On Fri, Jan 11, 2019 at 08:10:22PM +0100, Stephan Müller wrote: > Add known answer tests to the testmgr for the KDF (SP800-108) cipher. > > Signed-off-by: Stephan Mueller <smueller@xxxxxxxxxx> > --- > crypto/testmgr.c | 226 +++++++++++++++++++++++++++++++++++++++++++++++ > crypto/testmgr.h | 110 +++++++++++++++++++++++ > 2 files changed, 336 insertions(+) > > diff --git a/crypto/testmgr.c b/crypto/testmgr.c > index 0f684a414acb..ff9051bffa1f 100644 > --- a/crypto/testmgr.c > +++ b/crypto/testmgr.c > @@ -110,6 +110,11 @@ struct drbg_test_suite { > unsigned int count; > }; > > +struct kdf_test_suite { > + struct kdf_testvec *vecs; > + unsigned int count; > +}; > + > struct akcipher_test_suite { > const struct akcipher_testvec *vecs; > unsigned int count; > @@ -133,6 +138,7 @@ struct alg_test_desc { > struct hash_test_suite hash; > struct cprng_test_suite cprng; > struct drbg_test_suite drbg; > + struct kdf_test_suite kdf; > struct akcipher_test_suite akcipher; > struct kpp_test_suite kpp; > } suite; > @@ -2020,6 +2026,64 @@ static int drbg_cavs_test(const struct drbg_testvec *test, int pr, > return ret; > } > > +static int kdf_cavs_test(struct kdf_testvec *test, > + const char *driver, u32 type, u32 mask) Why not just "kdf_test()"? > +{ > + int ret = -EAGAIN; > + struct crypto_rng *drng; > + unsigned char *buf = kzalloc(test->expectedlen, GFP_KERNEL); s/unsigned char/u8 > + > + if (!buf) > + return -ENOMEM; > + > + drng = crypto_alloc_rng(driver, type | CRYPTO_ALG_INTERNAL, mask); > + if (IS_ERR(drng)) { > + printk(KERN_ERR "alg: kdf: could not allocate cipher handle " > + "for %s\n", driver); pr_err > + kzfree(buf); kfree is fine here. > + return -ENOMEM; > + } > + > + ret = crypto_rng_reset(drng, test->K1, test->K1len); > + if (ret) { > + printk(KERN_ERR "alg: kdf: could not set key derivation key\n"); pr_err > + goto err; > + } > + > + ret = crypto_rng_generate(drng, test->context, test->contextlen, > + buf, test->expectedlen); > + if (ret) { > + printk(KERN_ERR "alg: kdf: could not obtain key data\n"); pr_err > + goto err; > + } > + > + ret = memcmp(test->expected, buf, test->expectedlen); Elsewhere this function returns an -errno value but this is different. > + > +err: > + crypto_free_rng(drng); > + kzfree(buf); kfree would be fine here too. > + return ret; > +} > + > +static int alg_test_kdf(const struct alg_test_desc *desc, const char *driver, > + u32 type, u32 mask) > +{ > + int err = 0; > + unsigned int i = 0; > + struct kdf_testvec *template = desc->suite.kdf.vecs; const - Eric