Changeset View
Changeset View
Standalone View
Standalone View
tests/sys/opencrypto/cryptodev.py
Show First 20 Lines • Show All 73 Lines • ▼ Show 20 Lines | __hdr__ = ( | ||||
('cipher', 'I', 0), | ('cipher', 'I', 0), | ||||
('mac', 'I', 0), | ('mac', 'I', 0), | ||||
('keylen', 'I', 0), | ('keylen', 'I', 0), | ||||
('key', 'P', 0), | ('key', 'P', 0), | ||||
('mackeylen', 'i', 0), | ('mackeylen', 'i', 0), | ||||
('mackey', 'P', 0), | ('mackey', 'P', 0), | ||||
('ses', 'I', 0), | ('ses', 'I', 0), | ||||
('crid', 'i', 0), | ('crid', 'i', 0), | ||||
('ivlen', 'i', 0), | |||||
('maclen', 'i', 0), | |||||
('pad0', 'i', 0), | ('pad0', 'i', 0), | ||||
('pad1', 'i', 0), | ('pad1', 'i', 0), | ||||
('pad2', 'i', 0), | |||||
('pad3', 'i', 0), | |||||
) | ) | ||||
class CryptOp(dpkt.Packet): | class CryptOp(dpkt.Packet): | ||||
__byte_order__ = '@' | __byte_order__ = '@' | ||||
__hdr__ = ( | __hdr__ = ( | ||||
('ses', 'I', 0), | ('ses', 'I', 0), | ||||
('op', 'H', 0), | ('op', 'H', 0), | ||||
('flags', 'H', 0), | ('flags', 'H', 0), | ||||
▲ Show 20 Lines • Show All 60 Lines • ▼ Show 20 Lines | def _findop(crid, name): | ||||
return fop.crid, name | return fop.crid, name | ||||
def array_tobytes(array_obj): | def array_tobytes(array_obj): | ||||
if sys.version_info[:2] >= (3, 2): | if sys.version_info[:2] >= (3, 2): | ||||
return array_obj.tobytes() | return array_obj.tobytes() | ||||
return array_obj.tostring() | return array_obj.tostring() | ||||
def empty_bytes(): | |||||
if sys.version_info[0] >= 3: | |||||
return b'' | |||||
return "" | |||||
class Crypto: | class Crypto: | ||||
@staticmethod | @staticmethod | ||||
def findcrid(name): | def findcrid(name): | ||||
return _findop(-1, name)[0] | return _findop(-1, name)[0] | ||||
@staticmethod | @staticmethod | ||||
def getcridname(crid): | def getcridname(crid): | ||||
return _findop(crid, '')[1] | return _findop(crid, '')[1] | ||||
def __init__(self, cipher=0, key=None, mac=0, mackey=None, | def __init__(self, cipher=0, key=None, mac=0, mackey=None, | ||||
crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None): | crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE, maclen=None, | ||||
ivlen=None): | |||||
self._ses = None | self._ses = None | ||||
self._maclen = maclen | self._maclen = maclen | ||||
ses = SessionOp2() | ses = SessionOp2() | ||||
ses.cipher = cipher | ses.cipher = cipher | ||||
ses.mac = mac | ses.mac = mac | ||||
if key is not None: | if key is not None: | ||||
ses.keylen = len(key) | ses.keylen = len(key) | ||||
k = array.array('B', key) | k = array.array('B', key) | ||||
ses.key = k.buffer_info()[0] | ses.key = k.buffer_info()[0] | ||||
else: | else: | ||||
self.key = None | self.key = None | ||||
if mackey is not None: | if mackey is not None: | ||||
ses.mackeylen = len(mackey) | ses.mackeylen = len(mackey) | ||||
mk = array.array('B', mackey) | mk = array.array('B', mackey) | ||||
ses.mackey = mk.buffer_info()[0] | ses.mackey = mk.buffer_info()[0] | ||||
if not cipher and not mac: | if not cipher and not mac: | ||||
raise ValueError('one of cipher or mac MUST be specified.') | raise ValueError('one of cipher or mac MUST be specified.') | ||||
ses.crid = crid | ses.crid = crid | ||||
if ivlen: | |||||
ses.ivlen = ivlen | |||||
if maclen: | |||||
ses.maclen = maclen | |||||
#print(ses) | #print(ses) | ||||
s = array.array('B', ses.pack_hdr()) | s = array.array('B', ses.pack_hdr()) | ||||
#print(s) | #print(s) | ||||
ioctl(_cryptodev, CIOCGSESSION2, s, 1) | ioctl(_cryptodev, CIOCGSESSION2, s, 1) | ||||
ses.unpack(s) | ses.unpack(s) | ||||
self._ses = ses.ses | self._ses = ses.ses | ||||
def __del__(self): | def __del__(self): | ||||
if self._ses is None: | if self._ses is None: | ||||
return | return | ||||
try: | try: | ||||
ioctl(_cryptodev, CIOCFSESSION, _pack('I', self._ses)) | ioctl(_cryptodev, CIOCFSESSION, _pack('I', self._ses)) | ||||
except TypeError: | except TypeError: | ||||
pass | pass | ||||
self._ses = None | self._ses = None | ||||
def _doop(self, op, src, iv): | def _doop(self, op, src, iv, mac=None): | ||||
cop = CryptOp() | cop = CryptOp() | ||||
cop.ses = self._ses | cop.ses = self._ses | ||||
cop.op = op | cop.op = op | ||||
cop.flags = 0 | cop.flags = 0 | ||||
if src is not None: | |||||
cop.len = len(src) | cop.len = len(src) | ||||
s = array.array('B', src) | s = array.array('B', src) | ||||
cop.src = cop.dst = s.buffer_info()[0] | cop.src = cop.dst = s.buffer_info()[0] | ||||
if mac is not None: | |||||
assert len(mac) == self._maclen, \ | |||||
'%d != %d' % (len(tag), self._maclen) | |||||
if self._maclen is not None: | if self._maclen is not None: | ||||
if mac is None: | |||||
m = array.array('B', [0] * self._maclen) | m = array.array('B', [0] * self._maclen) | ||||
else: | |||||
m = array.array('B', mac) | |||||
cop.mac = m.buffer_info()[0] | cop.mac = m.buffer_info()[0] | ||||
ivbuf = array.array('B', str_to_ascii(iv)) | ivbuf = array.array('B', str_to_ascii(iv)) | ||||
cop.iv = ivbuf.buffer_info()[0] | cop.iv = ivbuf.buffer_info()[0] | ||||
#print('cop:', cop) | #print('cop:', cop) | ||||
ioctl(_cryptodev, CIOCCRYPT, bytes(cop)) | ioctl(_cryptodev, CIOCCRYPT, bytes(cop)) | ||||
if src is not None: | |||||
s = array_tobytes(s) | s = array_tobytes(s) | ||||
else: | |||||
s = empty_bytes() | |||||
if self._maclen is not None: | if self._maclen is not None: | ||||
return s, array_tobytes(m) | return s, array_tobytes(m) | ||||
return s | return s | ||||
def _doaead(self, op, src, aad, iv, tag=None): | def _doaead(self, op, src, aad, iv, tag=None): | ||||
caead = CryptAEAD() | caead = CryptAEAD() | ||||
caead.ses = self._ses | caead.ses = self._ses | ||||
caead.op = op | caead.op = op | ||||
caead.flags = CRD_F_IV_EXPLICIT | caead.flags = CRD_F_IV_EXPLICIT | ||||
caead.flags = 0 | caead.flags = 0 | ||||
if src is not None and len(src) != 0: | |||||
src = str_to_ascii(src) | src = str_to_ascii(src) | ||||
caead.len = len(src) | caead.len = len(src) | ||||
s = array.array('B', src) | s = array.array('B', src) | ||||
caead.src = caead.dst = s.buffer_info()[0] | caead.src = caead.dst = s.buffer_info()[0] | ||||
aad = str_to_ascii(aad) | aad = str_to_ascii(aad) | ||||
caead.aadlen = len(aad) | caead.aadlen = len(aad) | ||||
saad = array.array('B', aad) | saad = array.array('B', aad) | ||||
caead.aad = saad.buffer_info()[0] | caead.aad = saad.buffer_info()[0] | ||||
if self._maclen is None: | if self._maclen is None: | ||||
raise ValueError('must have a tag length') | raise ValueError('must have a tag length') | ||||
tag = str_to_ascii(tag) | tag = str_to_ascii(tag) | ||||
if tag is None: | if tag is None: | ||||
tag = array.array('B', [0] * self._maclen) | tag = array.array('B', [0] * self._maclen) | ||||
else: | else: | ||||
assert len(tag) == self._maclen, \ | assert len(tag) == self._maclen, \ | ||||
'%d != %d' % (len(tag), self._maclen) | '%d != %d' % (len(tag), self._maclen) | ||||
tag = array.array('B', tag) | tag = array.array('B', tag) | ||||
caead.tag = tag.buffer_info()[0] | caead.tag = tag.buffer_info()[0] | ||||
ivbuf = array.array('B', iv) | ivbuf = array.array('B', iv) | ||||
caead.ivlen = len(iv) | caead.ivlen = len(iv) | ||||
caead.iv = ivbuf.buffer_info()[0] | caead.iv = ivbuf.buffer_info()[0] | ||||
ioctl(_cryptodev, CIOCCRYPTAEAD, bytes(caead)) | ioctl(_cryptodev, CIOCCRYPTAEAD, bytes(caead)) | ||||
if src is not None: | |||||
s = array_tobytes(s) | s = array_tobytes(s) | ||||
else: | |||||
s = empty_bytes() | |||||
return s, array_tobytes(tag) | return s, array_tobytes(tag) | ||||
def perftest(self, op, size, timeo=3): | def perftest(self, op, size, timeo=3): | ||||
inp = array.array('B', (random.randint(0, 255) for x in range(size))) | inp = array.array('B', (random.randint(0, 255) for x in range(size))) | ||||
inp = str_to_ascii(inp) | inp = str_to_ascii(inp) | ||||
out = array.array('B', inp) | out = array.array('B', inp) | ||||
Show All 37 Lines | def encrypt(self, data, iv, aad=None): | ||||
if aad is None: | if aad is None: | ||||
return self._doop(COP_ENCRYPT, data, iv) | return self._doop(COP_ENCRYPT, data, iv) | ||||
else: | else: | ||||
return self._doaead(COP_ENCRYPT, data, aad, | return self._doaead(COP_ENCRYPT, data, aad, | ||||
iv) | iv) | ||||
def decrypt(self, data, iv, aad=None, tag=None): | def decrypt(self, data, iv, aad=None, tag=None): | ||||
if aad is None: | if aad is None: | ||||
return self._doop(COP_DECRYPT, data, iv) | return self._doop(COP_DECRYPT, data, iv, mac=tag) | ||||
else: | else: | ||||
return self._doaead(COP_DECRYPT, data, aad, | return self._doaead(COP_DECRYPT, data, aad, | ||||
iv, tag=tag) | iv, tag=tag) | ||||
class MismatchError(Exception): | class MismatchError(Exception): | ||||
pass | pass | ||||
class KATParser: | class KATParser: | ||||
▲ Show 20 Lines • Show All 382 Lines • Show Last 20 Lines |