Add known answer tests to the testmgr for the KDF (SP800-108) cipher.

Signed-off-by: Stephan Mueller <smuel...@chronox.de>
---
 crypto/testmgr.c | 167 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
 crypto/testmgr.h | 111 ++++++++++++++++++++++++++++++++++++
 2 files changed, 278 insertions(+)

diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index c727fb0..425c212 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -115,6 +115,11 @@ struct drbg_test_suite {
        unsigned int count;
 };
 
+struct kdf_test_suite {
+       struct kdf_testvec *vecs;
+       unsigned int count;
+};
+
 struct akcipher_test_suite {
        struct akcipher_testvec *vecs;
        unsigned int count;
@@ -133,6 +138,7 @@ struct alg_test_desc {
                struct hash_test_suite hash;
                struct cprng_test_suite cprng;
                struct drbg_test_suite drbg;
+               struct kdf_test_suite kdf;
                struct akcipher_test_suite akcipher;
        } suite;
 };
@@ -1777,6 +1783,65 @@ static int alg_test_drbg(const struct alg_test_desc 
*desc, const char *driver,
 
 }
 
+static int kdf_cavs_test(struct kdf_testvec *test,
+                        const char *driver, u32 type, u32 mask)
+{
+       int ret = -EAGAIN;
+       struct crypto_rng *drng;
+       unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL);
+
+       if (!buf)
+               return -ENOMEM;
+
+       drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask);
+       if (IS_ERR(drng)) {
+               printk(KERN_ERR "alg: kdf: could not allocate cipher handle "
+                      "for %s\n", driver);
+               kzfree(buf);
+               return -ENOMEM;
+       }
+
+       ret = crypto_rng_reset(drng, test->K1, test->K1len);
+       if (ret) {
+               printk(KERN_ERR "alg: kdf: could not set key derivation key\n");
+               goto err;
+       }
+
+       ret = crypto_rng_generate(drng, test->context, test->contextlen,
+                                 buf, test->expectedlen);
+       if (ret) {
+               printk(KERN_ERR "alg: kdf: could not obtain key data\n");
+               goto err;
+       }
+
+       ret = memcmp(test->expected, buf, test->expectedlen);
+
+err:
+       crypto_free_rng(drng);
+       kzfree(buf);
+       return ret;
+}
+
+static int alg_test_kdf(const struct alg_test_desc *desc, const char *driver,
+                       u32 type, u32 mask)
+{
+       int err = 0;
+       unsigned int i = 0;
+       struct kdf_testvec *template = desc->suite.kdf.vecs;
+       unsigned int tcount = desc->suite.kdf.count;
+
+       for (i = 0; i < tcount; i++) {
+               err = kdf_cavs_test(&template[i], driver, type, mask);
+               if (err) {
+                       printk(KERN_ERR "alg: kdf: Test %d failed for %s\n",
+                              i, driver);
+                       err = -EINVAL;
+                       break;
+               }
+       }
+       return err;
+}
+
 static int do_test_rsa(struct crypto_akcipher *tfm,
                       struct akcipher_testvec *vecs)
 {
@@ -3273,6 +3338,108 @@ static const struct alg_test_desc alg_test_descs[] = {
                .fips_allowed = 1,
                .test = alg_test_null,
        }, {
+               .alg = "kdf_ctr(cmac(aes))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_ctr(cmac(des3_ede))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_ctr(hmac(sha1))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_ctr(hmac(sha224))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_ctr(hmac(sha256))",
+               .test = alg_test_kdf,
+               .fips_allowed = 1,
+               .suite = {
+                       .kdf = {
+                               .vecs = kdf_ctr_hmac_sha256_tv_template,
+                               .count = 
ARRAY_SIZE(kdf_ctr_hmac_sha256_tv_template)
+                       }
+               }
+       }, {
+               .alg = "kdf_ctr(hmac(sha384))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_ctr(hmac(sha512))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(cmac(aes))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(cmac(des3_ede))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(hmac(sha1))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(hmac(sha224))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(hmac(sha256))",
+               .test = alg_test_kdf,
+               .fips_allowed = 1,
+               .suite = {
+                       .kdf = {
+                               .vecs = kdf_dpi_hmac_sha256_tv_template,
+                               .count = 
ARRAY_SIZE(kdf_dpi_hmac_sha256_tv_template)
+                       }
+               }
+       }, {
+               .alg = "kdf_dpi(hmac(sha384))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_dpi(hmac(sha512))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(cmac(aes))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(cmac(des3_ede))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(hmac(sha1))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(hmac(sha224))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(hmac(sha256))",
+               .test = alg_test_kdf,
+               .fips_allowed = 1,
+               .suite = {
+                       .kdf = {
+                               .vecs = kdf_fb_hmac_sha256_tv_template,
+                               .count = 
ARRAY_SIZE(kdf_fb_hmac_sha256_tv_template)
+                       }
+               }
+       }, {
+               .alg = "kdf_fb(hmac(sha384))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
+               .alg = "kdf_fb(hmac(sha512))",
+               .test = alg_test_null,
+               .fips_allowed = 1,
+       }, {
                .alg = "kw(aes)",
                .test = alg_test_skcipher,
                .fips_allowed = 1,
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 487ec88..db07c539 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -123,6 +123,15 @@ struct drbg_testvec {
        size_t expectedlen;
 };
 
+struct kdf_testvec {
+       unsigned char *K1;
+       size_t K1len;
+       unsigned char *context;
+       size_t contextlen;
+       unsigned char *expected;
+       size_t expectedlen;
+};
+
 struct akcipher_testvec {
        unsigned char *key;
        unsigned char *m;
@@ -24793,6 +24802,108 @@ static struct drbg_testvec 
drbg_nopr_ctr_aes128_tv_template[] = {
        },
 };
 
+/*
+ * Test vector obtained from
+ * http://csrc.nist.gov/groups/STM/cavp/documents/KBKDF800-108/CounterMode.zip
+ */
+static struct kdf_testvec kdf_ctr_hmac_sha256_tv_template[] = {
+       {
+               .K1 = (unsigned char *)
+                       "\xdd\x1d\x91\xb7\xd9\x0b\x2b\xd3"
+                       "\x13\x85\x33\xce\x92\xb2\x72\xfb"
+                       "\xf8\xa3\x69\x31\x6a\xef\xe2\x42"
+                       "\xe6\x59\xcc\x0a\xe2\x38\xaf\xe0",
+               .K1len = 32,
+               .context = (unsigned char *)
+                       "\x01\x32\x2b\x96\xb3\x0a\xcd\x19"
+                       "\x79\x79\x44\x4e\x46\x8e\x1c\x5c"
+                       "\x68\x59\xbf\x1b\x1c\xf9\x51\xb7"
+                       "\xe7\x25\x30\x3e\x23\x7e\x46\xb8"
+                       "\x64\xa1\x45\xfa\xb2\x5e\x51\x7b"
+                       "\x08\xf8\x68\x3d\x03\x15\xbb\x29"
+                       "\x11\xd8\x0a\x0e\x8a\xba\x17\xf3"
+                       "\xb4\x13\xfa\xac",
+               .contextlen = 60,
+               .expected = (unsigned char *)
+                       "\x10\x62\x13\x42\xbf\xb0\xfd\x40"
+                       "\x04\x6c\x0e\x29\xf2\xcf\xdb\xf0",
+               .expectedlen = 16
+       }
+};
+
+/*
+ * Test vector obtained from
+ * 
http://csrc.nist.gov/groups/STM/cavp/documents/KBKDF800-108/FeedbackModeNOzeroiv.zip
+ */
+static struct kdf_testvec kdf_fb_hmac_sha256_tv_template[] = {
+       {
+               .K1 = (unsigned char *)
+                       "\x93\xf6\x98\xe8\x42\xee\xd7\x53"
+                       "\x94\xd6\x29\xd9\x57\xe2\xe8\x9c"
+                       "\x6e\x74\x1f\x81\x0b\x62\x3c\x8b"
+                       "\x90\x1e\x38\x37\x6d\x06\x8e\x7b",
+               .K1len = 32,
+               .context = (unsigned char *)
+                       "\x9f\x57\x5d\x90\x59\xd3\xe0\xc0"
+                       "\x80\x3f\x08\x11\x2f\x8a\x80\x6d"
+                       "\xe3\xc3\x47\x19\x12\xcd\xf4\x2b"
+                       "\x09\x53\x88\xb1\x4b\x33\x50\x8e"
+                       "\x53\xb8\x9c\x18\x69\x0e\x20\x57"
+                       "\xa1\xd1\x67\x82\x2e\x63\x6d\xe5"
+                       "\x0b\xe0\x01\x85\x32\xc4\x31\xf7"
+                       "\xf5\xe3\x7f\x77\x13\x92\x20\xd5"
+                       "\xe0\x42\x59\x9e\xbe\x26\x6a\xf5"
+                       "\x76\x7e\xe1\x8c\xd2\xc5\xc1\x9a"
+                       "\x1f\x0f\x80",
+               .contextlen = 83,
+               .expected = (unsigned char *)
+                       "\xbd\x14\x76\xf4\x3a\x4e\x31\x57"
+                       "\x47\xcf\x59\x18\xe0\xea\x5b\xc0"
+                       "\xd9\x87\x69\x45\x74\x77\xc3\xab"
+                       "\x18\xb7\x42\xde\xf0\xe0\x79\xa9"
+                       "\x33\xb7\x56\x36\x5a\xfb\x55\x41"
+                       "\xf2\x53\xfe\xe4\x3c\x6f\xd7\x88"
+                       "\xa4\x40\x41\x03\x85\x09\xe9\xee"
+                       "\xb6\x8f\x7d\x65\xff\xbb\x5f\x95",
+               .expectedlen = 64
+       }
+};
+
+/*
+ * Test vector obtained from
+ * 
http://csrc.nist.gov/groups/STM/cavp/documents/KBKDF800-108/PipelineModewithCounter.zip
+ */
+static struct kdf_testvec kdf_dpi_hmac_sha256_tv_template[] = {
+       {
+               .K1 = (unsigned char *)
+                       "\x02\xd3\x6f\xa0\x21\xc2\x0d\xdb"
+                       "\xde\xe4\x69\xf0\x57\x94\x68\xba"
+                       "\xe5\xcb\x13\xb5\x48\xb6\xc6\x1c"
+                       "\xdf\x9d\x3e\xc4\x19\x11\x1d\xe2",
+               .K1len = 32,
+               .context = (unsigned char *)
+                       "\x85\xab\xe3\x8b\xf2\x65\xfb\xdc"
+                       "\x64\x45\xae\x5c\x71\x15\x9f\x15"
+                       "\x48\xc7\x3b\x7d\x52\x6a\x62\x31"
+                       "\x04\x90\x4a\x0f\x87\x92\x07\x0b"
+                       "\x3d\xf9\x90\x2b\x96\x69\x49\x04"
+                       "\x25\xa3\x85\xea\xdb\x0f\x9c\x76"
+                       "\xe4\x6f\x0f",
+               .contextlen = 51,
+               .expected = (unsigned char *)
+                       "\xd6\x9f\x74\xf5\x18\xc9\xf6\x4f"
+                       "\x90\xa0\xbe\xeb\xab\x69\xf6\x89"
+                       "\xb7\x3b\x5c\x13\xeb\x0f\x86\x0a"
+                       "\x95\xca\xd7\xd9\x81\x4f\x8c\x50"
+                       "\x6e\xb7\xb1\x79\xa5\xc5\xb4\x46"
+                       "\x6a\x9e\xc1\x54\xc3\xbf\x1c\x13"
+                       "\xef\xd6\xec\x0d\x82\xb0\x2c\x29"
+                       "\xaf\x2c\x69\x02\x99\xed\xc4\x53",
+               .expectedlen = 64
+       }
+};
+
+
 /* Cast5 test vectors from RFC 2144 */
 #define CAST5_ENC_TEST_VECTORS         4
 #define CAST5_DEC_TEST_VECTORS         4
-- 
2.5.5


--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majord...@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to