crypto: testmgr - add tests vectors for RSA

New test vectors for RSA algorithm. Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
author: Tadeusz Struk <tadeusz.struk@intel.com> 2015-06-16 13:31:06 -0400
committer: Herbert Xu <herbert@gondor.apana.org.au> 2015-06-17 05:03:54 -0400
commit: 946cc46372dcf8e34f21a6d06826c2aa1822b642 (patch)
tree: 78b21157d83c26d606ebb3a516f3b7da0633702d /crypto/testmgr.c
parent: cfc2bb32b31371d6bffc6bf2da3548f20ad48c83 (diff)
1 files changed, 158 insertions, 0 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index ccd19cfee995..975e1eac3e2d 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -30,6 +30,7 @@
 #include <linux/string.h>
 #include <crypto/rng.h>
 #include <crypto/drbg.h>
+#include <crypto/akcipher.h>
 #include "internal.h"
@@ -116,6 +117,11 @@ struct drbg_test_suite {
        unsigned int count;
 };
+struct akcipher_test_suite {
+        struct akcipher_testvec *vecs;
+        unsigned int count;
+};
 struct alg_test_desc {
        const char *alg;
        int (*test)(const struct alg_test_desc *desc, const char *driver,
@@ -130,6 +136,7 @@ struct alg_test_desc {
                struct hash_test_suite hash;
                struct cprng_test_suite cprng;
                struct drbg_test_suite drbg;
+                struct akcipher_test_suite akcipher;
        } suite;
 };
@@ -1825,6 +1832,147 @@ static int alg_test_drbg(const struct alg_test_desc *desc, const char *driver,
 }
+static int do_test_rsa(struct crypto_akcipher *tfm,
+                       struct akcipher_testvec *vecs)
+{
+        struct akcipher_request *req;
+        void *outbuf_enc = NULL;
+        void *outbuf_dec = NULL;
+        struct tcrypt_result result;
+        unsigned int out_len_max, out_len = 0;
+        int err = -ENOMEM;
+        req = akcipher_request_alloc(tfm, GFP_KERNEL);
+        if (!req)
+                return err;
+        init_completion(&result.completion);
+        err = crypto_akcipher_setkey(tfm, vecs->key, vecs->key_len);
+        if (err)
+                goto free_req;
+        akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
+                                   out_len);
+        /* expect this to fail, and update the required buf len */
+        crypto_akcipher_encrypt(req);
+        out_len = req->dst_len;
+        if (!out_len) {
+                err = -EINVAL;
+                goto free_req;
+        }
+        out_len_max = out_len;
+        err = -ENOMEM;
+        outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
+        if (!outbuf_enc)
+                goto free_req;
+        akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
+                                   out_len);
+        akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
+                                      tcrypt_complete, &result);
+        /* Run RSA encrypt - c = m^e mod n;*/
+        err = wait_async_op(&result, crypto_akcipher_encrypt(req));
+        if (err) {
+                pr_err("alg: rsa: encrypt test failed. err %d\n", err);
+                goto free_all;
+        }
+        if (out_len != vecs->c_size) {
+                pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
+                err = -EINVAL;
+                goto free_all;
+        }
+        /* verify that encrypted message is equal to expected */
+        if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
+                pr_err("alg: rsa: encrypt test failed. Invalid output\n");
+                err = -EINVAL;
+                goto free_all;
+        }
+        /* Don't invoke decrypt for vectors with public key */
+        if (vecs->public_key_vec) {
+                err = 0;
+                goto free_all;
+        }
+        outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
+        if (!outbuf_dec) {
+                err = -ENOMEM;
+                goto free_all;
+        }
+        init_completion(&result.completion);
+        akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs->c_size,
+                                   out_len);
+        /* Run RSA decrypt - m = c^d mod n;*/
+        err = wait_async_op(&result, crypto_akcipher_decrypt(req));
+        if (err) {
+                pr_err("alg: rsa: decrypt test failed. err %d\n", err);
+                goto free_all;
+        }
+        out_len = req->dst_len;
+        if (out_len != vecs->m_size) {
+                pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
+                err = -EINVAL;
+                goto free_all;
+        }
+        /* verify that decrypted message is equal to the original msg */
+        if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
+                pr_err("alg: rsa: decrypt test failed. Invalid output\n");
+                err = -EINVAL;
+        }
+free_all:
+        kfree(outbuf_dec);
+        kfree(outbuf_enc);
+free_req:
+        akcipher_request_free(req);
+        return err;
+}
+static int test_rsa(struct crypto_akcipher *tfm, struct akcipher_testvec *vecs,
+                    unsigned int tcount)
+{
+        int ret, i;
+        for (i = 0; i < tcount; i++) {
+                ret = do_test_rsa(tfm, vecs++);
+                if (ret) {
+                        pr_err("alg: rsa: test failed on vector %d, err=%d\n",
+                               i + 1, ret);
+                        return ret;
+                }
+        }
+        return 0;
+}
+static int test_akcipher(struct crypto_akcipher *tfm, const char *alg,
+                         struct akcipher_testvec *vecs, unsigned int tcount)
+{
+        if (strncmp(alg, "rsa", 3) == 0)
+                return test_rsa(tfm, vecs, tcount);
+        return 0;
+}
+static int alg_test_akcipher(const struct alg_test_desc *desc,
+                             const char *driver, u32 type, u32 mask)
+{
+        struct crypto_akcipher *tfm;
+        int err = 0;
+        tfm = crypto_alloc_akcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
+        if (IS_ERR(tfm)) {
+                pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
+                       driver, PTR_ERR(tfm));
+                return PTR_ERR(tfm);
+        }
+        if (desc->suite.akcipher.vecs)
+                err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
+                                    desc->suite.akcipher.count);
+        crypto_free_akcipher(tfm);
+        return err;
+}
 static int alg_test_null(const struct alg_test_desc *desc,
                             const char *driver, u32 type, u32 mask)
 {
@@ -3453,6 +3601,16 @@ static const struct alg_test_desc alg_test_descs[] = {
                        }
                }
        }, {
+                .alg = "rsa",
+                .test = alg_test_akcipher,
+                .fips_allowed = 1,
+                .suite = {
+                        .akcipher = {
+                                .vecs = rsa_tv_template,
+                                .count = RSA_TEST_VECTORS
+                        }
+                }
+        }, {
                .alg = "salsa20",
                .test = alg_test_skcipher,
                .suite = {
author	Tadeusz Struk <tadeusz.struk@intel.com>	2015-06-16 13:31:06 -0400
committer	Herbert Xu <herbert@gondor.apana.org.au>	2015-06-17 05:03:54 -0400
commit	946cc46372dcf8e34f21a6d06826c2aa1822b642 (patch)
tree	78b21157d83c26d606ebb3a516f3b7da0633702d /crypto/testmgr.c
parent	cfc2bb32b31371d6bffc6bf2da3548f20ad48c83 (diff)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c index ccd19cfee995..975e1eac3e2d 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c
@@ -30,6 +30,7 @@
30	#include <linux/string.h>	30	#include <linux/string.h>
31	#include <crypto/rng.h>	31	#include <crypto/rng.h>
32	#include <crypto/drbg.h>	32	#include <crypto/drbg.h>
		33	#include <crypto/akcipher.h>
33		34
34	#include "internal.h"	35	#include "internal.h"
35		36
@@ -116,6 +117,11 @@ struct drbg_test_suite {
116	unsigned int count;	117	unsigned int count;
117	};	118	};
118		119
		120	struct akcipher_test_suite {
		121	struct akcipher_testvec *vecs;
		122	unsigned int count;
		123	};
		124
119	struct alg_test_desc {	125	struct alg_test_desc {
120	const char *alg;	126	const char *alg;
121	int (test)(const struct alg_test_desc desc, const char *driver,	127	int (test)(const struct alg_test_desc desc, const char *driver,
@@ -130,6 +136,7 @@ struct alg_test_desc {
130	struct hash_test_suite hash;	136	struct hash_test_suite hash;
131	struct cprng_test_suite cprng;	137	struct cprng_test_suite cprng;
132	struct drbg_test_suite drbg;	138	struct drbg_test_suite drbg;
		139	struct akcipher_test_suite akcipher;
133	} suite;	140	} suite;
134	};	141	};
135		142
@@ -1825,6 +1832,147 @@ static int alg_test_drbg(const struct alg_test_desc desc, const char driver,
1825		1832
1826	}	1833	}
1827		1834
		1835	static int do_test_rsa(struct crypto_akcipher *tfm,
		1836	struct akcipher_testvec *vecs)
		1837	{
		1838	struct akcipher_request *req;
		1839	void *outbuf_enc = NULL;
		1840	void *outbuf_dec = NULL;
		1841	struct tcrypt_result result;
		1842	unsigned int out_len_max, out_len = 0;
		1843	int err = -ENOMEM;
		1844
		1845	req = akcipher_request_alloc(tfm, GFP_KERNEL);
		1846	if (!req)
		1847	return err;
		1848
		1849	init_completion(&result.completion);
		1850	err = crypto_akcipher_setkey(tfm, vecs->key, vecs->key_len);
		1851	if (err)
		1852	goto free_req;
		1853
		1854	akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
		1855	out_len);
		1856	/* expect this to fail, and update the required buf len */
		1857	crypto_akcipher_encrypt(req);
		1858	out_len = req->dst_len;
		1859	if (!out_len) {
		1860	err = -EINVAL;
		1861	goto free_req;
		1862	}
		1863
		1864	out_len_max = out_len;
		1865	err = -ENOMEM;
		1866	outbuf_enc = kzalloc(out_len_max, GFP_KERNEL);
		1867	if (!outbuf_enc)
		1868	goto free_req;
		1869
		1870	akcipher_request_set_crypt(req, vecs->m, outbuf_enc, vecs->m_size,
		1871	out_len);
		1872	akcipher_request_set_callback(req, CRYPTO_TFM_REQ_MAY_BACKLOG,
		1873	tcrypt_complete, &result);
		1874
		1875	/* Run RSA encrypt - c = m^e mod n;*/
		1876	err = wait_async_op(&result, crypto_akcipher_encrypt(req));
		1877	if (err) {
		1878	pr_err("alg: rsa: encrypt test failed. err %d\n", err);
		1879	goto free_all;
		1880	}
		1881	if (out_len != vecs->c_size) {
		1882	pr_err("alg: rsa: encrypt test failed. Invalid output len\n");
		1883	err = -EINVAL;
		1884	goto free_all;
		1885	}
		1886	/* verify that encrypted message is equal to expected */
		1887	if (memcmp(vecs->c, outbuf_enc, vecs->c_size)) {
		1888	pr_err("alg: rsa: encrypt test failed. Invalid output\n");
		1889	err = -EINVAL;
		1890	goto free_all;
		1891	}
		1892	/* Don't invoke decrypt for vectors with public key */
		1893	if (vecs->public_key_vec) {
		1894	err = 0;
		1895	goto free_all;
		1896	}
		1897	outbuf_dec = kzalloc(out_len_max, GFP_KERNEL);
		1898	if (!outbuf_dec) {
		1899	err = -ENOMEM;
		1900	goto free_all;
		1901	}
		1902	init_completion(&result.completion);
		1903	akcipher_request_set_crypt(req, outbuf_enc, outbuf_dec, vecs->c_size,
		1904	out_len);
		1905
		1906	/* Run RSA decrypt - m = c^d mod n;*/
		1907	err = wait_async_op(&result, crypto_akcipher_decrypt(req));
		1908	if (err) {
		1909	pr_err("alg: rsa: decrypt test failed. err %d\n", err);
		1910	goto free_all;
		1911	}
		1912	out_len = req->dst_len;
		1913	if (out_len != vecs->m_size) {
		1914	pr_err("alg: rsa: decrypt test failed. Invalid output len\n");
		1915	err = -EINVAL;
		1916	goto free_all;
		1917	}
		1918	/* verify that decrypted message is equal to the original msg */
		1919	if (memcmp(vecs->m, outbuf_dec, vecs->m_size)) {
		1920	pr_err("alg: rsa: decrypt test failed. Invalid output\n");
		1921	err = -EINVAL;
		1922	}
		1923	free_all:
		1924	kfree(outbuf_dec);
		1925	kfree(outbuf_enc);
		1926	free_req:
		1927	akcipher_request_free(req);
		1928	return err;
		1929	}
		1930
		1931	static int test_rsa(struct crypto_akcipher tfm, struct akcipher_testvec vecs,
		1932	unsigned int tcount)
		1933	{
		1934	int ret, i;
		1935
		1936	for (i = 0; i < tcount; i++) {
		1937	ret = do_test_rsa(tfm, vecs++);
		1938	if (ret) {
		1939	pr_err("alg: rsa: test failed on vector %d, err=%d\n",
		1940	i + 1, ret);
		1941	return ret;
		1942	}
		1943	}
		1944	return 0;
		1945	}
		1946
		1947	static int test_akcipher(struct crypto_akcipher tfm, const char alg,
		1948	struct akcipher_testvec *vecs, unsigned int tcount)
		1949	{
		1950	if (strncmp(alg, "rsa", 3) == 0)
		1951	return test_rsa(tfm, vecs, tcount);
		1952
		1953	return 0;
		1954	}
		1955
		1956	static int alg_test_akcipher(const struct alg_test_desc *desc,
		1957	const char *driver, u32 type, u32 mask)
		1958	{
		1959	struct crypto_akcipher *tfm;
		1960	int err = 0;
		1961
		1962	tfm = crypto_alloc_akcipher(driver, type \| CRYPTO_ALG_INTERNAL, mask);
		1963	if (IS_ERR(tfm)) {
		1964	pr_err("alg: akcipher: Failed to load tfm for %s: %ld\n",
		1965	driver, PTR_ERR(tfm));
		1966	return PTR_ERR(tfm);
		1967	}
		1968	if (desc->suite.akcipher.vecs)
		1969	err = test_akcipher(tfm, desc->alg, desc->suite.akcipher.vecs,
		1970	desc->suite.akcipher.count);
		1971
		1972	crypto_free_akcipher(tfm);
		1973	return err;
		1974	}
		1975
1828	static int alg_test_null(const struct alg_test_desc *desc,	1976	static int alg_test_null(const struct alg_test_desc *desc,
1829	const char *driver, u32 type, u32 mask)	1977	const char *driver, u32 type, u32 mask)
1830	{	1978	{
@@ -3453,6 +3601,16 @@ static const struct alg_test_desc alg_test_descs[] = {
3453	}	3601	}
3454	}	3602	}
3455	}, {	3603	}, {
		3604	.alg = "rsa",
		3605	.test = alg_test_akcipher,
		3606	.fips_allowed = 1,
		3607	.suite = {
		3608	.akcipher = {
		3609	.vecs = rsa_tv_template,
		3610	.count = RSA_TEST_VECTORS
		3611	}
		3612	}
		3613	}, {
3456	.alg = "salsa20",	3614	.alg = "salsa20",
3457	.test = alg_test_skcipher,	3615	.test = alg_test_skcipher,
3458	.suite = {	3616	.suite = {