1 /*- 2 * Copyright (c) 2018 Conrad Meyer <cem@FreeBSD.org> 3 * All rights reserved. 4 * 5 * Redistribution and use in source and binary forms, with or without 6 * modification, are permitted provided that the following conditions 7 * are met: 8 * 1. Redistributions of source code must retain the above copyright 9 * notice, this list of conditions and the following disclaimer. 10 * 2. Redistributions in binary form must reproduce the above copyright 11 * notice, this list of conditions and the following disclaimer in the 12 * documentation and/or other materials provided with the distribution. 13 * 14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 24 * SUCH DAMAGE. 25 * 26 * $FreeBSD$ 27 */ 28 29 /* 30 * Derived from blake2b-test.c and blake2s-test.c: 31 * 32 * BLAKE2 reference source code package - optimized C implementations 33 * 34 * Written in 2012 by Samuel Neves <sneves@dei.uc.pt> 35 * 36 * To the extent possible under law, the author(s) have dedicated all copyright 37 * and related and neighboring rights to this software to the public domain 38 * worldwide. This software is distributed without any warranty. 39 * 40 * You should have received a copy of the CC0 Public Domain Dedication along with 41 * this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>. 42 */ 43 44 #include <sys/param.h> 45 46 #include <errno.h> 47 #include <fcntl.h> 48 #include <string.h> 49 50 #include <atf-c.h> 51 52 /* Be sure to include tree copy rather than system copy. */ 53 #include "cryptodev.h" 54 55 #include "freebsd_test_suite/macros.h" 56 57 #include <blake2.h> 58 #include "blake2-kat.h" 59 60 static uint8_t key2b[BLAKE2B_KEYBYTES]; 61 static uint8_t key2s[BLAKE2S_KEYBYTES]; 62 static uint8_t katbuf[KAT_LENGTH]; 63 64 static void 65 initialize_constant_buffers(void) 66 { 67 size_t i; 68 69 for (i = 0; i < sizeof(key2b); i++) 70 key2b[i] = (uint8_t)i; 71 for (i = 0; i < sizeof(key2s); i++) 72 key2s[i] = (uint8_t)i; 73 for (i = 0; i < sizeof(katbuf); i++) 74 katbuf[i] = (uint8_t)i; 75 } 76 77 static int 78 lookup_crid(int fd, const char *devname) 79 { 80 struct crypt_find_op find; 81 82 find.crid = -1; 83 strlcpy(find.name, devname, sizeof(find.name)); 84 ATF_REQUIRE(ioctl(fd, CIOCFINDDEV, &find) != -1); 85 return (find.crid); 86 } 87 88 static int 89 get_handle_fd(void) 90 { 91 int dc_fd, fd; 92 93 dc_fd = open("/dev/crypto", O_RDWR); 94 95 /* 96 * Why do we do this dance instead of just operating on /dev/crypto 97 * directly? I have no idea. 98 */ 99 ATF_REQUIRE(dc_fd >= 0); 100 ATF_REQUIRE(ioctl(dc_fd, CRIOGET, &fd) != -1); 101 close(dc_fd); 102 return (fd); 103 } 104 105 static int 106 create_session(int fd, int alg, int crid, const void *key, size_t klen) 107 { 108 struct session2_op sop; 109 110 memset(&sop, 0, sizeof(sop)); 111 112 sop.mac = alg; 113 sop.mackey = key; 114 sop.mackeylen = klen; 115 sop.crid = crid; 116 117 ATF_REQUIRE_MSG(ioctl(fd, CIOCGSESSION2, &sop) >= 0, 118 "alg %d keylen %zu, errno=%d (%s)", alg, klen, errno, 119 strerror(errno)); 120 return (sop.ses); 121 } 122 123 static void 124 do_cryptop(int fd, int ses, size_t inlen, void *out) 125 { 126 struct crypt_op cop; 127 128 memset(&cop, 0, sizeof(cop)); 129 130 cop.ses = ses; 131 cop.len = inlen; 132 cop.src = katbuf; 133 cop.mac = out; 134 ATF_CHECK_MSG(ioctl(fd, CIOCCRYPT, &cop) >= 0, "ioctl(CIOCCRYPT)"); 135 } 136 137 static void 138 test_blake2b_vectors(const char *devname, const char *modname) 139 { 140 uint8_t hash[BLAKE2B_OUTBYTES]; 141 int crid, fd, ses; 142 size_t i; 143 144 ATF_REQUIRE_KERNEL_MODULE(modname); 145 ATF_REQUIRE_KERNEL_MODULE("cryptodev"); 146 147 initialize_constant_buffers(); 148 fd = get_handle_fd(); 149 crid = lookup_crid(fd, devname); 150 ses = create_session(fd, CRYPTO_BLAKE2B, crid, key2b, sizeof(key2b)); 151 152 for (i = 0; i < sizeof(katbuf); i++) { 153 do_cryptop(fd, ses, i, hash); 154 ATF_CHECK_EQ_MSG( 155 memcmp(hash, blake2b_keyed_kat[i], sizeof(hash)), 156 0, 157 "different at %zu", i); 158 } 159 } 160 161 static void 162 test_blake2s_vectors(const char *devname, const char *modname) 163 { 164 uint8_t hash[BLAKE2S_OUTBYTES]; 165 int crid, fd, ses; 166 size_t i; 167 168 ATF_REQUIRE_KERNEL_MODULE(modname); 169 ATF_REQUIRE_KERNEL_MODULE("cryptodev"); 170 171 initialize_constant_buffers(); 172 fd = get_handle_fd(); 173 crid = lookup_crid(fd, devname); 174 ses = create_session(fd, CRYPTO_BLAKE2S, crid, key2s, sizeof(key2s)); 175 176 for (i = 0; i < sizeof(katbuf); i++) { 177 do_cryptop(fd, ses, i, hash); 178 ATF_CHECK_EQ_MSG( 179 memcmp(hash, blake2s_keyed_kat[i], sizeof(hash)), 180 0, 181 "different at %zu", i); 182 } 183 } 184 185 ATF_TC_WITHOUT_HEAD(blake2b_vectors); 186 ATF_TC_BODY(blake2b_vectors, tc) 187 { 188 ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1); 189 test_blake2b_vectors("cryptosoft0", "nexus/cryptosoft"); 190 } 191 192 ATF_TC_WITHOUT_HEAD(blake2s_vectors); 193 ATF_TC_BODY(blake2s_vectors, tc) 194 { 195 ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1); 196 test_blake2s_vectors("cryptosoft0", "nexus/cryptosoft"); 197 } 198 199 #if defined(__i386__) || defined(__amd64__) 200 ATF_TC_WITHOUT_HEAD(blake2b_vectors_x86); 201 ATF_TC_BODY(blake2b_vectors_x86, tc) 202 { 203 ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1); 204 test_blake2b_vectors("blaketwo0", "nexus/blake2"); 205 } 206 207 ATF_TC_WITHOUT_HEAD(blake2s_vectors_x86); 208 ATF_TC_BODY(blake2s_vectors_x86, tc) 209 { 210 ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1); 211 test_blake2s_vectors("blaketwo0", "nexus/blake2"); 212 } 213 #endif 214 215 ATF_TP_ADD_TCS(tp) 216 { 217 218 ATF_TP_ADD_TC(tp, blake2b_vectors); 219 ATF_TP_ADD_TC(tp, blake2s_vectors); 220 #if defined(__i386__) || defined(__amd64__) 221 ATF_TP_ADD_TC(tp, blake2b_vectors_x86); 222 ATF_TP_ADD_TC(tp, blake2s_vectors_x86); 223 #endif 224 225 return (atf_no_error()); 226 } 227