PERFORCE change 1202596 for review
John-Mark Gurney
jmg at FreeBSD.org
Fri Nov 7 03:47:02 UTC 2014
http://p4web.freebsd.org/@@1202596?ac=10
Change 1202596 by jmg at jmg_carbon2 on 2014/11/07 03:46:03
I believe that this should get things working for tests...
Though when I run the tests, it doesn't run for some reason...
Not sure why...
Sponsored by: FreeBSD Foundation
Sponsored by: Netgate
Affected files ...
.. //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 edit
.. //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 edit
.. //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 edit
.. //depot/projects/opencrypto/tests/sys/opencrypto/runtests.sh#1 add
Differences ...
==== //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 (text+ko) ====
@@ -143,6 +143,8 @@
..
netinet
..
+ opencrypto
+ ..
..
usr.bin
apply
==== //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 (text+ko) ====
@@ -1,8 +1,43 @@
# $FreeBSD$
-TESTDIR= ${TESTSBASE}/sys/opencrypto
+.PATH: ${.CURDIR}/data
+
+TESTSDIR= ${TESTSBASE}/sys/opencrypto
BINDIR= ${TESTSDIR}
+PLAIN_TESTS_SH= runtests
+
TEST_METADATA.foo+=required_programs="python"
+PYMODULES= cryptodev.py cryptodevh.py cryptotest.py dpkt.py
+
+FILESDIR= ${TESTSDIR}
+FILES= ${PYMODULES}
+
+FILES+= CBCGFSbox128.rsp
+FILES+= CBCGFSbox192.rsp
+FILES+= CBCGFSbox256.rsp
+FILES+= CBCKeySbox128.rsp
+FILES+= CBCKeySbox192.rsp
+FILES+= CBCKeySbox256.rsp
+FILES+= CBCVarKey128.rsp
+FILES+= CBCVarKey192.rsp
+FILES+= CBCVarKey256.rsp
+FILES+= CBCVarTxt128.rsp
+FILES+= CBCVarTxt192.rsp
+FILES+= CBCVarTxt256.rsp
+FILES+= HMAC.rsp
+FILES+= TCBCinvperm.rsp
+FILES+= TCBCpermop.rsp
+FILES+= TCBCsubtab.rsp
+FILES+= TCBCvarkey.rsp
+FILES+= TCBCvartext.rsp
+FILES+= XTSGenAES128.rsp
+FILES+= XTSGenAES256.rsp
+FILES+= gcmDecrypt128.rsp
+FILES+= gcmDecrypt192.rsp
+FILES+= gcmDecrypt256.rsp
+FILES+= gcmEncryptExtIV128.rsp
+FILES+= gcmEncryptExtIV192.rsp
+FILES+= gcmEncryptExtIV256.rsp
.include <bsd.test.mk>
==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 (text+ko) ====
@@ -7,196 +7,223 @@
from cryptodev import *
from glob import iglob
-class CryptoXTSTestCase(unittest.TestCase):
- def test_xts(self):
- for i in iglob('data/XTS*.rsp'):
- self.runXTS(i, cryptodev.CRYPTO_AES_XTS)
+aesmodules = [ 'cryptosoft0', 'aesni0', ]
+desmodules = [ 'cryptosoft0', ]
+shamodules = [ 'cryptosoft0', ]
+
+def GenTestCase(cname):
+ try:
+ crid = cryptodev.Crypto.findcrid(cname)
+ except IOError:
+ return None
+
+ class GendCryptoTestCase(unittest.TestCase):
+ ###############
+ ##### AES #####
+ ###############
+ @unittest.skipIf(cname not in aesmodules, 'skipping AES on %s' % `cname`)
+ def test_xts(self):
+ for i in iglob('data/XTS*.rsp'):
+ self.runXTS(i, cryptodev.CRYPTO_AES_XTS)
+
+ def test_cbc(self):
+ for i in iglob('data/CBC[GKV]*.rsp'):
+ self.runCBC(i)
- def test_cbc(self):
- for i in iglob('data/CBC[GKV]*.rsp'):
- self.runCBC(i)
+ def test_gcm(self):
+ for i in iglob('data/gcmEncrypt*'):
+ self.runGCM(i, 'ENCRYPT')
- def test_tdes(self):
- for i in iglob('data/TCBC[a-z]*.rsp'):
- self.runTDES(i)
+ for i in iglob('data/gcmDecrypt*'):
+ self.runGCM(i, 'DECRYPT')
- def test_gcm(self):
- for i in iglob('data/gcmEncrypt*'):
- self.runGCM(i, 'ENCRYPT')
+ _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC,
+ 24: cryptodev.CRYPTO_AES_192_NIST_GMAC,
+ 16: cryptodev.CRYPTO_AES_128_NIST_GMAC,
+ }
+ def runGCM(self, fname, mode):
+ curfun = None
+ if mode == 'ENCRYPT':
+ swapptct = False
+ curfun = Crypto.encrypt
+ elif mode == 'DECRYPT':
+ swapptct = True
+ curfun = Crypto.decrypt
+ else:
+ raise RuntimeError('unknown mode: %s' % `mode`)
- for i in iglob('data/gcmDecrypt*'):
- self.runGCM(i, 'DECRYPT')
+ for bogusmode, lines in cryptodev.KATParser(fname,
+ [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]):
+ for data in lines:
+ curcnt = int(data['Count'])
+ cipherkey = data['Key'].decode('hex')
+ iv = data['IV'].decode('hex')
+ aad = data['AAD'].decode('hex')
+ tag = data['Tag'].decode('hex')
+ if 'FAIL' not in data:
+ pt = data['PT'].decode('hex')
+ ct = data['CT'].decode('hex')
- def test_sha(self):
- # SHA not available in software
- pass
- #for i in iglob('data/SHA1*'):
- # self.runSHA(i)
+ if len(iv) != 12:
+ # XXX - isn't supported
+ continue
- def test_sha1hmac(self):
- self.runSHA1HMAC('data/HMAC.rsp')
+ c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
+ cipherkey,
+ mac=self._gmacsizes[len(cipherkey)],
+ mackey=cipherkey, crid=crid)
- def runSHA1HMAC(self, fname):
- for bogusmode, lines in cryptodev.KATParser(fname,
- [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]):
- for data in lines:
- key = data['Key'].decode('hex')
- msg = data['Msg'].decode('hex')
- mac = data['Mac'].decode('hex')
+ if mode == 'ENCRYPT':
+ rct, rtag = c.encrypt(pt, iv, aad)
+ rtag = rtag[:len(tag)]
+ data['rct'] = rct.encode('hex')
+ data['rtag'] = rtag.encode('hex')
+ self.assertEqual(rct, ct, `data`)
+ self.assertEqual(rtag, tag, `data`)
+ else:
+ if len(tag) != 16:
+ continue
+ args = (ct, iv, aad, tag)
+ if 'FAIL' in data:
+ self.assertRaises(IOError,
+ c.decrypt, *args)
+ else:
+ rpt, rtag = c.decrypt(*args)
+ data['rpt'] = rpt.encode('hex')
+ data['rtag'] = rtag.encode('hex')
+ self.assertEqual(rpt, pt,
+ `data`)
- if len(key) != 20:
- # XXX - implementation bug
- continue
+ def runCBC(self, fname):
+ curfun = None
+ for mode, lines in cryptodev.KATParser(fname,
+ [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
+ if mode == 'ENCRYPT':
+ swapptct = False
+ curfun = Crypto.encrypt
+ elif mode == 'DECRYPT':
+ swapptct = True
+ curfun = Crypto.decrypt
+ else:
+ raise RuntimeError('unknown mode: %s' % `mode`)
- c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC,
- mackey=key)
+ for data in lines:
+ curcnt = int(data['COUNT'])
+ cipherkey = data['KEY'].decode('hex')
+ iv = data['IV'].decode('hex')
+ pt = data['PLAINTEXT'].decode('hex')
+ ct = data['CIPHERTEXT'].decode('hex')
- r = c.encrypt(msg)
- self.assertEqual(r, mac, `data`)
+ if swapptct:
+ pt, ct = ct, pt
+ # run the fun
+ c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid)
+ r = curfun(c, pt, iv)
+ self.assertEqual(r, ct)
- _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC,
- 24: cryptodev.CRYPTO_AES_192_NIST_GMAC,
- 16: cryptodev.CRYPTO_AES_128_NIST_GMAC,
- }
- def runGCM(self, fname, mode):
- curfun = None
- if mode == 'ENCRYPT':
- swapptct = False
- curfun = Crypto.encrypt
- elif mode == 'DECRYPT':
- swapptct = True
- curfun = Crypto.decrypt
- else:
- raise RuntimeError('unknown mode: %s' % `mode`)
+ def runXTS(self, fname, meth):
+ curfun = None
+ for mode, lines in cryptodev.KATParser(fname,
+ [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT',
+ 'CT' ]):
+ if mode == 'ENCRYPT':
+ swapptct = False
+ curfun = Crypto.encrypt
+ elif mode == 'DECRYPT':
+ swapptct = True
+ curfun = Crypto.decrypt
+ else:
+ raise RuntimeError('unknown mode: %s' % `mode`)
- for bogusmode, lines in cryptodev.KATParser(fname,
- [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]):
- for data in lines:
- curcnt = int(data['Count'])
- cipherkey = data['Key'].decode('hex')
- iv = data['IV'].decode('hex')
- aad = data['AAD'].decode('hex')
- tag = data['Tag'].decode('hex')
- if 'FAIL' not in data:
+ for data in lines:
+ curcnt = int(data['COUNT'])
+ nbits = int(data['DataUnitLen'])
+ cipherkey = data['Key'].decode('hex')
+ iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0)
pt = data['PT'].decode('hex')
- ct = data['CT'].decode('hex')
+ ct = data['CT'].decode('hex')
- if len(iv) != 12:
- # XXX - isn't supported
- continue
+ if nbits % 128 != 0:
+ # XXX - mark as skipped
+ continue
+ if swapptct:
+ pt, ct = ct, pt
+ # run the fun
+ c = Crypto(meth, cipherkey, crid=crid)
+ r = curfun(c, pt, iv)
+ self.assertEqual(r, ct)
- c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
- cipherkey,
- mac=self._gmacsizes[len(cipherkey)],
- mackey=cipherkey)
+ ###############
+ ##### DES #####
+ ###############
+ @unittest.skipIf(cname not in desmodules, 'skipping DES on %s' % `cname`)
+ def test_tdes(self):
+ for i in iglob('data/TCBC[a-z]*.rsp'):
+ self.runTDES(i)
+ def runTDES(self, fname):
+ curfun = None
+ for mode, lines in cryptodev.KATParser(fname,
+ [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
if mode == 'ENCRYPT':
- rct, rtag = c.encrypt(pt, iv, aad)
- rtag = rtag[:len(tag)]
- data['rct'] = rct.encode('hex')
- data['rtag'] = rtag.encode('hex')
- self.assertEqual(rct, ct, `data`)
- self.assertEqual(rtag, tag, `data`)
+ swapptct = False
+ curfun = Crypto.encrypt
+ elif mode == 'DECRYPT':
+ swapptct = True
+ curfun = Crypto.decrypt
else:
- if len(tag) != 16:
- continue
- args = (ct, iv, aad, tag)
- if 'FAIL' in data:
- self.assertRaises(IOError,
- c.decrypt, *args)
- else:
- rpt, rtag = c.decrypt(*args)
- data['rpt'] = rpt.encode('hex')
- data['rtag'] = rtag.encode('hex')
- self.assertEqual(rpt, pt,
- `data`)
+ raise RuntimeError('unknown mode: %s' % `mode`)
+
+ for data in lines:
+ curcnt = int(data['COUNT'])
+ key = data['KEYs'] * 3
+ cipherkey = key.decode('hex')
+ iv = data['IV'].decode('hex')
+ pt = data['PLAINTEXT'].decode('hex')
+ ct = data['CIPHERTEXT'].decode('hex')
- def runTDES(self, fname):
- curfun = None
- for mode, lines in cryptodev.KATParser(fname,
- [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
- if mode == 'ENCRYPT':
- swapptct = False
- curfun = Crypto.encrypt
- elif mode == 'DECRYPT':
- swapptct = True
- curfun = Crypto.decrypt
- else:
- raise RuntimeError('unknown mode: %s' % `mode`)
+ if swapptct:
+ pt, ct = ct, pt
+ # run the fun
+ c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey, crid=crid)
+ r = curfun(c, pt, iv)
+ self.assertEqual(r, ct)
- for data in lines:
- curcnt = int(data['COUNT'])
- key = data['KEYs'] * 3
- cipherkey = key.decode('hex')
- iv = data['IV'].decode('hex')
- pt = data['PLAINTEXT'].decode('hex')
- ct = data['CIPHERTEXT'].decode('hex')
+ ###############
+ ##### SHA #####
+ ###############
+ @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % `cname`)
+ def test_sha(self):
+ # SHA not available in software
+ pass
+ #for i in iglob('data/SHA1*'):
+ # self.runSHA(i)
- if swapptct:
- pt, ct = ct, pt
- # run the fun
- c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey)
- r = curfun(c, pt, iv)
- self.assertEqual(r, ct)
+ def test_sha1hmac(self):
+ self.runSHA1HMAC('data/HMAC.rsp')
- def runCBC(self, fname):
- curfun = None
- for mode, lines in cryptodev.KATParser(fname,
- [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
- if mode == 'ENCRYPT':
- swapptct = False
- curfun = Crypto.encrypt
- elif mode == 'DECRYPT':
- swapptct = True
- curfun = Crypto.decrypt
- else:
- raise RuntimeError('unknown mode: %s' % `mode`)
+ def runSHA1HMAC(self, fname):
+ for bogusmode, lines in cryptodev.KATParser(fname,
+ [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]):
+ for data in lines:
+ key = data['Key'].decode('hex')
+ msg = data['Msg'].decode('hex')
+ mac = data['Mac'].decode('hex')
- for data in lines:
- curcnt = int(data['COUNT'])
- cipherkey = data['KEY'].decode('hex')
- iv = data['IV'].decode('hex')
- pt = data['PLAINTEXT'].decode('hex')
- ct = data['CIPHERTEXT'].decode('hex')
+ if len(key) != 20:
+ # XXX - implementation bug
+ continue
- if swapptct:
- pt, ct = ct, pt
- # run the fun
- c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey)
- r = curfun(c, pt, iv)
- self.assertEqual(r, ct)
+ c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC,
+ mackey=key, crid=crid)
- def runXTS(self, fname, meth):
- curfun = None
- for mode, lines in cryptodev.KATParser(fname,
- [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT',
- 'CT' ]):
- if mode == 'ENCRYPT':
- swapptct = False
- curfun = Crypto.encrypt
- elif mode == 'DECRYPT':
- swapptct = True
- curfun = Crypto.decrypt
- else:
- raise RuntimeError('unknown mode: %s' % `mode`)
+ r = c.encrypt(msg)
+ self.assertEqual(r, mac, `data`)
- for data in lines:
- curcnt = int(data['COUNT'])
- nbits = int(data['DataUnitLen'])
- cipherkey = data['Key'].decode('hex')
- iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0)
- pt = data['PT'].decode('hex')
- ct = data['CT'].decode('hex')
+ return GendCryptoTestCase
- if nbits % 128 != 0:
- # XXX - mark as skipped
- continue
- if swapptct:
- pt, ct = ct, pt
- # run the fun
- c = Crypto(meth, cipherkey)
- r = curfun(c, pt, iv)
- self.assertEqual(r, ct)
+cryptosoft = GenTestCase('cryptosoft0')
+aesni = GenTestCase('aesni0')
if __name__ == '__main__':
unittest.main()
More information about the p4-projects
mailing list