15 Oct, 2015
2 commits
-
The testmanager code for symmetric ciphers is extended to allow
verification of the IV after a cipher operation.In addition, test vectors for kw(aes) for encryption and decryption are
added.Signed-off-by: Stephan Mueller
Signed-off-by: Herbert Xu -
The crypto drivers are supposed to update the IV passed to the crypto
request before calling the completion callback.
Test for the IV value before considering the test as successful.Signed-off-by: Boris Brezillon
Signed-off-by: Herbert Xu
14 Oct, 2015
1 commit
-
Setkey function has been split into set_priv_key and set_pub_key.
Akcipher requests takes sgl for src and dst instead of void *.
Users of the API i.e. two existing RSA implementation and
test mgr code have been updated accordingly.Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu
01 Oct, 2015
1 commit
-
No authenc() ciphers are FIPS approved, nor is ecb(des).
After the end of 2015, ansi_cprng will also be non-approved.Signed-off-by: John Haxby
Acked-by: Stephan Mueller
Signed-off-by: Herbert Xu
11 Sep, 2015
1 commit
-
While the destination buffer 'iv' is MAX_IVLEN size,
the source 'template[i].iv' could be smaller, thus
memcpy may read read invalid memory.
Use crypto_skcipher_ivsize() to get real ivsize
and pass it to memcpy.Signed-off-by: Andrey Ryabinin
Signed-off-by: Herbert Xu
21 Aug, 2015
1 commit
-
This patch replaces uses of blkcipher and ablkcipher with the
new skcipher interface.Signed-off-by: Herbert Xu
19 Aug, 2015
1 commit
-
CMAC is an approved cipher in FIPS 140-2. The patch allows the use
of CMAC with TDES and AES in FIPS mode.Signed-off-by: Stephan Mueller
Signed-off-by: Herbert Xu
04 Aug, 2015
2 commits
-
Now that all implementations of authenc have been converted we can
reenable the tests.Signed-off-by: Herbert Xu
-
This patch disables the authenc tests while the conversion to the
new IV calling convention takes place. It also replaces the authenc
test vectors with ones that will work with the new IV convention.Signed-off-by: Herbert Xu
17 Jul, 2015
2 commits
-
Now that all implementations of rfc4309 have been converted we can
reenable the test.Signed-off-by: Herbert Xu
-
This patch disables the rfc4309 test while the conversion to the
new seqiv calling convention takes place. It also replaces the
rfc4309 test vectors with ones that will work with the new IV
convention.Signed-off-by: Herbert Xu
14 Jul, 2015
2 commits
-
Now that all implementations of rfc4106 have been converted we can
reenable the test.Signed-off-by: Herbert Xu
-
This patch disables the rfc4106 test while the conversion to the
new seqiv calling convention takes place. It also converts the
rfc4106 test vectors to the new format.Signed-off-by: Herbert Xu
25 Jun, 2015
1 commit
-
Don't print info about missing test for the internal
helper __driver-gcm-aes-aesnichanges in v2:
- marked test as fips allowedSigned-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu
17 Jun, 2015
3 commits
-
New test vectors for RSA algorithm.
Signed-off-by: Tadeusz Struk
Signed-off-by: Herbert Xu -
This reverts commit 9b9f9296a7b73fbafe0a0a6f2494eaadd97f9f73 as
all in-kernel implementations of GCM have been converted to the
new AEAD interface, meaning that they should now pass the updated
rfc4543 test.Signed-off-by: Herbert Xu
-
Because the old rfc4543 implementation always injected an IV into
the AD, while the new one does not, we have to disable the test
while it is converted over to the new AEAD interface.Signed-off-by: Herbert Xu
04 Jun, 2015
4 commits
-
Signed-off-by: Martin Willi
Acked-by: Steffen Klassert
Signed-off-by: Herbert Xu -
Signed-off-by: Martin Willi
Acked-by: Steffen Klassert
Signed-off-by: Herbert Xu -
Signed-off-by: Martin Willi
Acked-by: Steffen Klassert
Signed-off-by: Herbert Xu -
We explicitly set the Initial block Counter by prepending it to the nonce in
Little Endian. The same test vector is used for both encryption and decryption,
ChaCha20 is a cipher XORing a keystream.Signed-off-by: Martin Willi
Acked-by: Steffen Klassert
Signed-off-by: Herbert Xu
28 May, 2015
1 commit
-
This patch makes use of the new AEAD interface which uses a single
SG list instead of separate lists for the AD and plain text.Signed-off-by: Herbert Xu
27 May, 2015
1 commit
-
The CPU Jitter RNG provides a source of good entropy by
collecting CPU executing time jitter. The entropy in the CPU
execution time jitter is magnified by the CPU Jitter Random
Number Generator. The CPU Jitter Random Number Generator uses
the CPU execution timing jitter to generate a bit stream
which complies with different statistical measurements that
determine the bit stream is random.The CPU Jitter Random Number Generator delivers entropy which
follows information theoretical requirements. Based on these
studies and the implementation, the caller can assume that
one bit of data extracted from the CPU Jitter Random Number
Generator holds one bit of entropy.The CPU Jitter Random Number Generator provides a decentralized
source of entropy, i.e. every caller can operate on a private
state of the entropy pool.The RNG does not have any dependencies on any other service
in the kernel. The RNG only needs a high-resolution time
stamp.Further design details, the cryptographic assessment and
large array of test results are documented at
http://www.chronox.de/jent.html.CC: Andreas Steffen
CC: Theodore Ts'o
CC: Sandy Harris
Signed-off-by: Stephan Mueller
Signed-off-by: Herbert Xu
11 May, 2015
1 commit
-
This adds a couple of test cases for CRC32 (not CRC32c) to
ensure that the generic and arch specific implementations
are in sync.Signed-off-by: Ard Biesheuvel
Acked-by: Steve Capper
Signed-off-by: Herbert Xu
23 Apr, 2015
2 commits
-
All users of AEAD should include crypto/aead.h instead of
include/linux/crypto.h.Signed-off-by: Herbert Xu
Acked-by: David S. Miller -
All users of fips_enabled should include linux/fips.h directly
instead of getting it through internal.h.Signed-off-by: Herbert Xu
31 Mar, 2015
1 commit
-
Allocate the ciphers irrespectively if they are marked as internal
or not. As all ciphers, including the internal ciphers will be
processed by the testmgr, it needs to be able to allocate those
ciphers.Signed-off-by: Stephan Mueller
Signed-off-by: Herbert Xu
13 Mar, 2015
1 commit
-
Due to the change to RNGs to always return zero in success case, the
invocation of the RNGs in the test manager must be updated as otherwise
the RNG self tests are not properly executed any more.Signed-off-by: Stephan Mueller
Signed-off-by: Alexander Bergmann
Signed-off-by: Herbert Xu
04 Feb, 2015
1 commit
-
The working copy of IV is the same size as the transformation's IV.
It is not necessary to copy more than that from the template since
iv_len is usually less than MAX_IVLEN and the rest of the copied data
is garbage.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu
26 Jan, 2015
1 commit
-
This gcm variant is popular for ipsec use, and there are folks who would
like to use it while in fips mode. Mark it with fips_allowed=1 to
facilitate that.CC: LKML
CC: Stephan Mueller
Signed-off-by: Jarod Wilson
Acked-by: Stephan Mueller
Signed-off-by: Herbert Xu
13 Jan, 2015
1 commit
-
tcrypt/testmgr uses wait_for_completion_interruptible() everywhere when
it waits for a request to be completed. If it's interrupted, then the
test is aborted and the request is freed.However, if any of these calls actually do get interrupted, the result
will likely be a kernel crash, when the driver handles the now-freed
request. Use wait_for_completion() instead.Signed-off-by: Rabin Vincent
Signed-off-by: Herbert Xu
24 Oct, 2014
1 commit
-
This patch remove unncessary KERN_INFO from pr_info within testmgr.c
Signed-off-by: Masanari Iida
Acked-by: David S. Miller
Signed-off-by: Herbert Xu
14 Oct, 2014
1 commit
-
Replaced the use of a Variable Length Array In Struct (VLAIS) with a C99
compliant equivalent. This patch allocates the appropriate amount of memory
using a char array using the SHASH_DESC_ON_STACK macro.The new code can be compiled with both gcc and clang.
Signed-off-by: Jan-Simon Möller
Signed-off-by: Behan Webster
Reviewed-by: Mark Charlebois
Acked-by: Herbert Xu
Cc: pageexec@freemail.hu
29 Aug, 2014
1 commit
-
This patch adds a simple test vector for the lz4 and lz4hc compression
algorithms.Signed-off-by: KOVACS Krisztian
Signed-off-by: Herbert Xu
25 Aug, 2014
5 commits
-
The argument "req" of do_one_async_hash_op is not used by the
function. This patch removes this argument and renames the
function to match more closely its purpose.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu -
Prepare IV array only if the dependent code is executed.
Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu -
This patch inverts two if conditions to remove code blocks
indentation. Several white space clean-ups follow.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu -
This patch inverts one if condition to remove code block indentation.
Several white space clean-ups follow.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu -
This patch inverts two if conditions and allows removal of one
tab-stop in their code-blocks. Only white-space clean-up follows.Signed-off-by: Cristian Stoica
Signed-off-by: Herbert Xu
01 Aug, 2014
1 commit
-
There are a few missing spaces in the error text strings for
drbg_cavs_test, trivial fix.CC: "David S. Miller"
CC: linux-crypto@vger.kernel.org
Signed-off-by: Jarod Wilson
Acked-by: Stephan Mueller
Signed-off-by: Herbert Xu