* Re: [2/2] ath9k: disable RNG by default
From: Kalle Valo @ 2016-09-28 10:00 UTC (permalink / raw)
To: miaoqing pan
Cc: linux-wireless, ath9k-devel, linux-crypto, smueller, jason,
pouyans, Miaoqing Pan
In-Reply-To: <1470726147-30095-2-git-send-email-miaoqing@codeaurora.org>
miaoqing pan <miaoqing@codeaurora.org> wrote:
> From: Miaoqing Pan <miaoqing@codeaurora.org>
>
> ath9k RNG will dominates all the noise sources from the real HW
> RNG, disable it by default. But we strongly recommand to enable
> it if the system without HW RNG, especially on embedded systems.
>
> Signed-off-by: Miaoqing Pan <miaoqing@codeaurora.org>
> Acked-by: Stephan Mueller <smueller@chronox.de>
> Acked-by: Stephan Mueller <smueller@chronox.de>
> Reviewed-by: Jason Cooper <jason@lakedaemon.net>
Patch applied to ath-next branch of ath.git, thanks.
739ccd76b40e ath9k: disable RNG by default
--
https://patchwork.kernel.org/patch/9270467/
Documentation about submitting wireless patches and checking status
from patchwork:
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Jan Stancek @ 2016-09-28 8:59 UTC (permalink / raw)
To: Marcelo Cerri
Cc: Herbert Xu, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160927194644.GB15729@gallifrey>
> Jan,
>
> Can you check if the problem occurs with this patch?
No issues in over-night test with this patch.
> --- a/drivers/crypto/vmx/vmx.c
> +++ b/drivers/crypto/vmx/vmx.c
> @@ -28,6 +28,8 @@
> #include <asm/cputable.h>
> #include <crypto/internal/hash.h>
>
> +int p8_ghash_fallback_descsize(void);
> +
> extern struct shash_alg p8_ghash_alg;
> extern struct crypto_alg p8_aes_alg;
> extern struct crypto_alg p8_aes_cbc_alg;
> @@ -45,6 +47,7 @@ int __init p8_init(void)
> {
> int ret = 0;
> struct crypto_alg **alg_it;
> + int ghash_descsize;
>
> for (alg_it = algs; *alg_it; alg_it++) {
> ret = crypto_register_alg(*alg_it);
> @@ -59,6 +62,12 @@ int __init p8_init(void)
> if (ret)
> return ret;
>
> + ghash_descsize = p8_ghash_fallback_descsize();
> + if (ghash_descsize < 0) {
> + printk(KERN_ERR "Cannot get descsize for p8_ghash fallback\n");
> + return ghash_descsize;
> + }
> + p8_ghash_alg.descsize += ghash_descsize;
> ret = crypto_register_shash(&p8_ghash_alg);
> if (ret) {
> for (alg_it = algs; *alg_it; alg_it++)
I'd suggest to move this inside vmx/ghash.c to a new function, so all p8_ghash
related code is at single place. Then p8_init() would just call the new
function:
- ret = crypto_register_shash(&p8_ghash_alg);
+ ret = register_p8_ghash();
Regards,
Jan
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Jan Stancek @ 2016-09-28 7:40 UTC (permalink / raw)
To: Herbert Xu
Cc: Marcelo Cerri, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160928024549.GB14034@gondor.apana.org.au>
----- Original Message -----
> From: "Herbert Xu" <herbert@gondor.apana.org.au>
> To: "Marcelo Cerri" <marcelo.cerri@canonical.com>
> Cc: "Jan Stancek" <jstancek@redhat.com>, "rui y wang" <rui.y.wang@intel.com>, mhcerri@linux.vnet.ibm.com,
> leosilva@linux.vnet.ibm.com, pfsmorigo@linux.vnet.ibm.com, linux-crypto@vger.kernel.org,
> linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
> Sent: Wednesday, 28 September, 2016 4:45:49 AM
> Subject: Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
>
> On Tue, Sep 27, 2016 at 04:46:44PM -0300, Marcelo Cerri wrote:
> >
> > Can you check if the problem occurs with this patch?
>
> In light of the fact that padlock-sha is the correct example
> to follow, you only need to add one line to the init_tfm fucntion
> to update the descsize based on that of the fallback.
Thanks for clearing up how this works in padlock-sha, but
we are not exactly in same situation with p8_ghash.
p8_ghash_init_tfm() already updates descsize. Problem in original report
is that without custom export/import/statesize p8_ghash_alg.statesize
gets initialized by shash_prepare_alg() to alg->descsize:
crash> p p8_ghash_alg.statesize
$1 = 56
testmgr allocates space for export based on crypto_shash_statesize(),
but shash_default_export() writes based on crypto_shash_descsize():
[ 8.297902] state: c0000004b873aa80, statesize: 56
[ 8.297932] shash_default_export memcpy c0000004b873aa80 c0000004b8607da0, len: 76
so I think we need either:
1) make sure p8_ghash_alg.descsize is correct before we register shash,
this is what Marcelo's last patch is doing
2) provide custom export/import/statesize for p8_ghash_alg
Regards,
Jan
>
> Thanks,
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
>
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Herbert Xu @ 2016-09-28 2:45 UTC (permalink / raw)
To: Marcelo Cerri
Cc: Jan Stancek, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160927194644.GB15729@gallifrey>
On Tue, Sep 27, 2016 at 04:46:44PM -0300, Marcelo Cerri wrote:
>
> Can you check if the problem occurs with this patch?
In light of the fact that padlock-sha is the correct example
to follow, you only need to add one line to the init_tfm fucntion
to update the descsize based on that of the fallback.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Herbert Xu @ 2016-09-28 2:44 UTC (permalink / raw)
To: Jan Stancek
Cc: Marcelo Cerri, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <346154437.225735.1474966863173.JavaMail.zimbra@redhat.com>
On Tue, Sep 27, 2016 at 05:01:03AM -0400, Jan Stancek wrote:
>
> Also, does that mean that padlock_sha has similar problem?
> It does not seem to reserve any space for fallback __ctx and it calls
> init()/update()/export() with padlock_sha_desc's fallback:
>
> struct padlock_sha_desc {
> struct shash_desc fallback;
> };
>
> static struct shash_alg sha1_alg = {
> .descsize = sizeof(struct padlock_sha_desc),
Actually I was wrong when I said that the API couldn't handle
a dynamic fallback. It can and padlock-sha does the right thing
by updating descsize in the cra_init function.
So this is what vmx should do too.
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Marcelo Cerri @ 2016-09-27 19:46 UTC (permalink / raw)
To: Jan Stancek
Cc: Herbert Xu, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160927120414.GC21317@gallifrey>
[-- Attachment #1: Type: text/plain, Size: 3002 bytes --]
Jan,
Can you check if the problem occurs with this patch?
---
drivers/crypto/vmx/ghash.c | 28 +++++++++++++++++-----------
drivers/crypto/vmx/vmx.c | 9 +++++++++
2 files changed, 26 insertions(+), 11 deletions(-)
diff --git a/drivers/crypto/vmx/ghash.c b/drivers/crypto/vmx/ghash.c
index 6c999cb0..033aba1 100644
--- a/drivers/crypto/vmx/ghash.c
+++ b/drivers/crypto/vmx/ghash.c
@@ -36,6 +36,8 @@
#define GHASH_DIGEST_SIZE (16)
#define GHASH_KEY_LEN (16)
+#define GHASH_FALLBACK_ALG "ghash-generic"
+
void gcm_init_p8(u128 htable[16], const u64 Xi[2]);
void gcm_gmult_p8(u64 Xi[2], const u128 htable[16]);
void gcm_ghash_p8(u64 Xi[2], const u128 htable[16],
@@ -53,18 +55,26 @@ struct p8_ghash_desc_ctx {
struct shash_desc fallback_desc;
};
+int p8_ghash_fallback_descsize(void)
+{
+ int descsize;
+ struct crypto_shash *fallback;
+ fallback = crypto_alloc_shash(GHASH_FALLBACK_ALG, 0,
+ CRYPTO_ALG_NEED_FALLBACK);
+ if (IS_ERR(fallback)) {
+ return PTR_ERR(fallback);
+ }
+ descsize = crypto_shash_descsize(fallback);
+ crypto_free_shash(fallback);
+ return descsize;
+}
+
static int p8_ghash_init_tfm(struct crypto_tfm *tfm)
{
- const char *alg;
+ const char *alg = GHASH_FALLBACK_ALG;
struct crypto_shash *fallback;
- struct crypto_shash *shash_tfm = __crypto_shash_cast(tfm);
struct p8_ghash_ctx *ctx = crypto_tfm_ctx(tfm);
- if (!(alg = crypto_tfm_alg_name(tfm))) {
- printk(KERN_ERR "Failed to get algorithm name.\n");
- return -ENOENT;
- }
-
fallback = crypto_alloc_shash(alg, 0, CRYPTO_ALG_NEED_FALLBACK);
if (IS_ERR(fallback)) {
printk(KERN_ERR
@@ -79,10 +89,6 @@ static int p8_ghash_init_tfm(struct crypto_tfm *tfm)
crypto_shash_get_flags((struct crypto_shash
*) tfm));
ctx->fallback = fallback;
-
- shash_tfm->descsize = sizeof(struct p8_ghash_desc_ctx)
- + crypto_shash_descsize(fallback);
-
return 0;
}
diff --git a/drivers/crypto/vmx/vmx.c b/drivers/crypto/vmx/vmx.c
index 31a98dc..8a51149 100644
--- a/drivers/crypto/vmx/vmx.c
+++ b/drivers/crypto/vmx/vmx.c
@@ -28,6 +28,8 @@
#include <asm/cputable.h>
#include <crypto/internal/hash.h>
+int p8_ghash_fallback_descsize(void);
+
extern struct shash_alg p8_ghash_alg;
extern struct crypto_alg p8_aes_alg;
extern struct crypto_alg p8_aes_cbc_alg;
@@ -45,6 +47,7 @@ int __init p8_init(void)
{
int ret = 0;
struct crypto_alg **alg_it;
+ int ghash_descsize;
for (alg_it = algs; *alg_it; alg_it++) {
ret = crypto_register_alg(*alg_it);
@@ -59,6 +62,12 @@ int __init p8_init(void)
if (ret)
return ret;
+ ghash_descsize = p8_ghash_fallback_descsize();
+ if (ghash_descsize < 0) {
+ printk(KERN_ERR "Cannot get descsize for p8_ghash fallback\n");
+ return ghash_descsize;
+ }
+ p8_ghash_alg.descsize += ghash_descsize;
ret = crypto_register_shash(&p8_ghash_alg);
if (ret) {
for (alg_it = algs; *alg_it; alg_it++)
--
2.7.4
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply related
* Re: [BUG] crypto: atmel-aes - erro when compiling with VERBOSE_DEBUG enable
From: Cyrille Pitchen @ 2016-09-27 16:45 UTC (permalink / raw)
To: levent demir, Herbert Xu; +Cc: linux-crypto
In-Reply-To: <1474548357.12981.19.camel@inria.fr>
Hi Levent,
there is a typo in the subject line: erroR.
Also it would be better to start the summary phrase of the subject line with a
verb:
crypto: atmel-aes: fix compiler error when VERBODE_DEBUG is defined
Le 22/09/2016 à 14:45, levent demir a écrit :
> Fix debug function call in atmel_aes_write
>
> Signed-off-by: Levent DEMIR <levent.demir@inria.fr>
> ---
> drivers/crypto/atmel-aes.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/crypto/atmel-aes.c b/drivers/crypto/atmel-aes.c
> index e3d40a8..2b0f926 100644
> --- a/drivers/crypto/atmel-aes.c
> +++ b/drivers/crypto/atmel-aes.c
> @@ -317,7 +317,7 @@ static inline void atmel_aes_write(struct
> atmel_aes_dev *dd,
> char tmp[16];
>
> dev_vdbg(dd->dev, "write 0x%08x into %s\n", value,
> - atmel_aes_reg_name(offset, tmp));
> + atmel_aes_reg_name(offset, tmp, sizeof(tmp)));
It looks like a space has been removed.
> }
> #endif /* VERBOSE_DEBUG */
>
>
Best regards,
Cyrille
^ permalink raw reply
* Re: [v2] RANDOM: ATH9K RNG delivers zero bits of entropy
From: Stephan Mueller @ 2016-09-27 15:17 UTC (permalink / raw)
To: Kalle Valo
Cc: Ted Tso, herbert, linux-kernel, linux-crypto, ath9k-devel,
linux-wireless, ath9k-devel, Kalle Valo, Jason Cooper
In-Reply-To: <2ba03f89daee4f09a88a1238943eb49d@euamsexm01a.eu.qualcomm.com>
Am Dienstag, 27. September 2016, 16:44:16 CEST schrieb Kalle Valo:
Hi Kalle,
> Stephan Mueller <smueller@chronox.de> wrote:
> > The ATH9K driver implements an RNG which is completely bypassing the
> > standard Linux HW generator logic.
> >
> > The RNG may or may not deliver entropy. Considering the conservative
> > approach in treating entropy with respect to non-auditable sources, this
> > patch changes the delivered entropy value to zero. The RNG still feeds
> > data into the input_pool but it is assumed to have no entropy.
> >
> > When the ATH9K RNG changes to use the HW RNG framework, it may re-enable
> > the entropy estimation considering that a user can change that value at
> > boot and runtime.
> >
> > Reviewed-by: Jason Cooper <jason@lakedaemon.net>
> > Signed-off-by: Stephan Mueller <smueller@chronox.de>
>
> Based on the discussion I'm dropping this patch. But the discussion was
> hard to follow so please let me know if I misunderstood.
I guess the rejection is appropriate, but something needs to be done:
add_hwgenerator_randomness should not be used in this scenario.
>
> Patch set to Rejected.
Ciao
Stephan
^ permalink raw reply
* Re: [1/2] ath9k: change entropy formula for easier understanding
From: Kalle Valo @ 2016-09-27 14:53 UTC (permalink / raw)
To: miaoqing pan
Cc: linux-wireless-u79uwXL29TY76Z2rM5mHXA,
ath9k-devel-A+ZNKFmMK5xy9aJCnZT0Uw,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
smueller-T9tCv8IpfcWELgA04lAiVw, jason-NLaQJdtUoK4Be96aLqz0jA,
pouyans-Rm6X0d1/PG5y9aJCnZT0Uw, Miaoqing Pan
In-Reply-To: <1470726147-30095-1-git-send-email-miaoqing-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
miaoqing pan <miaoqing-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org> wrote:
> From: Miaoqing Pan <miaoqing-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
>
> The quality of ADC entropy is 10 bits of min-entropy for
> a 32-bit value, change '(((x) * 8 * 320) >> 10)' to
> '(((x) * 8 * 10) >> 5)' for easier understanding.
>
> Signed-off-by: Miaoqing Pan <miaoqing-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
I need some help here, it this patch ok to take or should I drop it? The
discussion is available from the patchwork link below if someone needs to
refresh the memory.
--
https://patchwork.kernel.org/patch/9270463/
Documentation about submitting wireless patches and checking status
from patchwork:
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply
* Re: [v2] RANDOM: ATH9K RNG delivers zero bits of entropy
From: Kalle Valo @ 2016-09-27 14:44 UTC (permalink / raw)
To: Stephan Mueller
Cc: Ted Tso, herbert-lOAM2aK0SrRLBo1qDEOMRrpzq4S04n8Q,
linux-kernel-u79uwXL29TY76Z2rM5mHXA,
linux-crypto-u79uwXL29TY76Z2rM5mHXA,
ath9k-devel-A+ZNKFmMK5xy9aJCnZT0Uw,
linux-wireless-u79uwXL29TY76Z2rM5mHXA,
ath9k-devel-xDcbHBWguxHbcTqmT+pZeQ, Kalle Valo, Jason Cooper
In-Reply-To: <1654172.XfclnXhRmn-jJGQKZiSfeo1haGO/jJMPxvVK+yQ3ZXh@public.gmane.org>
Stephan Mueller <smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org> wrote:
> The ATH9K driver implements an RNG which is completely bypassing the
> standard Linux HW generator logic.
>
> The RNG may or may not deliver entropy. Considering the conservative
> approach in treating entropy with respect to non-auditable sources, this
> patch changes the delivered entropy value to zero. The RNG still feeds
> data into the input_pool but it is assumed to have no entropy.
>
> When the ATH9K RNG changes to use the HW RNG framework, it may re-enable
> the entropy estimation considering that a user can change that value at
> boot and runtime.
>
> Reviewed-by: Jason Cooper <jason-NLaQJdtUoK4Be96aLqz0jA@public.gmane.org>
> Signed-off-by: Stephan Mueller <smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org>
Based on the discussion I'm dropping this patch. But the discussion was
hard to follow so please let me know if I misunderstood.
Patch set to Rejected.
--
https://patchwork.kernel.org/patch/9266265/
Documentation about submitting wireless patches and checking status
from patchwork:
https://wireless.wiki.kernel.org/en/developers/documentation/submittingpatches
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Marcelo Cerri @ 2016-09-27 12:04 UTC (permalink / raw)
To: Jan Stancek
Cc: Herbert Xu, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <346154437.225735.1474966863173.JavaMail.zimbra@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 1287 bytes --]
Hi,
On Tue, Sep 27, 2016 at 05:01:03AM -0400, Jan Stancek wrote:
> So, if we extended p8_ghash_desc_ctx to accommodate fallback_desc's ctx
> and then provided statesize/import/export, would that be acceptable?
>
> struct p8_ghash_desc_ctx {
> ...
> struct shash_desc fallback_desc;
> + char fallback_ctx[sizeof(struct ghash_desc_ctx)];
>
I think so. That's the solution mentioned by Herbert. The only drawback
is that we will need to fix "ghash-generic" as the fallback
implementation in order to know beforehand its descsize.
However I would keep the p8_ghash_desc_ctx the way it is and I would
sum sizeof(struct ghash_desc_ctx) to the algorithm descsize instead.
Let me put a quick patch together to test this.
>
> Also, does that mean that padlock_sha has similar problem?
> It does not seem to reserve any space for fallback __ctx and it calls
> init()/update()/export() with padlock_sha_desc's fallback:
>
> struct padlock_sha_desc {
> struct shash_desc fallback;
> };
>
> static struct shash_alg sha1_alg = {
> .descsize = sizeof(struct padlock_sha_desc),
>
Yeah. It still seems to me that padlock-sha has the same problem. Maybe
we are missing something...
--
Regards,
Marcelo
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply
* Re: [PATCH] padata: remove recently added module usage from bool code
From: Sebastian Andrzej Siewior @ 2016-09-27 9:03 UTC (permalink / raw)
To: Paul Gortmaker
Cc: linux-kernel, Steffen Klassert, Thomas Gleixner, linux-crypto
In-Reply-To: <20160927011821.6635-1-paul.gortmaker@windriver.com>
On 2016-09-26 21:18:21 [-0400], Paul Gortmaker wrote:
>
> ...and so it currently is not being built as a module by anyone.
that is correct.
Acked-by: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Sebastian
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Jan Stancek @ 2016-09-27 9:01 UTC (permalink / raw)
To: Herbert Xu
Cc: Marcelo Cerri, rui y wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160927030826.GB8579@gondor.apana.org.au>
----- Original Message -----
> From: "Herbert Xu" <herbert@gondor.apana.org.au>
> To: "Marcelo Cerri" <marcelo.cerri@canonical.com>
> Cc: "Jan Stancek" <jstancek@redhat.com>, "rui y wang" <rui.y.wang@intel.com>, mhcerri@linux.vnet.ibm.com,
> leosilva@linux.vnet.ibm.com, pfsmorigo@linux.vnet.ibm.com, linux-crypto@vger.kernel.org,
> linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
> Sent: Tuesday, 27 September, 2016 5:08:26 AM
> Subject: Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
>
> On Mon, Sep 26, 2016 at 02:43:17PM -0300, Marcelo Cerri wrote:
> >
> > Wouldn't be enough to provide a pair of import/export functions as the
> > padlock-sha driver does?
>
> I don't think that will help as ultimately you need to call the
> export function on the fallback and that's what requires the extra
> memory. In fact very operation involving the fallback will need
> that extra memory too.
So, if we extended p8_ghash_desc_ctx to accommodate fallback_desc's ctx
and then provided statesize/import/export, would that be acceptable?
struct p8_ghash_desc_ctx {
...
struct shash_desc fallback_desc;
+ char fallback_ctx[sizeof(struct ghash_desc_ctx)];
Also, does that mean that padlock_sha has similar problem?
It does not seem to reserve any space for fallback __ctx and it calls
init()/update()/export() with padlock_sha_desc's fallback:
struct padlock_sha_desc {
struct shash_desc fallback;
};
static struct shash_alg sha1_alg = {
.descsize = sizeof(struct padlock_sha_desc),
Regards,
Jan
>
> Cheers,
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
>
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Herbert Xu @ 2016-09-27 3:08 UTC (permalink / raw)
To: Marcelo Cerri
Cc: Jan Stancek, rui.y.wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160926174317.GA21317@gallifrey>
On Mon, Sep 26, 2016 at 02:43:17PM -0300, Marcelo Cerri wrote:
>
> Wouldn't be enough to provide a pair of import/export functions as the
> padlock-sha driver does?
I don't think that will help as ultimately you need to call the
export function on the fallback and that's what requires the extra
memory. In fact very operation involving the fallback will need
that extra memory too.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* Re: [PATCH v7 4/9] crypto: acomp - add support for lzo via scomp
From: Herbert Xu @ 2016-09-27 3:07 UTC (permalink / raw)
To: Giovanni Cabiddu; +Cc: linux-crypto, weigang.li
In-Reply-To: <20160926172704.GA24726@SILVIXA00369791-F22-1>
On Mon, Sep 26, 2016 at 06:27:04PM +0100, Giovanni Cabiddu wrote:
>
> I think the definition of the acomp interface already allows for this.
> If the destination scatterlist inside the request is NULL, the
> algorithm/driver can allocate pages of memory for the output buffers as
> well as the scatterlist. In this case, the destination length, if not zero,
> could be used to specify the maximum size to allocate.
> What do you think?
Sounds good to me. We should also add a function to free the
resulting SG list along with the allocated pages.
Cheers,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply
* [PATCH] padata: remove recently added module usage from bool code
From: Paul Gortmaker @ 2016-09-27 1:18 UTC (permalink / raw)
To: linux-kernel
Cc: Paul Gortmaker, Steffen Klassert, Thomas Gleixner,
Sebastian Andrzej Siewior, linux-crypto
In commit 30e92153b4e6 ("padata: Convert to hotplug state machine")
this file started using module.h and got module_init and module_exit
added to it.
However the Kconfig for it is:
init/Kconfig:config PADATA
init/Kconfig: depends on SMP
init/Kconfig: bool
...and so it currently is not being built as a module by anyone.
Lets remove the modular code that is essentially orphaned, so that
when reading the driver there is no doubt it is builtin-only.
Since module_init translates to device_initcall in the non-modular
case, the init ordering remains unchanged with this commit.
Cc: Steffen Klassert <steffen.klassert@secunet.com>
Cc: Thomas Gleixner <tglx@linutronix.de>
Cc: Sebastian Andrzej Siewior <bigeasy@linutronix.de>
Cc: linux-crypto@vger.kernel.org
Signed-off-by: Paul Gortmaker <paul.gortmaker@windriver.com>
---
kernel/padata.c | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/kernel/padata.c b/kernel/padata.c
index 7848f0566403..355807e52b1e 100644
--- a/kernel/padata.c
+++ b/kernel/padata.c
@@ -30,7 +30,7 @@
#include <linux/slab.h>
#include <linux/sysfs.h>
#include <linux/rcupdate.h>
-#include <linux/module.h>
+#include <linux/init.h>
#define MAX_OBJ_NUM 1000
@@ -1043,11 +1043,6 @@ static __init int padata_driver_init(void)
hp_online = ret;
return 0;
}
-module_init(padata_driver_init);
+device_initcall(padata_driver_init);
-static __exit void padata_driver_exit(void)
-{
- cpuhp_remove_multi_state(hp_online);
-}
-module_exit(padata_driver_exit);
#endif
--
2.10.0
^ permalink raw reply related
* Re: [PATCH] crypto: sha1-powerpc: little-endian support
From: Paulo Flabiano Smorigo @ 2016-09-27 0:46 UTC (permalink / raw)
To: Marcelo Cerri
Cc: Herbert Xu, David S. Miller, linux-crypto, linuxppc-dev,
linux-kernel, Benjamin Herrenschmidt, Paul Mackerras,
Michael Ellerman, George Wilson, Claudio Carvalho,
Paulo Flabiano Smorigo, joy.latten
In-Reply-To: <1474659116-4689-1-git-send-email-marcelo.cerri@canonical.com>
Fri, Sep 23, 2016 at 04:31:56PM -0300, Marcelo Cerri wrote:
> The driver does not handle endianness properly when loading the input
> data.
Indeed. I tested in both endianesses and it's working fine. Thanks!
Herbert, can we go ahead with this fix?
>
> Signed-off-by: Marcelo Cerri <marcelo.cerri@canonical.com>
> ---
> arch/powerpc/crypto/sha1-powerpc-asm.S | 13 +++++++++++--
> 1 file changed, 11 insertions(+), 2 deletions(-)
>
> diff --git a/arch/powerpc/crypto/sha1-powerpc-asm.S b/arch/powerpc/crypto/sha1-powerpc-asm.S
> index 125e165..82ddc9b 100644
> --- a/arch/powerpc/crypto/sha1-powerpc-asm.S
> +++ b/arch/powerpc/crypto/sha1-powerpc-asm.S
> @@ -7,6 +7,15 @@
> #include <asm/ppc_asm.h>
> #include <asm/asm-offsets.h>
>
> +#ifdef __BIG_ENDIAN__
> +#define LWZ(rt, d, ra) \
> + lwz rt,d(ra)
> +#else
> +#define LWZ(rt, d, ra) \
> + li rt,d; \
> + lwbrx rt,rt,ra
> +#endif
> +
> /*
> * We roll the registers for T, A, B, C, D, E around on each
> * iteration; T on iteration t is A on iteration t+1, and so on.
> @@ -23,7 +32,7 @@
> #define W(t) (((t)%16)+16)
>
> #define LOADW(t) \
> - lwz W(t),(t)*4(r4)
> + LWZ(W(t),(t)*4,r4)
>
> #define STEPD0_LOAD(t) \
> andc r0,RD(t),RB(t); \
> @@ -33,7 +42,7 @@
> add r0,RE(t),r15; \
> add RT(t),RT(t),r6; \
> add r14,r0,W(t); \
> - lwz W((t)+4),((t)+4)*4(r4); \
> + LWZ(W((t)+4),((t)+4)*4,r4); \
> rotlwi RB(t),RB(t),30; \
> add RT(t),RT(t),r14
>
> --
> 2.7.4
>
--
Paulo Flabiano Smorigo
IBM Linux Technology Center
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Jan Stancek @ 2016-09-26 17:50 UTC (permalink / raw)
To: Marcelo Cerri
Cc: rui y wang, herbert, mhcerri, leosilva, pfsmorigo, linux-crypto,
linuxppc-dev, linux-kernel
In-Reply-To: <20160926141510.GC5031@gallifrey>
----- Original Message -----
> From: "Marcelo Cerri" <marcelo.cerri@canonical.com>
> To: "Jan Stancek" <jstancek@redhat.com>
> Cc: "rui y wang" <rui.y.wang@intel.com>, herbert@gondor.apana.org.au, mhcerri@linux.vnet.ibm.com,
> leosilva@linux.vnet.ibm.com, pfsmorigo@linux.vnet.ibm.com, linux-crypto@vger.kernel.org,
> linuxppc-dev@lists.ozlabs.org, linux-kernel@vger.kernel.org
> Sent: Monday, 26 September, 2016 4:15:10 PM
> Subject: Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
>
> Hi Jan,
>
> Just out of curiosity, have you tried to use "76" on both values to
> check if the problem still happens?
I did, I haven't seen any panics with such patch:
@@ -211,7 +212,7 @@ struct shash_alg p8_ghash_alg = {
.update = p8_ghash_update,
.final = p8_ghash_final,
.setkey = p8_ghash_setkey,
- .descsize = sizeof(struct p8_ghash_desc_ctx),
+ .descsize = sizeof(struct p8_ghash_desc_ctx) + 20,
.base = {
.cra_name = "ghash",
.cra_driver_name = "p8_ghash",
^ permalink raw reply
* Re: [bug] crypto/vmx/p8_ghash memory corruption in 4.8-rc7
From: Marcelo Cerri @ 2016-09-26 17:43 UTC (permalink / raw)
To: Herbert Xu
Cc: Jan Stancek, rui.y.wang, mhcerri, leosilva, pfsmorigo,
linux-crypto, linuxppc-dev, linux-kernel
In-Reply-To: <20160926145934.GA5520@gondor.apana.org.au>
[-- Attachment #1: Type: text/plain, Size: 1430 bytes --]
Herbert,
Wouldn't be enough to provide a pair of import/export functions as the
padlock-sha driver does?
--
Regards,
Marcelo
On Mon, Sep 26, 2016 at 10:59:34PM +0800, Herbert Xu wrote:
> On Fri, Sep 23, 2016 at 08:22:27PM -0400, Jan Stancek wrote:
> >
> > This seems to directly correspond with:
> > p8_ghash_alg.descsize = sizeof(struct p8_ghash_desc_ctx) == 56
> > shash_tfm->descsize = sizeof(struct p8_ghash_desc_ctx) + crypto_shash_descsize(fallback) == 56 + 20
> > where 20 is presumably coming from "ghash_alg.descsize".
> >
> > My gut feeling was that these 2 should match, but I'd love to hear
> > what crypto people think.
>
> Indeed. The vmx driver is broken. It is allocating a fallback
> but is not providing any space for the state of the fallback.
>
> Unfortunately our interface doesn't really provide a way to provide
> the state size dynamically. So what I'd suggest is to fix the
> fallback to the generic ghash implementation and export its state
> size like we do for md5/sha.
>
> Cheers,
> --
> Email: Herbert Xu <herbert@gondor.apana.org.au>
> Home Page: http://gondor.apana.org.au/~herbert/
> PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 473 bytes --]
^ permalink raw reply
* Re: sha1_mb broken
From: Stephan Mueller @ 2016-09-26 17:32 UTC (permalink / raw)
To: Megha Dey; +Cc: linux-crypto
In-Reply-To: <1939675.7gNnqUbNs6@positron.chronox.de>
Am Freitag, 26. August 2016, 03:15:06 CEST schrieb Stephan Mueller:
Hi Megha,
> Hi,
>
> I tried to execute tests with sha1_mb.
Have you had a chance to look into this one?
>
> The execution simply stalls when invoking a digest operation -- i.e. the
> digest operation does not finish. After some time after invoking the hashing
> operation, the following log appears (note, the kccavs_* functions are my
> test code; that test code works perfectly well with all other hash
> implementations):
>
> [ 140.426026] INFO: rcu_sched detected stalls on CPUs/tasks:
> [ 140.426719] 2-...: (1 GPs behind) idle=9c3/140000000000000/0
> softirq=2680/2707 fqs=14762
> [ 140.427024] (detected by 0, t=60002 jiffies, g=655, c=654, q=35)
> [ 140.427024] Task dump for CPU 2:
> [ 140.427024] cavs_driver R running task 0 945 862
> 0x00000008
> [ 140.427024] ffffffff9b78d965 ffffa527b8bfa640 ffffa527bb505940
> ffffa52775c20c50
> [ 140.427024] ffffa527bc300000 ffffa527b93d2a80 ffffa527bb857e00
> ffffa527bc2ffd78
> [ 140.427024] ffffa527b93d2ac8 ffffa527bc2ffcc0 ffffffff9b78dfc8
> ffffa527bc2ffd70
> [ 140.427024] Call Trace:
> [ 140.427024] [<ffffffff9b78d965>] ? __schedule+0x245/0x690
> [ 140.427024] [<ffffffff9b78dfc8>] ? preempt_schedule_common+0x18/0x30
> [ 140.427024] [<ffffffff9b791a68>] ? _raw_spin_lock_irq+0x28/0x30
> [ 140.427024] [<ffffffff9b78ed98>] ? wait_for_completion_interruptible
> +0x28/0x180
> [ 140.427024] [<ffffffffc028541c>] ? sha1_mb_async_digest+0x6c/0x70
> [sha1_mb]
> [ 140.427024] [<ffffffff9b3b1129>] ? crypto_ahash_op+0x29/0x70
> [ 140.427024] [<ffffffffc0270148>] ? kccavs_test_ahash+0x198/0x2b0
> [kcapi_cavs]
> [ 140.427024] [<ffffffffc026e20a>] ? kccavs_data_read+0xda/0x160
> [kcapi_cavs]
> [ 140.427024] [<ffffffff9b370964>] ? full_proxy_read+0x54/0x90
> [ 140.427024] [<ffffffff9b208088>] ? __vfs_read+0x28/0x110
> [ 140.427024] [<ffffffff9b38a2c0>] ? security_file_permission+0xa0/0xc0
> [ 140.427024] [<ffffffff9b20850e>] ? rw_verify_area+0x4e/0xb0
> [ 140.427024] [<ffffffff9b208606>] ? vfs_read+0x96/0x130
> [ 140.427024] [<ffffffff9b2099f6>] ? SyS_read+0x46/0xa0
> [ 140.427024] [<ffffffff9b791cb6>] ? entry_SYSCALL_64_fastpath+0x1e/0xa8
>
>
>
> Ciao
> Stephan
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
Ciao
Stephan
^ permalink raw reply
* Re: [PATCH v7 4/9] crypto: acomp - add support for lzo via scomp
From: Giovanni Cabiddu @ 2016-09-26 17:27 UTC (permalink / raw)
To: Herbert Xu; +Cc: linux-crypto, weigang.li
In-Reply-To: <20160923150518.GA20384@gondor.apana.org.au>
On Fri, Sep 23, 2016 at 11:05:18PM +0800, Herbert Xu wrote:
> When I said acomp layer I'm referring specifically to the algorithm
> or driver. As to your last question it would be the caller's
> responsibility to free that memory.
>
> The use-case is our oldest user, IPcomp. Most packets are 1500 bytes
> max but we have to allocate 64K of memory to cover the worst case.
> For an algorithm that can deal with SG lists it can easily allocate
> pages of memory as it goes and place them in an SG list.
It is clear now. Thanks.
> Sure if you already have memory allocated then we don't want to
> force you to allocate it again in the algorithm/driver. But our
> interface should allow the memory to be allocated in the driver.
I think the definition of the acomp interface already allows for this.
If the destination scatterlist inside the request is NULL, the
algorithm/driver can allocate pages of memory for the output buffers as
well as the scatterlist. In this case, the destination length, if not zero,
could be used to specify the maximum size to allocate.
What do you think?
--
Giovanni
^ permalink raw reply
* [PATCH v5 7/7] crypto: AES CBC multi-buffer tcrypt
From: Megha Dey @ 2016-09-26 17:27 UTC (permalink / raw)
To: herbert, davem; +Cc: linux-crypto, tim.c.chen, megha.dey, Megha Dey
In-Reply-To: <1474910859-11713-1-git-send-email-megha.dey@linux.intel.com>
From: Tim Chen <tim.c.chen@linux.intel.com>
The tcrypt test framework for CBC multi-buffer testing is
laid out in this patch. Tcrypt has been extended to validate
the functionality and performance of AES CBC multi-buffer support.
A new test(mode=600) has been added to test the speed of the multibuffer
case, as multi-buffer encrypt will wait for additional encrypt requests
that never arrive to kick off computation. So we always incur the extra
delay before flush timer expires to trigger the computation in the (mode=500)
test. We create the new tests that will send out these additional requests
that can be aggregated and computed in parallel for true throughput speed test
of the multi-buffer encrypt test case.case.
The enhanced CBC tests create multiple transforms and exercise
the multi-buffer implementation. Crafted requests are sent at once
to the multiple transforms created and the returned responses
are compared with expected results. The test vectors are so chosen
as to exercise the scatter-gather list to the maximum allowable limit
within the framework.
Originally-by: Chandramouli Narayanan <mouli_7982@yahoo.com>
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
---
crypto/tcrypt.c | 257 ++++++++++++++++++-
crypto/testmgr.c | 759 ++++++++++++++++++++++++++++++++++++++++++++++++++++++-
crypto/testmgr.h | 64 ++++-
3 files changed, 1054 insertions(+), 26 deletions(-)
diff --git a/crypto/tcrypt.c b/crypto/tcrypt.c
index ae22f05..671f5bf 100644
--- a/crypto/tcrypt.c
+++ b/crypto/tcrypt.c
@@ -36,6 +36,7 @@
#include <linux/jiffies.h>
#include <linux/timex.h>
#include <linux/interrupt.h>
+#include <linux/crypto.h>
#include "tcrypt.h"
/*
@@ -82,7 +83,7 @@ struct tcrypt_result {
int err;
};
-static void tcrypt_complete(struct crypto_async_request *req, int err)
+void tcrypt_complete(struct crypto_async_request *req, int err)
{
struct tcrypt_result *res = req->data;
@@ -181,6 +182,11 @@ static u32 aead_sizes[] = { 16, 64, 256, 512, 1024, 2048, 4096, 8192, 0 };
#define XBUFSIZE 8
#define MAX_IVLEN 32
+#define MB_WIDTH 8
+struct scatterlist mb_sg[MB_WIDTH][XBUFSIZE];
+struct skcipher_request *mb_req[MB_WIDTH];
+struct tcrypt_result mb_tresult[MB_WIDTH];
+char *mb_xbuf[MB_WIDTH][XBUFSIZE];
static int testmgr_alloc_buf(char *buf[XBUFSIZE])
{
@@ -778,6 +784,46 @@ static inline int do_one_acipher_op(struct skcipher_request *req, int ret)
return ret;
}
+
+/*
+ * Perform a maximum of MB_WIDTH operations.
+ * Await the results and measure performance.
+ */
+cycles_t mb_start, mb_end;
+static int mb_err[MB_WIDTH];
+
+static inline int do_multi_acipher_op(
+ struct skcipher_request *req[MB_WIDTH], int enc)
+{
+ int i, ret, comp_ret = 0;
+ bool is_async;
+
+ for (i = 0; i < MB_WIDTH; ++i) {
+ ret = enc == ENCRYPT ? crypto_skcipher_encrypt(req[i])
+ : crypto_skcipher_decrypt(req[i]);
+ mb_err[i] = ret;
+ if (ret == -EINPROGRESS || ret == -EBUSY)
+ continue; /* on with next req */
+ /* any other error, bail out */
+ if (ret)
+ return ret;
+ }
+ for (i = 0; i < MB_WIDTH; ++i) {
+ struct tcrypt_result *tr = req[i]->base.data;
+
+ is_async = mb_err[i] == -EINPROGRESS || mb_err[i] == -EBUSY;
+ if (is_async) {
+ wait_for_completion(&tr->completion);
+ reinit_completion(&tr->completion);
+ }
+ comp_ret = tr->err;
+ if (comp_ret)
+ pr_info("multi_acipher_op error\n");
+ }
+
+ return comp_ret;
+}
+
static int test_acipher_jiffies(struct skcipher_request *req, int enc,
int blen, int secs)
{
@@ -925,6 +971,7 @@ static void test_skcipher_speed(const char *algo, int enc, unsigned int secs,
if (ret) {
pr_err("setkey() failed flags=%x\n",
crypto_skcipher_get_flags(tfm));
+
goto out_free_req;
}
@@ -978,6 +1025,203 @@ out:
crypto_free_skcipher(tfm);
}
+static int test_mb_acipher_jiffies(
+ struct skcipher_request *req[MB_WIDTH], int enc, int blen, int secs)
+{
+ unsigned long start, end;
+ int bcount;
+ int ret;
+
+ /* initiate a maximum of MB_WIDTH operations and measure performance */
+ for (start = jiffies, end = start + secs * HZ, bcount = 0;
+ time_before(jiffies, end); bcount += MB_WIDTH) {
+ ret = do_multi_acipher_op(req, enc);
+ if (ret)
+ return ret;
+ }
+
+ pr_cont("%d operations in %d seconds (%ld bytes)\n",
+ bcount, secs, (long)bcount * blen);
+ return 0;
+}
+
+#define ITR 8
+static int test_mb_acipher_cycles(
+ struct skcipher_request *req[MB_WIDTH], int enc, int blen)
+{
+ cycles_t cycles = 0;
+ int ret = 0;
+ int i;
+
+ /* Warm-up run. */
+ for (i = 0; i < 4; i++) {
+ ret = do_multi_acipher_op(req, enc);
+
+ if (ret)
+ goto out;
+ }
+ /*
+ * Initiate a maximum of MB_WIDTH operations per loop
+ * Measure performance over MB_WIDTH iterations
+ * Let do_multi_acipher_op count the cycles
+ */
+ for (i = 0; i < ITR; i++) {
+ mb_start = get_cycles();
+ ret = do_multi_acipher_op(req, enc);
+
+ mb_end = get_cycles();
+ cycles += mb_end - mb_start;
+ if (ret)
+ goto out;
+ }
+
+out:
+ if (ret == 0)
+ pr_cont("1 operation in %llu cycles (%d bytes)\n",
+ (cycles + 4) / (ITR*MB_WIDTH), blen);
+
+ return ret;
+}
+
+static void test_mb_acipher_speed(const char *algo, int enc, unsigned int secs,
+ struct cipher_speed_template *template,
+ unsigned int tcount, u8 *keysize)
+{
+ unsigned int ret, i, j, k, iv_len, r;
+ const char *key;
+ char iv[128];
+ struct crypto_skcipher *tfm;
+ const char *e, *driver;
+ u32 *b_size;
+
+ pr_info("test_mb_acipher_speed: test algo %s\n", algo);
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+ tfm = crypto_alloc_skcipher(algo, 0, 0);
+
+ if (IS_ERR(tfm)) {
+ pr_err("failed to load transform for %s: %ld\n", algo,
+ PTR_ERR(tfm));
+ return;
+ }
+
+ /* FIXME: do we need to check this? */
+ driver = get_driver_name(crypto_skcipher, tfm);
+ pr_info("\ntesting speed of async %s (%s) %s\n", algo, driver, e);
+
+ /* set up multiple requests for the transform */
+ for (r = 0; r < MB_WIDTH; ++r) {
+ init_completion(&mb_tresult[r].completion);
+ mb_req[r] = skcipher_request_alloc(tfm, GFP_KERNEL);
+ if (!mb_req[r]) {
+ pr_err("tcrypt: skcipher: Failed to allocate request for %s\n",
+ algo);
+ goto out;
+ }
+
+ skcipher_request_set_callback(mb_req[r],
+ CRYPTO_TFM_REQ_MAY_BACKLOG,
+ tcrypt_complete, &mb_tresult[r]);
+ }
+
+ /* loop through different data sizes to encrypt/decrypt */
+ i = 0;
+ do {
+ b_size = block_sizes;
+
+ do {
+ if ((*keysize + *b_size) > TVMEMSIZE * PAGE_SIZE) {
+ pr_err("template (%u) too big for tvmem (%lu)\n",
+ *keysize + *b_size, TVMEMSIZE * PAGE_SIZE);
+ goto out_free_req;
+ }
+
+ pr_info("test %u (%d bit key, %d byte blocks): ", i,
+ *keysize * 8, *b_size);
+
+ memset(tvmem[0], 0xff, PAGE_SIZE);
+
+ /* set key, plain text and IV */
+ key = tvmem[0];
+ for (j = 0; j < tcount; j++) {
+ if (template[j].klen == *keysize) {
+ key = template[j].key;
+ break;
+ }
+ }
+
+ crypto_skcipher_clear_flags(tfm, ~0);
+
+ ret = crypto_skcipher_setkey(tfm, key, *keysize);
+ if (ret) {
+ pr_err("setkey() failed flags=%x keysize=%d\n",
+ crypto_skcipher_get_flags(tfm),
+ *keysize);
+ goto out_free_req;
+ }
+
+ /* set scatter-gather list of data */
+ for (r = 0; r < MB_WIDTH; ++r) {
+ sg_init_table(mb_sg[r], TVMEMSIZE);
+
+ k = *keysize + *b_size;
+ if (k > PAGE_SIZE) {
+ sg_set_buf(mb_sg[r],
+ tvmem[0] + *keysize,
+ PAGE_SIZE - *keysize);
+ k -= PAGE_SIZE;
+ j = 1;
+ while (k > PAGE_SIZE) {
+ sg_set_buf(&mb_sg[r][j],
+ tvmem[j], PAGE_SIZE);
+ memset(tvmem[j], 0xff,
+ PAGE_SIZE);
+ j++;
+ k -= PAGE_SIZE;
+ }
+ sg_set_buf(&mb_sg[r][j], tvmem[j], k);
+ memset(tvmem[j], 0xff, k);
+ } else {
+ sg_set_buf(mb_sg[r],
+ tvmem[0] + *keysize, *b_size);
+ }
+
+ iv_len = crypto_skcipher_ivsize(tfm);
+ if (iv_len)
+ memset(&iv, 0xff, iv_len);
+
+ skcipher_request_set_crypt(mb_req[r],
+ mb_sg[r], mb_sg[r],
+ *b_size, iv);
+ }
+ if (secs)
+ ret = test_mb_acipher_jiffies(mb_req, enc,
+ *b_size, secs);
+ else
+ ret = test_mb_acipher_cycles(mb_req, enc,
+ *b_size);
+
+ if (ret) {
+ pr_err("%s() failed flags=%x\n", e,
+ crypto_skcipher_get_flags(tfm));
+ break;
+ }
+ b_size++;
+ i++;
+ } while (*b_size);
+ keysize++;
+ } while (*keysize);
+
+out_free_req:
+ for (r = 0; r < MB_WIDTH; ++r)
+ skcipher_request_free(mb_req[r]);
+out:
+ crypto_free_skcipher(tfm);
+}
+
static void test_acipher_speed(const char *algo, int enc, unsigned int secs,
struct cipher_speed_template *template,
unsigned int tcount, u8 *keysize)
@@ -2035,6 +2279,17 @@ static int do_test(const char *alg, u32 type, u32 mask, int m)
speed_template_8_32);
break;
+ case 600:
+ /* Measure performance of aes-cbc multibuffer support */
+ test_mb_acipher_speed("cbc(aes)", ENCRYPT, sec, NULL, 0,
+ speed_template_16_24_32);
+ test_mb_acipher_speed("cbc(aes)", DECRYPT, sec, NULL, 0,
+ speed_template_16_24_32);
+ break;
+ case 601:
+ ret += tcrypt_test("cbc(aes)");
+ break;
+
case 1000:
test_available();
break;
diff --git a/crypto/testmgr.c b/crypto/testmgr.c
index 0b01c3d..a26b9b0 100644
--- a/crypto/testmgr.c
+++ b/crypto/testmgr.c
@@ -1,3 +1,4 @@
+
/*
* Algorithm testing framework and tests.
*
@@ -146,6 +147,23 @@ struct alg_test_desc {
static unsigned int IDX[8] = { IDX1, IDX2, IDX3, IDX4, IDX5, IDX6, IDX7, IDX8 };
+#ifdef CONFIG_CRYPTO_AES_CBC_MB
+/*
+ * Indexes into the xbuf to simulate cross-page access for multibuffer tests.
+ */
+#define MB_IDX1 32
+#define MB_IDX2 32400
+#define MB_IDX3 4222
+#define MB_IDX4 8193
+#define MB_IDX5 22222
+#define MB_IDX6 17101
+#define MB_IDX7 27333
+#define MB_IDX8 13222
+static unsigned int MB_IDX[8] = {
+ MB_IDX1, MB_IDX2, MB_IDX3, MB_IDX4,
+ MB_IDX5, MB_IDX6, MB_IDX7, MB_IDX8 };
+#endif /* CONFIG_CRYPTO_AES_CBC_MB */
+
static void hexdump(unsigned char *buf, unsigned int len)
{
print_hex_dump(KERN_CONT, "", DUMP_PREFIX_OFFSET,
@@ -383,7 +401,7 @@ static int __test_hash(struct crypto_ahash *tfm, struct hash_testvec *template,
ret = -EINVAL;
for (k = 0; k < template[i].np; k++) {
if (WARN_ON(offset_in_page(IDX[k]) +
- template[i].tap[k] > PAGE_SIZE))
+ template[i].tap[k] > PAGE_SIZE))
goto out;
sg_set_buf(&sg[k],
memcpy(xbuf[IDX[k] >> PAGE_SHIFT] +
@@ -1025,30 +1043,33 @@ static int test_cipher(struct crypto_cipher *tfm, int enc,
crypto_cipher_set_flags(tfm, CRYPTO_TFM_REQ_WEAK_KEY);
ret = crypto_cipher_setkey(tfm, template[i].key,
- template[i].klen);
+ template[i].klen);
if (template[i].fail == !ret) {
printk(KERN_ERR "alg: cipher: setkey failed "
- "on test %d for %s: flags=%x\n", j,
- algo, crypto_cipher_get_flags(tfm));
+ "on test %d for %s: flags=%x\n", j,
+ algo, crypto_cipher_get_flags(tfm));
goto out;
} else if (ret)
continue;
for (k = 0; k < template[i].ilen;
- k += crypto_cipher_blocksize(tfm)) {
+ k += crypto_cipher_blocksize(tfm)) {
if (enc)
crypto_cipher_encrypt_one(tfm, data + k,
- data + k);
+ data + k);
else
crypto_cipher_decrypt_one(tfm, data + k,
- data + k);
+ data + k);
}
q = data;
if (memcmp(q, template[i].result, template[i].rlen)) {
printk(KERN_ERR "alg: cipher: Test %d failed "
- "on %s for %s\n", j, e, algo);
+ "on %s for %s\n", j, e, algo);
hexdump(q, template[i].rlen);
+ printk(KERN_ERR "alg: cipher: Test %d expected on %s for %s\n",
+ j, e, algo);
+ hexdump(template[i].result, template[i].rlen);
ret = -EINVAL;
goto out;
}
@@ -1180,8 +1201,14 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
pr_err("alg: skcipher%s: Test %d failed (invalid result) on %s for %s\n",
d, j, e, algo);
hexdump(q, template[i].rlen);
+ pr_err("alg: skcipher%s: Test %d expected %s for %s\n",
+ d, j, e, algo);
+ hexdump(template[i].result, template[i].rlen);
ret = -EINVAL;
goto out;
+ pr_err("alg: skcipher%s: Test %d expected %s for %s\n",
+ d, j, e, algo);
+ hexdump(template[i].result, template[i].rlen);
}
if (template[i].iv_out &&
@@ -1296,9 +1323,18 @@ static int __test_skcipher(struct crypto_skcipher *tfm, int enc,
if (memcmp(q, template[i].result + temp,
template[i].tap[k])) {
pr_err("alg: skcipher%s: Chunk test %d failed on %s at page %u for %s\n",
- d, j, e, k, algo);
+ d, j, e, k, algo);
hexdump(q, template[i].tap[k]);
+ pr_err(
+ "alg: skcipher%s: Chunk test %d expected on %s at page %u for %s\n",
+ d, j, e, k, algo);
+ hexdump(template[i].result + temp,
+ template[i].tap[k]);
goto out;
+ } else {
+ pr_err(
+ "alg: skcipher%s: Chunk test %d succeeded on %s at page %u for %s klen %d\n",
+ d, j, e, k, algo, template[i].klen);
}
q += template[i].tap[k];
@@ -1558,29 +1594,718 @@ out:
return err;
}
+#ifdef CONFIG_CRYPTO_AES_CBC_MB
+/*
+ * AES CBC multibuffer implementation can encrypt
+ * a maximum of 8 requests at once. Therefore, the
+ * MAX_REQ should be set >= 8 for better performance.
+ * The MAX_XFM allows multiple transforms created within
+ * the test framework.
+ *
+ * The multibuffer tests set up several requests and
+ * hand them off to the multibuffer driver. Error processing
+* does not simply bail out. The test code walks through all
+ * requests and awaits their completion. Indiscriminate premature
+ * bailout on error while other requests are in progress will cause
+ * trouble.
+ */
+
+#define MAX_REQ 16
+#define MAX_XFM MAX_REQ
+static struct skcipher_request *mb_req[MAX_REQ][MAX_REQ];
+static struct scatterlist mb_sg[MAX_REQ][MAX_REQ][8];
+static struct scatterlist mb_sgout[MAX_REQ][MAX_REQ][8];
+static struct tcrypt_result mb_result[MAX_REQ][MAX_REQ];
+static char *mb_xbuf[MAX_REQ][MAX_REQ][XBUFSIZE];
+static char *mb_xoutbuf[MAX_REQ][MAX_REQ][XBUFSIZE];
+static int mb_err[MAX_REQ][MAX_REQ];
+static char ivec[MAX_REQ][MAX_REQ][MAX_IVLEN];
+/* random data for cbc multibuffer tests */
+static struct cipher_test_suite mb_cbc_cipher[] = {
+ {
+ {
+ .vecs = aes_cbc_enc_tv_template_rnddata_klenmix,
+ .count = AES_CBC_ENC_TV_TEMPLATE_RNDDATA_KEY16_VEC_COUNT
+ },
+ {
+ .vecs = aes_cbc_dec_tv_template_rnddata_klen16,
+ .count = AES_CBC_DEC_TV_TEMPLATE_RNDDATA_KEY16_VEC_COUNT
+ }
+ },
+};
+
+/*
+ * Test multibuffer version AES CBC crypto algorithm via multiple transforms.
+ * The test iterates through a set of MAX_REQ requests with identical key,
+ * but unique input and IV.
+ */
+
+/*
+ * Test multibuffer version AES CBC crypto algorithm via multiple transforms.
+ * The test iterates through the test vectors sending MAX_REQ requests with
+ * the same vector and IV.
+ */
+/* free buffers allocated for testing multibuffer cbc */
+
+static void free_mbxbuf(int tidx)
+{
+ int i;
+
+ for (i = 0; i < MAX_REQ; ++i) {
+ if (mb_xbuf[tidx][i])
+ testmgr_free_buf(mb_xbuf[tidx][i]);
+ }
+}
+
+/* free MAX_REQ mb_xout buffers for a given transform */
+
+static void free_mbxoutbuf(int tidx)
+{
+ int i;
+
+ for (i = 0; i < MAX_REQ; ++i) {
+ if (mb_xoutbuf[tidx][i])
+ testmgr_free_buf(mb_xoutbuf[tidx][i]);
+ }
+}
+
+/* free MAX_REQ requests for a given transform */
+
+static void free_mbreq(int tidx)
+{
+ int i;
+
+ for (i = 0; i < MAX_REQ; ++i)
+ skcipher_request_free(mb_req[tidx][i]);
+}
+
+/* For a given transform, allocate buffers to test multibuffer cbc */
+
+static int allocbuf_mb(int tidx, struct crypto_skcipher *tfm,
+ const bool diff_dst, const char *algo)
+{
+ int r, n, err = 0;
+ char *ybuf[XBUFSIZE];
+
+ for (r = 0; r < MAX_REQ; ++r) {
+ if (testmgr_alloc_buf(ybuf))
+ goto out_nobuf;
+
+ for (n = 0; n < XBUFSIZE; ++n)
+ mb_xbuf[tidx][r][n] = ybuf[n];
+
+ if (diff_dst) {
+ if (testmgr_alloc_buf(ybuf))
+ goto out_nooutbuf;
+ for (n = 0; n < XBUFSIZE; ++n)
+ mb_xoutbuf[tidx][r][n] = ybuf[n];
+ }
+
+ init_completion(&mb_result[tidx][r].completion);
+
+ mb_req[tidx][r] = skcipher_request_alloc(
+ tfm,
+ GFP_KERNEL);
+ if (!mb_req[tidx][r]) {
+ err = -ENOMEM;
+ pr_err(
+ "alg: __test_skcipher: Failed to allocate request for %s\n",
+ algo);
+ goto out;
+ }
+ skcipher_request_set_callback(mb_req[tidx][r],
+ CRYPTO_TFM_REQ_MAY_BACKLOG,
+ tcrypt_complete, &mb_result[tidx][r]);
+ }
+ return 0;
+
+out:
+ free_mbreq(tidx);
+ if (diff_dst)
+ free_mbxoutbuf(tidx);
+
+out_nooutbuf:
+ free_mbxbuf(tidx);
+
+out_nobuf:
+ return err;
+}
+
+static void set_mb_input(unsigned int tidx, unsigned int vidx,
+ struct cipher_testvec *template,
+ const int align_offset, bool uniq_vec)
+{
+ void *data;
+ struct cipher_testvec *tvec;
+
+ tvec = &template[vidx] + tidx;
+ data = mb_xbuf[tidx][0][0];
+ data += align_offset;
+ memcpy(data, tvec->input, tvec->ilen);
+}
+
+static void send_mb_req(int tidx, unsigned int vidx, int enc,
+ const bool diff_dst, const int align_offset,
+ struct cipher_testvec *template, bool uniq_vec,
+ const char *algo)
+{
+ int ret;
+ void *data;
+ char *iv, *d, *e;
+ unsigned short ilen;
+ struct cipher_testvec *tvec;
+ char *thisiv;
+
+ tvec = &template[vidx] + tidx;
+ iv = tvec->iv;
+ ilen = tvec->ilen;
+ if (diff_dst)
+ d = "-ddst";
+ else
+ d = "";
+
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+ memset(&mb_err[tidx][0], 0, MAX_REQ); /* no error to begin with */
+
+ data = mb_xbuf[tidx][0][0];
+ data += align_offset;
+ sg_init_one(&mb_sg[tidx][0][0], data, ilen);
+ if (diff_dst) {
+ data = mb_xoutbuf[tidx][0][0];
+ data += align_offset;
+ sg_init_one(&mb_sgout[tidx][0][0], data, ilen);
+ }
+
+ thisiv = ivec[tidx][0];
+ memcpy(thisiv, iv, MAX_IVLEN);
+ skcipher_request_set_crypt(
+ mb_req[tidx][0],
+ mb_sg[tidx][0],
+ (diff_dst) ? mb_sgout[tidx][0]
+ : mb_sg[tidx][0],
+ ilen, thisiv);
+ ret = enc ?
+ crypto_skcipher_encrypt(
+ mb_req[tidx][0])
+ :
+ crypto_skcipher_decrypt(
+ mb_req[tidx][0]);
+
+ if (ret == -EINPROGRESS || ret == -EBUSY || ret == 0) {
+ /* deal with return status properly */
+ mb_err[tidx][0] = ret;
+ } else if (ret) {
+ unsigned int id;
+
+ mb_err[tidx][0] = ret;
+ id = vidx;
+ /* error */
+ pr_err("skcipher%s: %s failed on test %d for %s: ret=%d\n",
+ d, e, id, algo, -ret);
+ pr_err("skcipher%s: req=%d failed\n",
+ d, tidx);
+ }
+}
+
+static void await_mb_result(int tidx)
+{
+ int ret;
+ struct tcrypt_result *tr = &mb_result[tidx][0];
+
+ if (mb_err[tidx][0]) {
+ if (mb_err[tidx][0] != -EINPROGRESS &&
+ mb_err[tidx][0] != -EBUSY) {
+ pr_err("skcipher error\n"); /* skip reqs that failed */
+ return;
+ }
+ /* wait on async completions */
+ wait_for_completion(&tr->completion);
+ ret = tr->err;
+ mb_err[tidx][0] = ret;
+ if (!ret) {
+ /* no error, on with next */
+ reinit_completion(&tr->completion);
+ } else {
+ pr_err("skcipher: xfm=%d completion error %d\n",
+ tidx, ret);
+ }
+ }
+ /* no wait on synchronous completions */
+}
+
+static void check_mb_result(int tidx, unsigned int vidx, int enc,
+ const bool diff_dst, const int align_offset,
+ struct cipher_testvec *template, bool uniq_vec,
+ const char *algo)
+{
+ void *data;
+ char *q, *d, *e;
+ struct cipher_testvec *tvec;
+
+ tvec = &template[vidx] + tidx;
+ if (diff_dst)
+ d = "-ddst";
+ else
+ d = "";
+
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+
+ /* the request resulted in error, move on */
+ if (mb_err[tidx][0])
+ return;
+
+ if (diff_dst) {
+ data = mb_xoutbuf[tidx][0][0];
+ data += align_offset;
+ } else {
+ data = mb_xbuf[tidx][0][0];
+ data += align_offset;
+ }
+ q = data;
+ if (memcmp(q, tvec->result, tvec->rlen)) {
+ pr_err("skcipher%s: Test %d(%d) failed on %s for %s\n",
+ d, tidx, vidx, e, algo);
+ pr_err("skcipher: xfm=%d result mismatch\n",
+ tidx);
+ pr_err("Expected result for xfm=%d\n", tidx);
+ hexdump(tvec->result,
+ tvec->rlen);
+ pr_err("Encountered result for xfm=%d\n",
+ tidx);
+ hexdump(q, tvec->rlen);
+ } else {
+ pr_err("skcipher%s: Test %d(%d) succeeded on %s for %s\n",
+ d, tidx, vidx, e, algo);
+ }
+}
+
+static void check_mb_sg_result(int tidx, unsigned int vidx, int enc,
+ bool diff_dst, struct cipher_testvec *template,
+ bool uniq_vec, const char *algo)
+{
+ unsigned int k, n;
+ unsigned int temp;
+ char *q, *d, *e;
+ struct cipher_testvec *tvec;
+ unsigned int cor_pg, cor_bytes;
+ unsigned int id; /* test id */
+
+ tvec = &template[vidx] + tidx;
+ if (diff_dst)
+ d = "-ddst";
+ else
+ d = "";
+
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+ temp = 0;
+ id = vidx;
+ if (mb_err[tidx][0])
+ return; /* on with other reqs */
+ for (k = 0; k < tvec->np; k++) {
+ unsigned int pg;
+
+ pg = MB_IDX[k] >> PAGE_SHIFT;
+ if (diff_dst)
+ q = mb_xoutbuf[tidx][0][pg] +
+ offset_in_page(MB_IDX[k]);
+ else
+ q = mb_xbuf[tidx][0][pg] +
+ offset_in_page(MB_IDX[k]);
+
+ cor_bytes = tvec->tap[k];
+ cor_pg = k;
+ if (memcmp(q, tvec->result + temp, tvec->tap[k])) {
+ pr_err(
+ "skcipher%s: chunk test %d failed/corruption %s @pg %u for %s:%u bytes:\n",
+ d, id, e, cor_pg, algo, cor_bytes);
+ hexdump(q, cor_bytes);
+ return;
+ }
+ pr_err(
+ "skcipher%s: chunk test %d succeeded %s @pg %u for %s:%u bytes:\n",
+ d, id, e, cor_pg, algo, cor_bytes);
+
+ q += tvec->tap[k];
+ for (n = 0; offset_in_page(q + n) && q[n]; n++)
+ ;
+ if (n) {
+ cor_bytes = n;
+ cor_pg = k;
+ pr_err(
+ "skcipher%s: chunk test %d result corruption %s @pg %u for %s:%u bytes:\n",
+ d, id, e, cor_pg, algo, cor_bytes);
+ hexdump(q, cor_bytes);
+ break; /* on with next request */
+ }
+ temp += tvec->tap[k];
+ }
+}
+
+static void send_mb_sg_req(int tidx, unsigned int vidx, int enc,
+ bool diff_dst, struct cipher_testvec *template,
+ bool uniq_vec, const char *algo)
+{
+ unsigned int k, n;
+ unsigned int temp;
+ int ret;
+ char *q, *d, *e;
+ char *ybuf[XBUFSIZE];
+ struct cipher_testvec *tvec;
+ char *thisiv;
+
+ tvec = &template[vidx] + tidx;
+ if (diff_dst)
+ d = "-ddst";
+ else
+ d = "";
+
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+ memset(&mb_err[tidx][0], 0, MAX_REQ);
+
+ temp = 0;
+ sg_init_table(&mb_sg[tidx][0][0], tvec->np);
+ if (diff_dst)
+ sg_init_table(&mb_sgout[tidx][0][0], tvec->np);
+
+ for (k = 0; k < tvec->np; ++k) {
+ unsigned int pg;
+
+ if (WARN_ON((offset_in_page(MB_IDX[k]) + tvec->tap[k]) >
+ PAGE_SIZE)) {
+ pr_err("skcipher%s: %s Invalid sg for %s\n",
+ d, e, algo);
+ pr_err("offset + tap(%d) > PAGE_SIZE(%lu)\n",
+ tvec->tap[k], PAGE_SIZE);
+ pr_err("req=%d k=%d tap(%d)\n",
+ tidx, k, tvec->tap[k]);
+ break; /* skip this */
+ }
+
+ for (n = 0; n < XBUFSIZE; ++n)
+ ybuf[n] = mb_xbuf[tidx][0][n];
+ pg = MB_IDX[k] >> PAGE_SHIFT;
+ q = ybuf[pg] + offset_in_page(MB_IDX[k]);
+
+ memcpy(q, tvec->input + temp, tvec->tap[k]);
+
+ if ((offset_in_page(q) + tvec->tap[k]) < PAGE_SIZE)
+ q[tvec->tap[k]] = 0;
+
+ sg_set_buf(&mb_sg[tidx][0][k], q, tvec->tap[k]);
+ if (diff_dst) {
+ unsigned int segs;
+
+ segs = tvec->tap[k];
+ q = mb_xoutbuf[tidx][0][pg] +
+ offset_in_page(MB_IDX[k]);
+
+ sg_set_buf(&mb_sgout[tidx][0][k], q, segs);
+
+ memset(q, 0, tvec->tap[k]);
+ if ((offset_in_page(q) + tvec->tap[k]) <
+ PAGE_SIZE)
+ q[segs] = 0;
+ }
+
+ temp += tvec->tap[k];
+ }
+
+ thisiv = ivec[tidx][0];
+ memcpy(thisiv, tvec->iv, MAX_IVLEN);
+ skcipher_request_set_crypt(
+ mb_req[tidx][0],
+ &mb_sg[tidx][0][0],
+ (diff_dst) ? &mb_sgout[tidx][0][0]
+ : &mb_sg[tidx][0][0],
+ tvec->ilen,
+ thisiv);
+
+ ret = enc ? crypto_skcipher_encrypt(
+ mb_req[tidx][0])
+ : crypto_skcipher_decrypt(
+ mb_req[tidx][0]);
+
+ if (ret == -EBUSY || ret == -EINPROGRESS || ret == 0) {
+ /* deal with return status properly */
+ mb_err[tidx][0] = ret;
+ if (uniq_vec)
+ ++tvec;
+ } else if (ret) {
+ mb_err[tidx][0] = ret;
+ pr_err("skcipher%s: xfm=%d failed for %s algo %s\n",
+ d, tidx, e, algo);
+ }
+}
+
+static int __test_mb_skcipher(struct crypto_skcipher *tfm[MAX_REQ],
+ int enc, struct cipher_testvec *template,
+ unsigned int tcount,
+ const bool diff_dst, const int align_offset)
+{
+ const char *algo;
+ unsigned int i, j;
+ const char *e, *d;
+ int ret = -ENOMEM;
+ bool sent[MAX_REQ];
+
+ /* same algorithm, multiple xfms */
+ algo = crypto_tfm_alg_driver_name(
+ crypto_skcipher_tfm(tfm[0]));
+
+ memset(mb_xbuf, '\0', sizeof(mb_xbuf));
+ memset(mb_xoutbuf, '\0', sizeof(mb_xoutbuf));
+
+ for (i = 0; i < MAX_REQ; ++i) {
+ if (allocbuf_mb(i, tfm[i], diff_dst, algo))
+ goto out_nobuf;
+ }
+
+ if (diff_dst)
+ d = "-ddst";
+ else
+ d = "";
+
+ if (enc == ENCRYPT)
+ e = "encryption";
+ else
+ e = "decryption";
+
+ for (i = 0; i < MAX_REQ; ++i)
+ sent[i] = false;
+
+ /* multi xfm, and send multi requests for all xfms and await results */
+ j = 0;
+ for (i = 0; i < tcount; i++) {
+ if (template[i].np && !template[i].also_non_np)
+ continue;
+ /* ensure that the vector data is within page size */
+ if (template[i].ilen > PAGE_SIZE)
+ continue;
+
+ ret = -EINVAL;
+ if (WARN_ON(align_offset + template[i].ilen > PAGE_SIZE))
+ goto out;
+
+ /* set the data for multiple xfms */
+ set_mb_input(i, 0, template,
+ align_offset, false);
+
+ /*
+ * Set the key for multiple xfms.
+ * To proceed with test all xfms should be successful
+ */
+
+ crypto_skcipher_clear_flags(tfm[i], ~0);
+ if (template[i].wk)
+ crypto_skcipher_set_flags(tfm[i],
+ CRYPTO_TFM_REQ_WEAK_KEY);
+
+ ret = crypto_skcipher_setkey(tfm[i], template[i].key,
+ template[i].klen);
+ if (!ret == template[i].fail) {
+ pr_err(
+ "alg: skcipher%s: setkey failed on test %d for %s: flags=%x\n",
+ d, i, algo,
+ crypto_skcipher_get_flags(tfm[i]));
+ goto out;
+ } else if (ret)
+ break;
+ /* move on to next test if key could not be setup */
+ if (ret)
+ continue;
+
+ j++;
+
+ sent[i] = true;
+ send_mb_req(i, 0, enc, diff_dst, align_offset,
+ template, false, algo);
+
+ }
+ /* await results from multiple requests from multiple xfms */
+ for (i = 0; i < tcount; ++i) {
+ if (sent[i])
+ await_mb_result(i);
+ }
+
+ /* check results from multiple requests from multiple xfms */
+ for (i = 0; i < tcount; ++i) {
+ if (sent[i])
+ check_mb_result(i, 0, enc, diff_dst,
+ align_offset, template, false, algo);
+ sent[i] = false;
+ }
+
+ j = 0;
+ for (i = 0; i < tcount; i++) {
+ /* alignment tests are only done with continuous buffers */
+
+ if (align_offset != 0)
+ break;
+ if (!template[i].np)
+ continue;
+
+ j++;
+ /* set the key for multiple transforms */
+ crypto_skcipher_clear_flags(tfm[i], ~0);
+ if (template[i].wk)
+ crypto_skcipher_set_flags(
+ tfm[i],
+ CRYPTO_TFM_REQ_WEAK_KEY);
+
+ ret = crypto_skcipher_setkey(tfm[i], template[i].key,
+ template[i].klen);
+ if (!ret == template[i].fail) {
+ pr_err(
+ "skcipher%s: setkey failed on chunk test %d xfm=%d for %s: flags=%x\n",
+ d, j, i, algo,
+ crypto_skcipher_get_flags(tfm[i]));
+ goto out;
+ } else if (ret)
+ break;
+ if (ret)
+ continue; /* on to next test */
+
+ /* iterate the test over multiple requests & xfms */
+
+ sent[i] = true;
+ send_mb_sg_req(i, 0, enc, diff_dst,
+ template, false, algo);
+ }
+
+ /* wait for completion from all xfms */
+ for (i = 0; i < tcount; ++i) {
+ if (sent[i])
+ await_mb_result(i);
+ }
+
+ /* check results from all xfms */
+ for (i = 0; i < tcount; ++i) {
+ if (sent[i])
+ check_mb_sg_result(i, 0, enc, diff_dst,
+ template, false, algo);
+ }
+
+ ret = 0;
+out:
+ for (i = 0; i < MAX_REQ; ++i)
+ free_mbreq(i);
+
+ if (diff_dst) {
+ for (i = 0; i < MAX_REQ; ++i)
+ free_mbxoutbuf(i);
+ }
+ for (i = 0; i < MAX_REQ; ++i)
+ free_mbxbuf(i);
+
+out_nobuf:
+ return ret;
+}
+
+static int test_mb_skcipher(struct crypto_skcipher *tfm[MAX_XFM],
+ int enc, struct cipher_testvec *template,
+ unsigned int tcount)
+{
+ int ret;
+
+ /* test 'dst == src' case */
+ ret = __test_mb_skcipher(tfm, enc, template, tcount, false, 0);
+ if (ret)
+ return ret;
+
+ return 0;
+}
+
+static int alg_test_mb_skcipher(const struct alg_test_desc *desc,
+ const char *driver, u32 type, u32 mask)
+{
+ struct crypto_skcipher *tfm[MAX_REQ];
+ int err = 0;
+ int i;
+
+ /* create multiple transforms to test AES CBC */
+ for (i = 0; i < MAX_REQ; i++) {
+ tfm[i] = crypto_alloc_skcipher(driver,
+ type | CRYPTO_ALG_INTERNAL, mask);
+ if (IS_ERR(tfm[i])) {
+ printk(KERN_ERR "alg: skcipher: Failed to load transform for %s: %ld\n",
+ driver, PTR_ERR(tfm[i]));
+ return PTR_ERR(tfm[i]);
+ }
+ }
+
+ for (i = 0; i < ARRAY_SIZE(mb_cbc_cipher); ++i) {
+ err = test_mb_skcipher(
+ tfm,
+ ENCRYPT,
+ mb_cbc_cipher[i].enc.vecs,
+ mb_cbc_cipher[i].enc.count
+ );
+ if (err)
+ goto out;
+
+ err = test_mb_skcipher(
+ tfm,
+ DECRYPT,
+ mb_cbc_cipher[i].dec.vecs,
+ mb_cbc_cipher[i].dec.count
+ );
+ if (err)
+ goto out;
+
+ }
+out:
+ for (i = 0; i < MAX_REQ; i++)
+ crypto_free_skcipher(tfm[i]);
+
+ return err;
+}
+#endif /* CONFIG_CRYPTO_AES_CBC_MB */
+
static int alg_test_skcipher(const struct alg_test_desc *desc,
- const char *driver, u32 type, u32 mask)
+ const char *driver, u32 type, u32 mask)
{
struct crypto_skcipher *tfm;
int err = 0;
+#ifdef CONFIG_CRYPTO_AES_CBC_MB
+ /* invoke the comprehensive cbc multibuffer tests */
+ if (desc->alg && (strcmp(desc->alg, "cbc(aes)") == 0))
+ return alg_test_mb_skcipher(desc, driver, type, mask);
+#endif
+
tfm = crypto_alloc_skcipher(driver, type | CRYPTO_ALG_INTERNAL, mask);
if (IS_ERR(tfm)) {
printk(KERN_ERR "alg: skcipher: Failed to load transform for "
- "%s: %ld\n", driver, PTR_ERR(tfm));
+ "%s: %ld\n", driver, PTR_ERR(tfm));
return PTR_ERR(tfm);
}
if (desc->suite.cipher.enc.vecs) {
err = test_skcipher(tfm, ENCRYPT, desc->suite.cipher.enc.vecs,
- desc->suite.cipher.enc.count);
+ desc->suite.cipher.enc.count);
if (err)
goto out;
}
if (desc->suite.cipher.dec.vecs)
err = test_skcipher(tfm, DECRYPT, desc->suite.cipher.dec.vecs,
- desc->suite.cipher.dec.count);
+ desc->suite.cipher.dec.count);
out:
crypto_free_skcipher(tfm);
@@ -2110,6 +2835,10 @@ static const struct alg_test_desc alg_test_descs[] = {
.test = alg_test_null,
.fips_allowed = 1,
}, {
+ .alg = "__driver-cbc-aes-aesni-mb",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "__driver-cbc-camellia-aesni",
.test = alg_test_null,
}, {
@@ -3615,6 +4344,10 @@ static const struct alg_test_desc alg_test_descs[] = {
}
}
}, {
+ .alg = "mcryptd(__driver-cbc-aes-aesni-mb)",
+ .test = alg_test_null,
+ .fips_allowed = 1,
+ }, {
.alg = "md4",
.test = alg_test_hash,
.suite = {
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index da99f89..ee6b223 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -34546,19 +34546,59 @@ static struct comp_testvec lz4hc_decomp_tv_template[] = {
};
#ifdef CONFIG_CRYPTO_AES_CBC_MB
-static struct cipher_testvec aes_cbc_enc_tv_template_rnddata_klen16[] = {
+static struct cipher_testvec aes_cbc_enc_tv_template_rnddata_klenmix[] = {
{
- .key =
-"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
- .klen = 16,
- .iv =
-"\xc1\x62\x66\x62\xb8\x65\x28\xfa\x5f\x36\xd3\x09\xb1\x2c\xa1\xa3",
- .input =
-"\x4f\x6c\x63\xa5\xd0\x19\x08\x4e\xd4\x58\x33\xf6\x2b\xeb\x26\xb9",
- .ilen = 16,
- .result =
-"\xa0\x35\xb0\x33\xc0\x2e\xe5\xbb\xbc\xe6\x01\x9e\xf4\x67\x11\x14",
- .rlen = 16,
+ .key = "\x60\x3d\xeb\x10\x15\xca\x71\xbe"
+ "\x2b\x73\xae\xf0\x85\x7d\x77\x81"
+ "\x1f\x35\x2c\x07\x3b\x61\x08\xd7"
+ "\x2d\x98\x10\xa3\x09\x14\xdf\xf4",
+ .klen = 32,
+ .iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
+ "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
+ "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
+ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
+ "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .ilen = 64,
+ .result = "\xf5\x8c\x4c\x04\xd6\xe5\xf1\xba"
+ "\x77\x9e\xab\xfb\x5f\x7b\xfb\xd6"
+ "\x9c\xfc\x4e\x96\x7e\xdb\x80\x8d"
+ "\x67\x9f\x77\x7b\xc6\x70\x2c\x7d"
+ "\x39\xf2\x33\x69\xa9\xd9\xba\xcf"
+ "\xa5\x30\xe2\x63\x04\x23\x14\x61"
+ "\xb2\xeb\x05\xe2\xc3\x9b\xe9\xfc"
+ "\xda\x6c\x19\x07\x8c\x6a\x9d\x1b",
+ .rlen = 64,
+},
+{ /* From NIST SP800-38A */
+ .key = "\x8e\x73\xb0\xf7\xda\x0e\x64\x52"
+ "\xc8\x10\xf3\x2b\x80\x90\x79\xe5"
+ "\x62\xf8\xea\xd2\x52\x2c\x6b\x7b",
+ .klen = 24,
+ .iv = "\x00\x01\x02\x03\x04\x05\x06\x07"
+ "\x08\x09\x0a\x0b\x0c\x0d\x0e\x0f",
+ .input = "\x6b\xc1\xbe\xe2\x2e\x40\x9f\x96"
+ "\xe9\x3d\x7e\x11\x73\x93\x17\x2a"
+ "\xae\x2d\x8a\x57\x1e\x03\xac\x9c"
+ "\x9e\xb7\x6f\xac\x45\xaf\x8e\x51"
+ "\x30\xc8\x1c\x46\xa3\x5c\xe4\x11"
+ "\xe5\xfb\xc1\x19\x1a\x0a\x52\xef"
+ "\xf6\x9f\x24\x45\xdf\x4f\x9b\x17"
+ "\xad\x2b\x41\x7b\xe6\x6c\x37\x10",
+ .ilen = 64,
+ .result = "\x4f\x02\x1d\xb2\x43\xbc\x63\x3d"
+ "\x71\x78\x18\x3a\x9f\xa0\x71\xe8"
+ "\xb4\xd9\xad\xa9\xad\x7d\xed\xf4"
+ "\xe5\xe7\x38\x76\x3f\x69\x14\x5a"
+ "\x57\x1b\x24\x20\x12\xfb\x7a\xe0"
+ "\x7f\xa9\xba\xac\x3d\xf1\x02\xe0"
+ "\x08\xb0\xe2\x79\x88\x59\x88\x81"
+ "\xd9\x20\xa9\xe6\x4f\x56\x15\xcd",
+ .rlen = 64,
},
{
.key =
--
1.9.1
^ permalink raw reply related
* [PATCH v5 6/7] crypto: AES vectors for AES CBC multibuffer testing
From: Megha Dey @ 2016-09-26 17:27 UTC (permalink / raw)
To: herbert, davem; +Cc: linux-crypto, tim.c.chen, megha.dey, Megha Dey
In-Reply-To: <1474910859-11713-1-git-send-email-megha.dey@linux.intel.com>
From: Tim Chen <tim.c.chen@linux.intel.com>
For more robust testing of AES CBC multibuffer support, additional
test vectors have been added to the AES CBC encrypt/decrypt
test case.
Originally-by: Chandramouli Narayanan <mouli_7982@yahoo.com>
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
---
crypto/testmgr.h | 1456 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 1456 insertions(+)
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index e64a4ef..da99f89 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -34545,4 +34545,1460 @@ static struct comp_testvec lz4hc_decomp_tv_template[] = {
},
};
+#ifdef CONFIG_CRYPTO_AES_CBC_MB
+static struct cipher_testvec aes_cbc_enc_tv_template_rnddata_klen16[] = {
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc1\x62\x66\x62\xb8\x65\x28\xfa\x5f\x36\xd3\x09\xb1\x2c\xa1\xa3",
+ .input =
+"\x4f\x6c\x63\xa5\xd0\x19\x08\x4e\xd4\x58\x33\xf6\x2b\xeb\x26\xb9",
+ .ilen = 16,
+ .result =
+"\xa0\x35\xb0\x33\xc0\x2e\xe5\xbb\xbc\xe6\x01\x9e\xf4\x67\x11\x14",
+ .rlen = 16,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x78\x6c\x27\xd6\xb2\xdc\xbe\x7b\xab\xc2\x43\xd7\x81\x0c\xe5\x20",
+ .input =
+"\x9a\x00\x4e\x5a\xb3\x51\x68\xaa\xdb\x6e\xe5\xa4\x7f\x23\x6e\x4d"
+"\x1e\x72\x5e\xad\x64\xc9\x96\x23\xf8\xae\xef\xf6\x7b\x7d\xd6\xf0",
+ .ilen = 32,
+ .result =
+"\x5a\xc0\x04\xc6\x53\xef\x3b\x69\xb1\x41\xc7\x85\xeb\x69\x82\xd0"
+"\xed\x09\xbb\xec\xb2\x8d\x5c\xc9\x61\x81\x5c\xf6\x99\x49\xa0\x4d",
+ .rlen = 32,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc9\x05\x4c\x35\x96\x77\xd3\x3c\x3d\x97\x7c\x82\xf5\x58\x71\xf1",
+ .input =
+"\xa9\x5b\x03\xec\xec\x73\xed\xcb\x5c\x4c\xd2\x40\xb6\x9b\x49\x31"
+"\x5d\xf2\x23\xb3\x11\x98\xeb\x89\xab\x3e\x3a\xdd\xaa\xfd\xd1\xde"
+"\xab\x73\x59\x86\x1a\x59\x32\xb2\x55\x46\x4a\x80\xa4\xcc\xa8\xd9",
+ .ilen = 48,
+ .result =
+"\xdb\x05\x69\xe1\x33\x8b\x0b\x3d\x33\x12\x0d\xef\x94\x0f\xa3\xb3"
+"\xd7\x0a\x53\x7b\x98\x53\xc6\xc2\xa3\xd4\x7a\x30\x1a\xed\x45\xcc"
+"\x47\x38\xc1\x75\x0b\x3c\xd4\x8d\xa8\xf9\xd3\x71\xb8\x22\xa6\xae",
+ .rlen = 48,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x6c\xb4\x84\x61\x1e\x39\x4b\x22\x37\xaa\x7b\x78\xc0\x71\x20\x60",
+ .input =
+"\x05\x43\x76\x1e\xc6\x68\x43\x52\x5f\x43\x39\xbf\x93\x38\x38\x83"
+"\x38\x1d\x3c\xb5\xc8\xab\xe4\xd0\x7f\x1a\xac\xca\xcc\x16\xea\x75"
+"\x30\x75\x40\xe8\x61\x07\xc6\x04\x55\x2b\xf3\x29\xc3\x37\x83\x42"
+"\xe0\x21\xfb\xb4\x5d\x93\xbb\x87\x01\x3e\xa6\x9d\x3b\x0a\x5a\x37",
+ .ilen = 64,
+ .result =
+"\x83\x9f\xa0\xac\x14\x14\x88\x68\x7f\x9a\x5f\x98\x91\x71\xa8\xce"
+"\x28\xfb\x5e\xb1\x49\xe7\x63\x39\x12\x62\x00\x3e\x5c\x63\x2b\x12"
+"\x3d\xff\xd5\x0a\x43\x28\x52\x68\x78\x62\xc7\xa4\xbb\xca\x5d\x5e"
+"\xe3\xd5\x23\xb3\xe7\x22\xae\xf3\xd0\xd9\x00\x14\x0c\x46\x67\x17",
+ .rlen = 64,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xf9\xe8\xab\xe2\xf9\x28\xeb\x05\x10\xc4\x97\x37\x76\xe4\xe0\xd9",
+ .input =
+"\xab\x99\xe8\x2a\x18\x50\xdc\x80\x1f\x38\xb9\x01\x34\xd4\x59\x60"
+"\x4e\x1c\x21\x71\x22\x06\xbe\x5f\x71\x07\x3b\x13\xe7\x05\xca\xa5"
+"\x7b\x23\xb5\xaa\xc6\xdb\xe3\x17\xa9\x9f\xe1\xbc\xd5\x1b\xe6\xf5"
+"\xfa\x43\xdd\x80\x50\xc8\x8a\x32\x2f\x65\x25\xa4\xeb\xd1\x74\x02"
+"\x07\xc1\x04\x94\x6b\x34\xa1\x74\x62\xb2\x8d\x60\xf5\x7e\xda\x1a"
+"\x0f\xf5\x21\xe1\xd7\x88\xc8\x26\xd7\x49\xb2\x4a\x84\x2c\x00\x3b"
+"\x96\xde\x4e\xa7\x57\x27\xa0\xa4\x3a\xff\x69\x19\xf7\xec\xeb\x62"
+"\xff\x5a\x82\x0d\x25\x5e\x3c\x63\xb3\x6d\xc4\xb9\xe3\xc9\x3a\xc2",
+ .ilen = 128,
+ .result =
+"\xec\xd5\x2f\x6a\xfd\x61\xf2\x37\x19\x6f\x55\x31\xd7\x2c\x14\x4d"
+"\xc1\xb4\xbb\x7d\xa9\x1a\xe6\x85\x8c\x2f\xbf\x7e\x66\x21\xf8\x17"
+"\x9e\x09\x1b\x2a\x11\xbf\xdf\x7d\xdf\xf5\xfb\x0a\x16\x79\xe2\x43"
+"\x5c\x3b\x3e\x84\x35\xfd\x92\x9e\xe0\x31\x50\x1d\x62\xd6\x22\x99"
+"\x5f\x25\xb3\xe8\xdf\xb0\xc0\xab\xd9\xdb\xac\x4b\x9c\xe2\x89\xc6"
+"\x49\x7f\x5f\xee\xcb\xf6\x25\x10\x9f\x32\x58\x85\x45\x50\x74\x8a"
+"\x55\xce\x86\x44\xda\xe4\x93\x58\x4d\xd3\x73\x76\x40\xf6\x92\x8b"
+"\x99\xc1\x2b\xf9\x18\xd0\xfa\xd0\xa6\x84\x03\xf5\xd4\xcb\xfa\xe7",
+ .rlen = 128,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x58\x1e\x1a\x65\x16\x25\xaa\x55\x97\xcd\xeb\x4c\xd6\xb3\x9c\x2b",
+ .input =
+"\xef\x85\x0b\xe5\x02\xd5\xce\xcc\xad\x2d\x5e\xec\x1e\x01\x8c\x28"
+"\xf0\x2c\x23\x10\xaa\x84\xf0\x61\xe2\x56\x29\x21\x9f\x09\xaf\x9d"
+"\x7d\xfc\x60\x16\x4c\x67\xdd\xdf\x74\x35\x49\x81\xca\x68\xb6\xc7"
+"\x31\x9f\x49\x29\x96\x01\xb9\x3c\xfb\xa3\x00\x04\x05\xd8\xe6\xa2"
+"\x3f\x0c\xee\xfc\xd6\x88\x7a\x2d\xd6\x32\x27\x15\xe3\x53\xa0\x52"
+"\x1d\x96\x5a\x95\x09\x0c\x5f\x07\xc8\xdf\xab\xc7\x78\x57\x6a\x49"
+"\x09\x88\x54\x2e\x80\x27\xb0\x8a\x40\xb8\x9e\x7a\x22\x85\x8d\xaa"
+"\x95\x48\x45\xf5\xfd\x6f\x4c\x69\xe3\x38\xa6\x05\x69\xf0\xba\xb5"
+"\xd5\x9a\x9f\x77\x98\x23\xef\x98\x1f\xf3\xfe\x53\x23\xf6\xc6\x74"
+"\x6a\x2f\x1b\x34\x75\xd0\x51\x0c\x88\x10\xf9\x80\x19\xaf\x4f\xf1"
+"\xb1\xf3\xc0\x0e\x3a\x7d\x63\x3e\xbd\xb9\xe9\x3c\x69\x56\x0d\xb9"
+"\x8d\x69\xea\xb9\xa7\x39\x4c\x5d\xb8\x06\xa3\x1b\x66\x66\x14\x80"
+"\xe1\x8f\xf3\x65\x0c\xd5\x39\xe4\xed\xb9\x1f\x88\x74\x49\xd7\x4f"
+"\xc1\x4b\x3d\xea\x5d\xa2\x44\xd6\xad\x5d\x8d\xd1\xf7\x56\x9c\x9e"
+"\xda\x52\x56\x51\x00\x14\x1b\xb4\x00\x6b\x83\x4f\x41\x0b\xba\xaa"
+"\x11\xe6\xee\x23\xf7\x85\xa9\xb9\xd8\xe3\xbd\xbb\x7b\x83\x5f\xf8",
+ .ilen = 256,
+ .result =
+"\xc8\x8e\xbf\x95\x57\xa8\xcd\x47\xbc\x32\xee\x76\x97\xee\x02\x12"
+"\x11\x36\x81\xaa\x5b\xd9\xb3\x14\x80\xf3\xab\x62\x9b\x7f\x99\x98"
+"\x3b\x46\xd6\xfb\x68\xc8\xce\x1d\xa5\x47\x79\x6a\xdf\x7c\xda\x01"
+"\x44\x01\xfc\xed\xab\x2a\x51\xae\x2f\x72\x60\xed\x61\xc5\x23\x1d"
+"\xc7\xb5\x3c\xb7\x0b\x29\x62\xd6\x77\x8c\xea\x51\x0c\x39\x90\xe7"
+"\x99\x8c\x5d\xb7\x16\xf3\xc6\xea\xe0\xff\xc3\xd7\xc8\x1a\x7d\xde"
+"\x4d\x25\xaa\x0b\x90\x0d\x49\xd7\x98\x44\x4b\x75\x46\x01\x30\xa3"
+"\xdc\x47\xd9\x66\xc7\x7a\xcb\x4a\x33\x69\x60\x5d\x96\x73\x31\xf1"
+"\xce\xdc\xa9\x15\xb5\xae\x08\x2b\x08\x4a\xbc\x9b\x68\x1e\x49\xe4"
+"\x6e\x11\xe8\x61\x37\x58\x66\x69\x67\x97\x65\x1d\xd4\x62\x7c\x29"
+"\x10\xba\x8f\x2f\x0f\x23\x3d\x72\xb1\xcf\x01\xbc\x73\x10\xd8\xde"
+"\x21\xe6\xfc\xce\x3b\x3e\x19\xdc\xc2\xa7\x87\x62\x33\x88\xb4\x37"
+"\x1f\xfc\x1a\x2b\xef\x14\x24\x4a\xb5\x86\x55\x45\xf8\xc4\xcd\xaa"
+"\x0d\x8a\x5a\xdc\xfd\x7b\x41\xd7\xa6\x8f\x05\x25\x4a\x61\xcb\xa7"
+"\x14\x84\x21\xfc\xa6\x4b\x0f\xaa\x7d\xc6\xa2\x04\x04\xff\x39\xfc"
+"\x27\x8d\x7a\xce\x94\x31\x7c\xb4\xd5\x90\xbd\xb6\xdb\x6a\x55\xd9",
+ .rlen = 256,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xed\xa3\x2d\xa6\x9f\x5e\x38\x6f\xbb\xf9\xb3\x32\xae\x73\x05\x87",
+ .input =
+"\xf6\x24\x50\x2d\xa4\xfb\x09\x41\x95\xcd\x25\x13\xc0\xdc\x26\x0b"
+"\x20\x66\x70\x79\xc5\x58\xde\x63\xba\x37\x13\xb2\x0a\x40\x58\xef"
+"\x37\xcb\x04\x38\x10\x6a\x90\x97\x14\xd2\x71\x03\xa4\xa3\x6a\x59"
+"\x15\x6e\x5d\x45\xc9\xcc\xa9\x47\x8c\x0f\x1d\x6c\x62\x06\x90\xba"
+"\xef\x1c\x23\x4d\xc4\xa0\xa5\x56\x49\x19\xa9\xb1\x2a\xdd\x26\x00"
+"\x6e\xed\xd8\x4d\xd4\x3f\x68\x99\x24\xe2\xfe\x99\xb4\xe6\xf8\x3f"
+"\x60\xef\x97\x5f\x87\xa6\xde\x82\xc4\x11\xf6\x91\x7f\xd4\xa6\xa8"
+"\xee\x97\x41\x43\x14\xd2\x6e\x8d\x72\x30\x83\x5b\x67\x01\x38\xa2"
+"\xca\x93\xf4\x1e\x80\x2e\x8f\x7e\xc3\x78\xf0\xc1\x68\xb4\xf9\x1f"
+"\x15\x3c\x5c\x8b\xa1\xb5\x2f\x0c\xbf\xf7\x21\x74\xdb\x57\x98\x85"
+"\xe9\x89\x16\x20\x8b\x7c\x71\xef\x46\xc0\x78\x04\x23\x3b\x58\x24"
+"\x51\xa1\xa6\xfc\x6e\x9e\x29\x95\x55\x4c\x05\x1c\xc5\x9a\x59\x7e"
+"\x40\x4d\xe8\x81\x76\x41\x6f\x15\xde\x68\xce\x2d\x42\x03\x74\x73"
+"\xd3\x9a\x9c\xac\xa5\x05\x03\x7e\x53\x6e\x53\xa2\x57\x36\xee\x0c"
+"\x05\xde\xa9\x61\x55\xb9\x9d\x7d\x18\x18\xaa\x20\xde\xb8\x43\xd7"
+"\x30\x8e\x20\xc0\x78\xbe\xec\x24\xcf\xd7\x66\xb7\x5a\x1f\x5a\x81"
+"\xec\x19\x48\xc3\xa7\x62\xbf\x83\xbb\xbd\xf4\x51\xec\xb5\xec\x90"
+"\x05\xe1\xa9\xbf\x4d\x9b\x30\xf1\xb9\xa6\x49\xe9\xad\x65\x0d\x08"
+"\x1f\x3f\x81\xa5\x40\x4f\x3d\x42\xd8\x68\x29\xe3\x6c\xcc\x4d\x20"
+"\x7e\xb9\x0c\x33\x1f\x20\xd2\xaf\x39\xd6\xb4\x20\x06\xd0\xc3\x54"
+"\xcd\x96\x84\x88\x13\xc0\x09\x57\x18\x90\xad\xec\x18\xab\x72\x0b"
+"\xb4\x4c\x0a\x65\x67\x2a\x96\x2c\x98\x58\x6f\xdf\xc0\xe4\x51\x7c"
+"\xc8\x66\x1d\x21\x91\x1f\xab\xac\xed\x86\x38\x70\x54\x6f\x0c\xbf"
+"\x1a\xea\x9b\x33\xf4\x7c\x99\x0c\x0a\xdf\x39\x25\x78\x3b\x8d\x9c"
+"\x46\xc0\x07\x08\xfa\xeb\x19\x12\xf8\xc1\xf7\x18\x13\xbd\x7f\xd1"
+"\xa4\x3c\x7e\x03\xbd\xcf\xa1\xf3\x37\x4a\x4d\xc3\xaa\x23\xed\x58"
+"\xca\x68\x35\x91\x3e\x23\x09\xb8\xf3\x8d\xc3\x1b\x23\xe8\x1c\xda"
+"\x41\x90\xa2\x4b\x48\xb5\x7c\xa0\x8d\xaf\x66\x5e\xad\x7f\x06\xa2"
+"\x62\x32\x40\x69\x41\xb1\x2f\x6c\x0e\xf9\xd1\x48\xbd\xfc\x44\x0f"
+"\x65\x5e\xa1\x38\x83\xea\xfe\x42\x53\x9a\x2a\x85\xea\x92\xf6\x29"
+"\xbf\xb5\x78\x1e\x8d\x03\x6b\x09\xaf\x94\x4b\x39\x20\xc1\x17\x20"
+"\x95\x42\xfe\x72\x02\x10\x61\x21\x0f\x23\xcb\x33\x35\x52\x57\x9e",
+ .ilen = 512,
+ .result =
+"\x25\x3d\xad\x25\x4f\xb4\x50\x55\xbf\xc1\x66\xe3\x52\x22\x01\x10"
+"\xde\xed\x83\xc0\x18\x49\xda\xa4\xdb\xf1\x2f\x73\x90\x6f\xf2\x4f"
+"\x9b\xa2\x32\x2b\x6f\xc7\x80\xc8\x47\xbd\xf3\x24\x8a\xcd\x9b\x8d"
+"\x00\x33\xd1\x6a\xf2\x5f\xf2\xc7\xd8\x7c\x3a\x84\x1c\x12\x3c\x3e"
+"\xe0\x58\xb7\xc9\xf8\x73\x9e\x98\x2f\x8f\x03\x38\xe2\xc2\xb9\xae"
+"\xb6\xc6\xef\x78\xd0\xfa\xbf\x81\xcc\xf7\xb3\x82\x5b\x80\xb9\x0b"
+"\x57\xe3\x33\xa6\xfc\x3c\xd1\x78\xc7\x61\xc5\x5a\xe9\x01\xf5\xf7"
+"\x87\x0f\xa4\xe7\x90\xdf\xd5\x9f\x79\xc5\x5c\x1a\x2c\x29\x8e\x79"
+"\x10\xbc\xb2\xc6\x89\x9d\x95\x65\xa8\x25\xb3\x20\x97\xcc\xdf\x62"
+"\x2f\x9c\x85\x36\xe6\x34\xcc\xc0\xee\x7e\x10\xf6\x07\x57\xed\x2e"
+"\x60\x7e\x5e\xa0\x8e\x4c\xec\xe8\x73\xa3\x55\x4d\x7f\x6d\xff\x8c"
+"\x7a\x8c\x62\x3b\x10\x22\x75\xc0\x0b\x4a\x99\x83\x4d\x09\x80\x36"
+"\x41\x33\x19\x53\x9b\x51\xa6\x92\x82\xd8\x97\xe7\x98\x42\x36\x0d"
+"\x93\xb2\xf4\xbf\x96\xc7\x71\xfb\xc1\xf7\xf0\x94\xa3\x88\x28\xfa"
+"\x7c\xef\x3b\x1c\x77\x72\x23\x9b\xaf\x8c\x6a\xf8\x2b\xb2\xd4\xb9"
+"\xeb\x7f\x9f\xa5\x02\x50\x08\x47\x52\x6c\xaf\xe7\x73\x71\x85\x72"
+"\x49\x6b\xc8\x47\x88\xa7\xd8\xc2\x16\xbf\x3c\xe9\x22\x21\xeb\x54"
+"\xd1\xcd\x43\x18\x08\x8f\xa1\xcf\x1c\x2b\xa7\xfd\x65\x4a\x9d\x12"
+"\x0d\xdb\xd5\xf6\x1a\x97\x64\x83\x3c\x5a\x04\xa8\x15\x9d\x61\xd3"
+"\x43\x2a\x56\x35\xed\x08\xb7\x41\xc6\x49\xba\x02\x14\x59\xab\xca"
+"\x84\x1f\xfb\x67\x3a\x00\xe5\x41\xb8\xd1\x6e\x5c\x9d\x6f\xf2\x76"
+"\x3e\x21\x5d\x34\x5c\x78\x0d\x41\x5a\x4f\x62\x69\x1a\x76\x42\xee"
+"\x84\x6b\x1d\x47\x42\xeb\xb2\x11\x8f\x08\xb8\xc8\xea\xf4\x0d\xf7"
+"\x5d\x51\x4c\x4b\xed\x2d\x1b\x48\x30\x38\x38\x58\x0d\xe3\x2d\x80"
+"\xd9\xfb\xed\xe0\xc4\x55\xfe\x4f\x3f\xcf\x55\x57\x08\xaa\xa8\xa2"
+"\xa5\x5a\xe4\xff\x19\xf2\xae\x29\x74\xb9\x40\xea\xf4\x4d\x58\xac"
+"\x9f\x48\xea\x0f\xe0\xb0\xae\x72\x9f\xd8\x34\x95\x59\x01\x20\x7c"
+"\x98\x5d\xe6\x9f\x37\x23\x52\x8d\xa0\x62\x2b\x3a\x9c\x2e\x31\xe7"
+"\xd5\x75\xcc\x4c\x62\x2f\xa4\x3e\x2e\xb9\xe6\xe1\x4b\x69\xb4\x62"
+"\x31\x03\xfc\x08\xfd\xba\x87\xb9\x79\x3a\x68\x19\x65\x49\x2e\x2c"
+"\x65\x5f\xd8\x60\x07\xf4\x73\x8d\xdf\x37\x7e\x00\x88\xaf\x23\x48"
+"\x8b\xad\x74\x9c\x0b\xa3\x3a\x1a\x4b\xa0\x27\x6f\x04\x8d\xd9\x38",
+ .rlen = 512,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xfd\xd6\xe8\x2f\xfe\xd4\xfe\x42\x23\x4b\x7c\x09\x8c\xde\x4f\x4b",
+ .input =
+"\xff\x7f\xb0\x11\x72\x5a\x91\x4a\xb5\x2d\xb0\x41\x3a\x96\x0d\xa1"
+"\xd9\xbe\x60\x09\x24\x51\x73\xb8\x00\xf0\x48\x1f\x6b\x96\x5b\xe7"
+"\x4d\x47\x88\xc7\xef\x4b\xb4\x33\xa1\x2b\xbe\xdd\x46\x4f\x27\x11"
+"\x8b\x30\x9c\xba\x2c\x7a\xf3\xdb\x48\x54\xbd\xfe\x24\x2f\x83\x91"
+"\x5c\x63\xb9\x12\xd9\xd9\xb9\x71\xcf\x28\x7e\xf8\xe0\xb8\x12\xf7"
+"\x63\xad\xde\x49\xd5\x4d\xa7\x13\x32\xee\x71\x13\x56\x4d\x10\xd5"
+"\x2c\x1d\x8e\x94\x0d\x37\x3d\x7e\x9c\xb4\xeb\xe5\x6f\x12\x30\x7f"
+"\xc3\xa0\xf3\x49\xac\xa6\xab\x1b\xec\xd4\x6c\x95\x2a\x57\xe0\xfa"
+"\x89\x00\x61\xe9\xea\x21\x9a\x2f\x71\xd7\xdb\x11\x52\xb6\x32\x91"
+"\xed\xa3\xdf\xa5\x46\xc1\x50\x5b\xab\x15\x43\x7f\x7d\x82\x34\xf2"
+"\xfa\x6e\x84\xaf\x40\x20\xde\x1f\x90\x39\xab\xdc\xe8\xf3\xf9\x65"
+"\xbc\xdc\xd3\x5c\xcf\xe2\x1b\x43\x08\x68\xd8\x0d\xfb\xc2\x7f\x31"
+"\x91\xb5\x66\x2a\xea\x43\x08\x6d\xa6\xb4\xd3\x0e\x78\x3c\xf1\x6c"
+"\x4d\x27\x47\x7d\x92\x42\xb1\x62\x82\x9f\x13\xdf\x51\xc3\x6b\xec"
+"\x83\x53\xd6\x89\x75\xac\x62\x9a\x89\x7d\xf9\x82\x66\xbe\x93\x6f"
+"\x71\x7d\x01\x79\xec\x10\x10\x50\xe9\x6c\x76\xc6\x7a\xfa\xbb\x69"
+"\x46\x09\x1a\x68\x2f\x07\x28\xf4\xd0\xb6\xb4\x82\xf5\x3a\x90\xdc"
+"\x61\x03\xd9\x8e\xa5\x13\xfd\xdd\xe0\x65\x03\xfb\x78\x6b\x4e\xae"
+"\x7f\x30\xe2\x9e\x39\xb1\x3a\x39\xda\x21\x80\x2c\x09\xdd\xe8\xa2"
+"\x8c\x4a\x2c\x40\x24\x39\xf0\x3f\x7f\x51\x6a\x48\xea\x7b\x68\x3d"
+"\xad\x56\xed\xbe\x86\x0a\x9a\xe6\x9f\x18\x95\x26\x14\x57\x5b\x71"
+"\x9e\x8d\x45\x0d\xad\x23\xb4\x37\xa5\x59\x66\x8c\x13\x8e\x5e\xeb"
+"\xbf\x4a\x0d\x72\xc9\x4a\xcf\x42\xbd\x28\x1f\x91\xad\x55\x81\x78"
+"\x48\xf3\xed\xab\x2b\x6d\x61\xc7\x08\x2c\x07\xcb\x17\xf8\xf1\x7c"
+"\x39\xc8\x44\x63\x3a\x2a\x55\xbe\xe1\xb5\x12\x61\x0a\x4c\x32\x83"
+"\x9a\xa0\xf8\x93\x8c\xfa\x45\x92\x4e\xad\x48\xd9\x84\xe8\x0d\x7a"
+"\xca\xad\xbf\xd2\x5a\x1d\x58\x67\x57\x68\xca\x2f\x40\xa5\x1c\x38"
+"\x2a\xde\xa7\x57\x87\x4f\x11\x97\x3e\x11\xe7\x58\x54\xbd\x06\x48"
+"\xf7\x60\x45\x5b\x9d\x08\x5a\xef\xf9\x28\xa5\xf5\x48\x5c\x9c\xa0"
+"\x96\x76\x56\x51\x40\xec\xbe\xdb\x6e\xba\x4b\xb0\xa2\xe9\x55\xe6"
+"\xb7\x7e\x8a\x06\x3b\xeb\x17\xeb\xe6\xd9\xf6\xb2\xa1\x8c\x9e\xcc"
+"\xf3\x89\xd5\x78\x29\x1f\x74\x60\xe2\x61\x72\x78\x05\x52\x23\x07"
+"\x2a\x46\x85\x3c\xcf\x12\x9a\x9d\x3d\xf0\x93\x0e\xd2\x22\x63\x07"
+"\x01\x8b\x96\x73\xb5\x26\x29\xf5\x4f\x90\xf9\x37\x55\x76\x15\x02"
+"\xe8\x4c\x56\x3e\xf1\x14\xaf\x34\x0d\xa8\xde\xee\x0e\x13\xfa\xb8"
+"\xe4\xb7\x6d\x71\x37\xdb\x1e\x42\xdd\xca\xec\xe1\x99\xf9\xc7\x18"
+"\x16\xb0\x41\xd0\xfe\x9a\xa6\xa0\x7a\x5e\x5d\x0a\x96\x4c\x52\x44"
+"\x9a\x29\x69\x09\xa2\x0e\x5a\x1e\xc2\xb3\x5e\xca\x25\xc0\xe1\xa9"
+"\xd1\x41\x7f\x82\xaf\x1f\xf4\x3c\xf8\x3d\x65\xae\xf0\xa2\x1a\x8f"
+"\x41\xdb\x01\x11\x4c\x01\xcb\x24\xb3\xec\xbb\xf3\xe5\x1b\x53\xf0"
+"\x7a\x81\x01\x61\xa2\x8e\xa4\xd0\xaa\x8f\xa1\x71\xc1\x15\x15\xda"
+"\xf3\x7b\x32\x87\xa6\xb7\x7f\x2b\xac\x2b\x28\xfc\xe4\x1a\x94\xab"
+"\x19\xc9\x13\x72\x33\xfa\x42\xec\x6f\x3f\xe1\xe0\xc7\x23\x4b\x17"
+"\xeb\x89\xd3\x1f\x49\xe1\x49\x56\xee\xe3\x82\x46\x43\x00\x80\xbc"
+"\xa3\xfe\x31\xbc\xc9\xcd\x61\x5b\x7a\xf9\xf7\xb7\x48\x98\xbf\xdc"
+"\x79\xca\x71\x3b\xb0\xda\x08\x1e\x25\x97\x83\xd7\x21\x2c\xaa\xc0"
+"\x5c\xfd\x7f\xc4\x30\xd8\x7b\x59\x35\x49\x62\x0f\x4c\x03\x02\xe5"
+"\x73\x63\x61\x0b\x69\x2f\x7d\xb3\x99\xc9\x6b\x0a\x29\x9b\xda\xbe"
+"\x98\xdc\x2c\x29\x28\x9a\x75\x2e\xf1\x11\xd3\x71\x5b\x20\x45\x5b"
+"\xb7\x5e\xc1\xd1\xcc\x4e\x5a\x0d\xa5\x70\xa6\x56\xb8\x80\x8c\x97"
+"\x9d\x65\x8d\xec\xa0\x15\x45\xe6\x04\xd8\x3b\x6b\x36\x3f\x71\x58"
+"\x9e\x7a\x9c\xd2\x44\x86\xbf\x89\xa6\x80\x5d\x5e\x99\xc9\x7e\x56"
+"\x76\x17\x02\x98\x5b\xbb\xa0\xe5\xe5\x10\x25\x3e\x82\xc7\xe0\x91"
+"\x77\x39\x50\x9c\x3d\x2a\x91\x03\x13\x6d\x6d\xd3\xc6\x68\xd3\xa0"
+"\x88\xbc\x24\x5d\xf1\x26\x19\xf4\xb0\x74\x51\x93\x17\xcf\x67\x6c"
+"\x72\x30\xed\x39\xfe\x59\x54\x88\x84\x70\x56\x11\xaf\x41\x66\xa5"
+"\xf9\xf0\x95\xdb\x80\xb8\xae\x2f\xb7\xc3\x65\x72\xd2\xec\xaf\x5f"
+"\xf9\x30\x1e\x5b\x45\x7f\x38\xd5\x03\x02\x60\xaa\xf9\xb7\xd9\xfc"
+"\xa2\x5c\x46\x3e\x9c\xe6\xd6\x8e\x95\x54\xbf\xd8\xe6\xe4\x4b\xc0"
+"\x4c\xa1\x4c\x2c\xb3\xc4\x9f\xef\xeb\x39\x70\x77\xac\xf9\x1f\xb6"
+"\x06\xa2\x53\x7d\x18\xc8\xf8\xda\x8e\x82\x97\x4f\xdd\xd5\x19\x2f"
+"\xa2\x70\x4a\xbd\x5a\x15\x70\xb6\x55\x04\x14\xba\x0a\x04\xdc\x8e"
+"\xaf\xf2\x52\xd5\x90\x4c\x30\xd3\x29\x53\x1c\x66\x37\x5f\x8e\xfc"
+"\x45\x83\xd9\xac\x75\x9e\x0f\x66\x51\xc0\x8a\xc5\x34\x25\x9e\x3b",
+ .ilen = 1024,
+ .result =
+"\xa8\x47\xa1\x1d\xcb\xa3\x88\xae\x42\xab\x6d\xf2\x82\xc2\xed\xd5"
+"\x66\x42\x09\x85\x28\x7d\x49\x6f\x37\xdc\xff\x1c\x7e\x33\xc9\xcd"
+"\x6e\xe9\x33\x36\x01\x62\x1d\x67\x77\x6a\x97\xbf\xb1\xdc\x2f\x98"
+"\x2c\xdb\xac\x44\x9d\xed\x31\x7d\x2d\x41\x4b\xd1\x66\x40\x62\x74"
+"\xdc\x00\xd0\x05\xdc\x54\x4c\x63\xeb\xd9\x42\xe1\xdf\xc4\xde\xdd"
+"\xb6\xb8\x93\xfd\x25\x39\x2d\x7f\x85\xf8\x15\xc3\xbc\xbf\x0b\x95"
+"\x11\xef\x57\x0d\x15\x49\x07\xce\x42\xb0\x50\xe1\x07\xb4\x81\x71"
+"\x35\x71\x4b\x66\x89\x7f\x94\x13\x3e\x57\x43\xc3\x36\x28\xcd\xdd"
+"\xc9\x06\x68\xf8\xf3\x09\x3d\x86\x12\x52\x06\xa9\xe9\x83\x2d\x8f"
+"\x90\xfa\x42\xfe\x79\x3f\x68\x4c\x7b\xfa\x94\xa7\xf7\x16\xc7\x41"
+"\x09\xae\xe2\x82\xb5\x2b\xbc\xca\x65\x65\x2c\x27\x2c\x07\x50\x83"
+"\x2d\xad\x55\xaf\x35\xcc\x6a\xc5\x7c\xd8\xed\x75\x91\x9d\x73\xcb"
+"\x4c\xa5\x8f\xc4\x4f\xda\xa8\xb9\xb6\xa7\xb1\x1a\x75\xb4\x08\xbc"
+"\xb2\x90\x50\xfd\x1f\x05\xa8\x88\x35\x81\xb0\xc9\xac\xbc\x25\x7a"
+"\x95\x33\x02\x2b\x74\xe0\x95\x11\x88\xf7\xc3\x63\xb3\x7b\x09\xd5"
+"\xac\x22\x04\x67\x16\xea\xd6\x37\x38\x8e\xa5\xbd\x62\xa2\x1f\xa5"
+"\x04\x31\x89\xdf\x69\xb1\xde\xe3\x7c\x9d\x7b\x27\xba\x0a\x74\xdc"
+"\x06\x1c\xcd\x6e\x4b\x52\xe7\x6d\x34\x29\x38\xe2\x19\xfc\x0c\xc4"
+"\x78\x03\x1d\x53\x98\x00\x5c\x7a\xec\x23\x5f\x95\xd5\xb3\x16\xde"
+"\xc2\x17\xc2\x0c\x13\x63\x0a\x4b\x7e\x6c\xc7\xbc\x4a\xd0\xae\x29"
+"\xc0\x50\x16\x6f\x01\x2b\xdc\x40\x9f\x91\x8f\xa3\xaf\xd4\x40\xa8"
+"\x2e\x09\x7c\xf4\x3d\x85\xe6\xd9\x3c\x78\x7c\xf1\x6d\xe4\x13\x00"
+"\x98\xf5\xb4\x06\x9f\x90\x0a\x3e\x9f\x51\x0f\xbb\x0f\x13\x07\xc0"
+"\xfd\x26\x53\x24\x24\xf7\x21\x41\xcf\x20\x9d\x77\xe4\xe0\x52\x2a"
+"\x48\xd9\xeb\x65\xce\xf3\x90\x03\x47\x8d\x2b\x77\x54\x46\xda\xff"
+"\x15\x3d\xa5\xd9\x5a\xb6\xd3\xdf\x9c\x91\xc3\xf2\xd2\xdf\xd7\x8c"
+"\x1d\x83\x77\x47\xcd\x74\x23\x44\x04\x06\x8e\x64\x62\x29\xe5\xa0"
+"\xf7\xa7\xc7\xb7\x84\xdb\x9c\x5c\x04\x7f\xca\xb3\x85\x2c\x44\xa6"
+"\x09\x0e\xa3\x2c\x52\x42\x25\x02\x63\x99\xd0\xa5\x27\x61\x64\x4f"
+"\x65\xd7\x31\x56\x24\x97\xb0\x2d\xbb\x0c\xbe\x06\x68\x8a\x2e\xa3"
+"\x0c\xb9\x05\x52\xdb\xbd\x7e\x89\x60\x2e\x28\x76\xba\x5a\x94\xb6"
+"\x94\xc4\xf6\x68\x50\x35\x24\x7b\x2b\x04\x0e\x4c\xf3\x17\x54\xcb"
+"\xcd\x32\x18\x60\xff\xc9\xfe\xe1\x83\xe4\xe6\x9b\x5e\xd8\x21\xbf"
+"\xbf\x69\x01\x3a\x03\xc6\x9f\xe5\xd4\xdf\x01\x20\x8e\xea\x5b\xe1"
+"\xbd\x46\x3c\x3a\x60\x30\xa0\x48\xa0\x07\x82\x27\x4e\x03\xc3\x15"
+"\x98\x1f\xea\x4f\x8c\x90\x4d\xb1\xc5\x90\x40\x59\xda\x5b\x02\x65"
+"\x07\xb9\x64\xe7\x4c\x76\x70\x16\x8a\xc3\xf9\x4f\xed\x25\x47\xaa"
+"\x3b\x49\x8f\xf6\xf0\x71\x94\x34\xda\x29\x0f\x4e\xd4\x95\x3b\xe3"
+"\xef\x99\x3b\x1c\xf7\x09\x5d\xe0\x0d\x03\xe6\x9d\x47\x4c\x8c\xe8"
+"\x26\xb6\x30\x1b\x81\xdc\xa5\x5a\xf1\x04\x18\xf3\xaf\x81\xa2\x7e"
+"\xce\x8b\x33\xfc\xf2\xb1\x5a\x06\xd1\xb9\x59\x73\xd7\xda\x85\xd9"
+"\x30\x73\x98\x4d\x63\x50\x66\x71\x15\x88\x9a\x5d\xd5\x25\x40\x9a"
+"\xe3\x9c\x0b\x4f\xd8\xf5\xbf\xb3\xec\x02\x95\xca\x90\x07\x5d\x99"
+"\x9e\x16\xa2\x18\xa5\xa2\x03\xb1\x16\x6b\x4e\x32\xab\x19\x29\x55"
+"\xcc\xbe\xa8\x7b\xf7\x68\x64\x0e\xc0\x54\x91\x6d\x19\xec\xe9\x8c"
+"\x56\x5e\x71\xa5\x73\x50\x5d\x0d\xd3\xb2\x31\xca\x97\x7b\xf8\x6e"
+"\xfd\xb9\x47\x9b\x17\xf9\x56\x3a\xc6\xb0\x52\x45\x4f\x4a\x13\xe9"
+"\xb7\x64\x02\xdb\xe8\x67\xa3\x9e\xe4\xd9\x49\xc4\xf3\x27\xe3\xb0"
+"\xad\x6e\x51\x65\x14\x4f\xb2\x4b\x8a\xd6\x87\x17\x8c\xe2\x7a\xa1"
+"\x13\xbb\x8c\x7c\x3e\x69\xd2\x29\x06\x36\xf3\x55\x80\xcc\x0e\xa5"
+"\x18\x5a\x5f\xcb\x15\x2e\x7c\x62\xff\x3f\xe7\x7b\xd8\xe4\xa6\x9c"
+"\x4c\x5b\x55\x73\x4a\x0d\x21\x07\xf9\x79\xcb\x17\x51\x06\xf3\xcc"
+"\xfc\x08\x72\x6e\xbc\x04\xe2\x6d\xd8\x52\x1d\x29\x7e\x7a\x06\x8d"
+"\x87\x65\x2e\x2e\x7c\x07\x77\x3a\x35\x4d\x3a\x13\xd3\xf6\xc2\x1f"
+"\x2d\x5d\x14\xa5\x04\xe5\xc5\x7b\xd6\xa9\x70\x4b\x43\x21\x93\xdf"
+"\xe4\xf1\xf8\x75\xf1\x65\x9c\xf8\x0b\x07\x31\xdc\xf2\xba\x06\x91"
+"\xe1\x84\x87\x34\x2d\xdd\xa7\x87\xc0\xc2\x4d\x8d\xe0\x18\x70\xbb"
+"\xe3\x3e\x13\x48\xfc\xf4\x13\x85\xc4\x65\xcf\xe4\x43\x98\x14\x8f"
+"\xf4\x17\x62\x27\x39\xe5\xb6\x45\x76\x61\x78\x0b\x3d\x48\xb3\x41"
+"\xa6\xca\x7c\xed\x52\x19\x99\xea\x73\xc9\xd0\x0b\xeb\xbb\x5a\x69"
+"\x44\x3d\xb2\x81\x25\xb0\x2f\x08\xf0\x8c\x32\xa9\xf0\x79\x3c\x42"
+"\xc3\xdc\x9e\xd1\xec\x93\x49\xc9\x82\x0e\x13\x12\xb3\x8a\x98\x1b"
+"\x35\xe1\x4a\xef\xb4\x73\x28\x1a\x17\x96\xe2\x9a\x50\xc8\xd5\x98"
+"\xec\x96\x6f\x81\x05\x37\xee\x8b\x93\x12\x7c\x41\x26\xd5\x9c\x05",
+ .rlen = 1024,
+},
+/* repeat the above with sg list */
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc1\x62\x66\x62\xb8\x65\x28\xfa\x5f\x36\xd3\x09\xb1\x2c\xa1\xa3",
+ .input =
+"\x4f\x6c\x63\xa5\xd0\x19\x08\x4e\xd4\x58\x33\xf6\x2b\xeb\x26\xb9",
+ .ilen = 16,
+ .result =
+"\xa0\x35\xb0\x33\xc0\x2e\xe5\xbb\xbc\xe6\x01\x9e\xf4\x67\x11\x14",
+ .rlen = 16,
+ .np = 2,
+ .also_non_np = 1,
+ .tap = { 8, 8 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x78\x6c\x27\xd6\xb2\xdc\xbe\x7b\xab\xc2\x43\xd7\x81\x0c\xe5\x20",
+ .input =
+"\x9a\x00\x4e\x5a\xb3\x51\x68\xaa\xdb\x6e\xe5\xa4\x7f\x23\x6e\x4d"
+"\x1e\x72\x5e\xad\x64\xc9\x96\x23\xf8\xae\xef\xf6\x7b\x7d\xd6\xf0",
+ .ilen = 32,
+ .result =
+"\x5a\xc0\x04\xc6\x53\xef\x3b\x69\xb1\x41\xc7\x85\xeb\x69\x82\xd0"
+"\xed\x09\xbb\xec\xb2\x8d\x5c\xc9\x61\x81\x5c\xf6\x99\x49\xa0\x4d",
+ .rlen = 32,
+ .np = 3,
+ .also_non_np = 1,
+ .tap = { 8, 8, 16 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc9\x05\x4c\x35\x96\x77\xd3\x3c\x3d\x97\x7c\x82\xf5\x58\x71\xf1",
+ .input =
+"\xa9\x5b\x03\xec\xec\x73\xed\xcb\x5c\x4c\xd2\x40\xb6\x9b\x49\x31"
+"\x5d\xf2\x23\xb3\x11\x98\xeb\x89\xab\x3e\x3a\xdd\xaa\xfd\xd1\xde"
+"\xab\x73\x59\x86\x1a\x59\x32\xb2\x55\x46\x4a\x80\xa4\xcc\xa8\xd9",
+ .ilen = 48,
+ .result =
+"\xdb\x05\x69\xe1\x33\x8b\x0b\x3d\x33\x12\x0d\xef\x94\x0f\xa3\xb3"
+"\xd7\x0a\x53\x7b\x98\x53\xc6\xc2\xa3\xd4\x7a\x30\x1a\xed\x45\xcc"
+"\x47\x38\xc1\x75\x0b\x3c\xd4\x8d\xa8\xf9\xd3\x71\xb8\x22\xa6\xae",
+ .rlen = 48,
+ .np = 4,
+ .also_non_np = 1,
+ .tap = { 8, 8, 20, 12 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x6c\xb4\x84\x61\x1e\x39\x4b\x22\x37\xaa\x7b\x78\xc0\x71\x20\x60",
+ .input =
+"\x05\x43\x76\x1e\xc6\x68\x43\x52\x5f\x43\x39\xbf\x93\x38\x38\x83"
+"\x38\x1d\x3c\xb5\xc8\xab\xe4\xd0\x7f\x1a\xac\xca\xcc\x16\xea\x75"
+"\x30\x75\x40\xe8\x61\x07\xc6\x04\x55\x2b\xf3\x29\xc3\x37\x83\x42"
+"\xe0\x21\xfb\xb4\x5d\x93\xbb\x87\x01\x3e\xa6\x9d\x3b\x0a\x5a\x37",
+ .ilen = 64,
+ .result =
+"\x83\x9f\xa0\xac\x14\x14\x88\x68\x7f\x9a\x5f\x98\x91\x71\xa8\xce"
+"\x28\xfb\x5e\xb1\x49\xe7\x63\x39\x12\x62\x00\x3e\x5c\x63\x2b\x12"
+"\x3d\xff\xd5\x0a\x43\x28\x52\x68\x78\x62\xc7\xa4\xbb\xca\x5d\x5e"
+"\xe3\xd5\x23\xb3\xe7\x22\xae\xf3\xd0\xd9\x00\x14\x0c\x46\x67\x17",
+ .rlen = 64,
+ .np = 2,
+ .also_non_np = 1,
+ .tap = { 32, 32 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xf9\xe8\xab\xe2\xf9\x28\xeb\x05\x10\xc4\x97\x37\x76\xe4\xe0\xd9",
+ .input =
+"\xab\x99\xe8\x2a\x18\x50\xdc\x80\x1f\x38\xb9\x01\x34\xd4\x59\x60"
+"\x4e\x1c\x21\x71\x22\x06\xbe\x5f\x71\x07\x3b\x13\xe7\x05\xca\xa5"
+"\x7b\x23\xb5\xaa\xc6\xdb\xe3\x17\xa9\x9f\xe1\xbc\xd5\x1b\xe6\xf5"
+"\xfa\x43\xdd\x80\x50\xc8\x8a\x32\x2f\x65\x25\xa4\xeb\xd1\x74\x02"
+"\x07\xc1\x04\x94\x6b\x34\xa1\x74\x62\xb2\x8d\x60\xf5\x7e\xda\x1a"
+"\x0f\xf5\x21\xe1\xd7\x88\xc8\x26\xd7\x49\xb2\x4a\x84\x2c\x00\x3b"
+"\x96\xde\x4e\xa7\x57\x27\xa0\xa4\x3a\xff\x69\x19\xf7\xec\xeb\x62"
+"\xff\x5a\x82\x0d\x25\x5e\x3c\x63\xb3\x6d\xc4\xb9\xe3\xc9\x3a\xc2",
+ .ilen = 128,
+ .result =
+"\xec\xd5\x2f\x6a\xfd\x61\xf2\x37\x19\x6f\x55\x31\xd7\x2c\x14\x4d"
+"\xc1\xb4\xbb\x7d\xa9\x1a\xe6\x85\x8c\x2f\xbf\x7e\x66\x21\xf8\x17"
+"\x9e\x09\x1b\x2a\x11\xbf\xdf\x7d\xdf\xf5\xfb\x0a\x16\x79\xe2\x43"
+"\x5c\x3b\x3e\x84\x35\xfd\x92\x9e\xe0\x31\x50\x1d\x62\xd6\x22\x99"
+"\x5f\x25\xb3\xe8\xdf\xb0\xc0\xab\xd9\xdb\xac\x4b\x9c\xe2\x89\xc6"
+"\x49\x7f\x5f\xee\xcb\xf6\x25\x10\x9f\x32\x58\x85\x45\x50\x74\x8a"
+"\x55\xce\x86\x44\xda\xe4\x93\x58\x4d\xd3\x73\x76\x40\xf6\x92\x8b"
+"\x99\xc1\x2b\xf9\x18\xd0\xfa\xd0\xa6\x84\x03\xf5\xd4\xcb\xfa\xe7",
+ .rlen = 128,
+ .np = 3,
+ .also_non_np = 1,
+ .tap = { 64, 16, 48 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x58\x1e\x1a\x65\x16\x25\xaa\x55\x97\xcd\xeb\x4c\xd6\xb3\x9c\x2b",
+ .input =
+"\xef\x85\x0b\xe5\x02\xd5\xce\xcc\xad\x2d\x5e\xec\x1e\x01\x8c\x28"
+"\xf0\x2c\x23\x10\xaa\x84\xf0\x61\xe2\x56\x29\x21\x9f\x09\xaf\x9d"
+"\x7d\xfc\x60\x16\x4c\x67\xdd\xdf\x74\x35\x49\x81\xca\x68\xb6\xc7"
+"\x31\x9f\x49\x29\x96\x01\xb9\x3c\xfb\xa3\x00\x04\x05\xd8\xe6\xa2"
+"\x3f\x0c\xee\xfc\xd6\x88\x7a\x2d\xd6\x32\x27\x15\xe3\x53\xa0\x52"
+"\x1d\x96\x5a\x95\x09\x0c\x5f\x07\xc8\xdf\xab\xc7\x78\x57\x6a\x49"
+"\x09\x88\x54\x2e\x80\x27\xb0\x8a\x40\xb8\x9e\x7a\x22\x85\x8d\xaa"
+"\x95\x48\x45\xf5\xfd\x6f\x4c\x69\xe3\x38\xa6\x05\x69\xf0\xba\xb5"
+"\xd5\x9a\x9f\x77\x98\x23\xef\x98\x1f\xf3\xfe\x53\x23\xf6\xc6\x74"
+"\x6a\x2f\x1b\x34\x75\xd0\x51\x0c\x88\x10\xf9\x80\x19\xaf\x4f\xf1"
+"\xb1\xf3\xc0\x0e\x3a\x7d\x63\x3e\xbd\xb9\xe9\x3c\x69\x56\x0d\xb9"
+"\x8d\x69\xea\xb9\xa7\x39\x4c\x5d\xb8\x06\xa3\x1b\x66\x66\x14\x80"
+"\xe1\x8f\xf3\x65\x0c\xd5\x39\xe4\xed\xb9\x1f\x88\x74\x49\xd7\x4f"
+"\xc1\x4b\x3d\xea\x5d\xa2\x44\xd6\xad\x5d\x8d\xd1\xf7\x56\x9c\x9e"
+"\xda\x52\x56\x51\x00\x14\x1b\xb4\x00\x6b\x83\x4f\x41\x0b\xba\xaa"
+"\x11\xe6\xee\x23\xf7\x85\xa9\xb9\xd8\xe3\xbd\xbb\x7b\x83\x5f\xf8",
+ .ilen = 256,
+ .result =
+"\xc8\x8e\xbf\x95\x57\xa8\xcd\x47\xbc\x32\xee\x76\x97\xee\x02\x12"
+"\x11\x36\x81\xaa\x5b\xd9\xb3\x14\x80\xf3\xab\x62\x9b\x7f\x99\x98"
+"\x3b\x46\xd6\xfb\x68\xc8\xce\x1d\xa5\x47\x79\x6a\xdf\x7c\xda\x01"
+"\x44\x01\xfc\xed\xab\x2a\x51\xae\x2f\x72\x60\xed\x61\xc5\x23\x1d"
+"\xc7\xb5\x3c\xb7\x0b\x29\x62\xd6\x77\x8c\xea\x51\x0c\x39\x90\xe7"
+"\x99\x8c\x5d\xb7\x16\xf3\xc6\xea\xe0\xff\xc3\xd7\xc8\x1a\x7d\xde"
+"\x4d\x25\xaa\x0b\x90\x0d\x49\xd7\x98\x44\x4b\x75\x46\x01\x30\xa3"
+"\xdc\x47\xd9\x66\xc7\x7a\xcb\x4a\x33\x69\x60\x5d\x96\x73\x31\xf1"
+"\xce\xdc\xa9\x15\xb5\xae\x08\x2b\x08\x4a\xbc\x9b\x68\x1e\x49\xe4"
+"\x6e\x11\xe8\x61\x37\x58\x66\x69\x67\x97\x65\x1d\xd4\x62\x7c\x29"
+"\x10\xba\x8f\x2f\x0f\x23\x3d\x72\xb1\xcf\x01\xbc\x73\x10\xd8\xde"
+"\x21\xe6\xfc\xce\x3b\x3e\x19\xdc\xc2\xa7\x87\x62\x33\x88\xb4\x37"
+"\x1f\xfc\x1a\x2b\xef\x14\x24\x4a\xb5\x86\x55\x45\xf8\xc4\xcd\xaa"
+"\x0d\x8a\x5a\xdc\xfd\x7b\x41\xd7\xa6\x8f\x05\x25\x4a\x61\xcb\xa7"
+"\x14\x84\x21\xfc\xa6\x4b\x0f\xaa\x7d\xc6\xa2\x04\x04\xff\x39\xfc"
+"\x27\x8d\x7a\xce\x94\x31\x7c\xb4\xd5\x90\xbd\xb6\xdb\x6a\x55\xd9",
+ .rlen = 256,
+ .np = 4,
+ .also_non_np = 1,
+ .tap = { 32, 48, 80, 96 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xed\xa3\x2d\xa6\x9f\x5e\x38\x6f\xbb\xf9\xb3\x32\xae\x73\x05\x87",
+ .input =
+"\xf6\x24\x50\x2d\xa4\xfb\x09\x41\x95\xcd\x25\x13\xc0\xdc\x26\x0b"
+"\x20\x66\x70\x79\xc5\x58\xde\x63\xba\x37\x13\xb2\x0a\x40\x58\xef"
+"\x37\xcb\x04\x38\x10\x6a\x90\x97\x14\xd2\x71\x03\xa4\xa3\x6a\x59"
+"\x15\x6e\x5d\x45\xc9\xcc\xa9\x47\x8c\x0f\x1d\x6c\x62\x06\x90\xba"
+"\xef\x1c\x23\x4d\xc4\xa0\xa5\x56\x49\x19\xa9\xb1\x2a\xdd\x26\x00"
+"\x6e\xed\xd8\x4d\xd4\x3f\x68\x99\x24\xe2\xfe\x99\xb4\xe6\xf8\x3f"
+"\x60\xef\x97\x5f\x87\xa6\xde\x82\xc4\x11\xf6\x91\x7f\xd4\xa6\xa8"
+"\xee\x97\x41\x43\x14\xd2\x6e\x8d\x72\x30\x83\x5b\x67\x01\x38\xa2"
+"\xca\x93\xf4\x1e\x80\x2e\x8f\x7e\xc3\x78\xf0\xc1\x68\xb4\xf9\x1f"
+"\x15\x3c\x5c\x8b\xa1\xb5\x2f\x0c\xbf\xf7\x21\x74\xdb\x57\x98\x85"
+"\xe9\x89\x16\x20\x8b\x7c\x71\xef\x46\xc0\x78\x04\x23\x3b\x58\x24"
+"\x51\xa1\xa6\xfc\x6e\x9e\x29\x95\x55\x4c\x05\x1c\xc5\x9a\x59\x7e"
+"\x40\x4d\xe8\x81\x76\x41\x6f\x15\xde\x68\xce\x2d\x42\x03\x74\x73"
+"\xd3\x9a\x9c\xac\xa5\x05\x03\x7e\x53\x6e\x53\xa2\x57\x36\xee\x0c"
+"\x05\xde\xa9\x61\x55\xb9\x9d\x7d\x18\x18\xaa\x20\xde\xb8\x43\xd7"
+"\x30\x8e\x20\xc0\x78\xbe\xec\x24\xcf\xd7\x66\xb7\x5a\x1f\x5a\x81"
+"\xec\x19\x48\xc3\xa7\x62\xbf\x83\xbb\xbd\xf4\x51\xec\xb5\xec\x90"
+"\x05\xe1\xa9\xbf\x4d\x9b\x30\xf1\xb9\xa6\x49\xe9\xad\x65\x0d\x08"
+"\x1f\x3f\x81\xa5\x40\x4f\x3d\x42\xd8\x68\x29\xe3\x6c\xcc\x4d\x20"
+"\x7e\xb9\x0c\x33\x1f\x20\xd2\xaf\x39\xd6\xb4\x20\x06\xd0\xc3\x54"
+"\xcd\x96\x84\x88\x13\xc0\x09\x57\x18\x90\xad\xec\x18\xab\x72\x0b"
+"\xb4\x4c\x0a\x65\x67\x2a\x96\x2c\x98\x58\x6f\xdf\xc0\xe4\x51\x7c"
+"\xc8\x66\x1d\x21\x91\x1f\xab\xac\xed\x86\x38\x70\x54\x6f\x0c\xbf"
+"\x1a\xea\x9b\x33\xf4\x7c\x99\x0c\x0a\xdf\x39\x25\x78\x3b\x8d\x9c"
+"\x46\xc0\x07\x08\xfa\xeb\x19\x12\xf8\xc1\xf7\x18\x13\xbd\x7f\xd1"
+"\xa4\x3c\x7e\x03\xbd\xcf\xa1\xf3\x37\x4a\x4d\xc3\xaa\x23\xed\x58"
+"\xca\x68\x35\x91\x3e\x23\x09\xb8\xf3\x8d\xc3\x1b\x23\xe8\x1c\xda"
+"\x41\x90\xa2\x4b\x48\xb5\x7c\xa0\x8d\xaf\x66\x5e\xad\x7f\x06\xa2"
+"\x62\x32\x40\x69\x41\xb1\x2f\x6c\x0e\xf9\xd1\x48\xbd\xfc\x44\x0f"
+"\x65\x5e\xa1\x38\x83\xea\xfe\x42\x53\x9a\x2a\x85\xea\x92\xf6\x29"
+"\xbf\xb5\x78\x1e\x8d\x03\x6b\x09\xaf\x94\x4b\x39\x20\xc1\x17\x20"
+"\x95\x42\xfe\x72\x02\x10\x61\x21\x0f\x23\xcb\x33\x35\x52\x57\x9e",
+ .ilen = 512,
+ .result =
+"\x25\x3d\xad\x25\x4f\xb4\x50\x55\xbf\xc1\x66\xe3\x52\x22\x01\x10"
+"\xde\xed\x83\xc0\x18\x49\xda\xa4\xdb\xf1\x2f\x73\x90\x6f\xf2\x4f"
+"\x9b\xa2\x32\x2b\x6f\xc7\x80\xc8\x47\xbd\xf3\x24\x8a\xcd\x9b\x8d"
+"\x00\x33\xd1\x6a\xf2\x5f\xf2\xc7\xd8\x7c\x3a\x84\x1c\x12\x3c\x3e"
+"\xe0\x58\xb7\xc9\xf8\x73\x9e\x98\x2f\x8f\x03\x38\xe2\xc2\xb9\xae"
+"\xb6\xc6\xef\x78\xd0\xfa\xbf\x81\xcc\xf7\xb3\x82\x5b\x80\xb9\x0b"
+"\x57\xe3\x33\xa6\xfc\x3c\xd1\x78\xc7\x61\xc5\x5a\xe9\x01\xf5\xf7"
+"\x87\x0f\xa4\xe7\x90\xdf\xd5\x9f\x79\xc5\x5c\x1a\x2c\x29\x8e\x79"
+"\x10\xbc\xb2\xc6\x89\x9d\x95\x65\xa8\x25\xb3\x20\x97\xcc\xdf\x62"
+"\x2f\x9c\x85\x36\xe6\x34\xcc\xc0\xee\x7e\x10\xf6\x07\x57\xed\x2e"
+"\x60\x7e\x5e\xa0\x8e\x4c\xec\xe8\x73\xa3\x55\x4d\x7f\x6d\xff\x8c"
+"\x7a\x8c\x62\x3b\x10\x22\x75\xc0\x0b\x4a\x99\x83\x4d\x09\x80\x36"
+"\x41\x33\x19\x53\x9b\x51\xa6\x92\x82\xd8\x97\xe7\x98\x42\x36\x0d"
+"\x93\xb2\xf4\xbf\x96\xc7\x71\xfb\xc1\xf7\xf0\x94\xa3\x88\x28\xfa"
+"\x7c\xef\x3b\x1c\x77\x72\x23\x9b\xaf\x8c\x6a\xf8\x2b\xb2\xd4\xb9"
+"\xeb\x7f\x9f\xa5\x02\x50\x08\x47\x52\x6c\xaf\xe7\x73\x71\x85\x72"
+"\x49\x6b\xc8\x47\x88\xa7\xd8\xc2\x16\xbf\x3c\xe9\x22\x21\xeb\x54"
+"\xd1\xcd\x43\x18\x08\x8f\xa1\xcf\x1c\x2b\xa7\xfd\x65\x4a\x9d\x12"
+"\x0d\xdb\xd5\xf6\x1a\x97\x64\x83\x3c\x5a\x04\xa8\x15\x9d\x61\xd3"
+"\x43\x2a\x56\x35\xed\x08\xb7\x41\xc6\x49\xba\x02\x14\x59\xab\xca"
+"\x84\x1f\xfb\x67\x3a\x00\xe5\x41\xb8\xd1\x6e\x5c\x9d\x6f\xf2\x76"
+"\x3e\x21\x5d\x34\x5c\x78\x0d\x41\x5a\x4f\x62\x69\x1a\x76\x42\xee"
+"\x84\x6b\x1d\x47\x42\xeb\xb2\x11\x8f\x08\xb8\xc8\xea\xf4\x0d\xf7"
+"\x5d\x51\x4c\x4b\xed\x2d\x1b\x48\x30\x38\x38\x58\x0d\xe3\x2d\x80"
+"\xd9\xfb\xed\xe0\xc4\x55\xfe\x4f\x3f\xcf\x55\x57\x08\xaa\xa8\xa2"
+"\xa5\x5a\xe4\xff\x19\xf2\xae\x29\x74\xb9\x40\xea\xf4\x4d\x58\xac"
+"\x9f\x48\xea\x0f\xe0\xb0\xae\x72\x9f\xd8\x34\x95\x59\x01\x20\x7c"
+"\x98\x5d\xe6\x9f\x37\x23\x52\x8d\xa0\x62\x2b\x3a\x9c\x2e\x31\xe7"
+"\xd5\x75\xcc\x4c\x62\x2f\xa4\x3e\x2e\xb9\xe6\xe1\x4b\x69\xb4\x62"
+"\x31\x03\xfc\x08\xfd\xba\x87\xb9\x79\x3a\x68\x19\x65\x49\x2e\x2c"
+"\x65\x5f\xd8\x60\x07\xf4\x73\x8d\xdf\x37\x7e\x00\x88\xaf\x23\x48"
+"\x8b\xad\x74\x9c\x0b\xa3\x3a\x1a\x4b\xa0\x27\x6f\x04\x8d\xd9\x38",
+ .rlen = 512,
+ .np = 5,
+ .also_non_np = 1,
+ .tap = { 32, 64, 96, 128, 192 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xfd\xd6\xe8\x2f\xfe\xd4\xfe\x42\x23\x4b\x7c\x09\x8c\xde\x4f\x4b",
+ .input =
+"\xff\x7f\xb0\x11\x72\x5a\x91\x4a\xb5\x2d\xb0\x41\x3a\x96\x0d\xa1"
+"\xd9\xbe\x60\x09\x24\x51\x73\xb8\x00\xf0\x48\x1f\x6b\x96\x5b\xe7"
+"\x4d\x47\x88\xc7\xef\x4b\xb4\x33\xa1\x2b\xbe\xdd\x46\x4f\x27\x11"
+"\x8b\x30\x9c\xba\x2c\x7a\xf3\xdb\x48\x54\xbd\xfe\x24\x2f\x83\x91"
+"\x5c\x63\xb9\x12\xd9\xd9\xb9\x71\xcf\x28\x7e\xf8\xe0\xb8\x12\xf7"
+"\x63\xad\xde\x49\xd5\x4d\xa7\x13\x32\xee\x71\x13\x56\x4d\x10\xd5"
+"\x2c\x1d\x8e\x94\x0d\x37\x3d\x7e\x9c\xb4\xeb\xe5\x6f\x12\x30\x7f"
+"\xc3\xa0\xf3\x49\xac\xa6\xab\x1b\xec\xd4\x6c\x95\x2a\x57\xe0\xfa"
+"\x89\x00\x61\xe9\xea\x21\x9a\x2f\x71\xd7\xdb\x11\x52\xb6\x32\x91"
+"\xed\xa3\xdf\xa5\x46\xc1\x50\x5b\xab\x15\x43\x7f\x7d\x82\x34\xf2"
+"\xfa\x6e\x84\xaf\x40\x20\xde\x1f\x90\x39\xab\xdc\xe8\xf3\xf9\x65"
+"\xbc\xdc\xd3\x5c\xcf\xe2\x1b\x43\x08\x68\xd8\x0d\xfb\xc2\x7f\x31"
+"\x91\xb5\x66\x2a\xea\x43\x08\x6d\xa6\xb4\xd3\x0e\x78\x3c\xf1\x6c"
+"\x4d\x27\x47\x7d\x92\x42\xb1\x62\x82\x9f\x13\xdf\x51\xc3\x6b\xec"
+"\x83\x53\xd6\x89\x75\xac\x62\x9a\x89\x7d\xf9\x82\x66\xbe\x93\x6f"
+"\x71\x7d\x01\x79\xec\x10\x10\x50\xe9\x6c\x76\xc6\x7a\xfa\xbb\x69"
+"\x46\x09\x1a\x68\x2f\x07\x28\xf4\xd0\xb6\xb4\x82\xf5\x3a\x90\xdc"
+"\x61\x03\xd9\x8e\xa5\x13\xfd\xdd\xe0\x65\x03\xfb\x78\x6b\x4e\xae"
+"\x7f\x30\xe2\x9e\x39\xb1\x3a\x39\xda\x21\x80\x2c\x09\xdd\xe8\xa2"
+"\x8c\x4a\x2c\x40\x24\x39\xf0\x3f\x7f\x51\x6a\x48\xea\x7b\x68\x3d"
+"\xad\x56\xed\xbe\x86\x0a\x9a\xe6\x9f\x18\x95\x26\x14\x57\x5b\x71"
+"\x9e\x8d\x45\x0d\xad\x23\xb4\x37\xa5\x59\x66\x8c\x13\x8e\x5e\xeb"
+"\xbf\x4a\x0d\x72\xc9\x4a\xcf\x42\xbd\x28\x1f\x91\xad\x55\x81\x78"
+"\x48\xf3\xed\xab\x2b\x6d\x61\xc7\x08\x2c\x07\xcb\x17\xf8\xf1\x7c"
+"\x39\xc8\x44\x63\x3a\x2a\x55\xbe\xe1\xb5\x12\x61\x0a\x4c\x32\x83"
+"\x9a\xa0\xf8\x93\x8c\xfa\x45\x92\x4e\xad\x48\xd9\x84\xe8\x0d\x7a"
+"\xca\xad\xbf\xd2\x5a\x1d\x58\x67\x57\x68\xca\x2f\x40\xa5\x1c\x38"
+"\x2a\xde\xa7\x57\x87\x4f\x11\x97\x3e\x11\xe7\x58\x54\xbd\x06\x48"
+"\xf7\x60\x45\x5b\x9d\x08\x5a\xef\xf9\x28\xa5\xf5\x48\x5c\x9c\xa0"
+"\x96\x76\x56\x51\x40\xec\xbe\xdb\x6e\xba\x4b\xb0\xa2\xe9\x55\xe6"
+"\xb7\x7e\x8a\x06\x3b\xeb\x17\xeb\xe6\xd9\xf6\xb2\xa1\x8c\x9e\xcc"
+"\xf3\x89\xd5\x78\x29\x1f\x74\x60\xe2\x61\x72\x78\x05\x52\x23\x07"
+"\x2a\x46\x85\x3c\xcf\x12\x9a\x9d\x3d\xf0\x93\x0e\xd2\x22\x63\x07"
+"\x01\x8b\x96\x73\xb5\x26\x29\xf5\x4f\x90\xf9\x37\x55\x76\x15\x02"
+"\xe8\x4c\x56\x3e\xf1\x14\xaf\x34\x0d\xa8\xde\xee\x0e\x13\xfa\xb8"
+"\xe4\xb7\x6d\x71\x37\xdb\x1e\x42\xdd\xca\xec\xe1\x99\xf9\xc7\x18"
+"\x16\xb0\x41\xd0\xfe\x9a\xa6\xa0\x7a\x5e\x5d\x0a\x96\x4c\x52\x44"
+"\x9a\x29\x69\x09\xa2\x0e\x5a\x1e\xc2\xb3\x5e\xca\x25\xc0\xe1\xa9"
+"\xd1\x41\x7f\x82\xaf\x1f\xf4\x3c\xf8\x3d\x65\xae\xf0\xa2\x1a\x8f"
+"\x41\xdb\x01\x11\x4c\x01\xcb\x24\xb3\xec\xbb\xf3\xe5\x1b\x53\xf0"
+"\x7a\x81\x01\x61\xa2\x8e\xa4\xd0\xaa\x8f\xa1\x71\xc1\x15\x15\xda"
+"\xf3\x7b\x32\x87\xa6\xb7\x7f\x2b\xac\x2b\x28\xfc\xe4\x1a\x94\xab"
+"\x19\xc9\x13\x72\x33\xfa\x42\xec\x6f\x3f\xe1\xe0\xc7\x23\x4b\x17"
+"\xeb\x89\xd3\x1f\x49\xe1\x49\x56\xee\xe3\x82\x46\x43\x00\x80\xbc"
+"\xa3\xfe\x31\xbc\xc9\xcd\x61\x5b\x7a\xf9\xf7\xb7\x48\x98\xbf\xdc"
+"\x79\xca\x71\x3b\xb0\xda\x08\x1e\x25\x97\x83\xd7\x21\x2c\xaa\xc0"
+"\x5c\xfd\x7f\xc4\x30\xd8\x7b\x59\x35\x49\x62\x0f\x4c\x03\x02\xe5"
+"\x73\x63\x61\x0b\x69\x2f\x7d\xb3\x99\xc9\x6b\x0a\x29\x9b\xda\xbe"
+"\x98\xdc\x2c\x29\x28\x9a\x75\x2e\xf1\x11\xd3\x71\x5b\x20\x45\x5b"
+"\xb7\x5e\xc1\xd1\xcc\x4e\x5a\x0d\xa5\x70\xa6\x56\xb8\x80\x8c\x97"
+"\x9d\x65\x8d\xec\xa0\x15\x45\xe6\x04\xd8\x3b\x6b\x36\x3f\x71\x58"
+"\x9e\x7a\x9c\xd2\x44\x86\xbf\x89\xa6\x80\x5d\x5e\x99\xc9\x7e\x56"
+"\x76\x17\x02\x98\x5b\xbb\xa0\xe5\xe5\x10\x25\x3e\x82\xc7\xe0\x91"
+"\x77\x39\x50\x9c\x3d\x2a\x91\x03\x13\x6d\x6d\xd3\xc6\x68\xd3\xa0"
+"\x88\xbc\x24\x5d\xf1\x26\x19\xf4\xb0\x74\x51\x93\x17\xcf\x67\x6c"
+"\x72\x30\xed\x39\xfe\x59\x54\x88\x84\x70\x56\x11\xaf\x41\x66\xa5"
+"\xf9\xf0\x95\xdb\x80\xb8\xae\x2f\xb7\xc3\x65\x72\xd2\xec\xaf\x5f"
+"\xf9\x30\x1e\x5b\x45\x7f\x38\xd5\x03\x02\x60\xaa\xf9\xb7\xd9\xfc"
+"\xa2\x5c\x46\x3e\x9c\xe6\xd6\x8e\x95\x54\xbf\xd8\xe6\xe4\x4b\xc0"
+"\x4c\xa1\x4c\x2c\xb3\xc4\x9f\xef\xeb\x39\x70\x77\xac\xf9\x1f\xb6"
+"\x06\xa2\x53\x7d\x18\xc8\xf8\xda\x8e\x82\x97\x4f\xdd\xd5\x19\x2f"
+"\xa2\x70\x4a\xbd\x5a\x15\x70\xb6\x55\x04\x14\xba\x0a\x04\xdc\x8e"
+"\xaf\xf2\x52\xd5\x90\x4c\x30\xd3\x29\x53\x1c\x66\x37\x5f\x8e\xfc"
+"\x45\x83\xd9\xac\x75\x9e\x0f\x66\x51\xc0\x8a\xc5\x34\x25\x9e\x3b",
+ .ilen = 1024,
+ .result =
+"\xa8\x47\xa1\x1d\xcb\xa3\x88\xae\x42\xab\x6d\xf2\x82\xc2\xed\xd5"
+"\x66\x42\x09\x85\x28\x7d\x49\x6f\x37\xdc\xff\x1c\x7e\x33\xc9\xcd"
+"\x6e\xe9\x33\x36\x01\x62\x1d\x67\x77\x6a\x97\xbf\xb1\xdc\x2f\x98"
+"\x2c\xdb\xac\x44\x9d\xed\x31\x7d\x2d\x41\x4b\xd1\x66\x40\x62\x74"
+"\xdc\x00\xd0\x05\xdc\x54\x4c\x63\xeb\xd9\x42\xe1\xdf\xc4\xde\xdd"
+"\xb6\xb8\x93\xfd\x25\x39\x2d\x7f\x85\xf8\x15\xc3\xbc\xbf\x0b\x95"
+"\x11\xef\x57\x0d\x15\x49\x07\xce\x42\xb0\x50\xe1\x07\xb4\x81\x71"
+"\x35\x71\x4b\x66\x89\x7f\x94\x13\x3e\x57\x43\xc3\x36\x28\xcd\xdd"
+"\xc9\x06\x68\xf8\xf3\x09\x3d\x86\x12\x52\x06\xa9\xe9\x83\x2d\x8f"
+"\x90\xfa\x42\xfe\x79\x3f\x68\x4c\x7b\xfa\x94\xa7\xf7\x16\xc7\x41"
+"\x09\xae\xe2\x82\xb5\x2b\xbc\xca\x65\x65\x2c\x27\x2c\x07\x50\x83"
+"\x2d\xad\x55\xaf\x35\xcc\x6a\xc5\x7c\xd8\xed\x75\x91\x9d\x73\xcb"
+"\x4c\xa5\x8f\xc4\x4f\xda\xa8\xb9\xb6\xa7\xb1\x1a\x75\xb4\x08\xbc"
+"\xb2\x90\x50\xfd\x1f\x05\xa8\x88\x35\x81\xb0\xc9\xac\xbc\x25\x7a"
+"\x95\x33\x02\x2b\x74\xe0\x95\x11\x88\xf7\xc3\x63\xb3\x7b\x09\xd5"
+"\xac\x22\x04\x67\x16\xea\xd6\x37\x38\x8e\xa5\xbd\x62\xa2\x1f\xa5"
+"\x04\x31\x89\xdf\x69\xb1\xde\xe3\x7c\x9d\x7b\x27\xba\x0a\x74\xdc"
+"\x06\x1c\xcd\x6e\x4b\x52\xe7\x6d\x34\x29\x38\xe2\x19\xfc\x0c\xc4"
+"\x78\x03\x1d\x53\x98\x00\x5c\x7a\xec\x23\x5f\x95\xd5\xb3\x16\xde"
+"\xc2\x17\xc2\x0c\x13\x63\x0a\x4b\x7e\x6c\xc7\xbc\x4a\xd0\xae\x29"
+"\xc0\x50\x16\x6f\x01\x2b\xdc\x40\x9f\x91\x8f\xa3\xaf\xd4\x40\xa8"
+"\x2e\x09\x7c\xf4\x3d\x85\xe6\xd9\x3c\x78\x7c\xf1\x6d\xe4\x13\x00"
+"\x98\xf5\xb4\x06\x9f\x90\x0a\x3e\x9f\x51\x0f\xbb\x0f\x13\x07\xc0"
+"\xfd\x26\x53\x24\x24\xf7\x21\x41\xcf\x20\x9d\x77\xe4\xe0\x52\x2a"
+"\x48\xd9\xeb\x65\xce\xf3\x90\x03\x47\x8d\x2b\x77\x54\x46\xda\xff"
+"\x15\x3d\xa5\xd9\x5a\xb6\xd3\xdf\x9c\x91\xc3\xf2\xd2\xdf\xd7\x8c"
+"\x1d\x83\x77\x47\xcd\x74\x23\x44\x04\x06\x8e\x64\x62\x29\xe5\xa0"
+"\xf7\xa7\xc7\xb7\x84\xdb\x9c\x5c\x04\x7f\xca\xb3\x85\x2c\x44\xa6"
+"\x09\x0e\xa3\x2c\x52\x42\x25\x02\x63\x99\xd0\xa5\x27\x61\x64\x4f"
+"\x65\xd7\x31\x56\x24\x97\xb0\x2d\xbb\x0c\xbe\x06\x68\x8a\x2e\xa3"
+"\x0c\xb9\x05\x52\xdb\xbd\x7e\x89\x60\x2e\x28\x76\xba\x5a\x94\xb6"
+"\x94\xc4\xf6\x68\x50\x35\x24\x7b\x2b\x04\x0e\x4c\xf3\x17\x54\xcb"
+"\xcd\x32\x18\x60\xff\xc9\xfe\xe1\x83\xe4\xe6\x9b\x5e\xd8\x21\xbf"
+"\xbf\x69\x01\x3a\x03\xc6\x9f\xe5\xd4\xdf\x01\x20\x8e\xea\x5b\xe1"
+"\xbd\x46\x3c\x3a\x60\x30\xa0\x48\xa0\x07\x82\x27\x4e\x03\xc3\x15"
+"\x98\x1f\xea\x4f\x8c\x90\x4d\xb1\xc5\x90\x40\x59\xda\x5b\x02\x65"
+"\x07\xb9\x64\xe7\x4c\x76\x70\x16\x8a\xc3\xf9\x4f\xed\x25\x47\xaa"
+"\x3b\x49\x8f\xf6\xf0\x71\x94\x34\xda\x29\x0f\x4e\xd4\x95\x3b\xe3"
+"\xef\x99\x3b\x1c\xf7\x09\x5d\xe0\x0d\x03\xe6\x9d\x47\x4c\x8c\xe8"
+"\x26\xb6\x30\x1b\x81\xdc\xa5\x5a\xf1\x04\x18\xf3\xaf\x81\xa2\x7e"
+"\xce\x8b\x33\xfc\xf2\xb1\x5a\x06\xd1\xb9\x59\x73\xd7\xda\x85\xd9"
+"\x30\x73\x98\x4d\x63\x50\x66\x71\x15\x88\x9a\x5d\xd5\x25\x40\x9a"
+"\xe3\x9c\x0b\x4f\xd8\xf5\xbf\xb3\xec\x02\x95\xca\x90\x07\x5d\x99"
+"\x9e\x16\xa2\x18\xa5\xa2\x03\xb1\x16\x6b\x4e\x32\xab\x19\x29\x55"
+"\xcc\xbe\xa8\x7b\xf7\x68\x64\x0e\xc0\x54\x91\x6d\x19\xec\xe9\x8c"
+"\x56\x5e\x71\xa5\x73\x50\x5d\x0d\xd3\xb2\x31\xca\x97\x7b\xf8\x6e"
+"\xfd\xb9\x47\x9b\x17\xf9\x56\x3a\xc6\xb0\x52\x45\x4f\x4a\x13\xe9"
+"\xb7\x64\x02\xdb\xe8\x67\xa3\x9e\xe4\xd9\x49\xc4\xf3\x27\xe3\xb0"
+"\xad\x6e\x51\x65\x14\x4f\xb2\x4b\x8a\xd6\x87\x17\x8c\xe2\x7a\xa1"
+"\x13\xbb\x8c\x7c\x3e\x69\xd2\x29\x06\x36\xf3\x55\x80\xcc\x0e\xa5"
+"\x18\x5a\x5f\xcb\x15\x2e\x7c\x62\xff\x3f\xe7\x7b\xd8\xe4\xa6\x9c"
+"\x4c\x5b\x55\x73\x4a\x0d\x21\x07\xf9\x79\xcb\x17\x51\x06\xf3\xcc"
+"\xfc\x08\x72\x6e\xbc\x04\xe2\x6d\xd8\x52\x1d\x29\x7e\x7a\x06\x8d"
+"\x87\x65\x2e\x2e\x7c\x07\x77\x3a\x35\x4d\x3a\x13\xd3\xf6\xc2\x1f"
+"\x2d\x5d\x14\xa5\x04\xe5\xc5\x7b\xd6\xa9\x70\x4b\x43\x21\x93\xdf"
+"\xe4\xf1\xf8\x75\xf1\x65\x9c\xf8\x0b\x07\x31\xdc\xf2\xba\x06\x91"
+"\xe1\x84\x87\x34\x2d\xdd\xa7\x87\xc0\xc2\x4d\x8d\xe0\x18\x70\xbb"
+"\xe3\x3e\x13\x48\xfc\xf4\x13\x85\xc4\x65\xcf\xe4\x43\x98\x14\x8f"
+"\xf4\x17\x62\x27\x39\xe5\xb6\x45\x76\x61\x78\x0b\x3d\x48\xb3\x41"
+"\xa6\xca\x7c\xed\x52\x19\x99\xea\x73\xc9\xd0\x0b\xeb\xbb\x5a\x69"
+"\x44\x3d\xb2\x81\x25\xb0\x2f\x08\xf0\x8c\x32\xa9\xf0\x79\x3c\x42"
+"\xc3\xdc\x9e\xd1\xec\x93\x49\xc9\x82\x0e\x13\x12\xb3\x8a\x98\x1b"
+"\x35\xe1\x4a\xef\xb4\x73\x28\x1a\x17\x96\xe2\x9a\x50\xc8\xd5\x98"
+"\xec\x96\x6f\x81\x05\x37\xee\x8b\x93\x12\x7c\x41\x26\xd5\x9c\x05",
+ .rlen = 1024,
+ /* limit to maximum of 8 */
+ .np = 8,
+ .also_non_np = 1,
+ .tap = { 32, 64, 96, 128, 192, 32, 64, 96+128+192 },
+},
+};
+
+#define AES_CBC_ENC_TV_TEMPLATE_RNDDATA_KEY16_VEC_COUNT 16
+
+static struct cipher_testvec aes_cbc_dec_tv_template_rnddata_klen16[] = {
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc1\x62\x66\x62\xb8\x65\x28\xfa\x5f\x36\xd3\x09\xb1\x2c\xa1\xa3",
+ .result =
+"\x4f\x6c\x63\xa5\xd0\x19\x08\x4e\xd4\x58\x33\xf6\x2b\xeb\x26\xb9",
+ .ilen = 16,
+ .input =
+"\xa0\x35\xb0\x33\xc0\x2e\xe5\xbb\xbc\xe6\x01\x9e\xf4\x67\x11\x14",
+ .rlen = 16,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x78\x6c\x27\xd6\xb2\xdc\xbe\x7b\xab\xc2\x43\xd7\x81\x0c\xe5\x20",
+ .result =
+"\x9a\x00\x4e\x5a\xb3\x51\x68\xaa\xdb\x6e\xe5\xa4\x7f\x23\x6e\x4d"
+"\x1e\x72\x5e\xad\x64\xc9\x96\x23\xf8\xae\xef\xf6\x7b\x7d\xd6\xf0",
+ .ilen = 32,
+ .input =
+"\x5a\xc0\x04\xc6\x53\xef\x3b\x69\xb1\x41\xc7\x85\xeb\x69\x82\xd0"
+"\xed\x09\xbb\xec\xb2\x8d\x5c\xc9\x61\x81\x5c\xf6\x99\x49\xa0\x4d",
+ .rlen = 32,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc9\x05\x4c\x35\x96\x77\xd3\x3c\x3d\x97\x7c\x82\xf5\x58\x71\xf1",
+ .result =
+"\xa9\x5b\x03\xec\xec\x73\xed\xcb\x5c\x4c\xd2\x40\xb6\x9b\x49\x31"
+"\x5d\xf2\x23\xb3\x11\x98\xeb\x89\xab\x3e\x3a\xdd\xaa\xfd\xd1\xde"
+"\xab\x73\x59\x86\x1a\x59\x32\xb2\x55\x46\x4a\x80\xa4\xcc\xa8\xd9",
+ .ilen = 48,
+ .input =
+"\xdb\x05\x69\xe1\x33\x8b\x0b\x3d\x33\x12\x0d\xef\x94\x0f\xa3\xb3"
+"\xd7\x0a\x53\x7b\x98\x53\xc6\xc2\xa3\xd4\x7a\x30\x1a\xed\x45\xcc"
+"\x47\x38\xc1\x75\x0b\x3c\xd4\x8d\xa8\xf9\xd3\x71\xb8\x22\xa6\xae",
+ .rlen = 48,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x6c\xb4\x84\x61\x1e\x39\x4b\x22\x37\xaa\x7b\x78\xc0\x71\x20\x60",
+ .result =
+"\x05\x43\x76\x1e\xc6\x68\x43\x52\x5f\x43\x39\xbf\x93\x38\x38\x83"
+"\x38\x1d\x3c\xb5\xc8\xab\xe4\xd0\x7f\x1a\xac\xca\xcc\x16\xea\x75"
+"\x30\x75\x40\xe8\x61\x07\xc6\x04\x55\x2b\xf3\x29\xc3\x37\x83\x42"
+"\xe0\x21\xfb\xb4\x5d\x93\xbb\x87\x01\x3e\xa6\x9d\x3b\x0a\x5a\x37",
+ .ilen = 64,
+ .input =
+"\x83\x9f\xa0\xac\x14\x14\x88\x68\x7f\x9a\x5f\x98\x91\x71\xa8\xce"
+"\x28\xfb\x5e\xb1\x49\xe7\x63\x39\x12\x62\x00\x3e\x5c\x63\x2b\x12"
+"\x3d\xff\xd5\x0a\x43\x28\x52\x68\x78\x62\xc7\xa4\xbb\xca\x5d\x5e"
+"\xe3\xd5\x23\xb3\xe7\x22\xae\xf3\xd0\xd9\x00\x14\x0c\x46\x67\x17",
+ .rlen = 64,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xf9\xe8\xab\xe2\xf9\x28\xeb\x05\x10\xc4\x97\x37\x76\xe4\xe0\xd9",
+ .result =
+"\xab\x99\xe8\x2a\x18\x50\xdc\x80\x1f\x38\xb9\x01\x34\xd4\x59\x60"
+"\x4e\x1c\x21\x71\x22\x06\xbe\x5f\x71\x07\x3b\x13\xe7\x05\xca\xa5"
+"\x7b\x23\xb5\xaa\xc6\xdb\xe3\x17\xa9\x9f\xe1\xbc\xd5\x1b\xe6\xf5"
+"\xfa\x43\xdd\x80\x50\xc8\x8a\x32\x2f\x65\x25\xa4\xeb\xd1\x74\x02"
+"\x07\xc1\x04\x94\x6b\x34\xa1\x74\x62\xb2\x8d\x60\xf5\x7e\xda\x1a"
+"\x0f\xf5\x21\xe1\xd7\x88\xc8\x26\xd7\x49\xb2\x4a\x84\x2c\x00\x3b"
+"\x96\xde\x4e\xa7\x57\x27\xa0\xa4\x3a\xff\x69\x19\xf7\xec\xeb\x62"
+"\xff\x5a\x82\x0d\x25\x5e\x3c\x63\xb3\x6d\xc4\xb9\xe3\xc9\x3a\xc2",
+ .ilen = 128,
+ .input =
+"\xec\xd5\x2f\x6a\xfd\x61\xf2\x37\x19\x6f\x55\x31\xd7\x2c\x14\x4d"
+"\xc1\xb4\xbb\x7d\xa9\x1a\xe6\x85\x8c\x2f\xbf\x7e\x66\x21\xf8\x17"
+"\x9e\x09\x1b\x2a\x11\xbf\xdf\x7d\xdf\xf5\xfb\x0a\x16\x79\xe2\x43"
+"\x5c\x3b\x3e\x84\x35\xfd\x92\x9e\xe0\x31\x50\x1d\x62\xd6\x22\x99"
+"\x5f\x25\xb3\xe8\xdf\xb0\xc0\xab\xd9\xdb\xac\x4b\x9c\xe2\x89\xc6"
+"\x49\x7f\x5f\xee\xcb\xf6\x25\x10\x9f\x32\x58\x85\x45\x50\x74\x8a"
+"\x55\xce\x86\x44\xda\xe4\x93\x58\x4d\xd3\x73\x76\x40\xf6\x92\x8b"
+"\x99\xc1\x2b\xf9\x18\xd0\xfa\xd0\xa6\x84\x03\xf5\xd4\xcb\xfa\xe7",
+ .rlen = 128,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x58\x1e\x1a\x65\x16\x25\xaa\x55\x97\xcd\xeb\x4c\xd6\xb3\x9c\x2b",
+ .result =
+"\xef\x85\x0b\xe5\x02\xd5\xce\xcc\xad\x2d\x5e\xec\x1e\x01\x8c\x28"
+"\xf0\x2c\x23\x10\xaa\x84\xf0\x61\xe2\x56\x29\x21\x9f\x09\xaf\x9d"
+"\x7d\xfc\x60\x16\x4c\x67\xdd\xdf\x74\x35\x49\x81\xca\x68\xb6\xc7"
+"\x31\x9f\x49\x29\x96\x01\xb9\x3c\xfb\xa3\x00\x04\x05\xd8\xe6\xa2"
+"\x3f\x0c\xee\xfc\xd6\x88\x7a\x2d\xd6\x32\x27\x15\xe3\x53\xa0\x52"
+"\x1d\x96\x5a\x95\x09\x0c\x5f\x07\xc8\xdf\xab\xc7\x78\x57\x6a\x49"
+"\x09\x88\x54\x2e\x80\x27\xb0\x8a\x40\xb8\x9e\x7a\x22\x85\x8d\xaa"
+"\x95\x48\x45\xf5\xfd\x6f\x4c\x69\xe3\x38\xa6\x05\x69\xf0\xba\xb5"
+"\xd5\x9a\x9f\x77\x98\x23\xef\x98\x1f\xf3\xfe\x53\x23\xf6\xc6\x74"
+"\x6a\x2f\x1b\x34\x75\xd0\x51\x0c\x88\x10\xf9\x80\x19\xaf\x4f\xf1"
+"\xb1\xf3\xc0\x0e\x3a\x7d\x63\x3e\xbd\xb9\xe9\x3c\x69\x56\x0d\xb9"
+"\x8d\x69\xea\xb9\xa7\x39\x4c\x5d\xb8\x06\xa3\x1b\x66\x66\x14\x80"
+"\xe1\x8f\xf3\x65\x0c\xd5\x39\xe4\xed\xb9\x1f\x88\x74\x49\xd7\x4f"
+"\xc1\x4b\x3d\xea\x5d\xa2\x44\xd6\xad\x5d\x8d\xd1\xf7\x56\x9c\x9e"
+"\xda\x52\x56\x51\x00\x14\x1b\xb4\x00\x6b\x83\x4f\x41\x0b\xba\xaa"
+"\x11\xe6\xee\x23\xf7\x85\xa9\xb9\xd8\xe3\xbd\xbb\x7b\x83\x5f\xf8",
+ .ilen = 256,
+ .input =
+"\xc8\x8e\xbf\x95\x57\xa8\xcd\x47\xbc\x32\xee\x76\x97\xee\x02\x12"
+"\x11\x36\x81\xaa\x5b\xd9\xb3\x14\x80\xf3\xab\x62\x9b\x7f\x99\x98"
+"\x3b\x46\xd6\xfb\x68\xc8\xce\x1d\xa5\x47\x79\x6a\xdf\x7c\xda\x01"
+"\x44\x01\xfc\xed\xab\x2a\x51\xae\x2f\x72\x60\xed\x61\xc5\x23\x1d"
+"\xc7\xb5\x3c\xb7\x0b\x29\x62\xd6\x77\x8c\xea\x51\x0c\x39\x90\xe7"
+"\x99\x8c\x5d\xb7\x16\xf3\xc6\xea\xe0\xff\xc3\xd7\xc8\x1a\x7d\xde"
+"\x4d\x25\xaa\x0b\x90\x0d\x49\xd7\x98\x44\x4b\x75\x46\x01\x30\xa3"
+"\xdc\x47\xd9\x66\xc7\x7a\xcb\x4a\x33\x69\x60\x5d\x96\x73\x31\xf1"
+"\xce\xdc\xa9\x15\xb5\xae\x08\x2b\x08\x4a\xbc\x9b\x68\x1e\x49\xe4"
+"\x6e\x11\xe8\x61\x37\x58\x66\x69\x67\x97\x65\x1d\xd4\x62\x7c\x29"
+"\x10\xba\x8f\x2f\x0f\x23\x3d\x72\xb1\xcf\x01\xbc\x73\x10\xd8\xde"
+"\x21\xe6\xfc\xce\x3b\x3e\x19\xdc\xc2\xa7\x87\x62\x33\x88\xb4\x37"
+"\x1f\xfc\x1a\x2b\xef\x14\x24\x4a\xb5\x86\x55\x45\xf8\xc4\xcd\xaa"
+"\x0d\x8a\x5a\xdc\xfd\x7b\x41\xd7\xa6\x8f\x05\x25\x4a\x61\xcb\xa7"
+"\x14\x84\x21\xfc\xa6\x4b\x0f\xaa\x7d\xc6\xa2\x04\x04\xff\x39\xfc"
+"\x27\x8d\x7a\xce\x94\x31\x7c\xb4\xd5\x90\xbd\xb6\xdb\x6a\x55\xd9",
+ .rlen = 256,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xed\xa3\x2d\xa6\x9f\x5e\x38\x6f\xbb\xf9\xb3\x32\xae\x73\x05\x87",
+ .result =
+"\xf6\x24\x50\x2d\xa4\xfb\x09\x41\x95\xcd\x25\x13\xc0\xdc\x26\x0b"
+"\x20\x66\x70\x79\xc5\x58\xde\x63\xba\x37\x13\xb2\x0a\x40\x58\xef"
+"\x37\xcb\x04\x38\x10\x6a\x90\x97\x14\xd2\x71\x03\xa4\xa3\x6a\x59"
+"\x15\x6e\x5d\x45\xc9\xcc\xa9\x47\x8c\x0f\x1d\x6c\x62\x06\x90\xba"
+"\xef\x1c\x23\x4d\xc4\xa0\xa5\x56\x49\x19\xa9\xb1\x2a\xdd\x26\x00"
+"\x6e\xed\xd8\x4d\xd4\x3f\x68\x99\x24\xe2\xfe\x99\xb4\xe6\xf8\x3f"
+"\x60\xef\x97\x5f\x87\xa6\xde\x82\xc4\x11\xf6\x91\x7f\xd4\xa6\xa8"
+"\xee\x97\x41\x43\x14\xd2\x6e\x8d\x72\x30\x83\x5b\x67\x01\x38\xa2"
+"\xca\x93\xf4\x1e\x80\x2e\x8f\x7e\xc3\x78\xf0\xc1\x68\xb4\xf9\x1f"
+"\x15\x3c\x5c\x8b\xa1\xb5\x2f\x0c\xbf\xf7\x21\x74\xdb\x57\x98\x85"
+"\xe9\x89\x16\x20\x8b\x7c\x71\xef\x46\xc0\x78\x04\x23\x3b\x58\x24"
+"\x51\xa1\xa6\xfc\x6e\x9e\x29\x95\x55\x4c\x05\x1c\xc5\x9a\x59\x7e"
+"\x40\x4d\xe8\x81\x76\x41\x6f\x15\xde\x68\xce\x2d\x42\x03\x74\x73"
+"\xd3\x9a\x9c\xac\xa5\x05\x03\x7e\x53\x6e\x53\xa2\x57\x36\xee\x0c"
+"\x05\xde\xa9\x61\x55\xb9\x9d\x7d\x18\x18\xaa\x20\xde\xb8\x43\xd7"
+"\x30\x8e\x20\xc0\x78\xbe\xec\x24\xcf\xd7\x66\xb7\x5a\x1f\x5a\x81"
+"\xec\x19\x48\xc3\xa7\x62\xbf\x83\xbb\xbd\xf4\x51\xec\xb5\xec\x90"
+"\x05\xe1\xa9\xbf\x4d\x9b\x30\xf1\xb9\xa6\x49\xe9\xad\x65\x0d\x08"
+"\x1f\x3f\x81\xa5\x40\x4f\x3d\x42\xd8\x68\x29\xe3\x6c\xcc\x4d\x20"
+"\x7e\xb9\x0c\x33\x1f\x20\xd2\xaf\x39\xd6\xb4\x20\x06\xd0\xc3\x54"
+"\xcd\x96\x84\x88\x13\xc0\x09\x57\x18\x90\xad\xec\x18\xab\x72\x0b"
+"\xb4\x4c\x0a\x65\x67\x2a\x96\x2c\x98\x58\x6f\xdf\xc0\xe4\x51\x7c"
+"\xc8\x66\x1d\x21\x91\x1f\xab\xac\xed\x86\x38\x70\x54\x6f\x0c\xbf"
+"\x1a\xea\x9b\x33\xf4\x7c\x99\x0c\x0a\xdf\x39\x25\x78\x3b\x8d\x9c"
+"\x46\xc0\x07\x08\xfa\xeb\x19\x12\xf8\xc1\xf7\x18\x13\xbd\x7f\xd1"
+"\xa4\x3c\x7e\x03\xbd\xcf\xa1\xf3\x37\x4a\x4d\xc3\xaa\x23\xed\x58"
+"\xca\x68\x35\x91\x3e\x23\x09\xb8\xf3\x8d\xc3\x1b\x23\xe8\x1c\xda"
+"\x41\x90\xa2\x4b\x48\xb5\x7c\xa0\x8d\xaf\x66\x5e\xad\x7f\x06\xa2"
+"\x62\x32\x40\x69\x41\xb1\x2f\x6c\x0e\xf9\xd1\x48\xbd\xfc\x44\x0f"
+"\x65\x5e\xa1\x38\x83\xea\xfe\x42\x53\x9a\x2a\x85\xea\x92\xf6\x29"
+"\xbf\xb5\x78\x1e\x8d\x03\x6b\x09\xaf\x94\x4b\x39\x20\xc1\x17\x20"
+"\x95\x42\xfe\x72\x02\x10\x61\x21\x0f\x23\xcb\x33\x35\x52\x57\x9e",
+ .ilen = 512,
+ .input =
+"\x25\x3d\xad\x25\x4f\xb4\x50\x55\xbf\xc1\x66\xe3\x52\x22\x01\x10"
+"\xde\xed\x83\xc0\x18\x49\xda\xa4\xdb\xf1\x2f\x73\x90\x6f\xf2\x4f"
+"\x9b\xa2\x32\x2b\x6f\xc7\x80\xc8\x47\xbd\xf3\x24\x8a\xcd\x9b\x8d"
+"\x00\x33\xd1\x6a\xf2\x5f\xf2\xc7\xd8\x7c\x3a\x84\x1c\x12\x3c\x3e"
+"\xe0\x58\xb7\xc9\xf8\x73\x9e\x98\x2f\x8f\x03\x38\xe2\xc2\xb9\xae"
+"\xb6\xc6\xef\x78\xd0\xfa\xbf\x81\xcc\xf7\xb3\x82\x5b\x80\xb9\x0b"
+"\x57\xe3\x33\xa6\xfc\x3c\xd1\x78\xc7\x61\xc5\x5a\xe9\x01\xf5\xf7"
+"\x87\x0f\xa4\xe7\x90\xdf\xd5\x9f\x79\xc5\x5c\x1a\x2c\x29\x8e\x79"
+"\x10\xbc\xb2\xc6\x89\x9d\x95\x65\xa8\x25\xb3\x20\x97\xcc\xdf\x62"
+"\x2f\x9c\x85\x36\xe6\x34\xcc\xc0\xee\x7e\x10\xf6\x07\x57\xed\x2e"
+"\x60\x7e\x5e\xa0\x8e\x4c\xec\xe8\x73\xa3\x55\x4d\x7f\x6d\xff\x8c"
+"\x7a\x8c\x62\x3b\x10\x22\x75\xc0\x0b\x4a\x99\x83\x4d\x09\x80\x36"
+"\x41\x33\x19\x53\x9b\x51\xa6\x92\x82\xd8\x97\xe7\x98\x42\x36\x0d"
+"\x93\xb2\xf4\xbf\x96\xc7\x71\xfb\xc1\xf7\xf0\x94\xa3\x88\x28\xfa"
+"\x7c\xef\x3b\x1c\x77\x72\x23\x9b\xaf\x8c\x6a\xf8\x2b\xb2\xd4\xb9"
+"\xeb\x7f\x9f\xa5\x02\x50\x08\x47\x52\x6c\xaf\xe7\x73\x71\x85\x72"
+"\x49\x6b\xc8\x47\x88\xa7\xd8\xc2\x16\xbf\x3c\xe9\x22\x21\xeb\x54"
+"\xd1\xcd\x43\x18\x08\x8f\xa1\xcf\x1c\x2b\xa7\xfd\x65\x4a\x9d\x12"
+"\x0d\xdb\xd5\xf6\x1a\x97\x64\x83\x3c\x5a\x04\xa8\x15\x9d\x61\xd3"
+"\x43\x2a\x56\x35\xed\x08\xb7\x41\xc6\x49\xba\x02\x14\x59\xab\xca"
+"\x84\x1f\xfb\x67\x3a\x00\xe5\x41\xb8\xd1\x6e\x5c\x9d\x6f\xf2\x76"
+"\x3e\x21\x5d\x34\x5c\x78\x0d\x41\x5a\x4f\x62\x69\x1a\x76\x42\xee"
+"\x84\x6b\x1d\x47\x42\xeb\xb2\x11\x8f\x08\xb8\xc8\xea\xf4\x0d\xf7"
+"\x5d\x51\x4c\x4b\xed\x2d\x1b\x48\x30\x38\x38\x58\x0d\xe3\x2d\x80"
+"\xd9\xfb\xed\xe0\xc4\x55\xfe\x4f\x3f\xcf\x55\x57\x08\xaa\xa8\xa2"
+"\xa5\x5a\xe4\xff\x19\xf2\xae\x29\x74\xb9\x40\xea\xf4\x4d\x58\xac"
+"\x9f\x48\xea\x0f\xe0\xb0\xae\x72\x9f\xd8\x34\x95\x59\x01\x20\x7c"
+"\x98\x5d\xe6\x9f\x37\x23\x52\x8d\xa0\x62\x2b\x3a\x9c\x2e\x31\xe7"
+"\xd5\x75\xcc\x4c\x62\x2f\xa4\x3e\x2e\xb9\xe6\xe1\x4b\x69\xb4\x62"
+"\x31\x03\xfc\x08\xfd\xba\x87\xb9\x79\x3a\x68\x19\x65\x49\x2e\x2c"
+"\x65\x5f\xd8\x60\x07\xf4\x73\x8d\xdf\x37\x7e\x00\x88\xaf\x23\x48"
+"\x8b\xad\x74\x9c\x0b\xa3\x3a\x1a\x4b\xa0\x27\x6f\x04\x8d\xd9\x38",
+ .rlen = 512,
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xfd\xd6\xe8\x2f\xfe\xd4\xfe\x42\x23\x4b\x7c\x09\x8c\xde\x4f\x4b",
+ .result =
+"\xff\x7f\xb0\x11\x72\x5a\x91\x4a\xb5\x2d\xb0\x41\x3a\x96\x0d\xa1"
+"\xd9\xbe\x60\x09\x24\x51\x73\xb8\x00\xf0\x48\x1f\x6b\x96\x5b\xe7"
+"\x4d\x47\x88\xc7\xef\x4b\xb4\x33\xa1\x2b\xbe\xdd\x46\x4f\x27\x11"
+"\x8b\x30\x9c\xba\x2c\x7a\xf3\xdb\x48\x54\xbd\xfe\x24\x2f\x83\x91"
+"\x5c\x63\xb9\x12\xd9\xd9\xb9\x71\xcf\x28\x7e\xf8\xe0\xb8\x12\xf7"
+"\x63\xad\xde\x49\xd5\x4d\xa7\x13\x32\xee\x71\x13\x56\x4d\x10\xd5"
+"\x2c\x1d\x8e\x94\x0d\x37\x3d\x7e\x9c\xb4\xeb\xe5\x6f\x12\x30\x7f"
+"\xc3\xa0\xf3\x49\xac\xa6\xab\x1b\xec\xd4\x6c\x95\x2a\x57\xe0\xfa"
+"\x89\x00\x61\xe9\xea\x21\x9a\x2f\x71\xd7\xdb\x11\x52\xb6\x32\x91"
+"\xed\xa3\xdf\xa5\x46\xc1\x50\x5b\xab\x15\x43\x7f\x7d\x82\x34\xf2"
+"\xfa\x6e\x84\xaf\x40\x20\xde\x1f\x90\x39\xab\xdc\xe8\xf3\xf9\x65"
+"\xbc\xdc\xd3\x5c\xcf\xe2\x1b\x43\x08\x68\xd8\x0d\xfb\xc2\x7f\x31"
+"\x91\xb5\x66\x2a\xea\x43\x08\x6d\xa6\xb4\xd3\x0e\x78\x3c\xf1\x6c"
+"\x4d\x27\x47\x7d\x92\x42\xb1\x62\x82\x9f\x13\xdf\x51\xc3\x6b\xec"
+"\x83\x53\xd6\x89\x75\xac\x62\x9a\x89\x7d\xf9\x82\x66\xbe\x93\x6f"
+"\x71\x7d\x01\x79\xec\x10\x10\x50\xe9\x6c\x76\xc6\x7a\xfa\xbb\x69"
+"\x46\x09\x1a\x68\x2f\x07\x28\xf4\xd0\xb6\xb4\x82\xf5\x3a\x90\xdc"
+"\x61\x03\xd9\x8e\xa5\x13\xfd\xdd\xe0\x65\x03\xfb\x78\x6b\x4e\xae"
+"\x7f\x30\xe2\x9e\x39\xb1\x3a\x39\xda\x21\x80\x2c\x09\xdd\xe8\xa2"
+"\x8c\x4a\x2c\x40\x24\x39\xf0\x3f\x7f\x51\x6a\x48\xea\x7b\x68\x3d"
+"\xad\x56\xed\xbe\x86\x0a\x9a\xe6\x9f\x18\x95\x26\x14\x57\x5b\x71"
+"\x9e\x8d\x45\x0d\xad\x23\xb4\x37\xa5\x59\x66\x8c\x13\x8e\x5e\xeb"
+"\xbf\x4a\x0d\x72\xc9\x4a\xcf\x42\xbd\x28\x1f\x91\xad\x55\x81\x78"
+"\x48\xf3\xed\xab\x2b\x6d\x61\xc7\x08\x2c\x07\xcb\x17\xf8\xf1\x7c"
+"\x39\xc8\x44\x63\x3a\x2a\x55\xbe\xe1\xb5\x12\x61\x0a\x4c\x32\x83"
+"\x9a\xa0\xf8\x93\x8c\xfa\x45\x92\x4e\xad\x48\xd9\x84\xe8\x0d\x7a"
+"\xca\xad\xbf\xd2\x5a\x1d\x58\x67\x57\x68\xca\x2f\x40\xa5\x1c\x38"
+"\x2a\xde\xa7\x57\x87\x4f\x11\x97\x3e\x11\xe7\x58\x54\xbd\x06\x48"
+"\xf7\x60\x45\x5b\x9d\x08\x5a\xef\xf9\x28\xa5\xf5\x48\x5c\x9c\xa0"
+"\x96\x76\x56\x51\x40\xec\xbe\xdb\x6e\xba\x4b\xb0\xa2\xe9\x55\xe6"
+"\xb7\x7e\x8a\x06\x3b\xeb\x17\xeb\xe6\xd9\xf6\xb2\xa1\x8c\x9e\xcc"
+"\xf3\x89\xd5\x78\x29\x1f\x74\x60\xe2\x61\x72\x78\x05\x52\x23\x07"
+"\x2a\x46\x85\x3c\xcf\x12\x9a\x9d\x3d\xf0\x93\x0e\xd2\x22\x63\x07"
+"\x01\x8b\x96\x73\xb5\x26\x29\xf5\x4f\x90\xf9\x37\x55\x76\x15\x02"
+"\xe8\x4c\x56\x3e\xf1\x14\xaf\x34\x0d\xa8\xde\xee\x0e\x13\xfa\xb8"
+"\xe4\xb7\x6d\x71\x37\xdb\x1e\x42\xdd\xca\xec\xe1\x99\xf9\xc7\x18"
+"\x16\xb0\x41\xd0\xfe\x9a\xa6\xa0\x7a\x5e\x5d\x0a\x96\x4c\x52\x44"
+"\x9a\x29\x69\x09\xa2\x0e\x5a\x1e\xc2\xb3\x5e\xca\x25\xc0\xe1\xa9"
+"\xd1\x41\x7f\x82\xaf\x1f\xf4\x3c\xf8\x3d\x65\xae\xf0\xa2\x1a\x8f"
+"\x41\xdb\x01\x11\x4c\x01\xcb\x24\xb3\xec\xbb\xf3\xe5\x1b\x53\xf0"
+"\x7a\x81\x01\x61\xa2\x8e\xa4\xd0\xaa\x8f\xa1\x71\xc1\x15\x15\xda"
+"\xf3\x7b\x32\x87\xa6\xb7\x7f\x2b\xac\x2b\x28\xfc\xe4\x1a\x94\xab"
+"\x19\xc9\x13\x72\x33\xfa\x42\xec\x6f\x3f\xe1\xe0\xc7\x23\x4b\x17"
+"\xeb\x89\xd3\x1f\x49\xe1\x49\x56\xee\xe3\x82\x46\x43\x00\x80\xbc"
+"\xa3\xfe\x31\xbc\xc9\xcd\x61\x5b\x7a\xf9\xf7\xb7\x48\x98\xbf\xdc"
+"\x79\xca\x71\x3b\xb0\xda\x08\x1e\x25\x97\x83\xd7\x21\x2c\xaa\xc0"
+"\x5c\xfd\x7f\xc4\x30\xd8\x7b\x59\x35\x49\x62\x0f\x4c\x03\x02\xe5"
+"\x73\x63\x61\x0b\x69\x2f\x7d\xb3\x99\xc9\x6b\x0a\x29\x9b\xda\xbe"
+"\x98\xdc\x2c\x29\x28\x9a\x75\x2e\xf1\x11\xd3\x71\x5b\x20\x45\x5b"
+"\xb7\x5e\xc1\xd1\xcc\x4e\x5a\x0d\xa5\x70\xa6\x56\xb8\x80\x8c\x97"
+"\x9d\x65\x8d\xec\xa0\x15\x45\xe6\x04\xd8\x3b\x6b\x36\x3f\x71\x58"
+"\x9e\x7a\x9c\xd2\x44\x86\xbf\x89\xa6\x80\x5d\x5e\x99\xc9\x7e\x56"
+"\x76\x17\x02\x98\x5b\xbb\xa0\xe5\xe5\x10\x25\x3e\x82\xc7\xe0\x91"
+"\x77\x39\x50\x9c\x3d\x2a\x91\x03\x13\x6d\x6d\xd3\xc6\x68\xd3\xa0"
+"\x88\xbc\x24\x5d\xf1\x26\x19\xf4\xb0\x74\x51\x93\x17\xcf\x67\x6c"
+"\x72\x30\xed\x39\xfe\x59\x54\x88\x84\x70\x56\x11\xaf\x41\x66\xa5"
+"\xf9\xf0\x95\xdb\x80\xb8\xae\x2f\xb7\xc3\x65\x72\xd2\xec\xaf\x5f"
+"\xf9\x30\x1e\x5b\x45\x7f\x38\xd5\x03\x02\x60\xaa\xf9\xb7\xd9\xfc"
+"\xa2\x5c\x46\x3e\x9c\xe6\xd6\x8e\x95\x54\xbf\xd8\xe6\xe4\x4b\xc0"
+"\x4c\xa1\x4c\x2c\xb3\xc4\x9f\xef\xeb\x39\x70\x77\xac\xf9\x1f\xb6"
+"\x06\xa2\x53\x7d\x18\xc8\xf8\xda\x8e\x82\x97\x4f\xdd\xd5\x19\x2f"
+"\xa2\x70\x4a\xbd\x5a\x15\x70\xb6\x55\x04\x14\xba\x0a\x04\xdc\x8e"
+"\xaf\xf2\x52\xd5\x90\x4c\x30\xd3\x29\x53\x1c\x66\x37\x5f\x8e\xfc"
+"\x45\x83\xd9\xac\x75\x9e\x0f\x66\x51\xc0\x8a\xc5\x34\x25\x9e\x3b",
+ .ilen = 1024,
+ .input =
+"\xa8\x47\xa1\x1d\xcb\xa3\x88\xae\x42\xab\x6d\xf2\x82\xc2\xed\xd5"
+"\x66\x42\x09\x85\x28\x7d\x49\x6f\x37\xdc\xff\x1c\x7e\x33\xc9\xcd"
+"\x6e\xe9\x33\x36\x01\x62\x1d\x67\x77\x6a\x97\xbf\xb1\xdc\x2f\x98"
+"\x2c\xdb\xac\x44\x9d\xed\x31\x7d\x2d\x41\x4b\xd1\x66\x40\x62\x74"
+"\xdc\x00\xd0\x05\xdc\x54\x4c\x63\xeb\xd9\x42\xe1\xdf\xc4\xde\xdd"
+"\xb6\xb8\x93\xfd\x25\x39\x2d\x7f\x85\xf8\x15\xc3\xbc\xbf\x0b\x95"
+"\x11\xef\x57\x0d\x15\x49\x07\xce\x42\xb0\x50\xe1\x07\xb4\x81\x71"
+"\x35\x71\x4b\x66\x89\x7f\x94\x13\x3e\x57\x43\xc3\x36\x28\xcd\xdd"
+"\xc9\x06\x68\xf8\xf3\x09\x3d\x86\x12\x52\x06\xa9\xe9\x83\x2d\x8f"
+"\x90\xfa\x42\xfe\x79\x3f\x68\x4c\x7b\xfa\x94\xa7\xf7\x16\xc7\x41"
+"\x09\xae\xe2\x82\xb5\x2b\xbc\xca\x65\x65\x2c\x27\x2c\x07\x50\x83"
+"\x2d\xad\x55\xaf\x35\xcc\x6a\xc5\x7c\xd8\xed\x75\x91\x9d\x73\xcb"
+"\x4c\xa5\x8f\xc4\x4f\xda\xa8\xb9\xb6\xa7\xb1\x1a\x75\xb4\x08\xbc"
+"\xb2\x90\x50\xfd\x1f\x05\xa8\x88\x35\x81\xb0\xc9\xac\xbc\x25\x7a"
+"\x95\x33\x02\x2b\x74\xe0\x95\x11\x88\xf7\xc3\x63\xb3\x7b\x09\xd5"
+"\xac\x22\x04\x67\x16\xea\xd6\x37\x38\x8e\xa5\xbd\x62\xa2\x1f\xa5"
+"\x04\x31\x89\xdf\x69\xb1\xde\xe3\x7c\x9d\x7b\x27\xba\x0a\x74\xdc"
+"\x06\x1c\xcd\x6e\x4b\x52\xe7\x6d\x34\x29\x38\xe2\x19\xfc\x0c\xc4"
+"\x78\x03\x1d\x53\x98\x00\x5c\x7a\xec\x23\x5f\x95\xd5\xb3\x16\xde"
+"\xc2\x17\xc2\x0c\x13\x63\x0a\x4b\x7e\x6c\xc7\xbc\x4a\xd0\xae\x29"
+"\xc0\x50\x16\x6f\x01\x2b\xdc\x40\x9f\x91\x8f\xa3\xaf\xd4\x40\xa8"
+"\x2e\x09\x7c\xf4\x3d\x85\xe6\xd9\x3c\x78\x7c\xf1\x6d\xe4\x13\x00"
+"\x98\xf5\xb4\x06\x9f\x90\x0a\x3e\x9f\x51\x0f\xbb\x0f\x13\x07\xc0"
+"\xfd\x26\x53\x24\x24\xf7\x21\x41\xcf\x20\x9d\x77\xe4\xe0\x52\x2a"
+"\x48\xd9\xeb\x65\xce\xf3\x90\x03\x47\x8d\x2b\x77\x54\x46\xda\xff"
+"\x15\x3d\xa5\xd9\x5a\xb6\xd3\xdf\x9c\x91\xc3\xf2\xd2\xdf\xd7\x8c"
+"\x1d\x83\x77\x47\xcd\x74\x23\x44\x04\x06\x8e\x64\x62\x29\xe5\xa0"
+"\xf7\xa7\xc7\xb7\x84\xdb\x9c\x5c\x04\x7f\xca\xb3\x85\x2c\x44\xa6"
+"\x09\x0e\xa3\x2c\x52\x42\x25\x02\x63\x99\xd0\xa5\x27\x61\x64\x4f"
+"\x65\xd7\x31\x56\x24\x97\xb0\x2d\xbb\x0c\xbe\x06\x68\x8a\x2e\xa3"
+"\x0c\xb9\x05\x52\xdb\xbd\x7e\x89\x60\x2e\x28\x76\xba\x5a\x94\xb6"
+"\x94\xc4\xf6\x68\x50\x35\x24\x7b\x2b\x04\x0e\x4c\xf3\x17\x54\xcb"
+"\xcd\x32\x18\x60\xff\xc9\xfe\xe1\x83\xe4\xe6\x9b\x5e\xd8\x21\xbf"
+"\xbf\x69\x01\x3a\x03\xc6\x9f\xe5\xd4\xdf\x01\x20\x8e\xea\x5b\xe1"
+"\xbd\x46\x3c\x3a\x60\x30\xa0\x48\xa0\x07\x82\x27\x4e\x03\xc3\x15"
+"\x98\x1f\xea\x4f\x8c\x90\x4d\xb1\xc5\x90\x40\x59\xda\x5b\x02\x65"
+"\x07\xb9\x64\xe7\x4c\x76\x70\x16\x8a\xc3\xf9\x4f\xed\x25\x47\xaa"
+"\x3b\x49\x8f\xf6\xf0\x71\x94\x34\xda\x29\x0f\x4e\xd4\x95\x3b\xe3"
+"\xef\x99\x3b\x1c\xf7\x09\x5d\xe0\x0d\x03\xe6\x9d\x47\x4c\x8c\xe8"
+"\x26\xb6\x30\x1b\x81\xdc\xa5\x5a\xf1\x04\x18\xf3\xaf\x81\xa2\x7e"
+"\xce\x8b\x33\xfc\xf2\xb1\x5a\x06\xd1\xb9\x59\x73\xd7\xda\x85\xd9"
+"\x30\x73\x98\x4d\x63\x50\x66\x71\x15\x88\x9a\x5d\xd5\x25\x40\x9a"
+"\xe3\x9c\x0b\x4f\xd8\xf5\xbf\xb3\xec\x02\x95\xca\x90\x07\x5d\x99"
+"\x9e\x16\xa2\x18\xa5\xa2\x03\xb1\x16\x6b\x4e\x32\xab\x19\x29\x55"
+"\xcc\xbe\xa8\x7b\xf7\x68\x64\x0e\xc0\x54\x91\x6d\x19\xec\xe9\x8c"
+"\x56\x5e\x71\xa5\x73\x50\x5d\x0d\xd3\xb2\x31\xca\x97\x7b\xf8\x6e"
+"\xfd\xb9\x47\x9b\x17\xf9\x56\x3a\xc6\xb0\x52\x45\x4f\x4a\x13\xe9"
+"\xb7\x64\x02\xdb\xe8\x67\xa3\x9e\xe4\xd9\x49\xc4\xf3\x27\xe3\xb0"
+"\xad\x6e\x51\x65\x14\x4f\xb2\x4b\x8a\xd6\x87\x17\x8c\xe2\x7a\xa1"
+"\x13\xbb\x8c\x7c\x3e\x69\xd2\x29\x06\x36\xf3\x55\x80\xcc\x0e\xa5"
+"\x18\x5a\x5f\xcb\x15\x2e\x7c\x62\xff\x3f\xe7\x7b\xd8\xe4\xa6\x9c"
+"\x4c\x5b\x55\x73\x4a\x0d\x21\x07\xf9\x79\xcb\x17\x51\x06\xf3\xcc"
+"\xfc\x08\x72\x6e\xbc\x04\xe2\x6d\xd8\x52\x1d\x29\x7e\x7a\x06\x8d"
+"\x87\x65\x2e\x2e\x7c\x07\x77\x3a\x35\x4d\x3a\x13\xd3\xf6\xc2\x1f"
+"\x2d\x5d\x14\xa5\x04\xe5\xc5\x7b\xd6\xa9\x70\x4b\x43\x21\x93\xdf"
+"\xe4\xf1\xf8\x75\xf1\x65\x9c\xf8\x0b\x07\x31\xdc\xf2\xba\x06\x91"
+"\xe1\x84\x87\x34\x2d\xdd\xa7\x87\xc0\xc2\x4d\x8d\xe0\x18\x70\xbb"
+"\xe3\x3e\x13\x48\xfc\xf4\x13\x85\xc4\x65\xcf\xe4\x43\x98\x14\x8f"
+"\xf4\x17\x62\x27\x39\xe5\xb6\x45\x76\x61\x78\x0b\x3d\x48\xb3\x41"
+"\xa6\xca\x7c\xed\x52\x19\x99\xea\x73\xc9\xd0\x0b\xeb\xbb\x5a\x69"
+"\x44\x3d\xb2\x81\x25\xb0\x2f\x08\xf0\x8c\x32\xa9\xf0\x79\x3c\x42"
+"\xc3\xdc\x9e\xd1\xec\x93\x49\xc9\x82\x0e\x13\x12\xb3\x8a\x98\x1b"
+"\x35\xe1\x4a\xef\xb4\x73\x28\x1a\x17\x96\xe2\x9a\x50\xc8\xd5\x98"
+"\xec\x96\x6f\x81\x05\x37\xee\x8b\x93\x12\x7c\x41\x26\xd5\x9c\x05",
+ .rlen = 1024,
+},
+/* repeat the above with sg list */
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc1\x62\x66\x62\xb8\x65\x28\xfa\x5f\x36\xd3\x09\xb1\x2c\xa1\xa3",
+ .result =
+"\x4f\x6c\x63\xa5\xd0\x19\x08\x4e\xd4\x58\x33\xf6\x2b\xeb\x26\xb9",
+ .ilen = 16,
+ .input =
+"\xa0\x35\xb0\x33\xc0\x2e\xe5\xbb\xbc\xe6\x01\x9e\xf4\x67\x11\x14",
+ .rlen = 16,
+ .np = 2,
+ .also_non_np = 1,
+ .tap = { 8, 8 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x78\x6c\x27\xd6\xb2\xdc\xbe\x7b\xab\xc2\x43\xd7\x81\x0c\xe5\x20",
+ .result =
+"\x9a\x00\x4e\x5a\xb3\x51\x68\xaa\xdb\x6e\xe5\xa4\x7f\x23\x6e\x4d"
+"\x1e\x72\x5e\xad\x64\xc9\x96\x23\xf8\xae\xef\xf6\x7b\x7d\xd6\xf0",
+ .ilen = 32,
+ .input =
+"\x5a\xc0\x04\xc6\x53\xef\x3b\x69\xb1\x41\xc7\x85\xeb\x69\x82\xd0"
+"\xed\x09\xbb\xec\xb2\x8d\x5c\xc9\x61\x81\x5c\xf6\x99\x49\xa0\x4d",
+ .rlen = 32,
+ .np = 3,
+ .also_non_np = 1,
+ .tap = { 8, 8, 16 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xc9\x05\x4c\x35\x96\x77\xd3\x3c\x3d\x97\x7c\x82\xf5\x58\x71\xf1",
+ .result =
+"\xa9\x5b\x03\xec\xec\x73\xed\xcb\x5c\x4c\xd2\x40\xb6\x9b\x49\x31"
+"\x5d\xf2\x23\xb3\x11\x98\xeb\x89\xab\x3e\x3a\xdd\xaa\xfd\xd1\xde"
+"\xab\x73\x59\x86\x1a\x59\x32\xb2\x55\x46\x4a\x80\xa4\xcc\xa8\xd9",
+ .ilen = 48,
+ .input =
+"\xdb\x05\x69\xe1\x33\x8b\x0b\x3d\x33\x12\x0d\xef\x94\x0f\xa3\xb3"
+"\xd7\x0a\x53\x7b\x98\x53\xc6\xc2\xa3\xd4\x7a\x30\x1a\xed\x45\xcc"
+"\x47\x38\xc1\x75\x0b\x3c\xd4\x8d\xa8\xf9\xd3\x71\xb8\x22\xa6\xae",
+ .rlen = 48,
+ .np = 4,
+ .also_non_np = 1,
+ .tap = { 8, 8, 20, 12 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x6c\xb4\x84\x61\x1e\x39\x4b\x22\x37\xaa\x7b\x78\xc0\x71\x20\x60",
+ .result =
+"\x05\x43\x76\x1e\xc6\x68\x43\x52\x5f\x43\x39\xbf\x93\x38\x38\x83"
+"\x38\x1d\x3c\xb5\xc8\xab\xe4\xd0\x7f\x1a\xac\xca\xcc\x16\xea\x75"
+"\x30\x75\x40\xe8\x61\x07\xc6\x04\x55\x2b\xf3\x29\xc3\x37\x83\x42"
+"\xe0\x21\xfb\xb4\x5d\x93\xbb\x87\x01\x3e\xa6\x9d\x3b\x0a\x5a\x37",
+ .ilen = 64,
+ .input =
+"\x83\x9f\xa0\xac\x14\x14\x88\x68\x7f\x9a\x5f\x98\x91\x71\xa8\xce"
+"\x28\xfb\x5e\xb1\x49\xe7\x63\x39\x12\x62\x00\x3e\x5c\x63\x2b\x12"
+"\x3d\xff\xd5\x0a\x43\x28\x52\x68\x78\x62\xc7\xa4\xbb\xca\x5d\x5e"
+"\xe3\xd5\x23\xb3\xe7\x22\xae\xf3\xd0\xd9\x00\x14\x0c\x46\x67\x17",
+ .rlen = 64,
+ .np = 2,
+ .also_non_np = 1,
+ .tap = { 32, 32 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xf9\xe8\xab\xe2\xf9\x28\xeb\x05\x10\xc4\x97\x37\x76\xe4\xe0\xd9",
+ .result =
+"\xab\x99\xe8\x2a\x18\x50\xdc\x80\x1f\x38\xb9\x01\x34\xd4\x59\x60"
+"\x4e\x1c\x21\x71\x22\x06\xbe\x5f\x71\x07\x3b\x13\xe7\x05\xca\xa5"
+"\x7b\x23\xb5\xaa\xc6\xdb\xe3\x17\xa9\x9f\xe1\xbc\xd5\x1b\xe6\xf5"
+"\xfa\x43\xdd\x80\x50\xc8\x8a\x32\x2f\x65\x25\xa4\xeb\xd1\x74\x02"
+"\x07\xc1\x04\x94\x6b\x34\xa1\x74\x62\xb2\x8d\x60\xf5\x7e\xda\x1a"
+"\x0f\xf5\x21\xe1\xd7\x88\xc8\x26\xd7\x49\xb2\x4a\x84\x2c\x00\x3b"
+"\x96\xde\x4e\xa7\x57\x27\xa0\xa4\x3a\xff\x69\x19\xf7\xec\xeb\x62"
+"\xff\x5a\x82\x0d\x25\x5e\x3c\x63\xb3\x6d\xc4\xb9\xe3\xc9\x3a\xc2",
+ .ilen = 128,
+ .input =
+"\xec\xd5\x2f\x6a\xfd\x61\xf2\x37\x19\x6f\x55\x31\xd7\x2c\x14\x4d"
+"\xc1\xb4\xbb\x7d\xa9\x1a\xe6\x85\x8c\x2f\xbf\x7e\x66\x21\xf8\x17"
+"\x9e\x09\x1b\x2a\x11\xbf\xdf\x7d\xdf\xf5\xfb\x0a\x16\x79\xe2\x43"
+"\x5c\x3b\x3e\x84\x35\xfd\x92\x9e\xe0\x31\x50\x1d\x62\xd6\x22\x99"
+"\x5f\x25\xb3\xe8\xdf\xb0\xc0\xab\xd9\xdb\xac\x4b\x9c\xe2\x89\xc6"
+"\x49\x7f\x5f\xee\xcb\xf6\x25\x10\x9f\x32\x58\x85\x45\x50\x74\x8a"
+"\x55\xce\x86\x44\xda\xe4\x93\x58\x4d\xd3\x73\x76\x40\xf6\x92\x8b"
+"\x99\xc1\x2b\xf9\x18\xd0\xfa\xd0\xa6\x84\x03\xf5\xd4\xcb\xfa\xe7",
+ .rlen = 128,
+ .np = 3,
+ .also_non_np = 1,
+ .tap = { 64, 16, 48 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\x58\x1e\x1a\x65\x16\x25\xaa\x55\x97\xcd\xeb\x4c\xd6\xb3\x9c\x2b",
+ .result =
+"\xef\x85\x0b\xe5\x02\xd5\xce\xcc\xad\x2d\x5e\xec\x1e\x01\x8c\x28"
+"\xf0\x2c\x23\x10\xaa\x84\xf0\x61\xe2\x56\x29\x21\x9f\x09\xaf\x9d"
+"\x7d\xfc\x60\x16\x4c\x67\xdd\xdf\x74\x35\x49\x81\xca\x68\xb6\xc7"
+"\x31\x9f\x49\x29\x96\x01\xb9\x3c\xfb\xa3\x00\x04\x05\xd8\xe6\xa2"
+"\x3f\x0c\xee\xfc\xd6\x88\x7a\x2d\xd6\x32\x27\x15\xe3\x53\xa0\x52"
+"\x1d\x96\x5a\x95\x09\x0c\x5f\x07\xc8\xdf\xab\xc7\x78\x57\x6a\x49"
+"\x09\x88\x54\x2e\x80\x27\xb0\x8a\x40\xb8\x9e\x7a\x22\x85\x8d\xaa"
+"\x95\x48\x45\xf5\xfd\x6f\x4c\x69\xe3\x38\xa6\x05\x69\xf0\xba\xb5"
+"\xd5\x9a\x9f\x77\x98\x23\xef\x98\x1f\xf3\xfe\x53\x23\xf6\xc6\x74"
+"\x6a\x2f\x1b\x34\x75\xd0\x51\x0c\x88\x10\xf9\x80\x19\xaf\x4f\xf1"
+"\xb1\xf3\xc0\x0e\x3a\x7d\x63\x3e\xbd\xb9\xe9\x3c\x69\x56\x0d\xb9"
+"\x8d\x69\xea\xb9\xa7\x39\x4c\x5d\xb8\x06\xa3\x1b\x66\x66\x14\x80"
+"\xe1\x8f\xf3\x65\x0c\xd5\x39\xe4\xed\xb9\x1f\x88\x74\x49\xd7\x4f"
+"\xc1\x4b\x3d\xea\x5d\xa2\x44\xd6\xad\x5d\x8d\xd1\xf7\x56\x9c\x9e"
+"\xda\x52\x56\x51\x00\x14\x1b\xb4\x00\x6b\x83\x4f\x41\x0b\xba\xaa"
+"\x11\xe6\xee\x23\xf7\x85\xa9\xb9\xd8\xe3\xbd\xbb\x7b\x83\x5f\xf8",
+ .ilen = 256,
+ .input =
+"\xc8\x8e\xbf\x95\x57\xa8\xcd\x47\xbc\x32\xee\x76\x97\xee\x02\x12"
+"\x11\x36\x81\xaa\x5b\xd9\xb3\x14\x80\xf3\xab\x62\x9b\x7f\x99\x98"
+"\x3b\x46\xd6\xfb\x68\xc8\xce\x1d\xa5\x47\x79\x6a\xdf\x7c\xda\x01"
+"\x44\x01\xfc\xed\xab\x2a\x51\xae\x2f\x72\x60\xed\x61\xc5\x23\x1d"
+"\xc7\xb5\x3c\xb7\x0b\x29\x62\xd6\x77\x8c\xea\x51\x0c\x39\x90\xe7"
+"\x99\x8c\x5d\xb7\x16\xf3\xc6\xea\xe0\xff\xc3\xd7\xc8\x1a\x7d\xde"
+"\x4d\x25\xaa\x0b\x90\x0d\x49\xd7\x98\x44\x4b\x75\x46\x01\x30\xa3"
+"\xdc\x47\xd9\x66\xc7\x7a\xcb\x4a\x33\x69\x60\x5d\x96\x73\x31\xf1"
+"\xce\xdc\xa9\x15\xb5\xae\x08\x2b\x08\x4a\xbc\x9b\x68\x1e\x49\xe4"
+"\x6e\x11\xe8\x61\x37\x58\x66\x69\x67\x97\x65\x1d\xd4\x62\x7c\x29"
+"\x10\xba\x8f\x2f\x0f\x23\x3d\x72\xb1\xcf\x01\xbc\x73\x10\xd8\xde"
+"\x21\xe6\xfc\xce\x3b\x3e\x19\xdc\xc2\xa7\x87\x62\x33\x88\xb4\x37"
+"\x1f\xfc\x1a\x2b\xef\x14\x24\x4a\xb5\x86\x55\x45\xf8\xc4\xcd\xaa"
+"\x0d\x8a\x5a\xdc\xfd\x7b\x41\xd7\xa6\x8f\x05\x25\x4a\x61\xcb\xa7"
+"\x14\x84\x21\xfc\xa6\x4b\x0f\xaa\x7d\xc6\xa2\x04\x04\xff\x39\xfc"
+"\x27\x8d\x7a\xce\x94\x31\x7c\xb4\xd5\x90\xbd\xb6\xdb\x6a\x55\xd9",
+ .rlen = 256,
+ .np = 4,
+ .also_non_np = 1,
+ .tap = { 32, 48, 80, 96 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xed\xa3\x2d\xa6\x9f\x5e\x38\x6f\xbb\xf9\xb3\x32\xae\x73\x05\x87",
+ .result =
+"\xf6\x24\x50\x2d\xa4\xfb\x09\x41\x95\xcd\x25\x13\xc0\xdc\x26\x0b"
+"\x20\x66\x70\x79\xc5\x58\xde\x63\xba\x37\x13\xb2\x0a\x40\x58\xef"
+"\x37\xcb\x04\x38\x10\x6a\x90\x97\x14\xd2\x71\x03\xa4\xa3\x6a\x59"
+"\x15\x6e\x5d\x45\xc9\xcc\xa9\x47\x8c\x0f\x1d\x6c\x62\x06\x90\xba"
+"\xef\x1c\x23\x4d\xc4\xa0\xa5\x56\x49\x19\xa9\xb1\x2a\xdd\x26\x00"
+"\x6e\xed\xd8\x4d\xd4\x3f\x68\x99\x24\xe2\xfe\x99\xb4\xe6\xf8\x3f"
+"\x60\xef\x97\x5f\x87\xa6\xde\x82\xc4\x11\xf6\x91\x7f\xd4\xa6\xa8"
+"\xee\x97\x41\x43\x14\xd2\x6e\x8d\x72\x30\x83\x5b\x67\x01\x38\xa2"
+"\xca\x93\xf4\x1e\x80\x2e\x8f\x7e\xc3\x78\xf0\xc1\x68\xb4\xf9\x1f"
+"\x15\x3c\x5c\x8b\xa1\xb5\x2f\x0c\xbf\xf7\x21\x74\xdb\x57\x98\x85"
+"\xe9\x89\x16\x20\x8b\x7c\x71\xef\x46\xc0\x78\x04\x23\x3b\x58\x24"
+"\x51\xa1\xa6\xfc\x6e\x9e\x29\x95\x55\x4c\x05\x1c\xc5\x9a\x59\x7e"
+"\x40\x4d\xe8\x81\x76\x41\x6f\x15\xde\x68\xce\x2d\x42\x03\x74\x73"
+"\xd3\x9a\x9c\xac\xa5\x05\x03\x7e\x53\x6e\x53\xa2\x57\x36\xee\x0c"
+"\x05\xde\xa9\x61\x55\xb9\x9d\x7d\x18\x18\xaa\x20\xde\xb8\x43\xd7"
+"\x30\x8e\x20\xc0\x78\xbe\xec\x24\xcf\xd7\x66\xb7\x5a\x1f\x5a\x81"
+"\xec\x19\x48\xc3\xa7\x62\xbf\x83\xbb\xbd\xf4\x51\xec\xb5\xec\x90"
+"\x05\xe1\xa9\xbf\x4d\x9b\x30\xf1\xb9\xa6\x49\xe9\xad\x65\x0d\x08"
+"\x1f\x3f\x81\xa5\x40\x4f\x3d\x42\xd8\x68\x29\xe3\x6c\xcc\x4d\x20"
+"\x7e\xb9\x0c\x33\x1f\x20\xd2\xaf\x39\xd6\xb4\x20\x06\xd0\xc3\x54"
+"\xcd\x96\x84\x88\x13\xc0\x09\x57\x18\x90\xad\xec\x18\xab\x72\x0b"
+"\xb4\x4c\x0a\x65\x67\x2a\x96\x2c\x98\x58\x6f\xdf\xc0\xe4\x51\x7c"
+"\xc8\x66\x1d\x21\x91\x1f\xab\xac\xed\x86\x38\x70\x54\x6f\x0c\xbf"
+"\x1a\xea\x9b\x33\xf4\x7c\x99\x0c\x0a\xdf\x39\x25\x78\x3b\x8d\x9c"
+"\x46\xc0\x07\x08\xfa\xeb\x19\x12\xf8\xc1\xf7\x18\x13\xbd\x7f\xd1"
+"\xa4\x3c\x7e\x03\xbd\xcf\xa1\xf3\x37\x4a\x4d\xc3\xaa\x23\xed\x58"
+"\xca\x68\x35\x91\x3e\x23\x09\xb8\xf3\x8d\xc3\x1b\x23\xe8\x1c\xda"
+"\x41\x90\xa2\x4b\x48\xb5\x7c\xa0\x8d\xaf\x66\x5e\xad\x7f\x06\xa2"
+"\x62\x32\x40\x69\x41\xb1\x2f\x6c\x0e\xf9\xd1\x48\xbd\xfc\x44\x0f"
+"\x65\x5e\xa1\x38\x83\xea\xfe\x42\x53\x9a\x2a\x85\xea\x92\xf6\x29"
+"\xbf\xb5\x78\x1e\x8d\x03\x6b\x09\xaf\x94\x4b\x39\x20\xc1\x17\x20"
+"\x95\x42\xfe\x72\x02\x10\x61\x21\x0f\x23\xcb\x33\x35\x52\x57\x9e",
+ .ilen = 512,
+ .input =
+"\x25\x3d\xad\x25\x4f\xb4\x50\x55\xbf\xc1\x66\xe3\x52\x22\x01\x10"
+"\xde\xed\x83\xc0\x18\x49\xda\xa4\xdb\xf1\x2f\x73\x90\x6f\xf2\x4f"
+"\x9b\xa2\x32\x2b\x6f\xc7\x80\xc8\x47\xbd\xf3\x24\x8a\xcd\x9b\x8d"
+"\x00\x33\xd1\x6a\xf2\x5f\xf2\xc7\xd8\x7c\x3a\x84\x1c\x12\x3c\x3e"
+"\xe0\x58\xb7\xc9\xf8\x73\x9e\x98\x2f\x8f\x03\x38\xe2\xc2\xb9\xae"
+"\xb6\xc6\xef\x78\xd0\xfa\xbf\x81\xcc\xf7\xb3\x82\x5b\x80\xb9\x0b"
+"\x57\xe3\x33\xa6\xfc\x3c\xd1\x78\xc7\x61\xc5\x5a\xe9\x01\xf5\xf7"
+"\x87\x0f\xa4\xe7\x90\xdf\xd5\x9f\x79\xc5\x5c\x1a\x2c\x29\x8e\x79"
+"\x10\xbc\xb2\xc6\x89\x9d\x95\x65\xa8\x25\xb3\x20\x97\xcc\xdf\x62"
+"\x2f\x9c\x85\x36\xe6\x34\xcc\xc0\xee\x7e\x10\xf6\x07\x57\xed\x2e"
+"\x60\x7e\x5e\xa0\x8e\x4c\xec\xe8\x73\xa3\x55\x4d\x7f\x6d\xff\x8c"
+"\x7a\x8c\x62\x3b\x10\x22\x75\xc0\x0b\x4a\x99\x83\x4d\x09\x80\x36"
+"\x41\x33\x19\x53\x9b\x51\xa6\x92\x82\xd8\x97\xe7\x98\x42\x36\x0d"
+"\x93\xb2\xf4\xbf\x96\xc7\x71\xfb\xc1\xf7\xf0\x94\xa3\x88\x28\xfa"
+"\x7c\xef\x3b\x1c\x77\x72\x23\x9b\xaf\x8c\x6a\xf8\x2b\xb2\xd4\xb9"
+"\xeb\x7f\x9f\xa5\x02\x50\x08\x47\x52\x6c\xaf\xe7\x73\x71\x85\x72"
+"\x49\x6b\xc8\x47\x88\xa7\xd8\xc2\x16\xbf\x3c\xe9\x22\x21\xeb\x54"
+"\xd1\xcd\x43\x18\x08\x8f\xa1\xcf\x1c\x2b\xa7\xfd\x65\x4a\x9d\x12"
+"\x0d\xdb\xd5\xf6\x1a\x97\x64\x83\x3c\x5a\x04\xa8\x15\x9d\x61\xd3"
+"\x43\x2a\x56\x35\xed\x08\xb7\x41\xc6\x49\xba\x02\x14\x59\xab\xca"
+"\x84\x1f\xfb\x67\x3a\x00\xe5\x41\xb8\xd1\x6e\x5c\x9d\x6f\xf2\x76"
+"\x3e\x21\x5d\x34\x5c\x78\x0d\x41\x5a\x4f\x62\x69\x1a\x76\x42\xee"
+"\x84\x6b\x1d\x47\x42\xeb\xb2\x11\x8f\x08\xb8\xc8\xea\xf4\x0d\xf7"
+"\x5d\x51\x4c\x4b\xed\x2d\x1b\x48\x30\x38\x38\x58\x0d\xe3\x2d\x80"
+"\xd9\xfb\xed\xe0\xc4\x55\xfe\x4f\x3f\xcf\x55\x57\x08\xaa\xa8\xa2"
+"\xa5\x5a\xe4\xff\x19\xf2\xae\x29\x74\xb9\x40\xea\xf4\x4d\x58\xac"
+"\x9f\x48\xea\x0f\xe0\xb0\xae\x72\x9f\xd8\x34\x95\x59\x01\x20\x7c"
+"\x98\x5d\xe6\x9f\x37\x23\x52\x8d\xa0\x62\x2b\x3a\x9c\x2e\x31\xe7"
+"\xd5\x75\xcc\x4c\x62\x2f\xa4\x3e\x2e\xb9\xe6\xe1\x4b\x69\xb4\x62"
+"\x31\x03\xfc\x08\xfd\xba\x87\xb9\x79\x3a\x68\x19\x65\x49\x2e\x2c"
+"\x65\x5f\xd8\x60\x07\xf4\x73\x8d\xdf\x37\x7e\x00\x88\xaf\x23\x48"
+"\x8b\xad\x74\x9c\x0b\xa3\x3a\x1a\x4b\xa0\x27\x6f\x04\x8d\xd9\x38",
+ .rlen = 512,
+ .np = 5,
+ .also_non_np = 1,
+ .tap = { 32, 64, 96, 128, 192 },
+},
+{
+ .key =
+"\xd7\x0c\x4c\x6d\x11\x02\xb0\x31\x63\x9b\x82\x76\x9e\x03\x26\xdf",
+ .klen = 16,
+ .iv =
+"\xfd\xd6\xe8\x2f\xfe\xd4\xfe\x42\x23\x4b\x7c\x09\x8c\xde\x4f\x4b",
+ .result =
+"\xff\x7f\xb0\x11\x72\x5a\x91\x4a\xb5\x2d\xb0\x41\x3a\x96\x0d\xa1"
+"\xd9\xbe\x60\x09\x24\x51\x73\xb8\x00\xf0\x48\x1f\x6b\x96\x5b\xe7"
+"\x4d\x47\x88\xc7\xef\x4b\xb4\x33\xa1\x2b\xbe\xdd\x46\x4f\x27\x11"
+"\x8b\x30\x9c\xba\x2c\x7a\xf3\xdb\x48\x54\xbd\xfe\x24\x2f\x83\x91"
+"\x5c\x63\xb9\x12\xd9\xd9\xb9\x71\xcf\x28\x7e\xf8\xe0\xb8\x12\xf7"
+"\x63\xad\xde\x49\xd5\x4d\xa7\x13\x32\xee\x71\x13\x56\x4d\x10\xd5"
+"\x2c\x1d\x8e\x94\x0d\x37\x3d\x7e\x9c\xb4\xeb\xe5\x6f\x12\x30\x7f"
+"\xc3\xa0\xf3\x49\xac\xa6\xab\x1b\xec\xd4\x6c\x95\x2a\x57\xe0\xfa"
+"\x89\x00\x61\xe9\xea\x21\x9a\x2f\x71\xd7\xdb\x11\x52\xb6\x32\x91"
+"\xed\xa3\xdf\xa5\x46\xc1\x50\x5b\xab\x15\x43\x7f\x7d\x82\x34\xf2"
+"\xfa\x6e\x84\xaf\x40\x20\xde\x1f\x90\x39\xab\xdc\xe8\xf3\xf9\x65"
+"\xbc\xdc\xd3\x5c\xcf\xe2\x1b\x43\x08\x68\xd8\x0d\xfb\xc2\x7f\x31"
+"\x91\xb5\x66\x2a\xea\x43\x08\x6d\xa6\xb4\xd3\x0e\x78\x3c\xf1\x6c"
+"\x4d\x27\x47\x7d\x92\x42\xb1\x62\x82\x9f\x13\xdf\x51\xc3\x6b\xec"
+"\x83\x53\xd6\x89\x75\xac\x62\x9a\x89\x7d\xf9\x82\x66\xbe\x93\x6f"
+"\x71\x7d\x01\x79\xec\x10\x10\x50\xe9\x6c\x76\xc6\x7a\xfa\xbb\x69"
+"\x46\x09\x1a\x68\x2f\x07\x28\xf4\xd0\xb6\xb4\x82\xf5\x3a\x90\xdc"
+"\x61\x03\xd9\x8e\xa5\x13\xfd\xdd\xe0\x65\x03\xfb\x78\x6b\x4e\xae"
+"\x7f\x30\xe2\x9e\x39\xb1\x3a\x39\xda\x21\x80\x2c\x09\xdd\xe8\xa2"
+"\x8c\x4a\x2c\x40\x24\x39\xf0\x3f\x7f\x51\x6a\x48\xea\x7b\x68\x3d"
+"\xad\x56\xed\xbe\x86\x0a\x9a\xe6\x9f\x18\x95\x26\x14\x57\x5b\x71"
+"\x9e\x8d\x45\x0d\xad\x23\xb4\x37\xa5\x59\x66\x8c\x13\x8e\x5e\xeb"
+"\xbf\x4a\x0d\x72\xc9\x4a\xcf\x42\xbd\x28\x1f\x91\xad\x55\x81\x78"
+"\x48\xf3\xed\xab\x2b\x6d\x61\xc7\x08\x2c\x07\xcb\x17\xf8\xf1\x7c"
+"\x39\xc8\x44\x63\x3a\x2a\x55\xbe\xe1\xb5\x12\x61\x0a\x4c\x32\x83"
+"\x9a\xa0\xf8\x93\x8c\xfa\x45\x92\x4e\xad\x48\xd9\x84\xe8\x0d\x7a"
+"\xca\xad\xbf\xd2\x5a\x1d\x58\x67\x57\x68\xca\x2f\x40\xa5\x1c\x38"
+"\x2a\xde\xa7\x57\x87\x4f\x11\x97\x3e\x11\xe7\x58\x54\xbd\x06\x48"
+"\xf7\x60\x45\x5b\x9d\x08\x5a\xef\xf9\x28\xa5\xf5\x48\x5c\x9c\xa0"
+"\x96\x76\x56\x51\x40\xec\xbe\xdb\x6e\xba\x4b\xb0\xa2\xe9\x55\xe6"
+"\xb7\x7e\x8a\x06\x3b\xeb\x17\xeb\xe6\xd9\xf6\xb2\xa1\x8c\x9e\xcc"
+"\xf3\x89\xd5\x78\x29\x1f\x74\x60\xe2\x61\x72\x78\x05\x52\x23\x07"
+"\x2a\x46\x85\x3c\xcf\x12\x9a\x9d\x3d\xf0\x93\x0e\xd2\x22\x63\x07"
+"\x01\x8b\x96\x73\xb5\x26\x29\xf5\x4f\x90\xf9\x37\x55\x76\x15\x02"
+"\xe8\x4c\x56\x3e\xf1\x14\xaf\x34\x0d\xa8\xde\xee\x0e\x13\xfa\xb8"
+"\xe4\xb7\x6d\x71\x37\xdb\x1e\x42\xdd\xca\xec\xe1\x99\xf9\xc7\x18"
+"\x16\xb0\x41\xd0\xfe\x9a\xa6\xa0\x7a\x5e\x5d\x0a\x96\x4c\x52\x44"
+"\x9a\x29\x69\x09\xa2\x0e\x5a\x1e\xc2\xb3\x5e\xca\x25\xc0\xe1\xa9"
+"\xd1\x41\x7f\x82\xaf\x1f\xf4\x3c\xf8\x3d\x65\xae\xf0\xa2\x1a\x8f"
+"\x41\xdb\x01\x11\x4c\x01\xcb\x24\xb3\xec\xbb\xf3\xe5\x1b\x53\xf0"
+"\x7a\x81\x01\x61\xa2\x8e\xa4\xd0\xaa\x8f\xa1\x71\xc1\x15\x15\xda"
+"\xf3\x7b\x32\x87\xa6\xb7\x7f\x2b\xac\x2b\x28\xfc\xe4\x1a\x94\xab"
+"\x19\xc9\x13\x72\x33\xfa\x42\xec\x6f\x3f\xe1\xe0\xc7\x23\x4b\x17"
+"\xeb\x89\xd3\x1f\x49\xe1\x49\x56\xee\xe3\x82\x46\x43\x00\x80\xbc"
+"\xa3\xfe\x31\xbc\xc9\xcd\x61\x5b\x7a\xf9\xf7\xb7\x48\x98\xbf\xdc"
+"\x79\xca\x71\x3b\xb0\xda\x08\x1e\x25\x97\x83\xd7\x21\x2c\xaa\xc0"
+"\x5c\xfd\x7f\xc4\x30\xd8\x7b\x59\x35\x49\x62\x0f\x4c\x03\x02\xe5"
+"\x73\x63\x61\x0b\x69\x2f\x7d\xb3\x99\xc9\x6b\x0a\x29\x9b\xda\xbe"
+"\x98\xdc\x2c\x29\x28\x9a\x75\x2e\xf1\x11\xd3\x71\x5b\x20\x45\x5b"
+"\xb7\x5e\xc1\xd1\xcc\x4e\x5a\x0d\xa5\x70\xa6\x56\xb8\x80\x8c\x97"
+"\x9d\x65\x8d\xec\xa0\x15\x45\xe6\x04\xd8\x3b\x6b\x36\x3f\x71\x58"
+"\x9e\x7a\x9c\xd2\x44\x86\xbf\x89\xa6\x80\x5d\x5e\x99\xc9\x7e\x56"
+"\x76\x17\x02\x98\x5b\xbb\xa0\xe5\xe5\x10\x25\x3e\x82\xc7\xe0\x91"
+"\x77\x39\x50\x9c\x3d\x2a\x91\x03\x13\x6d\x6d\xd3\xc6\x68\xd3\xa0"
+"\x88\xbc\x24\x5d\xf1\x26\x19\xf4\xb0\x74\x51\x93\x17\xcf\x67\x6c"
+"\x72\x30\xed\x39\xfe\x59\x54\x88\x84\x70\x56\x11\xaf\x41\x66\xa5"
+"\xf9\xf0\x95\xdb\x80\xb8\xae\x2f\xb7\xc3\x65\x72\xd2\xec\xaf\x5f"
+"\xf9\x30\x1e\x5b\x45\x7f\x38\xd5\x03\x02\x60\xaa\xf9\xb7\xd9\xfc"
+"\xa2\x5c\x46\x3e\x9c\xe6\xd6\x8e\x95\x54\xbf\xd8\xe6\xe4\x4b\xc0"
+"\x4c\xa1\x4c\x2c\xb3\xc4\x9f\xef\xeb\x39\x70\x77\xac\xf9\x1f\xb6"
+"\x06\xa2\x53\x7d\x18\xc8\xf8\xda\x8e\x82\x97\x4f\xdd\xd5\x19\x2f"
+"\xa2\x70\x4a\xbd\x5a\x15\x70\xb6\x55\x04\x14\xba\x0a\x04\xdc\x8e"
+"\xaf\xf2\x52\xd5\x90\x4c\x30\xd3\x29\x53\x1c\x66\x37\x5f\x8e\xfc"
+"\x45\x83\xd9\xac\x75\x9e\x0f\x66\x51\xc0\x8a\xc5\x34\x25\x9e\x3b",
+ .ilen = 1024,
+ .input =
+"\xa8\x47\xa1\x1d\xcb\xa3\x88\xae\x42\xab\x6d\xf2\x82\xc2\xed\xd5"
+"\x66\x42\x09\x85\x28\x7d\x49\x6f\x37\xdc\xff\x1c\x7e\x33\xc9\xcd"
+"\x6e\xe9\x33\x36\x01\x62\x1d\x67\x77\x6a\x97\xbf\xb1\xdc\x2f\x98"
+"\x2c\xdb\xac\x44\x9d\xed\x31\x7d\x2d\x41\x4b\xd1\x66\x40\x62\x74"
+"\xdc\x00\xd0\x05\xdc\x54\x4c\x63\xeb\xd9\x42\xe1\xdf\xc4\xde\xdd"
+"\xb6\xb8\x93\xfd\x25\x39\x2d\x7f\x85\xf8\x15\xc3\xbc\xbf\x0b\x95"
+"\x11\xef\x57\x0d\x15\x49\x07\xce\x42\xb0\x50\xe1\x07\xb4\x81\x71"
+"\x35\x71\x4b\x66\x89\x7f\x94\x13\x3e\x57\x43\xc3\x36\x28\xcd\xdd"
+"\xc9\x06\x68\xf8\xf3\x09\x3d\x86\x12\x52\x06\xa9\xe9\x83\x2d\x8f"
+"\x90\xfa\x42\xfe\x79\x3f\x68\x4c\x7b\xfa\x94\xa7\xf7\x16\xc7\x41"
+"\x09\xae\xe2\x82\xb5\x2b\xbc\xca\x65\x65\x2c\x27\x2c\x07\x50\x83"
+"\x2d\xad\x55\xaf\x35\xcc\x6a\xc5\x7c\xd8\xed\x75\x91\x9d\x73\xcb"
+"\x4c\xa5\x8f\xc4\x4f\xda\xa8\xb9\xb6\xa7\xb1\x1a\x75\xb4\x08\xbc"
+"\xb2\x90\x50\xfd\x1f\x05\xa8\x88\x35\x81\xb0\xc9\xac\xbc\x25\x7a"
+"\x95\x33\x02\x2b\x74\xe0\x95\x11\x88\xf7\xc3\x63\xb3\x7b\x09\xd5"
+"\xac\x22\x04\x67\x16\xea\xd6\x37\x38\x8e\xa5\xbd\x62\xa2\x1f\xa5"
+"\x04\x31\x89\xdf\x69\xb1\xde\xe3\x7c\x9d\x7b\x27\xba\x0a\x74\xdc"
+"\x06\x1c\xcd\x6e\x4b\x52\xe7\x6d\x34\x29\x38\xe2\x19\xfc\x0c\xc4"
+"\x78\x03\x1d\x53\x98\x00\x5c\x7a\xec\x23\x5f\x95\xd5\xb3\x16\xde"
+"\xc2\x17\xc2\x0c\x13\x63\x0a\x4b\x7e\x6c\xc7\xbc\x4a\xd0\xae\x29"
+"\xc0\x50\x16\x6f\x01\x2b\xdc\x40\x9f\x91\x8f\xa3\xaf\xd4\x40\xa8"
+"\x2e\x09\x7c\xf4\x3d\x85\xe6\xd9\x3c\x78\x7c\xf1\x6d\xe4\x13\x00"
+"\x98\xf5\xb4\x06\x9f\x90\x0a\x3e\x9f\x51\x0f\xbb\x0f\x13\x07\xc0"
+"\xfd\x26\x53\x24\x24\xf7\x21\x41\xcf\x20\x9d\x77\xe4\xe0\x52\x2a"
+"\x48\xd9\xeb\x65\xce\xf3\x90\x03\x47\x8d\x2b\x77\x54\x46\xda\xff"
+"\x15\x3d\xa5\xd9\x5a\xb6\xd3\xdf\x9c\x91\xc3\xf2\xd2\xdf\xd7\x8c"
+"\x1d\x83\x77\x47\xcd\x74\x23\x44\x04\x06\x8e\x64\x62\x29\xe5\xa0"
+"\xf7\xa7\xc7\xb7\x84\xdb\x9c\x5c\x04\x7f\xca\xb3\x85\x2c\x44\xa6"
+"\x09\x0e\xa3\x2c\x52\x42\x25\x02\x63\x99\xd0\xa5\x27\x61\x64\x4f"
+"\x65\xd7\x31\x56\x24\x97\xb0\x2d\xbb\x0c\xbe\x06\x68\x8a\x2e\xa3"
+"\x0c\xb9\x05\x52\xdb\xbd\x7e\x89\x60\x2e\x28\x76\xba\x5a\x94\xb6"
+"\x94\xc4\xf6\x68\x50\x35\x24\x7b\x2b\x04\x0e\x4c\xf3\x17\x54\xcb"
+"\xcd\x32\x18\x60\xff\xc9\xfe\xe1\x83\xe4\xe6\x9b\x5e\xd8\x21\xbf"
+"\xbf\x69\x01\x3a\x03\xc6\x9f\xe5\xd4\xdf\x01\x20\x8e\xea\x5b\xe1"
+"\xbd\x46\x3c\x3a\x60\x30\xa0\x48\xa0\x07\x82\x27\x4e\x03\xc3\x15"
+"\x98\x1f\xea\x4f\x8c\x90\x4d\xb1\xc5\x90\x40\x59\xda\x5b\x02\x65"
+"\x07\xb9\x64\xe7\x4c\x76\x70\x16\x8a\xc3\xf9\x4f\xed\x25\x47\xaa"
+"\x3b\x49\x8f\xf6\xf0\x71\x94\x34\xda\x29\x0f\x4e\xd4\x95\x3b\xe3"
+"\xef\x99\x3b\x1c\xf7\x09\x5d\xe0\x0d\x03\xe6\x9d\x47\x4c\x8c\xe8"
+"\x26\xb6\x30\x1b\x81\xdc\xa5\x5a\xf1\x04\x18\xf3\xaf\x81\xa2\x7e"
+"\xce\x8b\x33\xfc\xf2\xb1\x5a\x06\xd1\xb9\x59\x73\xd7\xda\x85\xd9"
+"\x30\x73\x98\x4d\x63\x50\x66\x71\x15\x88\x9a\x5d\xd5\x25\x40\x9a"
+"\xe3\x9c\x0b\x4f\xd8\xf5\xbf\xb3\xec\x02\x95\xca\x90\x07\x5d\x99"
+"\x9e\x16\xa2\x18\xa5\xa2\x03\xb1\x16\x6b\x4e\x32\xab\x19\x29\x55"
+"\xcc\xbe\xa8\x7b\xf7\x68\x64\x0e\xc0\x54\x91\x6d\x19\xec\xe9\x8c"
+"\x56\x5e\x71\xa5\x73\x50\x5d\x0d\xd3\xb2\x31\xca\x97\x7b\xf8\x6e"
+"\xfd\xb9\x47\x9b\x17\xf9\x56\x3a\xc6\xb0\x52\x45\x4f\x4a\x13\xe9"
+"\xb7\x64\x02\xdb\xe8\x67\xa3\x9e\xe4\xd9\x49\xc4\xf3\x27\xe3\xb0"
+"\xad\x6e\x51\x65\x14\x4f\xb2\x4b\x8a\xd6\x87\x17\x8c\xe2\x7a\xa1"
+"\x13\xbb\x8c\x7c\x3e\x69\xd2\x29\x06\x36\xf3\x55\x80\xcc\x0e\xa5"
+"\x18\x5a\x5f\xcb\x15\x2e\x7c\x62\xff\x3f\xe7\x7b\xd8\xe4\xa6\x9c"
+"\x4c\x5b\x55\x73\x4a\x0d\x21\x07\xf9\x79\xcb\x17\x51\x06\xf3\xcc"
+"\xfc\x08\x72\x6e\xbc\x04\xe2\x6d\xd8\x52\x1d\x29\x7e\x7a\x06\x8d"
+"\x87\x65\x2e\x2e\x7c\x07\x77\x3a\x35\x4d\x3a\x13\xd3\xf6\xc2\x1f"
+"\x2d\x5d\x14\xa5\x04\xe5\xc5\x7b\xd6\xa9\x70\x4b\x43\x21\x93\xdf"
+"\xe4\xf1\xf8\x75\xf1\x65\x9c\xf8\x0b\x07\x31\xdc\xf2\xba\x06\x91"
+"\xe1\x84\x87\x34\x2d\xdd\xa7\x87\xc0\xc2\x4d\x8d\xe0\x18\x70\xbb"
+"\xe3\x3e\x13\x48\xfc\xf4\x13\x85\xc4\x65\xcf\xe4\x43\x98\x14\x8f"
+"\xf4\x17\x62\x27\x39\xe5\xb6\x45\x76\x61\x78\x0b\x3d\x48\xb3\x41"
+"\xa6\xca\x7c\xed\x52\x19\x99\xea\x73\xc9\xd0\x0b\xeb\xbb\x5a\x69"
+"\x44\x3d\xb2\x81\x25\xb0\x2f\x08\xf0\x8c\x32\xa9\xf0\x79\x3c\x42"
+"\xc3\xdc\x9e\xd1\xec\x93\x49\xc9\x82\x0e\x13\x12\xb3\x8a\x98\x1b"
+"\x35\xe1\x4a\xef\xb4\x73\x28\x1a\x17\x96\xe2\x9a\x50\xc8\xd5\x98"
+"\xec\x96\x6f\x81\x05\x37\xee\x8b\x93\x12\x7c\x41\x26\xd5\x9c\x05",
+ .rlen = 1024,
+ /* limit to maximum of 8 */
+ .np = 8,
+ .also_non_np = 1,
+ .tap = { 32, 64, 96, 128, 192, 32, 64, 96+128+192 },
+},
+};
+#define AES_CBC_DEC_TV_TEMPLATE_RNDDATA_KEY16_VEC_COUNT 16
+
+#endif /* CONFIG_CRYPTO_AES_CBC_MB */
+
#endif /* _CRYPTO_TESTMGR_H */
--
1.9.1
^ permalink raw reply related
* [PATCH v5 4/7] crypto: AES CBC by8 encryption
From: Megha Dey @ 2016-09-26 17:27 UTC (permalink / raw)
To: herbert, davem; +Cc: linux-crypto, tim.c.chen, megha.dey, Megha Dey
In-Reply-To: <1474910859-11713-1-git-send-email-megha.dey@linux.intel.com>
From: Tim Chen <tim.c.chen@linux.intel.com>
This patch introduces the assembly routine to do a by8 AES CBC encryption
in support of the AES CBC multi-buffer implementation.
It encrypts 8 data streams of the same key size simultaneously.
Originally-by: Chandramouli Narayanan <mouli_7982@yahoo.com>
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
---
arch/x86/crypto/aes-cbc-mb/aes_cbc_enc_x8.S | 775 ++++++++++++++++++++++++++++
1 file changed, 775 insertions(+)
create mode 100644 arch/x86/crypto/aes-cbc-mb/aes_cbc_enc_x8.S
diff --git a/arch/x86/crypto/aes-cbc-mb/aes_cbc_enc_x8.S b/arch/x86/crypto/aes-cbc-mb/aes_cbc_enc_x8.S
new file mode 100644
index 0000000..2130574
--- /dev/null
+++ b/arch/x86/crypto/aes-cbc-mb/aes_cbc_enc_x8.S
@@ -0,0 +1,775 @@
+/*
+ * AES CBC by8 multibuffer optimization (x86_64)
+ * This file implements 128/192/256 bit AES CBC encryption
+ *
+ *
+ * This file is provided under a dual BSD/GPLv2 license. When using or
+ * redistributing this file, you may do so under either license.
+ *
+ * GPL LICENSE SUMMARY
+ *
+ * Copyright(c) 2016 Intel Corporation.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * Contact Information:
+ * James Guilford <james.guilford@intel.com>
+ * Sean Gulley <sean.m.gulley@intel.com>
+ * Tim Chen <tim.c.chen@linux.intel.com>
+ * Megha Dey <megha.dey@linux.intel.com>
+ *
+ * BSD LICENSE
+ *
+ * Copyright(c) 2016 Intel Corporation.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * Redistributions of source code must retain the above copyright
+ * notice, this list of conditions and the following disclaimer.
+ * Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in
+ * the documentation and/or other materials provided with the
+ * distribution.
+ * Neither the name of Intel Corporation nor the names of its
+ * contributors may be used to endorse or promote products derived
+ * from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+#include <linux/linkage.h>
+
+/* stack size needs to be an odd multiple of 8 for alignment */
+
+#define AES_KEYSIZE_128 16
+#define AES_KEYSIZE_192 24
+#define AES_KEYSIZE_256 32
+
+#define XMM_SAVE_SIZE 16*10
+#define GPR_SAVE_SIZE 8*9
+#define STACK_SIZE (XMM_SAVE_SIZE + GPR_SAVE_SIZE)
+
+#define GPR_SAVE_REG %rsp
+#define GPR_SAVE_AREA %rsp + XMM_SAVE_SIZE
+#define LEN_AREA_OFFSET XMM_SAVE_SIZE + 8*8
+#define LEN_AREA_REG %rsp
+#define LEN_AREA %rsp + XMM_SAVE_SIZE + 8*8
+
+#define IN_OFFSET 0
+#define OUT_OFFSET 8*8
+#define KEYS_OFFSET 16*8
+#define IV_OFFSET 24*8
+
+
+#define IDX %rax
+#define TMP %rbx
+#define ARG %rdi
+#define LEN %rsi
+
+#define KEYS0 %r14
+#define KEYS1 %r15
+#define KEYS2 %rbp
+#define KEYS3 %rdx
+#define KEYS4 %rcx
+#define KEYS5 %r8
+#define KEYS6 %r9
+#define KEYS7 %r10
+
+#define IN0 %r11
+#define IN2 %r12
+#define IN4 %r13
+#define IN6 LEN
+
+#define XDATA0 %xmm0
+#define XDATA1 %xmm1
+#define XDATA2 %xmm2
+#define XDATA3 %xmm3
+#define XDATA4 %xmm4
+#define XDATA5 %xmm5
+#define XDATA6 %xmm6
+#define XDATA7 %xmm7
+
+#define XKEY0_3 %xmm8
+#define XKEY1_4 %xmm9
+#define XKEY2_5 %xmm10
+#define XKEY3_6 %xmm11
+#define XKEY4_7 %xmm12
+#define XKEY5_8 %xmm13
+#define XKEY6_9 %xmm14
+#define XTMP %xmm15
+
+#define MOVDQ movdqu /* assume buffers not aligned */
+#define CONCAT(a, b) a##b
+#define INPUT_REG_SUFX 1 /* IN */
+#define XDATA_REG_SUFX 2 /* XDAT */
+#define KEY_REG_SUFX 3 /* KEY */
+#define XMM_REG_SUFX 4 /* XMM */
+
+/*
+ * To avoid positional parameter errors while compiling
+ * three registers need to be passed
+ */
+.text
+
+.macro pxor2 x, y, z
+ MOVDQ (\x,\y), XTMP
+ pxor XTMP, \z
+.endm
+
+.macro inreg n
+ .if (\n == 0)
+ reg_IN = IN0
+ .elseif (\n == 2)
+ reg_IN = IN2
+ .elseif (\n == 4)
+ reg_IN = IN4
+ .elseif (\n == 6)
+ reg_IN = IN6
+ .else
+ error "inreg: incorrect register number"
+ .endif
+.endm
+.macro xdatareg n
+ .if (\n == 0)
+ reg_XDAT = XDATA0
+ .elseif (\n == 1)
+ reg_XDAT = XDATA1
+ .elseif (\n == 2)
+ reg_XDAT = XDATA2
+ .elseif (\n == 3)
+ reg_XDAT = XDATA3
+ .elseif (\n == 4)
+ reg_XDAT = XDATA4
+ .elseif (\n == 5)
+ reg_XDAT = XDATA5
+ .elseif (\n == 6)
+ reg_XDAT = XDATA6
+ .elseif (\n == 7)
+ reg_XDAT = XDATA7
+ .endif
+.endm
+.macro xkeyreg n
+ .if (\n == 0)
+ reg_KEY = KEYS0
+ .elseif (\n == 1)
+ reg_KEY = KEYS1
+ .elseif (\n == 2)
+ reg_KEY = KEYS2
+ .elseif (\n == 3)
+ reg_KEY = KEYS3
+ .elseif (\n == 4)
+ reg_KEY = KEYS4
+ .elseif (\n == 5)
+ reg_KEY = KEYS5
+ .elseif (\n == 6)
+ reg_KEY = KEYS6
+ .elseif (\n == 7)
+ reg_KEY = KEYS7
+ .endif
+.endm
+.macro xmmreg n
+ .if (\n >= 0) && (\n < 16)
+ /* Valid register number */
+ reg_XMM = %xmm\n
+ .else
+ error "xmmreg: incorrect register number"
+ .endif
+.endm
+
+/*
+ * suffix - register suffix
+ * set up the register name using the loop index I
+ */
+.macro define_reg suffix
+.altmacro
+ .if (\suffix == INPUT_REG_SUFX)
+ inreg %I
+ .elseif (\suffix == XDATA_REG_SUFX)
+ xdatareg %I
+ .elseif (\suffix == KEY_REG_SUFX)
+ xkeyreg %I
+ .elseif (\suffix == XMM_REG_SUFX)
+ xmmreg %I
+ .else
+ error "define_reg: unknown register suffix"
+ .endif
+.noaltmacro
+.endm
+
+/*
+ * aes_cbc_enc_x8 key_len
+ * macro to encode data for 128bit, 192bit and 256bit keys
+ */
+
+.macro aes_cbc_enc_x8 key_len
+
+ sub $STACK_SIZE, %rsp
+
+ mov %rbx, (XMM_SAVE_SIZE + 8*0)(GPR_SAVE_REG)
+ mov %rbp, (XMM_SAVE_SIZE + 8*3)(GPR_SAVE_REG)
+ mov %r12, (XMM_SAVE_SIZE + 8*4)(GPR_SAVE_REG)
+ mov %r13, (XMM_SAVE_SIZE + 8*5)(GPR_SAVE_REG)
+ mov %r14, (XMM_SAVE_SIZE + 8*6)(GPR_SAVE_REG)
+ mov %r15, (XMM_SAVE_SIZE + 8*7)(GPR_SAVE_REG)
+
+ mov $16, IDX
+ shl $4, LEN /* LEN = LEN * 16 */
+ /* LEN is now in terms of bytes */
+ mov LEN, (LEN_AREA_OFFSET)(LEN_AREA_REG)
+
+ /* Run through storing arguments in IN0,2,4,6 */
+ I = 0
+ .rept 4
+ define_reg INPUT_REG_SUFX
+ mov (IN_OFFSET + 8*I)(ARG), reg_IN
+ I = (I + 2)
+ .endr
+
+ /* load 1 .. 8 blocks of plain text into XDATA0..XDATA7 */
+ I = 0
+ .rept 4
+ mov (IN_OFFSET + 8*(I+1))(ARG), TMP
+ define_reg INPUT_REG_SUFX
+ define_reg XDATA_REG_SUFX
+ /* load first block of plain text */
+ MOVDQ (reg_IN), reg_XDAT
+ I = (I + 1)
+ define_reg XDATA_REG_SUFX
+ /* load next block of plain text */
+ MOVDQ (TMP), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* Run through XDATA0 .. XDATA7 to perform plaintext XOR IV */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ pxor (IV_OFFSET + 16*I)(ARG), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ I = 0
+ .rept 8
+ define_reg KEY_REG_SUFX
+ mov (KEYS_OFFSET + 8*I)(ARG), reg_KEY
+ I = (I + 1)
+ .endr
+
+ I = 0
+ /* 0..7 ARK */
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ pxor 16*0(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ I = 0
+ /* 1. ENC */
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*1)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ movdqa 16*3(KEYS0), XKEY0_3 /* load round 3 key */
+
+ I = 0
+ /* 2. ENC */
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*2)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ movdqa 16*4(KEYS1), XKEY1_4 /* load round 4 key */
+
+ /* 3. ENC */
+ aesenc XKEY0_3, XDATA0
+ I = 1
+ .rept 7
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*3)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /*
+ * FIXME:
+ * why can't we reorder encrypt DATA0..DATA7 and load 5th round?
+ */
+ aesenc (16*4)(KEYS0), XDATA0 /* 4. ENC */
+ movdqa 16*5(KEYS2), XKEY2_5 /* load round 5 key */
+ aesenc XKEY1_4, XDATA1 /* 4. ENC */
+
+ I = 2
+ .rept 6
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*4)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ aesenc (16*5)(KEYS0), XDATA0 /* 5. ENC */
+ aesenc (16*5)(KEYS1), XDATA1 /* 5. ENC */
+ movdqa 16*6(KEYS3), XKEY3_6 /* load round 6 key */
+ aesenc XKEY2_5, XDATA2 /* 5. ENC */
+ I = 3
+ .rept 5
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*5)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ aesenc (16*6)(KEYS0), XDATA0 /* 6. ENC */
+ aesenc (16*6)(KEYS1), XDATA1 /* 6. ENC */
+ aesenc (16*6)(KEYS2), XDATA2 /* 6. ENC */
+ movdqa 16*7(KEYS4), XKEY4_7 /* load round 7 key */
+ aesenc XKEY3_6, XDATA3 /* 6. ENC */
+
+ I = 4
+ .rept 4
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*6)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ I = 0
+ .rept 4
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*7)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ movdqa 16*8(KEYS5), XKEY5_8 /* load round 8 key */
+ aesenc XKEY4_7, XDATA4 /* 7. ENC */
+ I = 5
+ .rept 3
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*7)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ I = 0
+ .rept 5
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*8)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ movdqa 16*9(KEYS6), XKEY6_9 /* load round 9 key */
+ aesenc XKEY5_8, XDATA5 /* 8. ENC */
+ aesenc 16*8(KEYS6), XDATA6 /* 8. ENC */
+ aesenc 16*8(KEYS7), XDATA7 /* 8. ENC */
+
+ I = 0
+ .rept 6
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*9)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ mov (OUT_OFFSET + 8*0)(ARG), TMP
+ aesenc XKEY6_9, XDATA6 /* 9. ENC */
+ aesenc 16*9(KEYS7), XDATA7 /* 9. ENC */
+
+ /* 10. ENC (last for 128bit keys) */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ .if (\key_len == AES_KEYSIZE_128)
+ aesenclast (16*10)(reg_KEY), reg_XDAT
+ .else
+ aesenc (16*10)(reg_KEY), reg_XDAT
+ .endif
+ I = (I + 1)
+ .endr
+
+ .if (\key_len != AES_KEYSIZE_128)
+ /* 11. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*11)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 12. ENC (last for 192bit key) */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ .if (\key_len == AES_KEYSIZE_192)
+ aesenclast (16*12)(reg_KEY), reg_XDAT
+ .else
+ aesenc (16*12)(reg_KEY), reg_XDAT
+ .endif
+ I = (I + 1)
+ .endr
+
+ /* for 256bit, two more rounds */
+ .if \key_len == AES_KEYSIZE_256
+
+ /* 13. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc (16*13)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 14. ENC last encode for 256bit key */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenclast (16*14)(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ .endif
+
+ .endif
+
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ MOVDQ reg_XDAT, (TMP) /* write back ciphertext */
+ I = (I + 1)
+ .if (I < 8)
+ mov (OUT_OFFSET + 8*I)(ARG), TMP
+ .endif
+ .endr
+
+ cmp IDX, LEN_AREA_OFFSET(LEN_AREA_REG)
+ je .Ldone\key_len
+
+.Lmain_loop\key_len:
+ mov (IN_OFFSET + 8*1)(ARG), TMP
+ pxor2 IN0, IDX, XDATA0 /* next block of plain text */
+ pxor2 TMP, IDX, XDATA1 /* next block of plain text */
+
+ mov (IN_OFFSET + 8*3)(ARG), TMP
+ pxor2 IN2, IDX, XDATA2 /* next block of plain text */
+ pxor2 TMP, IDX, XDATA3 /* next block of plain text */
+
+ mov (IN_OFFSET + 8*5)(ARG), TMP
+ pxor2 IN4, IDX, XDATA4 /* next block of plain text */
+ pxor2 TMP, IDX, XDATA5 /* next block of plain text */
+
+ mov (IN_OFFSET + 8*7)(ARG), TMP
+ pxor2 IN6, IDX, XDATA6 /* next block of plain text */
+ pxor2 TMP, IDX, XDATA7 /* next block of plain text */
+
+ /* 0. ARK */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ pxor 16*0(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 1. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*1(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 2. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*2(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 3. ENC */
+ aesenc XKEY0_3, XDATA0 /* 3. ENC */
+ I = 1
+ .rept 7
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*3(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 4. ENC */
+ aesenc 16*4(KEYS0), XDATA0 /* 4. ENC */
+ aesenc XKEY1_4, XDATA1 /* 4. ENC */
+ I = 2
+ .rept 6
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*4(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 5. ENC */
+ aesenc 16*5(KEYS0), XDATA0 /* 5. ENC */
+ aesenc 16*5(KEYS1), XDATA1 /* 5. ENC */
+ aesenc XKEY2_5, XDATA2 /* 5. ENC */
+
+ I = 3
+ .rept 5
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*5(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 6. ENC */
+ I = 0
+ .rept 3
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*6(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ aesenc XKEY3_6, XDATA3 /* 6. ENC */
+ I = 4
+ .rept 4
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*6(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 7. ENC */
+ I = 0
+ .rept 4
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*7(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ aesenc XKEY4_7, XDATA4 /* 7. ENC */
+ I = 5
+ .rept 3
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*7(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 8. ENC */
+ I = 0
+ .rept 5
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*8(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ aesenc XKEY5_8, XDATA5 /* 8. ENC */
+ aesenc 16*8(KEYS6), XDATA6 /* 8. ENC */
+ aesenc 16*8(KEYS7), XDATA7 /* 8. ENC */
+
+ /* 9. ENC */
+ I = 0
+ .rept 6
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*9(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ mov (OUT_OFFSET + 8*0)(ARG), TMP
+ aesenc XKEY6_9, XDATA6 /* 9. ENC */
+ aesenc 16*9(KEYS7), XDATA7 /* 9. ENC */
+
+ /* 10. ENC (last for 128 bit key) */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ .if (\key_len == AES_KEYSIZE_128)
+ aesenclast 16*10(reg_KEY), reg_XDAT
+ .else
+ aesenc 16*10(reg_KEY), reg_XDAT
+ .endif
+ I = (I + 1)
+ .endr
+
+ .if (\key_len != AES_KEYSIZE_128)
+ /* 11. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*11(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 12. last ENC for 192bit key */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ .if (\key_len == AES_KEYSIZE_192)
+ aesenclast 16*12(reg_KEY), reg_XDAT
+ .else
+ aesenc 16*12(reg_KEY), reg_XDAT
+ .endif
+ I = (I + 1)
+ .endr
+
+ .if \key_len == AES_KEYSIZE_256
+ /* for 256bit, two more rounds */
+ /* 13. ENC */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenc 16*13(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+
+ /* 14. last ENC for 256bit key */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ define_reg KEY_REG_SUFX
+ aesenclast 16*14(reg_KEY), reg_XDAT
+ I = (I + 1)
+ .endr
+ .endif
+ .endif
+
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ /* write back cipher text */
+ MOVDQ reg_XDAT, (TMP , IDX)
+ I = (I + 1)
+ .if (I < 8)
+ mov (OUT_OFFSET + 8*I)(ARG), TMP
+ .endif
+ .endr
+
+ add $16, IDX
+ cmp IDX, LEN_AREA_OFFSET(LEN_AREA_REG)
+ jne .Lmain_loop\key_len
+
+.Ldone\key_len:
+ /* update IV */
+ I = 0
+ .rept 8
+ define_reg XDATA_REG_SUFX
+ movdqa reg_XDAT, (IV_OFFSET + 16*I)(ARG)
+ I = (I + 1)
+ .endr
+
+ /* update IN and OUT */
+ movd LEN_AREA_OFFSET(LEN_AREA_REG), %xmm0
+ pshufd $0x44, %xmm0, %xmm0
+
+ I = 1
+ .rept 4
+ define_reg XMM_REG_SUFX
+ movdqa (IN_OFFSET + 16*(I-1))(ARG), reg_XMM
+ I = (I + 1)
+ .endr
+
+ paddq %xmm0, %xmm1
+ paddq %xmm0, %xmm2
+ paddq %xmm0, %xmm3
+ paddq %xmm0, %xmm4
+
+ I = 5
+ .rept 4
+ define_reg XMM_REG_SUFX
+ movdqa (OUT_OFFSET + 16*(I-5))(ARG), reg_XMM
+ I = (I + 1)
+ .endr
+
+ I = 1
+ .rept 4
+ define_reg XMM_REG_SUFX
+ movdqa reg_XMM, (IN_OFFSET + 16*(I-1))(ARG)
+ I = (I + 1)
+ .endr
+
+ paddq %xmm0, %xmm5
+ paddq %xmm0, %xmm6
+ paddq %xmm0, %xmm7
+ paddq %xmm0, %xmm8
+
+ I = 5
+ .rept 4
+ define_reg XMM_REG_SUFX
+ movdqa reg_XMM, (OUT_OFFSET + 16*(I-5))(ARG)
+ I = (I + 1)
+ .endr
+
+ mov (XMM_SAVE_SIZE + 8*0)(GPR_SAVE_REG), %rbx
+ mov (XMM_SAVE_SIZE + 8*3)(GPR_SAVE_REG), %rbp
+ mov (XMM_SAVE_SIZE + 8*4)(GPR_SAVE_REG), %r12
+ mov (XMM_SAVE_SIZE + 8*5)(GPR_SAVE_REG), %r13
+ mov (XMM_SAVE_SIZE + 8*6)(GPR_SAVE_REG), %r14
+ mov (XMM_SAVE_SIZE + 8*7)(GPR_SAVE_REG), %r15
+
+ add $STACK_SIZE, %rsp
+
+ ret
+.endm
+
+/*
+ * AES CBC encryption routine supporting 128/192/256 bit keys
+ *
+ * void aes_cbc_enc_128_x8(struct aes_cbc_args_x8 *args, u64 len);
+ * arg 1: rcx : addr of AES_ARGS_x8 structure
+ * arg 2: rdx : len (in units of 16-byte blocks)
+ * void aes_cbc_enc_192_x8(struct aes_cbc_args_x8 *args, u64 len);
+ * arg 1: rcx : addr of aes_cbc_args_x8 structure
+ * arg 2: rdx : len (in units of 16-byte blocks)
+ * void aes_cbc_enc_256_x8(struct aes_cbc_args_x8 *args, u64 len);
+ * arg 1: rcx : addr of aes_cbc_args_x8 structure
+ * arg 2: rdx : len (in units of 16-byte blocks)
+ */
+
+ENTRY(aes_cbc_enc_128_x8)
+
+ aes_cbc_enc_x8 AES_KEYSIZE_128
+
+ENDPROC(aes_cbc_enc_128_x8)
+
+ENTRY(aes_cbc_enc_192_x8)
+
+ aes_cbc_enc_x8 AES_KEYSIZE_192
+
+ENDPROC(aes_cbc_enc_192_x8)
+
+ENTRY(aes_cbc_enc_256_x8)
+
+ aes_cbc_enc_x8 AES_KEYSIZE_256
+
+ENDPROC(aes_cbc_enc_256_x8)
--
1.9.1
^ permalink raw reply related
* [PATCH v5 5/7] crypto: AES CBC multi-buffer glue code
From: Megha Dey @ 2016-09-26 17:27 UTC (permalink / raw)
To: herbert, davem; +Cc: linux-crypto, tim.c.chen, megha.dey, Megha Dey
In-Reply-To: <1474910859-11713-1-git-send-email-megha.dey@linux.intel.com>
From: Tim Chen <tim.c.chen@linux.intel.com>
This patch introduces the multi-buffer job manager which is responsible
for submitting scatter-gather buffers from several AES CBC jobs
to the multi-buffer algorithm. The glue code interfaces with the
underlying algorithm that handles 8 data streams of AES CBC encryption
in parallel. AES key expansion and CBC decryption requests are performed
in a manner similar to the existing AESNI Intel glue driver.
The outline of the algorithm for AES CBC encryption requests is
sketched below:
Any driver requesting the crypto service will place an async crypto
request on the workqueue. The multi-buffer crypto daemon will pull an
AES CBC encryption request from work queue and put each request in an
empty data lane for multi-buffer crypto computation. When all the empty
lanes are filled, computation will commence on the jobs in parallel and
the job with the shortest remaining buffer will get completed and be
returned. To prevent prolonged stall, when no new jobs arrive, we will
flush workqueue of jobs after a maximum allowable delay has elapsed.
To accommodate the fragmented nature of scatter-gather, we will keep
submitting the next scatter-buffer fragment for a job for multi-buffer
computation until a job is completed and no more buffer fragments remain.
At that time we will pull a new job to fill the now empty data slot.
We check with the multibuffer scheduler to see if there are other
completed jobs to prevent extraneous delay in returning any completed
jobs.
This multi-buffer algorithm should be used for cases where we get at
least 8 streams of crypto jobs submitted at a reasonably high rate.
For low crypto job submission rate and low number of data streams, this
algorithm will not be beneficial. The reason is at low rate, we do not
fill out the data lanes before flushing the jobs instead of processing
them with all the data lanes full. We will miss the benefit of parallel
computation, and adding delay to the processing of the crypto job at the
same time. Some tuning of the maximum latency parameter may be needed
to get the best performance.
Originally-by: Chandramouli Narayanan <mouli_7982@yahoo.com>
Signed-off-by: Megha Dey <megha.dey@linux.intel.com>
Signed-off-by: Tim Chen <tim.c.chen@linux.intel.com>
---
arch/x86/crypto/Makefile | 1 +
arch/x86/crypto/aes-cbc-mb/Makefile | 22 +
arch/x86/crypto/aes-cbc-mb/aes_cbc_mb.c | 839 ++++++++++++++++++++++++++++++++
3 files changed, 862 insertions(+)
create mode 100644 arch/x86/crypto/aes-cbc-mb/Makefile
create mode 100644 arch/x86/crypto/aes-cbc-mb/aes_cbc_mb.c
diff --git a/arch/x86/crypto/Makefile b/arch/x86/crypto/Makefile
index 34b3fa2..cc556a7 100644
--- a/arch/x86/crypto/Makefile
+++ b/arch/x86/crypto/Makefile
@@ -33,6 +33,7 @@ obj-$(CONFIG_CRYPTO_CRC32_PCLMUL) += crc32-pclmul.o
obj-$(CONFIG_CRYPTO_SHA256_SSSE3) += sha256-ssse3.o
obj-$(CONFIG_CRYPTO_SHA512_SSSE3) += sha512-ssse3.o
obj-$(CONFIG_CRYPTO_CRCT10DIF_PCLMUL) += crct10dif-pclmul.o
+obj-$(CONFIG_CRYPTO_AES_CBC_MB) += aes-cbc-mb/
obj-$(CONFIG_CRYPTO_POLY1305_X86_64) += poly1305-x86_64.o
# These modules require assembler to support AVX.
diff --git a/arch/x86/crypto/aes-cbc-mb/Makefile b/arch/x86/crypto/aes-cbc-mb/Makefile
new file mode 100644
index 0000000..b642bd8
--- /dev/null
+++ b/arch/x86/crypto/aes-cbc-mb/Makefile
@@ -0,0 +1,22 @@
+#
+# Arch-specific CryptoAPI modules.
+#
+
+avx_supported := $(call as-instr,vpxor %xmm0$(comma)%xmm0$(comma)%xmm0,yes,no)
+
+# we need decryption and key expansion routine symbols
+# if either AESNI_NI_INTEL or AES_CBC_MB is a module
+
+ifeq ($(CONFIG_CRYPTO_AES_NI_INTEL),m)
+ dec_support := ../aesni-intel_asm.o
+endif
+ifeq ($(CONFIG_CRYPTO_AES_CBC_MB),m)
+ dec_support := ../aesni-intel_asm.o
+endif
+
+ifeq ($(avx_supported),yes)
+ obj-$(CONFIG_CRYPTO_AES_CBC_MB) += aes-cbc-mb.o
+ aes-cbc-mb-y := $(dec_support) aes_cbc_mb.o aes_mb_mgr_init.o \
+ mb_mgr_inorder_x8_asm.o mb_mgr_ooo_x8_asm.o \
+ aes_cbc_enc_x8.o
+endif
diff --git a/arch/x86/crypto/aes-cbc-mb/aes_cbc_mb.c b/arch/x86/crypto/aes-cbc-mb/aes_cbc_mb.c
new file mode 100644
index 0000000..190a4fc
--- /dev/null
+++ b/arch/x86/crypto/aes-cbc-mb/aes_cbc_mb.c
@@ -0,0 +1,839 @@
+/*
+ * Multi buffer AES CBC algorithm glue code
+ *
+ *
+ * This file is provided under a dual BSD/GPLv2 license. When using or
+ * redistributing this file, you may do so under either license.
+ *
+ * GPL LICENSE SUMMARY
+ *
+ * Copyright(c) 2016 Intel Corporation.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of version 2 of the GNU General Public License as
+ * published by the Free Software Foundation.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * Contact Information:
+ * James Guilford <james.guilford@intel.com>
+ * Sean Gulley <sean.m.gulley@intel.com>
+ * Tim Chen <tim.c.chen@linux.intel.com>
+ * Megha Dey <megha.dey@linux.intel.com>
+ */
+
+#define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
+
+#include <linux/hardirq.h>
+#include <linux/types.h>
+#include <linux/crypto.h>
+#include <linux/module.h>
+#include <linux/err.h>
+#include <crypto/algapi.h>
+#include <crypto/aes.h>
+#include <crypto/internal/hash.h>
+#include <crypto/mcryptd.h>
+#include <crypto/crypto_wq.h>
+#include <crypto/ctr.h>
+#include <crypto/b128ops.h>
+#include <crypto/lrw.h>
+#include <crypto/xts.h>
+#include <asm/cpu_device_id.h>
+#include <asm/fpu/api.h>
+#include <asm/crypto/aes.h>
+#include <crypto/ablk_helper.h>
+#include <crypto/scatterwalk.h>
+#include <crypto/internal/aead.h>
+#include <linux/workqueue.h>
+#include <linux/spinlock.h>
+#ifdef CONFIG_X86_64
+#include <asm/crypto/glue_helper.h>
+#endif
+#include <asm/simd.h>
+
+#include "aes_cbc_mb_ctx.h"
+
+#define AESNI_ALIGN (16)
+#define AES_BLOCK_MASK (~(AES_BLOCK_SIZE-1))
+#define FLUSH_INTERVAL 500 /* in usec */
+
+static struct mcryptd_alg_state cbc_mb_alg_state;
+
+struct aes_cbc_mb_ctx {
+ struct mcryptd_ablkcipher *mcryptd_tfm;
+};
+
+static inline struct aes_cbc_mb_mgr_inorder_x8
+ *get_key_mgr(void *mgr, u32 key_len)
+{
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+
+ key_mgr = (struct aes_cbc_mb_mgr_inorder_x8 *) mgr;
+ /* valid keysize is guranteed to be one of 128/192/256 */
+ switch (key_len) {
+ case AES_KEYSIZE_256:
+ return key_mgr+2;
+ case AES_KEYSIZE_192:
+ return key_mgr+1;
+ case AES_KEYSIZE_128:
+ default:
+ return key_mgr;
+ }
+}
+
+/* support code from arch/x86/crypto/aesni-intel_glue.c */
+static inline struct crypto_aes_ctx *aes_ctx(void *raw_ctx)
+{
+ unsigned long addr = (unsigned long)raw_ctx;
+ unsigned long align = AESNI_ALIGN;
+ struct crypto_aes_ctx *ret_ctx;
+
+ if (align <= crypto_tfm_ctx_alignment())
+ align = 1;
+ ret_ctx = (struct crypto_aes_ctx *)ALIGN(addr, align);
+ return ret_ctx;
+}
+
+static struct job_aes_cbc *aes_cbc_job_mgr_submit(
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr, u32 key_len)
+{
+ /* valid keysize is guranteed to be one of 128/192/256 */
+ switch (key_len) {
+ case AES_KEYSIZE_256:
+ return aes_cbc_submit_job_inorder_256x8(key_mgr);
+ case AES_KEYSIZE_192:
+ return aes_cbc_submit_job_inorder_192x8(key_mgr);
+ case AES_KEYSIZE_128:
+ default:
+ return aes_cbc_submit_job_inorder_128x8(key_mgr);
+ }
+}
+
+static inline struct ablkcipher_request *cast_mcryptd_ctx_to_req(
+ struct mcryptd_ablkcipher_request_ctx *ctx)
+{
+ return container_of((void *) ctx, struct ablkcipher_request, __ctx);
+}
+
+/*
+ * Interface functions to the synchronous algorithm with acces
+ * to the underlying multibuffer AES CBC implementation
+ */
+
+/* Map the error in request context appropriately */
+
+static struct mcryptd_ablkcipher_request_ctx *process_job_sts(
+ struct job_aes_cbc *job)
+{
+ struct mcryptd_ablkcipher_request_ctx *ret_rctx;
+
+ ret_rctx = (struct mcryptd_ablkcipher_request_ctx *)job->user_data;
+
+ switch (job->status) {
+ default:
+ case STS_COMPLETED:
+ ret_rctx->error = CBC_CTX_ERROR_NONE;
+ break;
+ case STS_BEING_PROCESSED:
+ ret_rctx->error = -EINPROGRESS;
+ break;
+ case STS_INTERNAL_ERROR:
+ case STS_ERROR:
+ case STS_UNKNOWN:
+ /* mark it done with error */
+ ret_rctx->flag = CBC_DONE;
+ ret_rctx->error = -EIO;
+ break;
+ }
+ return ret_rctx;
+}
+
+static struct mcryptd_ablkcipher_request_ctx
+ *aes_cbc_ctx_mgr_flush(struct aes_cbc_mb_mgr_inorder_x8 *key_mgr)
+{
+ struct job_aes_cbc *job;
+
+ job = aes_cbc_flush_job_inorder_x8(key_mgr);
+ if (job)
+ return process_job_sts(job);
+ return NULL;
+}
+
+static struct mcryptd_ablkcipher_request_ctx *aes_cbc_ctx_mgr_submit(
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr,
+ struct mcryptd_ablkcipher_request_ctx *rctx
+ )
+{
+ struct crypto_aes_ctx *mb_key_ctx;
+ struct job_aes_cbc *job;
+ unsigned long src_paddr;
+ unsigned long dst_paddr;
+
+ mb_key_ctx = aes_ctx(crypto_tfm_ctx(rctx->desc.base.tfm));
+
+ /* get job, fill the details and submit */
+ job = aes_cbc_get_next_job_inorder_x8(key_mgr);
+
+ src_paddr = (page_to_phys(rctx->walk.src.page) + rctx->walk.src.offset);
+ dst_paddr = (page_to_phys(rctx->walk.dst.page) + rctx->walk.dst.offset);
+ job->plaintext = phys_to_virt(src_paddr);
+ job->ciphertext = phys_to_virt(dst_paddr);
+ if (rctx->flag & CBC_START) {
+ /* fresh sequence, copy iv from walk buffer initially */
+ memcpy(&job->iv, rctx->walk.iv, AES_BLOCK_SIZE);
+ rctx->flag &= ~CBC_START;
+ } else {
+ /* For a multi-part sequence, set up the updated IV */
+ job->iv = rctx->seq_iv;
+ }
+
+ job->keys = (u128 *)mb_key_ctx->key_enc;
+ /* set up updated length from the walk buffers */
+ job->len = rctx->walk.nbytes & AES_BLOCK_MASK;
+ /* stow away the req_ctx so we can later check */
+ job->user_data = (void *)rctx;
+ job->key_len = mb_key_ctx->key_length;
+ rctx->job = job;
+ rctx->error = CBC_CTX_ERROR_NONE;
+ job = aes_cbc_job_mgr_submit(key_mgr, mb_key_ctx->key_length);
+ if (job) {
+ /* we already have the request context stashed in job */
+ return process_job_sts(job);
+ }
+ return NULL;
+}
+
+static int cbc_encrypt_finish(struct mcryptd_ablkcipher_request_ctx **ret_rctx,
+ struct mcryptd_alg_cstate *cstate,
+ bool flush)
+{
+ struct mcryptd_ablkcipher_request_ctx *rctx = *ret_rctx;
+ struct job_aes_cbc *job;
+ int err = 0;
+ unsigned int nbytes;
+ struct crypto_aes_ctx *mb_key_ctx;
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+ struct ablkcipher_request *req;
+
+
+ mb_key_ctx = aes_ctx(crypto_tfm_ctx(rctx->desc.base.tfm));
+ key_mgr = get_key_mgr(cstate->mgr, mb_key_ctx->key_length);
+
+ /*
+ * Some low-level mb job is done. Keep going till done.
+ * This loop may process multiple multi part requests
+ */
+ while (!(rctx->flag & CBC_DONE)) {
+ /* update bytes and check for more work */
+ nbytes = rctx->walk.nbytes & (AES_BLOCK_SIZE - 1);
+ req = cast_mcryptd_ctx_to_req(rctx);
+ err = ablkcipher_walk_done(req, &rctx->walk, nbytes);
+ if (err) {
+ /* done with error */
+ rctx->flag = CBC_DONE;
+ rctx->error = err;
+ goto out;
+ }
+ nbytes = rctx->walk.nbytes;
+ if (!nbytes) {
+ /* done with successful encryption */
+ rctx->flag = CBC_DONE;
+ goto out;
+ }
+ /*
+ * This is a multi-part job and there is more work to do.
+ * From the completed job, copy the running sequence of IV
+ * and start the next one in sequence.
+ */
+ job = (struct job_aes_cbc *)rctx->job;
+ rctx->seq_iv = job->iv; /* copy the running sequence of iv */
+ kernel_fpu_begin();
+ rctx = aes_cbc_ctx_mgr_submit(key_mgr, rctx);
+ if (!rctx) {
+ /* multi part job submitted, no completed job. */
+ if (flush)
+ rctx = aes_cbc_ctx_mgr_flush(key_mgr);
+ }
+ kernel_fpu_end();
+ if (!rctx) {
+ /* no completions yet to process further */
+ break;
+ }
+ /* some job finished when we submitted multi part job. */
+ if (rctx->error) {
+ /*
+ * some request completed with error
+ * bail out of chain processing
+ */
+ err = rctx->error;
+ break;
+ }
+ /* we have a valid request context to process further */
+ }
+ /* encrypted text is expected to be in out buffer already */
+out:
+ /* We came out multi-part processing for some request */
+ *ret_rctx = rctx;
+ return err;
+}
+
+/* notify the caller of progress ; request still stays in queue */
+
+static void notify_callback(struct mcryptd_ablkcipher_request_ctx *rctx,
+ struct mcryptd_alg_cstate *cstate,
+ int err)
+{
+ struct ablkcipher_request *req = cast_mcryptd_ctx_to_req(rctx);
+
+ if (irqs_disabled())
+ rctx->complete(&req->base, err);
+ else {
+ local_bh_disable();
+ rctx->complete(&req->base, err);
+ local_bh_enable();
+ }
+}
+
+/* A request that completed is dequeued and the caller is notified */
+
+static void completion_callback(struct mcryptd_ablkcipher_request_ctx *rctx,
+ struct mcryptd_alg_cstate *cstate,
+ int err)
+{
+ struct ablkcipher_request *req = cast_mcryptd_ctx_to_req(rctx);
+
+ /* remove from work list and invoke completion callback */
+ spin_lock(&cstate->work_lock);
+ list_del(&rctx->waiter);
+ spin_unlock(&cstate->work_lock);
+
+ if (irqs_disabled())
+ rctx->complete(&req->base, err);
+ else {
+ local_bh_disable();
+ rctx->complete(&req->base, err);
+ local_bh_enable();
+ }
+}
+
+/* complete a blkcipher request and process any further completions */
+
+static void cbc_complete_job(struct mcryptd_ablkcipher_request_ctx *rctx,
+ struct mcryptd_alg_cstate *cstate,
+ int err)
+{
+ struct job_aes_cbc *job;
+ int ret;
+ struct mcryptd_ablkcipher_request_ctx *sctx;
+ struct crypto_aes_ctx *mb_key_ctx;
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+ struct ablkcipher_request *req;
+
+ req = cast_mcryptd_ctx_to_req(rctx);
+ ablkcipher_walk_complete(&rctx->walk);
+ completion_callback(rctx, cstate, err);
+
+ mb_key_ctx = aes_ctx(crypto_tfm_ctx(rctx->desc.base.tfm));
+ key_mgr = get_key_mgr(cstate->mgr, mb_key_ctx->key_length);
+
+ /* check for more completed jobs and process */
+ while ((job = aes_cbc_get_completed_job_inorder_x8(key_mgr)) != NULL) {
+ sctx = process_job_sts(job);
+ if (WARN_ON(sctx == NULL))
+ return;
+ ret = sctx->error;
+ if (!ret) {
+ /* further process it */
+ ret = cbc_encrypt_finish(&sctx, cstate, false);
+ }
+ if (sctx) {
+ req = cast_mcryptd_ctx_to_req(sctx);
+ ablkcipher_walk_complete(&sctx->walk);
+ completion_callback(sctx, cstate, ret);
+ }
+ }
+}
+
+/* Add request to the waiter list. It stays in queue until completion */
+
+static void cbc_mb_add_list(struct mcryptd_ablkcipher_request_ctx *rctx,
+ struct mcryptd_alg_cstate *cstate)
+{
+ unsigned long next_flush;
+ unsigned long delay = usecs_to_jiffies(FLUSH_INTERVAL);
+
+ /* initialize tag */
+ rctx->tag.arrival = jiffies; /* tag the arrival time */
+ rctx->tag.seq_num = cstate->next_seq_num++;
+ next_flush = rctx->tag.arrival + delay;
+ rctx->tag.expire = next_flush;
+
+ spin_lock(&cstate->work_lock);
+ list_add_tail(&rctx->waiter, &cstate->work_list);
+ spin_unlock(&cstate->work_lock);
+
+ mcryptd_arm_flusher(cstate, delay);
+}
+
+static int mb_aes_cbc_encrypt(struct ablkcipher_request *desc)
+{
+ struct mcryptd_ablkcipher_request_ctx *rctx =
+ container_of(desc, struct mcryptd_ablkcipher_request_ctx, desc);
+ struct mcryptd_ablkcipher_request_ctx *ret_rctx;
+ struct mcryptd_alg_cstate *cstate =
+ this_cpu_ptr(cbc_mb_alg_state.alg_cstate);
+ int err;
+ int ret = 0;
+ struct crypto_aes_ctx *mb_key_ctx;
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+ struct ablkcipher_request *req;
+
+ mb_key_ctx = aes_ctx(crypto_tfm_ctx(rctx->desc.base.tfm));
+ key_mgr = get_key_mgr(cstate->mgr, mb_key_ctx->key_length);
+
+ /* sanity check */
+ if (rctx->tag.cpu != smp_processor_id()) {
+ /* job not on list yet */
+ pr_err("mcryptd error: cpu clash\n");
+ notify_callback(rctx, cstate, -EINVAL);
+ return 0;
+ }
+
+ /* a new job, initialize the cbc context and add to worklist */
+ cbc_ctx_init(rctx, desc->nbytes, CBC_ENCRYPT);
+ cbc_mb_add_list(rctx, cstate);
+
+ req = cast_mcryptd_ctx_to_req(rctx);
+ ablkcipher_walk_init(&rctx->walk, desc->dst, desc->src, desc->nbytes);
+ err = ablkcipher_walk_phys(req, &rctx->walk);
+ if (err || !rctx->walk.nbytes) {
+ /* terminate this request */
+ ablkcipher_walk_complete(&rctx->walk);
+ completion_callback(rctx, cstate, (!err) ? -EINVAL : err);
+ return 0;
+ }
+ /* submit job */
+ kernel_fpu_begin();
+ ret_rctx = aes_cbc_ctx_mgr_submit(key_mgr, rctx);
+ kernel_fpu_end();
+
+ if (!ret_rctx) {
+ /* we submitted a job, but none completed */
+ /* just notify the caller */
+ notify_callback(rctx, cstate, -EINPROGRESS);
+ return 0;
+ }
+ /* some job completed */
+ if (ret_rctx->error) {
+ /* some job finished with error */
+ cbc_complete_job(ret_rctx, cstate, ret_rctx->error);
+ return 0;
+ }
+ /* some job finished without error, process it */
+ ret = cbc_encrypt_finish(&ret_rctx, cstate, false);
+ if (!ret_rctx) {
+ /* No completed job yet, notify caller */
+ notify_callback(rctx, cstate, -EINPROGRESS);
+ return 0;
+ }
+
+ /* complete the job */
+ cbc_complete_job(ret_rctx, cstate, ret);
+ return 0;
+}
+
+static int mb_aes_cbc_decrypt(struct ablkcipher_request *desc)
+{
+ struct crypto_aes_ctx *aesni_ctx;
+ struct mcryptd_ablkcipher_request_ctx *rctx =
+ container_of(desc, struct mcryptd_ablkcipher_request_ctx, desc);
+ struct ablkcipher_request *req;
+ bool is_mcryptd_req;
+ unsigned long src_paddr;
+ unsigned long dst_paddr;
+ int err;
+
+ /* note here whether it is mcryptd req */
+ is_mcryptd_req = desc->base.flags & CRYPTO_TFM_REQ_MAY_SLEEP;
+ req = cast_mcryptd_ctx_to_req(rctx);
+ aesni_ctx = aes_ctx(crypto_tfm_ctx(desc->base.tfm));
+
+ ablkcipher_walk_init(&rctx->walk, desc->dst, desc->src, desc->nbytes);
+ err = ablkcipher_walk_phys(req, &rctx->walk);
+ if (err || !rctx->walk.nbytes)
+ goto done1;
+ desc->base.flags &= ~CRYPTO_TFM_REQ_MAY_SLEEP;
+
+ kernel_fpu_begin();
+ while ((desc->nbytes = rctx->walk.nbytes)) {
+ src_paddr = (page_to_phys(rctx->walk.src.page) +
+ rctx->walk.src.offset);
+ dst_paddr = (page_to_phys(rctx->walk.dst.page) +
+ rctx->walk.dst.offset);
+ aesni_cbc_dec(aesni_ctx, phys_to_virt(dst_paddr),
+ phys_to_virt(src_paddr),
+ rctx->walk.nbytes & AES_BLOCK_MASK,
+ rctx->walk.iv);
+ desc->nbytes &= AES_BLOCK_SIZE - 1;
+ err = ablkcipher_walk_done(req, &rctx->walk, desc->nbytes);
+ if (err)
+ goto done2;
+ }
+done2:
+ kernel_fpu_end();
+done1:
+ ablkcipher_walk_complete(&rctx->walk);
+ if (!is_mcryptd_req) {
+ /* synchronous request */
+ return err;
+ }
+ /* from mcryptd, we need to callback */
+ if (irqs_disabled())
+ rctx->complete(&req->base, err);
+ else {
+ local_bh_disable();
+ rctx->complete(&req->base, err);
+ local_bh_enable();
+ }
+ return 0;
+}
+
+/* use the same common code in aesni to expand key */
+
+static int aes_set_key_common(struct crypto_ablkcipher *tfm, void *raw_ctx,
+ const u8 *in_key, unsigned int key_len)
+{
+ struct crypto_aes_ctx *ctx = aes_ctx(raw_ctx);
+ u32 *flags = &tfm->base.crt_flags;
+ int err;
+
+ if (key_len != AES_KEYSIZE_128 && key_len != AES_KEYSIZE_192 &&
+ key_len != AES_KEYSIZE_256) {
+ *flags |= CRYPTO_TFM_RES_BAD_KEY_LEN;
+ return -EINVAL;
+ }
+
+ if (!irq_fpu_usable())
+ err = crypto_aes_expand_key(ctx, in_key, key_len);
+ else {
+ kernel_fpu_begin();
+ err = aesni_set_key(ctx, in_key, key_len);
+ kernel_fpu_end();
+ }
+
+ return err;
+}
+
+static int aes_set_key(struct crypto_ablkcipher *tfm, const u8 *in_key,
+ unsigned int key_len)
+{
+ return aes_set_key_common(tfm, crypto_ablkcipher_ctx(tfm), in_key,
+ key_len);
+}
+
+/* Interface functions to the asynchronous algorithm */
+
+static int cbc_mb_async_ablk_decrypt(struct ablkcipher_request *req)
+{
+ struct ablkcipher_request *mcryptd_req = ablkcipher_request_ctx(req);
+ struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
+ struct aes_cbc_mb_ctx *ctx = crypto_ablkcipher_ctx(tfm);
+ struct mcryptd_ablkcipher *mcryptd_tfm = ctx->mcryptd_tfm;
+ struct mcryptd_ablkcipher_request_ctx *rctx;
+ struct crypto_ablkcipher *child_tfm;
+ int err;
+
+ memcpy(mcryptd_req, req, sizeof(*req));
+ ablkcipher_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
+
+ if (!may_use_simd())
+ /* request sent via mcryptd, completes asynchronously */
+ return crypto_ablkcipher_decrypt(mcryptd_req);
+
+ /*
+ * Package decryption descriptor in mcryptd req structure
+ * and let the child tfm execute the decryption
+ * without incurring the cost of mcryptd layers.
+ * Request completes synchronously.
+ * Multi-buffer technique unnecessary as decrypt is
+ * done in parallel.
+ */
+
+ rctx = ablkcipher_request_ctx(mcryptd_req);
+ child_tfm = mcryptd_ablkcipher_child(ctx->mcryptd_tfm);
+ rctx->desc.base.tfm = crypto_ablkcipher_tfm(child_tfm);
+ rctx->desc.info = req->info;
+ rctx->desc.base.flags = 0;
+ rctx->desc.src = req->src;
+ rctx->desc.dst = req->dst;
+ rctx->desc.nbytes = req->nbytes;
+
+ err = crypto_ablkcipher_crt(child_tfm)->decrypt(&rctx->desc);
+ return err;
+}
+
+static int cbc_mb_async_ablk_encrypt(struct ablkcipher_request *req)
+{
+ struct ablkcipher_request *mcryptd_req = ablkcipher_request_ctx(req);
+ struct crypto_ablkcipher *tfm = crypto_ablkcipher_reqtfm(req);
+ struct aes_cbc_mb_ctx *ctx = crypto_ablkcipher_ctx(tfm);
+ struct mcryptd_ablkcipher *mcryptd_tfm = ctx->mcryptd_tfm;
+
+ /* get the async driver ctx and tfm to package the request */
+ memcpy(mcryptd_req, req, sizeof(*req));
+ ablkcipher_request_set_tfm(mcryptd_req, &mcryptd_tfm->base);
+
+ return crypto_ablkcipher_encrypt(mcryptd_req);
+
+}
+
+/*
+ * CRYPTO_ALG_ASYNC flag is passed to indicate we have an ablk
+ * scatter-gather walk.
+ */
+
+static struct crypto_alg aes_cbc_mb_alg = {
+ .cra_name = "__cbc-aes-aesni-mb",
+ .cra_driver_name = "__driver-cbc-aes-aesni-mb",
+ .cra_priority = 100,
+ .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC
+ | CRYPTO_ALG_INTERNAL,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct crypto_aes_ctx) +
+ AESNI_ALIGN - 1,
+ .cra_alignmask = 0,
+ .cra_type = &crypto_ablkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_list = LIST_HEAD_INIT(aes_cbc_mb_alg.cra_list),
+ .cra_u = {
+ .ablkcipher = {
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ .setkey = aes_set_key,
+ .encrypt = mb_aes_cbc_encrypt,
+ .decrypt = mb_aes_cbc_decrypt
+ },
+ },
+};
+
+static int ablk_cbc_async_init_tfm(struct crypto_tfm *tfm)
+{
+ struct mcryptd_ablkcipher *mcryptd_tfm;
+ struct aes_cbc_mb_ctx *ctx = crypto_tfm_ctx(tfm);
+ struct mcryptd_ablkcipher_ctx *mctx;
+
+ mcryptd_tfm = mcryptd_alloc_ablkcipher(
+ "__driver-cbc-aes-aesni-mb",
+ CRYPTO_ALG_INTERNAL, CRYPTO_ALG_INTERNAL);
+ if (IS_ERR(mcryptd_tfm))
+ return PTR_ERR(mcryptd_tfm);
+ mctx = crypto_ablkcipher_ctx(&mcryptd_tfm->base);
+ mctx->alg_state = &cbc_mb_alg_state;
+ ctx->mcryptd_tfm = mcryptd_tfm;
+ tfm->crt_ablkcipher.reqsize = sizeof(struct ablkcipher_request) +
+ crypto_ablkcipher_reqsize(&mcryptd_tfm->base);
+
+ return 0;
+
+}
+
+static void ablk_cbc_async_exit_tfm(struct crypto_tfm *tfm)
+{
+ struct aes_cbc_mb_ctx *ctx = crypto_tfm_ctx(tfm);
+
+ mcryptd_free_ablkcipher(ctx->mcryptd_tfm);
+}
+
+/* Asynchronous interface to CBC multibuffer implementation */
+
+static struct crypto_alg aes_cbc_mb_async_alg = {
+ .cra_name = "cbc(aes)",
+ .cra_driver_name = "cbc-aes-aesni-mb",
+ .cra_priority = 450,
+ .cra_flags = CRYPTO_ALG_TYPE_ABLKCIPHER | CRYPTO_ALG_ASYNC,
+ .cra_blocksize = AES_BLOCK_SIZE,
+ .cra_ctxsize = sizeof(struct aes_cbc_mb_ctx) +
+ AESNI_ALIGN - 1,
+ .cra_alignmask = 0,
+ .cra_type = &crypto_ablkcipher_type,
+ .cra_module = THIS_MODULE,
+ .cra_init = ablk_cbc_async_init_tfm,
+ .cra_exit = ablk_cbc_async_exit_tfm,
+ .cra_list = LIST_HEAD_INIT(aes_cbc_mb_async_alg.cra_list),
+ .cra_u = {
+ .ablkcipher = {
+ .min_keysize = AES_MIN_KEY_SIZE,
+ .max_keysize = AES_MAX_KEY_SIZE,
+ .ivsize = AES_BLOCK_SIZE,
+ .setkey = ablk_set_key,
+ .encrypt = cbc_mb_async_ablk_encrypt,
+ .decrypt = cbc_mb_async_ablk_decrypt,
+ },
+ },
+};
+
+/*
+ * When there are no new jobs arriving, the multibuffer queue may stall.
+ * To prevent prolonged stall, the flusher can be invoked to alleviate
+ * the following conditions:
+ * a) There are partially completed multi-part crypto jobs after a
+ * maximum allowable delay
+ * b) We have exhausted crypto jobs in queue, and the cpu
+ * does not have other tasks and cpu will become idle otherwise.
+ */
+unsigned long cbc_mb_flusher(struct mcryptd_alg_cstate *cstate)
+{
+ struct mcryptd_ablkcipher_request_ctx *rctx;
+ unsigned long cur_time;
+ unsigned long next_flush = 0;
+
+ struct crypto_aes_ctx *mb_key_ctx;
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+
+
+ cur_time = jiffies;
+
+ while (!list_empty(&cstate->work_list)) {
+ rctx = list_entry(cstate->work_list.next,
+ struct mcryptd_ablkcipher_request_ctx, waiter);
+ if time_before(cur_time, rctx->tag.expire)
+ break;
+
+ mb_key_ctx = aes_ctx(crypto_tfm_ctx(rctx->desc.base.tfm));
+ key_mgr = get_key_mgr(cstate->mgr, mb_key_ctx->key_length);
+
+ kernel_fpu_begin();
+ rctx = aes_cbc_ctx_mgr_flush(key_mgr);
+ kernel_fpu_end();
+ if (!rctx) {
+ pr_err("cbc_mb_flusher: nothing got flushed\n");
+ break;
+ }
+ cbc_encrypt_finish(&rctx, cstate, true);
+ if (rctx)
+ cbc_complete_job(rctx, cstate, rctx->error);
+ }
+
+ if (!list_empty(&cstate->work_list)) {
+ rctx = list_entry(cstate->work_list.next,
+ struct mcryptd_ablkcipher_request_ctx, waiter);
+ /* get the blkcipher context and then flush time */
+ next_flush = rctx->tag.expire;
+ mcryptd_arm_flusher(cstate, get_delay(next_flush));
+ }
+ return next_flush;
+}
+
+static int __init aes_cbc_mb_mod_init(void)
+{
+
+ int cpu, i;
+ int err;
+ struct mcryptd_alg_cstate *cpu_state;
+ struct aes_cbc_mb_mgr_inorder_x8 *key_mgr;
+
+ /* check for dependent cpu features */
+ if (!boot_cpu_has(X86_FEATURE_AES)) {
+ pr_err("aes_cbc_mb_mod_init: no aes support\n");
+ err = -ENODEV;
+ goto err1;
+ }
+
+ if (!boot_cpu_has(X86_FEATURE_XMM)) {
+ pr_err("aes_cbc_mb_mod_init: no xmm support\n");
+ err = -ENODEV;
+ goto err1;
+ }
+
+ /* initialize multibuffer structures */
+
+ cbc_mb_alg_state.alg_cstate = alloc_percpu(struct mcryptd_alg_cstate);
+ if (!cbc_mb_alg_state.alg_cstate) {
+ pr_err("aes_cbc_mb_mod_init: insufficient memory\n");
+ err = -ENOMEM;
+ goto err1;
+ }
+
+ for_each_possible_cpu(cpu) {
+ cpu_state = per_cpu_ptr(cbc_mb_alg_state.alg_cstate, cpu);
+ cpu_state->next_flush = 0;
+ cpu_state->next_seq_num = 0;
+ cpu_state->flusher_engaged = false;
+ INIT_DELAYED_WORK(&cpu_state->flush, mcryptd_flusher);
+ cpu_state->cpu = cpu;
+ cpu_state->alg_state = &cbc_mb_alg_state;
+ cpu_state->mgr =
+ (struct aes_cbc_mb_mgr_inorder_x8 *)
+ kzalloc(3 * sizeof(struct aes_cbc_mb_mgr_inorder_x8),
+ GFP_KERNEL);
+ if (!cpu_state->mgr) {
+ err = -ENOMEM;
+ goto err2;
+ }
+ key_mgr = (struct aes_cbc_mb_mgr_inorder_x8 *) cpu_state->mgr;
+ /* initialize manager state for 128, 192 and 256 bit keys */
+ for (i = 0; i < 3; ++i) {
+ aes_cbc_init_mb_mgr_inorder_x8(key_mgr);
+ ++key_mgr;
+ }
+ INIT_LIST_HEAD(&cpu_state->work_list);
+ spin_lock_init(&cpu_state->work_lock);
+ }
+ cbc_mb_alg_state.flusher = &cbc_mb_flusher;
+
+ /* register the synchronous mb algo */
+ err = crypto_register_alg(&aes_cbc_mb_alg);
+ if (err)
+ goto err3;
+
+ /* register the asynchronous mb algo */
+ err = crypto_register_alg(&aes_cbc_mb_async_alg);
+ if (err) {
+ /* unregister synchronous mb algo */
+ crypto_unregister_alg(&aes_cbc_mb_alg);
+ goto err3;
+ }
+
+ pr_info("x86 CBC multibuffer crypto module initialized successfully\n");
+ return 0; /* module init success */
+
+ /* error in algo registration */
+err3:
+ for_each_possible_cpu(cpu) {
+ cpu_state = per_cpu_ptr(cbc_mb_alg_state.alg_cstate, cpu);
+ kfree(cpu_state->mgr);
+ }
+err2:
+ free_percpu(cbc_mb_alg_state.alg_cstate);
+err1:
+ return err;
+}
+
+static void __exit aes_cbc_mb_mod_fini(void)
+{
+ int cpu;
+ struct mcryptd_alg_cstate *cpu_state;
+
+ crypto_unregister_alg(&aes_cbc_mb_alg);
+ crypto_unregister_alg(&aes_cbc_mb_async_alg);
+
+ for_each_possible_cpu(cpu) {
+ cpu_state = per_cpu_ptr(cbc_mb_alg_state.alg_cstate, cpu);
+ kfree(cpu_state->mgr);
+ }
+ free_percpu(cbc_mb_alg_state.alg_cstate);
+}
+
+module_init(aes_cbc_mb_mod_init);
+module_exit(aes_cbc_mb_mod_fini);
+
+MODULE_LICENSE("GPL");
+MODULE_DESCRIPTION("AES CBC Algorithm, multi buffer accelerated");
+MODULE_AUTHOR("Tim Chen <tim.c.chen@linux.intel.com");
+
+MODULE_ALIAS("aes-cbc-mb");
+MODULE_ALIAS_CRYPTO("cbc-aes-aesni-mb");
--
1.9.1
^ permalink raw reply related
page: next (older) | prev (newer) | latest
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox