linux-toradex.git/crypto/testmgr.c, branch v4.15-rc3 Linux kernel for Apalis and Colibri modules crypto: testmgr - move to generic async completion 2017-11-03T14:11:19+00:00 Gilad Ben-Yossef gilad@benyossef.com 2017-10-18T07:00:43+00:00 7f39713684acb2745506be195d31f73ce410fb24 testmgr is starting async. crypto ops and waiting for them to complete. Move it over to generic code doing the same. This also provides a test of the generic crypto async. wait code. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
testmgr is starting async. crypto ops and waiting for them to complete.
Move it over to generic code doing the same.

This also provides a test of the generic crypto async. wait code.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: sm3 - add SM3 test vectors 2017-09-22T09:43:08+00:00 Gilad Ben-Yossef gilad@benyossef.com 2017-08-21T10:51:29+00:00 b7e2753040a2fef0f748c615121577da3f846781 Add testmgr and tcrypt tests and vectors for SM3 secure hash. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Add testmgr and tcrypt tests and vectors for SM3 secure hash.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Reenable sha1/aes in FIPS mode 2017-06-28T14:18:58+00:00 Herbert Xu herbert@gondor.apana.org.au 2017-06-28T11:09:07+00:00 bcf741cb779283081db47853264cc94854e7ad83 The combination of sha1 and aes was disabled in FIPS Mode accidentally. This patch reenables it. Fixes: 284a0f6e87b0 ("crypto: testmgr - Disable fips-allowed for...") Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Acked-by: Stephan Müller <smueller@chronox.de> 
The combination of sha1 and aes was disabled in FIPS Mode
accidentally.  This patch reenables it.

Fixes: 284a0f6e87b0 ("crypto: testmgr - Disable fips-allowed for...")
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Stephan Müller <smueller@chronox.de>
crypto: testmgr - add testvector for pkcs1pad(rsa) 2017-06-20T03:21:29+00:00 Stephan Mueller smueller@chronox.de 2017-06-12T21:27:51+00:00 1207107c7168f779643c91e30f8d6c2f8a4afd4d The PKCS#1 RSA implementation is provided with a self test with RSA 2048 and SHA-256. This self test implicitly covers other RSA keys and other hashes. Also, this self test implies that the pkcs1pad(rsa) is FIPS 140-2 compliant. Signed-off-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The PKCS#1 RSA implementation is provided with a self test with RSA 2048
and SHA-256. This self test implicitly covers other RSA keys and other
hashes. Also, this self test implies that the pkcs1pad(rsa) is FIPS
140-2 compliant.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - use consistent format for errors 2017-06-19T06:19:53+00:00 Gilad Ben-Yossef gilad@benyossef.com 2017-06-05T05:33:43+00:00 cf3f9609c9b2f36760f8181d11b8085c357c27ee Fix inconsistent format and spelling in hash tests error messages. Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Fix inconsistent format and spelling in hash tests error messages.

Signed-off-by: Gilad Ben-Yossef <gilad@benyossef.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - add genkey kpp test 2017-06-10T04:04:36+00:00 Tudor-Dan Ambarus tudor.ambarus@microchip.com 2017-05-30T14:52:49+00:00 47d3fd390e899e0403da35733b75832eacfbbc3f The test considers a party that already has a private-public key pair and a party that provides a NULL key. The kernel will generate the private-public key pair for the latter, computes the shared secret on both ends and verifies if it's the same. The explicit private-public key pair was copied from the previous test vector. Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The test considers a party that already has a private-public
key pair and a party that provides a NULL key. The kernel will
generate the private-public key pair for the latter, computes
the shared secret on both ends and verifies if it's the same.

The explicit private-public key pair was copied from
the previous test vector.

Signed-off-by: Tudor Ambarus <tudor.ambarus@microchip.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: scomp - add support for deflate rfc1950 (zlib) 2017-04-24T10:11:08+00:00 Giovanni Cabiddu giovanni.cabiddu@intel.com 2017-04-21T20:54:30+00:00 a368f43d6e3a001e684e9191a27df384fbff12f5 Add scomp backend for zlib-deflate compression algorithm. This backend outputs data using the format defined in rfc1950 (raw deflate surrounded by zlib header and footer). Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Add scomp backend for zlib-deflate compression algorithm.
This backend outputs data using the format defined in rfc1950
(raw deflate surrounded by zlib header and footer).

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - Allow ecb(cipher_null) in FIPS mode 2017-04-24T10:11:04+00:00 Milan Broz gmazyland@gmail.com 2017-04-21T11:03:06+00:00 6175ca2ba7d2c4265d6d5590d699fbd907b24708 The cipher_null is not a real cipher, FIPS mode should not restrict its use. It is used for several tests (for example in cryptsetup testsuite) and also temporarily for reencryption of not yet encrypted device in cryptsetup-reencrypt tool. Problem is easily reproducible with cryptsetup benchmark -c null Signed-off-by: Milan Broz <gmazyland@gmail.com> Acked-by: Stephan Müller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
The cipher_null is not a real cipher, FIPS mode should not restrict its use.

It is used for several tests (for example in cryptsetup testsuite) and also
temporarily for reencryption of not yet encrypted device in cryptsetup-reencrypt tool.

Problem is easily reproducible with
  cryptsetup benchmark -c null

Signed-off-by: Milan Broz <gmazyland@gmail.com>
Acked-by: Stephan Müller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - replace compression known answer test 2017-04-21T12:30:50+00:00 Giovanni Cabiddu giovanni.cabiddu@intel.com 2017-04-19T13:27:18+00:00 a9943a0ad19f4a23bb5c4217df0fb37feb7ac339 Compression implementations might return valid outputs that do not match what specified in the test vectors. For this reason, the testmgr might report that a compression implementation failed the test even if the data produced by the compressor is correct. This implements a decompress-and-verify test for acomp compression tests rather than a known answer test. Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
Compression implementations might return valid outputs that
do not match what specified in the test vectors.
For this reason, the testmgr might report that a compression
implementation failed the test even if the data produced
by the compressor is correct.
This implements a decompress-and-verify test for acomp
compression tests rather than a known answer test.

Signed-off-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
crypto: testmgr - mark ctr(des3_ede) as fips_allowed 2017-03-24T14:03:01+00:00 Marcelo Cerri marcelo.cerri@canonical.com 2017-03-20T20:28:05+00:00 0d8da104840ab4244fe122e5b25570aa13fb00c0 3DES is missing the fips_allowed flag for CTR mode. Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com> Acked-by: Stephan Mueller <smueller@chronox.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> 
3DES is missing the fips_allowed flag for CTR mode.

Signed-off-by: Marcelo Henrique Cerri <marcelo.cerri@canonical.com>
Acked-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>