1 /*
2 * This file and its contents are supplied under the terms of the
3 * Common Development and Distribution License ("CDDL"), version 1.0.
4 * You may only use this file in accordance with the terms of version
5 * 1.0 of the CDDL.
6 *
7 * A full copy of the text of the CDDL should have accompanied this
8 * source. A copy of the CDDL is also available via the Internet at
9 * http://www.illumos.org/license/CDDL.
10 */
11
12 /*
13 * Copyright 2021 Tintri by DDN, Inc. All rights reserved.
14 */
15
16 #include <sys/types.h>
17 #include <smbsrv/smb_kcrypt.h>
18 #include <security/cryptoki.h>
19 #include <security/pkcs11.h>
20
21 #include <stdio.h>
22 #include <stdlib.h>
23 #include <string.h>
24 #include <strings.h>
25 #include <unistd.h>
26
27 #include "test_data.h"
28 #include "utils.h"
29
30 /*
31 * Test program for the interfaces used in
32 * smb3_decrypt_command()
33 */
34 int
do_decrypt(char * outbuf,size_t * outlen,const uint8_t * inbuf,size_t inlen,int mid)35 do_decrypt(char *outbuf, size_t *outlen,
36 const uint8_t *inbuf, size_t inlen, int mid)
37 {
38 smb_enc_ctx_t ctx;
39 uio_t uio_in;
40 uio_t uio_out;
41 iovec_t iov_in[4];
42 iovec_t iov_out[4];
43 int rc;
44
45 bzero(&ctx, sizeof (ctx));
46 ctx.mech.mechanism = mid; // CKM_AES_CCM or CKM_AES_GCM
47
48 switch (mid) {
49
50 case CKM_AES_CCM:
51 smb3_crypto_init_ccm_param(&ctx,
52 (uint8_t *)nonce, 11,
53 (uint8_t *)authdata, 16,
54 inlen);
55 break;
56
57 case CKM_AES_GCM:
58 smb3_crypto_init_gcm_param(&ctx,
59 (uint8_t *)nonce, 12,
60 (uint8_t *)authdata, 16);
61 break;
62
63 default:
64 return (1);
65 }
66
67 rc = smb3_decrypt_init(&ctx,
68 (uint8_t *)keydata, 16);
69 if (rc != 0)
70 return (rc);
71
72 make_uio((void *)inbuf, inlen, &uio_in, iov_in, 4);
73 make_uio(outbuf, *outlen, &uio_out, iov_out, 4);
74 *outlen = uio_out.uio_resid;
75
76 rc = smb3_decrypt_uio(&ctx, &uio_in, &uio_out);
77 *outlen -= uio_out.uio_resid;
78
79 smb3_enc_ctx_done(&ctx);
80
81 return (rc);
82 }
83
84 char outbuf[CLEAR_DATA_LEN];
85
86 void
test_decrypt(const uint8_t * cipher,int mid)87 test_decrypt(const uint8_t *cipher, int mid)
88 {
89 size_t outlen;
90 int rc;
91
92 outlen = sizeof (outbuf);
93 rc = do_decrypt(outbuf, &outlen,
94 cipher, CIPHER_DATA_LEN, mid);
95 if (rc != 0) {
96 printf("FAIL: decrypt rc= %d\n");
97 return;
98 }
99
100 if (outlen != CLEAR_DATA_LEN) {
101 printf("FAIL: out len = %d (want %d)\n",
102 outlen, CLEAR_DATA_LEN);
103 return;
104 }
105
106 if (memcmp(outbuf, clear_data_ref, CLEAR_DATA_LEN) != 0) {
107 printf("FAIL: ciphertext:\n");
108 hexdump((uchar_t *)outbuf, CLEAR_DATA_LEN);
109 return;
110 }
111
112 printf("PASS mid=0x%x\n", mid);
113 }
114
115 int
main(int argc,char * argv[])116 main(int argc, char *argv[])
117 {
118
119 test_decrypt(cipher_data_ccm, CKM_AES_CCM);
120 test_decrypt(cipher_data_gcm, CKM_AES_GCM);
121
122 return (0);
123 }
124