12a7a4b19SAlan Somers#!/usr/local/bin/python3 208fca7a5SJohn-Mark Gurney# 308fca7a5SJohn-Mark Gurney# Copyright (c) 2014 The FreeBSD Foundation 408fca7a5SJohn-Mark Gurney# All rights reserved. 5f2a34445SEnji Cooper# Copyright 2019 Enji Cooper 608fca7a5SJohn-Mark Gurney# 708fca7a5SJohn-Mark Gurney# This software was developed by John-Mark Gurney under 808fca7a5SJohn-Mark Gurney# the sponsorship from the FreeBSD Foundation. 908fca7a5SJohn-Mark Gurney# Redistribution and use in source and binary forms, with or without 1008fca7a5SJohn-Mark Gurney# modification, are permitted provided that the following conditions 1108fca7a5SJohn-Mark Gurney# are met: 1208fca7a5SJohn-Mark Gurney# 1. Redistributions of source code must retain the above copyright 1308fca7a5SJohn-Mark Gurney# notice, this list of conditions and the following disclaimer. 1408fca7a5SJohn-Mark Gurney# 2. Redistributions in binary form must reproduce the above copyright 1508fca7a5SJohn-Mark Gurney# notice, this list of conditions and the following disclaimer in the 1608fca7a5SJohn-Mark Gurney# documentation and/or other materials provided with the distribution. 1708fca7a5SJohn-Mark Gurney# 1808fca7a5SJohn-Mark Gurney# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 1908fca7a5SJohn-Mark Gurney# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2008fca7a5SJohn-Mark Gurney# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2108fca7a5SJohn-Mark Gurney# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2208fca7a5SJohn-Mark Gurney# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2308fca7a5SJohn-Mark Gurney# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2408fca7a5SJohn-Mark Gurney# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2508fca7a5SJohn-Mark Gurney# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2608fca7a5SJohn-Mark Gurney# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2708fca7a5SJohn-Mark Gurney# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2808fca7a5SJohn-Mark Gurney# SUCH DAMAGE. 2908fca7a5SJohn-Mark Gurney# 3008fca7a5SJohn-Mark Gurney# $FreeBSD$ 3108fca7a5SJohn-Mark Gurney# 3208fca7a5SJohn-Mark Gurney 332a7a4b19SAlan Somers 34d99c2cecSEnji Cooper 35d99c2cecSEnji Cooperimport binascii 36a317fb03SConrad Meyerimport errno 3708fca7a5SJohn-Mark Gurneyimport cryptodev 3808fca7a5SJohn-Mark Gurneyimport itertools 3908fca7a5SJohn-Mark Gurneyimport os 4008fca7a5SJohn-Mark Gurneyimport struct 4108fca7a5SJohn-Mark Gurneyimport unittest 4208fca7a5SJohn-Mark Gurneyfrom cryptodev import * 4308fca7a5SJohn-Mark Gurneyfrom glob import iglob 4408fca7a5SJohn-Mark Gurney 4508fca7a5SJohn-Mark Gurneykatdir = '/usr/local/share/nist-kat' 4608fca7a5SJohn-Mark Gurney 4708fca7a5SJohn-Mark Gurneydef katg(base, glob): 48aeb5c8e6SJohn Baldwin assert os.path.exists(katdir), "Please 'pkg install nist-kat'" 49aeb5c8e6SJohn Baldwin if not os.path.exists(os.path.join(katdir, base)): 50aeb5c8e6SJohn Baldwin raise unittest.SkipTest("Missing %s test vectors" % (base)) 5108fca7a5SJohn-Mark Gurney return iglob(os.path.join(katdir, base, glob)) 5208fca7a5SJohn-Mark Gurney 53870d4ba3SMark Johnstonaesmodules = [ 'cryptosoft0', 'aesni0', 'armv8crypto0', 'ccr0', 'ccp0', 'safexcel0', 'qat0' ] 54870d4ba3SMark Johnstonshamodules = [ 'cryptosoft0', 'aesni0', 'armv8crypto0', 'ccr0', 'ccp0', 'ossl0', 'safexcel0', 'qat0' ] 5508fca7a5SJohn-Mark Gurney 5608fca7a5SJohn-Mark Gurneydef GenTestCase(cname): 5708fca7a5SJohn-Mark Gurney try: 5808fca7a5SJohn-Mark Gurney crid = cryptodev.Crypto.findcrid(cname) 5908fca7a5SJohn-Mark Gurney except IOError: 6008fca7a5SJohn-Mark Gurney return None 6108fca7a5SJohn-Mark Gurney 6208fca7a5SJohn-Mark Gurney class GendCryptoTestCase(unittest.TestCase): 6308fca7a5SJohn-Mark Gurney ############### 6408fca7a5SJohn-Mark Gurney ##### AES ##### 6508fca7a5SJohn-Mark Gurney ############### 66c091d0d9SJohn Baldwin @unittest.skipIf(cname not in aesmodules, 'skipping AES-XTS on %s' % (cname)) 6708fca7a5SJohn-Mark Gurney def test_xts(self): 6808fca7a5SJohn-Mark Gurney for i in katg('XTSTestVectors/format tweak value input - data unit seq no', '*.rsp'): 6908fca7a5SJohn-Mark Gurney self.runXTS(i, cryptodev.CRYPTO_AES_XTS) 7008fca7a5SJohn-Mark Gurney 71c091d0d9SJohn Baldwin @unittest.skipIf(cname not in aesmodules, 'skipping AES-CBC on %s' % (cname)) 7208fca7a5SJohn-Mark Gurney def test_cbc(self): 7308fca7a5SJohn-Mark Gurney for i in katg('KAT_AES', 'CBC[GKV]*.rsp'): 7408fca7a5SJohn-Mark Gurney self.runCBC(i) 7508fca7a5SJohn-Mark Gurney 76151f0ca8SJohn Baldwin @unittest.skipIf(cname not in aesmodules, 'skipping AES-CCM on %s' % (cname)) 77151f0ca8SJohn Baldwin def test_ccm(self): 78151f0ca8SJohn Baldwin for i in katg('ccmtestvectors', 'V*.rsp'): 79151f0ca8SJohn Baldwin self.runCCMEncrypt(i) 80151f0ca8SJohn Baldwin 81151f0ca8SJohn Baldwin for i in katg('ccmtestvectors', 'D*.rsp'): 82151f0ca8SJohn Baldwin self.runCCMDecrypt(i) 83151f0ca8SJohn Baldwin 84c091d0d9SJohn Baldwin @unittest.skipIf(cname not in aesmodules, 'skipping AES-GCM on %s' % (cname)) 8508fca7a5SJohn-Mark Gurney def test_gcm(self): 8608fca7a5SJohn-Mark Gurney for i in katg('gcmtestvectors', 'gcmEncrypt*'): 8708fca7a5SJohn-Mark Gurney self.runGCM(i, 'ENCRYPT') 8808fca7a5SJohn-Mark Gurney 8908fca7a5SJohn-Mark Gurney for i in katg('gcmtestvectors', 'gcmDecrypt*'): 9008fca7a5SJohn-Mark Gurney self.runGCM(i, 'DECRYPT') 9108fca7a5SJohn-Mark Gurney 9208fca7a5SJohn-Mark Gurney def runGCM(self, fname, mode): 9308fca7a5SJohn-Mark Gurney curfun = None 9408fca7a5SJohn-Mark Gurney if mode == 'ENCRYPT': 9508fca7a5SJohn-Mark Gurney swapptct = False 9608fca7a5SJohn-Mark Gurney curfun = Crypto.encrypt 9708fca7a5SJohn-Mark Gurney elif mode == 'DECRYPT': 9808fca7a5SJohn-Mark Gurney swapptct = True 9908fca7a5SJohn-Mark Gurney curfun = Crypto.decrypt 10008fca7a5SJohn-Mark Gurney else: 101d86680b0SEnji Cooper raise RuntimeError('unknown mode: %r' % repr(mode)) 10208fca7a5SJohn-Mark Gurney 103a60d9a98SEnji Cooper columns = [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ] 104a60d9a98SEnji Cooper with cryptodev.KATParser(fname, columns) as parser: 105a60d9a98SEnji Cooper self.runGCMWithParser(parser, mode) 106a60d9a98SEnji Cooper 107a60d9a98SEnji Cooper def runGCMWithParser(self, parser, mode): 108a60d9a98SEnji Cooper for _, lines in next(parser): 10908fca7a5SJohn-Mark Gurney for data in lines: 11008fca7a5SJohn-Mark Gurney curcnt = int(data['Count']) 111d99c2cecSEnji Cooper cipherkey = binascii.unhexlify(data['Key']) 112d99c2cecSEnji Cooper iv = binascii.unhexlify(data['IV']) 113d99c2cecSEnji Cooper aad = binascii.unhexlify(data['AAD']) 114d99c2cecSEnji Cooper tag = binascii.unhexlify(data['Tag']) 11508fca7a5SJohn-Mark Gurney if 'FAIL' not in data: 116d99c2cecSEnji Cooper pt = binascii.unhexlify(data['PT']) 117d99c2cecSEnji Cooper ct = binascii.unhexlify(data['CT']) 11808fca7a5SJohn-Mark Gurney 11908fca7a5SJohn-Mark Gurney if len(iv) != 12: 12008fca7a5SJohn-Mark Gurney # XXX - isn't supported 12108fca7a5SJohn-Mark Gurney continue 12208fca7a5SJohn-Mark Gurney 123844d9543SConrad Meyer try: 12408fca7a5SJohn-Mark Gurney c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, 125c0341432SJohn Baldwin cipherkey, crid=crid, 126de0f7dcaSJohn Baldwin maclen=16) 127b106e0fcSEnji Cooper except EnvironmentError as e: 128844d9543SConrad Meyer # Can't test algorithms the driver does not support. 129844d9543SConrad Meyer if e.errno != errno.EOPNOTSUPP: 130844d9543SConrad Meyer raise 131844d9543SConrad Meyer continue 13208fca7a5SJohn-Mark Gurney 13308fca7a5SJohn-Mark Gurney if mode == 'ENCRYPT': 134844d9543SConrad Meyer try: 13508fca7a5SJohn-Mark Gurney rct, rtag = c.encrypt(pt, iv, aad) 136b106e0fcSEnji Cooper except EnvironmentError as e: 137844d9543SConrad Meyer # Can't test inputs the driver does not support. 138844d9543SConrad Meyer if e.errno != errno.EINVAL: 139844d9543SConrad Meyer raise 140844d9543SConrad Meyer continue 14108fca7a5SJohn-Mark Gurney rtag = rtag[:len(tag)] 142d99c2cecSEnji Cooper data['rct'] = binascii.hexlify(rct) 143d99c2cecSEnji Cooper data['rtag'] = binascii.hexlify(rtag) 144d86680b0SEnji Cooper self.assertEqual(rct, ct, repr(data)) 145d86680b0SEnji Cooper self.assertEqual(rtag, tag, repr(data)) 14608fca7a5SJohn-Mark Gurney else: 14708fca7a5SJohn-Mark Gurney if len(tag) != 16: 14808fca7a5SJohn-Mark Gurney continue 14908fca7a5SJohn-Mark Gurney args = (ct, iv, aad, tag) 15008fca7a5SJohn-Mark Gurney if 'FAIL' in data: 15108fca7a5SJohn-Mark Gurney self.assertRaises(IOError, 15208fca7a5SJohn-Mark Gurney c.decrypt, *args) 15308fca7a5SJohn-Mark Gurney else: 154844d9543SConrad Meyer try: 15508fca7a5SJohn-Mark Gurney rpt, rtag = c.decrypt(*args) 156b106e0fcSEnji Cooper except EnvironmentError as e: 157844d9543SConrad Meyer # Can't test inputs the driver does not support. 158844d9543SConrad Meyer if e.errno != errno.EINVAL: 159844d9543SConrad Meyer raise 160844d9543SConrad Meyer continue 161d99c2cecSEnji Cooper data['rpt'] = binascii.hexlify(rpt) 162d99c2cecSEnji Cooper data['rtag'] = binascii.hexlify(rtag) 16308fca7a5SJohn-Mark Gurney self.assertEqual(rpt, pt, 164d86680b0SEnji Cooper repr(data)) 16508fca7a5SJohn-Mark Gurney 16608fca7a5SJohn-Mark Gurney def runCBC(self, fname): 167a60d9a98SEnji Cooper columns = [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ] 168a60d9a98SEnji Cooper with cryptodev.KATParser(fname, columns) as parser: 169a60d9a98SEnji Cooper self.runCBCWithParser(parser) 170a60d9a98SEnji Cooper 171a60d9a98SEnji Cooper def runCBCWithParser(self, parser): 17208fca7a5SJohn-Mark Gurney curfun = None 173a60d9a98SEnji Cooper for mode, lines in next(parser): 17408fca7a5SJohn-Mark Gurney if mode == 'ENCRYPT': 17508fca7a5SJohn-Mark Gurney swapptct = False 17608fca7a5SJohn-Mark Gurney curfun = Crypto.encrypt 17708fca7a5SJohn-Mark Gurney elif mode == 'DECRYPT': 17808fca7a5SJohn-Mark Gurney swapptct = True 17908fca7a5SJohn-Mark Gurney curfun = Crypto.decrypt 18008fca7a5SJohn-Mark Gurney else: 181d86680b0SEnji Cooper raise RuntimeError('unknown mode: %r' % repr(mode)) 18208fca7a5SJohn-Mark Gurney 18308fca7a5SJohn-Mark Gurney for data in lines: 18408fca7a5SJohn-Mark Gurney curcnt = int(data['COUNT']) 185d99c2cecSEnji Cooper cipherkey = binascii.unhexlify(data['KEY']) 186d99c2cecSEnji Cooper iv = binascii.unhexlify(data['IV']) 187d99c2cecSEnji Cooper pt = binascii.unhexlify(data['PLAINTEXT']) 188d99c2cecSEnji Cooper ct = binascii.unhexlify(data['CIPHERTEXT']) 18908fca7a5SJohn-Mark Gurney 19008fca7a5SJohn-Mark Gurney if swapptct: 19108fca7a5SJohn-Mark Gurney pt, ct = ct, pt 19208fca7a5SJohn-Mark Gurney # run the fun 19308fca7a5SJohn-Mark Gurney c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid) 19408fca7a5SJohn-Mark Gurney r = curfun(c, pt, iv) 19508fca7a5SJohn-Mark Gurney self.assertEqual(r, ct) 19608fca7a5SJohn-Mark Gurney 19708fca7a5SJohn-Mark Gurney def runXTS(self, fname, meth): 198a60d9a98SEnji Cooper columns = [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', 199a60d9a98SEnji Cooper 'CT'] 200a60d9a98SEnji Cooper with cryptodev.KATParser(fname, columns) as parser: 201a60d9a98SEnji Cooper self.runXTSWithParser(parser, meth) 202a60d9a98SEnji Cooper 203a60d9a98SEnji Cooper def runXTSWithParser(self, parser, meth): 20408fca7a5SJohn-Mark Gurney curfun = None 205a60d9a98SEnji Cooper for mode, lines in next(parser): 20608fca7a5SJohn-Mark Gurney if mode == 'ENCRYPT': 20708fca7a5SJohn-Mark Gurney swapptct = False 20808fca7a5SJohn-Mark Gurney curfun = Crypto.encrypt 20908fca7a5SJohn-Mark Gurney elif mode == 'DECRYPT': 21008fca7a5SJohn-Mark Gurney swapptct = True 21108fca7a5SJohn-Mark Gurney curfun = Crypto.decrypt 21208fca7a5SJohn-Mark Gurney else: 213d86680b0SEnji Cooper raise RuntimeError('unknown mode: %r' % repr(mode)) 21408fca7a5SJohn-Mark Gurney 21508fca7a5SJohn-Mark Gurney for data in lines: 21608fca7a5SJohn-Mark Gurney curcnt = int(data['COUNT']) 21708fca7a5SJohn-Mark Gurney nbits = int(data['DataUnitLen']) 218d99c2cecSEnji Cooper cipherkey = binascii.unhexlify(data['Key']) 21908fca7a5SJohn-Mark Gurney iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0) 220d99c2cecSEnji Cooper pt = binascii.unhexlify(data['PT']) 221d99c2cecSEnji Cooper ct = binascii.unhexlify(data['CT']) 22208fca7a5SJohn-Mark Gurney 22308fca7a5SJohn-Mark Gurney if nbits % 128 != 0: 22408fca7a5SJohn-Mark Gurney # XXX - mark as skipped 22508fca7a5SJohn-Mark Gurney continue 22608fca7a5SJohn-Mark Gurney if swapptct: 22708fca7a5SJohn-Mark Gurney pt, ct = ct, pt 22808fca7a5SJohn-Mark Gurney # run the fun 229844d9543SConrad Meyer try: 23008fca7a5SJohn-Mark Gurney c = Crypto(meth, cipherkey, crid=crid) 23108fca7a5SJohn-Mark Gurney r = curfun(c, pt, iv) 232b106e0fcSEnji Cooper except EnvironmentError as e: 233844d9543SConrad Meyer # Can't test hashes the driver does not support. 234844d9543SConrad Meyer if e.errno != errno.EOPNOTSUPP: 235844d9543SConrad Meyer raise 236844d9543SConrad Meyer continue 23708fca7a5SJohn-Mark Gurney self.assertEqual(r, ct) 23808fca7a5SJohn-Mark Gurney 239151f0ca8SJohn Baldwin def runCCMEncrypt(self, fname): 240a60d9a98SEnji Cooper with cryptodev.KATCCMParser(fname) as parser: 241a60d9a98SEnji Cooper self.runCCMEncryptWithParser(parser) 242a60d9a98SEnji Cooper 243a60d9a98SEnji Cooper def runCCMEncryptWithParser(self, parser): 244a60d9a98SEnji Cooper for data in next(parser): 245151f0ca8SJohn Baldwin Nlen = int(data['Nlen']) 246*668770dcSJohn Baldwin Tlen = int(data['Tlen']) 247d99c2cecSEnji Cooper key = binascii.unhexlify(data['Key']) 248d99c2cecSEnji Cooper nonce = binascii.unhexlify(data['Nonce']) 249151f0ca8SJohn Baldwin Alen = int(data['Alen']) 250*668770dcSJohn Baldwin Plen = int(data['Plen']) 251151f0ca8SJohn Baldwin if Alen != 0: 252d99c2cecSEnji Cooper aad = binascii.unhexlify(data['Adata']) 253151f0ca8SJohn Baldwin else: 254151f0ca8SJohn Baldwin aad = None 255*668770dcSJohn Baldwin if Plen != 0: 256d99c2cecSEnji Cooper payload = binascii.unhexlify(data['Payload']) 257*668770dcSJohn Baldwin else: 258*668770dcSJohn Baldwin payload = None 259d99c2cecSEnji Cooper ct = binascii.unhexlify(data['CT']) 260151f0ca8SJohn Baldwin 261151f0ca8SJohn Baldwin try: 262151f0ca8SJohn Baldwin c = Crypto(crid=crid, 263151f0ca8SJohn Baldwin cipher=cryptodev.CRYPTO_AES_CCM_16, 264151f0ca8SJohn Baldwin key=key, 265*668770dcSJohn Baldwin mackey=key, maclen=Tlen, ivlen=Nlen) 266151f0ca8SJohn Baldwin r, tag = Crypto.encrypt(c, payload, 267151f0ca8SJohn Baldwin nonce, aad) 268b106e0fcSEnji Cooper except EnvironmentError as e: 269151f0ca8SJohn Baldwin if e.errno != errno.EOPNOTSUPP: 270151f0ca8SJohn Baldwin raise 271151f0ca8SJohn Baldwin continue 272151f0ca8SJohn Baldwin 273151f0ca8SJohn Baldwin out = r + tag 274151f0ca8SJohn Baldwin self.assertEqual(out, ct, 275151f0ca8SJohn Baldwin "Count " + data['Count'] + " Actual: " + \ 276e8b4bbdfSEnji Cooper repr(binascii.hexlify(out)) + " Expected: " + \ 277151f0ca8SJohn Baldwin repr(data) + " on " + cname) 278151f0ca8SJohn Baldwin 279151f0ca8SJohn Baldwin def runCCMDecrypt(self, fname): 280a60d9a98SEnji Cooper with cryptodev.KATCCMParser(fname) as parser: 281a60d9a98SEnji Cooper self.runCCMDecryptWithParser(parser) 282a60d9a98SEnji Cooper 283a60d9a98SEnji Cooper def runCCMDecryptWithParser(self, parser): 284a60d9a98SEnji Cooper for data in next(parser): 285151f0ca8SJohn Baldwin Nlen = int(data['Nlen']) 286151f0ca8SJohn Baldwin Tlen = int(data['Tlen']) 287d99c2cecSEnji Cooper key = binascii.unhexlify(data['Key']) 288d99c2cecSEnji Cooper nonce = binascii.unhexlify(data['Nonce']) 289151f0ca8SJohn Baldwin Alen = int(data['Alen']) 290*668770dcSJohn Baldwin Plen = int(data['Plen']) 291151f0ca8SJohn Baldwin if Alen != 0: 292d99c2cecSEnji Cooper aad = binascii.unhexlify(data['Adata']) 293151f0ca8SJohn Baldwin else: 294151f0ca8SJohn Baldwin aad = None 295d99c2cecSEnji Cooper ct = binascii.unhexlify(data['CT']) 296*668770dcSJohn Baldwin tag = ct[-Tlen:] 297*668770dcSJohn Baldwin if Plen != 0: 298*668770dcSJohn Baldwin payload = ct[:-Tlen] 299*668770dcSJohn Baldwin else: 300*668770dcSJohn Baldwin payload = None 301151f0ca8SJohn Baldwin 302151f0ca8SJohn Baldwin try: 303151f0ca8SJohn Baldwin c = Crypto(crid=crid, 304151f0ca8SJohn Baldwin cipher=cryptodev.CRYPTO_AES_CCM_16, 305151f0ca8SJohn Baldwin key=key, 306*668770dcSJohn Baldwin mackey=key, maclen=Tlen, ivlen=Nlen) 307b106e0fcSEnji Cooper except EnvironmentError as e: 308151f0ca8SJohn Baldwin if e.errno != errno.EOPNOTSUPP: 309151f0ca8SJohn Baldwin raise 310151f0ca8SJohn Baldwin continue 311151f0ca8SJohn Baldwin 312151f0ca8SJohn Baldwin if data['Result'] == 'Fail': 313151f0ca8SJohn Baldwin self.assertRaises(IOError, 314151f0ca8SJohn Baldwin c.decrypt, payload, nonce, aad, tag) 315151f0ca8SJohn Baldwin else: 316*668770dcSJohn Baldwin r, tag = Crypto.decrypt(c, payload, nonce, 317151f0ca8SJohn Baldwin aad, tag) 318151f0ca8SJohn Baldwin 319d99c2cecSEnji Cooper payload = binascii.unhexlify(data['Payload']) 320*668770dcSJohn Baldwin payload = payload[:Plen] 321151f0ca8SJohn Baldwin self.assertEqual(r, payload, 322151f0ca8SJohn Baldwin "Count " + data['Count'] + \ 323e8b4bbdfSEnji Cooper " Actual: " + repr(binascii.hexlify(r)) + \ 324151f0ca8SJohn Baldwin " Expected: " + repr(data) + \ 325151f0ca8SJohn Baldwin " on " + cname) 326151f0ca8SJohn Baldwin 32708fca7a5SJohn-Mark Gurney ############### 32808fca7a5SJohn-Mark Gurney ##### SHA ##### 32908fca7a5SJohn-Mark Gurney ############### 330d86680b0SEnji Cooper @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % str(cname)) 33108fca7a5SJohn-Mark Gurney def test_sha(self): 332de0f7dcaSJohn Baldwin for i in katg('shabytetestvectors', 'SHA*Msg.rsp'): 333de0f7dcaSJohn Baldwin self.runSHA(i) 334de0f7dcaSJohn Baldwin 335de0f7dcaSJohn Baldwin def runSHA(self, fname): 336de0f7dcaSJohn Baldwin # Skip SHA512_(224|256) tests 337de0f7dcaSJohn Baldwin if fname.find('SHA512_') != -1: 338de0f7dcaSJohn Baldwin return 339a60d9a98SEnji Cooper columns = [ 'Len', 'Msg', 'MD' ] 340a60d9a98SEnji Cooper with cryptodev.KATParser(fname, columns) as parser: 341a60d9a98SEnji Cooper self.runSHAWithParser(parser) 342de0f7dcaSJohn Baldwin 343a60d9a98SEnji Cooper def runSHAWithParser(self, parser): 344a60d9a98SEnji Cooper for hashlength, lines in next(parser): 345de0f7dcaSJohn Baldwin # E.g., hashlength will be "L=20" (bytes) 346de0f7dcaSJohn Baldwin hashlen = int(hashlength.split("=")[1]) 347de0f7dcaSJohn Baldwin 348de0f7dcaSJohn Baldwin if hashlen == 20: 349de0f7dcaSJohn Baldwin alg = cryptodev.CRYPTO_SHA1 350de0f7dcaSJohn Baldwin elif hashlen == 28: 351de0f7dcaSJohn Baldwin alg = cryptodev.CRYPTO_SHA2_224 352de0f7dcaSJohn Baldwin elif hashlen == 32: 353de0f7dcaSJohn Baldwin alg = cryptodev.CRYPTO_SHA2_256 354de0f7dcaSJohn Baldwin elif hashlen == 48: 355de0f7dcaSJohn Baldwin alg = cryptodev.CRYPTO_SHA2_384 356de0f7dcaSJohn Baldwin elif hashlen == 64: 357de0f7dcaSJohn Baldwin alg = cryptodev.CRYPTO_SHA2_512 358de0f7dcaSJohn Baldwin else: 359de0f7dcaSJohn Baldwin # Skip unsupported hashes 360de0f7dcaSJohn Baldwin # Slurp remaining input in section 361de0f7dcaSJohn Baldwin for data in lines: 362de0f7dcaSJohn Baldwin continue 363de0f7dcaSJohn Baldwin continue 364de0f7dcaSJohn Baldwin 365de0f7dcaSJohn Baldwin for data in lines: 366d99c2cecSEnji Cooper msg = binascii.unhexlify(data['Msg']) 367de0f7dcaSJohn Baldwin msg = msg[:int(data['Len'])] 368d99c2cecSEnji Cooper md = binascii.unhexlify(data['MD']) 369de0f7dcaSJohn Baldwin 370de0f7dcaSJohn Baldwin try: 371de0f7dcaSJohn Baldwin c = Crypto(mac=alg, crid=crid, 372de0f7dcaSJohn Baldwin maclen=hashlen) 373b106e0fcSEnji Cooper except EnvironmentError as e: 374de0f7dcaSJohn Baldwin # Can't test hashes the driver does not support. 375de0f7dcaSJohn Baldwin if e.errno != errno.EOPNOTSUPP: 376de0f7dcaSJohn Baldwin raise 377de0f7dcaSJohn Baldwin continue 378de0f7dcaSJohn Baldwin 379de0f7dcaSJohn Baldwin _, r = c.encrypt(msg, iv="") 380de0f7dcaSJohn Baldwin 381de0f7dcaSJohn Baldwin self.assertEqual(r, md, "Actual: " + \ 382e8b4bbdfSEnji Cooper repr(binascii.hexlify(r)) + " Expected: " + repr(data) + " on " + cname) 38308fca7a5SJohn-Mark Gurney 384c091d0d9SJohn Baldwin @unittest.skipIf(cname not in shamodules, 'skipping SHA-HMAC on %s' % str(cname)) 38508fca7a5SJohn-Mark Gurney def test_sha1hmac(self): 38608fca7a5SJohn-Mark Gurney for i in katg('hmactestvectors', 'HMAC.rsp'): 38708fca7a5SJohn-Mark Gurney self.runSHA1HMAC(i) 38808fca7a5SJohn-Mark Gurney 38908fca7a5SJohn-Mark Gurney def runSHA1HMAC(self, fname): 390a60d9a98SEnji Cooper columns = [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ] 391a60d9a98SEnji Cooper with cryptodev.KATParser(fname, columns) as parser: 392a60d9a98SEnji Cooper self.runSHA1HMACWithParser(parser) 393a60d9a98SEnji Cooper 394a60d9a98SEnji Cooper def runSHA1HMACWithParser(self, parser): 395a60d9a98SEnji Cooper for hashlength, lines in next(parser): 396005fdbbcSConrad Meyer # E.g., hashlength will be "L=20" (bytes) 397005fdbbcSConrad Meyer hashlen = int(hashlength.split("=")[1]) 398005fdbbcSConrad Meyer 399005fdbbcSConrad Meyer blocksize = None 400005fdbbcSConrad Meyer if hashlen == 20: 401005fdbbcSConrad Meyer alg = cryptodev.CRYPTO_SHA1_HMAC 402005fdbbcSConrad Meyer blocksize = 64 403005fdbbcSConrad Meyer elif hashlen == 28: 404c87ada6aSJohn Baldwin alg = cryptodev.CRYPTO_SHA2_224_HMAC 405c87ada6aSJohn Baldwin blocksize = 64 406005fdbbcSConrad Meyer elif hashlen == 32: 407005fdbbcSConrad Meyer alg = cryptodev.CRYPTO_SHA2_256_HMAC 408005fdbbcSConrad Meyer blocksize = 64 409005fdbbcSConrad Meyer elif hashlen == 48: 410005fdbbcSConrad Meyer alg = cryptodev.CRYPTO_SHA2_384_HMAC 411005fdbbcSConrad Meyer blocksize = 128 412005fdbbcSConrad Meyer elif hashlen == 64: 413005fdbbcSConrad Meyer alg = cryptodev.CRYPTO_SHA2_512_HMAC 414005fdbbcSConrad Meyer blocksize = 128 415005fdbbcSConrad Meyer else: 416005fdbbcSConrad Meyer # Skip unsupported hashes 417005fdbbcSConrad Meyer # Slurp remaining input in section 418005fdbbcSConrad Meyer for data in lines: 419005fdbbcSConrad Meyer continue 420005fdbbcSConrad Meyer continue 421005fdbbcSConrad Meyer 42208fca7a5SJohn-Mark Gurney for data in lines: 423d99c2cecSEnji Cooper key = binascii.unhexlify(data['Key']) 424d99c2cecSEnji Cooper msg = binascii.unhexlify(data['Msg']) 425d99c2cecSEnji Cooper mac = binascii.unhexlify(data['Mac']) 426005fdbbcSConrad Meyer tlen = int(data['Tlen']) 42708fca7a5SJohn-Mark Gurney 428005fdbbcSConrad Meyer if len(key) > blocksize: 42908fca7a5SJohn-Mark Gurney continue 43008fca7a5SJohn-Mark Gurney 431a317fb03SConrad Meyer try: 432005fdbbcSConrad Meyer c = Crypto(mac=alg, mackey=key, 433de0f7dcaSJohn Baldwin crid=crid, maclen=hashlen) 434b106e0fcSEnji Cooper except EnvironmentError as e: 435a317fb03SConrad Meyer # Can't test hashes the driver does not support. 436a317fb03SConrad Meyer if e.errno != errno.EOPNOTSUPP: 437a317fb03SConrad Meyer raise 438a317fb03SConrad Meyer continue 43908fca7a5SJohn-Mark Gurney 440005fdbbcSConrad Meyer _, r = c.encrypt(msg, iv="") 441005fdbbcSConrad Meyer 442de0f7dcaSJohn Baldwin self.assertEqual(r[:tlen], mac, "Actual: " + \ 443e8b4bbdfSEnji Cooper repr(binascii.hexlify(r)) + " Expected: " + repr(data)) 44408fca7a5SJohn-Mark Gurney 44508fca7a5SJohn-Mark Gurney return GendCryptoTestCase 44608fca7a5SJohn-Mark Gurney 44708fca7a5SJohn-Mark Gurneycryptosoft = GenTestCase('cryptosoft0') 44808fca7a5SJohn-Mark Gurneyaesni = GenTestCase('aesni0') 44984a457c6SEnji Cooperarmv8crypto = GenTestCase('armv8crypto0') 4506720b890SJohn Baldwinccr = GenTestCase('ccr0') 451844d9543SConrad Meyerccp = GenTestCase('ccp0') 452ac619349SJung-uk Kimossl = GenTestCase('ossl0') 4539a1184deSMark Johnstonsafexcel = GenTestCase('safexcel0') 454870d4ba3SMark Johnstonqat = GenTestCase('qat0') 45508fca7a5SJohn-Mark Gurney 45608fca7a5SJohn-Mark Gurneyif __name__ == '__main__': 45708fca7a5SJohn-Mark Gurney unittest.main() 458