02 Sep, 2009
1 commit
-
This patch adds VMAC (a fast MAC) support into crypto framework.
Signed-off-by: Shane Wang
Signed-off-by: Joseph Cihula
Signed-off-by: Herbert Xu
14 Jul, 2009
1 commit
-
This patch adds a mask parameter to complement the existing type
parameter. This is useful when instantiating algorithms that
require a mask other than the default, e.g., ahash algorithms.Signed-off-by: Herbert Xu
19 Jun, 2009
2 commits
-
We should return 0/-ENOENT instead of 1/0 when testing by name.
Signed-off-by: Herbert Xu
-
This adds the 'alg' module parameter to be able to test an
algorithm by name. If the algorithm type is not ad-hoc
clear for a algorithm (e.g. pcrypt, cryptd) it is possilbe
to set the algorithm type with the 'type' module parameter.Signed-off-by: Steffen Klassert
Signed-off-by: Herbert Xu
02 Jun, 2009
5 commits
-
At present, the tcrypt module always exits with an -EAGAIN upon
successfully completing all the tests its been asked to run. In fips
mode, integrity checking is done by running all self-tests from the
initrd, and its much simpler to check the ret from modprobe for
success than to scrape dmesg and/or /proc/crypto. Simply stay
loaded, giving modprobe a retval of 0, if self-tests all pass and
we're in fips mode.A side-effect of tracking success/failure for fips mode is that in
non-fips mode, self-test failures will return the actual failure
return codes, rather than always returning -EAGAIN, which seems more
correct anyway.The tcrypt_test() portion of the patch is dependent on my earlier
pair of patches that skip non-fips algs in fips mode, at least to
achieve the fully intended behavior.Nb: testing this patch against the cryptodev tree revealed a test
failure for sha384, which I have yet to look into...Signed-off-by: Jarod Wilson
Acked-by: Neil Horman
Signed-off-by: Herbert Xu -
Now with multi-block test vectors, all from SP800-38A, Appendix F.5.
Also added ctr(aes) to case 10 in tcrypt.Signed-off-by: Jarod Wilson
Signed-off-by: Herbert Xu -
Add ANSI X9.31 Continuous Pseudo-Random Number Generator (AES mode),
aka 'ansi_cprng' test vectors, taken from Appendix B.2.9 and B.2.10
of the NIST RNGVS document, found here:
http://csrc.nist.gov/groups/STM/cavp/documents/rng/RNGVS.pdfSuccessfully tested against both the cryptodev-2.6 tree and a Red
Hat Enterprise Linux 5.4 kernel, via 'modprobe tcrypt mode=150'.The selection of 150 was semi-arbitrary, didn't seem like it should
go any place in particular, so I started a new range for rng tests.Signed-off-by: Jarod Wilson
Acked-by: Neil Horman
Signed-off-by: Herbert Xu -
Add an array of encryption and decryption + verification self-tests
for rfc4309(ccm(aes)).Test vectors all come from sample FIPS CAVS files provided to
Red Hat by a testing lab. Unfortunately, all the published sample
vectors in RFC 3610 and NIST Special Publication 800-38C contain nonce
lengths that the kernel's rfc4309 implementation doesn't support, so
while using some public domain vectors would have been preferred, its
not possible at this time.Signed-off-by: Jarod Wilson
Signed-off-by: Herbert Xu -
Applying kernel janitors todos (printk calls need KERN_*
constants on linebeginnings, reduce stack footprint where
possible) to tcrypts test_hash_speed (where stacks
memory footprint was very high (on i386 1184 bytes to
160 now).Signed-off-by: Frank Seidel
Acked-by: Neil Horman
Signed-off-by: Herbert Xu
04 Mar, 2009
1 commit
-
Signed-off-by: Geert Uytterhoeven
Signed-off-by: Herbert Xu
29 Aug, 2008
4 commits
-
This patch moves the newly created alg_test infrastructure into
cryptomgr. This shall allow us to use it for testing at algorithm
registrations.Signed-off-by: Herbert Xu
-
This patch creates a new interface algorithm testing. A test can
be requested for a particular implementation of an algorithm. This
is achieved by taking both the name of the algorithm and that of
the implementation.The all-inclusive test has also been rewritten to no longer require
a duplicate listing of all algorithms with tests. In that process
a number of missing tests have also been discovered and rectified.Signed-off-by: Herbert Xu
-
The info printed is a complete waste of space when there is no error
since it doesn't tell us anything that we don't already know. If there
is an error, we can also be more verbose.In case that there is an error, this patch also aborts the test and
returns the error to the caller. In future this will be used to
algorithms at registration time.Signed-off-by: Herbert Xu
-
If tcrypt is to be used as a run-time integrity test, it needs to be
more resilient in a hostile environment. For a start allocating 32K
of physically contiguous memory is definitely out.This patch teaches it to use separate pages instead.
Signed-off-by: Herbert Xu
13 Aug, 2008
1 commit
-
My changeset 4b22f0ddb6564210c9ded7ba25b2a1007733e784
crypto: tcrpyt - Remove unnecessary kmap/kunmap calls
introduced a typo that broke AEAD chunk testing. In particular,
axbuf should really be xbuf.There is also an issue with testing the last segment when encrypting.
The additional part produced by AEAD wasn't tested. Similarly, on
decryption the additional part of the AEAD input is mistaken for
corruption.Signed-off-by: Herbert Xu
10 Jul, 2008
8 commits
-
All new crypto interfaces should go into individual files as much
as possible in order to ensure that crypto.h does not collapse under
its own weight.This patch moves the ahash code into crypto/hash.h and crypto/internal/hash.h
respectively.Signed-off-by: Herbert Xu
-
Noticed by Neil Horman: we are doing unnecessary kmap/kunmap calls
on kmalloced memory. This patch removes them. For the purposes of
testing SG construction, the underlying crypto code already does plenty
of kmap/kunmap calls anyway.Signed-off-by: Herbert Xu
-
Patch to add checking of DES3 test vectors using CBC mode. FIPS-140-2
compliance mandates that any supported mode of operation must include a self
test. This satisfies that requirement for cbc(des3_ede). The included test
vector was generated by me using openssl. Key/IV was generated with the
following command:openssl enc -des_ede_cbc -P
input and output values were generated by repeating the string "Too many
secrets" a few times over, truncating it to 128 bytes, and encrypting it with
openssl using the aformentioned key. Tested successfully by myselfSigned-off-by: Neil Horman
Acked-by: Adrian-Ken Rueegsegger
Signed-off-by: Herbert Xu -
This patch changes tcrypt to use the new asynchronous hash interface
for testing hash algorithm correctness. The speed tests will continue
to use the existing interface for now.Signed-off-by: Loc Ho
Signed-off-by: Herbert Xu -
This patch adds test vectors for RIPEMD-256 and
RIPEMD-320 hash algorithms.The test vectors are taken from
Signed-off-by: Adrian-Ken Rueegsegger
Signed-off-by: Herbert Xu -
Check whether the destination buffer is written to beyond the last
byte contained in the scatterlist.Also change IDX1 of the cross-page access offsets to a multiple of 4.
This triggers a corruption in the HIFN driver and doesn't seem to
negatively impact other testcases.Signed-off-by: Patrick McHardy
Signed-off-by: Herbert Xu -
Change logs should be kept in source control systems, not the source.
This patch removes the change log from tcrpyt to stop people from
extending it any more.Signed-off-by: Herbert Xu
-
This patch adds test vectors for RIPEMD-128 and
RIPEMD-160 hash algorithms and digests (HMAC).The test vectors are taken from ISO:IEC 10118-3 (2004)
and RFC2286.Signed-off-by: Adrian-Ken Rueegsegger
Signed-off-by: Herbert Xu
08 Jul, 2008
1 commit
-
Coverity CID: 2306 & 2307 RESOURCE_LEAK
In the second for loop in test_cipher(), data is allocated space with
kzalloc() and is only ever freed in an error case.
Looking at this loop, data is written to this memory but nothing seems
to read from it.
So here is a patch removing the allocation, I think this is the right
fix.Only compile tested.
Signed-off-by: Darren Jenkins
Signed-off-by: Herbert Xu
21 Apr, 2008
5 commits
-
On Thu, Mar 27, 2008 at 03:40:36PM +0100, Bodo Eggert wrote:
> Kamalesh Babulal wrote:
>
> > This patch cleanups the crypto code, replaces the init() and fini()
> > with the _init/_fini
>
> This part ist OK.
>
> > or init/fini_ (if the
> > _init/_fini exist)
>
> Having init_foo and foo_init won't be a good thing, will it? I'd start
> confusing them.
>
> What about foo_modinit instead?Thanks for the suggestion, the init() is replaced with
_mod_init ()
and fini () is replaced with _mod_fini.
Signed-off-by: Kamalesh Babulal
Signed-off-by: Herbert Xu -
Implement CTS wrapper for CBC mode required for support of AES
encryption support for Kerberos (rfc3962).Signed-off-by: Kevin Coffman
Signed-off-by: Herbert Xu -
The test routines (test_{cipher,hash,aead}) are makeing a copy
of the test template and are processing the encryption process
in place. This patch changes the creation of the copy so it will
work even if the source address of the input data isn't an array
inside of the template but a pointer.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
The speed templates as it look always the same. The key size
is repeated for each block size and we test always the same
block size. The addition of one inner loop makes it possible
to get rid of the struct and it is possible to use a tiny
u8 array :)Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu -
Some crypto ciphers which are impleneted support similar key sizes
(16,24 & 32 byte). They can be grouped together and use a common
templatte instead of their own which contains the same data.Signed-off-by: Sebastian Siewior
Signed-off-by: Herbert Xu
11 Jan, 2008
11 commits
-
Currently the gcm(aes) tests have to be taken together with all other
algorithms. This patch makes it available by itself at number 106.Signed-off-by: Herbert Xu
-
The axbuf buffer is used by test_aead and therefore should be zeroed
there instead of in test_hash.Signed-off-by: Herbert Xu
-
This patch adds 7 test vectors to tcrypt for CCM.
The test vectors are from rfc 3610.
There are about 10 more test vectors in RFC 3610
and 4 or 5 more in NIST. I can add these as time permits.I also needed to set authsize. CCM has a prerequisite of
authsize.Signed-off-by: Joy Latten
Signed-off-by: Herbert Xu -
As discussed previously, this patch moves the basic CTR functionality
into a chainable algorithm called ctr. The IPsec-specific variant of
it is now placed on top with the name rfc3686.So ctr(aes) gives a chainable cipher with IV size 16 while the IPsec
variant will be called rfc3686(ctr(aes)). This patch also adjusts
gcm accordingly.Signed-off-by: Herbert Xu
-
This patch adds a simple speed test for salsa20.
Usage: modprobe tcrypt mode=206Signed-of-by: Tan Swee Heng
Signed-off-by: Herbert Xu -
Add LZO compression algorithm support
Signed-off-by: Zoltan Sogor
Signed-off-by: Herbert Xu -
Add common compression tester function
Modify deflate test case to use the common compressor test functionSigned-off-by: Zoltan Sogor
Signed-off-by: Herbert Xu -
The crypto_aead convention for ICVs is to include it directly in the
output. If we decided to change this in future then we would make
the ICV (if the algorithm has an explicit one) available in the
request itself.For now no algorithm needs this so this patch changes gcm to conform
to this convention. It also adjusts the tcrypt aead tests to take
this into account.Signed-off-by: Herbert Xu
-
Currently the gcm(aes) tests have to be taken together with all other
ciphers. This patch makes it available by itself at number 35.Signed-off-by: Herbert Xu
-
These utilities implemented in lib/hexdump.c are more handy, please use this.
Signed-off-by: Denis Cheng
Signed-off-by: Herbert Xu -
Currently the number of entries in a cipher test vector template is
limited by TVMEMSIZE/sizeof(struct cipher_testvec). This patch
circumvents the problem by pointing cipher_tv to each entry in the
template, rather than the template itself.Signed-off-by: Tan Swee Heng
Signed-off-by: Herbert Xu