)",
2298 .test = alg_test_skcipher,
2302 .vecs = anubis_cbc_enc_tv_template,
2303 .count = ANUBIS_CBC_ENC_TEST_VECTORS
2306 .vecs = anubis_cbc_dec_tv_template,
2307 .count = ANUBIS_CBC_DEC_TEST_VECTORS
2312 .alg = "cbc(blowfish)",
2313 .test = alg_test_skcipher,
2317 .vecs = bf_cbc_enc_tv_template,
2318 .count = BF_CBC_ENC_TEST_VECTORS
2321 .vecs = bf_cbc_dec_tv_template,
2322 .count = BF_CBC_DEC_TEST_VECTORS
2327 .alg = "cbc(camellia)",
2328 .test = alg_test_skcipher,
2332 .vecs = camellia_cbc_enc_tv_template,
2333 .count = CAMELLIA_CBC_ENC_TEST_VECTORS
2336 .vecs = camellia_cbc_dec_tv_template,
2337 .count = CAMELLIA_CBC_DEC_TEST_VECTORS
2342 .alg = "cbc(cast5)",
2343 .test = alg_test_skcipher,
2347 .vecs = cast5_cbc_enc_tv_template,
2348 .count = CAST5_CBC_ENC_TEST_VECTORS
2351 .vecs = cast5_cbc_dec_tv_template,
2352 .count = CAST5_CBC_DEC_TEST_VECTORS
2357 .alg = "cbc(cast6)",
2358 .test = alg_test_skcipher,
2362 .vecs = cast6_cbc_enc_tv_template,
2363 .count = CAST6_CBC_ENC_TEST_VECTORS
2366 .vecs = cast6_cbc_dec_tv_template,
2367 .count = CAST6_CBC_DEC_TEST_VECTORS
2373 .test = alg_test_skcipher,
2377 .vecs = des_cbc_enc_tv_template,
2378 .count = DES_CBC_ENC_TEST_VECTORS
2381 .vecs = des_cbc_dec_tv_template,
2382 .count = DES_CBC_DEC_TEST_VECTORS
2387 .alg = "cbc(des3_ede)",
2388 .test = alg_test_skcipher,
2393 .vecs = des3_ede_cbc_enc_tv_template,
2394 .count = DES3_EDE_CBC_ENC_TEST_VECTORS
2397 .vecs = des3_ede_cbc_dec_tv_template,
2398 .count = DES3_EDE_CBC_DEC_TEST_VECTORS
2403 .alg = "cbc(serpent)",
2404 .test = alg_test_skcipher,
2408 .vecs = serpent_cbc_enc_tv_template,
2409 .count = SERPENT_CBC_ENC_TEST_VECTORS
2412 .vecs = serpent_cbc_dec_tv_template,
2413 .count = SERPENT_CBC_DEC_TEST_VECTORS
2418 .alg = "cbc(twofish)",
2419 .test = alg_test_skcipher,
2423 .vecs = tf_cbc_enc_tv_template,
2424 .count = TF_CBC_ENC_TEST_VECTORS
2427 .vecs = tf_cbc_dec_tv_template,
2428 .count = TF_CBC_DEC_TEST_VECTORS
2434 .test = alg_test_aead,
2439 .vecs = aes_ccm_enc_tv_template,
2440 .count = AES_CCM_ENC_TEST_VECTORS
2443 .vecs = aes_ccm_dec_tv_template,
2444 .count = AES_CCM_DEC_TEST_VECTORS
2450 .test = alg_test_skcipher,
2454 .vecs = chacha20_enc_tv_template,
2455 .count = CHACHA20_ENC_TEST_VECTORS
2458 .vecs = chacha20_enc_tv_template,
2459 .count = CHACHA20_ENC_TEST_VECTORS
2466 .test = alg_test_hash,
2469 .vecs = aes_cmac128_tv_template,
2470 .count = CMAC_AES_TEST_VECTORS
2474 .alg = "cmac(des3_ede)",
2476 .test = alg_test_hash,
2479 .vecs = des3_ede_cmac64_tv_template,
2480 .count = CMAC_DES3_EDE_TEST_VECTORS
2484 .alg = "compress_null",
2485 .test = alg_test_null,
2488 .test = alg_test_hash,
2491 .vecs = crc32_tv_template,
2492 .count = CRC32_TEST_VECTORS
2497 .test = alg_test_crc32c,
2501 .vecs = crc32c_tv_template,
2502 .count = CRC32C_TEST_VECTORS
2507 .test = alg_test_hash,
2511 .vecs = crct10dif_tv_template,
2512 .count = CRCT10DIF_TEST_VECTORS
2516 .alg = "cryptd(__driver-cbc-aes-aesni)",
2517 .test = alg_test_null,
2520 .alg = "cryptd(__driver-cbc-camellia-aesni)",
2521 .test = alg_test_null,
2523 .alg = "cryptd(__driver-cbc-camellia-aesni-avx2)",
2524 .test = alg_test_null,
2526 .alg = "cryptd(__driver-cbc-serpent-avx2)",
2527 .test = alg_test_null,
2529 .alg = "cryptd(__driver-ecb-aes-aesni)",
2530 .test = alg_test_null,
2533 .alg = "cryptd(__driver-ecb-camellia-aesni)",
2534 .test = alg_test_null,
2536 .alg = "cryptd(__driver-ecb-camellia-aesni-avx2)",
2537 .test = alg_test_null,
2539 .alg = "cryptd(__driver-ecb-cast5-avx)",
2540 .test = alg_test_null,
2542 .alg = "cryptd(__driver-ecb-cast6-avx)",
2543 .test = alg_test_null,
2545 .alg = "cryptd(__driver-ecb-serpent-avx)",
2546 .test = alg_test_null,
2548 .alg = "cryptd(__driver-ecb-serpent-avx2)",
2549 .test = alg_test_null,
2551 .alg = "cryptd(__driver-ecb-serpent-sse2)",
2552 .test = alg_test_null,
2554 .alg = "cryptd(__driver-ecb-twofish-avx)",
2555 .test = alg_test_null,
2557 .alg = "cryptd(__driver-gcm-aes-aesni)",
2558 .test = alg_test_null,
2561 .alg = "cryptd(__ghash-pclmulqdqni)",
2562 .test = alg_test_null,
2566 .test = alg_test_skcipher,
2571 .vecs = aes_ctr_enc_tv_template,
2572 .count = AES_CTR_ENC_TEST_VECTORS
2575 .vecs = aes_ctr_dec_tv_template,
2576 .count = AES_CTR_DEC_TEST_VECTORS
2581 .alg = "ctr(blowfish)",
2582 .test = alg_test_skcipher,
2586 .vecs = bf_ctr_enc_tv_template,
2587 .count = BF_CTR_ENC_TEST_VECTORS
2590 .vecs = bf_ctr_dec_tv_template,
2591 .count = BF_CTR_DEC_TEST_VECTORS
2596 .alg = "ctr(camellia)",
2597 .test = alg_test_skcipher,
2601 .vecs = camellia_ctr_enc_tv_template,
2602 .count = CAMELLIA_CTR_ENC_TEST_VECTORS
2605 .vecs = camellia_ctr_dec_tv_template,
2606 .count = CAMELLIA_CTR_DEC_TEST_VECTORS
2611 .alg = "ctr(cast5)",
2612 .test = alg_test_skcipher,
2616 .vecs = cast5_ctr_enc_tv_template,
2617 .count = CAST5_CTR_ENC_TEST_VECTORS
2620 .vecs = cast5_ctr_dec_tv_template,
2621 .count = CAST5_CTR_DEC_TEST_VECTORS
2626 .alg = "ctr(cast6)",
2627 .test = alg_test_skcipher,
2631 .vecs = cast6_ctr_enc_tv_template,
2632 .count = CAST6_CTR_ENC_TEST_VECTORS
2635 .vecs = cast6_ctr_dec_tv_template,
2636 .count = CAST6_CTR_DEC_TEST_VECTORS
2642 .test = alg_test_skcipher,
2646 .vecs = des_ctr_enc_tv_template,
2647 .count = DES_CTR_ENC_TEST_VECTORS
2650 .vecs = des_ctr_dec_tv_template,
2651 .count = DES_CTR_DEC_TEST_VECTORS
2656 .alg = "ctr(des3_ede)",
2657 .test = alg_test_skcipher,
2661 .vecs = des3_ede_ctr_enc_tv_template,
2662 .count = DES3_EDE_CTR_ENC_TEST_VECTORS
2665 .vecs = des3_ede_ctr_dec_tv_template,
2666 .count = DES3_EDE_CTR_DEC_TEST_VECTORS
2671 .alg = "ctr(serpent)",
2672 .test = alg_test_skcipher,
2676 .vecs = serpent_ctr_enc_tv_template,
2677 .count = SERPENT_CTR_ENC_TEST_VECTORS
2680 .vecs = serpent_ctr_dec_tv_template,
2681 .count = SERPENT_CTR_DEC_TEST_VECTORS
2686 .alg = "ctr(twofish)",
2687 .test = alg_test_skcipher,
2691 .vecs = tf_ctr_enc_tv_template,
2692 .count = TF_CTR_ENC_TEST_VECTORS
2695 .vecs = tf_ctr_dec_tv_template,
2696 .count = TF_CTR_DEC_TEST_VECTORS
2701 .alg = "cts(cbc(aes))",
2702 .test = alg_test_skcipher,
2706 .vecs = cts_mode_enc_tv_template,
2707 .count = CTS_MODE_ENC_TEST_VECTORS
2710 .vecs = cts_mode_dec_tv_template,
2711 .count = CTS_MODE_DEC_TEST_VECTORS
2717 .test = alg_test_comp,
2722 .vecs = deflate_comp_tv_template,
2723 .count = DEFLATE_COMP_TEST_VECTORS
2726 .vecs = deflate_decomp_tv_template,
2727 .count = DEFLATE_DECOMP_TEST_VECTORS
2732 .alg = "digest_null",
2733 .test = alg_test_null,
2735 .alg = "drbg_nopr_ctr_aes128",
2736 .test = alg_test_drbg,
2740 .vecs = drbg_nopr_ctr_aes128_tv_template,
2741 .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template)
2745 .alg = "drbg_nopr_ctr_aes192",
2746 .test = alg_test_drbg,
2750 .vecs = drbg_nopr_ctr_aes192_tv_template,
2751 .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template)
2755 .alg = "drbg_nopr_ctr_aes256",
2756 .test = alg_test_drbg,
2760 .vecs = drbg_nopr_ctr_aes256_tv_template,
2761 .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template)
2766 * There is no need to specifically test the DRBG with every
2767 * backend cipher -- covered by drbg_nopr_hmac_sha256 test
2769 .alg = "drbg_nopr_hmac_sha1",
2771 .test = alg_test_null,
2773 .alg = "drbg_nopr_hmac_sha256",
2774 .test = alg_test_drbg,
2778 .vecs = drbg_nopr_hmac_sha256_tv_template,
2780 ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template)
2784 /* covered by drbg_nopr_hmac_sha256 test */
2785 .alg = "drbg_nopr_hmac_sha384",
2787 .test = alg_test_null,
2789 .alg = "drbg_nopr_hmac_sha512",
2790 .test = alg_test_null,
2793 .alg = "drbg_nopr_sha1",
2795 .test = alg_test_null,
2797 .alg = "drbg_nopr_sha256",
2798 .test = alg_test_drbg,
2802 .vecs = drbg_nopr_sha256_tv_template,
2803 .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template)
2807 /* covered by drbg_nopr_sha256 test */
2808 .alg = "drbg_nopr_sha384",
2810 .test = alg_test_null,
2812 .alg = "drbg_nopr_sha512",
2814 .test = alg_test_null,
2816 .alg = "drbg_pr_ctr_aes128",
2817 .test = alg_test_drbg,
2821 .vecs = drbg_pr_ctr_aes128_tv_template,
2822 .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template)
2826 /* covered by drbg_pr_ctr_aes128 test */
2827 .alg = "drbg_pr_ctr_aes192",
2829 .test = alg_test_null,
2831 .alg = "drbg_pr_ctr_aes256",
2833 .test = alg_test_null,
2835 .alg = "drbg_pr_hmac_sha1",
2837 .test = alg_test_null,
2839 .alg = "drbg_pr_hmac_sha256",
2840 .test = alg_test_drbg,
2844 .vecs = drbg_pr_hmac_sha256_tv_template,
2845 .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template)
2849 /* covered by drbg_pr_hmac_sha256 test */
2850 .alg = "drbg_pr_hmac_sha384",
2852 .test = alg_test_null,
2854 .alg = "drbg_pr_hmac_sha512",
2855 .test = alg_test_null,
2858 .alg = "drbg_pr_sha1",
2860 .test = alg_test_null,
2862 .alg = "drbg_pr_sha256",
2863 .test = alg_test_drbg,
2867 .vecs = drbg_pr_sha256_tv_template,
2868 .count = ARRAY_SIZE(drbg_pr_sha256_tv_template)
2872 /* covered by drbg_pr_sha256 test */
2873 .alg = "drbg_pr_sha384",
2875 .test = alg_test_null,
2877 .alg = "drbg_pr_sha512",
2879 .test = alg_test_null,
2881 .alg = "ecb(__aes-aesni)",
2882 .test = alg_test_null,
2886 .test = alg_test_skcipher,
2891 .vecs = aes_enc_tv_template,
2892 .count = AES_ENC_TEST_VECTORS
2895 .vecs = aes_dec_tv_template,
2896 .count = AES_DEC_TEST_VECTORS
2901 .alg = "ecb(anubis)",
2902 .test = alg_test_skcipher,
2906 .vecs = anubis_enc_tv_template,
2907 .count = ANUBIS_ENC_TEST_VECTORS
2910 .vecs = anubis_dec_tv_template,
2911 .count = ANUBIS_DEC_TEST_VECTORS
2917 .test = alg_test_skcipher,
2921 .vecs = arc4_enc_tv_template,
2922 .count = ARC4_ENC_TEST_VECTORS
2925 .vecs = arc4_dec_tv_template,
2926 .count = ARC4_DEC_TEST_VECTORS
2931 .alg = "ecb(blowfish)",
2932 .test = alg_test_skcipher,
2936 .vecs = bf_enc_tv_template,
2937 .count = BF_ENC_TEST_VECTORS
2940 .vecs = bf_dec_tv_template,
2941 .count = BF_DEC_TEST_VECTORS
2946 .alg = "ecb(camellia)",
2947 .test = alg_test_skcipher,
2951 .vecs = camellia_enc_tv_template,
2952 .count = CAMELLIA_ENC_TEST_VECTORS
2955 .vecs = camellia_dec_tv_template,
2956 .count = CAMELLIA_DEC_TEST_VECTORS
2961 .alg = "ecb(cast5)",
2962 .test = alg_test_skcipher,
2966 .vecs = cast5_enc_tv_template,
2967 .count = CAST5_ENC_TEST_VECTORS
2970 .vecs = cast5_dec_tv_template,
2971 .count = CAST5_DEC_TEST_VECTORS
2976 .alg = "ecb(cast6)",
2977 .test = alg_test_skcipher,
2981 .vecs = cast6_enc_tv_template,
2982 .count = CAST6_ENC_TEST_VECTORS
2985 .vecs = cast6_dec_tv_template,
2986 .count = CAST6_DEC_TEST_VECTORS
2991 .alg = "ecb(cipher_null)",
2992 .test = alg_test_null,
2995 .test = alg_test_skcipher,
2999 .vecs = des_enc_tv_template,
3000 .count = DES_ENC_TEST_VECTORS
3003 .vecs = des_dec_tv_template,
3004 .count = DES_DEC_TEST_VECTORS
3009 .alg = "ecb(des3_ede)",
3010 .test = alg_test_skcipher,
3015 .vecs = des3_ede_enc_tv_template,
3016 .count = DES3_EDE_ENC_TEST_VECTORS
3019 .vecs = des3_ede_dec_tv_template,
3020 .count = DES3_EDE_DEC_TEST_VECTORS
3025 .alg = "ecb(fcrypt)",
3026 .test = alg_test_skcipher,
3030 .vecs = fcrypt_pcbc_enc_tv_template,
3034 .vecs = fcrypt_pcbc_dec_tv_template,
3040 .alg = "ecb(khazad)",
3041 .test = alg_test_skcipher,
3045 .vecs = khazad_enc_tv_template,
3046 .count = KHAZAD_ENC_TEST_VECTORS
3049 .vecs = khazad_dec_tv_template,
3050 .count = KHAZAD_DEC_TEST_VECTORS
3056 .test = alg_test_skcipher,
3060 .vecs = seed_enc_tv_template,
3061 .count = SEED_ENC_TEST_VECTORS
3064 .vecs = seed_dec_tv_template,
3065 .count = SEED_DEC_TEST_VECTORS
3070 .alg = "ecb(serpent)",
3071 .test = alg_test_skcipher,
3075 .vecs = serpent_enc_tv_template,
3076 .count = SERPENT_ENC_TEST_VECTORS
3079 .vecs = serpent_dec_tv_template,
3080 .count = SERPENT_DEC_TEST_VECTORS
3086 .test = alg_test_skcipher,
3090 .vecs = tea_enc_tv_template,
3091 .count = TEA_ENC_TEST_VECTORS
3094 .vecs = tea_dec_tv_template,
3095 .count = TEA_DEC_TEST_VECTORS
3100 .alg = "ecb(tnepres)",
3101 .test = alg_test_skcipher,
3105 .vecs = tnepres_enc_tv_template,
3106 .count = TNEPRES_ENC_TEST_VECTORS
3109 .vecs = tnepres_dec_tv_template,
3110 .count = TNEPRES_DEC_TEST_VECTORS
3115 .alg = "ecb(twofish)",
3116 .test = alg_test_skcipher,
3120 .vecs = tf_enc_tv_template,
3121 .count = TF_ENC_TEST_VECTORS
3124 .vecs = tf_dec_tv_template,
3125 .count = TF_DEC_TEST_VECTORS
3131 .test = alg_test_skcipher,
3135 .vecs = xeta_enc_tv_template,
3136 .count = XETA_ENC_TEST_VECTORS
3139 .vecs = xeta_dec_tv_template,
3140 .count = XETA_DEC_TEST_VECTORS
3146 .test = alg_test_skcipher,
3150 .vecs = xtea_enc_tv_template,
3151 .count = XTEA_ENC_TEST_VECTORS
3154 .vecs = xtea_dec_tv_template,
3155 .count = XTEA_DEC_TEST_VECTORS
3161 .test = alg_test_aead,
3166 .vecs = aes_gcm_enc_tv_template,
3167 .count = AES_GCM_ENC_TEST_VECTORS
3170 .vecs = aes_gcm_dec_tv_template,
3171 .count = AES_GCM_DEC_TEST_VECTORS
3177 .test = alg_test_hash,
3181 .vecs = ghash_tv_template,
3182 .count = GHASH_TEST_VECTORS
3186 .alg = "hmac(crc32)",
3187 .test = alg_test_hash,
3190 .vecs = bfin_crc_tv_template,
3191 .count = BFIN_CRC_TEST_VECTORS
3196 .test = alg_test_hash,
3199 .vecs = hmac_md5_tv_template,
3200 .count = HMAC_MD5_TEST_VECTORS
3204 .alg = "hmac(rmd128)",
3205 .test = alg_test_hash,
3208 .vecs = hmac_rmd128_tv_template,
3209 .count = HMAC_RMD128_TEST_VECTORS
3213 .alg = "hmac(rmd160)",
3214 .test = alg_test_hash,
3217 .vecs = hmac_rmd160_tv_template,
3218 .count = HMAC_RMD160_TEST_VECTORS
3222 .alg = "hmac(sha1)",
3223 .test = alg_test_hash,
3227 .vecs = hmac_sha1_tv_template,
3228 .count = HMAC_SHA1_TEST_VECTORS
3232 .alg = "hmac(sha224)",
3233 .test = alg_test_hash,
3237 .vecs = hmac_sha224_tv_template,
3238 .count = HMAC_SHA224_TEST_VECTORS
3242 .alg = "hmac(sha256)",
3243 .test = alg_test_hash,
3247 .vecs = hmac_sha256_tv_template,
3248 .count = HMAC_SHA256_TEST_VECTORS
3252 .alg = "hmac(sha384)",
3253 .test = alg_test_hash,
3257 .vecs = hmac_sha384_tv_template,
3258 .count = HMAC_SHA384_TEST_VECTORS
3262 .alg = "hmac(sha512)",
3263 .test = alg_test_hash,
3267 .vecs = hmac_sha512_tv_template,
3268 .count = HMAC_SHA512_TEST_VECTORS
3272 .alg = "jitterentropy_rng",
3274 .test = alg_test_null,
3277 .test = alg_test_skcipher,
3282 .vecs = aes_kw_enc_tv_template,
3283 .count = ARRAY_SIZE(aes_kw_enc_tv_template)
3286 .vecs = aes_kw_dec_tv_template,
3287 .count = ARRAY_SIZE(aes_kw_dec_tv_template)
3293 .test = alg_test_skcipher,
3297 .vecs = aes_lrw_enc_tv_template,
3298 .count = AES_LRW_ENC_TEST_VECTORS
3301 .vecs = aes_lrw_dec_tv_template,
3302 .count = AES_LRW_DEC_TEST_VECTORS
3307 .alg = "lrw(camellia)",
3308 .test = alg_test_skcipher,
3312 .vecs = camellia_lrw_enc_tv_template,
3313 .count = CAMELLIA_LRW_ENC_TEST_VECTORS
3316 .vecs = camellia_lrw_dec_tv_template,
3317 .count = CAMELLIA_LRW_DEC_TEST_VECTORS
3322 .alg = "lrw(cast6)",
3323 .test = alg_test_skcipher,
3327 .vecs = cast6_lrw_enc_tv_template,
3328 .count = CAST6_LRW_ENC_TEST_VECTORS
3331 .vecs = cast6_lrw_dec_tv_template,
3332 .count = CAST6_LRW_DEC_TEST_VECTORS
3337 .alg = "lrw(serpent)",
3338 .test = alg_test_skcipher,
3342 .vecs = serpent_lrw_enc_tv_template,
3343 .count = SERPENT_LRW_ENC_TEST_VECTORS
3346 .vecs = serpent_lrw_dec_tv_template,
3347 .count = SERPENT_LRW_DEC_TEST_VECTORS
3352 .alg = "lrw(twofish)",
3353 .test = alg_test_skcipher,
3357 .vecs = tf_lrw_enc_tv_template,
3358 .count = TF_LRW_ENC_TEST_VECTORS
3361 .vecs = tf_lrw_dec_tv_template,
3362 .count = TF_LRW_DEC_TEST_VECTORS
3368 .test = alg_test_comp,
3373 .vecs = lz4_comp_tv_template,
3374 .count = LZ4_COMP_TEST_VECTORS
3377 .vecs = lz4_decomp_tv_template,
3378 .count = LZ4_DECOMP_TEST_VECTORS
3384 .test = alg_test_comp,
3389 .vecs = lz4hc_comp_tv_template,
3390 .count = LZ4HC_COMP_TEST_VECTORS
3393 .vecs = lz4hc_decomp_tv_template,
3394 .count = LZ4HC_DECOMP_TEST_VECTORS
3400 .test = alg_test_comp,
3405 .vecs = lzo_comp_tv_template,
3406 .count = LZO_COMP_TEST_VECTORS
3409 .vecs = lzo_decomp_tv_template,
3410 .count = LZO_DECOMP_TEST_VECTORS
3416 .test = alg_test_hash,
3419 .vecs = md4_tv_template,
3420 .count = MD4_TEST_VECTORS
3425 .test = alg_test_hash,
3428 .vecs = md5_tv_template,
3429 .count = MD5_TEST_VECTORS
3433 .alg = "michael_mic",
3434 .test = alg_test_hash,
3437 .vecs = michael_mic_tv_template,
3438 .count = MICHAEL_MIC_TEST_VECTORS
3443 .test = alg_test_skcipher,
3448 .vecs = aes_ofb_enc_tv_template,
3449 .count = AES_OFB_ENC_TEST_VECTORS
3452 .vecs = aes_ofb_dec_tv_template,
3453 .count = AES_OFB_DEC_TEST_VECTORS
3458 .alg = "pcbc(fcrypt)",
3459 .test = alg_test_skcipher,
3463 .vecs = fcrypt_pcbc_enc_tv_template,
3464 .count = FCRYPT_ENC_TEST_VECTORS
3467 .vecs = fcrypt_pcbc_dec_tv_template,
3468 .count = FCRYPT_DEC_TEST_VECTORS
3474 .test = alg_test_hash,
3477 .vecs = poly1305_tv_template,
3478 .count = POLY1305_TEST_VECTORS
3482 .alg = "rfc3686(ctr(aes))",
3483 .test = alg_test_skcipher,
3488 .vecs = aes_ctr_rfc3686_enc_tv_template,
3489 .count = AES_CTR_3686_ENC_TEST_VECTORS
3492 .vecs = aes_ctr_rfc3686_dec_tv_template,
3493 .count = AES_CTR_3686_DEC_TEST_VECTORS
3498 .alg = "rfc4106(gcm(aes))",
3499 .test = alg_test_aead,
3504 .vecs = aes_gcm_rfc4106_enc_tv_template,
3505 .count = AES_GCM_4106_ENC_TEST_VECTORS
3508 .vecs = aes_gcm_rfc4106_dec_tv_template,
3509 .count = AES_GCM_4106_DEC_TEST_VECTORS
3514 .alg = "rfc4309(ccm(aes))",
3515 .test = alg_test_aead,
3520 .vecs = aes_ccm_rfc4309_enc_tv_template,
3521 .count = AES_CCM_4309_ENC_TEST_VECTORS
3524 .vecs = aes_ccm_rfc4309_dec_tv_template,
3525 .count = AES_CCM_4309_DEC_TEST_VECTORS
3530 .alg = "rfc4543(gcm(aes))",
3531 .test = alg_test_aead,
3535 .vecs = aes_gcm_rfc4543_enc_tv_template,
3536 .count = AES_GCM_4543_ENC_TEST_VECTORS
3539 .vecs = aes_gcm_rfc4543_dec_tv_template,
3540 .count = AES_GCM_4543_DEC_TEST_VECTORS
3545 .alg = "rfc7539(chacha20,poly1305)",
3546 .test = alg_test_aead,
3550 .vecs = rfc7539_enc_tv_template,
3551 .count = RFC7539_ENC_TEST_VECTORS
3554 .vecs = rfc7539_dec_tv_template,
3555 .count = RFC7539_DEC_TEST_VECTORS
3560 .alg = "rfc7539esp(chacha20,poly1305)",
3561 .test = alg_test_aead,
3565 .vecs = rfc7539esp_enc_tv_template,
3566 .count = RFC7539ESP_ENC_TEST_VECTORS
3569 .vecs = rfc7539esp_dec_tv_template,
3570 .count = RFC7539ESP_DEC_TEST_VECTORS
3576 .test = alg_test_hash,
3579 .vecs = rmd128_tv_template,
3580 .count = RMD128_TEST_VECTORS
3585 .test = alg_test_hash,
3588 .vecs = rmd160_tv_template,
3589 .count = RMD160_TEST_VECTORS
3594 .test = alg_test_hash,
3597 .vecs = rmd256_tv_template,
3598 .count = RMD256_TEST_VECTORS
3603 .test = alg_test_hash,
3606 .vecs = rmd320_tv_template,
3607 .count = RMD320_TEST_VECTORS
3612 .test = alg_test_akcipher,
3616 .vecs = rsa_tv_template,
3617 .count = RSA_TEST_VECTORS
3622 .test = alg_test_skcipher,
3626 .vecs = salsa20_stream_enc_tv_template,
3627 .count = SALSA20_STREAM_ENC_TEST_VECTORS
3633 .test = alg_test_hash,
3637 .vecs = sha1_tv_template,
3638 .count = SHA1_TEST_VECTORS
3643 .test = alg_test_hash,
3647 .vecs = sha224_tv_template,
3648 .count = SHA224_TEST_VECTORS
3653 .test = alg_test_hash,
3657 .vecs = sha256_tv_template,
3658 .count = SHA256_TEST_VECTORS
3663 .test = alg_test_hash,
3667 .vecs = sha384_tv_template,
3668 .count = SHA384_TEST_VECTORS
3673 .test = alg_test_hash,
3677 .vecs = sha512_tv_template,
3678 .count = SHA512_TEST_VECTORS
3683 .test = alg_test_hash,
3686 .vecs = tgr128_tv_template,
3687 .count = TGR128_TEST_VECTORS
3692 .test = alg_test_hash,
3695 .vecs = tgr160_tv_template,
3696 .count = TGR160_TEST_VECTORS
3701 .test = alg_test_hash,
3704 .vecs = tgr192_tv_template,
3705 .count = TGR192_TEST_VECTORS
3710 .test = alg_test_hash,
3713 .vecs = aes_vmac128_tv_template,
3714 .count = VMAC_AES_TEST_VECTORS
3719 .test = alg_test_hash,
3722 .vecs = wp256_tv_template,
3723 .count = WP256_TEST_VECTORS
3728 .test = alg_test_hash,
3731 .vecs = wp384_tv_template,
3732 .count = WP384_TEST_VECTORS
3737 .test = alg_test_hash,
3740 .vecs = wp512_tv_template,
3741 .count = WP512_TEST_VECTORS
3746 .test = alg_test_hash,
3749 .vecs = aes_xcbc128_tv_template,
3750 .count = XCBC_AES_TEST_VECTORS
3755 .test = alg_test_skcipher,
3760 .vecs = aes_xts_enc_tv_template,
3761 .count = AES_XTS_ENC_TEST_VECTORS
3764 .vecs = aes_xts_dec_tv_template,
3765 .count = AES_XTS_DEC_TEST_VECTORS
3770 .alg = "xts(camellia)",
3771 .test = alg_test_skcipher,
3775 .vecs = camellia_xts_enc_tv_template,
3776 .count = CAMELLIA_XTS_ENC_TEST_VECTORS
3779 .vecs = camellia_xts_dec_tv_template,
3780 .count = CAMELLIA_XTS_DEC_TEST_VECTORS
3785 .alg = "xts(cast6)",
3786 .test = alg_test_skcipher,
3790 .vecs = cast6_xts_enc_tv_template,
3791 .count = CAST6_XTS_ENC_TEST_VECTORS
3794 .vecs = cast6_xts_dec_tv_template,
3795 .count = CAST6_XTS_DEC_TEST_VECTORS
3800 .alg = "xts(serpent)",
3801 .test = alg_test_skcipher,
3805 .vecs = serpent_xts_enc_tv_template,
3806 .count = SERPENT_XTS_ENC_TEST_VECTORS
3809 .vecs = serpent_xts_dec_tv_template,
3810 .count = SERPENT_XTS_DEC_TEST_VECTORS
3815 .alg = "xts(twofish)",
3816 .test = alg_test_skcipher,
3820 .vecs = tf_xts_enc_tv_template,
3821 .count = TF_XTS_ENC_TEST_VECTORS
3824 .vecs = tf_xts_dec_tv_template,
3825 .count = TF_XTS_DEC_TEST_VECTORS
3832 static bool alg_test_descs_checked;
3834 static void alg_test_descs_check_order(void)
3838 /* only check once */
3839 if (alg_test_descs_checked)
3842 alg_test_descs_checked = true;
3844 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3845 int diff = strcmp(alg_test_descs[i - 1].alg,
3846 alg_test_descs[i].alg);
3848 if (WARN_ON(diff > 0)) {
3849 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3850 alg_test_descs[i - 1].alg,
3851 alg_test_descs[i].alg);
3854 if (WARN_ON(diff == 0)) {
3855 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3856 alg_test_descs[i].alg);
3861 static int alg_find_test(const char *alg)
3864 int end = ARRAY_SIZE(alg_test_descs);
3866 while (start < end) {
3867 int i = (start + end) / 2;
3868 int diff = strcmp(alg_test_descs[i].alg, alg);
3886 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3892 if (!fips_enabled && notests) {
3893 printk_once(KERN_INFO "alg: self-tests disabled\n");
3897 alg_test_descs_check_order();
3899 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3900 char nalg[CRYPTO_MAX_ALG_NAME];
3902 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
3904 return -ENAMETOOLONG;
3906 i = alg_find_test(nalg);
3910 if (fips_enabled && !alg_test_descs[i].fips_allowed)
3913 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
3917 i = alg_find_test(alg);
3918 j = alg_find_test(driver);
3922 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
3923 (j >= 0 && !alg_test_descs[j].fips_allowed)))
3928 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
3930 if (j >= 0 && j != i)
3931 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
3935 if (fips_enabled && rc)
3936 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
3938 if (fips_enabled && !rc)
3939 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
3944 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
3950 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
3952 EXPORT_SYMBOL_GPL(alg_test);
projects / cascardo / linux.git / blob