xref: /freebsd/tests/sys/opencrypto/blake2_test.c (revision b3e7694832e81d7a904a10f525f8797b753bf0d3) 
10e33efe4SConrad Meyer /*-
20e33efe4SConrad Meyer  * Copyright (c) 2018 Conrad Meyer <cem@FreeBSD.org>
30e33efe4SConrad Meyer  * All rights reserved.
40e33efe4SConrad Meyer  *
50e33efe4SConrad Meyer  * Redistribution and use in source and binary forms, with or without
60e33efe4SConrad Meyer  * modification, are permitted provided that the following conditions
70e33efe4SConrad Meyer  * are met:
80e33efe4SConrad Meyer  * 1. Redistributions of source code must retain the above copyright
90e33efe4SConrad Meyer  *    notice, this list of conditions and the following disclaimer.
100e33efe4SConrad Meyer  * 2. Redistributions in binary form must reproduce the above copyright
110e33efe4SConrad Meyer  *    notice, this list of conditions and the following disclaimer in the
120e33efe4SConrad Meyer  *    documentation and/or other materials provided with the distribution.
130e33efe4SConrad Meyer  *
140e33efe4SConrad Meyer  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
150e33efe4SConrad Meyer  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
160e33efe4SConrad Meyer  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
170e33efe4SConrad Meyer  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
180e33efe4SConrad Meyer  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
190e33efe4SConrad Meyer  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
200e33efe4SConrad Meyer  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
210e33efe4SConrad Meyer  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
220e33efe4SConrad Meyer  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
230e33efe4SConrad Meyer  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
240e33efe4SConrad Meyer  * SUCH DAMAGE.
250e33efe4SConrad Meyer  */
260e33efe4SConrad Meyer 
270e33efe4SConrad Meyer /*
280e33efe4SConrad Meyer  * Derived from blake2b-test.c and blake2s-test.c:
290e33efe4SConrad Meyer  *
300e33efe4SConrad Meyer  * BLAKE2 reference source code package - optimized C implementations
310e33efe4SConrad Meyer  *
320e33efe4SConrad Meyer  * Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
330e33efe4SConrad Meyer  *
340e33efe4SConrad Meyer  * To the extent possible under law, the author(s) have dedicated all copyright
350e33efe4SConrad Meyer  * and related and neighboring rights to this software to the public domain
360e33efe4SConrad Meyer  * worldwide. This software is distributed without any warranty.
370e33efe4SConrad Meyer  *
380e33efe4SConrad Meyer  * You should have received a copy of the CC0 Public Domain Dedication along with
390e33efe4SConrad Meyer  * this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
400e33efe4SConrad Meyer  */
410e33efe4SConrad Meyer 
420e33efe4SConrad Meyer #include <sys/param.h>
430e33efe4SConrad Meyer 
440e33efe4SConrad Meyer #include <errno.h>
450e33efe4SConrad Meyer #include <fcntl.h>
460e33efe4SConrad Meyer #include <string.h>
470e33efe4SConrad Meyer 
480e33efe4SConrad Meyer #include <atf-c.h>
490e33efe4SConrad Meyer 
500e33efe4SConrad Meyer /* Be sure to include tree copy rather than system copy. */
510e33efe4SConrad Meyer #include "cryptodev.h"
520e33efe4SConrad Meyer 
530e33efe4SConrad Meyer #include "freebsd_test_suite/macros.h"
540e33efe4SConrad Meyer 
550e33efe4SConrad Meyer #include <blake2.h>
560e33efe4SConrad Meyer #include "blake2-kat.h"
570e33efe4SConrad Meyer 
580e33efe4SConrad Meyer static uint8_t key2b[BLAKE2B_KEYBYTES];
590e33efe4SConrad Meyer static uint8_t key2s[BLAKE2S_KEYBYTES];
600e33efe4SConrad Meyer static uint8_t katbuf[KAT_LENGTH];
610e33efe4SConrad Meyer 
620e33efe4SConrad Meyer static void
initialize_constant_buffers(void)630e33efe4SConrad Meyer initialize_constant_buffers(void)
640e33efe4SConrad Meyer {
650e33efe4SConrad Meyer 	size_t i;
660e33efe4SConrad Meyer 
670e33efe4SConrad Meyer 	for (i = 0; i < sizeof(key2b); i++)
680e33efe4SConrad Meyer 		key2b[i] = (uint8_t)i;
690e33efe4SConrad Meyer 	for (i = 0; i < sizeof(key2s); i++)
700e33efe4SConrad Meyer 		key2s[i] = (uint8_t)i;
710e33efe4SConrad Meyer 	for (i = 0; i < sizeof(katbuf); i++)
720e33efe4SConrad Meyer 		katbuf[i] = (uint8_t)i;
730e33efe4SConrad Meyer }
740e33efe4SConrad Meyer 
750e33efe4SConrad Meyer static int
lookup_crid(int fd,const char * devname)76871eec00SJohn Baldwin lookup_crid(int fd, const char *devname)
77871eec00SJohn Baldwin {
78871eec00SJohn Baldwin 	struct crypt_find_op find;
79871eec00SJohn Baldwin 
80871eec00SJohn Baldwin 	find.crid = -1;
81871eec00SJohn Baldwin 	strlcpy(find.name, devname, sizeof(find.name));
82871eec00SJohn Baldwin 	ATF_REQUIRE(ioctl(fd, CIOCFINDDEV, &find) != -1);
83871eec00SJohn Baldwin 	return (find.crid);
84871eec00SJohn Baldwin }
85871eec00SJohn Baldwin 
86871eec00SJohn Baldwin static int
get_handle_fd(void)870e33efe4SConrad Meyer get_handle_fd(void)
880e33efe4SConrad Meyer {
89*a4a23d21SJohn Baldwin 	int fd;
900e33efe4SConrad Meyer 
91*a4a23d21SJohn Baldwin 	fd = open("/dev/crypto", O_RDWR);
92*a4a23d21SJohn Baldwin 	ATF_REQUIRE(fd >= 0);
930e33efe4SConrad Meyer 	return (fd);
940e33efe4SConrad Meyer }
950e33efe4SConrad Meyer 
960e33efe4SConrad Meyer static int
create_session(int fd,int alg,int crid,const void * key,size_t klen)970e33efe4SConrad Meyer create_session(int fd, int alg, int crid, const void *key, size_t klen)
980e33efe4SConrad Meyer {
990e33efe4SConrad Meyer 	struct session2_op sop;
1000e33efe4SConrad Meyer 
1010e33efe4SConrad Meyer 	memset(&sop, 0, sizeof(sop));
1020e33efe4SConrad Meyer 
1030e33efe4SConrad Meyer 	sop.mac = alg;
1040e33efe4SConrad Meyer 	sop.mackey = key;
1050e33efe4SConrad Meyer 	sop.mackeylen = klen;
1060e33efe4SConrad Meyer 	sop.crid = crid;
1070e33efe4SConrad Meyer 
1080e33efe4SConrad Meyer 	ATF_REQUIRE_MSG(ioctl(fd, CIOCGSESSION2, &sop) >= 0,
1090e33efe4SConrad Meyer 	    "alg %d keylen %zu, errno=%d (%s)", alg, klen, errno,
1100e33efe4SConrad Meyer 	    strerror(errno));
1110e33efe4SConrad Meyer 	return (sop.ses);
1120e33efe4SConrad Meyer }
1130e33efe4SConrad Meyer 
1140e33efe4SConrad Meyer static void
do_cryptop(int fd,int ses,size_t inlen,void * out)1150e33efe4SConrad Meyer do_cryptop(int fd, int ses, size_t inlen, void *out)
1160e33efe4SConrad Meyer {
1170e33efe4SConrad Meyer 	struct crypt_op cop;
1180e33efe4SConrad Meyer 
1190e33efe4SConrad Meyer 	memset(&cop, 0, sizeof(cop));
1200e33efe4SConrad Meyer 
1210e33efe4SConrad Meyer 	cop.ses = ses;
1220e33efe4SConrad Meyer 	cop.len = inlen;
1230e33efe4SConrad Meyer 	cop.src = katbuf;
1240e33efe4SConrad Meyer 	cop.mac = out;
1250e33efe4SConrad Meyer 	ATF_CHECK_MSG(ioctl(fd, CIOCCRYPT, &cop) >= 0, "ioctl(CIOCCRYPT)");
1260e33efe4SConrad Meyer }
1270e33efe4SConrad Meyer 
1280e33efe4SConrad Meyer static void
test_blake2b_vectors(const char * devname,const char * modname)129871eec00SJohn Baldwin test_blake2b_vectors(const char *devname, const char *modname)
1300e33efe4SConrad Meyer {
1310e33efe4SConrad Meyer 	uint8_t hash[BLAKE2B_OUTBYTES];
132871eec00SJohn Baldwin 	int crid, fd, ses;
1330e33efe4SConrad Meyer 	size_t i;
1340e33efe4SConrad Meyer 
1350e33efe4SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE(modname);
1360e33efe4SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE("cryptodev");
1370e33efe4SConrad Meyer 
1380e33efe4SConrad Meyer 	initialize_constant_buffers();
1390e33efe4SConrad Meyer 	fd = get_handle_fd();
140871eec00SJohn Baldwin 	crid = lookup_crid(fd, devname);
1410e33efe4SConrad Meyer 	ses = create_session(fd, CRYPTO_BLAKE2B, crid, key2b, sizeof(key2b));
1420e33efe4SConrad Meyer 
1430e33efe4SConrad Meyer 	for (i = 0; i < sizeof(katbuf); i++) {
1440e33efe4SConrad Meyer 		do_cryptop(fd, ses, i, hash);
1450e33efe4SConrad Meyer 		ATF_CHECK_EQ_MSG(
1460e33efe4SConrad Meyer 		    memcmp(hash, blake2b_keyed_kat[i], sizeof(hash)),
1470e33efe4SConrad Meyer 		    0,
1480e33efe4SConrad Meyer 		    "different at %zu", i);
1490e33efe4SConrad Meyer 	}
1500e33efe4SConrad Meyer }
1510e33efe4SConrad Meyer 
1520e33efe4SConrad Meyer static void
test_blake2s_vectors(const char * devname,const char * modname)153871eec00SJohn Baldwin test_blake2s_vectors(const char *devname, const char *modname)
1540e33efe4SConrad Meyer {
1550e33efe4SConrad Meyer 	uint8_t hash[BLAKE2S_OUTBYTES];
156871eec00SJohn Baldwin 	int crid, fd, ses;
1570e33efe4SConrad Meyer 	size_t i;
1580e33efe4SConrad Meyer 
1590e33efe4SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE(modname);
1600e33efe4SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE("cryptodev");
1610e33efe4SConrad Meyer 
1620e33efe4SConrad Meyer 	initialize_constant_buffers();
1630e33efe4SConrad Meyer 	fd = get_handle_fd();
164871eec00SJohn Baldwin 	crid = lookup_crid(fd, devname);
1650e33efe4SConrad Meyer 	ses = create_session(fd, CRYPTO_BLAKE2S, crid, key2s, sizeof(key2s));
1660e33efe4SConrad Meyer 
1670e33efe4SConrad Meyer 	for (i = 0; i < sizeof(katbuf); i++) {
1680e33efe4SConrad Meyer 		do_cryptop(fd, ses, i, hash);
1690e33efe4SConrad Meyer 		ATF_CHECK_EQ_MSG(
1700e33efe4SConrad Meyer 		    memcmp(hash, blake2s_keyed_kat[i], sizeof(hash)),
1710e33efe4SConrad Meyer 		    0,
1720e33efe4SConrad Meyer 		    "different at %zu", i);
1730e33efe4SConrad Meyer 	}
1740e33efe4SConrad Meyer }
1750e33efe4SConrad Meyer 
1760e33efe4SConrad Meyer ATF_TC_WITHOUT_HEAD(blake2b_vectors);
ATF_TC_BODY(blake2b_vectors,tc)1770e33efe4SConrad Meyer ATF_TC_BODY(blake2b_vectors, tc)
1780e33efe4SConrad Meyer {
1798f02e2acSJung-uk Kim 	ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1);
180871eec00SJohn Baldwin 	test_blake2b_vectors("cryptosoft0", "nexus/cryptosoft");
1810e33efe4SConrad Meyer }
1820e33efe4SConrad Meyer 
1830e33efe4SConrad Meyer ATF_TC_WITHOUT_HEAD(blake2s_vectors);
ATF_TC_BODY(blake2s_vectors,tc)1840e33efe4SConrad Meyer ATF_TC_BODY(blake2s_vectors, tc)
1850e33efe4SConrad Meyer {
1868f02e2acSJung-uk Kim 	ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1);
187871eec00SJohn Baldwin 	test_blake2s_vectors("cryptosoft0", "nexus/cryptosoft");
1880e33efe4SConrad Meyer }
1890e33efe4SConrad Meyer 
1900e33efe4SConrad Meyer #if defined(__i386__) || defined(__amd64__)
1910e33efe4SConrad Meyer ATF_TC_WITHOUT_HEAD(blake2b_vectors_x86);
ATF_TC_BODY(blake2b_vectors_x86,tc)1920e33efe4SConrad Meyer ATF_TC_BODY(blake2b_vectors_x86, tc)
1930e33efe4SConrad Meyer {
1948f02e2acSJung-uk Kim 	ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1);
195871eec00SJohn Baldwin 	test_blake2b_vectors("blaketwo0", "nexus/blake2");
1960e33efe4SConrad Meyer }
1970e33efe4SConrad Meyer 
1980e33efe4SConrad Meyer ATF_TC_WITHOUT_HEAD(blake2s_vectors_x86);
ATF_TC_BODY(blake2s_vectors_x86,tc)1990e33efe4SConrad Meyer ATF_TC_BODY(blake2s_vectors_x86, tc)
2000e33efe4SConrad Meyer {
2018f02e2acSJung-uk Kim 	ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1);
202871eec00SJohn Baldwin 	test_blake2s_vectors("blaketwo0", "nexus/blake2");
2030e33efe4SConrad Meyer }
2040e33efe4SConrad Meyer #endif
2050e33efe4SConrad Meyer 
ATF_TP_ADD_TCS(tp)2060e33efe4SConrad Meyer ATF_TP_ADD_TCS(tp)
2070e33efe4SConrad Meyer {
2080e33efe4SConrad Meyer 
2090e33efe4SConrad Meyer 	ATF_TP_ADD_TC(tp, blake2b_vectors);
2100e33efe4SConrad Meyer 	ATF_TP_ADD_TC(tp, blake2s_vectors);
2110e33efe4SConrad Meyer #if defined(__i386__) || defined(__amd64__)
2120e33efe4SConrad Meyer 	ATF_TP_ADD_TC(tp, blake2b_vectors_x86);
2130e33efe4SConrad Meyer 	ATF_TP_ADD_TC(tp, blake2s_vectors_x86);
2140e33efe4SConrad Meyer #endif
2150e33efe4SConrad Meyer 
2160e33efe4SConrad Meyer 	return (atf_no_error());
2170e33efe4SConrad Meyer }
218