Page MenuHomeFreeBSD
Files F105561013

D32121.diff
No OneTemporary
Actions

D32121.diff
View Options

diff --git a/tests/sys/opencrypto/cryptodev.py b/tests/sys/opencrypto/cryptodev.py
--- a/tests/sys/opencrypto/cryptodev.py
+++ b/tests/sys/opencrypto/cryptodev.py
@@ -79,10 +79,10 @@
('mackey', 'P', 0),
('ses', 'I', 0),
('crid', 'i', 0),
+ ('ivlen', 'i', 0),
+ ('maclen', 'i', 0),
('pad0', 'i', 0),
('pad1', 'i', 0),
- ('pad2', 'i', 0),
- ('pad3', 'i', 0),
)
class CryptOp(dpkt.Packet):
@@ -159,6 +159,11 @@
return array_obj.tobytes()
return array_obj.tostring()
+def empty_bytes():
+ if sys.version_info[0] >= 3:
+ return b''
+ return ""
+
class Crypto:
@staticmethod
def findcrid(name):
@@ -169,7 +174,8 @@
return _findop(crid, '')[1]
def __init__(self, cipher=0, key=None, mac=0, mackey=None,
- crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None):
+ crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None,
+ ivlen=None):
self._ses = None
self._maclen = maclen
ses = SessionOp2()
@@ -191,6 +197,10 @@
if not cipher and not mac:
raise ValueError('one of cipher or mac MUST be specified.')
ses.crid = crid
+ if ivlen:
+ ses.ivlen = ivlen
+ if maclen:
+ ses.maclen = maclen
#print(ses)
s = array.array('B', ses.pack_hdr())
#print(s)
@@ -209,16 +219,23 @@
pass
self._ses = None
- def _doop(self, op, src, iv):
+ def _doop(self, op, src, iv, mac=None):
cop = CryptOp()
cop.ses = self._ses
cop.op = op
cop.flags = 0
- cop.len = len(src)
- s = array.array('B', src)
- cop.src = cop.dst = s.buffer_info()[0]
+ if src is not None:
+ cop.len = len(src)
+ s = array.array('B', src)
+ cop.src = cop.dst = s.buffer_info()[0]
+ if mac is not None:
+ assert len(mac) == self._maclen, \
+ '%d != %d' % (len(tag), self._maclen)
if self._maclen is not None:
- m = array.array('B', [0] * self._maclen)
+ if mac is None:
+ m = array.array('B', [0] * self._maclen)
+ else:
+ m = array.array('B', mac)
cop.mac = m.buffer_info()[0]
ivbuf = array.array('B', str_to_ascii(iv))
cop.iv = ivbuf.buffer_info()[0]
@@ -226,7 +243,10 @@
#print('cop:', cop)
ioctl(_cryptodev, CIOCCRYPT, bytes(cop))
- s = array_tobytes(s)
+ if src is not None:
+ s = array_tobytes(s)
+ else:
+ s = empty_bytes()
if self._maclen is not None:
return s, array_tobytes(m)
@@ -238,10 +258,11 @@
caead.op = op
caead.flags = CRD_F_IV_EXPLICIT
caead.flags = 0
- src = str_to_ascii(src)
- caead.len = len(src)
- s = array.array('B', src)
- caead.src = caead.dst = s.buffer_info()[0]
+ if src is not None and len(src) != 0:
+ src = str_to_ascii(src)
+ caead.len = len(src)
+ s = array.array('B', src)
+ caead.src = caead.dst = s.buffer_info()[0]
aad = str_to_ascii(aad)
caead.aadlen = len(aad)
saad = array.array('B', aad)
@@ -266,7 +287,10 @@
ioctl(_cryptodev, CIOCCRYPTAEAD, bytes(caead))
- s = array_tobytes(s)
+ if src is not None:
+ s = array_tobytes(s)
+ else:
+ s = empty_bytes()
return s, array_tobytes(tag)
@@ -320,7 +344,7 @@
def decrypt(self, data, iv, aad=None, tag=None):
if aad is None:
- return self._doop(COP_DECRYPT, data, iv)
+ return self._doop(COP_DECRYPT, data, iv, mac=tag)
else:
return self._doaead(COP_DECRYPT, data, aad,
iv, tag=tag)
diff --git a/tests/sys/opencrypto/cryptotest.py b/tests/sys/opencrypto/cryptotest.py
--- a/tests/sys/opencrypto/cryptotest.py
+++ b/tests/sys/opencrypto/cryptotest.py
@@ -243,25 +243,26 @@
def runCCMEncryptWithParser(self, parser):
for data in next(parser):
Nlen = int(data['Nlen'])
- if Nlen != 12:
- # OCF only supports 12 byte IVs
- continue
+ Tlen = int(data['Tlen'])
key = binascii.unhexlify(data['Key'])
nonce = binascii.unhexlify(data['Nonce'])
Alen = int(data['Alen'])
+ Plen = int(data['Plen'])
if Alen != 0:
aad = binascii.unhexlify(data['Adata'])
else:
aad = None
- payload = binascii.unhexlify(data['Payload'])
+ if Plen != 0:
+ payload = binascii.unhexlify(data['Payload'])
+ else:
+ payload = None
ct = binascii.unhexlify(data['CT'])
try:
c = Crypto(crid=crid,
cipher=cryptodev.CRYPTO_AES_CCM_16,
key=key,
- mac=cryptodev.CRYPTO_AES_CCM_CBC_MAC,
- mackey=key, maclen=16)
+ mackey=key, maclen=Tlen, ivlen=Nlen)
r, tag = Crypto.encrypt(c, payload,
nonce, aad)
except EnvironmentError as e:
@@ -280,36 +281,29 @@
self.runCCMDecryptWithParser(parser)
def runCCMDecryptWithParser(self, parser):
- # XXX: Note that all of the current CCM
- # decryption test vectors use IV and tag sizes
- # that aren't supported by OCF none of the
- # tests are actually ran.
for data in next(parser):
Nlen = int(data['Nlen'])
- if Nlen != 12:
- # OCF only supports 12 byte IVs
- continue
Tlen = int(data['Tlen'])
- if Tlen != 16:
- # OCF only supports 16 byte tags
- continue
key = binascii.unhexlify(data['Key'])
nonce = binascii.unhexlify(data['Nonce'])
Alen = int(data['Alen'])
+ Plen = int(data['Plen'])
if Alen != 0:
aad = binascii.unhexlify(data['Adata'])
else:
aad = None
ct = binascii.unhexlify(data['CT'])
- tag = ct[-16:]
- ct = ct[:-16]
+ tag = ct[-Tlen:]
+ if Plen != 0:
+ payload = ct[:-Tlen]
+ else:
+ payload = None
try:
c = Crypto(crid=crid,
cipher=cryptodev.CRYPTO_AES_CCM_16,
key=key,
- mac=cryptodev.CRYPTO_AES_CCM_CBC_MAC,
- mackey=key, maclen=16)
+ mackey=key, maclen=Tlen, ivlen=Nlen)
except EnvironmentError as e:
if e.errno != errno.EOPNOTSUPP:
raise
@@ -319,12 +313,11 @@
self.assertRaises(IOError,
c.decrypt, payload, nonce, aad, tag)
else:
- r = Crypto.decrypt(c, payload, nonce,
- aad, tag)
+ r, tag = Crypto.decrypt(c, payload, nonce,
+ aad, tag)
payload = binascii.unhexlify(data['Payload'])
- plen = int(data('Plen'))
- payload = payload[:plen]
+ payload = payload[:Plen]
self.assertEqual(r, payload,
"Count " + data['Count'] + \
" Actual: " + repr(binascii.hexlify(r)) + \

File Metadata

Mime Type
text/plain
Expires
Wed, Dec 18, 4:36 PM (20 h, 36 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
15490714
Default Alt Text
D32121.diff (7 KB)

Event Timeline