2 * Algorithm testing framework and tests.
4 * Copyright (c) 2002 James Morris <jmorris@intercode.com.au>
5 * Copyright (c) 2002 Jean-Francois Dive <jef@linuxbe.org>
6 * Copyright (c) 2007 Nokia Siemens Networks
7 * Copyright (c) 2008 Herbert Xu <herbert@gondor.apana.org.au>
9 * Updated RFC4106 AES-GCM testing.
10 * Authors: Aidan O'Mahony (aidan.o.mahony@intel.com)
11 * Adrian Hoban <adrian.hoban@intel.com>
12 * Gabriele Paoloni <gabriele.paoloni@intel.com>
13 * Tadeusz Struk (tadeusz.struk@intel.com)
14 * Copyright (c) 2010, Intel Corporation.
16 * This program is free software; you can redistribute it and/or modify it
17 * under the terms of the GNU General Public License as published by the Free
18 * Software Foundation; either version 2 of the License, or (at your option)
23 #include <crypto/aead.h>
24 #include <crypto/hash.h>
25 #include <linux/err.h>
26 #include <linux/fips.h>
27 #include <linux/module.h>
28 #include <linux/scatterlist.h>
29 #include <linux/slab.h>
30 #include <linux/string.h>
31 #include <crypto/rng.h>
32 #include <crypto/drbg.h>
33 #include <crypto/akcipher.h>
37 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
40 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
50 * Need slab memory for testing (size in number of pages).
55 * Indexes into the xbuf to simulate cross-page access.
67 * Used by test_cipher()
72 struct tcrypt_result {
73 struct completion completion;
77 struct aead_test_suite {
79 struct aead_testvec *vecs;
84 struct cipher_test_suite {
86 struct cipher_testvec *vecs;
91 struct comp_test_suite {
93 struct comp_testvec *vecs;
98 struct pcomp_test_suite {
100 struct pcomp_testvec *vecs;
105 struct hash_test_suite {
106 struct hash_testvec *vecs;
110 struct cprng_test_suite {
111 struct cprng_testvec *vecs;
115 struct drbg_test_suite {
116 struct drbg_testvec *vecs;
120 struct akcipher_test_suite {
121 struct akcipher_testvec *vecs;
125 struct alg_test_desc {
127 int (*test)(const struct alg_test_desc *desc, const char *driver,
129 int fips_allowed; /* set if alg is allowed in fips mode */
132 struct aead_test_suite aead;
133 struct cipher_test_suite cipher;
134 struct comp_test_suite comp;
135 struct pcomp_test_suite pcomp;
136 struct hash_test_suite hash;
137 struct cprng_test_suite cprng;
138 struct drbg_test_suite drbg;
139 struct akcipher_test_suite akcipher;
143 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
145 static void hexdump(unsigned char *buf, unsigned int len)
147 print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
152 static void tcrypt_complete(struct crypto_async_request *req, int err)
154 struct tcrypt_result *res = req->data;
156 if (err == -EINPROGRESS)
160 complete(&res->completion);
163 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
167 for (i = 0; i < XBUFSIZE; i++) {
168 buf[i] = (void *)__get_free_page(GFP_KERNEL);
177 free_page((unsigned long)buf[i]);
182 static void testmgr_free_buf(char *buf[XBUFSIZE])
186 for (i = 0; i < XBUFSIZE; i++)
187 free_page((unsigned long)buf[i]);
190 static int wait_async_op(struct tcrypt_result *tr, int ret)
192 if (ret == -EINPROGRESS || ret == -EBUSY) {
193 wait_for_completion(&tr->completion);
194 reinit_completion(&tr->completion);
200 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
201 unsigned int tcount, bool use_digest,
202 const int align_offset)
204 const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
205 unsigned int i, j, k, temp;
206 struct scatterlist sg[8];
209 struct ahash_request *req;
210 struct tcrypt_result tresult;
212 char *xbuf[XBUFSIZE];
215 result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
218 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
221 if (testmgr_alloc_buf(xbuf))
224 init_completion(&tresult.completion);
226 req = ahash_request_alloc(tfm, GFP_KERNEL);
228 printk(KERN_ERR "alg: hash: Failed to allocate request for "
232 ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
233 tcrypt_complete, &tresult);
236 for (i = 0; i < tcount; i++) {
241 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
245 memset(result, 0, MAX_DIGEST_SIZE);
248 hash_buff += align_offset;
250 memcpy(hash_buff, template[i].plaintext, template[i].psize);
251 sg_init_one(&sg[0], hash_buff, template[i].psize);
253 if (template[i].ksize) {
254 crypto_ahash_clear_flags(tfm, ~0);
255 if (template[i].ksize > MAX_KEYLEN) {
256 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
257 j, algo, template[i].ksize, MAX_KEYLEN);
261 memcpy(key, template[i].key, template[i].ksize);
262 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
264 printk(KERN_ERR "alg: hash: setkey failed on "
265 "test %d for %s: ret=%d\n", j, algo,
271 ahash_request_set_crypt(req, sg, result, template[i].psize);
273 ret = wait_async_op(&tresult, crypto_ahash_digest(req));
275 pr_err("alg: hash: digest failed on test %d "
276 "for %s: ret=%d\n", j, algo, -ret);
280 ret = wait_async_op(&tresult, crypto_ahash_init(req));
282 pr_err("alt: hash: init failed on test %d "
283 "for %s: ret=%d\n", j, algo, -ret);
286 ret = wait_async_op(&tresult, crypto_ahash_update(req));
288 pr_err("alt: hash: update failed on test %d "
289 "for %s: ret=%d\n", j, algo, -ret);
292 ret = wait_async_op(&tresult, crypto_ahash_final(req));
294 pr_err("alt: hash: final failed on test %d "
295 "for %s: ret=%d\n", j, algo, -ret);
300 if (memcmp(result, template[i].digest,
301 crypto_ahash_digestsize(tfm))) {
302 printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
304 hexdump(result, crypto_ahash_digestsize(tfm));
311 for (i = 0; i < tcount; i++) {
312 /* alignment tests are only done with continuous buffers */
313 if (align_offset != 0)
320 memset(result, 0, MAX_DIGEST_SIZE);
323 sg_init_table(sg, template[i].np);
325 for (k = 0; k < template[i].np; k++) {
326 if (WARN_ON(offset_in_page(IDX[k]) +
327 template[i].tap[k] > PAGE_SIZE))
330 memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
331 offset_in_page(IDX[k]),
332 template[i].plaintext + temp,
335 temp += template[i].tap[k];
338 if (template[i].ksize) {
339 if (template[i].ksize > MAX_KEYLEN) {
340 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
341 j, algo, template[i].ksize, MAX_KEYLEN);
345 crypto_ahash_clear_flags(tfm, ~0);
346 memcpy(key, template[i].key, template[i].ksize);
347 ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
350 printk(KERN_ERR "alg: hash: setkey "
351 "failed on chunking test %d "
352 "for %s: ret=%d\n", j, algo, -ret);
357 ahash_request_set_crypt(req, sg, result, template[i].psize);
358 ret = crypto_ahash_digest(req);
364 wait_for_completion(&tresult.completion);
365 reinit_completion(&tresult.completion);
371 printk(KERN_ERR "alg: hash: digest failed "
372 "on chunking test %d for %s: "
373 "ret=%d\n", j, algo, -ret);
377 if (memcmp(result, template[i].digest,
378 crypto_ahash_digestsize(tfm))) {
379 printk(KERN_ERR "alg: hash: Chunking test %d "
380 "failed for %s\n", j, algo);
381 hexdump(result, crypto_ahash_digestsize(tfm));
390 ahash_request_free(req);
392 testmgr_free_buf(xbuf);
399 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
400 unsigned int tcount, bool use_digest)
402 unsigned int alignmask;
405 ret = __test_hash(tfm, template, tcount, use_digest, 0);
409 /* test unaligned buffers, check with one byte offset */
410 ret = __test_hash(tfm, template, tcount, use_digest, 1);
414 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
416 /* Check if alignment mask for tfm is correctly set. */
417 ret = __test_hash(tfm, template, tcount, use_digest,
426 static int __test_aead(struct crypto_aead *tfm, int enc,
427 struct aead_testvec *template, unsigned int tcount,
428 const bool diff_dst, const int align_offset)
430 const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
431 unsigned int i, j, k, n, temp;
435 struct aead_request *req;
436 struct scatterlist *sg;
437 struct scatterlist *sgout;
439 struct tcrypt_result result;
440 unsigned int authsize, iv_len;
445 char *xbuf[XBUFSIZE];
446 char *xoutbuf[XBUFSIZE];
447 char *axbuf[XBUFSIZE];
449 iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
452 key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
455 if (testmgr_alloc_buf(xbuf))
457 if (testmgr_alloc_buf(axbuf))
459 if (diff_dst && testmgr_alloc_buf(xoutbuf))
462 /* avoid "the frame size is larger than 1024 bytes" compiler warning */
463 sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
478 init_completion(&result.completion);
480 req = aead_request_alloc(tfm, GFP_KERNEL);
482 pr_err("alg: aead%s: Failed to allocate request for %s\n",
487 aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
488 tcrypt_complete, &result);
490 for (i = 0, j = 0; i < tcount; i++) {
496 /* some templates have no input data but they will
500 input += align_offset;
504 if (WARN_ON(align_offset + template[i].ilen >
505 PAGE_SIZE || template[i].alen > PAGE_SIZE))
508 memcpy(input, template[i].input, template[i].ilen);
509 memcpy(assoc, template[i].assoc, template[i].alen);
510 iv_len = crypto_aead_ivsize(tfm);
512 memcpy(iv, template[i].iv, iv_len);
514 memset(iv, 0, iv_len);
516 crypto_aead_clear_flags(tfm, ~0);
518 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
520 if (template[i].klen > MAX_KEYLEN) {
521 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
522 d, j, algo, template[i].klen,
527 memcpy(key, template[i].key, template[i].klen);
529 ret = crypto_aead_setkey(tfm, key, template[i].klen);
530 if (!ret == template[i].fail) {
531 pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
532 d, j, algo, crypto_aead_get_flags(tfm));
537 authsize = abs(template[i].rlen - template[i].ilen);
538 ret = crypto_aead_setauthsize(tfm, authsize);
540 pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
541 d, authsize, j, algo);
545 k = !!template[i].alen;
546 sg_init_table(sg, k + 1);
547 sg_set_buf(&sg[0], assoc, template[i].alen);
548 sg_set_buf(&sg[k], input,
549 template[i].ilen + (enc ? authsize : 0));
553 sg_init_table(sgout, k + 1);
554 sg_set_buf(&sgout[0], assoc, template[i].alen);
557 output += align_offset;
558 sg_set_buf(&sgout[k], output,
559 template[i].rlen + (enc ? 0 : authsize));
562 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
563 template[i].ilen, iv);
565 aead_request_set_ad(req, template[i].alen);
567 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
571 if (template[i].novrfy) {
572 /* verification was supposed to fail */
573 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
575 /* so really, we got a bad message */
582 wait_for_completion(&result.completion);
583 reinit_completion(&result.completion);
588 if (template[i].novrfy)
589 /* verification failure was expected */
593 pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
594 d, e, j, algo, -ret);
599 if (memcmp(q, template[i].result, template[i].rlen)) {
600 pr_err("alg: aead%s: Test %d failed on %s for %s\n",
602 hexdump(q, template[i].rlen);
608 for (i = 0, j = 0; i < tcount; i++) {
609 /* alignment tests are only done with continuous buffers */
610 if (align_offset != 0)
619 memcpy(iv, template[i].iv, MAX_IVLEN);
621 memset(iv, 0, MAX_IVLEN);
623 crypto_aead_clear_flags(tfm, ~0);
625 crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
626 if (template[i].klen > MAX_KEYLEN) {
627 pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
628 d, j, algo, template[i].klen, MAX_KEYLEN);
632 memcpy(key, template[i].key, template[i].klen);
634 ret = crypto_aead_setkey(tfm, key, template[i].klen);
635 if (!ret == template[i].fail) {
636 pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
637 d, j, algo, crypto_aead_get_flags(tfm));
642 authsize = abs(template[i].rlen - template[i].ilen);
645 sg_init_table(sg, template[i].anp + template[i].np);
647 sg_init_table(sgout, template[i].anp + template[i].np);
650 for (k = 0, temp = 0; k < template[i].anp; k++) {
651 if (WARN_ON(offset_in_page(IDX[k]) +
652 template[i].atap[k] > PAGE_SIZE))
655 memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
656 offset_in_page(IDX[k]),
657 template[i].assoc + temp,
658 template[i].atap[k]),
659 template[i].atap[k]);
661 sg_set_buf(&sgout[k],
662 axbuf[IDX[k] >> PAGE_SHIFT] +
663 offset_in_page(IDX[k]),
664 template[i].atap[k]);
665 temp += template[i].atap[k];
668 for (k = 0, temp = 0; k < template[i].np; k++) {
669 if (WARN_ON(offset_in_page(IDX[k]) +
670 template[i].tap[k] > PAGE_SIZE))
673 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
674 memcpy(q, template[i].input + temp, template[i].tap[k]);
675 sg_set_buf(&sg[template[i].anp + k],
676 q, template[i].tap[k]);
679 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
680 offset_in_page(IDX[k]);
682 memset(q, 0, template[i].tap[k]);
684 sg_set_buf(&sgout[template[i].anp + k],
685 q, template[i].tap[k]);
688 n = template[i].tap[k];
689 if (k == template[i].np - 1 && enc)
691 if (offset_in_page(q) + n < PAGE_SIZE)
694 temp += template[i].tap[k];
697 ret = crypto_aead_setauthsize(tfm, authsize);
699 pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
700 d, authsize, j, algo);
705 if (WARN_ON(sg[template[i].anp + k - 1].offset +
706 sg[template[i].anp + k - 1].length +
707 authsize > PAGE_SIZE)) {
713 sgout[template[i].anp + k - 1].length +=
715 sg[template[i].anp + k - 1].length += authsize;
718 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
722 aead_request_set_ad(req, template[i].alen);
724 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
728 if (template[i].novrfy) {
729 /* verification was supposed to fail */
730 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
732 /* so really, we got a bad message */
739 wait_for_completion(&result.completion);
740 reinit_completion(&result.completion);
745 if (template[i].novrfy)
746 /* verification failure was expected */
750 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
751 d, e, j, algo, -ret);
756 for (k = 0, temp = 0; k < template[i].np; k++) {
758 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
759 offset_in_page(IDX[k]);
761 q = xbuf[IDX[k] >> PAGE_SHIFT] +
762 offset_in_page(IDX[k]);
764 n = template[i].tap[k];
765 if (k == template[i].np - 1)
766 n += enc ? authsize : -authsize;
768 if (memcmp(q, template[i].result + temp, n)) {
769 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
776 if (k == template[i].np - 1 && !enc) {
778 memcmp(q, template[i].input +
784 for (n = 0; offset_in_page(q + n) && q[n]; n++)
788 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
789 d, j, e, k, algo, n);
794 temp += template[i].tap[k];
801 aead_request_free(req);
805 testmgr_free_buf(xoutbuf);
807 testmgr_free_buf(axbuf);
809 testmgr_free_buf(xbuf);
816 static int test_aead(struct crypto_aead *tfm, int enc,
817 struct aead_testvec *template, unsigned int tcount)
819 unsigned int alignmask;
822 /* test 'dst == src' case */
823 ret = __test_aead(tfm, enc, template, tcount, false, 0);
827 /* test 'dst != src' case */
828 ret = __test_aead(tfm, enc, template, tcount, true, 0);
832 /* test unaligned buffers, check with one byte offset */
833 ret = __test_aead(tfm, enc, template, tcount, true, 1);
837 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
839 /* Check if alignment mask for tfm is correctly set. */
840 ret = __test_aead(tfm, enc, template, tcount, true,
849 static int test_cipher(struct crypto_cipher *tfm, int enc,
850 struct cipher_testvec *template, unsigned int tcount)
852 const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
853 unsigned int i, j, k;
857 char *xbuf[XBUFSIZE];
860 if (testmgr_alloc_buf(xbuf))
869 for (i = 0; i < tcount; i++) {
876 if (WARN_ON(template[i].ilen > PAGE_SIZE))
880 memcpy(data, template[i].input, template[i].ilen);
882 crypto_cipher_clear_flags(tfm, ~0);
884 crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
886 ret = crypto_cipher_setkey(tfm, template[i].key,
888 if (!ret == template[i].fail) {
889 printk(KERN_ERR "alg: cipher: setkey failed "
890 "on test %d for %s: flags=%x\n", j,
891 algo, crypto_cipher_get_flags(tfm));
896 for (k = 0; k < template[i].ilen;
897 k += crypto_cipher_blocksize(tfm)) {
899 crypto_cipher_encrypt_one(tfm, data + k,
902 crypto_cipher_decrypt_one(tfm, data + k,
907 if (memcmp(q, template[i].result, template[i].rlen)) {
908 printk(KERN_ERR "alg: cipher: Test %d failed "
909 "on %s for %s\n", j, e, algo);
910 hexdump(q, template[i].rlen);
919 testmgr_free_buf(xbuf);
924 static int __test_skcipher(struct crypto_ablkcipher *tfm, int enc,
925 struct cipher_testvec *template, unsigned int tcount,
926 const bool diff_dst, const int align_offset)
929 crypto_tfm_alg_driver_name(crypto_ablkcipher_tfm(tfm));
930 unsigned int i, j, k, n, temp;
932 struct ablkcipher_request *req;
933 struct scatterlist sg[8];
934 struct scatterlist sgout[8];
936 struct tcrypt_result result;
939 char *xbuf[XBUFSIZE];
940 char *xoutbuf[XBUFSIZE];
943 if (testmgr_alloc_buf(xbuf))
946 if (diff_dst && testmgr_alloc_buf(xoutbuf))
959 init_completion(&result.completion);
961 req = ablkcipher_request_alloc(tfm, GFP_KERNEL);
963 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
968 ablkcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
969 tcrypt_complete, &result);
972 for (i = 0; i < tcount; i++) {
973 if (template[i].np && !template[i].also_non_np)
977 memcpy(iv, template[i].iv, MAX_IVLEN);
979 memset(iv, 0, MAX_IVLEN);
983 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
987 data += align_offset;
988 memcpy(data, template[i].input, template[i].ilen);
990 crypto_ablkcipher_clear_flags(tfm, ~0);
992 crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
994 ret = crypto_ablkcipher_setkey(tfm, template[i].key,
996 if (!ret == template[i].fail) {
997 pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
998 d, j, algo, crypto_ablkcipher_get_flags(tfm));
1003 sg_init_one(&sg[0], data, template[i].ilen);
1006 data += align_offset;
1007 sg_init_one(&sgout[0], data, template[i].ilen);
1010 ablkcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1011 template[i].ilen, iv);
1012 ret = enc ? crypto_ablkcipher_encrypt(req) :
1013 crypto_ablkcipher_decrypt(req);
1020 wait_for_completion(&result.completion);
1021 reinit_completion(&result.completion);
1027 pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
1028 d, e, j, algo, -ret);
1033 if (memcmp(q, template[i].result, template[i].rlen)) {
1034 pr_err("alg: skcipher%s: Test %d failed on %s for %s\n",
1036 hexdump(q, template[i].rlen);
1043 for (i = 0; i < tcount; i++) {
1044 /* alignment tests are only done with continuous buffers */
1045 if (align_offset != 0)
1048 if (!template[i].np)
1052 memcpy(iv, template[i].iv, MAX_IVLEN);
1054 memset(iv, 0, MAX_IVLEN);
1057 crypto_ablkcipher_clear_flags(tfm, ~0);
1059 crypto_ablkcipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
1061 ret = crypto_ablkcipher_setkey(tfm, template[i].key,
1063 if (!ret == template[i].fail) {
1064 pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
1065 d, j, algo, crypto_ablkcipher_get_flags(tfm));
1072 sg_init_table(sg, template[i].np);
1074 sg_init_table(sgout, template[i].np);
1075 for (k = 0; k < template[i].np; k++) {
1076 if (WARN_ON(offset_in_page(IDX[k]) +
1077 template[i].tap[k] > PAGE_SIZE))
1080 q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
1082 memcpy(q, template[i].input + temp, template[i].tap[k]);
1084 if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
1085 q[template[i].tap[k]] = 0;
1087 sg_set_buf(&sg[k], q, template[i].tap[k]);
1089 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1090 offset_in_page(IDX[k]);
1092 sg_set_buf(&sgout[k], q, template[i].tap[k]);
1094 memset(q, 0, template[i].tap[k]);
1095 if (offset_in_page(q) +
1096 template[i].tap[k] < PAGE_SIZE)
1097 q[template[i].tap[k]] = 0;
1100 temp += template[i].tap[k];
1103 ablkcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1104 template[i].ilen, iv);
1106 ret = enc ? crypto_ablkcipher_encrypt(req) :
1107 crypto_ablkcipher_decrypt(req);
1114 wait_for_completion(&result.completion);
1115 reinit_completion(&result.completion);
1121 pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
1122 d, e, j, algo, -ret);
1128 for (k = 0; k < template[i].np; k++) {
1130 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1131 offset_in_page(IDX[k]);
1133 q = xbuf[IDX[k] >> PAGE_SHIFT] +
1134 offset_in_page(IDX[k]);
1136 if (memcmp(q, template[i].result + temp,
1137 template[i].tap[k])) {
1138 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
1140 hexdump(q, template[i].tap[k]);
1144 q += template[i].tap[k];
1145 for (n = 0; offset_in_page(q + n) && q[n]; n++)
1148 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
1149 d, j, e, k, algo, n);
1153 temp += template[i].tap[k];
1160 ablkcipher_request_free(req);
1162 testmgr_free_buf(xoutbuf);
1164 testmgr_free_buf(xbuf);
1169 static int test_skcipher(struct crypto_ablkcipher *tfm, int enc,
1170 struct cipher_testvec *template, unsigned int tcount)
1172 unsigned int alignmask;
1175 /* test 'dst == src' case */
1176 ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1180 /* test 'dst != src' case */
1181 ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1185 /* test unaligned buffers, check with one byte offset */
1186 ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1190 alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1192 /* Check if alignment mask for tfm is correctly set. */
1193 ret = __test_skcipher(tfm, enc, template, tcount, true,
1202 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
1203 struct comp_testvec *dtemplate, int ctcount, int dtcount)
1205 const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
1207 char result[COMP_BUF_SIZE];
1210 for (i = 0; i < ctcount; i++) {
1212 unsigned int dlen = COMP_BUF_SIZE;
1214 memset(result, 0, sizeof (result));
1216 ilen = ctemplate[i].inlen;
1217 ret = crypto_comp_compress(tfm, ctemplate[i].input,
1218 ilen, result, &dlen);
1220 printk(KERN_ERR "alg: comp: compression failed "
1221 "on test %d for %s: ret=%d\n", i + 1, algo,
1226 if (dlen != ctemplate[i].outlen) {
1227 printk(KERN_ERR "alg: comp: Compression test %d "
1228 "failed for %s: output len = %d\n", i + 1, algo,
1234 if (memcmp(result, ctemplate[i].output, dlen)) {
1235 printk(KERN_ERR "alg: comp: Compression test %d "
1236 "failed for %s\n", i + 1, algo);
1237 hexdump(result, dlen);
1243 for (i = 0; i < dtcount; i++) {
1245 unsigned int dlen = COMP_BUF_SIZE;
1247 memset(result, 0, sizeof (result));
1249 ilen = dtemplate[i].inlen;
1250 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
1251 ilen, result, &dlen);
1253 printk(KERN_ERR "alg: comp: decompression failed "
1254 "on test %d for %s: ret=%d\n", i + 1, algo,
1259 if (dlen != dtemplate[i].outlen) {
1260 printk(KERN_ERR "alg: comp: Decompression test %d "
1261 "failed for %s: output len = %d\n", i + 1, algo,
1267 if (memcmp(result, dtemplate[i].output, dlen)) {
1268 printk(KERN_ERR "alg: comp: Decompression test %d "
1269 "failed for %s\n", i + 1, algo);
1270 hexdump(result, dlen);
1282 static int test_pcomp(struct crypto_pcomp *tfm,
1283 struct pcomp_testvec *ctemplate,
1284 struct pcomp_testvec *dtemplate, int ctcount,
1287 const char *algo = crypto_tfm_alg_driver_name(crypto_pcomp_tfm(tfm));
1289 char result[COMP_BUF_SIZE];
1292 for (i = 0; i < ctcount; i++) {
1293 struct comp_request req;
1294 unsigned int produced = 0;
1296 res = crypto_compress_setup(tfm, ctemplate[i].params,
1297 ctemplate[i].paramsize);
1299 pr_err("alg: pcomp: compression setup failed on test "
1300 "%d for %s: error=%d\n", i + 1, algo, res);
1304 res = crypto_compress_init(tfm);
1306 pr_err("alg: pcomp: compression init failed on test "
1307 "%d for %s: error=%d\n", i + 1, algo, res);
1311 memset(result, 0, sizeof(result));
1313 req.next_in = ctemplate[i].input;
1314 req.avail_in = ctemplate[i].inlen / 2;
1315 req.next_out = result;
1316 req.avail_out = ctemplate[i].outlen / 2;
1318 res = crypto_compress_update(tfm, &req);
1319 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1320 pr_err("alg: pcomp: compression update failed on test "
1321 "%d for %s: error=%d\n", i + 1, algo, res);
1327 /* Add remaining input data */
1328 req.avail_in += (ctemplate[i].inlen + 1) / 2;
1330 res = crypto_compress_update(tfm, &req);
1331 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1332 pr_err("alg: pcomp: compression update failed on test "
1333 "%d for %s: error=%d\n", i + 1, algo, res);
1339 /* Provide remaining output space */
1340 req.avail_out += COMP_BUF_SIZE - ctemplate[i].outlen / 2;
1342 res = crypto_compress_final(tfm, &req);
1344 pr_err("alg: pcomp: compression final failed on test "
1345 "%d for %s: error=%d\n", i + 1, algo, res);
1350 if (COMP_BUF_SIZE - req.avail_out != ctemplate[i].outlen) {
1351 pr_err("alg: comp: Compression test %d failed for %s: "
1352 "output len = %d (expected %d)\n", i + 1, algo,
1353 COMP_BUF_SIZE - req.avail_out,
1354 ctemplate[i].outlen);
1358 if (produced != ctemplate[i].outlen) {
1359 pr_err("alg: comp: Compression test %d failed for %s: "
1360 "returned len = %u (expected %d)\n", i + 1,
1361 algo, produced, ctemplate[i].outlen);
1365 if (memcmp(result, ctemplate[i].output, ctemplate[i].outlen)) {
1366 pr_err("alg: pcomp: Compression test %d failed for "
1367 "%s\n", i + 1, algo);
1368 hexdump(result, ctemplate[i].outlen);
1373 for (i = 0; i < dtcount; i++) {
1374 struct comp_request req;
1375 unsigned int produced = 0;
1377 res = crypto_decompress_setup(tfm, dtemplate[i].params,
1378 dtemplate[i].paramsize);
1380 pr_err("alg: pcomp: decompression setup failed on "
1381 "test %d for %s: error=%d\n", i + 1, algo, res);
1385 res = crypto_decompress_init(tfm);
1387 pr_err("alg: pcomp: decompression init failed on test "
1388 "%d for %s: error=%d\n", i + 1, algo, res);
1392 memset(result, 0, sizeof(result));
1394 req.next_in = dtemplate[i].input;
1395 req.avail_in = dtemplate[i].inlen / 2;
1396 req.next_out = result;
1397 req.avail_out = dtemplate[i].outlen / 2;
1399 res = crypto_decompress_update(tfm, &req);
1400 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1401 pr_err("alg: pcomp: decompression update failed on "
1402 "test %d for %s: error=%d\n", i + 1, algo, res);
1408 /* Add remaining input data */
1409 req.avail_in += (dtemplate[i].inlen + 1) / 2;
1411 res = crypto_decompress_update(tfm, &req);
1412 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1413 pr_err("alg: pcomp: decompression update failed on "
1414 "test %d for %s: error=%d\n", i + 1, algo, res);
1420 /* Provide remaining output space */
1421 req.avail_out += COMP_BUF_SIZE - dtemplate[i].outlen / 2;
1423 res = crypto_decompress_final(tfm, &req);
1424 if (res < 0 && (res != -EAGAIN || req.avail_in)) {
1425 pr_err("alg: pcomp: decompression final failed on "
1426 "test %d for %s: error=%d\n", i + 1, algo, res);
1432 if (COMP_BUF_SIZE - req.avail_out != dtemplate[i].outlen) {
1433 pr_err("alg: comp: Decompression test %d failed for "
1434 "%s: output len = %d (expected %d)\n", i + 1,
1435 algo, COMP_BUF_SIZE - req.avail_out,
1436 dtemplate[i].outlen);
1440 if (produced != dtemplate[i].outlen) {
1441 pr_err("alg: comp: Decompression test %d failed for "
1442 "%s: returned len = %u (expected %d)\n", i + 1,
1443 algo, produced, dtemplate[i].outlen);
1447 if (memcmp(result, dtemplate[i].output, dtemplate[i].outlen)) {
1448 pr_err("alg: pcomp: Decompression test %d failed for "
1449 "%s\n", i + 1, algo);
1450 hexdump(result, dtemplate[i].outlen);
1459 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template,
1460 unsigned int tcount)
1462 const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
1463 int err = 0, i, j, seedsize;
1467 seedsize = crypto_rng_seedsize(tfm);
1469 seed = kmalloc(seedsize, GFP_KERNEL);
1471 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
1476 for (i = 0; i < tcount; i++) {
1477 memset(result, 0, 32);
1479 memcpy(seed, template[i].v, template[i].vlen);
1480 memcpy(seed + template[i].vlen, template[i].key,
1482 memcpy(seed + template[i].vlen + template[i].klen,
1483 template[i].dt, template[i].dtlen);
1485 err = crypto_rng_reset(tfm, seed, seedsize);
1487 printk(KERN_ERR "alg: cprng: Failed to reset rng "
1492 for (j = 0; j < template[i].loops; j++) {
1493 err = crypto_rng_get_bytes(tfm, result,
1496 printk(KERN_ERR "alg: cprng: Failed to obtain "
1497 "the correct amount of random data for "
1498 "%s (requested %d)\n", algo,
1504 err = memcmp(result, template[i].result,
1507 printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
1509 hexdump(result, template[i].rlen);
1520 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
1523 struct crypto_aead *tfm;
1526 tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask);
1528 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
1529 "%ld\n", driver, PTR_ERR(tfm));
1530 return PTR_ERR(tfm);
1533 if (desc->suite.aead.enc.vecs) {
1534 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
1535 desc->suite.aead.enc.count);
1540 if (!err && desc->suite.aead.dec.vecs)
1541 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
1542 desc->suite.aead.dec.count);
1545 crypto_free_aead(tfm);
1549 static int alg_test_cipher(const struct alg_test_desc *desc,
1550 const char *driver, u32 type, u32 mask)
1552 struct crypto_cipher *tfm;
1555 tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1557 printk(KERN_ERR "alg: cipher: Failed to load transform for "
1558 "%s: %ld\n", driver, PTR_ERR(tfm));
1559 return PTR_ERR(tfm);
1562 if (desc->suite.cipher.enc.vecs) {
1563 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1564 desc->suite.cipher.enc.count);
1569 if (desc->suite.cipher.dec.vecs)
1570 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1571 desc->suite.cipher.dec.count);
1574 crypto_free_cipher(tfm);
1578 static int alg_test_skcipher(const struct alg_test_desc *desc,
1579 const char *driver, u32 type, u32 mask)
1581 struct crypto_ablkcipher *tfm;
1584 tfm = crypto_alloc_ablkcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1586 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
1587 "%s: %ld\n", driver, PTR_ERR(tfm));
1588 return PTR_ERR(tfm);
1591 if (desc->suite.cipher.enc.vecs) {
1592 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1593 desc->suite.cipher.enc.count);
1598 if (desc->suite.cipher.dec.vecs)
1599 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1600 desc->suite.cipher.dec.count);
1603 crypto_free_ablkcipher(tfm);
1607 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
1610 struct crypto_comp *tfm;
1613 tfm = crypto_alloc_comp(driver, type, mask);
1615 printk(KERN_ERR "alg: comp: Failed to load transform for %s: "
1616 "%ld\n", driver, PTR_ERR(tfm));
1617 return PTR_ERR(tfm);
1620 err = test_comp(tfm, desc->suite.comp.comp.vecs,
1621 desc->suite.comp.decomp.vecs,
1622 desc->suite.comp.comp.count,
1623 desc->suite.comp.decomp.count);
1625 crypto_free_comp(tfm);
1629 static int alg_test_pcomp(const struct alg_test_desc *desc, const char *driver,
1632 struct crypto_pcomp *tfm;
1635 tfm = crypto_alloc_pcomp(driver, type, mask);
1637 pr_err("alg: pcomp: Failed to load transform for %s: %ld\n",
1638 driver, PTR_ERR(tfm));
1639 return PTR_ERR(tfm);
1642 err = test_pcomp(tfm, desc->suite.pcomp.comp.vecs,
1643 desc->suite.pcomp.decomp.vecs,
1644 desc->suite.pcomp.comp.count,
1645 desc->suite.pcomp.decomp.count);
1647 crypto_free_pcomp(tfm);
1651 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
1654 struct crypto_ahash *tfm;
1657 tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1659 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
1660 "%ld\n", driver, PTR_ERR(tfm));
1661 return PTR_ERR(tfm);
1664 err = test_hash(tfm, desc->suite.hash.vecs,
1665 desc->suite.hash.count, true);
1667 err = test_hash(tfm, desc->suite.hash.vecs,
1668 desc->suite.hash.count, false);
1670 crypto_free_ahash(tfm);
1674 static int alg_test_crc32c(const struct alg_test_desc *desc,
1675 const char *driver, u32 type, u32 mask)
1677 struct crypto_shash *tfm;
1681 err = alg_test_hash(desc, driver, type, mask);
1685 tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1687 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
1688 "%ld\n", driver, PTR_ERR(tfm));
1694 SHASH_DESC_ON_STACK(shash, tfm);
1695 u32 *ctx = (u32 *)shash_desc_ctx(shash);
1700 *ctx = le32_to_cpu(420553207);
1701 err = crypto_shash_final(shash, (u8 *)&val);
1703 printk(KERN_ERR "alg: crc32c: Operation failed for "
1704 "%s: %d\n", driver, err);
1708 if (val != ~420553207) {
1709 printk(KERN_ERR "alg: crc32c: Test failed for %s: "
1710 "%d\n", driver, val);
1715 crypto_free_shash(tfm);
1721 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1724 struct crypto_rng *rng;
1727 rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1729 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
1730 "%ld\n", driver, PTR_ERR(rng));
1731 return PTR_ERR(rng);
1734 err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
1736 crypto_free_rng(rng);
1742 static int drbg_cavs_test(struct drbg_testvec *test, int pr,
1743 const char *driver, u32 type, u32 mask)
1746 struct crypto_rng *drng;
1747 struct drbg_test_data test_data;
1748 struct drbg_string addtl, pers, testentropy;
1749 unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
1754 drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1756 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
1762 test_data.testentropy = &testentropy;
1763 drbg_string_fill(&testentropy, test->entropy, test->entropylen);
1764 drbg_string_fill(&pers, test->pers, test->perslen);
1765 ret = crypto_drbg_reset_test(drng, &pers, &test_data);
1767 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
1771 drbg_string_fill(&addtl, test->addtla, test->addtllen);
1773 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
1774 ret = crypto_drbg_get_bytes_addtl_test(drng,
1775 buf, test->expectedlen, &addtl, &test_data);
1777 ret = crypto_drbg_get_bytes_addtl(drng,
1778 buf, test->expectedlen, &addtl);
1781 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1782 "driver %s\n", driver);
1786 drbg_string_fill(&addtl, test->addtlb, test->addtllen);
1788 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
1789 ret = crypto_drbg_get_bytes_addtl_test(drng,
1790 buf, test->expectedlen, &addtl, &test_data);
1792 ret = crypto_drbg_get_bytes_addtl(drng,
1793 buf, test->expectedlen, &addtl);
1796 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1797 "driver %s\n", driver);
1801 ret = memcmp(test->expected, buf, test->expectedlen);
1804 crypto_free_rng(drng);
1810 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
1816 struct drbg_testvec *template = desc->suite.drbg.vecs;
1817 unsigned int tcount = desc->suite.drbg.count;
1819 if (0 == memcmp(driver, "drbg_pr_", 8))
1822 for (i = 0; i < tcount; i++) {
1823 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
1825 printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
1835 static int do_test_rsa(struct crypto_akcipher *tfm,
1836 struct akcipher_testvec *vecs)
1838 struct akcipher_request *req;
1839 void *outbuf_enc = NULL;
1840 void *outbuf_dec = NULL;
1841 struct tcrypt_result result;
1842 unsigned int out_len_max, out_len = 0;
1845 req = akcipher_request_alloc(tfm, GFP_KERNEL);
1849 init_completion(&result.completion);
1850 err = crypto_akcipher_setkey(tfm, vecs->key, vecs->key_len);
1854 akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
1856 /* expect this to fail, and update the required buf len */
1857 crypto_akcipher_encrypt(req);
1858 out_len = req->dst_len;
1864 out_len_max = out_len;
1866 outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
1870 akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
1872 akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1873 tcrypt_complete, &result);
1875 /* Run RSA encrypt - c = m^e mod n;*/
1876 err = wait_async_op(&result, crypto_akcipher_encrypt(req));
1878 pr_err("alg: rsa: encrypt test failed. err %d\n", err);
1881 if (out_len != vecs->c_size) {
1882 pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
1886 /* verify that encrypted message is equal to expected */
1887 if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
1888 pr_err("alg: rsa: encrypt test failed. Invalid output\n");
1892 /* Don't invoke decrypt for vectors with public key */
1893 if (vecs->public_key_vec) {
1897 outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
1902 init_completion(&result.completion);
1903 akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs->c_size,
1906 /* Run RSA decrypt - m = c^d mod n;*/
1907 err = wait_async_op(&result, crypto_akcipher_decrypt(req));
1909 pr_err("alg: rsa: decrypt test failed. err %d\n", err);
1912 out_len = req->dst_len;
1913 if (out_len != vecs->m_size) {
1914 pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
1918 /* verify that decrypted message is equal to the original msg */
1919 if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
1920 pr_err("alg: rsa: decrypt test failed. Invalid output\n");
1927 akcipher_request_free(req);
1931 static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs,
1932 unsigned int tcount)
1936 for (i = 0; i < tcount; i++) {
1937 ret = do_test_rsa(tfm, vecs++);
1939 pr_err("alg: rsa: test failed on vector %d, err=%d\n",
1947 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
1948 struct akcipher_testvec *vecs, unsigned int tcount)
1950 if (strncmp(alg, "rsa", 3) == 0)
1951 return test_rsa(tfm, vecs, tcount);
1956 static int alg_test_akcipher(const struct alg_test_desc *desc,
1957 const char *driver, u32 type, u32 mask)
1959 struct crypto_akcipher *tfm;
1962 tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1964 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
1965 driver, PTR_ERR(tfm));
1966 return PTR_ERR(tfm);
1968 if (desc->suite.akcipher.vecs)
1969 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
1970 desc->suite.akcipher.count);
1972 crypto_free_akcipher(tfm);
1976 static int alg_test_null(const struct alg_test_desc *desc,
1977 const char *driver, u32 type, u32 mask)
1982 /* Please keep this list sorted by algorithm name. */
1983 static const struct alg_test_desc alg_test_descs[] = {
1985 .alg = "__cbc-cast5-avx",
1986 .test = alg_test_null,
1988 .alg = "__cbc-cast6-avx",
1989 .test = alg_test_null,
1991 .alg = "__cbc-serpent-avx",
1992 .test = alg_test_null,
1994 .alg = "__cbc-serpent-avx2",
1995 .test = alg_test_null,
1997 .alg = "__cbc-serpent-sse2",
1998 .test = alg_test_null,
2000 .alg = "__cbc-twofish-avx",
2001 .test = alg_test_null,
2003 .alg = "__driver-cbc-aes-aesni",
2004 .test = alg_test_null,
2007 .alg = "__driver-cbc-camellia-aesni",
2008 .test = alg_test_null,
2010 .alg = "__driver-cbc-camellia-aesni-avx2",
2011 .test = alg_test_null,
2013 .alg = "__driver-cbc-cast5-avx",
2014 .test = alg_test_null,
2016 .alg = "__driver-cbc-cast6-avx",
2017 .test = alg_test_null,
2019 .alg = "__driver-cbc-serpent-avx",
2020 .test = alg_test_null,
2022 .alg = "__driver-cbc-serpent-avx2",
2023 .test = alg_test_null,
2025 .alg = "__driver-cbc-serpent-sse2",
2026 .test = alg_test_null,
2028 .alg = "__driver-cbc-twofish-avx",
2029 .test = alg_test_null,
2031 .alg = "__driver-ecb-aes-aesni",
2032 .test = alg_test_null,
2035 .alg = "__driver-ecb-camellia-aesni",
2036 .test = alg_test_null,
2038 .alg = "__driver-ecb-camellia-aesni-avx2",
2039 .test = alg_test_null,
2041 .alg = "__driver-ecb-cast5-avx",
2042 .test = alg_test_null,
2044 .alg = "__driver-ecb-cast6-avx",
2045 .test = alg_test_null,
2047 .alg = "__driver-ecb-serpent-avx",
2048 .test = alg_test_null,
2050 .alg = "__driver-ecb-serpent-avx2",
2051 .test = alg_test_null,
2053 .alg = "__driver-ecb-serpent-sse2",
2054 .test = alg_test_null,
2056 .alg = "__driver-ecb-twofish-avx",
2057 .test = alg_test_null,
2059 .alg = "__driver-gcm-aes-aesni",
2060 .test = alg_test_null,
2063 .alg = "__ghash-pclmulqdqni",
2064 .test = alg_test_null,
2067 .alg = "ansi_cprng",
2068 .test = alg_test_cprng,
2072 .vecs = ansi_cprng_aes_tv_template,
2073 .count = ANSI_CPRNG_AES_TEST_VECTORS
2077 .alg = "authenc(hmac(md5),ecb(cipher_null))",
2078 .test = alg_test_aead,
2083 .vecs = hmac_md5_ecb_cipher_null_enc_tv_template,
2084 .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS
2087 .vecs = hmac_md5_ecb_cipher_null_dec_tv_template,
2088 .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS
2093 .alg = "authenc(hmac(sha1),cbc(aes))",
2094 .test = alg_test_aead,
2100 hmac_sha1_aes_cbc_enc_tv_temp,
2102 HMAC_SHA1_AES_CBC_ENC_TEST_VEC
2107 .alg = "authenc(hmac(sha1),cbc(des))",
2108 .test = alg_test_aead,
2114 hmac_sha1_des_cbc_enc_tv_temp,
2116 HMAC_SHA1_DES_CBC_ENC_TEST_VEC
2121 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
2122 .test = alg_test_aead,
2128 hmac_sha1_des3_ede_cbc_enc_tv_temp,
2130 HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC
2135 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
2136 .test = alg_test_aead,
2142 hmac_sha1_ecb_cipher_null_enc_tv_temp,
2144 HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC
2148 hmac_sha1_ecb_cipher_null_dec_tv_temp,
2150 HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC
2155 .alg = "authenc(hmac(sha224),cbc(des))",
2156 .test = alg_test_aead,
2162 hmac_sha224_des_cbc_enc_tv_temp,
2164 HMAC_SHA224_DES_CBC_ENC_TEST_VEC
2169 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
2170 .test = alg_test_aead,
2176 hmac_sha224_des3_ede_cbc_enc_tv_temp,
2178 HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC
2183 .alg = "authenc(hmac(sha256),cbc(aes))",
2184 .test = alg_test_aead,
2190 hmac_sha256_aes_cbc_enc_tv_temp,
2192 HMAC_SHA256_AES_CBC_ENC_TEST_VEC
2197 .alg = "authenc(hmac(sha256),cbc(des))",
2198 .test = alg_test_aead,
2204 hmac_sha256_des_cbc_enc_tv_temp,
2206 HMAC_SHA256_DES_CBC_ENC_TEST_VEC
2211 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
2212 .test = alg_test_aead,
2218 hmac_sha256_des3_ede_cbc_enc_tv_temp,
2220 HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC
2225 .alg = "authenc(hmac(sha384),cbc(des))",
2226 .test = alg_test_aead,
2232 hmac_sha384_des_cbc_enc_tv_temp,
2234 HMAC_SHA384_DES_CBC_ENC_TEST_VEC
2239 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
2240 .test = alg_test_aead,
2246 hmac_sha384_des3_ede_cbc_enc_tv_temp,
2248 HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC
2253 .alg = "authenc(hmac(sha512),cbc(aes))",
2254 .test = alg_test_aead,
2260 hmac_sha512_aes_cbc_enc_tv_temp,
2262 HMAC_SHA512_AES_CBC_ENC_TEST_VEC
2267 .alg = "authenc(hmac(sha512),cbc(des))",
2268 .test = alg_test_aead,
2274 hmac_sha512_des_cbc_enc_tv_temp,
2276 HMAC_SHA512_DES_CBC_ENC_TEST_VEC
2281 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
2282 .test = alg_test_aead,
2288 hmac_sha512_des3_ede_cbc_enc_tv_temp,
2290 HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC
2296 .test = alg_test_skcipher,
2301 .vecs = aes_cbc_enc_tv_template,
2302 .count = AES_CBC_ENC_TEST_VECTORS
2305 .vecs = aes_cbc_dec_tv_template,
2306 .count = AES_CBC_DEC_TEST_VECTORS
2311 .alg = "cbc(anubis)",
2312 .test = alg_test_skcipher,
2316 .vecs = anubis_cbc_enc_tv_template,
2317 .count = ANUBIS_CBC_ENC_TEST_VECTORS
2320 .vecs = anubis_cbc_dec_tv_template,
2321 .count = ANUBIS_CBC_DEC_TEST_VECTORS
2326 .alg = "cbc(blowfish)",
2327 .test = alg_test_skcipher,
2331 .vecs = bf_cbc_enc_tv_template,
2332 .count = BF_CBC_ENC_TEST_VECTORS
2335 .vecs = bf_cbc_dec_tv_template,
2336 .count = BF_CBC_DEC_TEST_VECTORS
2341 .alg = "cbc(camellia)",
2342 .test = alg_test_skcipher,
2346 .vecs = camellia_cbc_enc_tv_template,
2347 .count = CAMELLIA_CBC_ENC_TEST_VECTORS
2350 .vecs = camellia_cbc_dec_tv_template,
2351 .count = CAMELLIA_CBC_DEC_TEST_VECTORS
2356 .alg = "cbc(cast5)",
2357 .test = alg_test_skcipher,
2361 .vecs = cast5_cbc_enc_tv_template,
2362 .count = CAST5_CBC_ENC_TEST_VECTORS
2365 .vecs = cast5_cbc_dec_tv_template,
2366 .count = CAST5_CBC_DEC_TEST_VECTORS
2371 .alg = "cbc(cast6)",
2372 .test = alg_test_skcipher,
2376 .vecs = cast6_cbc_enc_tv_template,
2377 .count = CAST6_CBC_ENC_TEST_VECTORS
2380 .vecs = cast6_cbc_dec_tv_template,
2381 .count = CAST6_CBC_DEC_TEST_VECTORS
2387 .test = alg_test_skcipher,
2391 .vecs = des_cbc_enc_tv_template,
2392 .count = DES_CBC_ENC_TEST_VECTORS
2395 .vecs = des_cbc_dec_tv_template,
2396 .count = DES_CBC_DEC_TEST_VECTORS
2401 .alg = "cbc(des3_ede)",
2402 .test = alg_test_skcipher,
2407 .vecs = des3_ede_cbc_enc_tv_template,
2408 .count = DES3_EDE_CBC_ENC_TEST_VECTORS
2411 .vecs = des3_ede_cbc_dec_tv_template,
2412 .count = DES3_EDE_CBC_DEC_TEST_VECTORS
2417 .alg = "cbc(serpent)",
2418 .test = alg_test_skcipher,
2422 .vecs = serpent_cbc_enc_tv_template,
2423 .count = SERPENT_CBC_ENC_TEST_VECTORS
2426 .vecs = serpent_cbc_dec_tv_template,
2427 .count = SERPENT_CBC_DEC_TEST_VECTORS
2432 .alg = "cbc(twofish)",
2433 .test = alg_test_skcipher,
2437 .vecs = tf_cbc_enc_tv_template,
2438 .count = TF_CBC_ENC_TEST_VECTORS
2441 .vecs = tf_cbc_dec_tv_template,
2442 .count = TF_CBC_DEC_TEST_VECTORS
2448 .test = alg_test_aead,
2453 .vecs = aes_ccm_enc_tv_template,
2454 .count = AES_CCM_ENC_TEST_VECTORS
2457 .vecs = aes_ccm_dec_tv_template,
2458 .count = AES_CCM_DEC_TEST_VECTORS
2464 .test = alg_test_skcipher,
2468 .vecs = chacha20_enc_tv_template,
2469 .count = CHACHA20_ENC_TEST_VECTORS
2472 .vecs = chacha20_enc_tv_template,
2473 .count = CHACHA20_ENC_TEST_VECTORS
2480 .test = alg_test_hash,
2483 .vecs = aes_cmac128_tv_template,
2484 .count = CMAC_AES_TEST_VECTORS
2488 .alg = "cmac(des3_ede)",
2490 .test = alg_test_hash,
2493 .vecs = des3_ede_cmac64_tv_template,
2494 .count = CMAC_DES3_EDE_TEST_VECTORS
2498 .alg = "compress_null",
2499 .test = alg_test_null,
2502 .test = alg_test_hash,
2505 .vecs = crc32_tv_template,
2506 .count = CRC32_TEST_VECTORS
2511 .test = alg_test_crc32c,
2515 .vecs = crc32c_tv_template,
2516 .count = CRC32C_TEST_VECTORS
2521 .test = alg_test_hash,
2525 .vecs = crct10dif_tv_template,
2526 .count = CRCT10DIF_TEST_VECTORS
2530 .alg = "cryptd(__driver-cbc-aes-aesni)",
2531 .test = alg_test_null,
2534 .alg = "cryptd(__driver-cbc-camellia-aesni)",
2535 .test = alg_test_null,
2537 .alg = "cryptd(__driver-cbc-camellia-aesni-avx2)",
2538 .test = alg_test_null,
2540 .alg = "cryptd(__driver-cbc-serpent-avx2)",
2541 .test = alg_test_null,
2543 .alg = "cryptd(__driver-ecb-aes-aesni)",
2544 .test = alg_test_null,
2547 .alg = "cryptd(__driver-ecb-camellia-aesni)",
2548 .test = alg_test_null,
2550 .alg = "cryptd(__driver-ecb-camellia-aesni-avx2)",
2551 .test = alg_test_null,
2553 .alg = "cryptd(__driver-ecb-cast5-avx)",
2554 .test = alg_test_null,
2556 .alg = "cryptd(__driver-ecb-cast6-avx)",
2557 .test = alg_test_null,
2559 .alg = "cryptd(__driver-ecb-serpent-avx)",
2560 .test = alg_test_null,
2562 .alg = "cryptd(__driver-ecb-serpent-avx2)",
2563 .test = alg_test_null,
2565 .alg = "cryptd(__driver-ecb-serpent-sse2)",
2566 .test = alg_test_null,
2568 .alg = "cryptd(__driver-ecb-twofish-avx)",
2569 .test = alg_test_null,
2571 .alg = "cryptd(__driver-gcm-aes-aesni)",
2572 .test = alg_test_null,
2575 .alg = "cryptd(__ghash-pclmulqdqni)",
2576 .test = alg_test_null,
2580 .test = alg_test_skcipher,
2585 .vecs = aes_ctr_enc_tv_template,
2586 .count = AES_CTR_ENC_TEST_VECTORS
2589 .vecs = aes_ctr_dec_tv_template,
2590 .count = AES_CTR_DEC_TEST_VECTORS
2595 .alg = "ctr(blowfish)",
2596 .test = alg_test_skcipher,
2600 .vecs = bf_ctr_enc_tv_template,
2601 .count = BF_CTR_ENC_TEST_VECTORS
2604 .vecs = bf_ctr_dec_tv_template,
2605 .count = BF_CTR_DEC_TEST_VECTORS
2610 .alg = "ctr(camellia)",
2611 .test = alg_test_skcipher,
2615 .vecs = camellia_ctr_enc_tv_template,
2616 .count = CAMELLIA_CTR_ENC_TEST_VECTORS
2619 .vecs = camellia_ctr_dec_tv_template,
2620 .count = CAMELLIA_CTR_DEC_TEST_VECTORS
2625 .alg = "ctr(cast5)",
2626 .test = alg_test_skcipher,
2630 .vecs = cast5_ctr_enc_tv_template,
2631 .count = CAST5_CTR_ENC_TEST_VECTORS
2634 .vecs = cast5_ctr_dec_tv_template,
2635 .count = CAST5_CTR_DEC_TEST_VECTORS
2640 .alg = "ctr(cast6)",
2641 .test = alg_test_skcipher,
2645 .vecs = cast6_ctr_enc_tv_template,
2646 .count = CAST6_CTR_ENC_TEST_VECTORS
2649 .vecs = cast6_ctr_dec_tv_template,
2650 .count = CAST6_CTR_DEC_TEST_VECTORS
2656 .test = alg_test_skcipher,
2660 .vecs = des_ctr_enc_tv_template,
2661 .count = DES_CTR_ENC_TEST_VECTORS
2664 .vecs = des_ctr_dec_tv_template,
2665 .count = DES_CTR_DEC_TEST_VECTORS
2670 .alg = "ctr(des3_ede)",
2671 .test = alg_test_skcipher,
2675 .vecs = des3_ede_ctr_enc_tv_template,
2676 .count = DES3_EDE_CTR_ENC_TEST_VECTORS
2679 .vecs = des3_ede_ctr_dec_tv_template,
2680 .count = DES3_EDE_CTR_DEC_TEST_VECTORS
2685 .alg = "ctr(serpent)",
2686 .test = alg_test_skcipher,
2690 .vecs = serpent_ctr_enc_tv_template,
2691 .count = SERPENT_CTR_ENC_TEST_VECTORS
2694 .vecs = serpent_ctr_dec_tv_template,
2695 .count = SERPENT_CTR_DEC_TEST_VECTORS
2700 .alg = "ctr(twofish)",
2701 .test = alg_test_skcipher,
2705 .vecs = tf_ctr_enc_tv_template,
2706 .count = TF_CTR_ENC_TEST_VECTORS
2709 .vecs = tf_ctr_dec_tv_template,
2710 .count = TF_CTR_DEC_TEST_VECTORS
2715 .alg = "cts(cbc(aes))",
2716 .test = alg_test_skcipher,
2720 .vecs = cts_mode_enc_tv_template,
2721 .count = CTS_MODE_ENC_TEST_VECTORS
2724 .vecs = cts_mode_dec_tv_template,
2725 .count = CTS_MODE_DEC_TEST_VECTORS
2731 .test = alg_test_comp,
2736 .vecs = deflate_comp_tv_template,
2737 .count = DEFLATE_COMP_TEST_VECTORS
2740 .vecs = deflate_decomp_tv_template,
2741 .count = DEFLATE_DECOMP_TEST_VECTORS
2746 .alg = "digest_null",
2747 .test = alg_test_null,
2749 .alg = "drbg_nopr_ctr_aes128",
2750 .test = alg_test_drbg,
2754 .vecs = drbg_nopr_ctr_aes128_tv_template,
2755 .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template)
2759 .alg = "drbg_nopr_ctr_aes192",
2760 .test = alg_test_drbg,
2764 .vecs = drbg_nopr_ctr_aes192_tv_template,
2765 .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template)
2769 .alg = "drbg_nopr_ctr_aes256",
2770 .test = alg_test_drbg,
2774 .vecs = drbg_nopr_ctr_aes256_tv_template,
2775 .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template)
2780 * There is no need to specifically test the DRBG with every
2781 * backend cipher -- covered by drbg_nopr_hmac_sha256 test
2783 .alg = "drbg_nopr_hmac_sha1",
2785 .test = alg_test_null,
2787 .alg = "drbg_nopr_hmac_sha256",
2788 .test = alg_test_drbg,
2792 .vecs = drbg_nopr_hmac_sha256_tv_template,
2794 ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template)
2798 /* covered by drbg_nopr_hmac_sha256 test */
2799 .alg = "drbg_nopr_hmac_sha384",
2801 .test = alg_test_null,
2803 .alg = "drbg_nopr_hmac_sha512",
2804 .test = alg_test_null,
2807 .alg = "drbg_nopr_sha1",
2809 .test = alg_test_null,
2811 .alg = "drbg_nopr_sha256",
2812 .test = alg_test_drbg,
2816 .vecs = drbg_nopr_sha256_tv_template,
2817 .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template)
2821 /* covered by drbg_nopr_sha256 test */
2822 .alg = "drbg_nopr_sha384",
2824 .test = alg_test_null,
2826 .alg = "drbg_nopr_sha512",
2828 .test = alg_test_null,
2830 .alg = "drbg_pr_ctr_aes128",
2831 .test = alg_test_drbg,
2835 .vecs = drbg_pr_ctr_aes128_tv_template,
2836 .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template)
2840 /* covered by drbg_pr_ctr_aes128 test */
2841 .alg = "drbg_pr_ctr_aes192",
2843 .test = alg_test_null,
2845 .alg = "drbg_pr_ctr_aes256",
2847 .test = alg_test_null,
2849 .alg = "drbg_pr_hmac_sha1",
2851 .test = alg_test_null,
2853 .alg = "drbg_pr_hmac_sha256",
2854 .test = alg_test_drbg,
2858 .vecs = drbg_pr_hmac_sha256_tv_template,
2859 .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template)
2863 /* covered by drbg_pr_hmac_sha256 test */
2864 .alg = "drbg_pr_hmac_sha384",
2866 .test = alg_test_null,
2868 .alg = "drbg_pr_hmac_sha512",
2869 .test = alg_test_null,
2872 .alg = "drbg_pr_sha1",
2874 .test = alg_test_null,
2876 .alg = "drbg_pr_sha256",
2877 .test = alg_test_drbg,
2881 .vecs = drbg_pr_sha256_tv_template,
2882 .count = ARRAY_SIZE(drbg_pr_sha256_tv_template)
2886 /* covered by drbg_pr_sha256 test */
2887 .alg = "drbg_pr_sha384",
2889 .test = alg_test_null,
2891 .alg = "drbg_pr_sha512",
2893 .test = alg_test_null,
2895 .alg = "ecb(__aes-aesni)",
2896 .test = alg_test_null,
2900 .test = alg_test_skcipher,
2905 .vecs = aes_enc_tv_template,
2906 .count = AES_ENC_TEST_VECTORS
2909 .vecs = aes_dec_tv_template,
2910 .count = AES_DEC_TEST_VECTORS
2915 .alg = "ecb(anubis)",
2916 .test = alg_test_skcipher,
2920 .vecs = anubis_enc_tv_template,
2921 .count = ANUBIS_ENC_TEST_VECTORS
2924 .vecs = anubis_dec_tv_template,
2925 .count = ANUBIS_DEC_TEST_VECTORS
2931 .test = alg_test_skcipher,
2935 .vecs = arc4_enc_tv_template,
2936 .count = ARC4_ENC_TEST_VECTORS
2939 .vecs = arc4_dec_tv_template,
2940 .count = ARC4_DEC_TEST_VECTORS
2945 .alg = "ecb(blowfish)",
2946 .test = alg_test_skcipher,
2950 .vecs = bf_enc_tv_template,
2951 .count = BF_ENC_TEST_VECTORS
2954 .vecs = bf_dec_tv_template,
2955 .count = BF_DEC_TEST_VECTORS
2960 .alg = "ecb(camellia)",
2961 .test = alg_test_skcipher,
2965 .vecs = camellia_enc_tv_template,
2966 .count = CAMELLIA_ENC_TEST_VECTORS
2969 .vecs = camellia_dec_tv_template,
2970 .count = CAMELLIA_DEC_TEST_VECTORS
2975 .alg = "ecb(cast5)",
2976 .test = alg_test_skcipher,
2980 .vecs = cast5_enc_tv_template,
2981 .count = CAST5_ENC_TEST_VECTORS
2984 .vecs = cast5_dec_tv_template,
2985 .count = CAST5_DEC_TEST_VECTORS
2990 .alg = "ecb(cast6)",
2991 .test = alg_test_skcipher,
2995 .vecs = cast6_enc_tv_template,
2996 .count = CAST6_ENC_TEST_VECTORS
2999 .vecs = cast6_dec_tv_template,
3000 .count = CAST6_DEC_TEST_VECTORS
3005 .alg = "ecb(cipher_null)",
3006 .test = alg_test_null,
3009 .test = alg_test_skcipher,
3014 .vecs = des_enc_tv_template,
3015 .count = DES_ENC_TEST_VECTORS
3018 .vecs = des_dec_tv_template,
3019 .count = DES_DEC_TEST_VECTORS
3024 .alg = "ecb(des3_ede)",
3025 .test = alg_test_skcipher,
3030 .vecs = des3_ede_enc_tv_template,
3031 .count = DES3_EDE_ENC_TEST_VECTORS
3034 .vecs = des3_ede_dec_tv_template,
3035 .count = DES3_EDE_DEC_TEST_VECTORS
3040 .alg = "ecb(fcrypt)",
3041 .test = alg_test_skcipher,
3045 .vecs = fcrypt_pcbc_enc_tv_template,
3049 .vecs = fcrypt_pcbc_dec_tv_template,
3055 .alg = "ecb(khazad)",
3056 .test = alg_test_skcipher,
3060 .vecs = khazad_enc_tv_template,
3061 .count = KHAZAD_ENC_TEST_VECTORS
3064 .vecs = khazad_dec_tv_template,
3065 .count = KHAZAD_DEC_TEST_VECTORS
3071 .test = alg_test_skcipher,
3075 .vecs = seed_enc_tv_template,
3076 .count = SEED_ENC_TEST_VECTORS
3079 .vecs = seed_dec_tv_template,
3080 .count = SEED_DEC_TEST_VECTORS
3085 .alg = "ecb(serpent)",
3086 .test = alg_test_skcipher,
3090 .vecs = serpent_enc_tv_template,
3091 .count = SERPENT_ENC_TEST_VECTORS
3094 .vecs = serpent_dec_tv_template,
3095 .count = SERPENT_DEC_TEST_VECTORS
3101 .test = alg_test_skcipher,
3105 .vecs = tea_enc_tv_template,
3106 .count = TEA_ENC_TEST_VECTORS
3109 .vecs = tea_dec_tv_template,
3110 .count = TEA_DEC_TEST_VECTORS
3115 .alg = "ecb(tnepres)",
3116 .test = alg_test_skcipher,
3120 .vecs = tnepres_enc_tv_template,
3121 .count = TNEPRES_ENC_TEST_VECTORS
3124 .vecs = tnepres_dec_tv_template,
3125 .count = TNEPRES_DEC_TEST_VECTORS
3130 .alg = "ecb(twofish)",
3131 .test = alg_test_skcipher,
3135 .vecs = tf_enc_tv_template,
3136 .count = TF_ENC_TEST_VECTORS
3139 .vecs = tf_dec_tv_template,
3140 .count = TF_DEC_TEST_VECTORS
3146 .test = alg_test_skcipher,
3150 .vecs = xeta_enc_tv_template,
3151 .count = XETA_ENC_TEST_VECTORS
3154 .vecs = xeta_dec_tv_template,
3155 .count = XETA_DEC_TEST_VECTORS
3161 .test = alg_test_skcipher,
3165 .vecs = xtea_enc_tv_template,
3166 .count = XTEA_ENC_TEST_VECTORS
3169 .vecs = xtea_dec_tv_template,
3170 .count = XTEA_DEC_TEST_VECTORS
3176 .test = alg_test_aead,
3181 .vecs = aes_gcm_enc_tv_template,
3182 .count = AES_GCM_ENC_TEST_VECTORS
3185 .vecs = aes_gcm_dec_tv_template,
3186 .count = AES_GCM_DEC_TEST_VECTORS
3192 .test = alg_test_hash,
3196 .vecs = ghash_tv_template,
3197 .count = GHASH_TEST_VECTORS
3201 .alg = "hmac(crc32)",
3202 .test = alg_test_hash,
3205 .vecs = bfin_crc_tv_template,
3206 .count = BFIN_CRC_TEST_VECTORS
3211 .test = alg_test_hash,
3214 .vecs = hmac_md5_tv_template,
3215 .count = HMAC_MD5_TEST_VECTORS
3219 .alg = "hmac(rmd128)",
3220 .test = alg_test_hash,
3223 .vecs = hmac_rmd128_tv_template,
3224 .count = HMAC_RMD128_TEST_VECTORS
3228 .alg = "hmac(rmd160)",
3229 .test = alg_test_hash,
3232 .vecs = hmac_rmd160_tv_template,
3233 .count = HMAC_RMD160_TEST_VECTORS
3237 .alg = "hmac(sha1)",
3238 .test = alg_test_hash,
3242 .vecs = hmac_sha1_tv_template,
3243 .count = HMAC_SHA1_TEST_VECTORS
3247 .alg = "hmac(sha224)",
3248 .test = alg_test_hash,
3252 .vecs = hmac_sha224_tv_template,
3253 .count = HMAC_SHA224_TEST_VECTORS
3257 .alg = "hmac(sha256)",
3258 .test = alg_test_hash,
3262 .vecs = hmac_sha256_tv_template,
3263 .count = HMAC_SHA256_TEST_VECTORS
3267 .alg = "hmac(sha384)",
3268 .test = alg_test_hash,
3272 .vecs = hmac_sha384_tv_template,
3273 .count = HMAC_SHA384_TEST_VECTORS
3277 .alg = "hmac(sha512)",
3278 .test = alg_test_hash,
3282 .vecs = hmac_sha512_tv_template,
3283 .count = HMAC_SHA512_TEST_VECTORS
3287 .alg = "jitterentropy_rng",
3289 .test = alg_test_null,
3292 .test = alg_test_skcipher,
3296 .vecs = aes_lrw_enc_tv_template,
3297 .count = AES_LRW_ENC_TEST_VECTORS
3300 .vecs = aes_lrw_dec_tv_template,
3301 .count = AES_LRW_DEC_TEST_VECTORS
3306 .alg = "lrw(camellia)",
3307 .test = alg_test_skcipher,
3311 .vecs = camellia_lrw_enc_tv_template,
3312 .count = CAMELLIA_LRW_ENC_TEST_VECTORS
3315 .vecs = camellia_lrw_dec_tv_template,
3316 .count = CAMELLIA_LRW_DEC_TEST_VECTORS
3321 .alg = "lrw(cast6)",
3322 .test = alg_test_skcipher,
3326 .vecs = cast6_lrw_enc_tv_template,
3327 .count = CAST6_LRW_ENC_TEST_VECTORS
3330 .vecs = cast6_lrw_dec_tv_template,
3331 .count = CAST6_LRW_DEC_TEST_VECTORS
3336 .alg = "lrw(serpent)",
3337 .test = alg_test_skcipher,
3341 .vecs = serpent_lrw_enc_tv_template,
3342 .count = SERPENT_LRW_ENC_TEST_VECTORS
3345 .vecs = serpent_lrw_dec_tv_template,
3346 .count = SERPENT_LRW_DEC_TEST_VECTORS
3351 .alg = "lrw(twofish)",
3352 .test = alg_test_skcipher,
3356 .vecs = tf_lrw_enc_tv_template,
3357 .count = TF_LRW_ENC_TEST_VECTORS
3360 .vecs = tf_lrw_dec_tv_template,
3361 .count = TF_LRW_DEC_TEST_VECTORS
3367 .test = alg_test_comp,
3372 .vecs = lz4_comp_tv_template,
3373 .count = LZ4_COMP_TEST_VECTORS
3376 .vecs = lz4_decomp_tv_template,
3377 .count = LZ4_DECOMP_TEST_VECTORS
3383 .test = alg_test_comp,
3388 .vecs = lz4hc_comp_tv_template,
3389 .count = LZ4HC_COMP_TEST_VECTORS
3392 .vecs = lz4hc_decomp_tv_template,
3393 .count = LZ4HC_DECOMP_TEST_VECTORS
3399 .test = alg_test_comp,
3404 .vecs = lzo_comp_tv_template,
3405 .count = LZO_COMP_TEST_VECTORS
3408 .vecs = lzo_decomp_tv_template,
3409 .count = LZO_DECOMP_TEST_VECTORS
3415 .test = alg_test_hash,
3418 .vecs = md4_tv_template,
3419 .count = MD4_TEST_VECTORS
3424 .test = alg_test_hash,
3427 .vecs = md5_tv_template,
3428 .count = MD5_TEST_VECTORS
3432 .alg = "michael_mic",
3433 .test = alg_test_hash,
3436 .vecs = michael_mic_tv_template,
3437 .count = MICHAEL_MIC_TEST_VECTORS
3442 .test = alg_test_skcipher,
3447 .vecs = aes_ofb_enc_tv_template,
3448 .count = AES_OFB_ENC_TEST_VECTORS
3451 .vecs = aes_ofb_dec_tv_template,
3452 .count = AES_OFB_DEC_TEST_VECTORS
3457 .alg = "pcbc(fcrypt)",
3458 .test = alg_test_skcipher,
3462 .vecs = fcrypt_pcbc_enc_tv_template,
3463 .count = FCRYPT_ENC_TEST_VECTORS
3466 .vecs = fcrypt_pcbc_dec_tv_template,
3467 .count = FCRYPT_DEC_TEST_VECTORS
3473 .test = alg_test_hash,
3476 .vecs = poly1305_tv_template,
3477 .count = POLY1305_TEST_VECTORS
3481 .alg = "rfc3686(ctr(aes))",
3482 .test = alg_test_skcipher,
3487 .vecs = aes_ctr_rfc3686_enc_tv_template,
3488 .count = AES_CTR_3686_ENC_TEST_VECTORS
3491 .vecs = aes_ctr_rfc3686_dec_tv_template,
3492 .count = AES_CTR_3686_DEC_TEST_VECTORS
3497 .alg = "rfc4106(gcm(aes))",
3498 .test = alg_test_aead,
3503 .vecs = aes_gcm_rfc4106_enc_tv_template,
3504 .count = AES_GCM_4106_ENC_TEST_VECTORS
3507 .vecs = aes_gcm_rfc4106_dec_tv_template,
3508 .count = AES_GCM_4106_DEC_TEST_VECTORS
3513 .alg = "rfc4309(ccm(aes))",
3514 .test = alg_test_aead,
3519 .vecs = aes_ccm_rfc4309_enc_tv_template,
3520 .count = AES_CCM_4309_ENC_TEST_VECTORS
3523 .vecs = aes_ccm_rfc4309_dec_tv_template,
3524 .count = AES_CCM_4309_DEC_TEST_VECTORS
3529 .alg = "rfc4543(gcm(aes))",
3530 .test = alg_test_aead,
3534 .vecs = aes_gcm_rfc4543_enc_tv_template,
3535 .count = AES_GCM_4543_ENC_TEST_VECTORS
3538 .vecs = aes_gcm_rfc4543_dec_tv_template,
3539 .count = AES_GCM_4543_DEC_TEST_VECTORS
3544 .alg = "rfc7539(chacha20,poly1305)",
3545 .test = alg_test_aead,
3549 .vecs = rfc7539_enc_tv_template,
3550 .count = RFC7539_ENC_TEST_VECTORS
3553 .vecs = rfc7539_dec_tv_template,
3554 .count = RFC7539_DEC_TEST_VECTORS
3559 .alg = "rfc7539esp(chacha20,poly1305)",
3560 .test = alg_test_aead,
3564 .vecs = rfc7539esp_enc_tv_template,
3565 .count = RFC7539ESP_ENC_TEST_VECTORS
3568 .vecs = rfc7539esp_dec_tv_template,
3569 .count = RFC7539ESP_DEC_TEST_VECTORS
3575 .test = alg_test_hash,
3578 .vecs = rmd128_tv_template,
3579 .count = RMD128_TEST_VECTORS
3584 .test = alg_test_hash,
3587 .vecs = rmd160_tv_template,
3588 .count = RMD160_TEST_VECTORS
3593 .test = alg_test_hash,
3596 .vecs = rmd256_tv_template,
3597 .count = RMD256_TEST_VECTORS
3602 .test = alg_test_hash,
3605 .vecs = rmd320_tv_template,
3606 .count = RMD320_TEST_VECTORS
3611 .test = alg_test_akcipher,
3615 .vecs = rsa_tv_template,
3616 .count = RSA_TEST_VECTORS
3621 .test = alg_test_skcipher,
3625 .vecs = salsa20_stream_enc_tv_template,
3626 .count = SALSA20_STREAM_ENC_TEST_VECTORS
3632 .test = alg_test_hash,
3636 .vecs = sha1_tv_template,
3637 .count = SHA1_TEST_VECTORS
3642 .test = alg_test_hash,
3646 .vecs = sha224_tv_template,
3647 .count = SHA224_TEST_VECTORS
3652 .test = alg_test_hash,
3656 .vecs = sha256_tv_template,
3657 .count = SHA256_TEST_VECTORS
3662 .test = alg_test_hash,
3666 .vecs = sha384_tv_template,
3667 .count = SHA384_TEST_VECTORS
3672 .test = alg_test_hash,
3676 .vecs = sha512_tv_template,
3677 .count = SHA512_TEST_VECTORS
3682 .test = alg_test_hash,
3685 .vecs = tgr128_tv_template,
3686 .count = TGR128_TEST_VECTORS
3691 .test = alg_test_hash,
3694 .vecs = tgr160_tv_template,
3695 .count = TGR160_TEST_VECTORS
3700 .test = alg_test_hash,
3703 .vecs = tgr192_tv_template,
3704 .count = TGR192_TEST_VECTORS
3709 .test = alg_test_hash,
3712 .vecs = aes_vmac128_tv_template,
3713 .count = VMAC_AES_TEST_VECTORS
3718 .test = alg_test_hash,
3721 .vecs = wp256_tv_template,
3722 .count = WP256_TEST_VECTORS
3727 .test = alg_test_hash,
3730 .vecs = wp384_tv_template,
3731 .count = WP384_TEST_VECTORS
3736 .test = alg_test_hash,
3739 .vecs = wp512_tv_template,
3740 .count = WP512_TEST_VECTORS
3745 .test = alg_test_hash,
3748 .vecs = aes_xcbc128_tv_template,
3749 .count = XCBC_AES_TEST_VECTORS
3754 .test = alg_test_skcipher,
3759 .vecs = aes_xts_enc_tv_template,
3760 .count = AES_XTS_ENC_TEST_VECTORS
3763 .vecs = aes_xts_dec_tv_template,
3764 .count = AES_XTS_DEC_TEST_VECTORS
3769 .alg = "xts(camellia)",
3770 .test = alg_test_skcipher,
3774 .vecs = camellia_xts_enc_tv_template,
3775 .count = CAMELLIA_XTS_ENC_TEST_VECTORS
3778 .vecs = camellia_xts_dec_tv_template,
3779 .count = CAMELLIA_XTS_DEC_TEST_VECTORS
3784 .alg = "xts(cast6)",
3785 .test = alg_test_skcipher,
3789 .vecs = cast6_xts_enc_tv_template,
3790 .count = CAST6_XTS_ENC_TEST_VECTORS
3793 .vecs = cast6_xts_dec_tv_template,
3794 .count = CAST6_XTS_DEC_TEST_VECTORS
3799 .alg = "xts(serpent)",
3800 .test = alg_test_skcipher,
3804 .vecs = serpent_xts_enc_tv_template,
3805 .count = SERPENT_XTS_ENC_TEST_VECTORS
3808 .vecs = serpent_xts_dec_tv_template,
3809 .count = SERPENT_XTS_DEC_TEST_VECTORS
3814 .alg = "xts(twofish)",
3815 .test = alg_test_skcipher,
3819 .vecs = tf_xts_enc_tv_template,
3820 .count = TF_XTS_ENC_TEST_VECTORS
3823 .vecs = tf_xts_dec_tv_template,
3824 .count = TF_XTS_DEC_TEST_VECTORS
3830 .test = alg_test_pcomp,
3835 .vecs = zlib_comp_tv_template,
3836 .count = ZLIB_COMP_TEST_VECTORS
3839 .vecs = zlib_decomp_tv_template,
3840 .count = ZLIB_DECOMP_TEST_VECTORS
3847 static bool alg_test_descs_checked;
3849 static void alg_test_descs_check_order(void)
3853 /* only check once */
3854 if (alg_test_descs_checked)
3857 alg_test_descs_checked = true;
3859 for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3860 int diff = strcmp(alg_test_descs[i - 1].alg,
3861 alg_test_descs[i].alg);
3863 if (WARN_ON(diff > 0)) {
3864 pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3865 alg_test_descs[i - 1].alg,
3866 alg_test_descs[i].alg);
3869 if (WARN_ON(diff == 0)) {
3870 pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3871 alg_test_descs[i].alg);
3876 static int alg_find_test(const char *alg)
3879 int end = ARRAY_SIZE(alg_test_descs);
3881 while (start < end) {
3882 int i = (start + end) / 2;
3883 int diff = strcmp(alg_test_descs[i].alg, alg);
3901 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3907 alg_test_descs_check_order();
3909 if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3910 char nalg[CRYPTO_MAX_ALG_NAME];
3912 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
3914 return -ENAMETOOLONG;
3916 i = alg_find_test(nalg);
3920 if (fips_enabled && !alg_test_descs[i].fips_allowed)
3923 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
3927 i = alg_find_test(alg);
3928 j = alg_find_test(driver);
3932 if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
3933 (j >= 0 && !alg_test_descs[j].fips_allowed)))
3938 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
3940 if (j >= 0 && j != i)
3941 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
3945 if (fips_enabled && rc)
3946 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
3948 if (fips_enabled && !rc)
3949 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
3954 printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
3960 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
3962 EXPORT_SYMBOL_GPL(alg_test);