svn commit: r346616 - head/tests/sys/opencrypto
Author: jhb Date: Wed Apr 24 00:16:39 2019 New Revision: 346616 URL: https://svnweb.freebsd.org/changeset/base/346616 Log: Run the plain SHA digest tests from NIST. Pass in an explicit digest length to the Crypto constructor since it was assuming only sessions with a MAC key would have a MAC. Passing an explicit size allows us to test the full digest in HMAC tests as well. Reviewed by: cem MFC after:1 month Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D19884 Modified: head/tests/sys/opencrypto/cryptodev.py head/tests/sys/opencrypto/cryptotest.py Modified: head/tests/sys/opencrypto/cryptodev.py == --- head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:14:37 2019 (r346615) +++ head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:16:39 2019 (r346616) @@ -151,8 +151,9 @@ class Crypto: return _findop(crid, '')[1] def __init__(self, cipher=0, key=None, mac=0, mackey=None, - crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE): + crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None): self._ses = None + self._maclen = maclen ses = SessionOp2() ses.cipher = cipher ses.mac = mac @@ -168,9 +169,6 @@ class Crypto: ses.mackeylen = len(mackey) mk = array.array('B', mackey) ses.mackey = mk.buffer_info()[0] - self._maclen = 16 # parameterize? - else: - self._maclen = None if not cipher and not mac: raise ValueError('one of cipher or mac MUST be specified.') Modified: head/tests/sys/opencrypto/cryptotest.py == --- head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:14:37 2019 (r346615) +++ head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:16:39 2019 (r346616) @@ -114,7 +114,8 @@ def GenTestCase(cname): c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, cipherkey, mac=self._gmacsizes[len(cipherkey)], - mackey=cipherkey, crid=crid) + mackey=cipherkey, crid=crid, + maclen=16) except EnvironmentError, e: # Can't test algorithms the driver does not support. if e.errno != errno.EOPNOTSUPP: @@ -260,11 +261,55 @@ def GenTestCase(cname): ### @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % str(cname)) def test_sha(self): - # SHA not available in software - pass - #for i in iglob('SHA1*'): - # self.runSHA(i) + for i in katg('shabytetestvectors', 'SHA*Msg.rsp'): + self.runSHA(i) + def runSHA(self, fname): + # Skip SHA512_(224|256) tests + if fname.find('SHA512_') != -1: + return + + for hashlength, lines in cryptodev.KATParser(fname, + [ 'Len', 'Msg', 'MD' ]): + # E.g., hashlength will be "L=20" (bytes) + hashlen = int(hashlength.split("=")[1]) + + if hashlen == 20: + alg = cryptodev.CRYPTO_SHA1 + elif hashlen == 28: + alg = cryptodev.CRYPTO_SHA2_224 + elif hashlen == 32: + alg = cryptodev.CRYPTO_SHA2_256 + elif hashlen == 48: + alg = cryptodev.CRYPTO_SHA2_384 + elif hashlen == 64: + alg = cryptodev.CRYPTO_SHA2_512 + else: + # Skip unsupported hashes + # Slurp remaining input in section + for data in lines: + continue + continue + + for data in lines: + msg = data['Msg'].deco
svn commit: r346616 - head/tests/sys/opencrypto
Author: jhb Date: Wed Apr 24 00:16:39 2019 New Revision: 346616 URL: https://svnweb.freebsd.org/changeset/base/346616 Log: Run the plain SHA digest tests from NIST. Pass in an explicit digest length to the Crypto constructor since it was assuming only sessions with a MAC key would have a MAC. Passing an explicit size allows us to test the full digest in HMAC tests as well. Reviewed by: cem MFC after:1 month Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D19884 Modified: head/tests/sys/opencrypto/cryptodev.py head/tests/sys/opencrypto/cryptotest.py Modified: head/tests/sys/opencrypto/cryptodev.py == --- head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:14:37 2019 (r346615) +++ head/tests/sys/opencrypto/cryptodev.py Wed Apr 24 00:16:39 2019 (r346616) @@ -151,8 +151,9 @@ class Crypto: return _findop(crid, '')[1] def __init__(self, cipher=0, key=None, mac=0, mackey=None, - crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE): + crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None): self._ses = None + self._maclen = maclen ses = SessionOp2() ses.cipher = cipher ses.mac = mac @@ -168,9 +169,6 @@ class Crypto: ses.mackeylen = len(mackey) mk = array.array('B', mackey) ses.mackey = mk.buffer_info()[0] - self._maclen = 16 # parameterize? - else: - self._maclen = None if not cipher and not mac: raise ValueError('one of cipher or mac MUST be specified.') Modified: head/tests/sys/opencrypto/cryptotest.py == --- head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:14:37 2019 (r346615) +++ head/tests/sys/opencrypto/cryptotest.py Wed Apr 24 00:16:39 2019 (r346616) @@ -114,7 +114,8 @@ def GenTestCase(cname): c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, cipherkey, mac=self._gmacsizes[len(cipherkey)], - mackey=cipherkey, crid=crid) + mackey=cipherkey, crid=crid, + maclen=16) except EnvironmentError, e: # Can't test algorithms the driver does not support. if e.errno != errno.EOPNOTSUPP: @@ -260,11 +261,55 @@ def GenTestCase(cname): ### @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % str(cname)) def test_sha(self): - # SHA not available in software - pass - #for i in iglob('SHA1*'): - # self.runSHA(i) + for i in katg('shabytetestvectors', 'SHA*Msg.rsp'): + self.runSHA(i) + def runSHA(self, fname): + # Skip SHA512_(224|256) tests + if fname.find('SHA512_') != -1: + return + + for hashlength, lines in cryptodev.KATParser(fname, + [ 'Len', 'Msg', 'MD' ]): + # E.g., hashlength will be "L=20" (bytes) + hashlen = int(hashlength.split("=")[1]) + + if hashlen == 20: + alg = cryptodev.CRYPTO_SHA1 + elif hashlen == 28: + alg = cryptodev.CRYPTO_SHA2_224 + elif hashlen == 32: + alg = cryptodev.CRYPTO_SHA2_256 + elif hashlen == 48: + alg = cryptodev.CRYPTO_SHA2_384 + elif hashlen == 64: + alg = cryptodev.CRYPTO_SHA2_512 + else: + # Skip unsupported hashes + # Slurp remaining input in section + for data in lines: + continue + continue + + for data in lines: + msg = data['Msg'].deco