Fri Jun 9 06:09:02 2017 UTC ()
add tests of ioctl for /dev/crypto
(knakahara)
diff -r1.217 -r1.218 src/distrib/sets/lists/debug/mi
diff -r1.752 -r1.753 src/distrib/sets/lists/tests/mi
diff -r1.3 -r1.4 src/tests/crypto/opencrypto/Makefile
diff -r0 -r1.1 src/tests/crypto/opencrypto/h_ioctl.c
diff -r1.7 -r1.8 src/tests/crypto/opencrypto/t_opencrypto.sh
--- src/distrib/sets/lists/debug/mi 2017/06/05 23:44:08 1.217
+++ src/distrib/sets/lists/debug/mi 2017/06/09 06:09:01 1.218
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.217 2017/06/05 23:44:08 christos Exp $
+# $NetBSD: mi,v 1.218 2017/06/09 06:09:01 knakahara Exp $
./etc/mtree/set.debug comp-sys-root
./usr/lib comp-sys-usr compatdir
./usr/lib/i18n/libBIG5_g.a comp-c-debuglib debuglib,compatfile
@@ -1599,6 +1599,7 @@
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_comp_zlib.debug tests-crypto-debug debug,atf,compattestfile
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_comp_zlib_rnd.debug tests-crypto-debug debug,atf,compattestfile
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_gcm.debug tests-crypto-debug debug,atf,compattestfile
+./usr/libdata/debug/usr/tests/crypto/opencrypto/h_ioctl.debug tests-crypto-debug debug,atf,compattestfile
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_md5.debug tests-crypto-debug debug,atf,compattestfile
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_md5hmac.debug tests-crypto-debug debug,atf,compattestfile
./usr/libdata/debug/usr/tests/crypto/opencrypto/h_null.debug tests-crypto-debug debug,atf,compattestfile
--- src/distrib/sets/lists/tests/mi 2017/06/01 15:45:02 1.752
+++ src/distrib/sets/lists/tests/mi 2017/06/09 06:09:01 1.753
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.752 2017/06/01 15:45:02 perseant Exp $
+# $NetBSD: mi,v 1.753 2017/06/09 06:09:01 knakahara Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@@ -1354,6 +1354,7 @@
./usr/tests/crypto/opencrypto/h_comp_zlib tests-crypto-tests compattestfile,atf
./usr/tests/crypto/opencrypto/h_comp_zlib_rnd tests-crypto-tests compattestfile,atf
./usr/tests/crypto/opencrypto/h_gcm tests-crypto-tests compattestfile,atf
+./usr/tests/crypto/opencrypto/h_ioctl tests-crypto-tests compattestfile,atf
./usr/tests/crypto/opencrypto/h_md5 tests-crypto-tests compattestfile,atf
./usr/tests/crypto/opencrypto/h_md5hmac tests-crypto-tests compattestfile,atf
./usr/tests/crypto/opencrypto/h_null tests-crypto-tests compattestfile,atf
--- src/tests/crypto/opencrypto/Makefile 2017/04/17 03:59:37 1.3
+++ src/tests/crypto/opencrypto/Makefile 2017/06/09 06:09:02 1.4
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.3 2017/04/17 03:59:37 knakahara Exp $
+# $NetBSD: Makefile,v 1.4 2017/06/09 06:09:02 knakahara Exp $
.include <bsd.own.mk>
@@ -25,9 +25,9 @@
PROGS+= h_null
PROGS+= h_sha1hmac
PROGS+= h_xcbcmac
+PROGS+= h_ioctl
LDADD.h_comp_zlib+= -lz
LDADD.h_comp_zlib_rnd+= -lz
.include <bsd.test.mk>
-
/* $NetBSD: h_ioctl.c,v 1.1 2017/06/09 06:09:02 knakahara Exp $ */
/*-
* Copyright (c) 2017 Internet Initiative Japan Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
* TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
* BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
* CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
* SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
* CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
* POSSIBILITY OF SUCH DAMAGE.
*/
#include <err.h>
#include <errno.h>
#include <fcntl.h>
#include <stdio.h>
#include <string.h>
#include <sys/errno.h>
#include <sys/ioctl.h>
#include <sys/sysctl.h>
#include <crypto/cryptodev.h>
/* copy from h_aescbc.c */
#define AES_KEY_LEN 16
unsigned char aes_key[AES_KEY_LEN] =
{ 0x06, 0xa9, 0x21, 0x40, 0x36, 0xb8, 0xa1, 0x5b,
0x51, 0x2e, 0x03, 0xd5, 0x34, 0x12, 0x00, 0x06, };
#define AES_IV_LEN 16
unsigned char aes_iv[AES_IV_LEN] =
{ 0x3d, 0xaf, 0xba, 0x42, 0x9d, 0x9e, 0xb4, 0x30,
0xb4, 0x22, 0xda, 0x80, 0x2c, 0x9f, 0xac, 0x41, };
#define AES_PLAINTX_LEN 64
unsigned char aes_plaintx[AES_PLAINTX_LEN] = "Single block msg";
#define AES_CIPHER_LEN 64
unsigned char aes_cipher[AES_CIPHER_LEN] =
{ 0xe3, 0x53, 0x77, 0x9c, 0x10, 0x79, 0xae, 0xb8,
0x27, 0x08, 0x94, 0x2d, 0xbe, 0x77, 0x18, 0x1a, };
/*
* CRIOGET is deprecated.
*/
/*
* CIOCNGSESSION
* Hmm, who uses? (1)
*/
static int
test_ngsession(int fd)
{
int ret;
int cs_count = 2;
struct crypt_sgop sg;
struct session_n_op css[cs_count];
for (int i = 0; i < cs_count; i++) {
struct session_n_op *cs = &css[i];
memset(cs, 0, sizeof(*cs));
cs->cipher = CRYPTO_AES_CBC;
cs->keylen = AES_KEY_LEN;
cs->key = __UNCONST(&aes_key);
}
memset(&sg, 0, sizeof(sg));
sg.count = cs_count;
sg.sessions = css;
ret = ioctl(fd, CIOCNGSESSION, &sg);
if (ret < 0)
fprintf(stderr, "failed: CIOCNGSESSION\n");
return ret;
}
/*
* CIOCNFSESSION
* Hmm, who uses? (2)
*/
static int
test_nfsession(int fd)
{
int ret;
int sid_count = 2;
struct crypt_sfop sf;
u_int32_t sids[sid_count];
memset(sids, 0, sizeof(sids));
memset(&sf, 0, sizeof(sf));
sf.count = sid_count;
sf.sesid = sids;
ret = ioctl(fd, CIOCNFSESSION, &sf);
if (ret < 0)
fprintf(stderr, "failed: CIOCNFSESSION\n");
return ret;
}
/*
* CIOCNCRYPTM
* Hmm, who uses? (3)
*/
static int
test_ncryptm(int fd)
{
int ret;
int cs_count = 2;
struct crypt_mop mop;
struct crypt_n_op css[cs_count];
for (int i = 0; i < cs_count; i++) {
struct crypt_n_op *cs;
cs = &css[i];
memset(cs, 0, sizeof(*cs));
cs->ses = 0; /* session id */
cs->op = COP_ENCRYPT;
/* XXX */
}
memset(&mop, 0, sizeof(mop));
mop.count = cs_count;
mop.reqs = css;
ret = ioctl(fd, CIOCNCRYPTM, &mop);
if (ret < 0)
fprintf(stderr, "failed: CIOCNCRYPTM\n");
return ret;
}
/*
* CIOCNCRYPTRETM
* Hmm, who uses? (4)
*/
static int
test_ncryptretm(int fd)
{
int ret;
int req_count = 2;
struct session_op cs;
struct crypt_mop mop;
struct crypt_n_op cnos[req_count];
unsigned char cno_dst[req_count][AES_CIPHER_LEN];
struct cryptret cret;
struct crypt_result crs[req_count];
memset(&cs, 0, sizeof(cs));
cs.cipher = CRYPTO_AES_CBC;
cs.keylen = AES_KEY_LEN;
cs.key = __UNCONST(&aes_key);
ret = ioctl(fd, CIOCGSESSION, &cs);
if (ret < 0) {
fprintf(stderr, "failed: CIOCGSESSION\n");
return ret;
}
for (int i = 0; i < req_count; i++) {
struct crypt_n_op *cno = &cnos[i];
memset(cno, 0, sizeof(*cno));
cno->ses = cs.ses;
cno->op = COP_ENCRYPT;
cno->len = AES_PLAINTX_LEN;
cno->src = aes_plaintx;
cno->dst_len = AES_CIPHER_LEN;
cno->dst = cno_dst[i];
}
memset(&mop, 0, sizeof(mop));
mop.count = req_count;
mop.reqs = cnos;
ret = ioctl(fd, CIOCNCRYPTM, &mop);
if (ret < 0)
fprintf(stderr, "failed: CIOCNCRYPTM\n");
for (int i = 0; i < req_count; i++) {
struct crypt_result *cr = &crs[i];
memset(cr, 0, sizeof(*cr));
cr->reqid = cnos[i].reqid;
}
memset(&cret, 0, sizeof(cret));
cret.count = req_count;
cret.results = crs;
ret = ioctl(fd, CIOCNCRYPTRETM, &cret);
if (ret < 0)
fprintf(stderr, "failed: CIOCNCRYPTRETM\n");
return ret;
}
/*
* CIOCNCRYPTRET
* Hmm, who uses? (5)
*/
/* test when it does not request yet. */
static int
test_ncryptret_noent(int fd)
{
int ret;
struct crypt_result cr;
memset(&cr, 0, sizeof(cr));
ret = ioctl(fd, CIOCNCRYPTRET, &cr);
if (ret == 0) {
fprintf(stderr,
"failed: CIOCNCRYPTRET unexpected success when no entry\n");
ret = -1;
} else if (errno == EINPROGRESS) {
/* expected fail */
ret = 0;
}
return ret;
}
static int
test_ncryptret_ent(int fd)
{
int ret;
struct session_op cs;
struct crypt_mop mop;
struct crypt_n_op cno;
unsigned char cno_dst[AES_CIPHER_LEN];
struct crypt_result cr;
memset(&cs, 0, sizeof(cs));
cs.cipher = CRYPTO_AES_CBC;
cs.keylen = AES_KEY_LEN;
cs.key = __UNCONST(&aes_key);
ret = ioctl(fd, CIOCGSESSION, &cs);
if (ret < 0) {
fprintf(stderr, "failed: CIOCGSESSION\n");
return ret;
}
memset(&cno, 0, sizeof(cno));
cno.ses = cs.ses;
cno.op = COP_ENCRYPT;
cno.len = AES_PLAINTX_LEN;
cno.src = aes_plaintx;
cno.dst_len = AES_CIPHER_LEN;
cno.dst = cno_dst;
memset(&mop, 0, sizeof(mop));
mop.count = 1;
mop.reqs = &cno;
ret = ioctl(fd, CIOCNCRYPTM, &mop);
if (ret < 0)
fprintf(stderr, "failed: CIOCNCRYPTM\n");
memset(&cr, 0, sizeof(cr));
cr.reqid = cno.reqid;
ret = ioctl(fd, CIOCNCRYPTRET, &cr);
if (ret < 0)
fprintf(stderr, "failed: CIOCNCRYPTRET\n");
return ret;
}
static int
test_ncryptret(int fd)
{
int ret;
ret = test_ncryptret_noent(fd);
if (ret < 0)
return ret;
ret = test_ncryptret_ent(fd);
if (ret < 0)
return ret;
return ret;
}
/*
* CIOCASYMFEAT
*/
static int
set_userasymcrypto(int new, int *old)
{
int ret;
ret = sysctlbyname("kern.userasymcrypto", NULL, NULL, &new, sizeof(new));
if (ret < 0) {
fprintf(stderr, "failed: kern.userasymcrypto=%d", new);
return ret;
}
if (old != NULL)
*old = new;
return ret;
}
static int
test_asymfeat_each(int fd, u_int32_t *asymfeat, int userasym)
{
int ret;
ret = ioctl(fd, CIOCASYMFEAT, asymfeat);
if (ret < 0)
fprintf(stderr, "failed: CIOCASYMFEAT when userasym=%d\n", userasym);
return ret;
}
static int
test_asymfeat(int fd)
{
int ret, new, orig;
u_int32_t asymfeat = 0;
/* test for kern.userasymcrypto=1 */
new = 1;
ret = set_userasymcrypto(new, &orig);
if (ret < 0)
return ret;
ret = test_asymfeat_each(fd, &asymfeat, new);
if (ret < 0)
return ret;
/* test for kern.userasymcrypto=0 */
new = 0;
ret = set_userasymcrypto(new, NULL);
if (ret < 0)
return ret;
ret = test_asymfeat_each(fd, &asymfeat, new);
if (ret < 0)
return ret;
/* cleanup */
ret = set_userasymcrypto(orig, NULL);
if (ret < 0)
fprintf(stderr, "failed: cleanup kern.userasymcrypto\n");
return ret;
}
int
main(void)
{
int fd, ret;
fd = open("/dev/crypto", O_RDWR, 0);
if (fd < 0)
err(1, "open");
ret = test_ngsession(fd);
if (ret < 0)
err(1, "test_ngsession");
ret = test_nfsession(fd);
if (ret < 0)
err(1, "test_ngsession");
ret = test_ncryptm(fd);
if (ret < 0)
err(1, "test_ncryptm");
test_ncryptretm(fd);
if (ret < 0)
err(1, "test_ncryptretm");
ret = test_ncryptret(fd);
if (ret < 0)
err(1, "test_ncryptret");
ret = test_asymfeat(fd);
if (ret < 0)
err(1, "test_asymfeat");
return 0;
}
--- src/tests/crypto/opencrypto/t_opencrypto.sh 2017/04/17 03:59:37 1.7
+++ src/tests/crypto/opencrypto/t_opencrypto.sh 2017/06/09 06:09:02 1.8
@@ -1,4 +1,4 @@
-# $NetBSD: t_opencrypto.sh,v 1.7 2017/04/17 03:59:37 knakahara Exp $
+# $NetBSD: t_opencrypto.sh,v 1.8 2017/06/09 06:09:02 knakahara Exp $
#
# Copyright (c) 2014 The NetBSD Foundation, Inc.
# All rights reserved.
@@ -282,6 +282,19 @@
common_cleanup
}
+atf_test_case ioctl cleanup
+ioctl_head() {
+ common_head "Test ioctl for /dev/crypto"
+}
+
+ioctl_body() {
+ common_body h_ioctl
+}
+
+ioctl_cleanup() {
+ common_cleanup
+}
+
atf_init_test_cases() {
RUMP_SERVER="unix://t_opencrypto_socket" ; export RUMP_SERVER
@@ -301,4 +314,5 @@
atf_add_test_case null
atf_add_test_case sha1_hmac
atf_add_test_case xcbcmac
+ atf_add_test_case ioctl
}