1/*-
2 * Copyright (c) 2018 Conrad Meyer <cem@FreeBSD.org>
3 * All rights reserved.
4 *
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
7 * are met:
8 * 1. Redistributions of source code must retain the above copyright
9 *    notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 *    notice, this list of conditions and the following disclaimer in the
12 *    documentation and/or other materials provided with the distribution.
13 *
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
24 * SUCH DAMAGE.
25 *
26 * $FreeBSD$
27 */
28
29/*
30 * Derived from blake2b-test.c and blake2s-test.c:
31 *
32 * BLAKE2 reference source code package - optimized C implementations
33 *
34 * Written in 2012 by Samuel Neves <sneves@dei.uc.pt>
35 *
36 * To the extent possible under law, the author(s) have dedicated all copyright
37 * and related and neighboring rights to this software to the public domain
38 * worldwide. This software is distributed without any warranty.
39 *
40 * You should have received a copy of the CC0 Public Domain Dedication along with
41 * this software. If not, see <http://creativecommons.org/publicdomain/zero/1.0/>.
42 */
43
44#include <sys/param.h>
45
46#include <errno.h>
47#include <fcntl.h>
48#include <string.h>
49
50#include <atf-c.h>
51
52/* Be sure to include tree copy rather than system copy. */
53#include "cryptodev.h"
54
55#include "freebsd_test_suite/macros.h"
56
57#include <blake2.h>
58#include "blake2-kat.h"
59
60static uint8_t key2b[BLAKE2B_KEYBYTES];
61static uint8_t key2s[BLAKE2S_KEYBYTES];
62static uint8_t katbuf[KAT_LENGTH];
63
64static void
65initialize_constant_buffers(void)
66{
67	size_t i;
68
69	for (i = 0; i < sizeof(key2b); i++)
70		key2b[i] = (uint8_t)i;
71	for (i = 0; i < sizeof(key2s); i++)
72		key2s[i] = (uint8_t)i;
73	for (i = 0; i < sizeof(katbuf); i++)
74		katbuf[i] = (uint8_t)i;
75}
76
77static int
78lookup_crid(int fd, const char *devname)
79{
80	struct crypt_find_op find;
81
82	find.crid = -1;
83	strlcpy(find.name, devname, sizeof(find.name));
84	ATF_REQUIRE(ioctl(fd, CIOCFINDDEV, &find) != -1);
85	return (find.crid);
86}
87
88static int
89get_handle_fd(void)
90{
91	int dc_fd, fd;
92
93	dc_fd = open("/dev/crypto", O_RDWR);
94
95	/*
96	 * Why do we do this dance instead of just operating on /dev/crypto
97	 * directly?  I have no idea.
98	 */
99	ATF_REQUIRE(dc_fd >= 0);
100	ATF_REQUIRE(ioctl(dc_fd, CRIOGET, &fd) != -1);
101	close(dc_fd);
102	return (fd);
103}
104
105static int
106create_session(int fd, int alg, int crid, const void *key, size_t klen)
107{
108	struct session2_op sop;
109
110	memset(&sop, 0, sizeof(sop));
111
112	sop.mac = alg;
113	sop.mackey = key;
114	sop.mackeylen = klen;
115	sop.crid = crid;
116
117	ATF_REQUIRE_MSG(ioctl(fd, CIOCGSESSION2, &sop) >= 0,
118	    "alg %d keylen %zu, errno=%d (%s)", alg, klen, errno,
119	    strerror(errno));
120	return (sop.ses);
121}
122
123static void
124do_cryptop(int fd, int ses, size_t inlen, void *out)
125{
126	struct crypt_op cop;
127
128	memset(&cop, 0, sizeof(cop));
129
130	cop.ses = ses;
131	cop.len = inlen;
132	cop.src = katbuf;
133	cop.mac = out;
134	ATF_CHECK_MSG(ioctl(fd, CIOCCRYPT, &cop) >= 0, "ioctl(CIOCCRYPT)");
135}
136
137static void
138test_blake2b_vectors(const char *devname, const char *modname)
139{
140	uint8_t hash[BLAKE2B_OUTBYTES];
141	int crid, fd, ses;
142	size_t i;
143
144	ATF_REQUIRE_KERNEL_MODULE(modname);
145	ATF_REQUIRE_KERNEL_MODULE("cryptodev");
146
147	initialize_constant_buffers();
148	fd = get_handle_fd();
149	crid = lookup_crid(fd, devname);
150	ses = create_session(fd, CRYPTO_BLAKE2B, crid, key2b, sizeof(key2b));
151
152	for (i = 0; i < sizeof(katbuf); i++) {
153		do_cryptop(fd, ses, i, hash);
154		ATF_CHECK_EQ_MSG(
155		    memcmp(hash, blake2b_keyed_kat[i], sizeof(hash)),
156		    0,
157		    "different at %zu", i);
158	}
159}
160
161static void
162test_blake2s_vectors(const char *devname, const char *modname)
163{
164	uint8_t hash[BLAKE2S_OUTBYTES];
165	int crid, fd, ses;
166	size_t i;
167
168	ATF_REQUIRE_KERNEL_MODULE(modname);
169	ATF_REQUIRE_KERNEL_MODULE("cryptodev");
170
171	initialize_constant_buffers();
172	fd = get_handle_fd();
173	crid = lookup_crid(fd, devname);
174	ses = create_session(fd, CRYPTO_BLAKE2S, crid, key2s, sizeof(key2s));
175
176	for (i = 0; i < sizeof(katbuf); i++) {
177		do_cryptop(fd, ses, i, hash);
178		ATF_CHECK_EQ_MSG(
179		    memcmp(hash, blake2s_keyed_kat[i], sizeof(hash)),
180		    0,
181		    "different at %zu", i);
182	}
183}
184
185ATF_TC_WITHOUT_HEAD(blake2b_vectors);
186ATF_TC_BODY(blake2b_vectors, tc)
187{
188	ATF_REQUIRE_SYSCTL_INT("kern.cryptodevallowsoft", 1);
189	test_blake2b_vectors("cryptosoft0", "nexus/cryptosoft");
190}
191
192ATF_TC_WITHOUT_HEAD(blake2s_vectors);
193ATF_TC_BODY(blake2s_vectors, tc)
194{
195	ATF_REQUIRE_SYSCTL_INT("kern.cryptodevallowsoft", 1);
196	test_blake2s_vectors("cryptosoft0", "nexus/cryptosoft");
197}
198
199#if defined(__i386__) || defined(__amd64__)
200ATF_TC_WITHOUT_HEAD(blake2b_vectors_x86);
201ATF_TC_BODY(blake2b_vectors_x86, tc)
202{
203	ATF_REQUIRE_SYSCTL_INT("kern.cryptodevallowsoft", 1);
204	test_blake2b_vectors("blaketwo0", "nexus/blake2");
205}
206
207ATF_TC_WITHOUT_HEAD(blake2s_vectors_x86);
208ATF_TC_BODY(blake2s_vectors_x86, tc)
209{
210	ATF_REQUIRE_SYSCTL_INT("kern.cryptodevallowsoft", 1);
211	test_blake2s_vectors("blaketwo0", "nexus/blake2");
212}
213#endif
214
215ATF_TP_ADD_TCS(tp)
216{
217
218	ATF_TP_ADD_TC(tp, blake2b_vectors);
219	ATF_TP_ADD_TC(tp, blake2s_vectors);
220#if defined(__i386__) || defined(__amd64__)
221	ATF_TP_ADD_TC(tp, blake2b_vectors_x86);
222	ATF_TP_ADD_TC(tp, blake2s_vectors_x86);
223#endif
224
225	return (atf_no_error());
226}
227