linux-toradex.git/crypto/testmgr.c, branch v2.6.32.4 Linux kernel for Apalis and Colibri modules crypto: vmac - New hash algorithm for intel_txt support 2009-09-02T10:05:22+00:00 Shane Wang shane.wang@intel.com 2009-09-02T10:05:22+00:00 f1939f7c56456d22a559d2c75156e91912a2e97e This patch adds VMAC (a fast MAC) support into crypto framework. Signed-off-by: Shane Wang <shane.wang@intel.com> Signed-off-by: Joseph Cihula <joseph.cihula@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds VMAC (a fast MAC) support into crypto framework.

Signed-off-by: Shane Wang <shane.wang@intel.com>
Signed-off-by: Joseph Cihula <joseph.cihula@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Allow implementation-specific tests 2009-07-02T08:32:12+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-07-02T08:32:12+00:00 a68f6610d4f1ebe61818f5926fa8fa9e75d06a95 This patch adds the support for testing specific implementations. This should only be used in very specific situations. Right now this means specific implementations of random number generators. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
This patch adds the support for testing specific implementations.
This should only be used in very specific situations.  Right now
this means specific implementations of random number generators.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Remove hash size check 2009-06-24T05:48:13+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-06-24T05:48:13+00:00 259c5e05c13daaaea039b5bf29a2674701cfd68e Until hash test vectors grow longer than 256 bytes, the only purpose of the check is to generate a gcc warning. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Until hash test vectors grow longer than 256 bytes, the only
purpose of the check is to generate a gcc warning.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Allow hash test vectors longer than a page 2009-06-02T04:05:02+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-05-29T06:23:12+00:00 a0cfae59f8381c5c670fce2cc3de70b35421f920 As it stands we will each test hash vector both linearly and as a scatter list if applicable. This means that we cannot have vectors longer than a page, even with scatter lists. This patch fixes this by skipping test vectors with np != 0 when testing linearly. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
As it stands we will each test hash vector both linearly and as
a scatter list if applicable.  This means that we cannot have
vectors longer than a page, even with scatter lists.

This patch fixes this by skipping test vectors with np != 0 when
testing linearly.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Check all test vector lengths 2009-06-02T04:05:00+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-05-29T06:05:42+00:00 fd57f22a09ae276ca3e9cd11ed99b617d611ba82 As we cannot guarantee the availability of contiguous pages at run-time, all test vectors must either fit within a page, or use scatter lists. In some cases vectors were not checked as to whether they fit inside a page. This patch adds all the missing checks. Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
As we cannot guarantee the availability of contiguous pages at
run-time, all test vectors must either fit within a page, or use
scatter lists.  In some cases vectors were not checked as to
whether they fit inside a page.  This patch adds all the missing
checks.

Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: compress - Return produced bytes in crypto_{,de}compress_{update,final} 2009-06-02T04:04:56+00:00 Geert Uytterhoeven Geert.Uytterhoeven@sonycom.com 2009-05-27T05:05:02+00:00 3ce858cb04de8bc83449eac707c8012a1944daca If crypto_{,de}compress_{update,final}() succeed, return the actual number of bytes produced instead of zero, so their users don't have to calculate that theirselves. Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
If crypto_{,de}compress_{update,final}() succeed, return the actual number of
bytes produced instead of zero, so their users don't have to calculate that
theirselves.

Signed-off-by: Geert Uytterhoeven <Geert.Uytterhoeven@sonycom.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Skip algs not flagged fips_allowed in fips mode 2009-06-02T04:04:49+00:00 Jarod Wilson jarod@redhat.com 2009-05-15T05:17:05+00:00 a3bef3a31a19bd943047ba8bf5b2cc7b5d164362 Because all fips-allowed algorithms must be self-tested before they can be used, they will all have entries in testmgr.c's alg_test_descs[]. Skip self-tests for any algs not flagged as fips_approved and return -EINVAL when in fips mode. Signed-off-by: Jarod Wilson <jarod@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Because all fips-allowed algorithms must be self-tested before they
can be used, they will all have entries in testmgr.c's alg_test_descs[].
Skip self-tests for any algs not flagged as fips_approved and return
-EINVAL when in fips mode.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Mark algs allowed in fips mode 2009-06-02T04:04:48+00:00 Jarod Wilson jarod@redhat.com 2009-05-15T05:16:03+00:00 a1915d51e8e7ee192d2101d621d425379088cbb0 Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs that are allowed to be used when in fips mode. One caveat: des isn't actually allowed anymore, but des (and thus also ecb(des)) has to be permitted, because disallowing them results in des3_ede being unable to properly register (see des module init func). Also, crc32 isn't technically on the fips approved list, but I think it gets used in various places that necessitate it being allowed. This list is based on http://csrc.nist.gov/groups/STM/cavp/index.html Important note: allowed/approved here does NOT mean "validated", just that its an alg that *could* be validated. Signed-off-by: Jarod Wilson <jarod@redhat.com> Acked-by: Neil Horman <nhorman@tuxdriver.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Set the fips_allowed flag in testmgr.c's alg_test_descs[] for algs
that are allowed to be used when in fips mode.

One caveat: des isn't actually allowed anymore, but des (and thus also
ecb(des)) has to be permitted, because disallowing them results in
des3_ede being unable to properly register (see des module init func).

Also, crc32 isn't technically on the fips approved list, but I think
it gets used in various places that necessitate it being allowed.

This list is based on
http://csrc.nist.gov/groups/STM/cavp/index.html

Important note: allowed/approved here does NOT mean "validated", just
that its an alg that *could* be validated.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Acked-by: Neil Horman <nhorman@tuxdriver.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Add ctr(aes) test vectors 2009-06-02T04:04:46+00:00 Jarod Wilson jarod@redhat.com 2009-05-06T09:29:17+00:00 f7cb80f2b9fa06730be20d17c80b12e511a36c1c Now with multi-block test vectors, all from SP800-38A, Appendix F.5. Also added ctr(aes) to case 10 in tcrypt. Signed-off-by: Jarod Wilson <jarod@redhat.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Now with multi-block test vectors, all from SP800-38A, Appendix F.5.
Also added ctr(aes) to case 10 in tcrypt.

Signed-off-by: Jarod Wilson <jarod@redhat.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Dynamically allocate xbuf and axbuf 2009-06-02T04:04:45+00:00 Herbert Xu herbert@gondor.apana.org.au 2009-05-06T06:15:47+00:00 f8b0d4d09dc9d0a73fcdcf6c2724650529ec417d We currently allocate temporary memory that is used for testing statically. This renders the testing engine non-reentrant. As algorithms may nest, i.e., one may construct another in order to carry out a part of its operation, this is unacceptable. For example, it has been reported that an AEAD implementation allocates a cipher in its setkey function, which causes it to fail during testing as the temporary memory is overwritten. This patch replaces the static memory with dynamically allocated buffers. We need a maximum of 16 pages so this slightly increases the chances of an algorithm failing due to memory shortage. However, as testing usually occurs at registration, this shouldn't be a big problem. Reported-by: Shasi Pulijala <spulijala@amcc.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
We currently allocate temporary memory that is used for testing
statically.  This renders the testing engine non-reentrant. As
algorithms may nest, i.e., one may construct another in order to
carry out a part of its operation, this is unacceptable.  For
example, it has been reported that an AEAD implementation allocates
a cipher in its setkey function, which causes it to fail during
testing as the temporary memory is overwritten.

This patch replaces the static memory with dynamically allocated
buffers.  We need a maximum of 16 pages so this slightly increases
the chances of an algorithm failing due to memory shortage.
However, as testing usually occurs at registration, this shouldn't
be a big problem.

Reported-by: Shasi Pulijala <spulijala@amcc.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>