1 #!/usr/local/bin/python2
3 # Copyright (c) 2014 The FreeBSD Foundation
6 # This software was developed by John-Mark Gurney under
7 # the sponsorship from the FreeBSD Foundation.
8 # Redistribution and use in source and binary forms, with or without
9 # modification, are permitted provided that the following conditions
11 # 1. Redistributions of source code must retain the above copyright
12 # notice, this list of conditions and the following disclaimer.
13 # 2. Redistributions in binary form must reproduce the above copyright
14 # notice, this list of conditions and the following disclaimer in the
15 # documentation and/or other materials provided with the distribution.
17 # THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
18 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
19 # IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
20 # ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
21 # FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
22 # DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
23 # OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
24 # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
25 # LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
26 # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
32 from __future__ import print_function
39 from cryptodev import *
40 from glob import iglob
42 katdir = '/usr/local/share/nist-kat'
45 assert os.path.exists(katdir), "Please 'pkg install nist-kat'"
46 if not os.path.exists(os.path.join(katdir, base)):
47 raise unittest.SkipTest("Missing %s test vectors" % (base))
48 return iglob(os.path.join(katdir, base, glob))
50 aesmodules = [ 'cryptosoft0', 'aesni0', 'ccr0', 'ccp0' ]
51 desmodules = [ 'cryptosoft0', ]
52 shamodules = [ 'cryptosoft0', 'aesni0', 'ccr0', 'ccp0' ]
54 def GenTestCase(cname):
56 crid = cryptodev.Crypto.findcrid(cname)
60 class GendCryptoTestCase(unittest.TestCase):
64 @unittest.skipIf(cname not in aesmodules, 'skipping AES-XTS on %s' % (cname))
66 for i in katg('XTSTestVectors/format tweak value input - data unit seq no', '*.rsp'):
67 self.runXTS(i, cryptodev.CRYPTO_AES_XTS)
69 @unittest.skipIf(cname not in aesmodules, 'skipping AES-CBC on %s' % (cname))
71 for i in katg('KAT_AES', 'CBC[GKV]*.rsp'):
74 @unittest.skipIf(cname not in aesmodules, 'skipping AES-GCM on %s' % (cname))
76 for i in katg('gcmtestvectors', 'gcmEncrypt*'):
77 self.runGCM(i, 'ENCRYPT')
79 for i in katg('gcmtestvectors', 'gcmDecrypt*'):
80 self.runGCM(i, 'DECRYPT')
82 _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC,
83 24: cryptodev.CRYPTO_AES_192_NIST_GMAC,
84 16: cryptodev.CRYPTO_AES_128_NIST_GMAC,
86 def runGCM(self, fname, mode):
90 curfun = Crypto.encrypt
91 elif mode == 'DECRYPT':
93 curfun = Crypto.decrypt
95 raise RuntimeError('unknown mode: %r' % repr(mode))
97 for bogusmode, lines in cryptodev.KATParser(fname,
98 [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]):
100 curcnt = int(data['Count'])
101 cipherkey = data['Key'].decode('hex')
102 iv = data['IV'].decode('hex')
103 aad = data['AAD'].decode('hex')
104 tag = data['Tag'].decode('hex')
105 if 'FAIL' not in data:
106 pt = data['PT'].decode('hex')
107 ct = data['CT'].decode('hex')
110 # XXX - isn't supported
114 c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
116 mac=self._gmacsizes[len(cipherkey)],
117 mackey=cipherkey, crid=crid,
119 except EnvironmentError, e:
120 # Can't test algorithms the driver does not support.
121 if e.errno != errno.EOPNOTSUPP:
125 if mode == 'ENCRYPT':
127 rct, rtag = c.encrypt(pt, iv, aad)
128 except EnvironmentError, e:
129 # Can't test inputs the driver does not support.
130 if e.errno != errno.EINVAL:
133 rtag = rtag[:len(tag)]
134 data['rct'] = rct.encode('hex')
135 data['rtag'] = rtag.encode('hex')
136 self.assertEqual(rct, ct, repr(data))
137 self.assertEqual(rtag, tag, repr(data))
141 args = (ct, iv, aad, tag)
143 self.assertRaises(IOError,
147 rpt, rtag = c.decrypt(*args)
148 except EnvironmentError, e:
149 # Can't test inputs the driver does not support.
150 if e.errno != errno.EINVAL:
153 data['rpt'] = rpt.encode('hex')
154 data['rtag'] = rtag.encode('hex')
155 self.assertEqual(rpt, pt,
158 def runCBC(self, fname):
160 for mode, lines in cryptodev.KATParser(fname,
161 [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
162 if mode == 'ENCRYPT':
164 curfun = Crypto.encrypt
165 elif mode == 'DECRYPT':
167 curfun = Crypto.decrypt
169 raise RuntimeError('unknown mode: %r' % repr(mode))
172 curcnt = int(data['COUNT'])
173 cipherkey = data['KEY'].decode('hex')
174 iv = data['IV'].decode('hex')
175 pt = data['PLAINTEXT'].decode('hex')
176 ct = data['CIPHERTEXT'].decode('hex')
181 c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid)
182 r = curfun(c, pt, iv)
183 self.assertEqual(r, ct)
185 def runXTS(self, fname, meth):
187 for mode, lines in cryptodev.KATParser(fname,
188 [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT',
190 if mode == 'ENCRYPT':
192 curfun = Crypto.encrypt
193 elif mode == 'DECRYPT':
195 curfun = Crypto.decrypt
197 raise RuntimeError('unknown mode: %r' % repr(mode))
200 curcnt = int(data['COUNT'])
201 nbits = int(data['DataUnitLen'])
202 cipherkey = data['Key'].decode('hex')
203 iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0)
204 pt = data['PT'].decode('hex')
205 ct = data['CT'].decode('hex')
208 # XXX - mark as skipped
214 c = Crypto(meth, cipherkey, crid=crid)
215 r = curfun(c, pt, iv)
216 except EnvironmentError, e:
217 # Can't test hashes the driver does not support.
218 if e.errno != errno.EOPNOTSUPP:
221 self.assertEqual(r, ct)
226 @unittest.skipIf(cname not in desmodules, 'skipping DES on %s' % (cname))
228 for i in katg('KAT_TDES', 'TCBC[a-z]*.rsp'):
231 def runTDES(self, fname):
233 for mode, lines in cryptodev.KATParser(fname,
234 [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
235 if mode == 'ENCRYPT':
237 curfun = Crypto.encrypt
238 elif mode == 'DECRYPT':
240 curfun = Crypto.decrypt
242 raise RuntimeError('unknown mode: %r' % repr(mode))
245 curcnt = int(data['COUNT'])
246 key = data['KEYs'] * 3
247 cipherkey = key.decode('hex')
248 iv = data['IV'].decode('hex')
249 pt = data['PLAINTEXT'].decode('hex')
250 ct = data['CIPHERTEXT'].decode('hex')
255 c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey, crid=crid)
256 r = curfun(c, pt, iv)
257 self.assertEqual(r, ct)
262 @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % str(cname))
264 for i in katg('shabytetestvectors', 'SHA*Msg.rsp'):
267 def runSHA(self, fname):
268 # Skip SHA512_(224|256) tests
269 if fname.find('SHA512_') != -1:
272 for hashlength, lines in cryptodev.KATParser(fname,
273 [ 'Len', 'Msg', 'MD' ]):
274 # E.g., hashlength will be "L=20" (bytes)
275 hashlen = int(hashlength.split("=")[1])
278 alg = cryptodev.CRYPTO_SHA1
280 alg = cryptodev.CRYPTO_SHA2_224
282 alg = cryptodev.CRYPTO_SHA2_256
284 alg = cryptodev.CRYPTO_SHA2_384
286 alg = cryptodev.CRYPTO_SHA2_512
288 # Skip unsupported hashes
289 # Slurp remaining input in section
295 msg = data['Msg'].decode('hex')
296 msg = msg[:int(data['Len'])]
297 md = data['MD'].decode('hex')
300 c = Crypto(mac=alg, crid=crid,
302 except EnvironmentError, e:
303 # Can't test hashes the driver does not support.
304 if e.errno != errno.EOPNOTSUPP:
308 _, r = c.encrypt(msg, iv="")
310 self.assertEqual(r, md, "Actual: " + \
311 repr(r.encode("hex")) + " Expected: " + repr(data) + " on " + cname)
313 @unittest.skipIf(cname not in shamodules, 'skipping SHA-HMAC on %s' % str(cname))
314 def test_sha1hmac(self):
315 for i in katg('hmactestvectors', 'HMAC.rsp'):
318 def runSHA1HMAC(self, fname):
319 for hashlength, lines in cryptodev.KATParser(fname,
320 [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]):
321 # E.g., hashlength will be "L=20" (bytes)
322 hashlen = int(hashlength.split("=")[1])
326 alg = cryptodev.CRYPTO_SHA1_HMAC
329 alg = cryptodev.CRYPTO_SHA2_224_HMAC
332 alg = cryptodev.CRYPTO_SHA2_256_HMAC
335 alg = cryptodev.CRYPTO_SHA2_384_HMAC
338 alg = cryptodev.CRYPTO_SHA2_512_HMAC
341 # Skip unsupported hashes
342 # Slurp remaining input in section
348 key = data['Key'].decode('hex')
349 msg = data['Msg'].decode('hex')
350 mac = data['Mac'].decode('hex')
351 tlen = int(data['Tlen'])
353 if len(key) > blocksize:
357 c = Crypto(mac=alg, mackey=key,
358 crid=crid, maclen=hashlen)
359 except EnvironmentError, e:
360 # Can't test hashes the driver does not support.
361 if e.errno != errno.EOPNOTSUPP:
365 _, r = c.encrypt(msg, iv="")
367 self.assertEqual(r[:tlen], mac, "Actual: " + \
368 repr(r.encode("hex")) + " Expected: " + repr(data))
370 return GendCryptoTestCase
372 cryptosoft = GenTestCase('cryptosoft0')
373 aesni = GenTestCase('aesni0')
374 ccr = GenTestCase('ccr0')
375 ccp = GenTestCase('ccp0')
377 if __name__ == '__main__':