kernel: backport crypto selftests

FIPS 140-3 recommends that all crypto implementations should be tested
before first use. Testmanager performs initial tests based on existing
test vectors. Not all algorithms have defined test vectors, so to improve
this situation, this commit backports recently added test vectors for
some cipher suites.

These vectors were calculated using a software implementation and then
double-checked on Mediatek MT7981 (safexcel) and NXP P2020 (talitos).
Both platforms passed self-tests.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Link: openwrt/openwrt#23012
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

Author: abajk

target/linux/generic/backport-6.12/910-v6.19-crypto-testmgr-Add-missing-DES-weak-and-semi-weak-ke.patch

@@ -0,0 +1,155 @@
+From c637f3e4a59d710ffd80da1c11d2ebed162d8ff0 Mon Sep 17 00:00:00 2001
+From: Thorsten Blum <thorsten.blum@linux.dev>
+Date: Mon, 17 Nov 2025 12:44:26 +0100
+Subject: [PATCH] crypto: testmgr - Add missing DES weak and semi-weak key
+ tests
+
+Ever since commit da7f033ddc9f ("crypto: cryptomgr - Add test
+infrastructure"), the DES test suite has tested only one of the four
+weak keys and none of the twelve semi-weak keys.
+
+DES has four weak keys and twelve semi-weak keys, and the kernel's DES
+implementation correctly detects and rejects all of these keys when the
+CRYPTO_TFM_REQ_FORBID_WEAK_KEYS flag is set. However, only a single weak
+key was being tested. Add tests for all 16 weak and semi-weak keys.
+
+While DES is deprecated, it is still used in some legacy protocols, and
+weak/semi-weak key detection should be tested accordingly.
+
+Tested on arm64 with cryptographic self-tests.
+
+Signed-off-by: Thorsten Blum <thorsten.blum@linux.dev>
+Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
+---
+ crypto/testmgr.h | 120 +++++++++++++++++++++++++++++++++++++++++++++++
+ 1 file changed, 120 insertions(+)
+
+--- a/crypto/testmgr.h
++++ b/crypto/testmgr.h
+@@ -10330,6 +10330,126 @@ static const struct cipher_testvec des_t
+ 		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
+ 		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
+ 		.len	= 8,
++	}, { /* Weak key */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xe0\xe0\xe0\xe0\xf1\xf1\xf1\xf1",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Weak key */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x1f\x1f\x1f\x1f\x0e\x0e\x0e\x0e",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Weak key */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xfe\xfe\xfe\xfe\xfe\xfe\xfe\xfe",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 1a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x01\xfe\x01\xfe\x01\xfe\x01\xfe",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 1b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xfe\x01\xfe\x01\xfe\x01\xfe\x01",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 2a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x1f\xe0\x1f\xe0\x0e\xf1\x0e\xf1",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 2b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xe0\x1f\xe0\x1f\xf1\x0e\xf1\x0e",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 3a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x01\xe0\x01\xe0\x01\xf1\x01\xf1",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 3b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xe0\x01\xe0\x01\xf1\x01\xf1\x01",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 4a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x1f\xfe\x1f\xfe\x0e\xfe\x0e\xfe",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 4b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xfe\x1f\xfe\x1f\xfe\x0e\xfe\x0e",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 5a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x01\x1f\x01\x1f\x01\x0e\x01\x0e",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 5b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\x1f\x01\x1f\x01\x0e\x01\x0e\x01",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 6a */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xe0\xfe\xe0\xfe\xf1\xfe\xf1\xfe",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
++	}, { /* Semi-weak key pair 6b */
++		.setkey_error = -EINVAL,
++		.wk	= 1,
++		.key	= "\xfe\xe0\xfe\xe0\xfe\xf1\xfe\xf1",
++		.klen	= 8,
++		.ptext	= "\x01\x23\x45\x67\x89\xab\xcd\xe7",
++		.ctext	= "\xc9\x57\x44\x25\x6a\x5e\xd3\x1d",
++		.len	= 8,
+ 	}, { /* Two blocks -- for testing encryption across pages */
+ 		.key	= "\x01\x23\x45\x67\x89\xab\xcd\xef",
+ 		.klen	= 8,