From 657f0c2dc2819802704b6be6ae01d1a0545abbcd Mon Sep 17 00:00:00 2001
From: John Baldwin <jhb@FreeBSD.org>
Date: Thu, 23 May 2019 19:20:37 +0000
Subject: [PATCH] MFC 346616: Run the plain SHA digest tests from NIST.

Pass in an explicit digest length to the Crypto constructor since it
was assuming only sessions with a MAC key would have a MAC.  Passing
an explicit size allows us to test the full digest in HMAC tests as
well.
---
 tests/sys/opencrypto/cryptodev.py  |  6 +--
 tests/sys/opencrypto/cryptotest.py | 66 ++++++++++++++++++++++++------
 2 files changed, 55 insertions(+), 17 deletions(-)

diff --git a/tests/sys/opencrypto/cryptodev.py b/tests/sys/opencrypto/cryptodev.py
index 07865a178b5..5facfba85e0 100644
--- a/tests/sys/opencrypto/cryptodev.py
+++ b/tests/sys/opencrypto/cryptodev.py
@@ -151,8 +151,9 @@ def getcridname(crid):
 		return _findop(crid, '')[1]
 
 	def __init__(self, cipher=0, key=None, mac=0, mackey=None,
-	    crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE):
+	    crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None):
 		self._ses = None
+		self._maclen = maclen
 		ses = SessionOp2()
 		ses.cipher = cipher
 		ses.mac = mac
@@ -168,9 +169,6 @@ def __init__(self, cipher=0, key=None, mac=0, mackey=None,
 			ses.mackeylen = len(mackey)
 			mk = array.array('B', mackey)
 			ses.mackey = mk.buffer_info()[0]
-			self._maclen = 16	# parameterize?
-		else:
-			self._maclen = None
 
 		if not cipher and not mac:
 			raise ValueError('one of cipher or mac MUST be specified.')
diff --git a/tests/sys/opencrypto/cryptotest.py b/tests/sys/opencrypto/cryptotest.py
index 51f24f76ffa..3a988decaaf 100644
--- a/tests/sys/opencrypto/cryptotest.py
+++ b/tests/sys/opencrypto/cryptotest.py
@@ -114,7 +114,8 @@ def runGCM(self, fname, mode):
 						c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
 						    cipherkey,
 						    mac=self._gmacsizes[len(cipherkey)],
-						    mackey=cipherkey, crid=crid)
+						    mackey=cipherkey, crid=crid,
+						    maclen=16)
 					except EnvironmentError, e:
 						# Can't test algorithms the driver does not support.
 						if e.errno != errno.EOPNOTSUPP:
@@ -260,10 +261,54 @@ def runTDES(self, fname):
 		###############
 		@unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % str(cname))
 		def test_sha(self):
-			# SHA not available in software
-			pass
-			#for i in iglob('SHA1*'):
-			#	self.runSHA(i)
+			for i in katg('shabytetestvectors', 'SHA*Msg.rsp'):
+				self.runSHA(i)
+
+		def runSHA(self, fname):
+			# Skip SHA512_(224|256) tests
+			if fname.find('SHA512_') != -1:
+				return
+
+			for hashlength, lines in cryptodev.KATParser(fname,
+			    [ 'Len', 'Msg', 'MD' ]):
+				# E.g., hashlength will be "L=20" (bytes)
+				hashlen = int(hashlength.split("=")[1])
+
+				if hashlen == 20:
+					alg = cryptodev.CRYPTO_SHA1
+				elif hashlen == 28:
+					alg = cryptodev.CRYPTO_SHA2_224
+				elif hashlen == 32:
+					alg = cryptodev.CRYPTO_SHA2_256
+				elif hashlen == 48:
+					alg = cryptodev.CRYPTO_SHA2_384
+				elif hashlen == 64:
+					alg = cryptodev.CRYPTO_SHA2_512
+				else:
+					# Skip unsupported hashes
+					# Slurp remaining input in section
+					for data in lines:
+						continue
+					continue
+
+				for data in lines:
+					msg = data['Msg'].decode('hex')
+                                        msg = msg[:int(data['Len'])]
+					md = data['MD'].decode('hex')
+
+					try:
+						c = Crypto(mac=alg, crid=crid,
+						    maclen=hashlen)
+					except EnvironmentError, e:
+						# Can't test hashes the driver does not support.
+						if e.errno != errno.EOPNOTSUPP:
+							raise
+						continue
+
+					_, r = c.encrypt(msg, iv="")
+
+					self.assertEqual(r, md, "Actual: " + \
+					    repr(r.encode("hex")) + " Expected: " + repr(data) + " on " + cname)
 
 		@unittest.skipIf(cname not in shamodules, 'skipping SHA-HMAC on %s' % str(cname))
 		def test_sha1hmac(self):
@@ -310,7 +355,7 @@ def runSHA1HMAC(self, fname):
 
 					try:
 						c = Crypto(mac=alg, mackey=key,
-						    crid=crid)
+						    crid=crid, maclen=hashlen)
 					except EnvironmentError, e:
 						# Can't test hashes the driver does not support.
 						if e.errno != errno.EOPNOTSUPP:
@@ -319,13 +364,8 @@ def runSHA1HMAC(self, fname):
 
 					_, r = c.encrypt(msg, iv="")
 
-					# A limitation in cryptodev.py means we
-					# can only store MACs up to 16 bytes.
-					# That's good enough to validate the
-					# correct behavior, more or less.
-					maclen = min(tlen, 16)
-					self.assertEqual(r[:maclen], mac[:maclen], "Actual: " + \
-					    repr(r[:maclen].encode("hex")) + " Expected: " + repr(data))
+					self.assertEqual(r[:tlen], mac, "Actual: " + \
+					    repr(r.encode("hex")) + " Expected: " + repr(data))
 
 	return GendCryptoTestCase
 
-- 
2.45.0