From: mikeb <mikeb@openbsd.org>
Date: Fri, 15 Aug 2014 14:39:04 +0000 (+0000)
Subject: Convert AES-CTR regress test from /dev/crypto to using kernel source
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=0b866c3ad53620cce326c69ce9d36d56d84225ec;p=openbsd

Convert AES-CTR regress test from /dev/crypto to using kernel source
code directly.  This test is converted the same way jsing@ has recently
converted an XTS test by pulling in xform.c code.
---

diff --git a/regress/sys/crypto/aesctr/Makefile b/regress/sys/crypto/aesctr/Makefile
index 31ae500f188..972b7719d9e 100644
--- a/regress/sys/crypto/aesctr/Makefile
+++ b/regress/sys/crypto/aesctr/Makefile
@@ -1,10 +1,29 @@
-#       $OpenBSD: Makefile,v 1.1 2005/05/25 05:47:53 markus Exp $
+#       $OpenBSD: Makefile,v 1.2 2014/08/15 14:39:04 mikeb Exp $
+
+DIR=	${.CURDIR}/../../../../sys
+
+CFLAGS+=	-I${DIR}
 
 PROG=   aesctr
+SRCS=	aesctr.c
+
+CDIAGFLAGS=	-Wall
+CDIAGFLAGS+=	-Werror
+CDIAGFLAGS+=	-Wpointer-arith
+CDIAGFLAGS+=	-Wno-uninitialized
+CDIAGFLAGS+=	-Wstrict-prototypes
+CDIAGFLAGS+=	-Wmissing-prototypes
+CDIAGFLAGS+=	-Wunused
+CDIAGFLAGS+=	-Wsign-compare
+CDIAGFLAGS+=	-Wshadow
 
 REGRESS_ROOT_TARGETS=	run-regress-${PROG}
 
+.PATH:	${DIR}/crypto
+SRCS+=	cast.c ecb_enc.c ecb3_enc.c gmac.c rijndael.c set_key.c
+SRCS+=	xform.c
+
 run-regress-${PROG}: ${PROG}
-	${SUDO} ./${PROG}
+	./${PROG}
 
 .include <bsd.regress.mk>
diff --git a/regress/sys/crypto/aesctr/aesctr.c b/regress/sys/crypto/aesctr/aesctr.c
index 4cc1a6e39ce..a7107331a8d 100644
--- a/regress/sys/crypto/aesctr/aesctr.c
+++ b/regress/sys/crypto/aesctr/aesctr.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: aesctr.c,v 1.1 2005/05/25 05:47:53 markus Exp $  */
+/*      $OpenBSD: aesctr.c,v 1.2 2014/08/15 14:39:04 mikeb Exp $  */
 
 /*
  * Copyright (c) 2005 Markus Friedl <markus@openbsd.org>
@@ -16,13 +16,9 @@
  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  */
 
-#include <sys/types.h>
 #include <sys/param.h>
-#include <sys/ioctl.h>
-#include <sys/sysctl.h>
-#include <crypto/cryptodev.h>
+#include <crypto/rijndael.h>
 #include <err.h>
-#include <fcntl.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
@@ -130,88 +126,63 @@ struct {
 	},
 };
 
-static int
-syscrypt(const unsigned char *key, size_t klen, const unsigned char *iv,
-    const unsigned char *in, unsigned char *out, size_t len, int encrypt)
-{
-	struct session_op session;
-	struct crypt_op cryp;
-	int cryptodev_fd = -1, fd = -1;
+/* Stubs */
 
-	if ((cryptodev_fd = open("/dev/crypto", O_RDWR, 0)) < 0) {
-		warn("/dev/crypto");
-		goto err;
-	}
-	if (ioctl(cryptodev_fd, CRIOGET, &fd) == -1) {
-		warn("CRIOGET failed");
-		goto err;
-	}
-	memset(&session, 0, sizeof(session));
-	session.cipher = CRYPTO_AES_CTR;
-	session.key = (caddr_t) key;
-	session.keylen = klen;
-	if (ioctl(fd, CIOCGSESSION, &session) == -1) {
-		warn("CIOCGSESSION");
-		goto err;
-	}
-	memset(&cryp, 0, sizeof(cryp));
-	cryp.ses = session.ses;
-	cryp.op = encrypt ? COP_ENCRYPT : COP_DECRYPT;
-	cryp.flags = 0;
-	cryp.len = len;
-	cryp.src = (caddr_t) in;
-	cryp.dst = (caddr_t) out;
-	cryp.iv = (caddr_t) iv;
-	cryp.mac = 0;
-	if (ioctl(fd, CIOCCRYPT, &cryp) == -1) {
-		warn("CIOCCRYPT");
-		goto err;
-	}
-	if (ioctl(fd, CIOCFSESSION, &session.ses) == -1) {
-		warn("CIOCFSESSION");
-		goto err;
-	}
-	close(fd);
-	close(cryptodev_fd);
-	return (0);
+u_int32_t deflate_global(u_int8_t *, u_int32_t, int, u_int8_t **);
 
-err:
-	if (fd != -1)
-		close(fd);
-	if (cryptodev_fd != -1)
-		close(cryptodev_fd);
-	return (-1);
+u_int32_t
+deflate_global(u_int8_t *data, u_int32_t size, int comp, u_int8_t **out)
+{
+	return 0;
 }
 
-static int
-getallowsoft(void)
+void	explicit_bzero(void *, size_t);
+
+void
+explicit_bzero(void *b, size_t len)
 {
-	int mib[2], old;
-	size_t olen;
+	bzero(b, len);
+}
 
-	olen = sizeof(old);
+/* Definitions from /sys/crypto/xform.c */
 
-	mib[0] = CTL_KERN;
-	mib[1] = KERN_CRYPTODEVALLOWSOFT;
-	if (sysctl(mib, 2, &old, &olen, NULL, 0) < 0)
-		err(1, "sysctl failed");
+#define AESCTR_NONCESIZE	4
+#define AESCTR_IVSIZE		8
+#define AESCTR_BLOCKSIZE	16
 
-	return old;
-}
+struct aes_ctr_ctx {
+	u_int32_t	ac_ek[4*(AES_MAXROUNDS + 1)];
+	u_int8_t	ac_block[AESCTR_BLOCKSIZE];
+	int		ac_nr;
+};
 
-static void
-setallowsoft(int new)
-{
-	int mib[2], old;
-	size_t olen, nlen;
+int  aes_ctr_setkey(void *, u_int8_t *, int);
+void aes_ctr_encrypt(caddr_t, u_int8_t *);
+void aes_ctr_decrypt(caddr_t, u_int8_t *);
+void aes_ctr_reinit(caddr_t, u_int8_t *);
 
-	olen = nlen = sizeof(new);
+static int
+docrypt(const unsigned char *key, size_t klen, const unsigned char *iv,
+    const unsigned char *in, unsigned char *out, size_t len, int encrypt)
+{
+	u_int8_t block[AESCTR_BLOCKSIZE];
+	struct aes_ctr_ctx ctx;
+	int error = 0;
+	size_t i;
 
-	mib[0] = CTL_KERN;
-	mib[1] = KERN_CRYPTODEVALLOWSOFT;
+	error = aes_ctr_setkey(&ctx, (u_int8_t *)key, klen);
+	if (error)
+		return -1;
+	aes_ctr_reinit((caddr_t)&ctx, (u_int8_t *)iv);
+	for (i = 0; i < len / AESCTR_BLOCKSIZE; i++) {
+		bcopy(in, block, AESCTR_BLOCKSIZE);
+		in += AESCTR_BLOCKSIZE;
+		aes_ctr_crypt(&ctx, block);
+		bcopy(block, out, AESCTR_BLOCKSIZE);
+		out += AESCTR_BLOCKSIZE;
+	}
+	return 0;
 
-	if (sysctl(mib, 2, &old, &olen, &new, nlen) < 0)
-		err(1, "sysctl failed");
 }
 
 static int
@@ -268,7 +239,7 @@ run(int num)
 		warn("malloc");
 		return (1);
 	}
-	if (syscrypt(data[TST_KEY], length[TST_KEY],
+	if (docrypt(data[TST_KEY], length[TST_KEY],
 	    data[TST_IV], data[TST_PLAIN], p,
 	    length[TST_PLAIN], 0) < 0) {
 		warnx("crypt with /dev/crypto failed");
@@ -285,16 +256,9 @@ done:
 int
 main(int argc, char **argv)
 {
-	int allowed = 0, fail = 0, i;
+	int fail = 0, i;
 
-	if (geteuid() == 0) {
-		allowed = getallowsoft();
-		if (allowed == 0)
-			setallowsoft(1);
-	}
 	for (i = 0; i < (sizeof(tests) / sizeof(tests[0])); i++)
 		fail += run(i);
-	if (geteuid() == 0 && allowed == 0)
-		setallowsoft(0);
 	exit((fail > 0) ? 1 : 0);
 }