crypto/testmgr.c

   1 /*
   2  * Algorithm testing framework and tests.
   3  *
   4  * Copyright (c) 2002 James Morris <[email protected]>
   5  * Copyright (c) 2002 Jean-Francois Dive <[email protected]>
   6  * Copyright (c) 2007 Nokia Siemens Networks
   7  * Copyright (c) 2008 Herbert Xu <[email protected]>
   8  *
   9  * Updated RFC4106 AES-GCM testing.
  10  *    Authors: Aidan O'Mahony ([email protected])
  11  *             Adrian Hoban <[email protected]>
  12  *             Gabriele Paoloni <[email protected]>
  13  *             Tadeusz Struk ([email protected])
  14  *    Copyright (c) 2010, Intel Corporation.
  15  *
  16  * This program is free software; you can redistribute it and/or modify it
  17  * under the terms of the GNU General Public License as published by the Free
  18  * Software Foundation; either version 2 of the License, or (at your option)
  19  * any later version.
  20  *
  21  */
  22
  23 #include <crypto/aead.h>
  24 #include <crypto/hash.h>
  25 #include <crypto/skcipher.h>
  26 #include <linux/err.h>
  27 #include <linux/fips.h>
  28 #include <linux/module.h>
  29 #include <linux/scatterlist.h>
  30 #include <linux/slab.h>
  31 #include <linux/string.h>
  32 #include <crypto/rng.h>
  33 #include <crypto/drbg.h>
  34 #include <crypto/akcipher.h>
  35
  36 #include "internal.h"
  37
  38 #ifdef CONFIG_CRYPTO_MANAGER_DISABLE_TESTS
  39
  40 /* a perfect nop */
  41 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
  42 {
  43         return 0;
  44 }
  45
  46 #else
  47
  48 #include "testmgr.h"
  49
  50 /*
  51  * Need slab memory for testing (size in number of pages).
  52  */
  53 #define XBUFSIZE        8
  54
  55 /*
  56  * Indexes into the xbuf to simulate cross-page access.
  57  */
  58 #define IDX1            32
  59 #define IDX2            32400
  60 #define IDX3            1
  61 #define IDX4            8193
  62 #define IDX5            22222
  63 #define IDX6            17101
  64 #define IDX7            27333
  65 #define IDX8            3000
  66
  67 /*
  68 * Used by test_cipher()
  69 */
  70 #define ENCRYPT 1
  71 #define DECRYPT 0
  72
  73 struct tcrypt_result {
  74         struct completion completion;
  75         int err;
  76 };
  77
  78 struct aead_test_suite {
  79         struct {
  80                 struct aead_testvec *vecs;
  81                 unsigned int count;
  82         } enc, dec;
  83 };
  84
  85 struct cipher_test_suite {
  86         struct {
  87                 struct cipher_testvec *vecs;
  88                 unsigned int count;
  89         } enc, dec;
  90 };
  91
  92 struct comp_test_suite {
  93         struct {
  94                 struct comp_testvec *vecs;
  95                 unsigned int count;
  96         } comp, decomp;
  97 };
  98
  99 struct hash_test_suite {
 100         struct hash_testvec *vecs;
 101         unsigned int count;
 102 };
 103
 104 struct cprng_test_suite {
 105         struct cprng_testvec *vecs;
 106         unsigned int count;
 107 };
 108
 109 struct drbg_test_suite {
 110         struct drbg_testvec *vecs;
 111         unsigned int count;
 112 };
 113
 114 struct akcipher_test_suite {
 115         struct akcipher_testvec *vecs;
 116         unsigned int count;
 117 };
 118
 119 struct alg_test_desc {
 120         const char *alg;
 121         int (*test)(const struct alg_test_desc *desc, const char *driver,
 122                     u32 type, u32 mask);
 123         int fips_allowed;       /* set if alg is allowed in fips mode */
 124
 125         union {
 126                 struct aead_test_suite aead;
 127                 struct cipher_test_suite cipher;
 128                 struct comp_test_suite comp;
 129                 struct hash_test_suite hash;
 130                 struct cprng_test_suite cprng;
 131                 struct drbg_test_suite drbg;
 132                 struct akcipher_test_suite akcipher;
 133         } suite;
 134 };
 135
 136 static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
 137
 138 static void hexdump(unsigned char *buf, unsigned int len)
 139 {
 140         print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
 141                         16, 1,
 142                         buf, len, false);
 143 }
 144
 145 static void tcrypt_complete(struct crypto_async_request *req, int err)
 146 {
 147         struct tcrypt_result *res = req->data;
 148
 149         if (err == -EINPROGRESS)
 150                 return;
 151
 152         res->err = err;
 153         complete(&res->completion);
 154 }
 155
 156 static int testmgr_alloc_buf(char *buf[XBUFSIZE])
 157 {
 158         int i;
 159
 160         for (i = 0; i < XBUFSIZE; i++) {
 161                 buf[i] = (void *)__get_free_page(GFP_KERNEL);
 162                 if (!buf[i])
 163                         goto err_free_buf;
 164         }
 165
 166         return 0;
 167
 168 err_free_buf:
 169         while (i-- > 0)
 170                 free_page((unsigned long)buf[i]);
 171
 172         return -ENOMEM;
 173 }
 174
 175 static void testmgr_free_buf(char *buf[XBUFSIZE])
 176 {
 177         int i;
 178
 179         for (i = 0; i < XBUFSIZE; i++)
 180                 free_page((unsigned long)buf[i]);
 181 }
 182
 183 static int wait_async_op(struct tcrypt_result *tr, int ret)
 184 {
 185         if (ret == -EINPROGRESS || ret == -EBUSY) {
 186                 wait_for_completion(&tr->completion);
 187                 reinit_completion(&tr->completion);
 188                 ret = tr->err;
 189         }
 190         return ret;
 191 }
 192
 193 static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
 194                        unsigned int tcount, bool use_digest,
 195                        const int align_offset)
 196 {
 197         const char *algo = crypto_tfm_alg_driver_name(crypto_ahash_tfm(tfm));
 198         unsigned int i, j, k, temp;
 199         struct scatterlist sg[8];
 200         char *result;
 201         char *key;
 202         struct ahash_request *req;
 203         struct tcrypt_result tresult;
 204         void *hash_buff;
 205         char *xbuf[XBUFSIZE];
 206         int ret = -ENOMEM;
 207
 208         result = kmalloc(MAX_DIGEST_SIZE, GFP_KERNEL);
 209         if (!result)
 210                 return ret;
 211         key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
 212         if (!key)
 213                 goto out_nobuf;
 214         if (testmgr_alloc_buf(xbuf))
 215                 goto out_nobuf;
 216
 217         init_completion(&tresult.completion);
 218
 219         req = ahash_request_alloc(tfm, GFP_KERNEL);
 220         if (!req) {
 221                 printk(KERN_ERR "alg: hash: Failed to allocate request for "
 222                        "%s\n", algo);
 223                 goto out_noreq;
 224         }
 225         ahash_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
 226                                    tcrypt_complete, &tresult);
 227
 228         j = 0;
 229         for (i = 0; i < tcount; i++) {
 230                 if (template[i].np)
 231                         continue;
 232
 233                 ret = -EINVAL;
 234                 if (WARN_ON(align_offset + template[i].psize > PAGE_SIZE))
 235                         goto out;
 236
 237                 j++;
 238                 memset(result, 0, MAX_DIGEST_SIZE);
 239
 240                 hash_buff = xbuf[0];
 241                 hash_buff += align_offset;
 242
 243                 memcpy(hash_buff, template[i].plaintext, template[i].psize);
 244                 sg_init_one(&sg[0], hash_buff, template[i].psize);
 245
 246                 if (template[i].ksize) {
 247                         crypto_ahash_clear_flags(tfm, ~0);
 248                         if (template[i].ksize > MAX_KEYLEN) {
 249                                 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
 250                                        j, algo, template[i].ksize, MAX_KEYLEN);
 251                                 ret = -EINVAL;
 252                                 goto out;
 253                         }
 254                         memcpy(key, template[i].key, template[i].ksize);
 255                         ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
 256                         if (ret) {
 257                                 printk(KERN_ERR "alg: hash: setkey failed on "
 258                                        "test %d for %s: ret=%d\n", j, algo,
 259                                        -ret);
 260                                 goto out;
 261                         }
 262                 }
 263
 264                 ahash_request_set_crypt(req, sg, result, template[i].psize);
 265                 if (use_digest) {
 266                         ret = wait_async_op(&tresult, crypto_ahash_digest(req));
 267                         if (ret) {
 268                                 pr_err("alg: hash: digest failed on test %d "
 269                                        "for %s: ret=%d\n", j, algo, -ret);
 270                                 goto out;
 271                         }
 272                 } else {
 273                         ret = wait_async_op(&tresult, crypto_ahash_init(req));
 274                         if (ret) {
 275                                 pr_err("alt: hash: init failed on test %d "
 276                                        "for %s: ret=%d\n", j, algo, -ret);
 277                                 goto out;
 278                         }
 279                         ret = wait_async_op(&tresult, crypto_ahash_update(req));
 280                         if (ret) {
 281                                 pr_err("alt: hash: update failed on test %d "
 282                                        "for %s: ret=%d\n", j, algo, -ret);
 283                                 goto out;
 284                         }
 285                         ret = wait_async_op(&tresult, crypto_ahash_final(req));
 286                         if (ret) {
 287                                 pr_err("alt: hash: final failed on test %d "
 288                                        "for %s: ret=%d\n", j, algo, -ret);
 289                                 goto out;
 290                         }
 291                 }
 292
 293                 if (memcmp(result, template[i].digest,
 294                            crypto_ahash_digestsize(tfm))) {
 295                         printk(KERN_ERR "alg: hash: Test %d failed for %s\n",
 296                                j, algo);
 297                         hexdump(result, crypto_ahash_digestsize(tfm));
 298                         ret = -EINVAL;
 299                         goto out;
 300                 }
 301         }
 302
 303         j = 0;
 304         for (i = 0; i < tcount; i++) {
 305                 /* alignment tests are only done with continuous buffers */
 306                 if (align_offset != 0)
 307                         break;
 308
 309                 if (!template[i].np)
 310                         continue;
 311
 312                 j++;
 313                 memset(result, 0, MAX_DIGEST_SIZE);
 314
 315                 temp = 0;
 316                 sg_init_table(sg, template[i].np);
 317                 ret = -EINVAL;
 318                 for (k = 0; k < template[i].np; k++) {
 319                         if (WARN_ON(offset_in_page(IDX[k]) +
 320                                     template[i].tap[k] > PAGE_SIZE))
 321                                 goto out;
 322                         sg_set_buf(&sg[k],
 323                                    memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
 324                                           offset_in_page(IDX[k]),
 325                                           template[i].plaintext + temp,
 326                                           template[i].tap[k]),
 327                                    template[i].tap[k]);
 328                         temp += template[i].tap[k];
 329                 }
 330
 331                 if (template[i].ksize) {
 332                         if (template[i].ksize > MAX_KEYLEN) {
 333                                 pr_err("alg: hash: setkey failed on test %d for %s: key size %d > %d\n",
 334                                        j, algo, template[i].ksize, MAX_KEYLEN);
 335                                 ret = -EINVAL;
 336                                 goto out;
 337                         }
 338                         crypto_ahash_clear_flags(tfm, ~0);
 339                         memcpy(key, template[i].key, template[i].ksize);
 340                         ret = crypto_ahash_setkey(tfm, key, template[i].ksize);
 341
 342                         if (ret) {
 343                                 printk(KERN_ERR "alg: hash: setkey "
 344                                        "failed on chunking test %d "
 345                                        "for %s: ret=%d\n", j, algo, -ret);
 346                                 goto out;
 347                         }
 348                 }
 349
 350                 ahash_request_set_crypt(req, sg, result, template[i].psize);
 351                 ret = crypto_ahash_digest(req);
 352                 switch (ret) {
 353                 case 0:
 354                         break;
 355                 case -EINPROGRESS:
 356                 case -EBUSY:
 357                         wait_for_completion(&tresult.completion);
 358                         reinit_completion(&tresult.completion);
 359                         ret = tresult.err;
 360                         if (!ret)
 361                                 break;
 362                         /* fall through */
 363                 default:
 364                         printk(KERN_ERR "alg: hash: digest failed "
 365                                "on chunking test %d for %s: "
 366                                "ret=%d\n", j, algo, -ret);
 367                         goto out;
 368                 }
 369
 370                 if (memcmp(result, template[i].digest,
 371                            crypto_ahash_digestsize(tfm))) {
 372                         printk(KERN_ERR "alg: hash: Chunking test %d "
 373                                "failed for %s\n", j, algo);
 374                         hexdump(result, crypto_ahash_digestsize(tfm));
 375                         ret = -EINVAL;
 376                         goto out;
 377                 }
 378         }
 379
 380         ret = 0;
 381
 382 out:
 383         ahash_request_free(req);
 384 out_noreq:
 385         testmgr_free_buf(xbuf);
 386 out_nobuf:
 387         kfree(key);
 388         kfree(result);
 389         return ret;
 390 }
 391
 392 static int test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
 393                      unsigned int tcount, bool use_digest)
 394 {
 395         unsigned int alignmask;
 396         int ret;
 397
 398         ret = __test_hash(tfm, template, tcount, use_digest, 0);
 399         if (ret)
 400                 return ret;
 401
 402         /* test unaligned buffers, check with one byte offset */
 403         ret = __test_hash(tfm, template, tcount, use_digest, 1);
 404         if (ret)
 405                 return ret;
 406
 407         alignmask = crypto_tfm_alg_alignmask(&tfm->base);
 408         if (alignmask) {
 409                 /* Check if alignment mask for tfm is correctly set. */
 410                 ret = __test_hash(tfm, template, tcount, use_digest,
 411                                   alignmask + 1);
 412                 if (ret)
 413                         return ret;
 414         }
 415
 416         return 0;
 417 }
 418
 419 static int __test_aead(struct crypto_aead *tfm, int enc,
 420                        struct aead_testvec *template, unsigned int tcount,
 421                        const bool diff_dst, const int align_offset)
 422 {
 423         const char *algo = crypto_tfm_alg_driver_name(crypto_aead_tfm(tfm));
 424         unsigned int i, j, k, n, temp;
 425         int ret = -ENOMEM;
 426         char *q;
 427         char *key;
 428         struct aead_request *req;
 429         struct scatterlist *sg;
 430         struct scatterlist *sgout;
 431         const char *e, *d;
 432         struct tcrypt_result result;
 433         unsigned int authsize, iv_len;
 434         void *input;
 435         void *output;
 436         void *assoc;
 437         char *iv;
 438         char *xbuf[XBUFSIZE];
 439         char *xoutbuf[XBUFSIZE];
 440         char *axbuf[XBUFSIZE];
 441
 442         iv = kzalloc(MAX_IVLEN, GFP_KERNEL);
 443         if (!iv)
 444                 return ret;
 445         key = kmalloc(MAX_KEYLEN, GFP_KERNEL);
 446         if (!key)
 447                 goto out_noxbuf;
 448         if (testmgr_alloc_buf(xbuf))
 449                 goto out_noxbuf;
 450         if (testmgr_alloc_buf(axbuf))
 451                 goto out_noaxbuf;
 452         if (diff_dst && testmgr_alloc_buf(xoutbuf))
 453                 goto out_nooutbuf;
 454
 455         /* avoid "the frame size is larger than 1024 bytes" compiler warning */
 456         sg = kmalloc(sizeof(*sg) * 8 * (diff_dst ? 4 : 2), GFP_KERNEL);
 457         if (!sg)
 458                 goto out_nosg;
 459         sgout = &sg[16];
 460
 461         if (diff_dst)
 462                 d = "-ddst";
 463         else
 464                 d = "";
 465
 466         if (enc == ENCRYPT)
 467                 e = "encryption";
 468         else
 469                 e = "decryption";
 470
 471         init_completion(&result.completion);
 472
 473         req = aead_request_alloc(tfm, GFP_KERNEL);
 474         if (!req) {
 475                 pr_err("alg: aead%s: Failed to allocate request for %s\n",
 476                        d, algo);
 477                 goto out;
 478         }
 479
 480         aead_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
 481                                   tcrypt_complete, &result);
 482
 483         for (i = 0, j = 0; i < tcount; i++) {
 484                 if (template[i].np)
 485                         continue;
 486
 487                 j++;
 488
 489                 /* some templates have no input data but they will
 490                  * touch input
 491                  */
 492                 input = xbuf[0];
 493                 input += align_offset;
 494                 assoc = axbuf[0];
 495
 496                 ret = -EINVAL;
 497                 if (WARN_ON(align_offset + template[i].ilen >
 498                             PAGE_SIZE || template[i].alen > PAGE_SIZE))
 499                         goto out;
 500
 501                 memcpy(input, template[i].input, template[i].ilen);
 502                 memcpy(assoc, template[i].assoc, template[i].alen);
 503                 iv_len = crypto_aead_ivsize(tfm);
 504                 if (template[i].iv)
 505                         memcpy(iv, template[i].iv, iv_len);
 506                 else
 507                         memset(iv, 0, iv_len);
 508
 509                 crypto_aead_clear_flags(tfm, ~0);
 510                 if (template[i].wk)
 511                         crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
 512
 513                 if (template[i].klen > MAX_KEYLEN) {
 514                         pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
 515                                d, j, algo, template[i].klen,
 516                                MAX_KEYLEN);
 517                         ret = -EINVAL;
 518                         goto out;
 519                 }
 520                 memcpy(key, template[i].key, template[i].klen);
 521
 522                 ret = crypto_aead_setkey(tfm, key, template[i].klen);
 523                 if (!ret == template[i].fail) {
 524                         pr_err("alg: aead%s: setkey failed on test %d for %s: flags=%x\n",
 525                                d, j, algo, crypto_aead_get_flags(tfm));
 526                         goto out;
 527                 } else if (ret)
 528                         continue;
 529
 530                 authsize = abs(template[i].rlen - template[i].ilen);
 531                 ret = crypto_aead_setauthsize(tfm, authsize);
 532                 if (ret) {
 533                         pr_err("alg: aead%s: Failed to set authsize to %u on test %d for %s\n",
 534                                d, authsize, j, algo);
 535                         goto out;
 536                 }
 537
 538                 k = !!template[i].alen;
 539                 sg_init_table(sg, k + 1);
 540                 sg_set_buf(&sg[0], assoc, template[i].alen);
 541                 sg_set_buf(&sg[k], input,
 542                            template[i].ilen + (enc ? authsize : 0));
 543                 output = input;
 544
 545                 if (diff_dst) {
 546                         sg_init_table(sgout, k + 1);
 547                         sg_set_buf(&sgout[0], assoc, template[i].alen);
 548
 549                         output = xoutbuf[0];
 550                         output += align_offset;
 551                         sg_set_buf(&sgout[k], output,
 552                                    template[i].rlen + (enc ? 0 : authsize));
 553                 }
 554
 555                 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
 556                                        template[i].ilen, iv);
 557
 558                 aead_request_set_ad(req, template[i].alen);
 559
 560                 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
 561
 562                 switch (ret) {
 563                 case 0:
 564                         if (template[i].novrfy) {
 565                                 /* verification was supposed to fail */
 566                                 pr_err("alg: aead%s: %s failed on test %d for %s: ret was 0, expected -EBADMSG\n",
 567                                        d, e, j, algo);
 568                                 /* so really, we got a bad message */
 569                                 ret = -EBADMSG;
 570                                 goto out;
 571                         }
 572                         break;
 573                 case -EINPROGRESS:
 574                 case -EBUSY:
 575                         wait_for_completion(&result.completion);
 576                         reinit_completion(&result.completion);
 577                         ret = result.err;
 578                         if (!ret)
 579                                 break;
 580                 case -EBADMSG:
 581                         if (template[i].novrfy)
 582                                 /* verification failure was expected */
 583                                 continue;
 584                         /* fall through */
 585                 default:
 586                         pr_err("alg: aead%s: %s failed on test %d for %s: ret=%d\n",
 587                                d, e, j, algo, -ret);
 588                         goto out;
 589                 }
 590
 591                 q = output;
 592                 if (memcmp(q, template[i].result, template[i].rlen)) {
 593                         pr_err("alg: aead%s: Test %d failed on %s for %s\n",
 594                                d, j, e, algo);
 595                         hexdump(q, template[i].rlen);
 596                         ret = -EINVAL;
 597                         goto out;
 598                 }
 599         }
 600
 601         for (i = 0, j = 0; i < tcount; i++) {
 602                 /* alignment tests are only done with continuous buffers */
 603                 if (align_offset != 0)
 604                         break;
 605
 606                 if (!template[i].np)
 607                         continue;
 608
 609                 j++;
 610
 611                 if (template[i].iv)
 612                         memcpy(iv, template[i].iv, MAX_IVLEN);
 613                 else
 614                         memset(iv, 0, MAX_IVLEN);
 615
 616                 crypto_aead_clear_flags(tfm, ~0);
 617                 if (template[i].wk)
 618                         crypto_aead_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
 619                 if (template[i].klen > MAX_KEYLEN) {
 620                         pr_err("alg: aead%s: setkey failed on test %d for %s: key size %d > %d\n",
 621                                d, j, algo, template[i].klen, MAX_KEYLEN);
 622                         ret = -EINVAL;
 623                         goto out;
 624                 }
 625                 memcpy(key, template[i].key, template[i].klen);
 626
 627                 ret = crypto_aead_setkey(tfm, key, template[i].klen);
 628                 if (!ret == template[i].fail) {
 629                         pr_err("alg: aead%s: setkey failed on chunk test %d for %s: flags=%x\n",
 630                                d, j, algo, crypto_aead_get_flags(tfm));
 631                         goto out;
 632                 } else if (ret)
 633                         continue;
 634
 635                 authsize = abs(template[i].rlen - template[i].ilen);
 636
 637                 ret = -EINVAL;
 638                 sg_init_table(sg, template[i].anp + template[i].np);
 639                 if (diff_dst)
 640                         sg_init_table(sgout, template[i].anp + template[i].np);
 641
 642                 ret = -EINVAL;
 643                 for (k = 0, temp = 0; k < template[i].anp; k++) {
 644                         if (WARN_ON(offset_in_page(IDX[k]) +
 645                                     template[i].atap[k] > PAGE_SIZE))
 646                                 goto out;
 647                         sg_set_buf(&sg[k],
 648                                    memcpy(axbuf[IDX[k] >> PAGE_SHIFT] +
 649                                           offset_in_page(IDX[k]),
 650                                           template[i].assoc + temp,
 651                                           template[i].atap[k]),
 652                                    template[i].atap[k]);
 653                         if (diff_dst)
 654                                 sg_set_buf(&sgout[k],
 655                                            axbuf[IDX[k] >> PAGE_SHIFT] +
 656                                            offset_in_page(IDX[k]),
 657                                            template[i].atap[k]);
 658                         temp += template[i].atap[k];
 659                 }
 660
 661                 for (k = 0, temp = 0; k < template[i].np; k++) {
 662                         if (WARN_ON(offset_in_page(IDX[k]) +
 663                                     template[i].tap[k] > PAGE_SIZE))
 664                                 goto out;
 665
 666                         q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
 667                         memcpy(q, template[i].input + temp, template[i].tap[k]);
 668                         sg_set_buf(&sg[template[i].anp + k],
 669                                    q, template[i].tap[k]);
 670
 671                         if (diff_dst) {
 672                                 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
 673                                     offset_in_page(IDX[k]);
 674
 675                                 memset(q, 0, template[i].tap[k]);
 676
 677                                 sg_set_buf(&sgout[template[i].anp + k],
 678                                            q, template[i].tap[k]);
 679                         }
 680
 681                         n = template[i].tap[k];
 682                         if (k == template[i].np - 1 && enc)
 683                                 n += authsize;
 684                         if (offset_in_page(q) + n < PAGE_SIZE)
 685                                 q[n] = 0;
 686
 687                         temp += template[i].tap[k];
 688                 }
 689
 690                 ret = crypto_aead_setauthsize(tfm, authsize);
 691                 if (ret) {
 692                         pr_err("alg: aead%s: Failed to set authsize to %u on chunk test %d for %s\n",
 693                                d, authsize, j, algo);
 694                         goto out;
 695                 }
 696
 697                 if (enc) {
 698                         if (WARN_ON(sg[template[i].anp + k - 1].offset +
 699                                     sg[template[i].anp + k - 1].length +
 700                                     authsize > PAGE_SIZE)) {
 701                                 ret = -EINVAL;
 702                                 goto out;
 703                         }
 704
 705                         if (diff_dst)
 706                                 sgout[template[i].anp + k - 1].length +=
 707                                         authsize;
 708                         sg[template[i].anp + k - 1].length += authsize;
 709                 }
 710
 711                 aead_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
 712                                        template[i].ilen,
 713                                        iv);
 714
 715                 aead_request_set_ad(req, template[i].alen);
 716
 717                 ret = enc ? crypto_aead_encrypt(req) : crypto_aead_decrypt(req);
 718
 719                 switch (ret) {
 720                 case 0:
 721                         if (template[i].novrfy) {
 722                                 /* verification was supposed to fail */
 723                                 pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret was 0, expected -EBADMSG\n",
 724                                        d, e, j, algo);
 725                                 /* so really, we got a bad message */
 726                                 ret = -EBADMSG;
 727                                 goto out;
 728                         }
 729                         break;
 730                 case -EINPROGRESS:
 731                 case -EBUSY:
 732                         wait_for_completion(&result.completion);
 733                         reinit_completion(&result.completion);
 734                         ret = result.err;
 735                         if (!ret)
 736                                 break;
 737                 case -EBADMSG:
 738                         if (template[i].novrfy)
 739                                 /* verification failure was expected */
 740                                 continue;
 741                         /* fall through */
 742                 default:
 743                         pr_err("alg: aead%s: %s failed on chunk test %d for %s: ret=%d\n",
 744                                d, e, j, algo, -ret);
 745                         goto out;
 746                 }
 747
 748                 ret = -EINVAL;
 749                 for (k = 0, temp = 0; k < template[i].np; k++) {
 750                         if (diff_dst)
 751                                 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
 752                                     offset_in_page(IDX[k]);
 753                         else
 754                                 q = xbuf[IDX[k] >> PAGE_SHIFT] +
 755                                     offset_in_page(IDX[k]);
 756
 757                         n = template[i].tap[k];
 758                         if (k == template[i].np - 1)
 759                                 n += enc ? authsize : -authsize;
 760
 761                         if (memcmp(q, template[i].result + temp, n)) {
 762                                 pr_err("alg: aead%s: Chunk test %d failed on %s at page %u for %s\n",
 763                                        d, j, e, k, algo);
 764                                 hexdump(q, n);
 765                                 goto out;
 766                         }
 767
 768                         q += n;
 769                         if (k == template[i].np - 1 && !enc) {
 770                                 if (!diff_dst &&
 771                                         memcmp(q, template[i].input +
 772                                               temp + n, authsize))
 773                                         n = authsize;
 774                                 else
 775                                         n = 0;
 776                         } else {
 777                                 for (n = 0; offset_in_page(q + n) && q[n]; n++)
 778                                         ;
 779                         }
 780                         if (n) {
 781                                 pr_err("alg: aead%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
 782                                        d, j, e, k, algo, n);
 783                                 hexdump(q, n);
 784                                 goto out;
 785                         }
 786
 787                         temp += template[i].tap[k];
 788                 }
 789         }
 790
 791         ret = 0;
 792
 793 out:
 794         aead_request_free(req);
 795         kfree(sg);
 796 out_nosg:
 797         if (diff_dst)
 798                 testmgr_free_buf(xoutbuf);
 799 out_nooutbuf:
 800         testmgr_free_buf(axbuf);
 801 out_noaxbuf:
 802         testmgr_free_buf(xbuf);
 803 out_noxbuf:
 804         kfree(key);
 805         kfree(iv);
 806         return ret;
 807 }
 808
 809 static int test_aead(struct crypto_aead *tfm, int enc,
 810                      struct aead_testvec *template, unsigned int tcount)
 811 {
 812         unsigned int alignmask;
 813         int ret;
 814
 815         /* test 'dst == src' case */
 816         ret = __test_aead(tfm, enc, template, tcount, false, 0);
 817         if (ret)
 818                 return ret;
 819
 820         /* test 'dst != src' case */
 821         ret = __test_aead(tfm, enc, template, tcount, true, 0);
 822         if (ret)
 823                 return ret;
 824
 825         /* test unaligned buffers, check with one byte offset */
 826         ret = __test_aead(tfm, enc, template, tcount, true, 1);
 827         if (ret)
 828                 return ret;
 829
 830         alignmask = crypto_tfm_alg_alignmask(&tfm->base);
 831         if (alignmask) {
 832                 /* Check if alignment mask for tfm is correctly set. */
 833                 ret = __test_aead(tfm, enc, template, tcount, true,
 834                                   alignmask + 1);
 835                 if (ret)
 836                         return ret;
 837         }
 838
 839         return 0;
 840 }
 841
 842 static int test_cipher(struct crypto_cipher *tfm, int enc,
 843                        struct cipher_testvec *template, unsigned int tcount)
 844 {
 845         const char *algo = crypto_tfm_alg_driver_name(crypto_cipher_tfm(tfm));
 846         unsigned int i, j, k;
 847         char *q;
 848         const char *e;
 849         void *data;
 850         char *xbuf[XBUFSIZE];
 851         int ret = -ENOMEM;
 852
 853         if (testmgr_alloc_buf(xbuf))
 854                 goto out_nobuf;
 855
 856         if (enc == ENCRYPT)
 857                 e = "encryption";
 858         else
 859                 e = "decryption";
 860
 861         j = 0;
 862         for (i = 0; i < tcount; i++) {
 863                 if (template[i].np)
 864                         continue;
 865
 866                 j++;
 867
 868                 ret = -EINVAL;
 869                 if (WARN_ON(template[i].ilen > PAGE_SIZE))
 870                         goto out;
 871
 872                 data = xbuf[0];
 873                 memcpy(data, template[i].input, template[i].ilen);
 874
 875                 crypto_cipher_clear_flags(tfm, ~0);
 876                 if (template[i].wk)
 877                         crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
 878
 879                 ret = crypto_cipher_setkey(tfm, template[i].key,
 880                                            template[i].klen);
 881                 if (!ret == template[i].fail) {
 882                         printk(KERN_ERR "alg: cipher: setkey failed "
 883                                "on test %d for %s: flags=%x\n", j,
 884                                algo, crypto_cipher_get_flags(tfm));
 885                         goto out;
 886                 } else if (ret)
 887                         continue;
 888
 889                 for (k = 0; k < template[i].ilen;
 890                      k += crypto_cipher_blocksize(tfm)) {
 891                         if (enc)
 892                                 crypto_cipher_encrypt_one(tfm, data + k,
 893                                                           data + k);
 894                         else
 895                                 crypto_cipher_decrypt_one(tfm, data + k,
 896                                                           data + k);
 897                 }
 898
 899                 q = data;
 900                 if (memcmp(q, template[i].result, template[i].rlen)) {
 901                         printk(KERN_ERR "alg: cipher: Test %d failed "
 902                                "on %s for %s\n", j, e, algo);
 903                         hexdump(q, template[i].rlen);
 904                         ret = -EINVAL;
 905                         goto out;
 906                 }
 907         }
 908
 909         ret = 0;
 910
 911 out:
 912         testmgr_free_buf(xbuf);
 913 out_nobuf:
 914         return ret;
 915 }
 916
 917 static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
 918                            struct cipher_testvec *template, unsigned int tcount,
 919                            const bool diff_dst, const int align_offset)
 920 {
 921         const char *algo =
 922                 crypto_tfm_alg_driver_name(crypto_skcipher_tfm(tfm));
 923         unsigned int i, j, k, n, temp;
 924         char *q;
 925         struct skcipher_request *req;
 926         struct scatterlist sg[8];
 927         struct scatterlist sgout[8];
 928         const char *e, *d;
 929         struct tcrypt_result result;
 930         void *data;
 931         char iv[MAX_IVLEN];
 932         char *xbuf[XBUFSIZE];
 933         char *xoutbuf[XBUFSIZE];
 934         int ret = -ENOMEM;
 935         unsigned int ivsize = crypto_skcipher_ivsize(tfm);
 936
 937         if (testmgr_alloc_buf(xbuf))
 938                 goto out_nobuf;
 939
 940         if (diff_dst && testmgr_alloc_buf(xoutbuf))
 941                 goto out_nooutbuf;
 942
 943         if (diff_dst)
 944                 d = "-ddst";
 945         else
 946                 d = "";
 947
 948         if (enc == ENCRYPT)
 949                 e = "encryption";
 950         else
 951                 e = "decryption";
 952
 953         init_completion(&result.completion);
 954
 955         req = skcipher_request_alloc(tfm, GFP_KERNEL);
 956         if (!req) {
 957                 pr_err("alg: skcipher%s: Failed to allocate request for %s\n",
 958                        d, algo);
 959                 goto out;
 960         }
 961
 962         skcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
 963                                       tcrypt_complete, &result);
 964
 965         j = 0;
 966         for (i = 0; i < tcount; i++) {
 967                 if (template[i].np && !template[i].also_non_np)
 968                         continue;
 969
 970                 if (template[i].iv)
 971                         memcpy(iv, template[i].iv, ivsize);
 972                 else
 973                         memset(iv, 0, MAX_IVLEN);
 974
 975                 j++;
 976                 ret = -EINVAL;
 977                 if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
 978                         goto out;
 979
 980                 data = xbuf[0];
 981                 data += align_offset;
 982                 memcpy(data, template[i].input, template[i].ilen);
 983
 984                 crypto_skcipher_clear_flags(tfm, ~0);
 985                 if (template[i].wk)
 986                         crypto_skcipher_set_flags(tfm,
 987                                                   CRYPTO_TFM_REQ_WEAK_KEY);
 988
 989                 ret = crypto_skcipher_setkey(tfm, template[i].key,
 990                                              template[i].klen);
 991                 if (!ret == template[i].fail) {
 992                         pr_err("alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
 993                                d, j, algo, crypto_skcipher_get_flags(tfm));
 994                         goto out;
 995                 } else if (ret)
 996                         continue;
 997
 998                 sg_init_one(&sg[0], data, template[i].ilen);
 999                 if (diff_dst) {
1000                         data = xoutbuf[0];
1001                         data += align_offset;
1002                         sg_init_one(&sgout[0], data, template[i].ilen);
1003                 }
1004
1005                 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1006                                            template[i].ilen, iv);
1007                 ret = enc ? crypto_skcipher_encrypt(req) :
1008                             crypto_skcipher_decrypt(req);
1009
1010                 switch (ret) {
1011                 case 0:
1012                         break;
1013                 case -EINPROGRESS:
1014                 case -EBUSY:
1015                         wait_for_completion(&result.completion);
1016                         reinit_completion(&result.completion);
1017                         ret = result.err;
1018                         if (!ret)
1019                                 break;
1020                         /* fall through */
1021                 default:
1022                         pr_err("alg: skcipher%s: %s failed on test %d for %s: ret=%d\n",
1023                                d, e, j, algo, -ret);
1024                         goto out;
1025                 }
1026
1027                 q = data;
1028                 if (memcmp(q, template[i].result, template[i].rlen)) {
1029                         pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
1030                                d, j, e, algo);
1031                         hexdump(q, template[i].rlen);
1032                         ret = -EINVAL;
1033                         goto out;
1034                 }
1035
1036                 if (template[i].iv_out &&
1037                     memcmp(iv, template[i].iv_out,
1038                            crypto_skcipher_ivsize(tfm))) {
1039                         pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n",
1040                                d, j, e, algo);
1041                         hexdump(iv, crypto_skcipher_ivsize(tfm));
1042                         ret = -EINVAL;
1043                         goto out;
1044                 }
1045         }
1046
1047         j = 0;
1048         for (i = 0; i < tcount; i++) {
1049                 /* alignment tests are only done with continuous buffers */
1050                 if (align_offset != 0)
1051                         break;
1052
1053                 if (!template[i].np)
1054                         continue;
1055
1056                 if (template[i].iv)
1057                         memcpy(iv, template[i].iv, ivsize);
1058                 else
1059                         memset(iv, 0, MAX_IVLEN);
1060
1061                 j++;
1062                 crypto_skcipher_clear_flags(tfm, ~0);
1063                 if (template[i].wk)
1064                         crypto_skcipher_set_flags(tfm,
1065                                                   CRYPTO_TFM_REQ_WEAK_KEY);
1066
1067                 ret = crypto_skcipher_setkey(tfm, template[i].key,
1068                                              template[i].klen);
1069                 if (!ret == template[i].fail) {
1070                         pr_err("alg: skcipher%s: setkey failed on chunk test %d for %s: flags=%x\n",
1071                                d, j, algo, crypto_skcipher_get_flags(tfm));
1072                         goto out;
1073                 } else if (ret)
1074                         continue;
1075
1076                 temp = 0;
1077                 ret = -EINVAL;
1078                 sg_init_table(sg, template[i].np);
1079                 if (diff_dst)
1080                         sg_init_table(sgout, template[i].np);
1081                 for (k = 0; k < template[i].np; k++) {
1082                         if (WARN_ON(offset_in_page(IDX[k]) +
1083                                     template[i].tap[k] > PAGE_SIZE))
1084                                 goto out;
1085
1086                         q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]);
1087
1088                         memcpy(q, template[i].input + temp, template[i].tap[k]);
1089
1090                         if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE)
1091                                 q[template[i].tap[k]] = 0;
1092
1093                         sg_set_buf(&sg[k], q, template[i].tap[k]);
1094                         if (diff_dst) {
1095                                 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1096                                     offset_in_page(IDX[k]);
1097
1098                                 sg_set_buf(&sgout[k], q, template[i].tap[k]);
1099
1100                                 memset(q, 0, template[i].tap[k]);
1101                                 if (offset_in_page(q) +
1102                                     template[i].tap[k] < PAGE_SIZE)
1103                                         q[template[i].tap[k]] = 0;
1104                         }
1105
1106                         temp += template[i].tap[k];
1107                 }
1108
1109                 skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg,
1110                                            template[i].ilen, iv);
1111
1112                 ret = enc ? crypto_skcipher_encrypt(req) :
1113                             crypto_skcipher_decrypt(req);
1114
1115                 switch (ret) {
1116                 case 0:
1117                         break;
1118                 case -EINPROGRESS:
1119                 case -EBUSY:
1120                         wait_for_completion(&result.completion);
1121                         reinit_completion(&result.completion);
1122                         ret = result.err;
1123                         if (!ret)
1124                                 break;
1125                         /* fall through */
1126                 default:
1127                         pr_err("alg: skcipher%s: %s failed on chunk test %d for %s: ret=%d\n",
1128                                d, e, j, algo, -ret);
1129                         goto out;
1130                 }
1131
1132                 temp = 0;
1133                 ret = -EINVAL;
1134                 for (k = 0; k < template[i].np; k++) {
1135                         if (diff_dst)
1136                                 q = xoutbuf[IDX[k] >> PAGE_SHIFT] +
1137                                     offset_in_page(IDX[k]);
1138                         else
1139                                 q = xbuf[IDX[k] >> PAGE_SHIFT] +
1140                                     offset_in_page(IDX[k]);
1141
1142                         if (memcmp(q, template[i].result + temp,
1143                                    template[i].tap[k])) {
1144                                 pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
1145                                        d, j, e, k, algo);
1146                                 hexdump(q, template[i].tap[k]);
1147                                 goto out;
1148                         }
1149
1150                         q += template[i].tap[k];
1151                         for (n = 0; offset_in_page(q + n) && q[n]; n++)
1152                                 ;
1153                         if (n) {
1154                                 pr_err("alg: skcipher%s: Result buffer corruption in chunk test %d on %s at page %u for %s: %u bytes:\n",
1155                                        d, j, e, k, algo, n);
1156                                 hexdump(q, n);
1157                                 goto out;
1158                         }
1159                         temp += template[i].tap[k];
1160                 }
1161         }
1162
1163         ret = 0;
1164
1165 out:
1166         skcipher_request_free(req);
1167         if (diff_dst)
1168                 testmgr_free_buf(xoutbuf);
1169 out_nooutbuf:
1170         testmgr_free_buf(xbuf);
1171 out_nobuf:
1172         return ret;
1173 }
1174
1175 static int test_skcipher(struct crypto_skcipher *tfm, int enc,
1176                          struct cipher_testvec *template, unsigned int tcount)
1177 {
1178         unsigned int alignmask;
1179         int ret;
1180
1181         /* test 'dst == src' case */
1182         ret = __test_skcipher(tfm, enc, template, tcount, false, 0);
1183         if (ret)
1184                 return ret;
1185
1186         /* test 'dst != src' case */
1187         ret = __test_skcipher(tfm, enc, template, tcount, true, 0);
1188         if (ret)
1189                 return ret;
1190
1191         /* test unaligned buffers, check with one byte offset */
1192         ret = __test_skcipher(tfm, enc, template, tcount, true, 1);
1193         if (ret)
1194                 return ret;
1195
1196         alignmask = crypto_tfm_alg_alignmask(&tfm->base);
1197         if (alignmask) {
1198                 /* Check if alignment mask for tfm is correctly set. */
1199                 ret = __test_skcipher(tfm, enc, template, tcount, true,
1200                                       alignmask + 1);
1201                 if (ret)
1202                         return ret;
1203         }
1204
1205         return 0;
1206 }
1207
1208 static int test_comp(struct crypto_comp *tfm, struct comp_testvec *ctemplate,
1209                      struct comp_testvec *dtemplate, int ctcount, int dtcount)
1210 {
1211         const char *algo = crypto_tfm_alg_driver_name(crypto_comp_tfm(tfm));
1212         unsigned int i;
1213         char result[COMP_BUF_SIZE];
1214         int ret;
1215
1216         for (i = 0; i < ctcount; i++) {
1217                 int ilen;
1218                 unsigned int dlen = COMP_BUF_SIZE;
1219
1220                 memset(result, 0, sizeof (result));
1221
1222                 ilen = ctemplate[i].inlen;
1223                 ret = crypto_comp_compress(tfm, ctemplate[i].input,
1224                                            ilen, result, &dlen);
1225                 if (ret) {
1226                         printk(KERN_ERR "alg: comp: compression failed "
1227                                "on test %d for %s: ret=%d\n", i + 1, algo,
1228                                -ret);
1229                         goto out;
1230                 }
1231
1232                 if (dlen != ctemplate[i].outlen) {
1233                         printk(KERN_ERR "alg: comp: Compression test %d "
1234                                "failed for %s: output len = %d\n", i + 1, algo,
1235                                dlen);
1236                         ret = -EINVAL;
1237                         goto out;
1238                 }
1239
1240                 if (memcmp(result, ctemplate[i].output, dlen)) {
1241                         printk(KERN_ERR "alg: comp: Compression test %d "
1242                                "failed for %s\n", i + 1, algo);
1243                         hexdump(result, dlen);
1244                         ret = -EINVAL;
1245                         goto out;
1246                 }
1247         }
1248
1249         for (i = 0; i < dtcount; i++) {
1250                 int ilen;
1251                 unsigned int dlen = COMP_BUF_SIZE;
1252
1253                 memset(result, 0, sizeof (result));
1254
1255                 ilen = dtemplate[i].inlen;
1256                 ret = crypto_comp_decompress(tfm, dtemplate[i].input,
1257                                              ilen, result, &dlen);
1258                 if (ret) {
1259                         printk(KERN_ERR "alg: comp: decompression failed "
1260                                "on test %d for %s: ret=%d\n", i + 1, algo,
1261                                -ret);
1262                         goto out;
1263                 }
1264
1265                 if (dlen != dtemplate[i].outlen) {
1266                         printk(KERN_ERR "alg: comp: Decompression test %d "
1267                                "failed for %s: output len = %d\n", i + 1, algo,
1268                                dlen);
1269                         ret = -EINVAL;
1270                         goto out;
1271                 }
1272
1273                 if (memcmp(result, dtemplate[i].output, dlen)) {
1274                         printk(KERN_ERR "alg: comp: Decompression test %d "
1275                                "failed for %s\n", i + 1, algo);
1276                         hexdump(result, dlen);
1277                         ret = -EINVAL;
1278                         goto out;
1279                 }
1280         }
1281
1282         ret = 0;
1283
1284 out:
1285         return ret;
1286 }
1287
1288 static int test_cprng(struct crypto_rng *tfm, struct cprng_testvec *template,
1289                       unsigned int tcount)
1290 {
1291         const char *algo = crypto_tfm_alg_driver_name(crypto_rng_tfm(tfm));
1292         int err = 0, i, j, seedsize;
1293         u8 *seed;
1294         char result[32];
1295
1296         seedsize = crypto_rng_seedsize(tfm);
1297
1298         seed = kmalloc(seedsize, GFP_KERNEL);
1299         if (!seed) {
1300                 printk(KERN_ERR "alg: cprng: Failed to allocate seed space "
1301                        "for %s\n", algo);
1302                 return -ENOMEM;
1303         }
1304
1305         for (i = 0; i < tcount; i++) {
1306                 memset(result, 0, 32);
1307
1308                 memcpy(seed, template[i].v, template[i].vlen);
1309                 memcpy(seed + template[i].vlen, template[i].key,
1310                        template[i].klen);
1311                 memcpy(seed + template[i].vlen + template[i].klen,
1312                        template[i].dt, template[i].dtlen);
1313
1314                 err = crypto_rng_reset(tfm, seed, seedsize);
1315                 if (err) {
1316                         printk(KERN_ERR "alg: cprng: Failed to reset rng "
1317                                "for %s\n", algo);
1318                         goto out;
1319                 }
1320
1321                 for (j = 0; j < template[i].loops; j++) {
1322                         err = crypto_rng_get_bytes(tfm, result,
1323                                                    template[i].rlen);
1324                         if (err < 0) {
1325                                 printk(KERN_ERR "alg: cprng: Failed to obtain "
1326                                        "the correct amount of random data for "
1327                                        "%s (requested %d)\n", algo,
1328                                        template[i].rlen);
1329                                 goto out;
1330                         }
1331                 }
1332
1333                 err = memcmp(result, template[i].result,
1334                              template[i].rlen);
1335                 if (err) {
1336                         printk(KERN_ERR "alg: cprng: Test %d failed for %s\n",
1337                                i, algo);
1338                         hexdump(result, template[i].rlen);
1339                         err = -EINVAL;
1340                         goto out;
1341                 }
1342         }
1343
1344 out:
1345         kfree(seed);
1346         return err;
1347 }
1348
1349 static int alg_test_aead(const struct alg_test_desc *desc, const char *driver,
1350                          u32 type, u32 mask)
1351 {
1352         struct crypto_aead *tfm;
1353         int err = 0;
1354
1355         tfm = crypto_alloc_aead(driver, type | CRYPTO_ALG_INTERNAL, mask);
1356         if (IS_ERR(tfm)) {
1357                 printk(KERN_ERR "alg: aead: Failed to load transform for %s: "
1358                        "%ld\n", driver, PTR_ERR(tfm));
1359                 return PTR_ERR(tfm);
1360         }
1361
1362         if (desc->suite.aead.enc.vecs) {
1363                 err = test_aead(tfm, ENCRYPT, desc->suite.aead.enc.vecs,
1364                                 desc->suite.aead.enc.count);
1365                 if (err)
1366                         goto out;
1367         }
1368
1369         if (!err && desc->suite.aead.dec.vecs)
1370                 err = test_aead(tfm, DECRYPT, desc->suite.aead.dec.vecs,
1371                                 desc->suite.aead.dec.count);
1372
1373 out:
1374         crypto_free_aead(tfm);
1375         return err;
1376 }
1377
1378 static int alg_test_cipher(const struct alg_test_desc *desc,
1379                            const char *driver, u32 type, u32 mask)
1380 {
1381         struct crypto_cipher *tfm;
1382         int err = 0;
1383
1384         tfm = crypto_alloc_cipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1385         if (IS_ERR(tfm)) {
1386                 printk(KERN_ERR "alg: cipher: Failed to load transform for "
1387                        "%s: %ld\n", driver, PTR_ERR(tfm));
1388                 return PTR_ERR(tfm);
1389         }
1390
1391         if (desc->suite.cipher.enc.vecs) {
1392                 err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1393                                   desc->suite.cipher.enc.count);
1394                 if (err)
1395                         goto out;
1396         }
1397
1398         if (desc->suite.cipher.dec.vecs)
1399                 err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1400                                   desc->suite.cipher.dec.count);
1401
1402 out:
1403         crypto_free_cipher(tfm);
1404         return err;
1405 }
1406
1407 static int alg_test_skcipher(const struct alg_test_desc *desc,
1408                              const char *driver, u32 type, u32 mask)
1409 {
1410         struct crypto_skcipher *tfm;
1411         int err = 0;
1412
1413         tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1414         if (IS_ERR(tfm)) {
1415                 printk(KERN_ERR "alg: skcipher: Failed to load transform for "
1416                        "%s: %ld\n", driver, PTR_ERR(tfm));
1417                 return PTR_ERR(tfm);
1418         }
1419
1420         if (desc->suite.cipher.enc.vecs) {
1421                 err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
1422                                     desc->suite.cipher.enc.count);
1423                 if (err)
1424                         goto out;
1425         }
1426
1427         if (desc->suite.cipher.dec.vecs)
1428                 err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
1429                                     desc->suite.cipher.dec.count);
1430
1431 out:
1432         crypto_free_skcipher(tfm);
1433         return err;
1434 }
1435
1436 static int alg_test_comp(const struct alg_test_desc *desc, const char *driver,
1437                          u32 type, u32 mask)
1438 {
1439         struct crypto_comp *tfm;
1440         int err;
1441
1442         tfm = crypto_alloc_comp(driver, type, mask);
1443         if (IS_ERR(tfm)) {
1444                 printk(KERN_ERR "alg: comp: Failed to load transform for %s: "
1445                        "%ld\n", driver, PTR_ERR(tfm));
1446                 return PTR_ERR(tfm);
1447         }
1448
1449         err = test_comp(tfm, desc->suite.comp.comp.vecs,
1450                         desc->suite.comp.decomp.vecs,
1451                         desc->suite.comp.comp.count,
1452                         desc->suite.comp.decomp.count);
1453
1454         crypto_free_comp(tfm);
1455         return err;
1456 }
1457
1458 static int alg_test_hash(const struct alg_test_desc *desc, const char *driver,
1459                          u32 type, u32 mask)
1460 {
1461         struct crypto_ahash *tfm;
1462         int err;
1463
1464         tfm = crypto_alloc_ahash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1465         if (IS_ERR(tfm)) {
1466                 printk(KERN_ERR "alg: hash: Failed to load transform for %s: "
1467                        "%ld\n", driver, PTR_ERR(tfm));
1468                 return PTR_ERR(tfm);
1469         }
1470
1471         err = test_hash(tfm, desc->suite.hash.vecs,
1472                         desc->suite.hash.count, true);
1473         if (!err)
1474                 err = test_hash(tfm, desc->suite.hash.vecs,
1475                                 desc->suite.hash.count, false);
1476
1477         crypto_free_ahash(tfm);
1478         return err;
1479 }
1480
1481 static int alg_test_crc32c(const struct alg_test_desc *desc,
1482                            const char *driver, u32 type, u32 mask)
1483 {
1484         struct crypto_shash *tfm;
1485         u32 val;
1486         int err;
1487
1488         err = alg_test_hash(desc, driver, type, mask);
1489         if (err)
1490                 goto out;
1491
1492         tfm = crypto_alloc_shash(driver, type | CRYPTO_ALG_INTERNAL, mask);
1493         if (IS_ERR(tfm)) {
1494                 printk(KERN_ERR "alg: crc32c: Failed to load transform for %s: "
1495                        "%ld\n", driver, PTR_ERR(tfm));
1496                 err = PTR_ERR(tfm);
1497                 goto out;
1498         }
1499
1500         do {
1501                 SHASH_DESC_ON_STACK(shash, tfm);
1502                 u32 *ctx = (u32 *)shash_desc_ctx(shash);
1503
1504                 shash->tfm = tfm;
1505                 shash->flags = 0;
1506
1507                 *ctx = le32_to_cpu(420553207);
1508                 err = crypto_shash_final(shash, (u8 *)&val);
1509                 if (err) {
1510                         printk(KERN_ERR "alg: crc32c: Operation failed for "
1511                                "%s: %d\n", driver, err);
1512                         break;
1513                 }
1514
1515                 if (val != ~420553207) {
1516                         printk(KERN_ERR "alg: crc32c: Test failed for %s: "
1517                                "%d\n", driver, val);
1518                         err = -EINVAL;
1519                 }
1520         } while (0);
1521
1522         crypto_free_shash(tfm);
1523
1524 out:
1525         return err;
1526 }
1527
1528 static int alg_test_cprng(const struct alg_test_desc *desc, const char *driver,
1529                           u32 type, u32 mask)
1530 {
1531         struct crypto_rng *rng;
1532         int err;
1533
1534         rng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1535         if (IS_ERR(rng)) {
1536                 printk(KERN_ERR "alg: cprng: Failed to load transform for %s: "
1537                        "%ld\n", driver, PTR_ERR(rng));
1538                 return PTR_ERR(rng);
1539         }
1540
1541         err = test_cprng(rng, desc->suite.cprng.vecs, desc->suite.cprng.count);
1542
1543         crypto_free_rng(rng);
1544
1545         return err;
1546 }
1547
1548
1549 static int drbg_cavs_test(struct drbg_testvec *test, int pr,
1550                           const char *driver, u32 type, u32 mask)
1551 {
1552         int ret = -EAGAIN;
1553         struct crypto_rng *drng;
1554         struct drbg_test_data test_data;
1555         struct drbg_string addtl, pers, testentropy;
1556         unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
1557
1558         if (!buf)
1559                 return -ENOMEM;
1560
1561         drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
1562         if (IS_ERR(drng)) {
1563                 printk(KERN_ERR "alg: drbg: could not allocate DRNG handle for "
1564                        "%s\n", driver);
1565                 kzfree(buf);
1566                 return -ENOMEM;
1567         }
1568
1569         test_data.testentropy = &testentropy;
1570         drbg_string_fill(&testentropy, test->entropy, test->entropylen);
1571         drbg_string_fill(&pers, test->pers, test->perslen);
1572         ret = crypto_drbg_reset_test(drng, &pers, &test_data);
1573         if (ret) {
1574                 printk(KERN_ERR "alg: drbg: Failed to reset rng\n");
1575                 goto outbuf;
1576         }
1577
1578         drbg_string_fill(&addtl, test->addtla, test->addtllen);
1579         if (pr) {
1580                 drbg_string_fill(&testentropy, test->entpra, test->entprlen);
1581                 ret = crypto_drbg_get_bytes_addtl_test(drng,
1582                         buf, test->expectedlen, &addtl, &test_data);
1583         } else {
1584                 ret = crypto_drbg_get_bytes_addtl(drng,
1585                         buf, test->expectedlen, &addtl);
1586         }
1587         if (ret < 0) {
1588                 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1589                        "driver %s\n", driver);
1590                 goto outbuf;
1591         }
1592
1593         drbg_string_fill(&addtl, test->addtlb, test->addtllen);
1594         if (pr) {
1595                 drbg_string_fill(&testentropy, test->entprb, test->entprlen);
1596                 ret = crypto_drbg_get_bytes_addtl_test(drng,
1597                         buf, test->expectedlen, &addtl, &test_data);
1598         } else {
1599                 ret = crypto_drbg_get_bytes_addtl(drng,
1600                         buf, test->expectedlen, &addtl);
1601         }
1602         if (ret < 0) {
1603                 printk(KERN_ERR "alg: drbg: could not obtain random data for "
1604                        "driver %s\n", driver);
1605                 goto outbuf;
1606         }
1607
1608         ret = memcmp(test->expected, buf, test->expectedlen);
1609
1610 outbuf:
1611         crypto_free_rng(drng);
1612         kzfree(buf);
1613         return ret;
1614 }
1615
1616
1617 static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
1618                          u32 type, u32 mask)
1619 {
1620         int err = 0;
1621         int pr = 0;
1622         int i = 0;
1623         struct drbg_testvec *template = desc->suite.drbg.vecs;
1624         unsigned int tcount = desc->suite.drbg.count;
1625
1626         if (0 == memcmp(driver, "drbg_pr_", 8))
1627                 pr = 1;
1628
1629         for (i = 0; i < tcount; i++) {
1630                 err = drbg_cavs_test(&template[i], pr, driver, type, mask);
1631                 if (err) {
1632                         printk(KERN_ERR "alg: drbg: Test %d failed for %s\n",
1633                                i, driver);
1634                         err = -EINVAL;
1635                         break;
1636                 }
1637         }
1638         return err;
1639
1640 }
1641
1642 static int do_test_rsa(struct crypto_akcipher *tfm,
1643                        struct akcipher_testvec *vecs)
1644 {
1645         struct akcipher_request *req;
1646         void *outbuf_enc = NULL;
1647         void *outbuf_dec = NULL;
1648         struct tcrypt_result result;
1649         unsigned int out_len_max, out_len = 0;
1650         int err = -ENOMEM;
1651         struct scatterlist src, dst, src_tab[2];
1652
1653         req = akcipher_request_alloc(tfm, GFP_KERNEL);
1654         if (!req)
1655                 return err;
1656
1657         init_completion(&result.completion);
1658
1659         if (vecs->public_key_vec)
1660                 err = crypto_akcipher_set_pub_key(tfm, vecs->key,
1661                                                   vecs->key_len);
1662         else
1663                 err = crypto_akcipher_set_priv_key(tfm, vecs->key,
1664                                                    vecs->key_len);
1665         if (err)
1666                 goto free_req;
1667
1668         out_len_max = crypto_akcipher_maxsize(tfm);
1669         outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
1670         if (!outbuf_enc)
1671                 goto free_req;
1672
1673         sg_init_table(src_tab, 2);
1674         sg_set_buf(&src_tab[0], vecs->m, 8);
1675         sg_set_buf(&src_tab[1], vecs->m + 8, vecs->m_size - 8);
1676         sg_init_one(&dst, outbuf_enc, out_len_max);
1677         akcipher_request_set_crypt(req, src_tab, &dst, vecs->m_size,
1678                                    out_len_max);
1679         akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
1680                                       tcrypt_complete, &result);
1681
1682         /* Run RSA encrypt - c = m^e mod n;*/
1683         err = wait_async_op(&result, crypto_akcipher_encrypt(req));
1684         if (err) {
1685                 pr_err("alg: rsa: encrypt test failed. err %d\n", err);
1686                 goto free_all;
1687         }
1688         if (req->dst_len != vecs->c_size) {
1689                 pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
1690                 err = -EINVAL;
1691                 goto free_all;
1692         }
1693         /* verify that encrypted message is equal to expected */
1694         if (memcmp(vecs->c, sg_virt(req->dst), vecs->c_size)) {
1695                 pr_err("alg: rsa: encrypt test failed. Invalid output\n");
1696                 err = -EINVAL;
1697                 goto free_all;
1698         }
1699         /* Don't invoke decrypt for vectors with public key */
1700         if (vecs->public_key_vec) {
1701                 err = 0;
1702                 goto free_all;
1703         }
1704         outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
1705         if (!outbuf_dec) {
1706                 err = -ENOMEM;
1707                 goto free_all;
1708         }
1709         sg_init_one(&src, vecs->c, vecs->c_size);
1710         sg_init_one(&dst, outbuf_dec, out_len_max);
1711         init_completion(&result.completion);
1712         akcipher_request_set_crypt(req, &src, &dst, vecs->c_size, out_len_max);
1713
1714         /* Run RSA decrypt - m = c^d mod n;*/
1715         err = wait_async_op(&result, crypto_akcipher_decrypt(req));
1716         if (err) {
1717                 pr_err("alg: rsa: decrypt test failed. err %d\n", err);
1718                 goto free_all;
1719         }
1720         out_len = req->dst_len;
1721         if (out_len != vecs->m_size) {
1722                 pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
1723                 err = -EINVAL;
1724                 goto free_all;
1725         }
1726         /* verify that decrypted message is equal to the original msg */
1727         if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
1728                 pr_err("alg: rsa: decrypt test failed. Invalid output\n");
1729                 err = -EINVAL;
1730         }
1731 free_all:
1732         kfree(outbuf_dec);
1733         kfree(outbuf_enc);
1734 free_req:
1735         akcipher_request_free(req);
1736         return err;
1737 }
1738
1739 static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs,
1740                     unsigned int tcount)
1741 {
1742         int ret, i;
1743
1744         for (i = 0; i < tcount; i++) {
1745                 ret = do_test_rsa(tfm, vecs++);
1746                 if (ret) {
1747                         pr_err("alg: rsa: test failed on vector %d, err=%d\n",
1748                                i + 1, ret);
1749                         return ret;
1750                 }
1751         }
1752         return 0;
1753 }
1754
1755 static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
1756                          struct akcipher_testvec *vecs, unsigned int tcount)
1757 {
1758         if (strncmp(alg, "rsa", 3) == 0)
1759                 return test_rsa(tfm, vecs, tcount);
1760
1761         return 0;
1762 }
1763
1764 static int alg_test_akcipher(const struct alg_test_desc *desc,
1765                              const char *driver, u32 type, u32 mask)
1766 {
1767         struct crypto_akcipher *tfm;
1768         int err = 0;
1769
1770         tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
1771         if (IS_ERR(tfm)) {
1772                 pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
1773                        driver, PTR_ERR(tfm));
1774                 return PTR_ERR(tfm);
1775         }
1776         if (desc->suite.akcipher.vecs)
1777                 err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
1778                                     desc->suite.akcipher.count);
1779
1780         crypto_free_akcipher(tfm);
1781         return err;
1782 }
1783
1784 static int alg_test_null(const struct alg_test_desc *desc,
1785                              const char *driver, u32 type, u32 mask)
1786 {
1787         return 0;
1788 }
1789
1790 /* Please keep this list sorted by algorithm name. */
1791 static const struct alg_test_desc alg_test_descs[] = {
1792         {
1793                 .alg = "__cbc-cast5-avx",
1794                 .test = alg_test_null,
1795         }, {
1796                 .alg = "__cbc-cast6-avx",
1797                 .test = alg_test_null,
1798         }, {
1799                 .alg = "__cbc-serpent-avx",
1800                 .test = alg_test_null,
1801         }, {
1802                 .alg = "__cbc-serpent-avx2",
1803                 .test = alg_test_null,
1804         }, {
1805                 .alg = "__cbc-serpent-sse2",
1806                 .test = alg_test_null,
1807         }, {
1808                 .alg = "__cbc-twofish-avx",
1809                 .test = alg_test_null,
1810         }, {
1811                 .alg = "__driver-cbc-aes-aesni",
1812                 .test = alg_test_null,
1813                 .fips_allowed = 1,
1814         }, {
1815                 .alg = "__driver-cbc-camellia-aesni",
1816                 .test = alg_test_null,
1817         }, {
1818                 .alg = "__driver-cbc-camellia-aesni-avx2",
1819                 .test = alg_test_null,
1820         }, {
1821                 .alg = "__driver-cbc-cast5-avx",
1822                 .test = alg_test_null,
1823         }, {
1824                 .alg = "__driver-cbc-cast6-avx",
1825                 .test = alg_test_null,
1826         }, {
1827                 .alg = "__driver-cbc-serpent-avx",
1828                 .test = alg_test_null,
1829         }, {
1830                 .alg = "__driver-cbc-serpent-avx2",
1831                 .test = alg_test_null,
1832         }, {
1833                 .alg = "__driver-cbc-serpent-sse2",
1834                 .test = alg_test_null,
1835         }, {
1836                 .alg = "__driver-cbc-twofish-avx",
1837                 .test = alg_test_null,
1838         }, {
1839                 .alg = "__driver-ecb-aes-aesni",
1840                 .test = alg_test_null,
1841                 .fips_allowed = 1,
1842         }, {
1843                 .alg = "__driver-ecb-camellia-aesni",
1844                 .test = alg_test_null,
1845         }, {
1846                 .alg = "__driver-ecb-camellia-aesni-avx2",
1847                 .test = alg_test_null,
1848         }, {
1849                 .alg = "__driver-ecb-cast5-avx",
1850                 .test = alg_test_null,
1851         }, {
1852                 .alg = "__driver-ecb-cast6-avx",
1853                 .test = alg_test_null,
1854         }, {
1855                 .alg = "__driver-ecb-serpent-avx",
1856                 .test = alg_test_null,
1857         }, {
1858                 .alg = "__driver-ecb-serpent-avx2",
1859                 .test = alg_test_null,
1860         }, {
1861                 .alg = "__driver-ecb-serpent-sse2",
1862                 .test = alg_test_null,
1863         }, {
1864                 .alg = "__driver-ecb-twofish-avx",
1865                 .test = alg_test_null,
1866         }, {
1867                 .alg = "__driver-gcm-aes-aesni",
1868                 .test = alg_test_null,
1869                 .fips_allowed = 1,
1870         }, {
1871                 .alg = "__ghash-pclmulqdqni",
1872                 .test = alg_test_null,
1873                 .fips_allowed = 1,
1874         }, {
1875                 .alg = "ansi_cprng",
1876                 .test = alg_test_cprng,
1877                 .suite = {
1878                         .cprng = {
1879                                 .vecs = ansi_cprng_aes_tv_template,
1880                                 .count = ANSI_CPRNG_AES_TEST_VECTORS
1881                         }
1882                 }
1883         }, {
1884                 .alg = "authenc(hmac(md5),ecb(cipher_null))",
1885                 .test = alg_test_aead,
1886                 .suite = {
1887                         .aead = {
1888                                 .enc = {
1889                                         .vecs = hmac_md5_ecb_cipher_null_enc_tv_template,
1890                                         .count = HMAC_MD5_ECB_CIPHER_NULL_ENC_TEST_VECTORS
1891                                 },
1892                                 .dec = {
1893                                         .vecs = hmac_md5_ecb_cipher_null_dec_tv_template,
1894                                         .count = HMAC_MD5_ECB_CIPHER_NULL_DEC_TEST_VECTORS
1895                                 }
1896                         }
1897                 }
1898         }, {
1899                 .alg = "authenc(hmac(sha1),cbc(aes))",
1900                 .test = alg_test_aead,
1901                 .suite = {
1902                         .aead = {
1903                                 .enc = {
1904                                         .vecs =
1905                                         hmac_sha1_aes_cbc_enc_tv_temp,
1906                                         .count =
1907                                         HMAC_SHA1_AES_CBC_ENC_TEST_VEC
1908                                 }
1909                         }
1910                 }
1911         }, {
1912                 .alg = "authenc(hmac(sha1),cbc(des))",
1913                 .test = alg_test_aead,
1914                 .suite = {
1915                         .aead = {
1916                                 .enc = {
1917                                         .vecs =
1918                                         hmac_sha1_des_cbc_enc_tv_temp,
1919                                         .count =
1920                                         HMAC_SHA1_DES_CBC_ENC_TEST_VEC
1921                                 }
1922                         }
1923                 }
1924         }, {
1925                 .alg = "authenc(hmac(sha1),cbc(des3_ede))",
1926                 .test = alg_test_aead,
1927                 .suite = {
1928                         .aead = {
1929                                 .enc = {
1930                                         .vecs =
1931                                         hmac_sha1_des3_ede_cbc_enc_tv_temp,
1932                                         .count =
1933                                         HMAC_SHA1_DES3_EDE_CBC_ENC_TEST_VEC
1934                                 }
1935                         }
1936                 }
1937         }, {
1938                 .alg = "authenc(hmac(sha1),ecb(cipher_null))",
1939                 .test = alg_test_aead,
1940                 .suite = {
1941                         .aead = {
1942                                 .enc = {
1943                                         .vecs =
1944                                         hmac_sha1_ecb_cipher_null_enc_tv_temp,
1945                                         .count =
1946                                         HMAC_SHA1_ECB_CIPHER_NULL_ENC_TEST_VEC
1947                                 },
1948                                 .dec = {
1949                                         .vecs =
1950                                         hmac_sha1_ecb_cipher_null_dec_tv_temp,
1951                                         .count =
1952                                         HMAC_SHA1_ECB_CIPHER_NULL_DEC_TEST_VEC
1953                                 }
1954                         }
1955                 }
1956         }, {
1957                 .alg = "authenc(hmac(sha224),cbc(des))",
1958                 .test = alg_test_aead,
1959                 .suite = {
1960                         .aead = {
1961                                 .enc = {
1962                                         .vecs =
1963                                         hmac_sha224_des_cbc_enc_tv_temp,
1964                                         .count =
1965                                         HMAC_SHA224_DES_CBC_ENC_TEST_VEC
1966                                 }
1967                         }
1968                 }
1969         }, {
1970                 .alg = "authenc(hmac(sha224),cbc(des3_ede))",
1971                 .test = alg_test_aead,
1972                 .suite = {
1973                         .aead = {
1974                                 .enc = {
1975                                         .vecs =
1976                                         hmac_sha224_des3_ede_cbc_enc_tv_temp,
1977                                         .count =
1978                                         HMAC_SHA224_DES3_EDE_CBC_ENC_TEST_VEC
1979                                 }
1980                         }
1981                 }
1982         }, {
1983                 .alg = "authenc(hmac(sha256),cbc(aes))",
1984                 .test = alg_test_aead,
1985                 .suite = {
1986                         .aead = {
1987                                 .enc = {
1988                                         .vecs =
1989                                         hmac_sha256_aes_cbc_enc_tv_temp,
1990                                         .count =
1991                                         HMAC_SHA256_AES_CBC_ENC_TEST_VEC
1992                                 }
1993                         }
1994                 }
1995         }, {
1996                 .alg = "authenc(hmac(sha256),cbc(des))",
1997                 .test = alg_test_aead,
1998                 .suite = {
1999                         .aead = {
2000                                 .enc = {
2001                                         .vecs =
2002                                         hmac_sha256_des_cbc_enc_tv_temp,
2003                                         .count =
2004                                         HMAC_SHA256_DES_CBC_ENC_TEST_VEC
2005                                 }
2006                         }
2007                 }
2008         }, {
2009                 .alg = "authenc(hmac(sha256),cbc(des3_ede))",
2010                 .test = alg_test_aead,
2011                 .suite = {
2012                         .aead = {
2013                                 .enc = {
2014                                         .vecs =
2015                                         hmac_sha256_des3_ede_cbc_enc_tv_temp,
2016                                         .count =
2017                                         HMAC_SHA256_DES3_EDE_CBC_ENC_TEST_VEC
2018                                 }
2019                         }
2020                 }
2021         }, {
2022                 .alg = "authenc(hmac(sha384),cbc(des))",
2023                 .test = alg_test_aead,
2024                 .suite = {
2025                         .aead = {
2026                                 .enc = {
2027                                         .vecs =
2028                                         hmac_sha384_des_cbc_enc_tv_temp,
2029                                         .count =
2030                                         HMAC_SHA384_DES_CBC_ENC_TEST_VEC
2031                                 }
2032                         }
2033                 }
2034         }, {
2035                 .alg = "authenc(hmac(sha384),cbc(des3_ede))",
2036                 .test = alg_test_aead,
2037                 .suite = {
2038                         .aead = {
2039                                 .enc = {
2040                                         .vecs =
2041                                         hmac_sha384_des3_ede_cbc_enc_tv_temp,
2042                                         .count =
2043                                         HMAC_SHA384_DES3_EDE_CBC_ENC_TEST_VEC
2044                                 }
2045                         }
2046                 }
2047         }, {
2048                 .alg = "authenc(hmac(sha512),cbc(aes))",
2049                 .test = alg_test_aead,
2050                 .suite = {
2051                         .aead = {
2052                                 .enc = {
2053                                         .vecs =
2054                                         hmac_sha512_aes_cbc_enc_tv_temp,
2055                                         .count =
2056                                         HMAC_SHA512_AES_CBC_ENC_TEST_VEC
2057                                 }
2058                         }
2059                 }
2060         }, {
2061                 .alg = "authenc(hmac(sha512),cbc(des))",
2062                 .test = alg_test_aead,
2063                 .suite = {
2064                         .aead = {
2065                                 .enc = {
2066                                         .vecs =
2067                                         hmac_sha512_des_cbc_enc_tv_temp,
2068                                         .count =
2069                                         HMAC_SHA512_DES_CBC_ENC_TEST_VEC
2070                                 }
2071                         }
2072                 }
2073         }, {
2074                 .alg = "authenc(hmac(sha512),cbc(des3_ede))",
2075                 .test = alg_test_aead,
2076                 .suite = {
2077                         .aead = {
2078                                 .enc = {
2079                                         .vecs =
2080                                         hmac_sha512_des3_ede_cbc_enc_tv_temp,
2081                                         .count =
2082                                         HMAC_SHA512_DES3_EDE_CBC_ENC_TEST_VEC
2083                                 }
2084                         }
2085                 }
2086         }, {
2087                 .alg = "cbc(aes)",
2088                 .test = alg_test_skcipher,
2089                 .fips_allowed = 1,
2090                 .suite = {
2091                         .cipher = {
2092                                 .enc = {
2093                                         .vecs = aes_cbc_enc_tv_template,
2094                                         .count = AES_CBC_ENC_TEST_VECTORS
2095                                 },
2096                                 .dec = {
2097                                         .vecs = aes_cbc_dec_tv_template,
2098                                         .count = AES_CBC_DEC_TEST_VECTORS
2099                                 }
2100                         }
2101                 }
2102         }, {
2103                 .alg = "cbc(anubis)",
2104                 .test = alg_test_skcipher,
2105                 .suite = {
2106                         .cipher = {
2107                                 .enc = {
2108                                         .vecs = anubis_cbc_enc_tv_template,
2109                                         .count = ANUBIS_CBC_ENC_TEST_VECTORS
2110                                 },
2111                                 .dec = {
2112                                         .vecs = anubis_cbc_dec_tv_template,
2113                                         .count = ANUBIS_CBC_DEC_TEST_VECTORS
2114                                 }
2115                         }
2116                 }
2117         }, {
2118                 .alg = "cbc(blowfish)",
2119                 .test = alg_test_skcipher,
2120                 .suite = {
2121                         .cipher = {
2122                                 .enc = {
2123                                         .vecs = bf_cbc_enc_tv_template,
2124                                         .count = BF_CBC_ENC_TEST_VECTORS
2125                                 },
2126                                 .dec = {
2127                                         .vecs = bf_cbc_dec_tv_template,
2128                                         .count = BF_CBC_DEC_TEST_VECTORS
2129                                 }
2130                         }
2131                 }
2132         }, {
2133                 .alg = "cbc(camellia)",
2134                 .test = alg_test_skcipher,
2135                 .suite = {
2136                         .cipher = {
2137                                 .enc = {
2138                                         .vecs = camellia_cbc_enc_tv_template,
2139                                         .count = CAMELLIA_CBC_ENC_TEST_VECTORS
2140                                 },
2141                                 .dec = {
2142                                         .vecs = camellia_cbc_dec_tv_template,
2143                                         .count = CAMELLIA_CBC_DEC_TEST_VECTORS
2144                                 }
2145                         }
2146                 }
2147         }, {
2148                 .alg = "cbc(cast5)",
2149                 .test = alg_test_skcipher,
2150                 .suite = {
2151                         .cipher = {
2152                                 .enc = {
2153                                         .vecs = cast5_cbc_enc_tv_template,
2154                                         .count = CAST5_CBC_ENC_TEST_VECTORS
2155                                 },
2156                                 .dec = {
2157                                         .vecs = cast5_cbc_dec_tv_template,
2158                                         .count = CAST5_CBC_DEC_TEST_VECTORS
2159                                 }
2160                         }
2161                 }
2162         }, {
2163                 .alg = "cbc(cast6)",
2164                 .test = alg_test_skcipher,
2165                 .suite = {
2166                         .cipher = {
2167                                 .enc = {
2168                                         .vecs = cast6_cbc_enc_tv_template,
2169                                         .count = CAST6_CBC_ENC_TEST_VECTORS
2170                                 },
2171                                 .dec = {
2172                                         .vecs = cast6_cbc_dec_tv_template,
2173                                         .count = CAST6_CBC_DEC_TEST_VECTORS
2174                                 }
2175                         }
2176                 }
2177         }, {
2178                 .alg = "cbc(des)",
2179                 .test = alg_test_skcipher,
2180                 .suite = {
2181                         .cipher = {
2182                                 .enc = {
2183                                         .vecs = des_cbc_enc_tv_template,
2184                                         .count = DES_CBC_ENC_TEST_VECTORS
2185                                 },
2186                                 .dec = {
2187                                         .vecs = des_cbc_dec_tv_template,
2188                                         .count = DES_CBC_DEC_TEST_VECTORS
2189                                 }
2190                         }
2191                 }
2192         }, {
2193                 .alg = "cbc(des3_ede)",
2194                 .test = alg_test_skcipher,
2195                 .fips_allowed = 1,
2196                 .suite = {
2197                         .cipher = {
2198                                 .enc = {
2199                                         .vecs = des3_ede_cbc_enc_tv_template,
2200                                         .count = DES3_EDE_CBC_ENC_TEST_VECTORS
2201                                 },
2202                                 .dec = {
2203                                         .vecs = des3_ede_cbc_dec_tv_template,
2204                                         .count = DES3_EDE_CBC_DEC_TEST_VECTORS
2205                                 }
2206                         }
2207                 }
2208         }, {
2209                 .alg = "cbc(serpent)",
2210                 .test = alg_test_skcipher,
2211                 .suite = {
2212                         .cipher = {
2213                                 .enc = {
2214                                         .vecs = serpent_cbc_enc_tv_template,
2215                                         .count = SERPENT_CBC_ENC_TEST_VECTORS
2216                                 },
2217                                 .dec = {
2218                                         .vecs = serpent_cbc_dec_tv_template,
2219                                         .count = SERPENT_CBC_DEC_TEST_VECTORS
2220                                 }
2221                         }
2222                 }
2223         }, {
2224                 .alg = "cbc(twofish)",
2225                 .test = alg_test_skcipher,
2226                 .suite = {
2227                         .cipher = {
2228                                 .enc = {
2229                                         .vecs = tf_cbc_enc_tv_template,
2230                                         .count = TF_CBC_ENC_TEST_VECTORS
2231                                 },
2232                                 .dec = {
2233                                         .vecs = tf_cbc_dec_tv_template,
2234                                         .count = TF_CBC_DEC_TEST_VECTORS
2235                                 }
2236                         }
2237                 }
2238         }, {
2239                 .alg = "ccm(aes)",
2240                 .test = alg_test_aead,
2241                 .fips_allowed = 1,
2242                 .suite = {
2243                         .aead = {
2244                                 .enc = {
2245                                         .vecs = aes_ccm_enc_tv_template,
2246                                         .count = AES_CCM_ENC_TEST_VECTORS
2247                                 },
2248                                 .dec = {
2249                                         .vecs = aes_ccm_dec_tv_template,
2250                                         .count = AES_CCM_DEC_TEST_VECTORS
2251                                 }
2252                         }
2253                 }
2254         }, {
2255                 .alg = "chacha20",
2256                 .test = alg_test_skcipher,
2257                 .suite = {
2258                         .cipher = {
2259                                 .enc = {
2260                                         .vecs = chacha20_enc_tv_template,
2261                                         .count = CHACHA20_ENC_TEST_VECTORS
2262                                 },
2263                                 .dec = {
2264                                         .vecs = chacha20_enc_tv_template,
2265                                         .count = CHACHA20_ENC_TEST_VECTORS
2266                                 },
2267                         }
2268                 }
2269         }, {
2270                 .alg = "cmac(aes)",
2271                 .fips_allowed = 1,
2272                 .test = alg_test_hash,
2273                 .suite = {
2274                         .hash = {
2275                                 .vecs = aes_cmac128_tv_template,
2276                                 .count = CMAC_AES_TEST_VECTORS
2277                         }
2278                 }
2279         }, {
2280                 .alg = "cmac(des3_ede)",
2281                 .fips_allowed = 1,
2282                 .test = alg_test_hash,
2283                 .suite = {
2284                         .hash = {
2285                                 .vecs = des3_ede_cmac64_tv_template,
2286                                 .count = CMAC_DES3_EDE_TEST_VECTORS
2287                         }
2288                 }
2289         }, {
2290                 .alg = "compress_null",
2291                 .test = alg_test_null,
2292         }, {
2293                 .alg = "crc32",
2294                 .test = alg_test_hash,
2295                 .suite = {
2296                         .hash = {
2297                                 .vecs = crc32_tv_template,
2298                                 .count = CRC32_TEST_VECTORS
2299                         }
2300                 }
2301         }, {
2302                 .alg = "crc32c",
2303                 .test = alg_test_crc32c,
2304                 .fips_allowed = 1,
2305                 .suite = {
2306                         .hash = {
2307                                 .vecs = crc32c_tv_template,
2308                                 .count = CRC32C_TEST_VECTORS
2309                         }
2310                 }
2311         }, {
2312                 .alg = "crct10dif",
2313                 .test = alg_test_hash,
2314                 .fips_allowed = 1,
2315                 .suite = {
2316                         .hash = {
2317                                 .vecs = crct10dif_tv_template,
2318                                 .count = CRCT10DIF_TEST_VECTORS
2319                         }
2320                 }
2321         }, {
2322                 .alg = "cryptd(__driver-cbc-aes-aesni)",
2323                 .test = alg_test_null,
2324                 .fips_allowed = 1,
2325         }, {
2326                 .alg = "cryptd(__driver-cbc-camellia-aesni)",
2327                 .test = alg_test_null,
2328         }, {
2329                 .alg = "cryptd(__driver-cbc-camellia-aesni-avx2)",
2330                 .test = alg_test_null,
2331         }, {
2332                 .alg = "cryptd(__driver-cbc-serpent-avx2)",
2333                 .test = alg_test_null,
2334         }, {
2335                 .alg = "cryptd(__driver-ecb-aes-aesni)",
2336                 .test = alg_test_null,
2337                 .fips_allowed = 1,
2338         }, {
2339                 .alg = "cryptd(__driver-ecb-camellia-aesni)",
2340                 .test = alg_test_null,
2341         }, {
2342                 .alg = "cryptd(__driver-ecb-camellia-aesni-avx2)",
2343                 .test = alg_test_null,
2344         }, {
2345                 .alg = "cryptd(__driver-ecb-cast5-avx)",
2346                 .test = alg_test_null,
2347         }, {
2348                 .alg = "cryptd(__driver-ecb-cast6-avx)",
2349                 .test = alg_test_null,
2350         }, {
2351                 .alg = "cryptd(__driver-ecb-serpent-avx)",
2352                 .test = alg_test_null,
2353         }, {
2354                 .alg = "cryptd(__driver-ecb-serpent-avx2)",
2355                 .test = alg_test_null,
2356         }, {
2357                 .alg = "cryptd(__driver-ecb-serpent-sse2)",
2358                 .test = alg_test_null,
2359         }, {
2360                 .alg = "cryptd(__driver-ecb-twofish-avx)",
2361                 .test = alg_test_null,
2362         }, {
2363                 .alg = "cryptd(__driver-gcm-aes-aesni)",
2364                 .test = alg_test_null,
2365                 .fips_allowed = 1,
2366         }, {
2367                 .alg = "cryptd(__ghash-pclmulqdqni)",
2368                 .test = alg_test_null,
2369                 .fips_allowed = 1,
2370         }, {
2371                 .alg = "ctr(aes)",
2372                 .test = alg_test_skcipher,
2373                 .fips_allowed = 1,
2374                 .suite = {
2375                         .cipher = {
2376                                 .enc = {
2377                                         .vecs = aes_ctr_enc_tv_template,
2378                                         .count = AES_CTR_ENC_TEST_VECTORS
2379                                 },
2380                                 .dec = {
2381                                         .vecs = aes_ctr_dec_tv_template,
2382                                         .count = AES_CTR_DEC_TEST_VECTORS
2383                                 }
2384                         }
2385                 }
2386         }, {
2387                 .alg = "ctr(blowfish)",
2388                 .test = alg_test_skcipher,
2389                 .suite = {
2390                         .cipher = {
2391                                 .enc = {
2392                                         .vecs = bf_ctr_enc_tv_template,
2393                                         .count = BF_CTR_ENC_TEST_VECTORS
2394                                 },
2395                                 .dec = {
2396                                         .vecs = bf_ctr_dec_tv_template,
2397                                         .count = BF_CTR_DEC_TEST_VECTORS
2398                                 }
2399                         }
2400                 }
2401         }, {
2402                 .alg = "ctr(camellia)",
2403                 .test = alg_test_skcipher,
2404                 .suite = {
2405                         .cipher = {
2406                                 .enc = {
2407                                         .vecs = camellia_ctr_enc_tv_template,
2408                                         .count = CAMELLIA_CTR_ENC_TEST_VECTORS
2409                                 },
2410                                 .dec = {
2411                                         .vecs = camellia_ctr_dec_tv_template,
2412                                         .count = CAMELLIA_CTR_DEC_TEST_VECTORS
2413                                 }
2414                         }
2415                 }
2416         }, {
2417                 .alg = "ctr(cast5)",
2418                 .test = alg_test_skcipher,
2419                 .suite = {
2420                         .cipher = {
2421                                 .enc = {
2422                                         .vecs = cast5_ctr_enc_tv_template,
2423                                         .count = CAST5_CTR_ENC_TEST_VECTORS
2424                                 },
2425                                 .dec = {
2426                                         .vecs = cast5_ctr_dec_tv_template,
2427                                         .count = CAST5_CTR_DEC_TEST_VECTORS
2428                                 }
2429                         }
2430                 }
2431         }, {
2432                 .alg = "ctr(cast6)",
2433                 .test = alg_test_skcipher,
2434                 .suite = {
2435                         .cipher = {
2436                                 .enc = {
2437                                         .vecs = cast6_ctr_enc_tv_template,
2438                                         .count = CAST6_CTR_ENC_TEST_VECTORS
2439                                 },
2440                                 .dec = {
2441                                         .vecs = cast6_ctr_dec_tv_template,
2442                                         .count = CAST6_CTR_DEC_TEST_VECTORS
2443                                 }
2444                         }
2445                 }
2446         }, {
2447                 .alg = "ctr(des)",
2448                 .test = alg_test_skcipher,
2449                 .suite = {
2450                         .cipher = {
2451                                 .enc = {
2452                                         .vecs = des_ctr_enc_tv_template,
2453                                         .count = DES_CTR_ENC_TEST_VECTORS
2454                                 },
2455                                 .dec = {
2456                                         .vecs = des_ctr_dec_tv_template,
2457                                         .count = DES_CTR_DEC_TEST_VECTORS
2458                                 }
2459                         }
2460                 }
2461         }, {
2462                 .alg = "ctr(des3_ede)",
2463                 .test = alg_test_skcipher,
2464                 .suite = {
2465                         .cipher = {
2466                                 .enc = {
2467                                         .vecs = des3_ede_ctr_enc_tv_template,
2468                                         .count = DES3_EDE_CTR_ENC_TEST_VECTORS
2469                                 },
2470                                 .dec = {
2471                                         .vecs = des3_ede_ctr_dec_tv_template,
2472                                         .count = DES3_EDE_CTR_DEC_TEST_VECTORS
2473                                 }
2474                         }
2475                 }
2476         }, {
2477                 .alg = "ctr(serpent)",
2478                 .test = alg_test_skcipher,
2479                 .suite = {
2480                         .cipher = {
2481                                 .enc = {
2482                                         .vecs = serpent_ctr_enc_tv_template,
2483                                         .count = SERPENT_CTR_ENC_TEST_VECTORS
2484                                 },
2485                                 .dec = {
2486                                         .vecs = serpent_ctr_dec_tv_template,
2487                                         .count = SERPENT_CTR_DEC_TEST_VECTORS
2488                                 }
2489                         }
2490                 }
2491         }, {
2492                 .alg = "ctr(twofish)",
2493                 .test = alg_test_skcipher,
2494                 .suite = {
2495                         .cipher = {
2496                                 .enc = {
2497                                         .vecs = tf_ctr_enc_tv_template,
2498                                         .count = TF_CTR_ENC_TEST_VECTORS
2499                                 },
2500                                 .dec = {
2501                                         .vecs = tf_ctr_dec_tv_template,
2502                                         .count = TF_CTR_DEC_TEST_VECTORS
2503                                 }
2504                         }
2505                 }
2506         }, {
2507                 .alg = "cts(cbc(aes))",
2508                 .test = alg_test_skcipher,
2509                 .suite = {
2510                         .cipher = {
2511                                 .enc = {
2512                                         .vecs = cts_mode_enc_tv_template,
2513                                         .count = CTS_MODE_ENC_TEST_VECTORS
2514                                 },
2515                                 .dec = {
2516                                         .vecs = cts_mode_dec_tv_template,
2517                                         .count = CTS_MODE_DEC_TEST_VECTORS
2518                                 }
2519                         }
2520                 }
2521         }, {
2522                 .alg = "deflate",
2523                 .test = alg_test_comp,
2524                 .fips_allowed = 1,
2525                 .suite = {
2526                         .comp = {
2527                                 .comp = {
2528                                         .vecs = deflate_comp_tv_template,
2529                                         .count = DEFLATE_COMP_TEST_VECTORS
2530                                 },
2531                                 .decomp = {
2532                                         .vecs = deflate_decomp_tv_template,
2533                                         .count = DEFLATE_DECOMP_TEST_VECTORS
2534                                 }
2535                         }
2536                 }
2537         }, {
2538                 .alg = "digest_null",
2539                 .test = alg_test_null,
2540         }, {
2541                 .alg = "drbg_nopr_ctr_aes128",
2542                 .test = alg_test_drbg,
2543                 .fips_allowed = 1,
2544                 .suite = {
2545                         .drbg = {
2546                                 .vecs = drbg_nopr_ctr_aes128_tv_template,
2547                                 .count = ARRAY_SIZE(drbg_nopr_ctr_aes128_tv_template)
2548                         }
2549                 }
2550         }, {
2551                 .alg = "drbg_nopr_ctr_aes192",
2552                 .test = alg_test_drbg,
2553                 .fips_allowed = 1,
2554                 .suite = {
2555                         .drbg = {
2556                                 .vecs = drbg_nopr_ctr_aes192_tv_template,
2557                                 .count = ARRAY_SIZE(drbg_nopr_ctr_aes192_tv_template)
2558                         }
2559                 }
2560         }, {
2561                 .alg = "drbg_nopr_ctr_aes256",
2562                 .test = alg_test_drbg,
2563                 .fips_allowed = 1,
2564                 .suite = {
2565                         .drbg = {
2566                                 .vecs = drbg_nopr_ctr_aes256_tv_template,
2567                                 .count = ARRAY_SIZE(drbg_nopr_ctr_aes256_tv_template)
2568                         }
2569                 }
2570         }, {
2571                 /*
2572                  * There is no need to specifically test the DRBG with every
2573                  * backend cipher -- covered by drbg_nopr_hmac_sha256 test
2574                  */
2575                 .alg = "drbg_nopr_hmac_sha1",
2576                 .fips_allowed = 1,
2577                 .test = alg_test_null,
2578         }, {
2579                 .alg = "drbg_nopr_hmac_sha256",
2580                 .test = alg_test_drbg,
2581                 .fips_allowed = 1,
2582                 .suite = {
2583                         .drbg = {
2584                                 .vecs = drbg_nopr_hmac_sha256_tv_template,
2585                                 .count =
2586                                 ARRAY_SIZE(drbg_nopr_hmac_sha256_tv_template)
2587                         }
2588                 }
2589         }, {
2590                 /* covered by drbg_nopr_hmac_sha256 test */
2591                 .alg = "drbg_nopr_hmac_sha384",
2592                 .fips_allowed = 1,
2593                 .test = alg_test_null,
2594         }, {
2595                 .alg = "drbg_nopr_hmac_sha512",
2596                 .test = alg_test_null,
2597                 .fips_allowed = 1,
2598         }, {
2599                 .alg = "drbg_nopr_sha1",
2600                 .fips_allowed = 1,
2601                 .test = alg_test_null,
2602         }, {
2603                 .alg = "drbg_nopr_sha256",
2604                 .test = alg_test_drbg,
2605                 .fips_allowed = 1,
2606                 .suite = {
2607                         .drbg = {
2608                                 .vecs = drbg_nopr_sha256_tv_template,
2609                                 .count = ARRAY_SIZE(drbg_nopr_sha256_tv_template)
2610                         }
2611                 }
2612         }, {
2613                 /* covered by drbg_nopr_sha256 test */
2614                 .alg = "drbg_nopr_sha384",
2615                 .fips_allowed = 1,
2616                 .test = alg_test_null,
2617         }, {
2618                 .alg = "drbg_nopr_sha512",
2619                 .fips_allowed = 1,
2620                 .test = alg_test_null,
2621         }, {
2622                 .alg = "drbg_pr_ctr_aes128",
2623                 .test = alg_test_drbg,
2624                 .fips_allowed = 1,
2625                 .suite = {
2626                         .drbg = {
2627                                 .vecs = drbg_pr_ctr_aes128_tv_template,
2628                                 .count = ARRAY_SIZE(drbg_pr_ctr_aes128_tv_template)
2629                         }
2630                 }
2631         }, {
2632                 /* covered by drbg_pr_ctr_aes128 test */
2633                 .alg = "drbg_pr_ctr_aes192",
2634                 .fips_allowed = 1,
2635                 .test = alg_test_null,
2636         }, {
2637                 .alg = "drbg_pr_ctr_aes256",
2638                 .fips_allowed = 1,
2639                 .test = alg_test_null,
2640         }, {
2641                 .alg = "drbg_pr_hmac_sha1",
2642                 .fips_allowed = 1,
2643                 .test = alg_test_null,
2644         }, {
2645                 .alg = "drbg_pr_hmac_sha256",
2646                 .test = alg_test_drbg,
2647                 .fips_allowed = 1,
2648                 .suite = {
2649                         .drbg = {
2650                                 .vecs = drbg_pr_hmac_sha256_tv_template,
2651                                 .count = ARRAY_SIZE(drbg_pr_hmac_sha256_tv_template)
2652                         }
2653                 }
2654         }, {
2655                 /* covered by drbg_pr_hmac_sha256 test */
2656                 .alg = "drbg_pr_hmac_sha384",
2657                 .fips_allowed = 1,
2658                 .test = alg_test_null,
2659         }, {
2660                 .alg = "drbg_pr_hmac_sha512",
2661                 .test = alg_test_null,
2662                 .fips_allowed = 1,
2663         }, {
2664                 .alg = "drbg_pr_sha1",
2665                 .fips_allowed = 1,
2666                 .test = alg_test_null,
2667         }, {
2668                 .alg = "drbg_pr_sha256",
2669                 .test = alg_test_drbg,
2670                 .fips_allowed = 1,
2671                 .suite = {
2672                         .drbg = {
2673                                 .vecs = drbg_pr_sha256_tv_template,
2674                                 .count = ARRAY_SIZE(drbg_pr_sha256_tv_template)
2675                         }
2676                 }
2677         }, {
2678                 /* covered by drbg_pr_sha256 test */
2679                 .alg = "drbg_pr_sha384",
2680                 .fips_allowed = 1,
2681                 .test = alg_test_null,
2682         }, {
2683                 .alg = "drbg_pr_sha512",
2684                 .fips_allowed = 1,
2685                 .test = alg_test_null,
2686         }, {
2687                 .alg = "ecb(__aes-aesni)",
2688                 .test = alg_test_null,
2689                 .fips_allowed = 1,
2690         }, {
2691                 .alg = "ecb(aes)",
2692                 .test = alg_test_skcipher,
2693                 .fips_allowed = 1,
2694                 .suite = {
2695                         .cipher = {
2696                                 .enc = {
2697                                         .vecs = aes_enc_tv_template,
2698                                         .count = AES_ENC_TEST_VECTORS
2699                                 },
2700                                 .dec = {
2701                                         .vecs = aes_dec_tv_template,
2702                                         .count = AES_DEC_TEST_VECTORS
2703                                 }
2704                         }
2705                 }
2706         }, {
2707                 .alg = "ecb(anubis)",
2708                 .test = alg_test_skcipher,
2709                 .suite = {
2710                         .cipher = {
2711                                 .enc = {
2712                                         .vecs = anubis_enc_tv_template,
2713                                         .count = ANUBIS_ENC_TEST_VECTORS
2714                                 },
2715                                 .dec = {
2716                                         .vecs = anubis_dec_tv_template,
2717                                         .count = ANUBIS_DEC_TEST_VECTORS
2718                                 }
2719                         }
2720                 }
2721         }, {
2722                 .alg = "ecb(arc4)",
2723                 .test = alg_test_skcipher,
2724                 .suite = {
2725                         .cipher = {
2726                                 .enc = {
2727                                         .vecs = arc4_enc_tv_template,
2728                                         .count = ARC4_ENC_TEST_VECTORS
2729                                 },
2730                                 .dec = {
2731                                         .vecs = arc4_dec_tv_template,
2732                                         .count = ARC4_DEC_TEST_VECTORS
2733                                 }
2734                         }
2735                 }
2736         }, {
2737                 .alg = "ecb(blowfish)",
2738                 .test = alg_test_skcipher,
2739                 .suite = {
2740                         .cipher = {
2741                                 .enc = {
2742                                         .vecs = bf_enc_tv_template,
2743                                         .count = BF_ENC_TEST_VECTORS
2744                                 },
2745                                 .dec = {
2746                                         .vecs = bf_dec_tv_template,
2747                                         .count = BF_DEC_TEST_VECTORS
2748                                 }
2749                         }
2750                 }
2751         }, {
2752                 .alg = "ecb(camellia)",
2753                 .test = alg_test_skcipher,
2754                 .suite = {
2755                         .cipher = {
2756                                 .enc = {
2757                                         .vecs = camellia_enc_tv_template,
2758                                         .count = CAMELLIA_ENC_TEST_VECTORS
2759                                 },
2760                                 .dec = {
2761                                         .vecs = camellia_dec_tv_template,
2762                                         .count = CAMELLIA_DEC_TEST_VECTORS
2763                                 }
2764                         }
2765                 }
2766         }, {
2767                 .alg = "ecb(cast5)",
2768                 .test = alg_test_skcipher,
2769                 .suite = {
2770                         .cipher = {
2771                                 .enc = {
2772                                         .vecs = cast5_enc_tv_template,
2773                                         .count = CAST5_ENC_TEST_VECTORS
2774                                 },
2775                                 .dec = {
2776                                         .vecs = cast5_dec_tv_template,
2777                                         .count = CAST5_DEC_TEST_VECTORS
2778                                 }
2779                         }
2780                 }
2781         }, {
2782                 .alg = "ecb(cast6)",
2783                 .test = alg_test_skcipher,
2784                 .suite = {
2785                         .cipher = {
2786                                 .enc = {
2787                                         .vecs = cast6_enc_tv_template,
2788                                         .count = CAST6_ENC_TEST_VECTORS
2789                                 },
2790                                 .dec = {
2791                                         .vecs = cast6_dec_tv_template,
2792                                         .count = CAST6_DEC_TEST_VECTORS
2793                                 }
2794                         }
2795                 }
2796         }, {
2797                 .alg = "ecb(cipher_null)",
2798                 .test = alg_test_null,
2799         }, {
2800                 .alg = "ecb(des)",
2801                 .test = alg_test_skcipher,
2802                 .suite = {
2803                         .cipher = {
2804                                 .enc = {
2805                                         .vecs = des_enc_tv_template,
2806                                         .count = DES_ENC_TEST_VECTORS
2807                                 },
2808                                 .dec = {
2809                                         .vecs = des_dec_tv_template,
2810                                         .count = DES_DEC_TEST_VECTORS
2811                                 }
2812                         }
2813                 }
2814         }, {
2815                 .alg = "ecb(des3_ede)",
2816                 .test = alg_test_skcipher,
2817                 .fips_allowed = 1,
2818                 .suite = {
2819                         .cipher = {
2820                                 .enc = {
2821                                         .vecs = des3_ede_enc_tv_template,
2822                                         .count = DES3_EDE_ENC_TEST_VECTORS
2823                                 },
2824                                 .dec = {
2825                                         .vecs = des3_ede_dec_tv_template,
2826                                         .count = DES3_EDE_DEC_TEST_VECTORS
2827                                 }
2828                         }
2829                 }
2830         }, {
2831                 .alg = "ecb(fcrypt)",
2832                 .test = alg_test_skcipher,
2833                 .suite = {
2834                         .cipher = {
2835                                 .enc = {
2836                                         .vecs = fcrypt_pcbc_enc_tv_template,
2837                                         .count = 1
2838                                 },
2839                                 .dec = {
2840                                         .vecs = fcrypt_pcbc_dec_tv_template,
2841                                         .count = 1
2842                                 }
2843                         }
2844                 }
2845         }, {
2846                 .alg = "ecb(khazad)",
2847                 .test = alg_test_skcipher,
2848                 .suite = {
2849                         .cipher = {
2850                                 .enc = {
2851                                         .vecs = khazad_enc_tv_template,
2852                                         .count = KHAZAD_ENC_TEST_VECTORS
2853                                 },
2854                                 .dec = {
2855                                         .vecs = khazad_dec_tv_template,
2856                                         .count = KHAZAD_DEC_TEST_VECTORS
2857                                 }
2858                         }
2859                 }
2860         }, {
2861                 .alg = "ecb(seed)",
2862                 .test = alg_test_skcipher,
2863                 .suite = {
2864                         .cipher = {
2865                                 .enc = {
2866                                         .vecs = seed_enc_tv_template,
2867                                         .count = SEED_ENC_TEST_VECTORS
2868                                 },
2869                                 .dec = {
2870                                         .vecs = seed_dec_tv_template,
2871                                         .count = SEED_DEC_TEST_VECTORS
2872                                 }
2873                         }
2874                 }
2875         }, {
2876                 .alg = "ecb(serpent)",
2877                 .test = alg_test_skcipher,
2878                 .suite = {
2879                         .cipher = {
2880                                 .enc = {
2881                                         .vecs = serpent_enc_tv_template,
2882                                         .count = SERPENT_ENC_TEST_VECTORS
2883                                 },
2884                                 .dec = {
2885                                         .vecs = serpent_dec_tv_template,
2886                                         .count = SERPENT_DEC_TEST_VECTORS
2887                                 }
2888                         }
2889                 }
2890         }, {
2891                 .alg = "ecb(tea)",
2892                 .test = alg_test_skcipher,
2893                 .suite = {
2894                         .cipher = {
2895                                 .enc = {
2896                                         .vecs = tea_enc_tv_template,
2897                                         .count = TEA_ENC_TEST_VECTORS
2898                                 },
2899                                 .dec = {
2900                                         .vecs = tea_dec_tv_template,
2901                                         .count = TEA_DEC_TEST_VECTORS
2902                                 }
2903                         }
2904                 }
2905         }, {
2906                 .alg = "ecb(tnepres)",
2907                 .test = alg_test_skcipher,
2908                 .suite = {
2909                         .cipher = {
2910                                 .enc = {
2911                                         .vecs = tnepres_enc_tv_template,
2912                                         .count = TNEPRES_ENC_TEST_VECTORS
2913                                 },
2914                                 .dec = {
2915                                         .vecs = tnepres_dec_tv_template,
2916                                         .count = TNEPRES_DEC_TEST_VECTORS
2917                                 }
2918                         }
2919                 }
2920         }, {
2921                 .alg = "ecb(twofish)",
2922                 .test = alg_test_skcipher,
2923                 .suite = {
2924                         .cipher = {
2925                                 .enc = {
2926                                         .vecs = tf_enc_tv_template,
2927                                         .count = TF_ENC_TEST_VECTORS
2928                                 },
2929                                 .dec = {
2930                                         .vecs = tf_dec_tv_template,
2931                                         .count = TF_DEC_TEST_VECTORS
2932                                 }
2933                         }
2934                 }
2935         }, {
2936                 .alg = "ecb(xeta)",
2937                 .test = alg_test_skcipher,
2938                 .suite = {
2939                         .cipher = {
2940                                 .enc = {
2941                                         .vecs = xeta_enc_tv_template,
2942                                         .count = XETA_ENC_TEST_VECTORS
2943                                 },
2944                                 .dec = {
2945                                         .vecs = xeta_dec_tv_template,
2946                                         .count = XETA_DEC_TEST_VECTORS
2947                                 }
2948                         }
2949                 }
2950         }, {
2951                 .alg = "ecb(xtea)",
2952                 .test = alg_test_skcipher,
2953                 .suite = {
2954                         .cipher = {
2955                                 .enc = {
2956                                         .vecs = xtea_enc_tv_template,
2957                                         .count = XTEA_ENC_TEST_VECTORS
2958                                 },
2959                                 .dec = {
2960                                         .vecs = xtea_dec_tv_template,
2961                                         .count = XTEA_DEC_TEST_VECTORS
2962                                 }
2963                         }
2964                 }
2965         }, {
2966                 .alg = "gcm(aes)",
2967                 .test = alg_test_aead,
2968                 .fips_allowed = 1,
2969                 .suite = {
2970                         .aead = {
2971                                 .enc = {
2972                                         .vecs = aes_gcm_enc_tv_template,
2973                                         .count = AES_GCM_ENC_TEST_VECTORS
2974                                 },
2975                                 .dec = {
2976                                         .vecs = aes_gcm_dec_tv_template,
2977                                         .count = AES_GCM_DEC_TEST_VECTORS
2978                                 }
2979                         }
2980                 }
2981         }, {
2982                 .alg = "ghash",
2983                 .test = alg_test_hash,
2984                 .fips_allowed = 1,
2985                 .suite = {
2986                         .hash = {
2987                                 .vecs = ghash_tv_template,
2988                                 .count = GHASH_TEST_VECTORS
2989                         }
2990                 }
2991         }, {
2992                 .alg = "hmac(crc32)",
2993                 .test = alg_test_hash,
2994                 .suite = {
2995                         .hash = {
2996                                 .vecs = bfin_crc_tv_template,
2997                                 .count = BFIN_CRC_TEST_VECTORS
2998                         }
2999                 }
3000         }, {
3001                 .alg = "hmac(md5)",
3002                 .test = alg_test_hash,
3003                 .suite = {
3004                         .hash = {
3005                                 .vecs = hmac_md5_tv_template,
3006                                 .count = HMAC_MD5_TEST_VECTORS
3007                         }
3008                 }
3009         }, {
3010                 .alg = "hmac(rmd128)",
3011                 .test = alg_test_hash,
3012                 .suite = {
3013                         .hash = {
3014                                 .vecs = hmac_rmd128_tv_template,
3015                                 .count = HMAC_RMD128_TEST_VECTORS
3016                         }
3017                 }
3018         }, {
3019                 .alg = "hmac(rmd160)",
3020                 .test = alg_test_hash,
3021                 .suite = {
3022                         .hash = {
3023                                 .vecs = hmac_rmd160_tv_template,
3024                                 .count = HMAC_RMD160_TEST_VECTORS
3025                         }
3026                 }
3027         }, {
3028                 .alg = "hmac(sha1)",
3029                 .test = alg_test_hash,
3030                 .fips_allowed = 1,
3031                 .suite = {
3032                         .hash = {
3033                                 .vecs = hmac_sha1_tv_template,
3034                                 .count = HMAC_SHA1_TEST_VECTORS
3035                         }
3036                 }
3037         }, {
3038                 .alg = "hmac(sha224)",
3039                 .test = alg_test_hash,
3040                 .fips_allowed = 1,
3041                 .suite = {
3042                         .hash = {
3043                                 .vecs = hmac_sha224_tv_template,
3044                                 .count = HMAC_SHA224_TEST_VECTORS
3045                         }
3046                 }
3047         }, {
3048                 .alg = "hmac(sha256)",
3049                 .test = alg_test_hash,
3050                 .fips_allowed = 1,
3051                 .suite = {
3052                         .hash = {
3053                                 .vecs = hmac_sha256_tv_template,
3054                                 .count = HMAC_SHA256_TEST_VECTORS
3055                         }
3056                 }
3057         }, {
3058                 .alg = "hmac(sha384)",
3059                 .test = alg_test_hash,
3060                 .fips_allowed = 1,
3061                 .suite = {
3062                         .hash = {
3063                                 .vecs = hmac_sha384_tv_template,
3064                                 .count = HMAC_SHA384_TEST_VECTORS
3065                         }
3066                 }
3067         }, {
3068                 .alg = "hmac(sha512)",
3069                 .test = alg_test_hash,
3070                 .fips_allowed = 1,
3071                 .suite = {
3072                         .hash = {
3073                                 .vecs = hmac_sha512_tv_template,
3074                                 .count = HMAC_SHA512_TEST_VECTORS
3075                         }
3076                 }
3077         }, {
3078                 .alg = "jitterentropy_rng",
3079                 .fips_allowed = 1,
3080                 .test = alg_test_null,
3081         }, {
3082                 .alg = "kw(aes)",
3083                 .test = alg_test_skcipher,
3084                 .fips_allowed = 1,
3085                 .suite = {
3086                         .cipher = {
3087                                 .enc = {
3088                                         .vecs = aes_kw_enc_tv_template,
3089                                         .count = ARRAY_SIZE(aes_kw_enc_tv_template)
3090                                 },
3091                                 .dec = {
3092                                         .vecs = aes_kw_dec_tv_template,
3093                                         .count = ARRAY_SIZE(aes_kw_dec_tv_template)
3094                                 }
3095                         }
3096                 }
3097         }, {
3098                 .alg = "lrw(aes)",
3099                 .test = alg_test_skcipher,
3100                 .suite = {
3101                         .cipher = {
3102                                 .enc = {
3103                                         .vecs = aes_lrw_enc_tv_template,
3104                                         .count = AES_LRW_ENC_TEST_VECTORS
3105                                 },
3106                                 .dec = {
3107                                         .vecs = aes_lrw_dec_tv_template,
3108                                         .count = AES_LRW_DEC_TEST_VECTORS
3109                                 }
3110                         }
3111                 }
3112         }, {
3113                 .alg = "lrw(camellia)",
3114                 .test = alg_test_skcipher,
3115                 .suite = {
3116                         .cipher = {
3117                                 .enc = {
3118                                         .vecs = camellia_lrw_enc_tv_template,
3119                                         .count = CAMELLIA_LRW_ENC_TEST_VECTORS
3120                                 },
3121                                 .dec = {
3122                                         .vecs = camellia_lrw_dec_tv_template,
3123                                         .count = CAMELLIA_LRW_DEC_TEST_VECTORS
3124                                 }
3125                         }
3126                 }
3127         }, {
3128                 .alg = "lrw(cast6)",
3129                 .test = alg_test_skcipher,
3130                 .suite = {
3131                         .cipher = {
3132                                 .enc = {
3133                                         .vecs = cast6_lrw_enc_tv_template,
3134                                         .count = CAST6_LRW_ENC_TEST_VECTORS
3135                                 },
3136                                 .dec = {
3137                                         .vecs = cast6_lrw_dec_tv_template,
3138                                         .count = CAST6_LRW_DEC_TEST_VECTORS
3139                                 }
3140                         }
3141                 }
3142         }, {
3143                 .alg = "lrw(serpent)",
3144                 .test = alg_test_skcipher,
3145                 .suite = {
3146                         .cipher = {
3147                                 .enc = {
3148                                         .vecs = serpent_lrw_enc_tv_template,
3149                                         .count = SERPENT_LRW_ENC_TEST_VECTORS
3150                                 },
3151                                 .dec = {
3152                                         .vecs = serpent_lrw_dec_tv_template,
3153                                         .count = SERPENT_LRW_DEC_TEST_VECTORS
3154                                 }
3155                         }
3156                 }
3157         }, {
3158                 .alg = "lrw(twofish)",
3159                 .test = alg_test_skcipher,
3160                 .suite = {
3161                         .cipher = {
3162                                 .enc = {
3163                                         .vecs = tf_lrw_enc_tv_template,
3164                                         .count = TF_LRW_ENC_TEST_VECTORS
3165                                 },
3166                                 .dec = {
3167                                         .vecs = tf_lrw_dec_tv_template,
3168                                         .count = TF_LRW_DEC_TEST_VECTORS
3169                                 }
3170                         }
3171                 }
3172         }, {
3173                 .alg = "lz4",
3174                 .test = alg_test_comp,
3175                 .fips_allowed = 1,
3176                 .suite = {
3177                         .comp = {
3178                                 .comp = {
3179                                         .vecs = lz4_comp_tv_template,
3180                                         .count = LZ4_COMP_TEST_VECTORS
3181                                 },
3182                                 .decomp = {
3183                                         .vecs = lz4_decomp_tv_template,
3184                                         .count = LZ4_DECOMP_TEST_VECTORS
3185                                 }
3186                         }
3187                 }
3188         }, {
3189                 .alg = "lz4hc",
3190                 .test = alg_test_comp,
3191                 .fips_allowed = 1,
3192                 .suite = {
3193                         .comp = {
3194                                 .comp = {
3195                                         .vecs = lz4hc_comp_tv_template,
3196                                         .count = LZ4HC_COMP_TEST_VECTORS
3197                                 },
3198                                 .decomp = {
3199                                         .vecs = lz4hc_decomp_tv_template,
3200                                         .count = LZ4HC_DECOMP_TEST_VECTORS
3201                                 }
3202                         }
3203                 }
3204         }, {
3205                 .alg = "lzo",
3206                 .test = alg_test_comp,
3207                 .fips_allowed = 1,
3208                 .suite = {
3209                         .comp = {
3210                                 .comp = {
3211                                         .vecs = lzo_comp_tv_template,
3212                                         .count = LZO_COMP_TEST_VECTORS
3213                                 },
3214                                 .decomp = {
3215                                         .vecs = lzo_decomp_tv_template,
3216                                         .count = LZO_DECOMP_TEST_VECTORS
3217                                 }
3218                         }
3219                 }
3220         }, {
3221                 .alg = "md4",
3222                 .test = alg_test_hash,
3223                 .suite = {
3224                         .hash = {
3225                                 .vecs = md4_tv_template,
3226                                 .count = MD4_TEST_VECTORS
3227                         }
3228                 }
3229         }, {
3230                 .alg = "md5",
3231                 .test = alg_test_hash,
3232                 .suite = {
3233                         .hash = {
3234                                 .vecs = md5_tv_template,
3235                                 .count = MD5_TEST_VECTORS
3236                         }
3237                 }
3238         }, {
3239                 .alg = "michael_mic",
3240                 .test = alg_test_hash,
3241                 .suite = {
3242                         .hash = {
3243                                 .vecs = michael_mic_tv_template,
3244                                 .count = MICHAEL_MIC_TEST_VECTORS
3245                         }
3246                 }
3247         }, {
3248                 .alg = "ofb(aes)",
3249                 .test = alg_test_skcipher,
3250                 .fips_allowed = 1,
3251                 .suite = {
3252                         .cipher = {
3253                                 .enc = {
3254                                         .vecs = aes_ofb_enc_tv_template,
3255                                         .count = AES_OFB_ENC_TEST_VECTORS
3256                                 },
3257                                 .dec = {
3258                                         .vecs = aes_ofb_dec_tv_template,
3259                                         .count = AES_OFB_DEC_TEST_VECTORS
3260                                 }
3261                         }
3262                 }
3263         }, {
3264                 .alg = "pcbc(fcrypt)",
3265                 .test = alg_test_skcipher,
3266                 .suite = {
3267                         .cipher = {
3268                                 .enc = {
3269                                         .vecs = fcrypt_pcbc_enc_tv_template,
3270                                         .count = FCRYPT_ENC_TEST_VECTORS
3271                                 },
3272                                 .dec = {
3273                                         .vecs = fcrypt_pcbc_dec_tv_template,
3274                                         .count = FCRYPT_DEC_TEST_VECTORS
3275                                 }
3276                         }
3277                 }
3278         }, {
3279                 .alg = "poly1305",
3280                 .test = alg_test_hash,
3281                 .suite = {
3282                         .hash = {
3283                                 .vecs = poly1305_tv_template,
3284                                 .count = POLY1305_TEST_VECTORS
3285                         }
3286                 }
3287         }, {
3288                 .alg = "rfc3686(ctr(aes))",
3289                 .test = alg_test_skcipher,
3290                 .fips_allowed = 1,
3291                 .suite = {
3292                         .cipher = {
3293                                 .enc = {
3294                                         .vecs = aes_ctr_rfc3686_enc_tv_template,
3295                                         .count = AES_CTR_3686_ENC_TEST_VECTORS
3296                                 },
3297                                 .dec = {
3298                                         .vecs = aes_ctr_rfc3686_dec_tv_template,
3299                                         .count = AES_CTR_3686_DEC_TEST_VECTORS
3300                                 }
3301                         }
3302                 }
3303         }, {
3304                 .alg = "rfc4106(gcm(aes))",
3305                 .test = alg_test_aead,
3306                 .fips_allowed = 1,
3307                 .suite = {
3308                         .aead = {
3309                                 .enc = {
3310                                         .vecs = aes_gcm_rfc4106_enc_tv_template,
3311                                         .count = AES_GCM_4106_ENC_TEST_VECTORS
3312                                 },
3313                                 .dec = {
3314                                         .vecs = aes_gcm_rfc4106_dec_tv_template,
3315                                         .count = AES_GCM_4106_DEC_TEST_VECTORS
3316                                 }
3317                         }
3318                 }
3319         }, {
3320                 .alg = "rfc4309(ccm(aes))",
3321                 .test = alg_test_aead,
3322                 .fips_allowed = 1,
3323                 .suite = {
3324                         .aead = {
3325                                 .enc = {
3326                                         .vecs = aes_ccm_rfc4309_enc_tv_template,
3327                                         .count = AES_CCM_4309_ENC_TEST_VECTORS
3328                                 },
3329                                 .dec = {
3330                                         .vecs = aes_ccm_rfc4309_dec_tv_template,
3331                                         .count = AES_CCM_4309_DEC_TEST_VECTORS
3332                                 }
3333                         }
3334                 }
3335         }, {
3336                 .alg = "rfc4543(gcm(aes))",
3337                 .test = alg_test_aead,
3338                 .suite = {
3339                         .aead = {
3340                                 .enc = {
3341                                         .vecs = aes_gcm_rfc4543_enc_tv_template,
3342                                         .count = AES_GCM_4543_ENC_TEST_VECTORS
3343                                 },
3344                                 .dec = {
3345                                         .vecs = aes_gcm_rfc4543_dec_tv_template,
3346                                         .count = AES_GCM_4543_DEC_TEST_VECTORS
3347                                 },
3348                         }
3349                 }
3350         }, {
3351                 .alg = "rfc7539(chacha20,poly1305)",
3352                 .test = alg_test_aead,
3353                 .suite = {
3354                         .aead = {
3355                                 .enc = {
3356                                         .vecs = rfc7539_enc_tv_template,
3357                                         .count = RFC7539_ENC_TEST_VECTORS
3358                                 },
3359                                 .dec = {
3360                                         .vecs = rfc7539_dec_tv_template,
3361                                         .count = RFC7539_DEC_TEST_VECTORS
3362                                 },
3363                         }
3364                 }
3365         }, {
3366                 .alg = "rfc7539esp(chacha20,poly1305)",
3367                 .test = alg_test_aead,
3368                 .suite = {
3369                         .aead = {
3370                                 .enc = {
3371                                         .vecs = rfc7539esp_enc_tv_template,
3372                                         .count = RFC7539ESP_ENC_TEST_VECTORS
3373                                 },
3374                                 .dec = {
3375                                         .vecs = rfc7539esp_dec_tv_template,
3376                                         .count = RFC7539ESP_DEC_TEST_VECTORS
3377                                 },
3378                         }
3379                 }
3380         }, {
3381                 .alg = "rmd128",
3382                 .test = alg_test_hash,
3383                 .suite = {
3384                         .hash = {
3385                                 .vecs = rmd128_tv_template,
3386                                 .count = RMD128_TEST_VECTORS
3387                         }
3388                 }
3389         }, {
3390                 .alg = "rmd160",
3391                 .test = alg_test_hash,
3392                 .suite = {
3393                         .hash = {
3394                                 .vecs = rmd160_tv_template,
3395                                 .count = RMD160_TEST_VECTORS
3396                         }
3397                 }
3398         }, {
3399                 .alg = "rmd256",
3400                 .test = alg_test_hash,
3401                 .suite = {
3402                         .hash = {
3403                                 .vecs = rmd256_tv_template,
3404                                 .count = RMD256_TEST_VECTORS
3405                         }
3406                 }
3407         }, {
3408                 .alg = "rmd320",
3409                 .test = alg_test_hash,
3410                 .suite = {
3411                         .hash = {
3412                                 .vecs = rmd320_tv_template,
3413                                 .count = RMD320_TEST_VECTORS
3414                         }
3415                 }
3416         }, {
3417                 .alg = "rsa",
3418                 .test = alg_test_akcipher,
3419                 .fips_allowed = 1,
3420                 .suite = {
3421                         .akcipher = {
3422                                 .vecs = rsa_tv_template,
3423                                 .count = RSA_TEST_VECTORS
3424                         }
3425                 }
3426         }, {
3427                 .alg = "salsa20",
3428                 .test = alg_test_skcipher,
3429                 .suite = {
3430                         .cipher = {
3431                                 .enc = {
3432                                         .vecs = salsa20_stream_enc_tv_template,
3433                                         .count = SALSA20_STREAM_ENC_TEST_VECTORS
3434                                 }
3435                         }
3436                 }
3437         }, {
3438                 .alg = "sha1",
3439                 .test = alg_test_hash,
3440                 .fips_allowed = 1,
3441                 .suite = {
3442                         .hash = {
3443                                 .vecs = sha1_tv_template,
3444                                 .count = SHA1_TEST_VECTORS
3445                         }
3446                 }
3447         }, {
3448                 .alg = "sha224",
3449                 .test = alg_test_hash,
3450                 .fips_allowed = 1,
3451                 .suite = {
3452                         .hash = {
3453                                 .vecs = sha224_tv_template,
3454                                 .count = SHA224_TEST_VECTORS
3455                         }
3456                 }
3457         }, {
3458                 .alg = "sha256",
3459                 .test = alg_test_hash,
3460                 .fips_allowed = 1,
3461                 .suite = {
3462                         .hash = {
3463                                 .vecs = sha256_tv_template,
3464                                 .count = SHA256_TEST_VECTORS
3465                         }
3466                 }
3467         }, {
3468                 .alg = "sha384",
3469                 .test = alg_test_hash,
3470                 .fips_allowed = 1,
3471                 .suite = {
3472                         .hash = {
3473                                 .vecs = sha384_tv_template,
3474                                 .count = SHA384_TEST_VECTORS
3475                         }
3476                 }
3477         }, {
3478                 .alg = "sha512",
3479                 .test = alg_test_hash,
3480                 .fips_allowed = 1,
3481                 .suite = {
3482                         .hash = {
3483                                 .vecs = sha512_tv_template,
3484                                 .count = SHA512_TEST_VECTORS
3485                         }
3486                 }
3487         }, {
3488                 .alg = "tgr128",
3489                 .test = alg_test_hash,
3490                 .suite = {
3491                         .hash = {
3492                                 .vecs = tgr128_tv_template,
3493                                 .count = TGR128_TEST_VECTORS
3494                         }
3495                 }
3496         }, {
3497                 .alg = "tgr160",
3498                 .test = alg_test_hash,
3499                 .suite = {
3500                         .hash = {
3501                                 .vecs = tgr160_tv_template,
3502                                 .count = TGR160_TEST_VECTORS
3503                         }
3504                 }
3505         }, {
3506                 .alg = "tgr192",
3507                 .test = alg_test_hash,
3508                 .suite = {
3509                         .hash = {
3510                                 .vecs = tgr192_tv_template,
3511                                 .count = TGR192_TEST_VECTORS
3512                         }
3513                 }
3514         }, {
3515                 .alg = "vmac(aes)",
3516                 .test = alg_test_hash,
3517                 .suite = {
3518                         .hash = {
3519                                 .vecs = aes_vmac128_tv_template,
3520                                 .count = VMAC_AES_TEST_VECTORS
3521                         }
3522                 }
3523         }, {
3524                 .alg = "wp256",
3525                 .test = alg_test_hash,
3526                 .suite = {
3527                         .hash = {
3528                                 .vecs = wp256_tv_template,
3529                                 .count = WP256_TEST_VECTORS
3530                         }
3531                 }
3532         }, {
3533                 .alg = "wp384",
3534                 .test = alg_test_hash,
3535                 .suite = {
3536                         .hash = {
3537                                 .vecs = wp384_tv_template,
3538                                 .count = WP384_TEST_VECTORS
3539                         }
3540                 }
3541         }, {
3542                 .alg = "wp512",
3543                 .test = alg_test_hash,
3544                 .suite = {
3545                         .hash = {
3546                                 .vecs = wp512_tv_template,
3547                                 .count = WP512_TEST_VECTORS
3548                         }
3549                 }
3550         }, {
3551                 .alg = "xcbc(aes)",
3552                 .test = alg_test_hash,
3553                 .suite = {
3554                         .hash = {
3555                                 .vecs = aes_xcbc128_tv_template,
3556                                 .count = XCBC_AES_TEST_VECTORS
3557                         }
3558                 }
3559         }, {
3560                 .alg = "xts(aes)",
3561                 .test = alg_test_skcipher,
3562                 .fips_allowed = 1,
3563                 .suite = {
3564                         .cipher = {
3565                                 .enc = {
3566                                         .vecs = aes_xts_enc_tv_template,
3567                                         .count = AES_XTS_ENC_TEST_VECTORS
3568                                 },
3569                                 .dec = {
3570                                         .vecs = aes_xts_dec_tv_template,
3571                                         .count = AES_XTS_DEC_TEST_VECTORS
3572                                 }
3573                         }
3574                 }
3575         }, {
3576                 .alg = "xts(camellia)",
3577                 .test = alg_test_skcipher,
3578                 .suite = {
3579                         .cipher = {
3580                                 .enc = {
3581                                         .vecs = camellia_xts_enc_tv_template,
3582                                         .count = CAMELLIA_XTS_ENC_TEST_VECTORS
3583                                 },
3584                                 .dec = {
3585                                         .vecs = camellia_xts_dec_tv_template,
3586                                         .count = CAMELLIA_XTS_DEC_TEST_VECTORS
3587                                 }
3588                         }
3589                 }
3590         }, {
3591                 .alg = "xts(cast6)",
3592                 .test = alg_test_skcipher,
3593                 .suite = {
3594                         .cipher = {
3595                                 .enc = {
3596                                         .vecs = cast6_xts_enc_tv_template,
3597                                         .count = CAST6_XTS_ENC_TEST_VECTORS
3598                                 },
3599                                 .dec = {
3600                                         .vecs = cast6_xts_dec_tv_template,
3601                                         .count = CAST6_XTS_DEC_TEST_VECTORS
3602                                 }
3603                         }
3604                 }
3605         }, {
3606                 .alg = "xts(serpent)",
3607                 .test = alg_test_skcipher,
3608                 .suite = {
3609                         .cipher = {
3610                                 .enc = {
3611                                         .vecs = serpent_xts_enc_tv_template,
3612                                         .count = SERPENT_XTS_ENC_TEST_VECTORS
3613                                 },
3614                                 .dec = {
3615                                         .vecs = serpent_xts_dec_tv_template,
3616                                         .count = SERPENT_XTS_DEC_TEST_VECTORS
3617                                 }
3618                         }
3619                 }
3620         }, {
3621                 .alg = "xts(twofish)",
3622                 .test = alg_test_skcipher,
3623                 .suite = {
3624                         .cipher = {
3625                                 .enc = {
3626                                         .vecs = tf_xts_enc_tv_template,
3627                                         .count = TF_XTS_ENC_TEST_VECTORS
3628                                 },
3629                                 .dec = {
3630                                         .vecs = tf_xts_dec_tv_template,
3631                                         .count = TF_XTS_DEC_TEST_VECTORS
3632                                 }
3633                         }
3634                 }
3635         }
3636 };
3637
3638 static bool alg_test_descs_checked;
3639
3640 static void alg_test_descs_check_order(void)
3641 {
3642         int i;
3643
3644         /* only check once */
3645         if (alg_test_descs_checked)
3646                 return;
3647
3648         alg_test_descs_checked = true;
3649
3650         for (i = 1; i < ARRAY_SIZE(alg_test_descs); i++) {
3651                 int diff = strcmp(alg_test_descs[i - 1].alg,
3652                                   alg_test_descs[i].alg);
3653
3654                 if (WARN_ON(diff > 0)) {
3655                         pr_warn("testmgr: alg_test_descs entries in wrong order: '%s' before '%s'\n",
3656                                 alg_test_descs[i - 1].alg,
3657                                 alg_test_descs[i].alg);
3658                 }
3659
3660                 if (WARN_ON(diff == 0)) {
3661                         pr_warn("testmgr: duplicate alg_test_descs entry: '%s'\n",
3662                                 alg_test_descs[i].alg);
3663                 }
3664         }
3665 }
3666
3667 static int alg_find_test(const char *alg)
3668 {
3669         int start = 0;
3670         int end = ARRAY_SIZE(alg_test_descs);
3671
3672         while (start < end) {
3673                 int i = (start + end) / 2;
3674                 int diff = strcmp(alg_test_descs[i].alg, alg);
3675
3676                 if (diff > 0) {
3677                         end = i;
3678                         continue;
3679                 }
3680
3681                 if (diff < 0) {
3682                         start = i + 1;
3683                         continue;
3684                 }
3685
3686                 return i;
3687         }
3688
3689         return -1;
3690 }
3691
3692 int alg_test(const char *driver, const char *alg, u32 type, u32 mask)
3693 {
3694         int i;
3695         int j;
3696         int rc;
3697
3698         alg_test_descs_check_order();
3699
3700         if ((type & CRYPTO_ALG_TYPE_MASK) == CRYPTO_ALG_TYPE_CIPHER) {
3701                 char nalg[CRYPTO_MAX_ALG_NAME];
3702
3703                 if (snprintf(nalg, sizeof(nalg), "ecb(%s)", alg) >=
3704                     sizeof(nalg))
3705                         return -ENAMETOOLONG;
3706
3707                 i = alg_find_test(nalg);
3708                 if (i < 0)
3709                         goto notest;
3710
3711                 if (fips_enabled && !alg_test_descs[i].fips_allowed)
3712                         goto non_fips_alg;
3713
3714                 rc = alg_test_cipher(alg_test_descs + i, driver, type, mask);
3715                 goto test_done;
3716         }
3717
3718         i = alg_find_test(alg);
3719         j = alg_find_test(driver);
3720         if (i < 0 && j < 0)
3721                 goto notest;
3722
3723         if (fips_enabled && ((i >= 0 && !alg_test_descs[i].fips_allowed) ||
3724                              (j >= 0 && !alg_test_descs[j].fips_allowed)))
3725                 goto non_fips_alg;
3726
3727         rc = 0;
3728         if (i >= 0)
3729                 rc |= alg_test_descs[i].test(alg_test_descs + i, driver,
3730                                              type, mask);
3731         if (j >= 0 && j != i)
3732                 rc |= alg_test_descs[j].test(alg_test_descs + j, driver,
3733                                              type, mask);
3734
3735 test_done:
3736         if (fips_enabled && rc)
3737                 panic("%s: %s alg self test failed in fips mode!\n", driver, alg);
3738
3739         if (fips_enabled && !rc)
3740                 pr_info("alg: self-tests for %s (%s) passed\n", driver, alg);
3741
3742         return rc;
3743
3744 notest:
3745         printk(KERN_INFO "alg: No test for %s (%s)\n", alg, driver);
3746         return 0;
3747 non_fips_alg:
3748         return -EINVAL;
3749 }
3750
3751 #endif /* CONFIG_CRYPTO_MANAGER_DISABLE_TESTS */
3752
3753 EXPORT_SYMBOL_GPL(alg_test);