diff options
| author | Eric Biggers <ebiggers@google.com> | 2018-05-20 22:50:29 -0700 |
|---|---|---|
| committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-05-31 00:13:39 +0800 |
| commit | 92a4c9fef34ce98eeb2eb1b8ae9aef5a2bd509c4 (patch) | |
| tree | 273698a9ce7b115fdb53e56a92402333ee0126a9 /crypto | |
| parent | 4074a77d48f676e8ed9cd0141522c933109d4168 (diff) | |
crypto: testmgr - eliminate redundant decryption test vectors
Currently testmgr has separate encryption and decryption test vectors
for symmetric ciphers. That's massively redundant, since with few
exceptions (mostly mistakes, apparently), all decryption tests are
identical to the encryption tests, just with the input/result flipped.
Therefore, eliminate the redundancy by removing the decryption test
vectors and updating testmgr to test both encryption and decryption
using what used to be the encryption test vectors. Naming is adjusted
accordingly: each cipher_testvec now has a 'ptext' (plaintext), 'ctext'
(ciphertext), and 'len' instead of an 'input', 'result', 'ilen', and
'rlen'. Note that it was always the case that 'ilen == rlen'.
AES keywrap ("kw(aes)") is special because its IV is generated by the
encryption. Previously this was handled by specifying 'iv_out' for
encryption and 'iv' for decryption. To make it work cleanly with only
one set of test vectors, put the IV in 'iv', remove 'iv_out', and add a
boolean that indicates that the IV is generated by the encryption.
In total, this removes over 10000 lines from testmgr.h, with no
reduction in test coverage since prior patches already copied the few
unique decryption test vectors into the encryption test vectors.
This covers all algorithms that used 'struct cipher_testvec', e.g. any
block cipher in the ECB, CBC, CTR, XTS, LRW, CTS-CBC, PCBC, OFB, or
keywrap modes, and Salsa20 and ChaCha20. No change is made to AEAD
tests, though we probably can eliminate a similar redundancy there too.
The testmgr.h portion of this patch was automatically generated using
the following awk script, with some slight manual fixups on top (updated
'struct cipher_testvec' definition, updated a few comments, and fixed up
the AES keywrap test vectors):
BEGIN { OTHER = 0; ENCVEC = 1; DECVEC = 2; DECVEC_TAIL = 3; mode = OTHER }
/^static const struct cipher_testvec.*_enc_/ { sub("_enc", ""); mode = ENCVEC }
/^static const struct cipher_testvec.*_dec_/ { mode = DECVEC }
mode == ENCVEC && !/\.ilen[[:space:]]*=/ {
sub(/\.input[[:space:]]*=$/, ".ptext =")
sub(/\.input[[:space:]]*=/, ".ptext\t=")
sub(/\.result[[:space:]]*=$/, ".ctext =")
sub(/\.result[[:space:]]*=/, ".ctext\t=")
sub(/\.rlen[[:space:]]*=/, ".len\t=")
print
}
mode == DECVEC_TAIL && /[^[:space:]]/ { mode = OTHER }
mode == OTHER { print }
mode == ENCVEC && /^};/ { mode = OTHER }
mode == DECVEC && /^};/ { mode = DECVEC_TAIL }
Note that git's default diff algorithm gets confused by the testmgr.h
portion of this patch, and reports too many lines added and removed.
It's better viewed with 'git diff --minimal' (or 'git show --minimal'),
which reports "2 files changed, 919 insertions(+), 11723 deletions(-)".
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto')
| -rw-r--r-- | crypto/testmgr.c | 409 | ||||
| -rw-r--r-- | crypto/testmgr.h | 12233 |
2 files changed, 919 insertions, 11723 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index d3335d347e10..d1d99843cce4 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -84,10 +84,8 @@ struct aead_test_suite { }; struct cipher_test_suite { - struct { - const struct cipher_testvec *vecs; - unsigned int count; - } enc, dec; + const struct cipher_testvec *vecs; + unsigned int count; }; struct comp_test_suite { @@ -988,6 +986,7 @@ static int test_cipher(struct crypto_cipher *tfm, int enc, unsigned int i, j, k; char *q; const char *e; + const char *input, *result; void *data; char *xbuf[XBUFSIZE]; int ret = -ENOMEM; @@ -1008,14 +1007,16 @@ static int test_cipher(struct crypto_cipher *tfm, int enc, if (fips_enabled && template[i].fips_skip) continue; + input = enc ? template[i].ptext : template[i].ctext; + result = enc ? template[i].ctext : template[i].ptext; j++; ret = -EINVAL; - if (WARN_ON(template[i].ilen > PAGE_SIZE)) + if (WARN_ON(template[i].len > PAGE_SIZE)) goto out; data = xbuf[0]; - memcpy(data, template[i].input, template[i].ilen); + memcpy(data, input, template[i].len); crypto_cipher_clear_flags(tfm, ~0); if (template[i].wk) @@ -1031,7 +1032,7 @@ static int test_cipher(struct crypto_cipher *tfm, int enc, } else if (ret) continue; - for (k = 0; k < template[i].ilen; + for (k = 0; k < template[i].len; k += crypto_cipher_blocksize(tfm)) { if (enc) crypto_cipher_encrypt_one(tfm, data + k, @@ -1042,10 +1043,10 @@ static int test_cipher(struct crypto_cipher *tfm, int enc, } q = data; - if (memcmp(q, template[i].result, template[i].rlen)) { + if (memcmp(q, result, template[i].len)) { printk(KERN_ERR "alg: cipher: Test %d failed " "on %s for %s\n", j, e, algo); - hexdump(q, template[i].rlen); + hexdump(q, template[i].len); ret = -EINVAL; goto out; } @@ -1073,6 +1074,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, struct scatterlist sgout[8]; const char *e, *d; struct crypto_wait wait; + const char *input, *result; void *data; char iv[MAX_IVLEN]; char *xbuf[XBUFSIZE]; @@ -1116,19 +1118,21 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, if (fips_enabled && template[i].fips_skip) continue; - if (template[i].iv) + if (template[i].iv && !(template[i].generates_iv && enc)) memcpy(iv, template[i].iv, ivsize); else memset(iv, 0, MAX_IVLEN); + input = enc ? template[i].ptext : template[i].ctext; + result = enc ? template[i].ctext : template[i].ptext; j++; ret = -EINVAL; - if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE)) + if (WARN_ON(align_offset + template[i].len > PAGE_SIZE)) goto out; data = xbuf[0]; data += align_offset; - memcpy(data, template[i].input, template[i].ilen); + memcpy(data, input, template[i].len); crypto_skcipher_clear_flags(tfm, ~0); if (template[i].wk) @@ -1144,15 +1148,15 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, } else if (ret) continue; - sg_init_one(&sg[0], data, template[i].ilen); + sg_init_one(&sg[0], data, template[i].len); if (diff_dst) { data = xoutbuf[0]; data += align_offset; - sg_init_one(&sgout[0], data, template[i].ilen); + sg_init_one(&sgout[0], data, template[i].len); } skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, - template[i].ilen, iv); + template[i].len, iv); ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) : crypto_skcipher_decrypt(req), &wait); @@ -1163,17 +1167,16 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, } q = data; - if (memcmp(q, template[i].result, template[i].rlen)) { + if (memcmp(q, result, template[i].len)) { pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n", d, j, e, algo); - hexdump(q, template[i].rlen); + hexdump(q, template[i].len); ret = -EINVAL; goto out; } - if (template[i].iv_out && - memcmp(iv, template[i].iv_out, - crypto_skcipher_ivsize(tfm))) { + if (template[i].generates_iv && enc && + memcmp(iv, template[i].iv, crypto_skcipher_ivsize(tfm))) { pr_err("alg: skcipher%s: Test %d failed (invalid output IV) on %s for %s\n", d, j, e, algo); hexdump(iv, crypto_skcipher_ivsize(tfm)); @@ -1194,11 +1197,13 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, if (fips_enabled && template[i].fips_skip) continue; - if (template[i].iv) + if (template[i].iv && !(template[i].generates_iv && enc)) memcpy(iv, template[i].iv, ivsize); else memset(iv, 0, MAX_IVLEN); + input = enc ? template[i].ptext : template[i].ctext; + result = enc ? template[i].ctext : template[i].ptext; j++; crypto_skcipher_clear_flags(tfm, ~0); if (template[i].wk) @@ -1226,7 +1231,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); - memcpy(q, template[i].input + temp, template[i].tap[k]); + memcpy(q, input + temp, template[i].tap[k]); if (offset_in_page(q) + template[i].tap[k] < PAGE_SIZE) q[template[i].tap[k]] = 0; @@ -1248,7 +1253,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, } skcipher_request_set_crypt(req, sg, (diff_dst) ? sgout : sg, - template[i].ilen, iv); + template[i].len, iv); ret = crypto_wait_req(enc ? crypto_skcipher_encrypt(req) : crypto_skcipher_decrypt(req), &wait); @@ -1269,8 +1274,7 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc, q = xbuf[IDX[k] >> PAGE_SHIFT] + offset_in_page(IDX[k]); - if (memcmp(q, template[i].result + temp, - template[i].tap[k])) { + if (memcmp(q, result + temp, template[i].tap[k])) { pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n", d, j, e, k, algo); hexdump(q, template[i].tap[k]); @@ -1705,8 +1709,9 @@ out: static int alg_test_cipher(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { + const struct cipher_test_suite *suite = &desc->suite.cipher; struct crypto_cipher *tfm; - int err = 0; + int err; tfm = crypto_alloc_cipher(driver, type, mask); if (IS_ERR(tfm)) { @@ -1715,18 +1720,10 @@ static int alg_test_cipher(const struct alg_test_desc *desc, return PTR_ERR(tfm); } - if (desc->suite.cipher.enc.vecs) { - err = test_cipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs, - desc->suite.cipher.enc.count); - if (err) - goto out; - } - - if (desc->suite.cipher.dec.vecs) - err = test_cipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs, - desc->suite.cipher.dec.count); + err = test_cipher(tfm, ENCRYPT, suite->vecs, suite->count); + if (!err) + err = test_cipher(tfm, DECRYPT, suite->vecs, suite->count); -out: crypto_free_cipher(tfm); return err; } @@ -1734,8 +1731,9 @@ out: static int alg_test_skcipher(const struct alg_test_desc *desc, const char *driver, u32 type, u32 mask) { + const struct cipher_test_suite *suite = &desc->suite.cipher; struct crypto_skcipher *tfm; - int err = 0; + int err; tfm = crypto_alloc_skcipher(driver, type, mask); if (IS_ERR(tfm)) { @@ -1744,18 +1742,10 @@ static int alg_test_skcipher(const struct alg_test_desc *desc, return PTR_ERR(tfm); } - if (desc->suite.cipher.enc.vecs) { - err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs, - desc->suite.cipher.enc.count); - if (err) - goto out; - } - - if (desc->suite.cipher.dec.vecs) - err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs, - desc->suite.cipher.dec.count); + err = test_skcipher(tfm, ENCRYPT, suite->vecs, suite->count); + if (!err) + err = test_skcipher(tfm, DECRYPT, suite->vecs, suite->count); -out: crypto_free_skcipher(tfm); return err; } @@ -2575,75 +2565,51 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_cbc_enc_tv_template), - .dec = __VECS(aes_cbc_dec_tv_template) - } - } + .cipher = __VECS(aes_cbc_tv_template) + }, }, { .alg = "cbc(anubis)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(anubis_cbc_enc_tv_template), - .dec = __VECS(anubis_cbc_dec_tv_template) - } - } + .cipher = __VECS(anubis_cbc_tv_template) + }, }, { .alg = "cbc(blowfish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(bf_cbc_enc_tv_template), - .dec = __VECS(bf_cbc_dec_tv_template) - } - } + .cipher = __VECS(bf_cbc_tv_template) + }, }, { .alg = "cbc(camellia)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(camellia_cbc_enc_tv_template), - .dec = __VECS(camellia_cbc_dec_tv_template) - } - } + .cipher = __VECS(camellia_cbc_tv_template) + }, }, { .alg = "cbc(cast5)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast5_cbc_enc_tv_template), - .dec = __VECS(cast5_cbc_dec_tv_template) - } - } + .cipher = __VECS(cast5_cbc_tv_template) + }, }, { .alg = "cbc(cast6)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast6_cbc_enc_tv_template), - .dec = __VECS(cast6_cbc_dec_tv_template) - } - } + .cipher = __VECS(cast6_cbc_tv_template) + }, }, { .alg = "cbc(des)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(des_cbc_enc_tv_template), - .dec = __VECS(des_cbc_dec_tv_template) - } - } + .cipher = __VECS(des_cbc_tv_template) + }, }, { .alg = "cbc(des3_ede)", .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(des3_ede_cbc_enc_tv_template), - .dec = __VECS(des3_ede_cbc_dec_tv_template) - } - } + .cipher = __VECS(des3_ede_cbc_tv_template) + }, }, { /* Same as cbc(aes) except the key is stored in * hardware secure memory which we reference by index @@ -2655,20 +2621,14 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "cbc(serpent)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(serpent_cbc_enc_tv_template), - .dec = __VECS(serpent_cbc_dec_tv_template) - } - } + .cipher = __VECS(serpent_cbc_tv_template) + }, }, { .alg = "cbc(twofish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tf_cbc_enc_tv_template), - .dec = __VECS(tf_cbc_dec_tv_template) - } - } + .cipher = __VECS(tf_cbc_tv_template) + }, }, { .alg = "cbcmac(aes)", .fips_allowed = 1, @@ -2690,11 +2650,8 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "chacha20", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(chacha20_enc_tv_template), - .dec = __VECS(chacha20_enc_tv_template), - } - } + .cipher = __VECS(chacha20_tv_template) + }, }, { .alg = "cmac(aes)", .fips_allowed = 1, @@ -2737,65 +2694,44 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_ctr_enc_tv_template), - .dec = __VECS(aes_ctr_dec_tv_template) - } + .cipher = __VECS(aes_ctr_tv_template) } }, { .alg = "ctr(blowfish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(bf_ctr_enc_tv_template), - .dec = __VECS(bf_ctr_dec_tv_template) - } + .cipher = __VECS(bf_ctr_tv_template) } }, { .alg = "ctr(camellia)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(camellia_ctr_enc_tv_template), - .dec = __VECS(camellia_ctr_dec_tv_template) - } + .cipher = __VECS(camellia_ctr_tv_template) } }, { .alg = "ctr(cast5)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast5_ctr_enc_tv_template), - .dec = __VECS(cast5_ctr_dec_tv_template) - } + .cipher = __VECS(cast5_ctr_tv_template) } }, { .alg = "ctr(cast6)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast6_ctr_enc_tv_template), - .dec = __VECS(cast6_ctr_dec_tv_template) - } + .cipher = __VECS(cast6_ctr_tv_template) } }, { .alg = "ctr(des)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(des_ctr_enc_tv_template), - .dec = __VECS(des_ctr_dec_tv_template) - } + .cipher = __VECS(des_ctr_tv_template) } }, { .alg = "ctr(des3_ede)", .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(des3_ede_ctr_enc_tv_template), - .dec = __VECS(des3_ede_ctr_dec_tv_template) - } + .cipher = __VECS(des3_ede_ctr_tv_template) } }, { /* Same as ctr(aes) except the key is stored in @@ -2808,28 +2744,19 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "ctr(serpent)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(serpent_ctr_enc_tv_template), - .dec = __VECS(serpent_ctr_dec_tv_template) - } + .cipher = __VECS(serpent_ctr_tv_template) } }, { .alg = "ctr(twofish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tf_ctr_enc_tv_template), - .dec = __VECS(tf_ctr_dec_tv_template) - } + .cipher = __VECS(tf_ctr_tv_template) } }, { .alg = "cts(cbc(aes))", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cts_mode_enc_tv_template), - .dec = __VECS(cts_mode_dec_tv_template) - } + .cipher = __VECS(cts_mode_tv_template) } }, { .alg = "deflate", @@ -2977,64 +2904,43 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_enc_tv_template), - .dec = __VECS(aes_dec_tv_template) - } + .cipher = __VECS(aes_tv_template) } }, { .alg = "ecb(anubis)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(anubis_enc_tv_template), - .dec = __VECS(anubis_dec_tv_template) - } + .cipher = __VECS(anubis_tv_template) } }, { .alg = "ecb(arc4)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(arc4_enc_tv_template), - .dec = __VECS(arc4_dec_tv_template) - } + .cipher = __VECS(arc4_tv_template) } }, { .alg = "ecb(blowfish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(bf_enc_tv_template), - .dec = __VECS(bf_dec_tv_template) - } + .cipher = __VECS(bf_tv_template) } }, { .alg = "ecb(camellia)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(camellia_enc_tv_template), - .dec = __VECS(camellia_dec_tv_template) - } + .cipher = __VECS(camellia_tv_template) } }, { .alg = "ecb(cast5)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast5_enc_tv_template), - .dec = __VECS(cast5_dec_tv_template) - } + .cipher = __VECS(cast5_tv_template) } }, { .alg = "ecb(cast6)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast6_enc_tv_template), - .dec = __VECS(cast6_dec_tv_template) - } + .cipher = __VECS(cast6_tv_template) } }, { .alg = "ecb(cipher_null)", @@ -3044,44 +2950,29 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "ecb(des)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(des_enc_tv_template), - .dec = __VECS(des_dec_tv_template) - } + .cipher = __VECS(des_tv_template) } }, { .alg = "ecb(des3_ede)", .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(des3_ede_enc_tv_template), - .dec = __VECS(des3_ede_dec_tv_template) - } + .cipher = __VECS(des3_ede_tv_template) } }, { .alg = "ecb(fcrypt)", .test = alg_test_skcipher, .suite = { .cipher = { - .enc = { - .vecs = fcrypt_pcbc_enc_tv_template, - .count = 1 - }, - .dec = { - .vecs = fcrypt_pcbc_dec_tv_template, - .count = 1 - } + .vecs = fcrypt_pcbc_tv_template, + .count = 1 } } }, { .alg = "ecb(khazad)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(khazad_enc_tv_template), - .dec = __VECS(khazad_dec_tv_template) - } + .cipher = __VECS(khazad_tv_template) } }, { /* Same as ecb(aes) except the key is stored in @@ -3094,91 +2985,61 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "ecb(seed)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(seed_enc_tv_template), - .dec = __VECS(seed_dec_tv_template) - } + .cipher = __VECS(seed_tv_template) } }, { .alg = "ecb(serpent)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(serpent_enc_tv_template), - .dec = __VECS(serpent_dec_tv_template) - } + .cipher = __VECS(serpent_tv_template) } }, { .alg = "ecb(sm4)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(sm4_enc_tv_template), - .dec = __VECS(sm4_dec_tv_template) - } + .cipher = __VECS(sm4_tv_template) } }, { .alg = "ecb(speck128)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(speck128_enc_tv_template), - .dec = __VECS(speck128_dec_tv_template) - } + .cipher = __VECS(speck128_tv_template) } }, { .alg = "ecb(speck64)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(speck64_enc_tv_template), - .dec = __VECS(speck64_dec_tv_template) - } + .cipher = __VECS(speck64_tv_template) } }, { .alg = "ecb(tea)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tea_enc_tv_template), - .dec = __VECS(tea_dec_tv_template) - } + .cipher = __VECS(tea_tv_template) } }, { .alg = "ecb(tnepres)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tnepres_enc_tv_template), - .dec = __VECS(tnepres_dec_tv_template) - } + .cipher = __VECS(tnepres_tv_template) } }, { .alg = "ecb(twofish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tf_enc_tv_template), - .dec = __VECS(tf_dec_tv_template) - } + .cipher = __VECS(tf_tv_template) } }, { .alg = "ecb(xeta)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(xeta_enc_tv_template), - .dec = __VECS(xeta_dec_tv_template) - } + .cipher = __VECS(xeta_tv_template) } }, { .alg = "ecb(xtea)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(xtea_enc_tv_template), - .dec = __VECS(xtea_dec_tv_template) - } + .cipher = __VECS(xtea_tv_template) } }, { .alg = "ecdh", @@ -3294,55 +3155,37 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_kw_enc_tv_template), - .dec = __VECS(aes_kw_dec_tv_template) - } + .cipher = __VECS(aes_kw_tv_template) } }, { .alg = "lrw(aes)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(aes_lrw_enc_tv_template), - .dec = __VECS(aes_lrw_dec_tv_template) - } + .cipher = __VECS(aes_lrw_tv_template) } }, { .alg = "lrw(camellia)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(camellia_lrw_enc_tv_template), - .dec = __VECS(camellia_lrw_dec_tv_template) - } + .cipher = __VECS(camellia_lrw_tv_template) } }, { .alg = "lrw(cast6)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast6_lrw_enc_tv_template), - .dec = __VECS(cast6_lrw_dec_tv_template) - } + .cipher = __VECS(cast6_lrw_tv_template) } }, { .alg = "lrw(serpent)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(serpent_lrw_enc_tv_template), - .dec = __VECS(serpent_lrw_dec_tv_template) - } + .cipher = __VECS(serpent_lrw_tv_template) } }, { .alg = "lrw(twofish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tf_lrw_enc_tv_template), - .dec = __VECS(tf_lrw_dec_tv_template) - } + .cipher = __VECS(tf_lrw_tv_template) } }, { .alg = "lz4", @@ -3415,10 +3258,7 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_ofb_enc_tv_template), - .dec = __VECS(aes_ofb_dec_tv_template) - } + .cipher = __VECS(aes_ofb_tv_template) } }, { /* Same as ofb(aes) except the key is stored in @@ -3431,10 +3271,7 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "pcbc(fcrypt)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(fcrypt_pcbc_enc_tv_template), - .dec = __VECS(fcrypt_pcbc_dec_tv_template) - } + .cipher = __VECS(fcrypt_pcbc_tv_template) } }, { .alg = "pkcs1pad(rsa,sha224)", @@ -3466,10 +3303,7 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_ctr_rfc3686_enc_tv_template), - .dec = __VECS(aes_ctr_rfc3686_dec_tv_template) - } + .cipher = __VECS(aes_ctr_rfc3686_tv_template) } }, { .alg = "rfc4106(gcm(aes))", @@ -3553,9 +3387,7 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "salsa20", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(salsa20_stream_enc_tv_template) - } + .cipher = __VECS(salsa20_stream_tv_template) } }, { .alg = "sha1", @@ -3679,28 +3511,19 @@ static const struct alg_test_desc alg_test_descs[] = { .test = alg_test_skcipher, .fips_allowed = 1, .suite = { - .cipher = { - .enc = __VECS(aes_xts_enc_tv_template), - .dec = __VECS(aes_xts_dec_tv_template) - } + .cipher = __VECS(aes_xts_tv_template) } }, { .alg = "xts(camellia)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(camellia_xts_enc_tv_template), - .dec = __VECS(camellia_xts_dec_tv_template) - } + .cipher = __VECS(camellia_xts_tv_template) } }, { .alg = "xts(cast6)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(cast6_xts_enc_tv_template), - .dec = __VECS(cast6_xts_dec_tv_template) - } + .cipher = __VECS(cast6_xts_tv_template) } }, { /* Same as xts(aes) except the key is stored in @@ -3713,37 +3536,25 @@ static const struct alg_test_desc alg_test_descs[] = { .alg = "xts(serpent)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(serpent_xts_enc_tv_template), - .dec = __VECS(serpent_xts_dec_tv_template) - } + .cipher = __VECS(serpent_xts_tv_template) } }, { .alg = "xts(speck128)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(speck128_xts_enc_tv_template), - .dec = __VECS(speck128_xts_dec_tv_template) - } + .cipher = __VECS(speck128_xts_tv_template) } }, { .alg = "xts(speck64)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(speck64_xts_enc_tv_template), - .dec = __VECS(speck64_xts_dec_tv_template) - } + .cipher = __VECS(speck64_xts_tv_template) } }, { .alg = "xts(twofish)", .test = alg_test_skcipher, .suite = { - .cipher = { - .enc = __VECS(tf_xts_enc_tv_template), - .dec = __VECS(tf_xts_dec_tv_template) - } + .cipher = __VECS(tf_xts_tv_template) } }, { .alg = "xts4096(paes)", diff --git a/crypto/testmgr.h b/crypto/testmgr.h index 3af6ca90f7ea..b950aa234e43 100644 --- a/crypto/testmgr.h +++ b/crypto/testmgr.h @@ -44,14 +44,13 @@ struct hash_testvec { }; /* - * cipher_testvec: structure to describe a cipher test - * @key: A pointer to a key used by the test - * @klen: The length of @key - * @iv: A pointer to the IV used by the test - * @input: A pointer to data used as input - * @ilen The length of data in @input - * @result: A pointer to what the test need to produce - * @rlen: The length of data in @result + * cipher_testvec: structure to describe a symmetric cipher test + * @key: Pointer to key + * @klen: Length of @key in bytes + * @iv: Pointer to IV (optional for some ciphers) + * @ptext: Pointer to plaintext + * @ctext: Pointer to ciphertext + * @len: Length of @ptext and @ctext in bytes * @fail: If set to one, the test need to fail * @wk: Does the test need CRYPTO_TFM_REQ_WEAK_KEY * ( e.g. test needs to fail due to a weak key ) @@ -60,23 +59,23 @@ struct hash_testvec { * @also_non_np: if set to 1, the test will be also done without * splitting data in @np SGs * @fips_skip: Skip the test vector in FIPS mode + * @generates_iv: Encryption should ignore the given IV, and output @iv. + * Decryption takes @iv. Needed for AES Keywrap ("kw(aes)"). */ - struct cipher_testvec { const char *key; const char *iv; - const char *iv_out; - const char *input; - const char *result; + const char *ptext; + const char *ctext; unsigned short tap[MAX_TAP]; int np; unsigned char also_non_np; bool fail; unsigned char wk; /* weak key flag */ unsigned char klen; - unsigned short ilen; - unsigned short rlen; + unsigned short len; bool fips_skip; + bool generates_iv; }; struct aead_testvec { @@ -5542,133 +5541,121 @@ static const struct hash_testvec poly1305_tv_template[] = { /* * DES test vectors. */ -static const struct cipher_testvec des_enc_tv_template[] = { +static const struct cipher_testvec des_tv_template[] = { { /* From Applied Cryptography */ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7", - .ilen = 8, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d", - .rlen = 8, + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7", + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d", + .len = 8, }, { /* Same key, different plaintext block */ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x22\x33\x44\x55\x66\x77\x88\x99", - .ilen = 8, - .result = "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b", - .rlen = 8, + .ptext = "\x22\x33\x44\x55\x66\x77\x88\x99", + .ctext = "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b", + .len = 8, }, { /* Sbox test from NBS */ .key = "\x7c\xa1\x10\x45\x4a\x1a\x6e\x57", .klen = 8, - .input = "\x01\xa1\xd6\xd0\x39\x77\x67\x42", - .ilen = 8, - .result = "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b", - .rlen = 8, + .ptext = "\x01\xa1\xd6\xd0\x39\x77\x67\x42", + .ctext = "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b", + .len = 8, }, { /* Three blocks */ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\x22\x33\x44\x55\x66\x77\x88\x99" "\xca\xfe\xba\xbe\xfe\xed\xbe\xef", - .ilen = 24, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b" "\xb4\x99\x26\xf7\x1f\xe1\xd4\x90", - .rlen = 24, + .len = 24, }, { /* Weak key */ .fail = true, .wk = 1, .key = "\x01\x01\x01\x01\x01\x01\x01\x01", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7", - .ilen = 8, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d", - .rlen = 8, + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7", + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d", + .len = 8, }, { /* Two blocks -- for testing encryption across pages */ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\x22\x33\x44\x55\x66\x77\x88\x99", - .ilen = 16, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b", - .rlen = 16, + .len = 16, .np = 2, .tap = { 8, 8 } }, { .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5", - .ilen = 16, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b", - .rlen = 16, + .len = 16, .np = 2, .tap = { 8, 8 } }, { .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\xa3\x99\x7b\xca\xaf\x69\xa0\xf5", - .ilen = 16, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\x69\x0f\x5b\x0d\x9a\x26\x93\x9b", - .rlen = 16, + .len = 16, .np = 3, .tap = { 3, 12, 1 } }, { /* Four blocks -- for testing encryption with chunking */ .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\x22\x33\x44\x55\x66\x77\x88\x99" "\xca\xfe\xba\xbe\xfe\xed\xbe\xef" "\x22\x33\x44\x55\x66\x77\x88\x99", - .ilen = 32, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b" "\xb4\x99\x26\xf7\x1f\xe1\xd4\x90" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b", - .rlen = 32, + .len = 32, .np = 3, .tap = { 14, 10, 8 } }, { .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\x22\x33\x44\x55\x66\x77\x88\x99" "\xca\xfe\xba\xbe\xfe\xed\xbe\xef", - .ilen = 24, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b" "\xb4\x99\x26\xf7\x1f\xe1\xd4\x90", - .rlen = 24, + .len = 24, .np = 4, .tap = { 2, 1, 3, 18 } }, { .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7" + .ptext = "\x01\x23\x45\x67\x89\xab\xcd\xe7" "\x22\x33\x44\x55\x66\x77\x88\x99", - .ilen = 16, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" + .ctext = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d" "\xf7\x9c\x89\x2a\x33\x8f\x4a\x8b", - .rlen = 16, + .len = 16, .np = 5, .tap = { 2, 2, 2, 2, 8 } }, { .key = "\x01\x23\x45\x67\x89\xab\xcd\xef", .klen = 8, - .input = "\x01\x23\x45\x67\x89\xab\xcd\xe7", - .ilen = 8, - .result = "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d", |