Date: Fri, 7 Nov 2014 03:47:01 GMT From: John-Mark Gurney <jmg@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 1202596 for review Message-ID: <201411070347.sA73l17t063085@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@1202596?ac=10 Change 1202596 by jmg@jmg_carbon2 on 2014/11/07 03:46:03 I believe that this should get things working for tests... Though when I run the tests, it doesn't run for some reason... Not sure why... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/runtests.sh#1 add Differences ... ==== //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 (text+ko) ==== @@ -143,6 +143,8 @@ .. netinet .. + opencrypto + .. .. usr.bin apply ==== //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 (text+ko) ==== @@ -1,8 +1,43 @@ # $FreeBSD$ -TESTDIR= ${TESTSBASE}/sys/opencrypto +.PATH: ${.CURDIR}/data + +TESTSDIR= ${TESTSBASE}/sys/opencrypto BINDIR= ${TESTSDIR} +PLAIN_TESTS_SH= runtests + TEST_METADATA.foo+=required_programs="python" +PYMODULES= cryptodev.py cryptodevh.py cryptotest.py dpkt.py + +FILESDIR= ${TESTSDIR} +FILES= ${PYMODULES} + +FILES+= CBCGFSbox128.rsp +FILES+= CBCGFSbox192.rsp +FILES+= CBCGFSbox256.rsp +FILES+= CBCKeySbox128.rsp +FILES+= CBCKeySbox192.rsp +FILES+= CBCKeySbox256.rsp +FILES+= CBCVarKey128.rsp +FILES+= CBCVarKey192.rsp +FILES+= CBCVarKey256.rsp +FILES+= CBCVarTxt128.rsp +FILES+= CBCVarTxt192.rsp +FILES+= CBCVarTxt256.rsp +FILES+= HMAC.rsp +FILES+= TCBCinvperm.rsp +FILES+= TCBCpermop.rsp +FILES+= TCBCsubtab.rsp +FILES+= TCBCvarkey.rsp +FILES+= TCBCvartext.rsp +FILES+= XTSGenAES128.rsp +FILES+= XTSGenAES256.rsp +FILES+= gcmDecrypt128.rsp +FILES+= gcmDecrypt192.rsp +FILES+= gcmDecrypt256.rsp +FILES+= gcmEncryptExtIV128.rsp +FILES+= gcmEncryptExtIV192.rsp +FILES+= gcmEncryptExtIV256.rsp .include <bsd.test.mk> ==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 (text+ko) ==== @@ -7,196 +7,223 @@ from cryptodev import * from glob import iglob -class CryptoXTSTestCase(unittest.TestCase): - def test_xts(self): - for i in iglob('data/XTS*.rsp'): - self.runXTS(i, cryptodev.CRYPTO_AES_XTS) +aesmodules = [ 'cryptosoft0', 'aesni0', ] +desmodules = [ 'cryptosoft0', ] +shamodules = [ 'cryptosoft0', ] + +def GenTestCase(cname): + try: + crid = cryptodev.Crypto.findcrid(cname) + except IOError: + return None + + class GendCryptoTestCase(unittest.TestCase): + ############### + ##### AES ##### + ############### + @unittest.skipIf(cname not in aesmodules, 'skipping AES on %s' % `cname`) + def test_xts(self): + for i in iglob('data/XTS*.rsp'): + self.runXTS(i, cryptodev.CRYPTO_AES_XTS) + + def test_cbc(self): + for i in iglob('data/CBC[GKV]*.rsp'): + self.runCBC(i) - def test_cbc(self): - for i in iglob('data/CBC[GKV]*.rsp'): - self.runCBC(i) + def test_gcm(self): + for i in iglob('data/gcmEncrypt*'): + self.runGCM(i, 'ENCRYPT') - def test_tdes(self): - for i in iglob('data/TCBC[a-z]*.rsp'): - self.runTDES(i) + for i in iglob('data/gcmDecrypt*'): + self.runGCM(i, 'DECRYPT') - def test_gcm(self): - for i in iglob('data/gcmEncrypt*'): - self.runGCM(i, 'ENCRYPT') + _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC, + 24: cryptodev.CRYPTO_AES_192_NIST_GMAC, + 16: cryptodev.CRYPTO_AES_128_NIST_GMAC, + } + def runGCM(self, fname, mode): + curfun = None + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - for i in iglob('data/gcmDecrypt*'): - self.runGCM(i, 'DECRYPT') + for bogusmode, lines in cryptodev.KATParser(fname, + [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]): + for data in lines: + curcnt = int(data['Count']) + cipherkey = data['Key'].decode('hex') + iv = data['IV'].decode('hex') + aad = data['AAD'].decode('hex') + tag = data['Tag'].decode('hex') + if 'FAIL' not in data: + pt = data['PT'].decode('hex') + ct = data['CT'].decode('hex') - def test_sha(self): - # SHA not available in software - pass - #for i in iglob('data/SHA1*'): - # self.runSHA(i) + if len(iv) != 12: + # XXX - isn't supported + continue - def test_sha1hmac(self): - self.runSHA1HMAC('data/HMAC.rsp') + c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, + cipherkey, + mac=self._gmacsizes[len(cipherkey)], + mackey=cipherkey, crid=crid) - def runSHA1HMAC(self, fname): - for bogusmode, lines in cryptodev.KATParser(fname, - [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]): - for data in lines: - key = data['Key'].decode('hex') - msg = data['Msg'].decode('hex') - mac = data['Mac'].decode('hex') + if mode == 'ENCRYPT': + rct, rtag = c.encrypt(pt, iv, aad) + rtag = rtag[:len(tag)] + data['rct'] = rct.encode('hex') + data['rtag'] = rtag.encode('hex') + self.assertEqual(rct, ct, `data`) + self.assertEqual(rtag, tag, `data`) + else: + if len(tag) != 16: + continue + args = (ct, iv, aad, tag) + if 'FAIL' in data: + self.assertRaises(IOError, + c.decrypt, *args) + else: + rpt, rtag = c.decrypt(*args) + data['rpt'] = rpt.encode('hex') + data['rtag'] = rtag.encode('hex') + self.assertEqual(rpt, pt, + `data`) - if len(key) != 20: - # XXX - implementation bug - continue + def runCBC(self, fname): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC, - mackey=key) + for data in lines: + curcnt = int(data['COUNT']) + cipherkey = data['KEY'].decode('hex') + iv = data['IV'].decode('hex') + pt = data['PLAINTEXT'].decode('hex') + ct = data['CIPHERTEXT'].decode('hex') - r = c.encrypt(msg) - self.assertEqual(r, mac, `data`) + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC, - 24: cryptodev.CRYPTO_AES_192_NIST_GMAC, - 16: cryptodev.CRYPTO_AES_128_NIST_GMAC, - } - def runGCM(self, fname, mode): - curfun = None - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + def runXTS(self, fname, meth): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', + 'CT' ]): + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - for bogusmode, lines in cryptodev.KATParser(fname, - [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]): - for data in lines: - curcnt = int(data['Count']) - cipherkey = data['Key'].decode('hex') - iv = data['IV'].decode('hex') - aad = data['AAD'].decode('hex') - tag = data['Tag'].decode('hex') - if 'FAIL' not in data: + for data in lines: + curcnt = int(data['COUNT']) + nbits = int(data['DataUnitLen']) + cipherkey = data['Key'].decode('hex') + iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0) pt = data['PT'].decode('hex') - ct = data['CT'].decode('hex') + ct = data['CT'].decode('hex') - if len(iv) != 12: - # XXX - isn't supported - continue + if nbits % 128 != 0: + # XXX - mark as skipped + continue + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(meth, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, - cipherkey, - mac=self._gmacsizes[len(cipherkey)], - mackey=cipherkey) + ############### + ##### DES ##### + ############### + @unittest.skipIf(cname not in desmodules, 'skipping DES on %s' % `cname`) + def test_tdes(self): + for i in iglob('data/TCBC[a-z]*.rsp'): + self.runTDES(i) + def runTDES(self, fname): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): if mode == 'ENCRYPT': - rct, rtag = c.encrypt(pt, iv, aad) - rtag = rtag[:len(tag)] - data['rct'] = rct.encode('hex') - data['rtag'] = rtag.encode('hex') - self.assertEqual(rct, ct, `data`) - self.assertEqual(rtag, tag, `data`) + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt else: - if len(tag) != 16: - continue - args = (ct, iv, aad, tag) - if 'FAIL' in data: - self.assertRaises(IOError, - c.decrypt, *args) - else: - rpt, rtag = c.decrypt(*args) - data['rpt'] = rpt.encode('hex') - data['rtag'] = rtag.encode('hex') - self.assertEqual(rpt, pt, - `data`) + raise RuntimeError('unknown mode: %s' % `mode`) + + for data in lines: + curcnt = int(data['COUNT']) + key = data['KEYs'] * 3 + cipherkey = key.decode('hex') + iv = data['IV'].decode('hex') + pt = data['PLAINTEXT'].decode('hex') + ct = data['CIPHERTEXT'].decode('hex') - def runTDES(self, fname): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - for data in lines: - curcnt = int(data['COUNT']) - key = data['KEYs'] * 3 - cipherkey = key.decode('hex') - iv = data['IV'].decode('hex') - pt = data['PLAINTEXT'].decode('hex') - ct = data['CIPHERTEXT'].decode('hex') + ############### + ##### SHA ##### + ############### + @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % `cname`) + def test_sha(self): + # SHA not available in software + pass + #for i in iglob('data/SHA1*'): + # self.runSHA(i) - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) + def test_sha1hmac(self): + self.runSHA1HMAC('data/HMAC.rsp') - def runCBC(self, fname): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + def runSHA1HMAC(self, fname): + for bogusmode, lines in cryptodev.KATParser(fname, + [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]): + for data in lines: + key = data['Key'].decode('hex') + msg = data['Msg'].decode('hex') + mac = data['Mac'].decode('hex') - for data in lines: - curcnt = int(data['COUNT']) - cipherkey = data['KEY'].decode('hex') - iv = data['IV'].decode('hex') - pt = data['PLAINTEXT'].decode('hex') - ct = data['CIPHERTEXT'].decode('hex') + if len(key) != 20: + # XXX - implementation bug + continue - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) + c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC, + mackey=key, crid=crid) - def runXTS(self, fname, meth): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', - 'CT' ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + r = c.encrypt(msg) + self.assertEqual(r, mac, `data`) - for data in lines: - curcnt = int(data['COUNT']) - nbits = int(data['DataUnitLen']) - cipherkey = data['Key'].decode('hex') - iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0) - pt = data['PT'].decode('hex') - ct = data['CT'].decode('hex') + return GendCryptoTestCase - if nbits % 128 != 0: - # XXX - mark as skipped - continue - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(meth, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) +cryptosoft = GenTestCase('cryptosoft0') +aesni = GenTestCase('aesni0') if __name__ == '__main__': unittest.main()
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201411070347.sA73l17t063085>