Module Name: src Committed By: knakahara Date: Fri Jun 9 06:09:02 UTC 2017
Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/tests/crypto/opencrypto: Makefile t_opencrypto.sh Added Files: src/tests/crypto/opencrypto: h_ioctl.c Log Message: add tests of ioctl for /dev/crypto To generate a diff of this commit: cvs rdiff -u -r1.217 -r1.218 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.752 -r1.753 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.3 -r1.4 src/tests/crypto/opencrypto/Makefile cvs rdiff -u -r0 -r1.1 src/tests/crypto/opencrypto/h_ioctl.c cvs rdiff -u -r1.7 -r1.8 src/tests/crypto/opencrypto/t_opencrypto.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.217 src/distrib/sets/lists/debug/mi:1.218 --- src/distrib/sets/lists/debug/mi:1.217 Mon Jun 5 23:44:08 2017 +++ src/distrib/sets/lists/debug/mi Fri Jun 9 06:09:01 2017 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.217 2017/06/05 23:44:08 christos Exp $ +# $NetBSD: mi,v 1.218 2017/06/09 06:09:01 knakahara Exp $ ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir ./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile @@ -1599,6 +1599,7 @@ ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_comp_zlib.debug tests-crypto-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_comp_zlib_rnd.debug tests-crypto-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_gcm.debug tests-crypto-debug debug,atf,compattestfile +./usr/libdata/debug/usr/tests/crypto/opencrypto/h_ioctl.debug tests-crypto-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_md5.debug tests-crypto-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_md5hmac.debug tests-crypto-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/crypto/opencrypto/h_null.debug tests-crypto-debug debug,atf,compattestfile Index: src/distrib/sets/lists/tests/mi diff -u src/distrib/sets/lists/tests/mi:1.752 src/distrib/sets/lists/tests/mi:1.753 --- src/distrib/sets/lists/tests/mi:1.752 Thu Jun 1 15:45:02 2017 +++ src/distrib/sets/lists/tests/mi Fri Jun 9 06:09:01 2017 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.752 2017/06/01 15:45:02 perseant Exp $ +# $NetBSD: mi,v 1.753 2017/06/09 06:09:01 knakahara Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -1354,6 +1354,7 @@ ./usr/tests/crypto/opencrypto/h_comp_zlib tests-crypto-tests compattestfile,atf ./usr/tests/crypto/opencrypto/h_comp_zlib_rnd tests-crypto-tests compattestfile,atf ./usr/tests/crypto/opencrypto/h_gcm tests-crypto-tests compattestfile,atf +./usr/tests/crypto/opencrypto/h_ioctl tests-crypto-tests compattestfile,atf ./usr/tests/crypto/opencrypto/h_md5 tests-crypto-tests compattestfile,atf ./usr/tests/crypto/opencrypto/h_md5hmac tests-crypto-tests compattestfile,atf ./usr/tests/crypto/opencrypto/h_null tests-crypto-tests compattestfile,atf Index: src/tests/crypto/opencrypto/Makefile diff -u src/tests/crypto/opencrypto/Makefile:1.3 src/tests/crypto/opencrypto/Makefile:1.4 --- src/tests/crypto/opencrypto/Makefile:1.3 Mon Apr 17 03:59:37 2017 +++ src/tests/crypto/opencrypto/Makefile Fri Jun 9 06:09:02 2017 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.3 2017/04/17 03:59:37 knakahara Exp $ +# $NetBSD: Makefile,v 1.4 2017/06/09 06:09:02 knakahara Exp $ .include <bsd.own.mk> @@ -25,9 +25,9 @@ PROGS+= h_md5hmac PROGS+= h_null PROGS+= h_sha1hmac PROGS+= h_xcbcmac +PROGS+= h_ioctl LDADD.h_comp_zlib+= -lz LDADD.h_comp_zlib_rnd+= -lz .include <bsd.test.mk> - Index: src/tests/crypto/opencrypto/t_opencrypto.sh diff -u src/tests/crypto/opencrypto/t_opencrypto.sh:1.7 src/tests/crypto/opencrypto/t_opencrypto.sh:1.8 --- src/tests/crypto/opencrypto/t_opencrypto.sh:1.7 Mon Apr 17 03:59:37 2017 +++ src/tests/crypto/opencrypto/t_opencrypto.sh Fri Jun 9 06:09:02 2017 @@ -1,4 +1,4 @@ -# $NetBSD: t_opencrypto.sh,v 1.7 2017/04/17 03:59:37 knakahara Exp $ +# $NetBSD: t_opencrypto.sh,v 1.8 2017/06/09 06:09:02 knakahara Exp $ # # Copyright (c) 2014 The NetBSD Foundation, Inc. # All rights reserved. @@ -282,6 +282,19 @@ xcbcmac_cleanup() { common_cleanup } +atf_test_case ioctl cleanup +ioctl_head() { + common_head "Test ioctl for /dev/crypto" +} + +ioctl_body() { + common_body h_ioctl +} + +ioctl_cleanup() { + common_cleanup +} + atf_init_test_cases() { RUMP_SERVER="unix://t_opencrypto_socket" ; export RUMP_SERVER @@ -301,4 +314,5 @@ atf_init_test_cases() { atf_add_test_case null atf_add_test_case sha1_hmac atf_add_test_case xcbcmac + atf_add_test_case ioctl } Added files: Index: src/tests/crypto/opencrypto/h_ioctl.c diff -u /dev/null src/tests/crypto/opencrypto/h_ioctl.c:1.1 --- /dev/null Fri Jun 9 06:09:02 2017 +++ src/tests/crypto/opencrypto/h_ioctl.c Fri Jun 9 06:09:02 2017 @@ -0,0 +1,403 @@ +/* $NetBSD: h_ioctl.c,v 1.1 2017/06/09 06:09:02 knakahara Exp $ */ + +/*- + * Copyright (c) 2017 Internet Initiative Japan Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/errno.h> +#include <sys/ioctl.h> +#include <sys/sysctl.h> + +#include <crypto/cryptodev.h> + +/* copy from h_aescbc.c */ +#define AES_KEY_LEN 16 +unsigned char aes_key[AES_KEY_LEN] = +{ 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b, + 0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06, }; + +#define AES_IV_LEN 16 +unsigned char aes_iv[AES_IV_LEN] = +{ 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30, + 0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41, }; + +#define AES_PLAINTX_LEN 64 +unsigned char aes_plaintx[AES_PLAINTX_LEN] = "Single block msg"; + +#define AES_CIPHER_LEN 64 +unsigned char aes_cipher[AES_CIPHER_LEN] = +{ 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8, + 0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a, }; + +/* + * CRIOGET is deprecated. + */ + +/* + * CIOCNGSESSION + * Hmm, who uses? (1) + */ +static int +test_ngsession(int fd) +{ + int ret; + int cs_count = 2; + struct crypt_sgop sg; + struct session_n_op css[cs_count]; + + for (int i = 0; i < cs_count; i++) { + struct session_n_op *cs = &css[i]; + + memset(cs, 0, sizeof(*cs)); + cs->cipher = CRYPTO_AES_CBC; + cs->keylen = AES_KEY_LEN; + cs->key = __UNCONST(&aes_key); + } + memset(&sg, 0, sizeof(sg)); + sg.count = cs_count; + sg.sessions = css; + + ret = ioctl(fd, CIOCNGSESSION, &sg); + if (ret < 0) + fprintf(stderr, "failed: CIOCNGSESSION\n"); + + return ret; +} + +/* + * CIOCNFSESSION + * Hmm, who uses? (2) + */ +static int +test_nfsession(int fd) +{ + int ret; + int sid_count = 2; + struct crypt_sfop sf; + u_int32_t sids[sid_count]; + + memset(sids, 0, sizeof(sids)); + memset(&sf, 0, sizeof(sf)); + sf.count = sid_count; + sf.sesid = sids; + + ret = ioctl(fd, CIOCNFSESSION, &sf); + if (ret < 0) + fprintf(stderr, "failed: CIOCNFSESSION\n"); + + return ret; +} + +/* + * CIOCNCRYPTM + * Hmm, who uses? (3) + */ +static int +test_ncryptm(int fd) +{ + int ret; + int cs_count = 2; + struct crypt_mop mop; + struct crypt_n_op css[cs_count]; + + for (int i = 0; i < cs_count; i++) { + struct crypt_n_op *cs; + cs = &css[i]; + + memset(cs, 0, sizeof(*cs)); + cs->ses = 0; /* session id */ + cs->op = COP_ENCRYPT; + /* XXX */ + } + + memset(&mop, 0, sizeof(mop)); + mop.count = cs_count; + mop.reqs = css; + + ret = ioctl(fd, CIOCNCRYPTM, &mop); + if (ret < 0) + fprintf(stderr, "failed: CIOCNCRYPTM\n"); + + return ret; +} + +/* + * CIOCNCRYPTRETM + * Hmm, who uses? (4) + */ +static int +test_ncryptretm(int fd) +{ + int ret; + int req_count = 2; + struct session_op cs; + + struct crypt_mop mop; + struct crypt_n_op cnos[req_count]; + unsigned char cno_dst[req_count][AES_CIPHER_LEN]; + + struct cryptret cret; + struct crypt_result crs[req_count]; + + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_AES_CBC; + cs.keylen = AES_KEY_LEN; + cs.key = __UNCONST(&aes_key); + ret = ioctl(fd, CIOCGSESSION, &cs); + if (ret < 0) { + fprintf(stderr, "failed: CIOCGSESSION\n"); + return ret; + } + + for (int i = 0; i < req_count; i++) { + struct crypt_n_op *cno = &cnos[i]; + + memset(cno, 0, sizeof(*cno)); + cno->ses = cs.ses; + cno->op = COP_ENCRYPT; + cno->len = AES_PLAINTX_LEN; + cno->src = aes_plaintx; + cno->dst_len = AES_CIPHER_LEN; + cno->dst = cno_dst[i]; + } + + memset(&mop, 0, sizeof(mop)); + mop.count = req_count; + mop.reqs = cnos; + ret = ioctl(fd, CIOCNCRYPTM, &mop); + if (ret < 0) + fprintf(stderr, "failed: CIOCNCRYPTM\n"); + + for (int i = 0; i < req_count; i++) { + struct crypt_result *cr = &crs[i]; + + memset(cr, 0, sizeof(*cr)); + cr->reqid = cnos[i].reqid; + } + + memset(&cret, 0, sizeof(cret)); + cret.count = req_count; + cret.results = crs; + ret = ioctl(fd, CIOCNCRYPTRETM, &cret); + if (ret < 0) + fprintf(stderr, "failed: CIOCNCRYPTRETM\n"); + + return ret; +} + +/* + * CIOCNCRYPTRET + * Hmm, who uses? (5) + */ +/* test when it does not request yet. */ +static int +test_ncryptret_noent(int fd) +{ + int ret; + struct crypt_result cr; + + memset(&cr, 0, sizeof(cr)); + + ret = ioctl(fd, CIOCNCRYPTRET, &cr); + if (ret == 0) { + fprintf(stderr, + "failed: CIOCNCRYPTRET unexpected success when no entry\n"); + ret = -1; + } else if (errno == EINPROGRESS) { + /* expected fail */ + ret = 0; + } + + return ret; +} + +static int +test_ncryptret_ent(int fd) +{ + int ret; + struct session_op cs; + + struct crypt_mop mop; + struct crypt_n_op cno; + unsigned char cno_dst[AES_CIPHER_LEN]; + + struct crypt_result cr; + + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_AES_CBC; + cs.keylen = AES_KEY_LEN; + cs.key = __UNCONST(&aes_key); + ret = ioctl(fd, CIOCGSESSION, &cs); + if (ret < 0) { + fprintf(stderr, "failed: CIOCGSESSION\n"); + return ret; + } + + memset(&cno, 0, sizeof(cno)); + cno.ses = cs.ses; + cno.op = COP_ENCRYPT; + cno.len = AES_PLAINTX_LEN; + cno.src = aes_plaintx; + cno.dst_len = AES_CIPHER_LEN; + cno.dst = cno_dst; + + memset(&mop, 0, sizeof(mop)); + mop.count = 1; + mop.reqs = &cno; + ret = ioctl(fd, CIOCNCRYPTM, &mop); + if (ret < 0) + fprintf(stderr, "failed: CIOCNCRYPTM\n"); + + memset(&cr, 0, sizeof(cr)); + cr.reqid = cno.reqid; + + ret = ioctl(fd, CIOCNCRYPTRET, &cr); + if (ret < 0) + fprintf(stderr, "failed: CIOCNCRYPTRET\n"); + + return ret; +} + +static int +test_ncryptret(int fd) +{ + int ret; + + ret = test_ncryptret_noent(fd); + if (ret < 0) + return ret; + + ret = test_ncryptret_ent(fd); + if (ret < 0) + return ret; + + return ret; +} + +/* + * CIOCASYMFEAT + */ +static int +set_userasymcrypto(int new, int *old) +{ + int ret; + + ret = sysctlbyname("kern.userasymcrypto", NULL, NULL, &new, sizeof(new)); + if (ret < 0) { + fprintf(stderr, "failed: kern.userasymcrypto=%d", new); + return ret; + } + + if (old != NULL) + *old = new; + + return ret; +} + +static int +test_asymfeat_each(int fd, u_int32_t *asymfeat, int userasym) +{ + int ret; + + ret = ioctl(fd, CIOCASYMFEAT, asymfeat); + if (ret < 0) + fprintf(stderr, "failed: CIOCASYMFEAT when userasym=%d\n", userasym); + + return ret; +} + +static int +test_asymfeat(int fd) +{ + int ret, new, orig; + u_int32_t asymfeat = 0; + + /* test for kern.userasymcrypto=1 */ + new = 1; + ret = set_userasymcrypto(new, &orig); + if (ret < 0) + return ret; + ret = test_asymfeat_each(fd, &asymfeat, new); + if (ret < 0) + return ret; + + /* test for kern.userasymcrypto=0 */ + new = 0; + ret = set_userasymcrypto(new, NULL); + if (ret < 0) + return ret; + ret = test_asymfeat_each(fd, &asymfeat, new); + if (ret < 0) + return ret; + + /* cleanup */ + ret = set_userasymcrypto(orig, NULL); + if (ret < 0) + fprintf(stderr, "failed: cleanup kern.userasymcrypto\n"); + + return ret; +} + +int +main(void) +{ + int fd, ret; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + + ret = test_ngsession(fd); + if (ret < 0) + err(1, "test_ngsession"); + + ret = test_nfsession(fd); + if (ret < 0) + err(1, "test_ngsession"); + + ret = test_ncryptm(fd); + if (ret < 0) + err(1, "test_ncryptm"); + + test_ncryptretm(fd); + if (ret < 0) + err(1, "test_ncryptretm"); + + ret = test_ncryptret(fd); + if (ret < 0) + err(1, "test_ncryptret"); + + ret = test_asymfeat(fd); + if (ret < 0) + err(1, "test_asymfeat"); + + return 0; +}