[regress] convert aes-ctr test from /dev/crypto

Wed, 13 Aug 2014 07:48:04 -0700 

this test is converted the same way jsing@ has recently converted
an xts test by pulling in xform.c code.

OK?

diff --git regress/sys/crypto/aesctr/Makefile regress/sys/crypto/aesctr/Makefile
index 31ae500..7310dbc 100644
--- regress/sys/crypto/aesctr/Makefile
+++ regress/sys/crypto/aesctr/Makefile
@@ -1,10 +1,29 @@
 #       $OpenBSD: Makefile,v 1.1 2005/05/25 05:47:53 markus Exp $
 
+DIR=   ${.CURDIR}/../../../../sys
+
+CFLAGS+=       -I${DIR}
+
 PROG=   aesctr
+SRCS=  aesctr.c
+
+CDIAGFLAGS=    -Wall
+CDIAGFLAGS+=   -Werror
+CDIAGFLAGS+=   -Wpointer-arith
+CDIAGFLAGS+=   -Wno-uninitialized
+CDIAGFLAGS+=   -Wstrict-prototypes
+CDIAGFLAGS+=   -Wmissing-prototypes
+CDIAGFLAGS+=   -Wunused
+CDIAGFLAGS+=   -Wsign-compare
+CDIAGFLAGS+=   -Wshadow
 
 REGRESS_ROOT_TARGETS=  run-regress-${PROG}
 
+.PATH: ${DIR}/crypto
+SRCS+= cast.c ecb_enc.c ecb3_enc.c gmac.c rijndael.c set_key.c
+SRCS+= xform.c
+
 run-regress-${PROG}: ${PROG}
-       ${SUDO} ./${PROG}
+       ./${PROG}
 
 .include <bsd.regress.mk>
diff --git regress/sys/crypto/aesctr/aesctr.c regress/sys/crypto/aesctr/aesctr.c
index 4cc1a6e..3a0b4d1 100644
--- regress/sys/crypto/aesctr/aesctr.c
+++ regress/sys/crypto/aesctr/aesctr.c
@@ -14,17 +14,13 @@
  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#include <sys/types.h>
 #include <sys/param.h>
-#include <sys/ioctl.h>
-#include <sys/sysctl.h>
-#include <crypto/cryptodev.h>
+#include <crypto/rijndael.h>
 #include <err.h>
-#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
 #include <unistd.h>
 #include <limits.h>
@@ -128,92 +124,67 @@ struct {
                "B4 07 DF 86 65 69 FD 07 F4 8C C0 B5 83 D6 07 1F"
                /*"1E C0 E6 B8"*/,
        },
 };
 
-static int
-syscrypt(const unsigned char *key, size_t klen, const unsigned char *iv,
-    const unsigned char *in, unsigned char *out, size_t len, int encrypt)
-{
-       struct session_op session;
-       struct crypt_op cryp;
-       int cryptodev_fd = -1, fd = -1;
+/* Stubs */
 
-       if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
-               warn("/dev/crypto");
-               goto err;
-       }
-       if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
-               warn("CRIOGET failed");
-               goto err;
-       }
-       memset(&session, 0, sizeof(session));
-       session.cipher = CRYPTO_AES_CTR;
-       session.key = (caddr_t) key;
-       session.keylen = klen;
-       if (ioctl(fd, CIOCGSESSION, &session) == -1) {
-               warn("CIOCGSESSION");
-               goto err;
-       }
-       memset(&cryp, 0, sizeof(cryp));
-       cryp.ses = session.ses;
-       cryp.op = encrypt ? COP_ENCRYPT : COP_DECRYPT;
-       cryp.flags = 0;
-       cryp.len = len;
-       cryp.src = (caddr_t) in;
-       cryp.dst = (caddr_t) out;
-       cryp.iv = (caddr_t) iv;
-       cryp.mac = 0;
-       if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-               warn("CIOCCRYPT");
-               goto err;
-       }
-       if (ioctl(fd, CIOCFSESSION, &session.ses) == -1) {
-               warn("CIOCFSESSION");
-               goto err;
-       }
-       close(fd);
-       close(cryptodev_fd);
-       return (0);
+u_int32_t deflate_global(u_int8_t *, u_int32_t, int, u_int8_t **);
 
-err:
-       if (fd != -1)
-               close(fd);
-       if (cryptodev_fd != -1)
-               close(cryptodev_fd);
-       return (-1);
+u_int32_t
+deflate_global(u_int8_t *data, u_int32_t size, int comp, u_int8_t **out)
+{
+       return 0;
 }
 
-static int
-getallowsoft(void)
+void   explicit_bzero(void *, size_t);
+
+void
+explicit_bzero(void *b, size_t len)
 {
-       int mib[2], old;
-       size_t olen;
+       bzero(b, len);
+}
 
-       olen = sizeof(old);
+/* Definitions from /sys/crypto/xform.c */
 
-       mib[0] = CTL_KERN;
-       mib[1] = KERN_CRYPTODEVALLOWSOFT;
-       if (sysctl(mib, 2, &old, &olen, NULL, 0) < 0)
-               err(1, "sysctl failed");
+#define AESCTR_NONCESIZE       4
+#define AESCTR_IVSIZE          8
+#define AESCTR_BLOCKSIZE       16
 
-       return old;
-}
+struct aes_ctr_ctx {
+       u_int32_t       ac_ek[4*(AES_MAXROUNDS + 1)];
+       u_int8_t        ac_block[AESCTR_BLOCKSIZE];
+       int             ac_nr;
+};
 
-static void
-setallowsoft(int new)
-{
-       int mib[2], old;
-       size_t olen, nlen;
+int  aes_ctr_setkey(void *, u_int8_t *, int);
+void aes_ctr_encrypt(caddr_t, u_int8_t *);
+void aes_ctr_decrypt(caddr_t, u_int8_t *);
+void aes_ctr_reinit(caddr_t, u_int8_t *);
 
-       olen = nlen = sizeof(new);
+static int
+docrypt(const unsigned char *key, size_t klen, const unsigned char *iv,
+    const unsigned char *in, unsigned char *out, size_t len, int encrypt)
+{
+       u_int8_t block[AESCTR_BLOCKSIZE];
+       struct aes_ctr_ctx ctx;
+       int error = 0;
+       size_t i;
 
-       mib[0] = CTL_KERN;
-       mib[1] = KERN_CRYPTODEVALLOWSOFT;
+       error = aes_ctr_setkey(&ctx, (u_int8_t *)key, klen);
+       if (error)
+               return -1;
+       aes_ctr_reinit((caddr_t)&ctx, (u_int8_t *)iv);
+       for (i = 0; i < len / AESCTR_BLOCKSIZE; i++) {
+               bcopy(in, block, AESCTR_BLOCKSIZE);
+               in += AESCTR_BLOCKSIZE;
+               aes_ctr_crypt(&ctx, block);
+               bcopy(block, out, AESCTR_BLOCKSIZE);
+               out += AESCTR_BLOCKSIZE;
+       }
+       return 0;
 
-       if (sysctl(mib, 2, &old, &olen, &new, nlen) < 0)
-               err(1, "sysctl failed");
 }
 
 static int
 match(unsigned char *a, unsigned char *b, size_t len)
 {
@@ -266,11 +237,11 @@ run(int num)
        len = length[TST_PLAIN];
        if ((p = malloc(len)) == 0) {
                warn("malloc");
                return (1);
        }
-       if (syscrypt(data[TST_KEY], length[TST_KEY],
+       if (docrypt(data[TST_KEY], length[TST_KEY],
            data[TST_IV], data[TST_PLAIN], p,
            length[TST_PLAIN], 0) < 0) {
                warnx("crypt with /dev/crypto failed");
                goto done;
        }
@@ -283,18 +254,11 @@ done:
 }
 
 int
 main(int argc, char **argv)
 {
-       int allowed = 0, fail = 0, i;
+       int fail = 0, i;
 
-       if (geteuid() == 0) {
-               allowed = getallowsoft();
-               if (allowed == 0)
-                       setallowsoft(1);
-       }
        for (i = 0; i < (sizeof(tests) / sizeof(tests[0])); i++)
                fail += run(i);
-       if (geteuid() == 0 && allowed == 0)
-               setallowsoft(0);
        exit((fail > 0) ? 1 : 0);
 }

Reply via email to