summaryrefslogtreecommitdiffstats
path: root/crypto/testmgr.c
Commit message (Collapse)AuthorAgeFilesLines
* crypto: testmgr - Reenable sha1/aes in FIPS modeHerbert Xu2017-06-281-0/+1
| | | | | | | | | The combination of sha1 and aes was disabled in FIPS Mode accidentally. This patch reenables it. Fixes: 284a0f6e87b0 ("crypto: testmgr - Disable fips-allowed for...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Müller <smueller@chronox.de>
* crypto: testmgr - add testvector for pkcs1pad(rsa)Stephan Mueller2017-06-201-4/+29
| | | | | | | | | | The PKCS#1 RSA implementation is provided with a self test with RSA 2048 and SHA-256. This self test implicitly covers other RSA keys and other hashes. Also, this self test implies that the pkcs1pad(rsa) is FIPS 140-2 compliant. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - use consistent format for errorsGilad Ben-Yossef2017-06-191-9/+9
| | | | | | | Fix inconsistent format and spelling in hash tests error messages. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add genkey kpp testTudor-Dan Ambarus2017-06-101-11/+65
| | | | | | | | | | | | | The test considers a party that already has a private-public key pair and a party that provides a NULL key. The kernel will generate the private-public key pair for the latter, computes the shared secret on both ends and verifies if it's the same. The explicit private-public key pair was copied from the previous test vector. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: scomp - add support for deflate rfc1950 (zlib)Giovanni Cabiddu2017-04-241-0/+10
| | | | | | | | | Add scomp backend for zlib-deflate compression algorithm. This backend outputs data using the format defined in rfc1950 (raw deflate surrounded by zlib header and footer). Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Allow ecb(cipher_null) in FIPS modeMilan Broz2017-04-241-0/+1
| | | | | | | | | | | | | | The cipher_null is not a real cipher, FIPS mode should not restrict its use. It is used for several tests (for example in cryptsetup testsuite) and also temporarily for reencryption of not yet encrypted device in cryptsetup-reencrypt tool. Problem is easily reproducible with cryptsetup benchmark -c null Signed-off-by: Milan Broz <gmazyland@gmail.com> Acked-by: Stephan Müller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - replace compression known answer testGiovanni Cabiddu2017-04-211-3/+26
| | | | | | | | | | | | | Compression implementations might return valid outputs that do not match what specified in the test vectors. For this reason, the testmgr might report that a compression implementation failed the test even if the data produced by the compressor is correct. This implements a decompress-and-verify test for acomp compression tests rather than a known answer test. Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - mark ctr(des3_ede) as fips_allowedMarcelo Cerri2017-03-241-0/+1
| | | | | | | | 3DES is missing the fips_allowed flag for CTR mode. Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - constify all test vectorsEric Biggers2017-03-091-30/+41
| | | | | | | | | Cryptographic test vectors should never be modified, so constify them to enforce this at both compile-time and run-time. This moves a significant amount of data from .data to .rodata when the crypto tests are enabled. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add test cases for cbcmac(aes)Ard Biesheuvel2017-02-111-0/+7
| | | | | | | | | In preparation of splitting off the CBC-MAC transform in the CCM driver into a separate algorithm, define some test cases for the AES incarnation of cbcmac. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - use calculated count for number of test vectorsArd Biesheuvel2017-01-131-831/+202
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When working on AES in CCM mode for ARM, my code passed the internal tcrypt test before I had even bothered to implement the AES-192 and AES-256 code paths, which is strange because the tcrypt does contain AES-192 and AES-256 test vectors for CCM. As it turned out, the define AES_CCM_ENC_TEST_VECTORS was out of sync with the actual number of test vectors, causing only the AES-128 ones to be executed. So get rid of the defines, and wrap the test vector references in a macro that calculates the number of vectors automatically. The following test vector counts were out of sync with the respective defines: BF_CTR_ENC_TEST_VECTORS 2 -> 3 BF_CTR_DEC_TEST_VECTORS 2 -> 3 TF_CTR_ENC_TEST_VECTORS 2 -> 3 TF_CTR_DEC_TEST_VECTORS 2 -> 3 SERPENT_CTR_ENC_TEST_VECTORS 2 -> 3 SERPENT_CTR_DEC_TEST_VECTORS 2 -> 3 AES_CCM_ENC_TEST_VECTORS 8 -> 14 AES_CCM_DEC_TEST_VECTORS 7 -> 17 AES_CCM_4309_ENC_TEST_VECTORS 7 -> 23 AES_CCM_4309_DEC_TEST_VECTORS 10 -> 23 CAMELLIA_CTR_ENC_TEST_VECTORS 2 -> 3 CAMELLIA_CTR_DEC_TEST_VECTORS 2 -> 3 Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Allocate only the required output size for hash testsAndrew Lutomirski2017-01-131-4/+5
| | | | | | | | | | | | | | | | | | | There are some hashes (e.g. sha224) that have some internal trickery to make sure that only the correct number of output bytes are generated. If something goes wrong, they could potentially overrun the output buffer. Make the test more robust by allocating only enough space for the correct output size so that memory debugging will catch the error if the output is overrun. Tested by intentionally breaking sha224 to output all 256 internally-generated bits while running on KASAN. Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Cc: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Andy Lutomirski <luto@kernel.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - use kmemdup instead of kmalloc+memcpyEric Biggers2017-01-131-4/+2
| | | | | | | It's recommended to use kmemdup instead of kmalloc followed by memcpy. Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Use heap buffer for acomp test inputLaura Abbott2016-12-271-2/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Christopher Covington reported a crash on aarch64 on recent Fedora kernels: kernel BUG at ./include/linux/scatterlist.h:140! Internal error: Oops - BUG: 0 [#1] PREEMPT SMP Modules linked in: CPU: 2 PID: 752 Comm: cryptomgr_test Not tainted 4.9.0-11815-ge93b1cc #162 Hardware name: linux,dummy-virt (DT) task: ffff80007c650080 task.stack: ffff800008910000 PC is at sg_init_one+0xa0/0xb8 LR is at sg_init_one+0x24/0xb8 ... [<ffff000008398db8>] sg_init_one+0xa0/0xb8 [<ffff000008350a44>] test_acomp+0x10c/0x438 [<ffff000008350e20>] alg_test_comp+0xb0/0x118 [<ffff00000834f28c>] alg_test+0x17c/0x2f0 [<ffff00000834c6a4>] cryptomgr_test+0x44/0x50 [<ffff0000080dac70>] kthread+0xf8/0x128 [<ffff000008082ec0>] ret_from_fork+0x10/0x50 The test vectors used for input are part of the kernel image. These inputs are passed as a buffer to sg_init_one which eventually blows up with BUG_ON(!virt_addr_valid(buf)). On arm64, virt_addr_valid returns false for the kernel image since virt_to_page will not return the correct page. Fix this by copying the input vectors to heap buffer before setting up the scatterlist. Reported-by: Christopher Covington <cov@codeaurora.org> Fixes: d7db7a882deb ("crypto: acomp - update testmgr with support for acomp") Signed-off-by: Laura Abbott <labbott@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix overlap in chunked tests againArd Biesheuvel2016-12-081-1/+1
| | | | | | | | | | | | | | | | Commit 7e4c7f17cde2 ("crypto: testmgr - avoid overlap in chunked tests") attempted to address a problem in the crypto testmgr code where chunked test cases are copied to memory in a way that results in overlap. However, the fix recreated the exact same issue for other chunked tests, by putting IDX3 within 492 bytes of IDX1, which causes overlap if the first chunk exceeds 492 bytes, which is the case for at least one of the xts(aes) test cases. So increase IDX3 by another 1000 bytes. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - avoid overlap in chunked testsArd Biesheuvel2016-12-071-1/+1
| | | | | | | | | The IDXn offsets are chosen such that tap values (which may go up to 255) end up overlapping in the xbuf allocation. In particular, IDX1 and IDX3 are too close together, so update IDX3 to avoid this issue. Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - don't use stack buffer in test_acomp()Eric Biggers2016-11-281-3/+8
| | | | | | | | | | | | With virtually-mapped stacks (CONFIG_VMAP_STACK=y), using the scatterlist crypto API with stack buffers is not allowed, and with appropriate debugging options will cause the 'BUG_ON(!virt_addr_valid(buf));' in sg_set_buf() to be triggered. Use a heap buffer instead. Fixes: d7db7a882deb ("crypto: acomp - update testmgr with support for acomp") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Do not test internal algorithmsHerbert Xu2016-11-281-144/+9
| | | | | | | | | | | | Currently we manually filter out internal algorithms using a list in testmgr. This is dangerous as internal algorithms cannot be safely used even by testmgr. This patch ensures that they're never processed by testmgr at all. This patch also removes an obsolete bypass for nivciphers which no longer exist. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: acomp - update testmgr with support for acompGiovanni Cabiddu2016-10-251-13/+145
| | | | | | | Add tests to the test manager for algorithms exposed through acomp. Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - add guard to dst buffer for ahash_exportJan Stancek2016-10-021-1/+4
| | | | | | | | | | | | | | Add a guard to 'state' buffer and warn if its consistency after call to crypto_ahash_export() changes, so that any write that goes beyond advertised statesize (and thus causing potential memory corruption [1]) is more visible. [1] https://marc.info/?l=linux-crypto-vger&m=147467656516085 Signed-off-by: Jan Stancek <jstancek@redhat.com> Cc: Herbert Xu <herbert@gondor.apana.org.au> Cc: Marcelo Cerri <marcelo.cerri@canonical.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: FIPS - allow tests to be disabled in FIPS modeStephan Mueller2016-08-311-0/+9
| | | | | | | | | | | | | | In FIPS mode, additional restrictions may apply. If these restrictions are violated, the kernel will panic(). This patch allows test vectors for symmetric ciphers to be marked as to be skipped in FIPS mode. Together with the patch, the XTS test vectors where the AES key is identical to the tweak key is disabled in FIPS mode. This test vector violates the FIPS requirement that both keys must be different. Reported-by: Tapas Sarangi <TSarangi@trustwave.com> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix !x==y confusionYanjiang Jin2016-08-091-5/+5
| | | | | | | | | | | | | | | "if (!ret == template[i].fail)" is confusing to compilers (gcc5): crypto/testmgr.c: In function '__test_aead': crypto/testmgr.c:531:12: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] if (!ret == template[i].fail) { ^ Let there be 'if (template[i].fail == !ret) '. Signed-off-by: Yanjiang Jin <yanjiang.jin@windriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Print akcipher algorithm nameHerbert Xu2016-07-191-2/+4
| | | | | | | When an akcipher test fails, we don't know which algorithm failed because the name is not printed. This patch fixes this. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Set err before proceedingSalvatore Benedetto2016-07-051-0/+1
| | | | | | | Report correct error in case of failure Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha3 - Add HMAC-SHA3 test modes and test vectorsraveendra padasalagi2016-07-011-0/+40
| | | | | | | | This patch adds HMAC-SHA3 test modes in tcrypt module and related test vectors. Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Allow leading zeros in RSAHerbert Xu2016-07-011-27/+24
| | | | | | | | | | | This patch allows RSA implementations to produce output with leading zeroes. testmgr will skip leading zeroes when comparing the output. This patch also tries to make the RSA test function generic enough to potentially handle other akcipher algorithms. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ecdh - Add ECDH software supportSalvatore Benedetto2016-06-231-0/+10
| | | | | | | | | | * Implement ECDH under kpp API * Provide ECC software support for curve P-192 and P-256. * Add kpp test for ECDH with data generated by OpenSSL Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: dh - Add DH software implementationSalvatore Benedetto2016-06-231-0/+144
| | | | | | | | * Implement MPI based Diffie-Hellman under kpp API * Test provided uses data generad by OpenSSL Signed-off-by: Salvatore Benedetto <salvatore.benedetto@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: sha3 - Add SHA-3 Test's in tcryptraveendra padasalagi2016-06-201-0/+40
| | | | | | | | Added support for SHA-3 algorithm test's in tcrypt module and related test vectors. Signed-off-by: Raveendra Padasalagi <raveendra.padasalagi@broadcom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* Merge branch 'linus' of ↵Linus Torvalds2016-05-171-0/+9
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6 Pull crypto update from Herbert Xu: "API: - Crypto self tests can now be disabled at boot/run time. - Add async support to algif_aead. Algorithms: - A large number of fixes to MPI from Nicolai Stange. - Performance improvement for HMAC DRBG. Drivers: - Use generic crypto engine in omap-des. - Merge ppc4xx-rng and crypto4xx drivers. - Fix lockups in sun4i-ss driver by disabling IRQs. - Add DMA engine support to ccp. - Reenable talitos hash algorithms. - Add support for Hisilicon SoC RNG. - Add basic crypto driver for the MXC SCC. Others: - Do not allocate crypto hash tfm in NORECLAIM context in ecryptfs" * 'linus' of git://git.kernel.org/pub/scm/linux/kernel/git/herbert/crypto-2.6: (77 commits) crypto: qat - change the adf_ctl_stop_devices to void crypto: caam - fix caam_jr_alloc() ret code crypto: vmx - comply with ABIs that specify vrsave as reserved. crypto: testmgr - Add a flag allowing the self-tests to be disabled at runtime. crypto: ccp - constify ccp_actions structure crypto: marvell/cesa - Use dma_pool_zalloc crypto: qat - make adf_vf_isr.c dependant on IOV config crypto: qat - Fix typo in comments lib: asn1_decoder - add MODULE_LICENSE("GPL") crypto: omap-sham - Use dma_request_chan() for requesting DMA channel crypto: omap-des - Use dma_request_chan() for requesting DMA channel crypto: omap-aes - Use dma_request_chan() for requesting DMA channel crypto: omap-des - Integrate with the crypto engine framework crypto: s5p-sss - fix incorrect usage of scatterlists api crypto: s5p-sss - Fix missed interrupts when working with 8 kB blocks crypto: s5p-sss - Use common BIT macro crypto: mxc-scc - fix unwinding in mxc_scc_crypto_register() crypto: mxc-scc - signedness bugs in mxc_scc_ablkcipher_req_init() crypto: talitos - fix ahash algorithms registration crypto: ccp - Ensure all dependencies are specified ...
| * crypto: testmgr - Add a flag allowing the self-tests to be disabled at runtime.Richard W.M. Jones2016-05-051-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | Running self-tests for a short-lived KVM VM takes 28ms on my laptop. This commit adds a flag 'cryptomgr.notests' which allows them to be disabled. However if fips=1 as well, we ignore this flag as FIPS mode mandates that the self-tests are run. Signed-off-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* | crypto: testmgr - Use kmalloc memory for RSA inputHerbert Xu2016-05-091-5/+22
|/ | | | | | | | | | | | As akcipher uses an SG interface, you must not use vmalloc memory as input for it. This patch fixes testmgr to copy the vmalloc test vectors to kmalloc memory before running the test. This patch also removes a superfluous sg_virt call in do_test_rsa. Cc: <stable@vger.kernel.org> Reported-by: Anatoly Pugachev <matorola@gmail.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - allow rfc3686 aes-ctr variants in fips mode.Marcus Meissner2016-02-281-0/+16
| | | | | | | | | | | RFC 3686 CTR in various authenc methods. rfc3686(ctr(aes)) is already marked fips compliant, so these should be fine. Signed-off-by: Marcus Meissner <meissner@suse.de> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - mark authenticated ctr(aes) also as FIPS ableMarcus Meissner2016-02-171-0/+16
| | | | | | | (2nd try that adds missing , to build.) Signed-off-by: Marcus Meissner <meissner@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - mark more algorithms as FIPS compliantMarcus Meissner2016-02-061-0/+7
| | | | | | | | | Some more authenc() wrapped algorithms are FIPS compliant, tag them as such. Signed-off-by: Marcus Meissner <meissner@suse.de> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - fix out of bound read in __test_aead()Jerome Marchand2016-02-061-2/+3
| | | | | | | | | | | | __test_aead() reads MAX_IVLEN bytes from template[i].iv, but the actual length of the initialisation vector can be shorter. The length of the IV is already calculated earlier in the function. Let's just reuses that. Also the IV length is currently calculated several time for no reason. Let's fix that too. This fix an out-of-bound error detected by KASan. Signed-off-by: Jerome Marchand <jmarchan@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Add a test case for import()/export()Wang, Rui Y2016-02-061-0/+133
| | | | | | | | | | | | Modify __test_hash() so that hash import/export can be tested from within the kernel. The test is unconditionally done when a struct hash_testvec has its .np > 1. v3: make the test unconditional v2: Leverage template[i].np as suggested by Tim Chen Signed-off-by: Rui Wang <rui.y.wang@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: compress - remove unused pcomp interfaceJoonsoo Kim2016-01-271-223/+0
| | | | | | | It is unused now, so remove it. Signed-off-by: Joonsoo Kim <iamjoonsoo.kim@lge.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: ansi_cprng - ANSI X9.31 DRNG is not allowed in FIPS 140-2Stephan Mueller2016-01-251-1/+0
| | | | | | | | | As per update of the FIPS 140-2 Annex C supported by SP800-131A, the ANSI X9.31 DRNG is not an allowed cipher in FIPS mode any more. CC: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: keywrap - add testmgr supportStephan Mueller2015-10-151-0/+16
| | | | | | | | | | | The testmanager code for symmetric ciphers is extended to allow verification of the IV after a cipher operation. In addition, test vectors for kw(aes) for encryption and decryption are added. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - test IV value after a cipher operationBoris BREZILLON2015-10-151-1/+11
| | | | | | | | | The crypto drivers are supposed to update the IV passed to the crypto request before calling the completion callback. Test for the IV value before considering the test as successful. Signed-off-by: Boris Brezillon <boris.brezillon@free-electrons.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: akcipher - Changes to asymmetric key APITadeusz Struk2015-10-141-19/+20
| | | | | | | | | | Setkey function has been split into set_priv_key and set_pub_key. Akcipher requests takes sgl for src and dst instead of void *. Users of the API i.e. two existing RSA implementation and test mgr code have been updated accordingly. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Disable fips-allowed for authenc() and des() ciphersJohn Haxby2015-10-011-16/+0
| | | | | | | | | No authenc() ciphers are FIPS approved, nor is ecb(des). After the end of 2015, ansi_cprng will also be non-approved. Signed-off-by: John Haxby <john.haxby@oracle.com> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - don't copy from source IV too muchAndrey Ryabinin2015-09-111-2/+3
| | | | | | | | | | | While the destination buffer 'iv' is MAX_IVLEN size, the source 'template[i].iv' could be smaller, thus memcpy may read read invalid memory. Use crypto_skcipher_ivsize() to get real ivsize and pass it to memcpy. Signed-off-by: Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Use new skcipher interfaceHerbert Xu2015-08-211-29/+32
| | | | | | | This patch replaces uses of blkcipher and ablkcipher with the new skcipher interface. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: cmac - allow usage in FIPS modeStephan Mueller2015-08-191-0/+2
| | | | | | | | CMAC is an approved cipher in FIPS 140-2. The patch allows the use of CMAC with TDES and AES in FIPS mode. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Reenable authenc testsHerbert Xu2015-08-041-13/+13
| | | | | | | Now that all implementations of authenc have been converted we can reenable the tests. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Disable authenc test and convert test vectorsHerbert Xu2015-08-041-13/+13
| | | | | | | | This patch disables the authenc tests while the conversion to the new IV calling convention takes place. It also replaces the authenc test vectors with ones that will work with the new IV convention. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Reenable rfc4309 testHerbert Xu2015-07-171-1/+1
| | | | | | | Now that all implementations of rfc4309 have been converted we can reenable the test. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
* crypto: testmgr - Disable rfc4309 test and convert test vectorsHerbert Xu2015-07-171-1/+1
| | | | | | | | | This patch disables the rfc4309 test while the conversion to the new seqiv calling convention takes place. It also replaces the rfc4309 test vectors with ones that will work with the new IV convention. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>