xref: /freebsd/tests/sys/opencrypto/poly1305_test.c (revision b3e7694832e81d7a904a10f525f8797b753bf0d3) 
11e7bbbc5SConrad Meyer /*-
21e7bbbc5SConrad Meyer  * Copyright (c) 2018 Conrad Meyer <cem@FreeBSD.org>
31e7bbbc5SConrad Meyer  * All rights reserved.
41e7bbbc5SConrad Meyer  *
51e7bbbc5SConrad Meyer  * Redistribution and use in source and binary forms, with or without
61e7bbbc5SConrad Meyer  * modification, are permitted provided that the following conditions
71e7bbbc5SConrad Meyer  * are met:
81e7bbbc5SConrad Meyer  * 1. Redistributions of source code must retain the above copyright
91e7bbbc5SConrad Meyer  *    notice, this list of conditions and the following disclaimer.
101e7bbbc5SConrad Meyer  * 2. Redistributions in binary form must reproduce the above copyright
111e7bbbc5SConrad Meyer  *    notice, this list of conditions and the following disclaimer in the
121e7bbbc5SConrad Meyer  *    documentation and/or other materials provided with the distribution.
131e7bbbc5SConrad Meyer  *
141e7bbbc5SConrad Meyer  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
151e7bbbc5SConrad Meyer  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
161e7bbbc5SConrad Meyer  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
171e7bbbc5SConrad Meyer  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
181e7bbbc5SConrad Meyer  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
191e7bbbc5SConrad Meyer  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
201e7bbbc5SConrad Meyer  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
211e7bbbc5SConrad Meyer  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
221e7bbbc5SConrad Meyer  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
231e7bbbc5SConrad Meyer  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
241e7bbbc5SConrad Meyer  * SUCH DAMAGE.
251e7bbbc5SConrad Meyer  */
261e7bbbc5SConrad Meyer 
271e7bbbc5SConrad Meyer #include <sys/param.h>
281e7bbbc5SConrad Meyer 
291e7bbbc5SConrad Meyer #include <errno.h>
301e7bbbc5SConrad Meyer #include <fcntl.h>
311e7bbbc5SConrad Meyer #include <string.h>
321e7bbbc5SConrad Meyer 
331e7bbbc5SConrad Meyer #include <atf-c.h>
341e7bbbc5SConrad Meyer 
351e7bbbc5SConrad Meyer /* Be sure to include tree copy rather than system copy. */
361e7bbbc5SConrad Meyer #include "cryptodev.h"
371e7bbbc5SConrad Meyer 
381e7bbbc5SConrad Meyer #include "freebsd_test_suite/macros.h"
391e7bbbc5SConrad Meyer 
401e7bbbc5SConrad Meyer struct poly1305_kat {
411e7bbbc5SConrad Meyer 	const char *vector_name;
421e7bbbc5SConrad Meyer 	const char *test_key_hex;
431e7bbbc5SConrad Meyer 	const char *test_msg_hex;
441e7bbbc5SConrad Meyer 	const size_t test_msg_len;
451e7bbbc5SConrad Meyer 
461e7bbbc5SConrad Meyer 	const char *expected_tag_hex;
471e7bbbc5SConrad Meyer };
481e7bbbc5SConrad Meyer 
491e7bbbc5SConrad Meyer static const struct poly1305_kat rfc7539_kats[] = {
501e7bbbc5SConrad Meyer {
511e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 2.5.2",
521e7bbbc5SConrad Meyer 	.test_key_hex = "85:d6:be:78:57:55:6d:33:7f:44:52:fe:42:d5:06:a8"
531e7bbbc5SConrad Meyer 	    ":01:03:80:8a:fb:0d:b2:fd:4a:bf:f6:af:41:49:f5:1b",
541e7bbbc5SConrad Meyer 	.test_msg_hex =
551e7bbbc5SConrad Meyer "43 72 79 70 74 6f 67 72 61 70 68 69 63 20 46 6f "
561e7bbbc5SConrad Meyer "72 75 6d 20 52 65 73 65 61 72 63 68 20 47 72 6f "
571e7bbbc5SConrad Meyer "75 70",
581e7bbbc5SConrad Meyer 	.test_msg_len = 34,
591e7bbbc5SConrad Meyer 	.expected_tag_hex = "a8:06:1d:c1:30:51:36:c6:c2:2b:8b:af:0c:01:27:a9",
601e7bbbc5SConrad Meyer },
611e7bbbc5SConrad Meyer {
621e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #1",
631e7bbbc5SConrad Meyer 	.test_key_hex =
641e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
651e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
661e7bbbc5SConrad Meyer 	.test_msg_hex =
671e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
681e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
691e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
701e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
711e7bbbc5SConrad Meyer 	.test_msg_len = 64,
721e7bbbc5SConrad Meyer 	.expected_tag_hex = "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
731e7bbbc5SConrad Meyer },
741e7bbbc5SConrad Meyer {
751e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #2",
761e7bbbc5SConrad Meyer 	.test_key_hex =
771e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
781e7bbbc5SConrad Meyer "36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e ",
791e7bbbc5SConrad Meyer 	.test_msg_hex =
801e7bbbc5SConrad Meyer "41 6e 79 20 73 75 62 6d 69 73 73 69 6f 6e 20 74 "
811e7bbbc5SConrad Meyer "6f 20 74 68 65 20 49 45 54 46 20 69 6e 74 65 6e "
821e7bbbc5SConrad Meyer "64 65 64 20 62 79 20 74 68 65 20 43 6f 6e 74 72 "
831e7bbbc5SConrad Meyer "69 62 75 74 6f 72 20 66 6f 72 20 70 75 62 6c 69 "
841e7bbbc5SConrad Meyer "63 61 74 69 6f 6e 20 61 73 20 61 6c 6c 20 6f 72 "
851e7bbbc5SConrad Meyer "20 70 61 72 74 20 6f 66 20 61 6e 20 49 45 54 46 "
861e7bbbc5SConrad Meyer "20 49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 20 "
871e7bbbc5SConrad Meyer "6f 72 20 52 46 43 20 61 6e 64 20 61 6e 79 20 73 "
881e7bbbc5SConrad Meyer "74 61 74 65 6d 65 6e 74 20 6d 61 64 65 20 77 69 "
891e7bbbc5SConrad Meyer "74 68 69 6e 20 74 68 65 20 63 6f 6e 74 65 78 74 "
901e7bbbc5SConrad Meyer "20 6f 66 20 61 6e 20 49 45 54 46 20 61 63 74 69 "
911e7bbbc5SConrad Meyer "76 69 74 79 20 69 73 20 63 6f 6e 73 69 64 65 72 "
921e7bbbc5SConrad Meyer "65 64 20 61 6e 20 22 49 45 54 46 20 43 6f 6e 74 "
931e7bbbc5SConrad Meyer "72 69 62 75 74 69 6f 6e 22 2e 20 53 75 63 68 20 "
941e7bbbc5SConrad Meyer "73 74 61 74 65 6d 65 6e 74 73 20 69 6e 63 6c 75 "
951e7bbbc5SConrad Meyer "64 65 20 6f 72 61 6c 20 73 74 61 74 65 6d 65 6e "
961e7bbbc5SConrad Meyer "74 73 20 69 6e 20 49 45 54 46 20 73 65 73 73 69 "
971e7bbbc5SConrad Meyer "6f 6e 73 2c 20 61 73 20 77 65 6c 6c 20 61 73 20 "
981e7bbbc5SConrad Meyer "77 72 69 74 74 65 6e 20 61 6e 64 20 65 6c 65 63 "
991e7bbbc5SConrad Meyer "74 72 6f 6e 69 63 20 63 6f 6d 6d 75 6e 69 63 61 "
1001e7bbbc5SConrad Meyer "74 69 6f 6e 73 20 6d 61 64 65 20 61 74 20 61 6e "
1011e7bbbc5SConrad Meyer "79 20 74 69 6d 65 20 6f 72 20 70 6c 61 63 65 2c "
1021e7bbbc5SConrad Meyer "20 77 68 69 63 68 20 61 72 65 20 61 64 64 72 65 "
1031e7bbbc5SConrad Meyer "73 73 65 64 20 74 6f",
1041e7bbbc5SConrad Meyer 	.test_msg_len = 375,
1051e7bbbc5SConrad Meyer 	.expected_tag_hex = "36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e",
1061e7bbbc5SConrad Meyer },
1071e7bbbc5SConrad Meyer {
1081e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #3",
1091e7bbbc5SConrad Meyer 	.test_key_hex =
1101e7bbbc5SConrad Meyer "36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e "
1111e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
1121e7bbbc5SConrad Meyer 	.test_msg_hex =
1131e7bbbc5SConrad Meyer "41 6e 79 20 73 75 62 6d 69 73 73 69 6f 6e 20 74 "
1141e7bbbc5SConrad Meyer "6f 20 74 68 65 20 49 45 54 46 20 69 6e 74 65 6e "
1151e7bbbc5SConrad Meyer "64 65 64 20 62 79 20 74 68 65 20 43 6f 6e 74 72 "
1161e7bbbc5SConrad Meyer "69 62 75 74 6f 72 20 66 6f 72 20 70 75 62 6c 69 "
1171e7bbbc5SConrad Meyer "63 61 74 69 6f 6e 20 61 73 20 61 6c 6c 20 6f 72 "
1181e7bbbc5SConrad Meyer "20 70 61 72 74 20 6f 66 20 61 6e 20 49 45 54 46 "
1191e7bbbc5SConrad Meyer "20 49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 20 "
1201e7bbbc5SConrad Meyer "6f 72 20 52 46 43 20 61 6e 64 20 61 6e 79 20 73 "
1211e7bbbc5SConrad Meyer "74 61 74 65 6d 65 6e 74 20 6d 61 64 65 20 77 69 "
1221e7bbbc5SConrad Meyer "74 68 69 6e 20 74 68 65 20 63 6f 6e 74 65 78 74 "
1231e7bbbc5SConrad Meyer "20 6f 66 20 61 6e 20 49 45 54 46 20 61 63 74 69 "
1241e7bbbc5SConrad Meyer "76 69 74 79 20 69 73 20 63 6f 6e 73 69 64 65 72 "
1251e7bbbc5SConrad Meyer "65 64 20 61 6e 20 22 49 45 54 46 20 43 6f 6e 74 "
1261e7bbbc5SConrad Meyer "72 69 62 75 74 69 6f 6e 22 2e 20 53 75 63 68 20 "
1271e7bbbc5SConrad Meyer "73 74 61 74 65 6d 65 6e 74 73 20 69 6e 63 6c 75 "
1281e7bbbc5SConrad Meyer "64 65 20 6f 72 61 6c 20 73 74 61 74 65 6d 65 6e "
1291e7bbbc5SConrad Meyer "74 73 20 69 6e 20 49 45 54 46 20 73 65 73 73 69 "
1301e7bbbc5SConrad Meyer "6f 6e 73 2c 20 61 73 20 77 65 6c 6c 20 61 73 20 "
1311e7bbbc5SConrad Meyer "77 72 69 74 74 65 6e 20 61 6e 64 20 65 6c 65 63 "
1321e7bbbc5SConrad Meyer "74 72 6f 6e 69 63 20 63 6f 6d 6d 75 6e 69 63 61 "
1331e7bbbc5SConrad Meyer "74 69 6f 6e 73 20 6d 61 64 65 20 61 74 20 61 6e "
1341e7bbbc5SConrad Meyer "79 20 74 69 6d 65 20 6f 72 20 70 6c 61 63 65 2c "
1351e7bbbc5SConrad Meyer "20 77 68 69 63 68 20 61 72 65 20 61 64 64 72 65 "
1361e7bbbc5SConrad Meyer "73 73 65 64 20 74 6f",
1371e7bbbc5SConrad Meyer 	.test_msg_len = 375,
1381e7bbbc5SConrad Meyer 	.expected_tag_hex = "f3 47 7e 7c d9 54 17 af 89 a6 b8 79 4c 31 0c f0",
1391e7bbbc5SConrad Meyer },
1401e7bbbc5SConrad Meyer {
1411e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #4",
1421e7bbbc5SConrad Meyer 	.test_key_hex =
1431e7bbbc5SConrad Meyer "1c 92 40 a5 eb 55 d3 8a f3 33 88 86 04 f6 b5 f0 "
1441e7bbbc5SConrad Meyer "47 39 17 c1 40 2b 80 09 9d ca 5c bc 20 70 75 c0 ",
1451e7bbbc5SConrad Meyer 	.test_msg_hex =
1461e7bbbc5SConrad Meyer "27 54 77 61 73 20 62 72 69 6c 6c 69 67 2c 20 61 "
1471e7bbbc5SConrad Meyer "6e 64 20 74 68 65 20 73 6c 69 74 68 79 20 74 6f "
1481e7bbbc5SConrad Meyer "76 65 73 0a 44 69 64 20 67 79 72 65 20 61 6e 64 "
1491e7bbbc5SConrad Meyer "20 67 69 6d 62 6c 65 20 69 6e 20 74 68 65 20 77 "
1501e7bbbc5SConrad Meyer "61 62 65 3a 0a 41 6c 6c 20 6d 69 6d 73 79 20 77 "
1511e7bbbc5SConrad Meyer "65 72 65 20 74 68 65 20 62 6f 72 6f 67 6f 76 65 "
1521e7bbbc5SConrad Meyer "73 2c 0a 41 6e 64 20 74 68 65 20 6d 6f 6d 65 20 "
1531e7bbbc5SConrad Meyer "72 61 74 68 73 20 6f 75 74 67 72 61 62 65 2e",
1541e7bbbc5SConrad Meyer 	.test_msg_len = 127,
1551e7bbbc5SConrad Meyer 	.expected_tag_hex = "45 41 66 9a 7e aa ee 61 e7 08 dc 7c bc c5 eb 62",
1561e7bbbc5SConrad Meyer },
1571e7bbbc5SConrad Meyer {
1581e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #5",
1591e7bbbc5SConrad Meyer 	.test_key_hex =
1601e7bbbc5SConrad Meyer "02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
1611e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
1621e7bbbc5SConrad Meyer 	.test_msg_hex =
1631e7bbbc5SConrad Meyer "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF",
1641e7bbbc5SConrad Meyer 	.test_msg_len = 16,
1651e7bbbc5SConrad Meyer 	.expected_tag_hex = "03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
1661e7bbbc5SConrad Meyer },
1671e7bbbc5SConrad Meyer {
1681e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #6",
1691e7bbbc5SConrad Meyer 	.test_key_hex =
1701e7bbbc5SConrad Meyer "02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
1711e7bbbc5SConrad Meyer "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF ",
1721e7bbbc5SConrad Meyer 	.test_msg_hex =
1731e7bbbc5SConrad Meyer "02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
1741e7bbbc5SConrad Meyer 	.test_msg_len = 16,
1751e7bbbc5SConrad Meyer 	.expected_tag_hex = "03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
1761e7bbbc5SConrad Meyer 
1771e7bbbc5SConrad Meyer },
1781e7bbbc5SConrad Meyer {
1791e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #7",
1801e7bbbc5SConrad Meyer 	.test_key_hex =
1811e7bbbc5SConrad Meyer "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
1821e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
1831e7bbbc5SConrad Meyer 	.test_msg_hex =
1841e7bbbc5SConrad Meyer "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF "
1851e7bbbc5SConrad Meyer "F0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF "
1861e7bbbc5SConrad Meyer "11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
1871e7bbbc5SConrad Meyer 	.test_msg_len = 48,
1881e7bbbc5SConrad Meyer 	.expected_tag_hex = "05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
1891e7bbbc5SConrad Meyer },
1901e7bbbc5SConrad Meyer {
1911e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #8",
1921e7bbbc5SConrad Meyer 	.test_key_hex =
1931e7bbbc5SConrad Meyer "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
1941e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
1951e7bbbc5SConrad Meyer 	.test_msg_hex =
1961e7bbbc5SConrad Meyer "FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF "
1971e7bbbc5SConrad Meyer "FB FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE "
1981e7bbbc5SConrad Meyer "01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01",
1991e7bbbc5SConrad Meyer 	.test_msg_len = 48,
2001e7bbbc5SConrad Meyer 	.expected_tag_hex = "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
2011e7bbbc5SConrad Meyer },
2021e7bbbc5SConrad Meyer {
2031e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #9",
2041e7bbbc5SConrad Meyer 	.test_key_hex =
2051e7bbbc5SConrad Meyer "02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
2061e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
2071e7bbbc5SConrad Meyer 	.test_msg_hex =
2081e7bbbc5SConrad Meyer "FD FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF",
2091e7bbbc5SConrad Meyer 	.test_msg_len = 16,
2101e7bbbc5SConrad Meyer 	.expected_tag_hex = "FA FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF",
2111e7bbbc5SConrad Meyer },
2121e7bbbc5SConrad Meyer {
2131e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #10",
2141e7bbbc5SConrad Meyer 	.test_key_hex =
2151e7bbbc5SConrad Meyer "01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 "
2161e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
2171e7bbbc5SConrad Meyer 	.test_msg_hex =
2181e7bbbc5SConrad Meyer "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00 "
2191e7bbbc5SConrad Meyer "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00 "
2201e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 "
2211e7bbbc5SConrad Meyer "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
2221e7bbbc5SConrad Meyer 	.test_msg_len = 64,
2231e7bbbc5SConrad Meyer 	.expected_tag_hex = "14 00 00 00 00 00 00 00 55 00 00 00 00 00 00 00",
2241e7bbbc5SConrad Meyer },
2251e7bbbc5SConrad Meyer {
2261e7bbbc5SConrad Meyer 	.vector_name = "RFC 7539 \xc2\xa7 A.3 #11",
2271e7bbbc5SConrad Meyer 	.test_key_hex =
2281e7bbbc5SConrad Meyer "01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 00 "
2291e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ",
2301e7bbbc5SConrad Meyer 	.test_msg_hex =
2311e7bbbc5SConrad Meyer "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00 "
2321e7bbbc5SConrad Meyer "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00 "
2331e7bbbc5SConrad Meyer "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
2341e7bbbc5SConrad Meyer 	.test_msg_len = 48,
2351e7bbbc5SConrad Meyer 	.expected_tag_hex = "13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00",
2361e7bbbc5SConrad Meyer },
2371e7bbbc5SConrad Meyer };
2381e7bbbc5SConrad Meyer 
2391e7bbbc5SConrad Meyer static void
parse_hex(const struct poly1305_kat * kat,const char * hexstr,void * voutput,size_t explen)2401e7bbbc5SConrad Meyer parse_hex(const struct poly1305_kat *kat, const char *hexstr, void *voutput,
2411e7bbbc5SConrad Meyer     size_t explen)
2421e7bbbc5SConrad Meyer {
2431e7bbbc5SConrad Meyer 	/* Space or colon delimited; may contain a single trailing space;
2441e7bbbc5SConrad Meyer 	 * length should match exactly.
2451e7bbbc5SConrad Meyer 	 */
2461e7bbbc5SConrad Meyer 	const char *sep, *it;
2471e7bbbc5SConrad Meyer 	size_t sym_len, count;
2481e7bbbc5SConrad Meyer 	char hbyte[3], *out;
2491e7bbbc5SConrad Meyer 	int res;
2501e7bbbc5SConrad Meyer 
2511e7bbbc5SConrad Meyer 	out = voutput;
2521e7bbbc5SConrad Meyer 	memset(hbyte, 0, sizeof(hbyte));
2531e7bbbc5SConrad Meyer 
2541e7bbbc5SConrad Meyer 	it = hexstr;
2551e7bbbc5SConrad Meyer 	count = 0;
2561e7bbbc5SConrad Meyer 	while (true) {
2571e7bbbc5SConrad Meyer 		sep = strpbrk(it, " :");
2581e7bbbc5SConrad Meyer 		if (sep == NULL)
2591e7bbbc5SConrad Meyer 			sym_len = strlen(it);
2601e7bbbc5SConrad Meyer 		else
2611e7bbbc5SConrad Meyer 			sym_len = sep - it;
2621e7bbbc5SConrad Meyer 
2631e7bbbc5SConrad Meyer 		ATF_REQUIRE_EQ_MSG(sym_len, 2,
2641e7bbbc5SConrad Meyer 		    "invalid hex byte '%.*s' in vector %s", (int)sym_len, it,
2651e7bbbc5SConrad Meyer 		    kat->vector_name);
2661e7bbbc5SConrad Meyer 
2671e7bbbc5SConrad Meyer 		memcpy(hbyte, it, 2);
2681e7bbbc5SConrad Meyer 		res = sscanf(hbyte, "%hhx", &out[count]);
2691e7bbbc5SConrad Meyer 		ATF_REQUIRE_EQ_MSG(res, 1,
2701e7bbbc5SConrad Meyer 		    "invalid hex byte '%s' in vector %s", hbyte,
2711e7bbbc5SConrad Meyer 		    kat->vector_name);
2721e7bbbc5SConrad Meyer 
2731e7bbbc5SConrad Meyer 		count++;
2741e7bbbc5SConrad Meyer 		ATF_REQUIRE_MSG(count <= explen,
2751e7bbbc5SConrad Meyer 		    "got longer than expected value at %s", kat->vector_name);
2761e7bbbc5SConrad Meyer 
2771e7bbbc5SConrad Meyer 		if (sep == NULL)
2781e7bbbc5SConrad Meyer 			break;
2791e7bbbc5SConrad Meyer 		it = sep;
2801e7bbbc5SConrad Meyer 		while (*it == ' ' || *it == ':')
2811e7bbbc5SConrad Meyer 			it++;
2821e7bbbc5SConrad Meyer 		if (*it == 0)
2831e7bbbc5SConrad Meyer 			break;
2841e7bbbc5SConrad Meyer 	}
2851e7bbbc5SConrad Meyer 
2861e7bbbc5SConrad Meyer 	ATF_REQUIRE_EQ_MSG(count, explen, "got short value at %s",
2871e7bbbc5SConrad Meyer 	    kat->vector_name);
2881e7bbbc5SConrad Meyer }
2891e7bbbc5SConrad Meyer 
2901e7bbbc5SConrad Meyer static void
parse_vector(const struct poly1305_kat * kat,uint8_t key[__min_size (POLY1305_KEY_LEN)],char * msg,uint8_t exptag[__min_size (POLY1305_HASH_LEN)])2911e7bbbc5SConrad Meyer parse_vector(const struct poly1305_kat *kat,
2921e7bbbc5SConrad Meyer     uint8_t key[__min_size(POLY1305_KEY_LEN)], char *msg,
2931e7bbbc5SConrad Meyer     uint8_t exptag[__min_size(POLY1305_HASH_LEN)])
2941e7bbbc5SConrad Meyer {
2951e7bbbc5SConrad Meyer 	parse_hex(kat, kat->test_key_hex, key, POLY1305_KEY_LEN);
2961e7bbbc5SConrad Meyer 	parse_hex(kat, kat->test_msg_hex, msg, kat->test_msg_len);
2971e7bbbc5SConrad Meyer 	parse_hex(kat, kat->expected_tag_hex, exptag, POLY1305_HASH_LEN);
2981e7bbbc5SConrad Meyer }
2991e7bbbc5SConrad Meyer 
3001e7bbbc5SConrad Meyer static int
get_handle_fd(void)3011e7bbbc5SConrad Meyer get_handle_fd(void)
3021e7bbbc5SConrad Meyer {
303*a4a23d21SJohn Baldwin 	int fd;
3041e7bbbc5SConrad Meyer 
305*a4a23d21SJohn Baldwin 	fd = open("/dev/crypto", O_RDWR);
306*a4a23d21SJohn Baldwin 	ATF_REQUIRE(fd >= 0);
3071e7bbbc5SConrad Meyer 	return (fd);
3081e7bbbc5SConrad Meyer }
3091e7bbbc5SConrad Meyer 
3101e7bbbc5SConrad Meyer static int
create_session(int fd,int alg,int crid,const void * key,size_t klen)3111e7bbbc5SConrad Meyer create_session(int fd, int alg, int crid, const void *key, size_t klen)
3121e7bbbc5SConrad Meyer {
3131e7bbbc5SConrad Meyer 	struct session2_op sop;
3141e7bbbc5SConrad Meyer 
3151e7bbbc5SConrad Meyer 	memset(&sop, 0, sizeof(sop));
3161e7bbbc5SConrad Meyer 
3171e7bbbc5SConrad Meyer 	sop.mac = alg;
3181e7bbbc5SConrad Meyer 	sop.mackey = key;
3191e7bbbc5SConrad Meyer 	sop.mackeylen = klen;
3201e7bbbc5SConrad Meyer 	sop.crid = crid;
3211e7bbbc5SConrad Meyer 
3221e7bbbc5SConrad Meyer 	ATF_REQUIRE_MSG(ioctl(fd, CIOCGSESSION2, &sop) >= 0,
3231e7bbbc5SConrad Meyer 	    "alg %d keylen %zu, errno=%d (%s)", alg, klen, errno,
3241e7bbbc5SConrad Meyer 	    strerror(errno));
3251e7bbbc5SConrad Meyer 	return (sop.ses);
3261e7bbbc5SConrad Meyer }
3271e7bbbc5SConrad Meyer 
3281e7bbbc5SConrad Meyer static void
destroy_session(int fd,int _ses)3291e7bbbc5SConrad Meyer destroy_session(int fd, int _ses)
3301e7bbbc5SConrad Meyer {
3311e7bbbc5SConrad Meyer 	uint32_t ses;
3321e7bbbc5SConrad Meyer 
3331e7bbbc5SConrad Meyer 	ses = _ses;
3341e7bbbc5SConrad Meyer 	ATF_REQUIRE_MSG(ioctl(fd, CIOCFSESSION, &ses) >= 0,
3351e7bbbc5SConrad Meyer 	    "destroy session failed, errno=%d (%s)", errno, strerror(errno));
3361e7bbbc5SConrad Meyer }
3371e7bbbc5SConrad Meyer 
3381e7bbbc5SConrad Meyer static void
do_cryptop(int fd,int ses,const void * inp,size_t inlen,void * out)3391e7bbbc5SConrad Meyer do_cryptop(int fd, int ses, const void *inp, size_t inlen, void *out)
3401e7bbbc5SConrad Meyer {
3411e7bbbc5SConrad Meyer 	struct crypt_op cop;
3421e7bbbc5SConrad Meyer 
3431e7bbbc5SConrad Meyer 	memset(&cop, 0, sizeof(cop));
3441e7bbbc5SConrad Meyer 
3451e7bbbc5SConrad Meyer 	cop.ses = ses;
3461e7bbbc5SConrad Meyer 	cop.len = inlen;
3471e7bbbc5SConrad Meyer 	cop.src = inp;
3481e7bbbc5SConrad Meyer 	cop.mac = out;
3491e7bbbc5SConrad Meyer 	ATF_CHECK_MSG(ioctl(fd, CIOCCRYPT, &cop) >= 0, "ioctl(CIOCCRYPT)");
3501e7bbbc5SConrad Meyer }
3511e7bbbc5SConrad Meyer 
3521e7bbbc5SConrad Meyer static void
test_rfc7539_poly1305_vectors(int crid,const char * modname)3531e7bbbc5SConrad Meyer test_rfc7539_poly1305_vectors(int crid, const char *modname)
3541e7bbbc5SConrad Meyer {
3551e7bbbc5SConrad Meyer 	uint8_t comptag[POLY1305_HASH_LEN], exptag[POLY1305_HASH_LEN],
3561e7bbbc5SConrad Meyer 	    key[POLY1305_KEY_LEN], msg[512];
3571e7bbbc5SConrad Meyer 	int fd, ses;
3581e7bbbc5SConrad Meyer 	size_t i;
3591e7bbbc5SConrad Meyer 
3601e7bbbc5SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE(modname);
3611e7bbbc5SConrad Meyer 	ATF_REQUIRE_KERNEL_MODULE("cryptodev");
3621e7bbbc5SConrad Meyer 
3631e7bbbc5SConrad Meyer 	fd = get_handle_fd();
3641e7bbbc5SConrad Meyer 
3651e7bbbc5SConrad Meyer 	for (i = 0; i < nitems(rfc7539_kats); i++) {
3661e7bbbc5SConrad Meyer 		const struct poly1305_kat *kat;
3671e7bbbc5SConrad Meyer 
3681e7bbbc5SConrad Meyer 		kat = &rfc7539_kats[i];
3691e7bbbc5SConrad Meyer 		parse_vector(kat, key, msg, exptag);
3701e7bbbc5SConrad Meyer 
3711e7bbbc5SConrad Meyer 		ses = create_session(fd, CRYPTO_POLY1305, crid, key, sizeof(key));
3721e7bbbc5SConrad Meyer 
3731e7bbbc5SConrad Meyer 		do_cryptop(fd, ses, msg, kat->test_msg_len, comptag);
3741e7bbbc5SConrad Meyer 		ATF_CHECK_EQ_MSG(memcmp(comptag, exptag, sizeof(exptag)), 0,
3751e7bbbc5SConrad Meyer 		    "KAT %s failed:", kat->vector_name);
3761e7bbbc5SConrad Meyer 
3771e7bbbc5SConrad Meyer 		destroy_session(fd, ses);
3781e7bbbc5SConrad Meyer 	}
3791e7bbbc5SConrad Meyer }
3801e7bbbc5SConrad Meyer 
3811e7bbbc5SConrad Meyer ATF_TC_WITHOUT_HEAD(poly1305_vectors);
ATF_TC_BODY(poly1305_vectors,tc)3821e7bbbc5SConrad Meyer ATF_TC_BODY(poly1305_vectors, tc)
3831e7bbbc5SConrad Meyer {
3848f02e2acSJung-uk Kim 	ATF_REQUIRE_SYSCTL_INT("kern.crypto.allow_soft", 1);
3851e7bbbc5SConrad Meyer 	test_rfc7539_poly1305_vectors(CRYPTO_FLAG_SOFTWARE, "nexus/cryptosoft");
3861e7bbbc5SConrad Meyer }
3871e7bbbc5SConrad Meyer 
ATF_TP_ADD_TCS(tp)3881e7bbbc5SConrad Meyer ATF_TP_ADD_TCS(tp)
3891e7bbbc5SConrad Meyer {
3901e7bbbc5SConrad Meyer 
3911e7bbbc5SConrad Meyer 	ATF_TP_ADD_TC(tp, poly1305_vectors);
3921e7bbbc5SConrad Meyer 
3931e7bbbc5SConrad Meyer 	return (atf_no_error());
3941e7bbbc5SConrad Meyer }
395