svn commit: r346616 - head/tests/sys/opencrypto
Author: jhb
Date: Wed Apr 24 00:16:39 2019
New Revision: 346616
URL: https://svnweb.freebsd.org/changeset/base/346616
Log:
Run the plain SHA digest tests from NIST.
Pass in an explicit digest length to the Crypto constructor since it
was assuming only sessions with a MAC key would have a MAC. Passing
an explicit size allows us to test the full digest in HMAC tests as
well.
Reviewed by: cem
MFC after:1 month
Sponsored by: Chelsio Communications
Differential Revision:https://reviews.freebsd.org/D19884
Modified:
head/tests/sys/opencrypto/cryptodev.py
head/tests/sys/opencrypto/cryptotest.py
Modified: head/tests/sys/opencrypto/cryptodev.py
==
--- head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:14:37 2019
(r346615)
+++ head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:16:39 2019
(r346616)
@@ -151,8 +151,9 @@ class Crypto:
return _findop(crid, '')[1]
def __init__(self, cipher=0, key=None, mac=0, mackey=None,
- crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE):
+ crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None):
self._ses = None
+ self._maclen = maclen
ses = SessionOp2()
ses.cipher = cipher
ses.mac = mac
@@ -168,9 +169,6 @@ class Crypto:
ses.mackeylen = len(mackey)
mk = array.array('B', mackey)
ses.mackey = mk.buffer_info()[0]
- self._maclen = 16 # parameterize?
- else:
- self._maclen = None
if not cipher and not mac:
raise ValueError('one of cipher or mac MUST be
specified.')
Modified: head/tests/sys/opencrypto/cryptotest.py
==
--- head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:14:37 2019
(r346615)
+++ head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:16:39 2019
(r346616)
@@ -114,7 +114,8 @@ def GenTestCase(cname):
c =
Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
cipherkey,
mac=self._gmacsizes[len(cipherkey)],
- mackey=cipherkey, crid=crid)
+ mackey=cipherkey, crid=crid,
+ maclen=16)
except EnvironmentError, e:
# Can't test algorithms the
driver does not support.
if e.errno != errno.EOPNOTSUPP:
@@ -260,11 +261,55 @@ def GenTestCase(cname):
###
@unittest.skipIf(cname not in shamodules, 'skipping SHA on %s'
% str(cname))
def test_sha(self):
- # SHA not available in software
- pass
- #for i in iglob('SHA1*'):
- # self.runSHA(i)
+ for i in katg('shabytetestvectors', 'SHA*Msg.rsp'):
+ self.runSHA(i)
+ def runSHA(self, fname):
+ # Skip SHA512_(224|256) tests
+ if fname.find('SHA512_') != -1:
+ return
+
+ for hashlength, lines in cryptodev.KATParser(fname,
+ [ 'Len', 'Msg', 'MD' ]):
+ # E.g., hashlength will be "L=20" (bytes)
+ hashlen = int(hashlength.split("=")[1])
+
+ if hashlen == 20:
+ alg = cryptodev.CRYPTO_SHA1
+ elif hashlen == 28:
+ alg = cryptodev.CRYPTO_SHA2_224
+ elif hashlen == 32:
+ alg = cryptodev.CRYPTO_SHA2_256
+ elif hashlen == 48:
+ alg = cryptodev.CRYPTO_SHA2_384
+ elif hashlen == 64:
+ alg = cryptodev.CRYPTO_SHA2_512
+ else:
+ # Skip unsupported hashes
+ # Slurp remaining input in section
+ for data in lines:
+ continue
+ continue
+
+ for data in lines:
+ msg = data['Msg'].deco
svn commit: r346616 - head/tests/sys/opencrypto
Author: jhb
Date: Wed Apr 24 00:16:39 2019
New Revision: 346616
URL: https://svnweb.freebsd.org/changeset/base/346616
Log:
Run the plain SHA digest tests from NIST.
Pass in an explicit digest length to the Crypto constructor since it
was assuming only sessions with a MAC key would have a MAC. Passing
an explicit size allows us to test the full digest in HMAC tests as
well.
Reviewed by: cem
MFC after:1 month
Sponsored by: Chelsio Communications
Differential Revision:https://reviews.freebsd.org/D19884
Modified:
head/tests/sys/opencrypto/cryptodev.py
head/tests/sys/opencrypto/cryptotest.py
Modified: head/tests/sys/opencrypto/cryptodev.py
==
--- head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:14:37 2019
(r346615)
+++ head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:16:39 2019
(r346616)
@@ -151,8 +151,9 @@ class Crypto:
return _findop(crid, '')[1]
def __init__(self, cipher=0, key=None, mac=0, mackey=None,
- crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE):
+ crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None):
self._ses = None
+ self._maclen = maclen
ses = SessionOp2()
ses.cipher = cipher
ses.mac = mac
@@ -168,9 +169,6 @@ class Crypto:
ses.mackeylen = len(mackey)
mk = array.array('B', mackey)
ses.mackey = mk.buffer_info()[0]
- self._maclen = 16 # parameterize?
- else:
- self._maclen = None
if not cipher and not mac:
raise ValueError('one of cipher or mac MUST be
specified.')
Modified: head/tests/sys/opencrypto/cryptotest.py
==
--- head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:14:37 2019
(r346615)
+++ head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:16:39 2019
(r346616)
@@ -114,7 +114,8 @@ def GenTestCase(cname):
c =
Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
cipherkey,
mac=self._gmacsizes[len(cipherkey)],
- mackey=cipherkey, crid=crid)
+ mackey=cipherkey, crid=crid,
+ maclen=16)
except EnvironmentError, e:
# Can't test algorithms the
driver does not support.
if e.errno != errno.EOPNOTSUPP:
@@ -260,11 +261,55 @@ def GenTestCase(cname):
###
@unittest.skipIf(cname not in shamodules, 'skipping SHA on %s'
% str(cname))
def test_sha(self):
- # SHA not available in software
- pass
- #for i in iglob('SHA1*'):
- # self.runSHA(i)
+ for i in katg('shabytetestvectors', 'SHA*Msg.rsp'):
+ self.runSHA(i)
+ def runSHA(self, fname):
+ # Skip SHA512_(224|256) tests
+ if fname.find('SHA512_') != -1:
+ return
+
+ for hashlength, lines in cryptodev.KATParser(fname,
+ [ 'Len', 'Msg', 'MD' ]):
+ # E.g., hashlength will be "L=20" (bytes)
+ hashlen = int(hashlength.split("=")[1])
+
+ if hashlen == 20:
+ alg = cryptodev.CRYPTO_SHA1
+ elif hashlen == 28:
+ alg = cryptodev.CRYPTO_SHA2_224
+ elif hashlen == 32:
+ alg = cryptodev.CRYPTO_SHA2_256
+ elif hashlen == 48:
+ alg = cryptodev.CRYPTO_SHA2_384
+ elif hashlen == 64:
+ alg = cryptodev.CRYPTO_SHA2_512
+ else:
+ # Skip unsupported hashes
+ # Slurp remaining input in section
+ for data in lines:
+ continue
+ continue
+
+ for data in lines:
+ msg = data['Msg'].deco
