diff options
Diffstat (limited to 'contrib/netbsd-tests/crypto')
22 files changed, 2602 insertions, 0 deletions
diff --git a/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf.out b/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf.out new file mode 100644 index 000000000000..6bd76a2da5ff --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf.out @@ -0,0 +1,94 @@ +num_items = 47 +num_nodes = 24 +num_alloc_nodes = 32 +num_expands = 16 +num_expand_reallocs = 1 +num_contracts = 0 +num_contract_reallocs = 0 +num_hash_calls = 60 +num_comp_calls = 5 +num_insert = 47 +num_replace = 0 +num_delete = 0 +num_no_delete = 0 +num_retrieve = 5 +num_retrieve_miss = 8 +num_hash_comps = 132 +node 0 -> 4 +node 1 -> 1 +node 2 -> 1 +node 3 -> 4 +node 4 -> 0 +node 5 -> 2 +node 6 -> 1 +node 7 -> 1 +node 8 -> 6 +node 9 -> 2 +node 10 -> 1 +node 11 -> 1 +node 12 -> 3 +node 13 -> 1 +node 14 -> 4 +node 15 -> 3 +node 16 -> 5 +node 17 -> 0 +node 18 -> 2 +node 19 -> 0 +node 20 -> 2 +node 21 -> 2 +node 22 -> 0 +node 23 -> 1 +20 nodes used out of 24 +47 items +load 1.95 actual load 2.35 +init2=10 +cipher1=NULL +s_client:cipher1=DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5cipher2 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 +---------------------------- DUMP ------------------------ +[req] Attribute_text_7=Email Address +[req] Attribute_text_2=State or Province Name (full name) +[default] tmp_cert_dir=/tmp/eay/.ca_certs +[req] Attribute_text_1=Country Name (2 letter code) +[[genrsa]] +[req] Attribute_default_5=TR +[req] Attribute_text_6=Common Name (eg, YOUR name) +[req] Attribute_default_1=AU +[[req]] +[[special]] +[[gendh]] +[req] Attribute_text_3=Locality Name (eg, city) +[req] Attribute_type_1=countryName +[default] init5==10' again +[req] Attribute_type_3=localityName +[s_client] cipher3=DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 +[default] in\#it1=10 +[req] Attribute_text_4=Organization Name (eg, company) +[req] Attribute_type_7=emailAddress +[gendh] def_generator=2 +[default] HOME=/tmp/eay +[s_client] cipher4=DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 +[default] init=5 +[SSLeay] version=0.5.0 +[req] Attribute_type_4=organizationName +[default] tmp2_cert_dir=thisis/tmp/eaystuff +[req] Attribute_type_5=organizationalUnitName +[[SSLEAY]] +[default] init4=10' +[[default]] +[default] LOGNAME=Eric Young (home=/tmp/eay) +[special] RANDFILE=/tmp/eay/.rand +[req] default_keyfile=privkey.pem +[req] Attribute_default_4=Mincom Pty Ltd +[req] Attribute_default_2=Queensland +[gendh] default_bits=512 +[req] default_bits=512 +[default] init2=10 +[SSLEAY] version=0.5.0 +[s_client] cipher1=DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5cipher2 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 +[req] Attribute_text_5=Organizational Unit Name (eg, section) +[req] Attribute_type_2=stateOrProvinceName +[genrsa] default_bits=512 +[default] init3=10' +[[SSLeay]] +[[s_client]] +[req] Attribute_type_6=commonName diff --git a/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf_ssleay.cnf b/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf_ssleay.cnf new file mode 100644 index 000000000000..3fdde34dd264 --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/conf/d_conf_ssleay.cnf @@ -0,0 +1,78 @@ +# +# This is a test configuration file for use in SSLeay etc... +# + +init = 5 +in\#it1 =10 +init2='10' +init3='10\'' +init4="10'" +init5='='10\'' again' + +SSLeay::version = 0.5.0 + +[genrsa] +default_bits = 512 +SSLEAY::version = 0.5.0 + +[gendh] +default_bits = 512 +def_generator = 2 + +[s_client] +cipher1 = DES_CBC_MD5:DES_CBC_SHA:DES_EDE_SHA:RC4_MD5\ +cipher2 = 'DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5' +cipher3 = "DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5" +cipher4 = DES_CBC_MD5 DES_CBC_SHA DES_EDE_SHA RC4_MD5 + +[ default ] +#cert_dir = $ENV::HOME/.ca_certs + +HOME = /tmp/eay + +tmp_cert_dir = $HOME/.ca_certs +tmp2_cert_dir = thisis$(HOME)stuff + +LOGNAME = Eric Young (home=$HOME) + +[ special ] + +#H=$HOME +#H=$default::HOME +#H=$ENV::HOME +# +# SSLeay example configuration file. +# This is mostly being used for generation of certificate requests. +# + +RANDFILE = $HOME/.rand + +[ req ] +default_bits = 512 +default_keyfile = privkey.pem + +Attribute_type_1 = countryName +Attribute_text_1 = Country Name (2 letter code) +Attribute_default_1 = AU + +Attribute_type_2 = stateOrProvinceName +Attribute_text_2 = State or Province Name (full name) +Attribute_default_2 = Queensland + +Attribute_type_3 = localityName +Attribute_text_3 = Locality Name (eg, city) + +Attribute_type_4 = organizationName +Attribute_text_4 = Organization Name (eg, company) +Attribute_default_4 = Mincom Pty Ltd + +Attribute_type_5 = organizationalUnitName +Attribute_text_5 = Organizational Unit Name (eg, section) +Attribute_default_5 = TR + +Attribute_type_6 = commonName +Attribute_text_6 = Common Name (eg, YOUR name) + +Attribute_type_7 = emailAddress +Attribute_text_7 = Email Address + diff --git a/contrib/netbsd-tests/crypto/libcrypto/t_certs.sh b/contrib/netbsd-tests/crypto/libcrypto/t_certs.sh new file mode 100755 index 000000000000..6965a5727022 --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/t_certs.sh @@ -0,0 +1,41 @@ +# $NetBSD: t_certs.sh,v 1.1 2010/07/10 16:43:25 jmmv Exp $ +# +# Copyright (c) 2008, 2009, 2010 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +atf_test_case x509v3 +x509v3_head() +{ + atf_set "descr" "Checks x509v3 certificates" +} +x509v3_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_x509v3test" +} + +atf_init_test_cases() +{ + atf_add_test_case x509v3 +} diff --git a/contrib/netbsd-tests/crypto/libcrypto/t_ciphers.sh b/contrib/netbsd-tests/crypto/libcrypto/t_ciphers.sh new file mode 100755 index 000000000000..127040773aa7 --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/t_ciphers.sh @@ -0,0 +1,122 @@ +# $NetBSD: t_ciphers.sh,v 1.4 2012/07/14 16:04:06 spz Exp $ +# +# Copyright (c) 2008, 2009, 2010 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +atf_test_case bf +bf_head() +{ + atf_set "descr" "Checks blowfish cipher" +} +bf_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_bftest" +} + +atf_test_case cast +cast_head() +{ + atf_set "descr" "Checks CAST cipher" + atf_set "timeout" "300" +} +cast_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_casttest" +} + +atf_test_case des +des_head() +{ + atf_set "descr" "Checks DES cipher (libdes)" +} +des_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_destest" +} + +atf_test_case evp +evp_head() +{ + atf_set "descr" "Checks EVP cipher" +} +evp_body() +{ + atf_check -o ignore -e ignore $(atf_get_srcdir)/h_evp_test $(atf_get_srcdir)/evptests.txt +} + +atf_test_case rc2 +rc2_head() +{ + atf_set "descr" "Checks RC2 cipher" +} +rc2_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_rc2test" +} + +atf_test_case rc4 +rc4_head() +{ + atf_set "descr" "Checks RC4 cipher" +} +rc4_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_rc4test" +} + +atf_test_case idea +idea_head() +{ + atf_set "descr" "Checks IDEA cipher" +} +idea_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_ideatest" +} + +atf_test_case rc5 +rc5_head() +{ + atf_set "descr" "Checks RC5 cipher" +} +rc5_body() +{ + [ -x "$(atf_get_srcdir)/h_rc5test" ] \ + || atf_skip "RC5 support not available; system built" \ + "with MKCRYPTO_RC5=no" + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_rc5test" +} + +atf_init_test_cases() +{ + atf_add_test_case bf + atf_add_test_case cast + atf_add_test_case des + atf_add_test_case evp + atf_add_test_case rc2 + atf_add_test_case rc4 + atf_add_test_case idea + atf_add_test_case rc5 +} diff --git a/contrib/netbsd-tests/crypto/libcrypto/t_hashes.sh b/contrib/netbsd-tests/crypto/libcrypto/t_hashes.sh new file mode 100755 index 000000000000..700dbdbf9fc9 --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/t_hashes.sh @@ -0,0 +1,108 @@ +# $NetBSD: t_hashes.sh,v 1.2 2012/07/14 16:04:06 spz Exp $ +# +# Copyright (c) 2008, 2009, 2010 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +atf_test_case hmac +hmac_head() +{ + atf_set "descr" "Checks HMAC message authentication code" +} +hmac_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_hmactest" +} + +atf_test_case md2 +md2_head() +{ + atf_set "descr" "Checks MD2 digest" +} +md2_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_md2test" +} + +atf_test_case md4 +md4_head() +{ + atf_set "descr" "Checks MD4 digest" +} +md4_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_md4test" +} + +atf_test_case md5 +md5_head() +{ + atf_set "descr" "Checks MD5 digest" +} +md5_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_md5test" +} + +atf_test_case ripemd +ripemd_head() +{ + atf_set "descr" "Checks RMD-160 digest" +} +ripemd_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_ripemdtest" +} + +atf_test_case sha +sha_head() +{ + atf_set "descr" "Checks SHA-1 digest" +} +sha_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_shatest" +} + + +atf_test_case mdc2 +mdc2_head() +{ + atf_set "descr" "Checks MDC2 digest" +} +mdc2_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_mdc2test" +} + +atf_init_test_cases() +{ + atf_add_test_case hmac + atf_add_test_case md2 + atf_add_test_case md4 + atf_add_test_case md5 + atf_add_test_case ripemd + atf_add_test_case sha + atf_add_test_case mdc2 +} diff --git a/contrib/netbsd-tests/crypto/libcrypto/t_libcrypto.sh b/contrib/netbsd-tests/crypto/libcrypto/t_libcrypto.sh new file mode 100755 index 000000000000..f460cf58241b --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/t_libcrypto.sh @@ -0,0 +1,107 @@ +# $NetBSD: t_libcrypto.sh,v 1.4 2016/10/13 09:25:37 martin Exp $ +# +# Copyright (c) 2008, 2009, 2010 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +atf_test_case engine +engine_head() +{ + atf_set "descr" "Checks ENGINE framework" +} +engine_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_enginetest" +} + +atf_test_case rand +rand_head() +{ + atf_set "descr" "Checks peudo-random number generator" +} +rand_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_randtest" +} + +atf_test_case bn +bn_head() +{ + atf_set "descr" "Checks BIGNUM library" + atf_set "timeout" "360" +} +bn_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_bntest" + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_divtest" + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_exptest" +} + +atf_test_case conf +conf_head() +{ + atf_set "descr" "Checks configuration modules" +} +conf_body() +{ + cp $(atf_get_srcdir)/d_conf_ssleay.cnf ssleay.cnf + + atf_check -o file:$(atf_get_srcdir)/d_conf.out \ + $(atf_get_srcdir)/h_conftest +} + +atf_test_case lhash +lhash_head() +{ + atf_set "descr" "Checks lhash - dynamic hash tables" +} +lhash_body() +{ + atf_check -o ignore -e ignore -x \ + "echo hoge | $(atf_get_srcdir)/h_lhashtest" +} + +atf_test_case threads +threads_head() +{ + atf_set "descr" "Checks threading" +} +threads_body() +{ + $(atf_get_srcdir)/h_threadstest \ + -cert $(atf_get_srcdir)/d_server.pem \ + -ccert $(atf_get_srcdir)/d_client.pem \ + 2>&1 | tee out + atf_check -s eq:1 -o empty -e empty grep :error: out +} + +atf_init_test_cases() +{ + atf_add_test_case engine + atf_add_test_case rand + atf_add_test_case bn + atf_add_test_case conf + atf_add_test_case lhash + atf_add_test_case threads +} diff --git a/contrib/netbsd-tests/crypto/libcrypto/t_pubkey.sh b/contrib/netbsd-tests/crypto/libcrypto/t_pubkey.sh new file mode 100755 index 000000000000..eb8d0f5b6d2a --- /dev/null +++ b/contrib/netbsd-tests/crypto/libcrypto/t_pubkey.sh @@ -0,0 +1,110 @@ +# $NetBSD: t_pubkey.sh,v 1.4 2016/10/13 09:25:37 martin Exp $ +# +# Copyright (c) 2008, 2009, 2010 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +atf_test_case dsa +dsa_head() +{ + atf_set "descr" "Checks DSA cipher" +} +dsa_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_dsatest" +} + +atf_test_case dh +dh_head() +{ + atf_set "descr" "Checks Diffie-Hellman key agreement protocol" +} +dh_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_dhtest" +} + +atf_test_case rsa +rsa_head() +{ + atf_set "descr" "Checks RSA" + atf_set "timeout" "420" +} +rsa_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_rsatest" +} + +atf_test_case ec +ec_head() +{ + atf_set "descr" "Checks EC cipher" + atf_set "timeout" "480" +} +ec_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_ectest" +} + +atf_test_case ecdh +ecdh_head() +{ + atf_set "descr" "Checks ECDH key agreement protocol" +} +ecdh_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_ecdhtest" +} + +atf_test_case ecdsa +ecdsa_head() +{ + atf_set "descr" "Checks ECDSA algorithm" + atf_set "timeout" "480" +} +ecdsa_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_ecdsatest" +} + +atf_test_case srp +srp_head() +{ + atf_set "descr" "Checks SRP key agreement protocol" +} +srp_body() +{ + atf_check -o ignore -e ignore "$(atf_get_srcdir)/h_srptest" +} + +atf_init_test_cases() +{ + atf_add_test_case dsa + atf_add_test_case dh + atf_add_test_case rsa + atf_add_test_case ec + atf_add_test_case ecdh + atf_add_test_case ecdsa + atf_add_test_case srp +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_aesctr1.c b/contrib/netbsd-tests/crypto/opencrypto/h_aesctr1.c new file mode 100644 index 000000000000..41d866cf17cb --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_aesctr1.c @@ -0,0 +1,250 @@ +/* $NetBSD: h_aesctr1.c,v 1.4 2014/01/19 13:40:59 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +/* + * Test vectors from RFC 3686 + * + * Test vectors 3, 6, and 9 are disabled because we don't support + * 36-byte (ie, unpadded) operations. + */ + +const struct { + size_t len; + size_t key_len; + unsigned char key[36]; /* Includes 32-bit nonce */ + unsigned char iv[8]; + unsigned char plaintx[36]; + unsigned char ciphertx[36]; +} tests[] = { + /* Test Vector #1: Encrypting 16 octets using AES-CTR w/ 128-bit key*/ + { 16, 20, + { 0xAE, 0x68, 0x52, 0xF8, 0x12, 0x10, 0x67, 0xCC, + 0x4B, 0xF7, 0xA5, 0x76, 0x55, 0x77, 0xF3, 0x9E, + 0x00, 0x00, 0x00, 0x30 }, + { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }, + { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, + { 0xE4, 0x09, 0x5D, 0x4F, 0xB7, 0xA7, 0xB3, 0x79, + 0x2D, 0x61, 0x75, 0xA3, 0x26, 0x13, 0x11, 0xB8 } + }, + + /* Test Vector #2: Encrypting 32 octets using AES-CTR w/ 128-bit key */ + { 32, 20, + { 0x7E, 0x24, 0x06, 0x78, 0x17, 0xFA, 0xE0, 0xD7, + 0x43, 0xD6, 0xCE, 0x1F, 0x32, 0x53, 0x91, 0x63, + 0x00, 0x6C, 0xB6, 0xDB }, + { 0xC0, 0x54, 0x3B, 0x59, 0xDA, 0x48, 0xD9, 0x0B }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, + { 0x51, 0x04, 0xA1, 0x06, 0x16, 0x8A, 0x72, 0xD9, + 0x79, 0x0D, 0x41, 0xEE, 0x8E, 0xDA, 0xD3, 0x88, + 0xEB, 0x2E, 0x1E, 0xFC, 0x46, 0xDA, 0x57, 0xC8, + 0xFC, 0xE6, 0x30, 0xDF, 0x91, 0x41, 0xBE, 0x28 } + }, + + /* Test Vector #3: Encrypting 36 octets using AES-CTR w/ 128-bit key */ +/* { 36, 20, + { 0x76, 0x91, 0xBE, 0x03, 0x5E, 0x50, 0x20, 0xA8, + 0xAC, 0x6E, 0x61, 0x85, 0x29, 0xF9, 0xA0, 0xDC, + 0x00, 0xE0, 0x01, 0x7B }, + { 0x27, 0x77, 0x7F, 0x3F, 0x4A, 0x17, 0x86, 0xF0 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23 }, + { 0xC1, 0xCF, 0x48, 0xA8, 0x9F, 0x2F, 0xFD, 0xD9, + 0xCF, 0x46, 0x52, 0xE9, 0xEF, 0xDB, 0x72, 0xD7, + 0x45, 0x40, 0xA4, 0x2B, 0xDE, 0x6D, 0x78, 0x36, + 0xD5, 0x9A, 0x5C, 0xEA, 0xAE, 0xF3, 0x10, 0x53, + 0x25, 0xB2, 0x07, 0x2F } + }, +*/ + /* Test Vector #4: Encrypting 16 octets using AES-CTR w/ 192-bit key */ + { 16, 28, + { 0x16, 0xAF, 0x5B, 0x14, 0x5F, 0xC9, 0xF5, 0x79, + 0xC1, 0x75, 0xF9, 0x3E, 0x3B, 0xFB, 0x0E, 0xED, + 0x86, 0x3D, 0x06, 0xCC, 0xFD, 0xB7, 0x85, 0x15, + 0x00, 0x00, 0x00, 0x48 }, + { 0x36, 0x73, 0x3C, 0x14, 0x7D, 0x6D, 0x93, 0xCB }, + { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, + { 0x4B, 0x55, 0x38, 0x4F, 0xE2, 0x59, 0xC9, 0xC8, + 0x4E, 0x79, 0x35, 0xA0, 0x03, 0xCB, 0xE9, 0x28 } + }, + + /* Test Vector #5: Encrypting 32 octets using AES-CTR w/ 192-bit key */ + { 32, 28, + { 0x7C, 0x5C, 0xB2, 0x40, 0x1B, 0x3D, 0xC3, 0x3C, + 0x19, 0xE7, 0x34, 0x08, 0x19, 0xE0, 0xF6, 0x9C, + 0x67, 0x8C, 0x3D, 0xB8, 0xE6, 0xF6, 0xA9, 0x1A, + 0x00, 0x96, 0xB0, 0x3B }, + { 0x02, 0x0C, 0x6E, 0xAD, 0xC2, 0xCB, 0x50, 0x0D }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, + { 0x45, 0x32, 0x43, 0xFC, 0x60, 0x9B, 0x23, 0x32, + 0x7E, 0xDF, 0xAA, 0xFA, 0x71, 0x31, 0xCD, 0x9F, + 0x84, 0x90, 0x70, 0x1C, 0x5A, 0xD4, 0xA7, 0x9C, + 0xFC, 0x1F, 0xE0, 0xFF, 0x42, 0xF4, 0xFB, 0x00 } + }, + + /* Test Vector #6: Encrypting 36 octets using AES-CTR w/ 192-bit key */ +/* + { 36, 28, + { 0x02, 0xBF, 0x39, 0x1E, 0xE8, 0xEC, 0xB1, 0x59, + 0xB9, 0x59, 0x61, 0x7B, 0x09, 0x65, 0x27, 0x9B, + 0xF5, 0x9B, 0x60, 0xA7, 0x86, 0xD3, 0xE0, 0xFE, + 0x00, 0x07, 0xBD, 0xFD }, + { 0x5C, 0xBD, 0x60, 0x27, 0x8D, 0xCC, 0x09, 0x12 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F, + 0x20, 0x21, 0x22, 0x23 }, + { 0x96, 0x89, 0x3F, 0xC5, 0x5E, 0x5C, 0x72, 0x2F, + 0x54, 0x0B, 0x7D, 0xD1, 0xDD, 0xF7, 0xE7, 0x58, + 0xD2, 0x88, 0xBC, 0x95, 0xC6, 0x91, 0x65, 0x88, + 0x45, 0x36, 0xC8, 0x11, 0x66, 0x2F, 0x21, 0x88, + 0xAB, 0xEE, 0x09, 0x35 }, + }, +*/ + /* Test Vector #7: Encrypting 16 octets using AES-CTR w/ 256-bit key */ + { 16, 36, + { 0x77, 0x6B, 0xEF, 0xF2, 0x85, 0x1D, 0xB0, 0x6F, + 0x4C, 0x8A, 0x05, 0x42, 0xC8, 0x69, 0x6F, 0x6C, + 0x6A, 0x81, 0xAF, 0x1E, 0xEC, 0x96, 0xB4, 0xD3, + 0x7F, 0xC1, 0xD6, 0x89, 0xE6, 0xC1, 0xC1, 0x04, + 0x00, 0x00, 0x00, 0x60 }, + { 0xDB, 0x56, 0x72, 0xC9, 0x7A, 0xA8, 0xF0, 0xB2 }, + { 0x53, 0x69, 0x6E, 0x67, 0x6C, 0x65, 0x20, 0x62, + 0x6C, 0x6F, 0x63, 0x6B, 0x20, 0x6D, 0x73, 0x67 }, + { 0x14, 0x5A, 0xD0, 0x1D, 0xBF, 0x82, 0x4E, 0xC7, + 0x56, 0x08, 0x63, 0xDC, 0x71, 0xE3, 0xE0, 0xC0 }, + }, + + /* Test Vector #8: Encrypting 32 octets using AES-CTR w/ 256-bit key */ + { 32, 36, + { 0xF6, 0xD6, 0x6D, 0x6B, 0xD5, 0x2D, 0x59, 0xBB, + 0x07, 0x96, 0x36, 0x58, 0x79, 0xEF, 0xF8, 0x86, + 0xC6, 0x6D, 0xD5, 0x1A, 0x5B, 0x6A, 0x99, 0x74, + 0x4B, 0x50, 0x59, 0x0C, 0x87, 0xA2, 0x38, 0x84, + 0x00, 0xFA, 0xAC, 0x24 }, + { 0xC1, 0x58, 0x5E, 0xF1, 0x5A, 0x43, 0xD8, 0x75 }, + { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1A, 0x1B, 0x1C, 0x1D, 0x1E, 0x1F }, + { 0xF0, 0x5E, 0x23, 0x1B, 0x38, 0x94, 0x61, 0x2C, + 0x49, 0xEE, 0x00, 0x0B, 0x80, 0x4E, 0xB2, 0xA9, + 0xB8, 0x30, 0x6B, 0x50, 0x8F, 0x83, 0x9D, 0x6A, + 0x55, 0x30, 0x83, 0x1D, 0x93, 0x44, 0xAF, 0x1C }, + }, + + /* Test Vector #9: Encrypting 36 octets using AES-CTR w/ 256-bit key */ +/* + { 36, 36, + { 0xFF 0x7A 0x61 0x7C 0xE6 0x91 0x48 0xE4, + 0xF1 0x72 0x6E 0x2F 0x43 0x58 0x1D 0xE2, + 0xAA 0x62 0xD9 0xF8 0x05 0x53 0x2E 0xDF, + 0xF1 0xEE 0xD6 0x87 0xFB 0x54 0x15 0x3D, + 0x00 0x1C 0xC5 0xB7 }, + { 0x51 0xA5 0x1D 0x70 0xA1 0xC1 0x11 0x48 }, + { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07, + 0x08 0x09 0x0A 0x0B 0x0C 0x0D 0x0E 0x0F, + 0x10 0x11 0x12 0x13 0x14 0x15 0x16 0x17, + 0x18 0x19 0x1A 0x1B 0x1C 0x1D 0x1E 0x1F, + 0x20 0x21 0x22 0x23 }, + { 0xEB 0x6C 0x52 0x82 0x1D 0x0B 0xBB 0xF7, + 0xCE 0x75 0x94 0x46 0x2A 0xCA 0x4F 0xAA, + 0xB4 0x07 0xDF 0x86 0x65 0x69 0xFD 0x07, + 0xF4 0x8C 0xC0 0xB5 0x83 0xD6 0x07 0x1F, + 0x1E 0xC0 0xE6 0xB8 }, + }, +*/ +}; + +int +main(void) +{ + int fd, res; + size_t i; + struct session_op cs; + struct crypt_op co; + unsigned char buf[36]; + + for (i = 0; i < __arraycount(tests); i++) { + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open %zu", i); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_AES_CTR; + cs.keylen = tests[i].key_len; + cs.key = __UNCONST(&tests[i].key); + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION %zu", i); + + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = tests[i].len; + co.src = __UNCONST(&tests[i].plaintx); + co.dst = buf; + co.dst_len = sizeof(buf); + co.iv = __UNCONST(&tests[i].iv); + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT %zu", i); + + if (memcmp(co.dst, tests[i].ciphertx, tests[i].len)) { + size_t j; + printf(" Loc Actual Golden\n"); + for (j = 0; j < tests[i].len; j++) + printf("0x%2zu: 0x%2x 0x%2x\n", j, + buf[j], tests[i].ciphertx[j]); + warnx("verification failed %zu", i); + } + close(fd); + } + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_aesctr2.c b/contrib/netbsd-tests/crypto/opencrypto/h_aesctr2.c new file mode 100644 index 000000000000..4bbd30ea1ecd --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_aesctr2.c @@ -0,0 +1,97 @@ +/* $NetBSD: h_aesctr2.c,v 1.2 2014/01/17 14:16:08 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +unsigned char key[20] = {0xae, 0x68, 0x52, 0xf8, 0x12, 0x10, 0x67, 0xcc, + 0x4b, 0xf7, 0xa5, 0x76, 0x55, 0x77, 0xf3, 0x9e, + 0x00, 0x00, 0x00, 0x30}; +unsigned char iv[8] = {0}; +char plaintx[16] = "Single block msg"; +const unsigned char ciphertx[16] = { + 0xe4, 0x09, 0x5d, 0x4f, 0xb7, 0xa7, 0xb3, 0x79, + 0x2d, 0x61, 0x75, 0xa3, 0x26, 0x13, 0x11, 0xb8 +}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char ibuf[24]; + unsigned char obuf[24]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_AES_CTR; + cs.keylen = 20; + cs.key = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memcpy(ibuf, iv, 8); + memcpy(ibuf + 8, plaintx, 16); + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(ibuf); + co.src = ibuf; + co.dst = obuf; + co.dst_len = sizeof(obuf); + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + memset(ibuf, 0, sizeof(ibuf)); + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_DECRYPT; + co.len = sizeof(obuf); + co.src = obuf; + co.dst = ibuf; + co.dst_len = sizeof(ibuf); + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp((char *)co.dst + 8, plaintx, sizeof(plaintx))) + warnx("verification failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_arc4.c b/contrib/netbsd-tests/crypto/opencrypto/h_arc4.c new file mode 100644 index 000000000000..4bf8428549bf --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_arc4.c @@ -0,0 +1,80 @@ +/* $NetBSD: h_arc4.c,v 1.2 2014/01/17 14:16:08 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +unsigned char key[] = "abcdefgh"; +char plaintx[16] = "1234567890123456"; +const unsigned char ciphertx[16] = { + 0x21, 0xc6, 0x0d, 0xa5, 0x34, 0x24, 0x8b, 0xce, + 0x95, 0x86, 0x64, 0xb3, 0x66, 0x77, 0x9b, 0x4c +}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_ARC4; + cs.keylen = 8; + cs.key = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(plaintx); + co.src = plaintx; + co.dst = buf; + co.dst_len = sizeof(buf); + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp(co.dst, ciphertx, sizeof(ciphertx))) + errx(1, "verification failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_camellia.c b/contrib/netbsd-tests/crypto/opencrypto/h_camellia.c new file mode 100644 index 000000000000..bb489e77824d --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_camellia.c @@ -0,0 +1,87 @@ +/* $NetBSD: h_camellia.c,v 1.3 2014/01/17 19:39:51 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +/* Test vector from RFC3713 */ +unsigned char key[32] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff}; +unsigned char iv[16] = {0}; +char plaintx[16] = {0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10}; +const unsigned char ciphertx[16] = { + 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, + 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 +}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_CAMELLIA_CBC; + cs.keylen = 32; + cs.key = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(plaintx); + co.src = plaintx; + co.dst = buf; + co.dst_len = sizeof(buf); + co.iv = iv; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp(co.dst, ciphertx, sizeof(ciphertx))) + warnx("verification failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_cbcdes.c b/contrib/netbsd-tests/crypto/opencrypto/h_cbcdes.c new file mode 100644 index 000000000000..4861d783fe7d --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_cbcdes.c @@ -0,0 +1,82 @@ +/* $NetBSD: h_cbcdes.c,v 1.2 2014/01/17 14:16:08 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +unsigned char key[] = "abcdefgh"; +unsigned char iv[8] = {0}; +char plaintx[16] = "1234567890123456"; +const unsigned char ciphertx[16] = { + 0x21, 0xc6, 0x0d, 0xa5, 0x34, 0x24, 0x8b, 0xce, + 0x95, 0x86, 0x64, 0xb3, 0x66, 0x77, 0x9b, 0x4c +}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_DES_CBC; + cs.keylen = 8; + cs.key = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(plaintx); + co.src = plaintx; + co.dst = buf; + co.dst_len = sizeof(buf); + co.iv = iv; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp(co.dst, ciphertx, sizeof(ciphertx))) + errx(1, "verification failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_comp.c b/contrib/netbsd-tests/crypto/opencrypto/h_comp.c new file mode 100644 index 000000000000..dd5f6470c5d6 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_comp.c @@ -0,0 +1,90 @@ +/* $NetBSD: h_comp.c,v 1.1 2014/01/14 17:51:39 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> +#include <unistd.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +char text[100000] = {0}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co1, co2; + unsigned char buf1[10000], buf2[100000]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.comp_alg = CRYPTO_GZIP_COMP; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co1, 0, sizeof(co1)); + co1.ses = cs.ses; + co1.op = COP_COMP; + co1.len = sizeof(text); + co1.src = text; + co1.dst = buf1; + co1.dst_len = sizeof(buf1); + res = ioctl(fd, CIOCCRYPT, &co1); + if (res < 0) + err(1, "CIOCCRYPT1"); + fprintf(stderr, "len %d/%d\n", co1.len, co1.dst_len); +#if 0 + buf1[co1.dst_len - 8]++; /* modify CRC */ +#endif + write(1, buf1, co1.dst_len); + memset(&co2, 0, sizeof(co2)); + co2.ses = cs.ses; + co2.op = COP_DECOMP; + co2.len = co1.dst_len; + co2.src = buf1; + co2.dst = buf2; + co2.dst_len = sizeof(buf2); + buf2[10] = 0x33; + res = ioctl(fd, CIOCCRYPT, &co2); + fprintf(stderr, "canary: %x\n", buf2[10]); + if (res < 0) + err(1, "CIOCCRYPT2"); + fprintf(stderr, "len %d/%d\n", co2.len, co2.dst_len); + if (memcmp(text, buf2, co2.dst_len)) + errx(1, "memcmp"); + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib.c b/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib.c new file mode 100644 index 000000000000..7a57ceb31839 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib.c @@ -0,0 +1,92 @@ +/* $NetBSD: h_comp_zlib.c,v 1.1 2014/01/14 17:51:39 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <string.h> +#include <zlib.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +char text[10000] = {0}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co1; + unsigned char buf1[10000], buf2[10000]; + z_stream z; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.comp_alg = CRYPTO_DEFLATE_COMP; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co1, 0, sizeof(co1)); + co1.ses = cs.ses; + co1.op = COP_COMP; + co1.len = sizeof(text); + co1.src = text; + co1.dst = buf1; + co1.dst_len = sizeof(buf1); + co1.flags = COP_F_BATCH; + res = ioctl(fd, CIOCCRYPT, &co1); + if (res < 0) + err(1, "CIOCCRYPT"); + + memset(&z, 0, sizeof(z)); + z.next_in = buf1; + z.avail_in = co1.dst_len; + z.zalloc = Z_NULL; + z.zfree = Z_NULL; + z.opaque = 0; + z.next_out = buf2; + z.avail_out = sizeof(buf2); + res = inflateInit2(&z, -15); + if (res != Z_OK) + errx(1, "inflateInit: %d", res); + do { + res = inflate(&z, Z_SYNC_FLUSH); + } while (res == Z_OK); + if (res != Z_STREAM_END) + errx(1, "inflate: %d", res); + if (z.total_out != sizeof(text)) + errx(1, "decomp len %lu", z.total_out); + if (memcmp(buf2, text, sizeof(text))) + errx(1, "decomp data mismatch"); + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib_rnd.c b/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib_rnd.c new file mode 100644 index 000000000000..86ed55afaaf3 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_comp_zlib_rnd.c @@ -0,0 +1,96 @@ +/* $NetBSD: h_comp_zlib_rnd.c,v 1.1 2014/01/14 17:51:39 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdlib.h> +#include <string.h> +#include <zlib.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +char text[1000]; + +int +main(void) +{ + unsigned int i; + int fd, res; + struct session_op cs; + struct crypt_op co1; + unsigned char buf1[10000], buf2[10000]; + z_stream z; + + for (i = 0; i < sizeof(text)/sizeof(long); i++) + *(long *)(text + i * sizeof(long)) = random(); + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.comp_alg = CRYPTO_DEFLATE_COMP; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co1, 0, sizeof(co1)); + co1.ses = cs.ses; + co1.op = COP_COMP; + co1.len = sizeof(text); + co1.src = text; + co1.dst = buf1; + co1.dst_len = sizeof(buf1); + res = ioctl(fd, CIOCCRYPT, &co1); + if (res < 0) + err(1, "CIOCCRYPT"); + + memset(&z, 0, sizeof(z)); + z.next_in = buf1; + z.avail_in = co1.dst_len; + z.zalloc = Z_NULL; + z.zfree = Z_NULL; + z.opaque = 0; + z.next_out = buf2; + z.avail_out = sizeof(buf2); + res = inflateInit2(&z, -15); + if (res != Z_OK) + errx(1, "inflateInit: %d", res); + do { + res = inflate(&z, Z_SYNC_FLUSH); + } while (res == Z_OK); + if (res != Z_STREAM_END) + errx(1, "inflate: %d", res); + if (z.total_out != sizeof(text)) + errx(1, "decomp len %lu", z.total_out); + if (memcmp(buf2, text, sizeof(text))) + errx(1, "decomp data mismatch"); + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_gcm.c b/contrib/netbsd-tests/crypto/opencrypto/h_gcm.c new file mode 100644 index 000000000000..33f41f0eb271 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_gcm.c @@ -0,0 +1,126 @@ +/* $NetBSD: h_gcm.c,v 1.2 2014/01/17 14:16:08 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +unsigned char key[20] = { 0 }; +char plaintx[16] = { 0 }; +unsigned char iv[16] = { 0 }; +const unsigned char ciphertx[16] = { + 0x03, 0x88, 0xda, 0xce, 0x60, 0xb6, 0xa3, 0x92, + 0xf3, 0x28, 0xc2, 0xb9, 0x71, 0xb2, 0xfe, 0x78 +}; +const unsigned char hash[16] = { + 0xab, 0x6e, 0x47, 0xd4, 0x2c, 0xec, 0x13, 0xbd, + 0xf5, 0x3a, 0x67, 0xb2, 0x12, 0x57, 0xbd, 0xdf +}; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char databuf[16]; + unsigned char macbuf[16]; + unsigned char databuf2[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.mac = CRYPTO_AES_128_GMAC; + cs.mackeylen = sizeof(key); + cs.mackey = key; + cs.cipher = CRYPTO_AES_GCM_16; + cs.key = key; + cs.keylen = sizeof(key); + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co, 0, sizeof(co)); + memset(databuf, 0, sizeof(databuf)); + memset(macbuf, 0, sizeof(macbuf)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(plaintx); + co.src = plaintx; + co.dst = databuf; + co.mac = macbuf; + co.iv = iv; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); +#if 1 + if (memcmp(co.dst, ciphertx, sizeof(ciphertx))) + errx(1, "verification failed"); + if (memcmp(macbuf, hash, sizeof(hash))) + errx(1, "hash failed"); +#else + { + int i; + for (i = 0; i < sizeof(databuf); i++) + printf("%02x ", databuf[i]); + printf("\n"); + } + { + int i; + for (i = 0; i < sizeof(macbuf); i++) + printf("%02x ", macbuf[i]); + printf("\n"); + } +#endif + memset(databuf2, 0, sizeof(databuf2)); + memset(macbuf, 0, sizeof(macbuf)); + co.ses = cs.ses; + co.op = COP_DECRYPT; + co.len = sizeof(databuf); + co.src = databuf; + co.dst = databuf2; + co.mac = macbuf; + co.iv = iv; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp(co.dst, plaintx, sizeof(plaintx))) + errx(1, "verification failed"); + if (memcmp(macbuf, hash, sizeof(hash))) + errx(1, "hash failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_md5.c b/contrib/netbsd-tests/crypto/opencrypto/h_md5.c new file mode 100644 index 000000000000..98379c79d2ed --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_md5.c @@ -0,0 +1,109 @@ +/* $NetBSD: h_md5.c,v 1.5 2014/01/18 20:10:34 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +/* Test vectors from RFC1321 */ + +const struct { + size_t len; + unsigned char plaintx[80]; + unsigned char digest[16]; +} tests[] = { + { 0, "", + { 0xd4, 0x1d, 0x8c, 0xd9, 0x8f, 0x00, 0xb2, 0x04, + 0xe9, 0x80, 0x09, 0x98, 0xec, 0xf8, 0x42, 0x7e } }, + { 1, "a", + { 0x0c, 0xc1, 0x75, 0xb9, 0xc0, 0xf1, 0xb6, 0xa8, + 0x31, 0xc3, 0x99, 0xe2, 0x69, 0x77, 0x26, 0x61 } }, + { 3, "abc", + { 0x90, 0x01, 0x50, 0x98, 0x3c, 0xd2, 0x4f, 0xb0, + 0xd6, 0x96, 0x3f, 0x7d, 0x28, 0xe1, 0x7f, 0x72 } }, + { 14, "message digest", + { 0xf9, 0x6b, 0x69, 0x7d, 0x7c, 0xb7, 0x93, 0x8d, + 0x52, 0x5a, 0x2f, 0x31, 0xaa, 0xf1, 0x61, 0xd0 } }, + { 26, "abcdefghijklmnopqrstuvwxyz", + { 0xc3, 0xfc, 0xd3, 0xd7, 0x61, 0x92, 0xe4, 0x00, + 0x7d, 0xfb, 0x49, 0x6c, 0xca, 0x67, 0xe1, 0x3b } }, + { 62, "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789", + { 0xd1, 0x74, 0xab, 0x98, 0xd2, 0x77, 0xd9, 0xf5, + 0xa5, 0x61, 0x1c, 0x2c, 0x9f, 0x41, 0x9d, 0x9f } }, + { 80, "123456789012345678901234567890123456789012345678901234567890" + "12345678901234567890", + { 0x57, 0xed, 0xf4, 0xa2, 0x2b, 0xe3, 0xc9, 0x55, + 0xac, 0x49, 0xda, 0x2e, 0x21, 0x07, 0xb6, 0x7a } }, +}; + +int +main(void) +{ + int fd, res; + size_t i; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.mac = CRYPTO_MD5; + + for (i = 0; i < __arraycount(tests); i++) { + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION test %zu", i); + + memset(&co, 0, sizeof(co)); + memset(&buf, 0, sizeof(buf)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = tests[i].len; + co.src = __UNCONST(&tests[i].plaintx); + co.mac = buf; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT test %zu", i); + + if (memcmp(co.mac, tests[i].digest, sizeof(tests[i].digest))) + errx(1, "verification failed test %zu", i); + + res = ioctl(fd, CIOCFSESSION, &cs.ses); + if (res < 0) + err(1, "CIOCFSESSION test %zu", i); + } + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_md5hmac.c b/contrib/netbsd-tests/crypto/opencrypto/h_md5hmac.c new file mode 100644 index 000000000000..6753094c51e1 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_md5hmac.c @@ -0,0 +1,181 @@ +/* $NetBSD: h_md5hmac.c,v 1.4 2014/01/18 02:31:14 joerg Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +#define MD5_HMAC_KEYLEN 16 /* Fixed key length supported */ + +/* Test data from RFC2202 */ +const struct { + int num; + size_t key_len; + size_t len; + unsigned char key[80]; + unsigned char data[80]; + unsigned char mac[16]; +} tests[] = { + /* Test #1 */ + { 1, 16, 8, + { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }, + "Hi There", + { 0x92, 0x94, 0x72, 0x7a, 0x36, 0x38, 0xbb, 0x1c, + 0x13, 0xf4, 0x8e, 0xf8, 0x15, 0x8b, 0xfc, 0x9d } + }, + /* Test #2 */ + { 2, 4, 28, + "Jefe", + "what do ya want for nothing?", + { 0x75, 0x0c, 0x78, 0x3e, 0x6a, 0xb0, 0xb5, 0x03, + 0xea, 0xa8, 0x6e, 0x31, 0x0a, 0x5d, 0xb7, 0x38 } + }, + /* Test #3 */ + { 3, 16, 50, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }, + { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd }, + { 0x56, 0xbe, 0x34, 0x52, 0x1d, 0x14, 0x4c, 0x88, + 0xdb, 0xb8, 0xc7, 0x33, 0xf0, 0xe8, 0xb3, 0xf6 } + }, + /* Test #4 */ + { 4, 25, 50, + { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 }, + { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd }, + { 0x69, 0x7e, 0xaf, 0x0a, 0xca, 0x3a, 0x3a, 0xea, + 0x3a, 0x75, 0x16, 0x47, 0x46, 0xff, 0xaa, 0x79 } + }, + /* Test #5 */ + { 5, 16, 20, + { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c }, + "Test With Truncation", + { 0x56, 0x46, 0x1e, 0xf2, 0x34, 0x2e, 0xdc, 0x00, + 0xf9, 0xba, 0xb9, 0x95, 0x69, 0x0e, 0xfd, 0x4c } + }, + /* Test #6 */ + { 6, 80, 54, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }, + "Test Using Larger Than Block-Size Key - Hash Key First", + { 0x6b, 0x1a, 0xb7, 0xfe, 0x4b, 0xd7, 0xbf, 0x8f, + 0x0b, 0x62, 0xe6, 0xce, 0x61, 0xb9, 0xd0, 0xcd } + }, + /* Test #7 */ + { 7, 80, 73, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }, + "Test Using Larger Than Block-Size Key and Larger " + "Than One Block-Size Data", + { 0x6f, 0x63, 0x0f, 0xad, 0x67, 0xcd, 0xa0, 0xee, + 0x1f, 0xb1, 0xf5, 0x62, 0xdb, 0x3a, 0xa5, 0x3e } + }, +}; + +int +main(void) +{ + size_t i; + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + for (i = 0; i < __arraycount(tests); i++) { + if (tests[i].key_len != MD5_HMAC_KEYLEN) + continue; + + memset(&cs, 0, sizeof(cs)); + cs.mac = CRYPTO_MD5_HMAC; + cs.mackeylen = tests[i].key_len; + cs.mackey = __UNCONST(&tests[i].key); + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION test %d", tests[i].num); + + memset(&co, 0, sizeof(co)); + memset(buf, 0, sizeof(buf)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = tests[i].len; + co.src = __UNCONST(&tests[i].data); + co.mac = buf; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT test %d", tests[i].num); + + if (memcmp(co.mac, tests[i].mac, sizeof(tests[i].mac))) + errx(1, "verification failed test %d", tests[i].num); + + res = ioctl(fd, CIOCFSESSION, &cs.ses); + if (res < 0) + err(1, "CIOCFSESSION test %d", tests[i].num); + } + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_null.c b/contrib/netbsd-tests/crypto/opencrypto/h_null.c new file mode 100644 index 000000000000..85e480592583 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_null.c @@ -0,0 +1,76 @@ +/* $NetBSD: h_null.c,v 1.3 2014/01/17 19:35:33 pgoyette Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +unsigned char key[] = "abcdefgh"; +char plaintx[16] = "1234567890123456"; + +int +main(void) +{ + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.cipher = CRYPTO_NULL_CBC; + cs.keylen = 8; + cs.key = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + memset(&co, 0, sizeof(co)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = sizeof(plaintx); + co.src = plaintx; + co.dst = buf; + co.dst_len = sizeof(buf); + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT"); + + if (memcmp(co.dst, plaintx, sizeof(plaintx))) + errx(1, "verification failed"); + + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_sha1hmac.c b/contrib/netbsd-tests/crypto/opencrypto/h_sha1hmac.c new file mode 100644 index 000000000000..c153f761f2b8 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_sha1hmac.c @@ -0,0 +1,191 @@ +/* $NetBSD: h_sha1hmac.c,v 1.2 2014/01/18 02:31:14 joerg Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + +#define SHA1_HMAC_KEYLEN 20 /* Only key-length we support */ + +/* Test data from RFC2202 */ +const struct { + int num; + size_t key_len; + size_t len; + unsigned char key[80]; + unsigned char data[80]; + unsigned char mac[20]; +} tests[] = { + /* Test #1 */ + { 1, 20, 8, + { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b }, + "Hi There", + { 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, + 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, + 0xf1, 0x46, 0xbe, 0x00 } + }, + /* Test #2 */ + { 2, 4, 28, + "Jefe", + "what do ya want for nothing?", + { 0xef, 0xfc, 0xdf, 0x6a, 0xe5, 0xeb, 0x2f, 0xa2, + 0xd2, 0x74, 0x16, 0xd5, 0xf1, 0x84, 0xdf, 0x9c, + 0x25, 0x9a, 0x7c, 0x79 } + }, + /* Test #3 */ + { 3, 20, 50, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa }, + { 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, 0xdd, + 0xdd, 0xdd }, + { 0x12, 0x5d, 0x73, 0x42, 0xb9, 0xac, 0x11, 0xcd, + 0x91, 0xa3, 0x9a, 0xf4, 0x8a, 0xa1, 0x7b, 0x4f, + 0x63, 0xf1, 0x75, 0xd3 } + }, + /* Test #4 */ + { 4, 25, 50, + { 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, + 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 0x10, + 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 0x18, + 0x19 }, + { 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, 0xcd, + 0xcd, 0xcd }, + { 0x4c, 0x90, 0x07, 0xf4, 0x02, 0x62, 0x50, 0xc6, + 0xbc, 0x84, 0x14, 0xf9, 0xbf, 0x50, 0xc8, 0x6c, + 0x2d, 0x72, 0x35, 0xda } + }, + /* Test #5 */ + { 5, 20, 20, + { 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, 0x0c, + 0x0c, 0x0c, 0x0c, 0x0c }, + "Test With Truncation", + { 0x4c, 0x1a, 0x03, 0x42, 0x4b, 0x55, 0xe0, 0x7f, + 0xe7, 0xf2, 0x7b, 0xe1, 0xd5, 0x8b, 0xb9, 0x32, + 0x4a, 0x9a, 0x5a, 0x04 } + }, + /* Test #6 */ + { 6, 80, 54, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }, + "Test Using Larger Than Block-Size Key - Hash Key First", + { 0xaa, 0x4a, 0xe5, 0xe1, 0x52, 0x72, 0xd0, 0x0e, + 0x95, 0x70, 0x56, 0x37, 0xce, 0x8a, 0x3b, 0x55, + 0xed, 0x40, 0x21, 0x12 } + }, + /* Test #7 */ + { 7, 80, 73, + { 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, + 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa, 0xaa }, + "Test Using Larger Than Block-Size Key and Larger Than " + "One Block-Size Data", + { 0xe8, 0xe9, 0x9d, 0x0f, 0x45, 0x23, 0x7d, 0x78, + 0x6d, 0x6b, 0xba, 0xa7, 0x96, 0x5c, 0x78, 0x08, + 0xbb, 0xff, 0x1a, 0x91 } + }, +}; + +int +main(void) +{ + size_t i; + int fd, res; + struct session_op cs; + struct crypt_op co; + unsigned char buf[20]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + for (i = 0; i < __arraycount(tests); i++) { + if (tests[i].key_len != SHA1_HMAC_KEYLEN) + continue; + + memset(&cs, 0, sizeof(cs)); + cs.mac = CRYPTO_SHA1_HMAC; + cs.mackeylen = tests[i].key_len; + cs.mackey = __UNCONST(&tests[i].key); + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION test %d", tests[i].num); + + memset(&co, 0, sizeof(co)); + memset(buf, 0, sizeof(buf)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = tests[i].len; + co.src = __UNCONST(&tests[i].data); + co.mac = buf; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT test %d", tests[i].num); + + if (memcmp(co.mac, &tests[i].mac, sizeof(tests[i].mac))) + errx(1, "verification failed test %d", tests[i].num); + + res = ioctl(fd, CIOCFSESSION, &cs.ses); + if (res < 0) + err(1, "CIOCFSESSION test %d", tests[i].num); + } + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/h_xcbcmac.c b/contrib/netbsd-tests/crypto/opencrypto/h_xcbcmac.c new file mode 100644 index 000000000000..3f89c6e3e5e1 --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/h_xcbcmac.c @@ -0,0 +1,109 @@ +/* $NetBSD: h_xcbcmac.c,v 1.4 2014/01/16 23:56:04 joerg Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include <err.h> +#include <fcntl.h> +#include <stdio.h> +#include <string.h> + +#include <sys/ioctl.h> +#include <sys/time.h> + +#include <crypto/cryptodev.h> + + +/* test vectors from RFC3566 */ +unsigned char key[16] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f +}; +char plaintx[1000] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21 +}; +const struct { + size_t len; + unsigned char mac[12]; +} tests[] = { + { 0, { 0x75, 0xf0, 0x25, 0x1d, 0x52, 0x8a, + 0xc0, 0x1c, 0x45, 0x73, 0xdf, 0xd5 } }, + { 3, { 0x5b, 0x37, 0x65, 0x80, 0xae, 0x2f, + 0x19, 0xaf, 0xe7, 0x21, 0x9c, 0xee } }, + { 16, { 0xd2, 0xa2, 0x46, 0xfa, 0x34, 0x9b, + 0x68, 0xa7, 0x99, 0x98, 0xa4, 0x39 } }, + { 20, { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, + 0x62, 0x15, 0xb8, 0x98, 0x5c, 0x63 } }, + { 32, { 0xf5, 0x4f, 0x0e, 0xc8, 0xd2, 0xb9, + 0xf3, 0xd3, 0x68, 0x07, 0x73, 0x4b } }, + { 34, { 0xbe, 0xcb, 0xb3, 0xbc, 0xcd, 0xb5, + 0x18, 0xa3, 0x06, 0x77, 0xd5, 0x48 } }, + { 1000, { 0xf0, 0xda, 0xfe, 0xe8, 0x95, 0xdb, + 0x30, 0x25, 0x37, 0x61, 0x10, 0x3b } }, +}; + +int +main(void) +{ + int fd, res; + size_t i; + struct session_op cs; + struct crypt_op co; + unsigned char buf[16]; + + fd = open("/dev/crypto", O_RDWR, 0); + if (fd < 0) + err(1, "open"); + memset(&cs, 0, sizeof(cs)); + cs.mac = CRYPTO_AES_XCBC_MAC_96; + cs.mackeylen = sizeof(key); + cs.mackey = key; + res = ioctl(fd, CIOCGSESSION, &cs); + if (res < 0) + err(1, "CIOCGSESSION"); + + for (i = 0; i < __arraycount(tests); i++) { + memset(&co, 0, sizeof(co)); + memset(buf, 0, sizeof(buf)); + if (tests[i].len == sizeof(plaintx)) + memset(&plaintx, 0, sizeof(plaintx)); + co.ses = cs.ses; + co.op = COP_ENCRYPT; + co.len = tests[i].len; + co.src = plaintx; + co.mac = buf; + res = ioctl(fd, CIOCCRYPT, &co); + if (res < 0) + err(1, "CIOCCRYPT test %zu", i); + if (memcmp(buf, &tests[i].mac, sizeof(tests[i].mac))) + errx(1, "verification failed test %zu", i); + } + return 0; +} diff --git a/contrib/netbsd-tests/crypto/opencrypto/t_opencrypto.sh b/contrib/netbsd-tests/crypto/opencrypto/t_opencrypto.sh new file mode 100755 index 000000000000..e8e3f28d939d --- /dev/null +++ b/contrib/netbsd-tests/crypto/opencrypto/t_opencrypto.sh @@ -0,0 +1,276 @@ +# $NetBSD: t_opencrypto.sh,v 1.6 2015/12/26 07:10:03 pgoyette Exp $ +# +# Copyright (c) 2014 The NetBSD Foundation, Inc. +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions +# are met: +# 1. Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# 2. Redistributions in binary form must reproduce the above copyright +# notice, this list of conditions and the following disclaimer in the +# documentation and/or other materials provided with the distribution. +# +# THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS +# ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED +# TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS +# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. +# + +# Start a rumpserver, load required modules, and set requires sysctl vars + +start_rump() { + rump_libs="-l rumpvfs -l rumpdev -l rumpdev_opencrypto" + rump_libs="${rump_libs} -l rumpkern_z -l rumpkern_crypto" + + rump_server ${rump_libs} ${RUMP_SERVER} || \ + return 1 + + rump.sysctl -w kern.cryptodevallowsoft=-1 && \ + return 0 + + rump.halt + + return 1 +} + +common_head() { + atf_set descr "$1" + atf_set timeout 10 + atf_set require.progs rump_server rump.sysctl rump.halt +} + +common_body() { + local status + + start_rump || atf_skip "Cannot set-up rump environment" + LD_PRELOAD="/usr/lib/librumphijack.so" ; export LD_PRELOAD + RUMPHIJACK="blanket=/dev/crypto" ; export RUMPHIJACK + $(atf_get_srcdir)/$1 + status=$? + unset RUMPHIJACK + unset LD_PRELOAD + if [ $status -ne 0 ] ; then + atf_fail "$1 returned non-zero status, check output/error" + fi +} + +common_cleanup() { + unset RUMPHIJACK + unset LD_PRELOAD + rump.halt +} + +atf_test_case arc4 cleanup +arc4_head() { + common_head "Test ARC4 crypto" +} + +arc4_body() { + atf_skip "ARC4 not implemented by swcrypto" + common_body h_arc4 +} + +arc4_cleanup() { + # No cleanup required since test is skipped. Trying to run rump.halt + # at this point fails, causing the ATF environment to erroneously + # report a failed test! + # + # common_cleanup +} + +atf_test_case camellia cleanup +camellia_head() { + common_head "Test CAMELLIA_CBC crypto" +} + +camellia_body() { + common_body h_camellia +} + +camellia_cleanup() { + common_cleanup +} + +atf_test_case cbcdes cleanup +cbcdes_head() { + common_head "Test DES_CBC crypto" +} + +cbcdes_body() { + common_body h_cbcdes +} + +cbcdes_cleanup() { + common_cleanup +} + +atf_test_case comp cleanup +comp_head() { + common_head "Test GZIP_COMP Compression" +} + +comp_body() { + common_body h_comp +} + +comp_cleanup() { + common_cleanup +} + +atf_test_case comp_deflate cleanup +comp_deflate_head() { + common_head "Test DEFLATE_COMP Compression" +} + +comp_deflate_body() { + common_body h_comp_zlib +} + +comp_deflate_cleanup() { + common_cleanup +} + +atf_test_case comp_zlib_rnd cleanup +comp_zlib_rnd_head() { + common_head "Test DEFLATE_COMP Compression with random data" +} + +comp_zlib_rnd_body() { + common_body h_comp_zlib_rnd +} + +comp_zlib_rnd_cleanup() { + common_cleanup +} + +atf_test_case aesctr1 cleanup +aesctr1_head() { + common_head "Test AES_CTR crypto" +} + +aesctr1_body() { + common_body h_aesctr1 +} + +aesctr1_cleanup() { + common_cleanup +} + +atf_test_case aesctr2 cleanup +aesctr2_head() { + common_head "Test AES_CTR crypto" +} + +aesctr2_body() { + common_body h_aesctr2 +} + +aesctr2_cleanup() { + common_cleanup +} + +atf_test_case gcm cleanup +gcm_head() { + common_head "Test AES_GCM_16 crypto" +} + +gcm_body() { + common_body h_gcm +} + +gcm_cleanup() { + common_cleanup +} + +atf_test_case md5 cleanup +md5_head() { + common_head "Test MD5 crypto" +} + +md5_body() { + common_body h_md5 +} + +md5_cleanup() { + common_cleanup +} + +atf_test_case md5_hmac cleanup +md5_hmac_head() { + common_head "Test MD5_HMAC crypto" +} + +md5_hmac_body() { + common_body h_md5hmac +} + +md5_hmac_cleanup() { + common_cleanup +} + +atf_test_case null cleanup +null_head() { + common_head "Test NULL_CBC crypto" +} + +null_body() { + common_body h_null +} + +null_cleanup() { + common_cleanup +} + +atf_test_case sha1_hmac cleanup +sha1_hmac_head() { + common_head "Test SHA1_HMAC crypto" +} + +sha1_hmac_body() { + common_body h_sha1hmac +} + +sha1_hmac_cleanup() { + common_cleanup +} + +atf_test_case xcbcmac cleanup +xcbcmac_head() { + common_head "Test XCBC_MAC_96 crypto" +} + +xcbcmac_body() { + common_body h_xcbcmac +} + +xcbcmac_cleanup() { + common_cleanup +} + +atf_init_test_cases() { + RUMP_SERVER="unix://t_opencrypto_socket" ; export RUMP_SERVER + + atf_add_test_case arc4 + atf_add_test_case camellia + atf_add_test_case cbcdes + atf_add_test_case comp + atf_add_test_case comp_deflate + atf_add_test_case comp_zlib_rnd + atf_add_test_case aesctr1 + atf_add_test_case aesctr2 + atf_add_test_case gcm + atf_add_test_case md5 + atf_add_test_case md5_hmac + atf_add_test_case null + atf_add_test_case sha1_hmac + atf_add_test_case xcbcmac +} |