From owner-p4-projects@FreeBSD.ORG Fri Nov 7 00:10:08 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 6CBC8E65; Fri, 7 Nov 2014 00:10:08 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 30C64E62 for ; Fri, 7 Nov 2014 00:10:08 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 1D97C661 for ; Fri, 7 Nov 2014 00:10:08 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA70A7AN006030 for ; Fri, 7 Nov 2014 00:10:07 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA70A7h3006027 for perforce@freebsd.org; Fri, 7 Nov 2014 00:10:07 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 00:10:07 GMT Message-Id: <201411070010.sA70A7h3006027@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202583 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 00:10:08 -0000 http://p4web.freebsd.org/@@1202583?ac=10 Change 1202583 by jmg@jmg_carbon2 on 2014/11/07 00:09:40 simplify this loop a little bit.. the double return bothered me... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/opencrypto/crypto.c#3 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/crypto.c#3 (text+ko) ==== @@ -372,9 +372,8 @@ best = cap; } } - if (best != NULL) - return best; - if (match == CRYPTOCAP_F_HARDWARE && (flags & CRYPTOCAP_F_SOFTWARE)) { + if (best == NULL && match == CRYPTOCAP_F_HARDWARE && + (flags & CRYPTOCAP_F_SOFTWARE)) { /* sort of an Algol 68-style for loop */ match = CRYPTOCAP_F_SOFTWARE; goto again; From owner-p4-projects@FreeBSD.ORG Fri Nov 7 00:14:13 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EAE392AA; Fri, 7 Nov 2014 00:14:12 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id ABCB92A8 for ; Fri, 7 Nov 2014 00:14:12 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 987BE77C for ; Fri, 7 Nov 2014 00:14:12 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA70ECKB008900 for ; Fri, 7 Nov 2014 00:14:12 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA70ECLA008897 for perforce@freebsd.org; Fri, 7 Nov 2014 00:14:12 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 00:14:12 GMT Message-Id: <201411070014.sA70ECLA008897@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202585 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 00:14:13 -0000 http://p4web.freebsd.org/@@1202585?ac=10 Change 1202585 by jmg@jmg_carbon2 on 2014/11/07 00:13:16 improve the selection of the device... If you ask for both _HARDWARE and _SOFTWARE devices, but software is disallowed per sysctl, silently remove _SOFTWARE... We'll still get an error if the _HARDWARE doesn't support it... This makes testing of both the hardware drivers and software drivers easier... Most software will just set _HARDWARE and will continue to work... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#10 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#10 (text+ko) ==== @@ -338,15 +338,23 @@ * by device name/class or through search constraints. */ static int -checkforsoftware(int crid) +checkforsoftware(int *cridp) { + int crid; + + crid = *cridp; if (!crypto_devallowsoft) { - if (crid & CRYPTOCAP_F_SOFTWARE) - return EINVAL; /* XXX */ + if (crid & CRYPTOCAP_F_SOFTWARE) { + if (crid & CRYPTOCAP_F_HARDWARE) { + *cridp = CRYPTOCAP_F_HARDWARE; + return 0; + } + return EINVAL; + } if ((crid & CRYPTOCAP_F_HARDWARE) == 0 && (crypto_getcaps(crid) & CRYPTOCAP_F_HARDWARE) == 0) - return EINVAL; /* XXX */ + return EINVAL; } return 0; } @@ -537,7 +545,7 @@ #endif ) { crid = SES2(sop)->crid; - error = checkforsoftware(crid); + error = checkforsoftware(&crid); if (error) { CRYPTDEB("checkforsoftware"); goto bail; From owner-p4-projects@FreeBSD.ORG Fri Nov 7 00:29:29 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id B06CD805; Fri, 7 Nov 2014 00:29:29 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 70F20803 for ; Fri, 7 Nov 2014 00:29:29 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5D6BB8D5 for ; Fri, 7 Nov 2014 00:29:29 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA70TTHS011715 for ; Fri, 7 Nov 2014 00:29:29 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA70TTsD011712 for perforce@freebsd.org; Fri, 7 Nov 2014 00:29:29 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 00:29:29 GMT Message-Id: <201411070029.sA70TTsD011712@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202586 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 00:29:30 -0000 http://p4web.freebsd.org/@@1202586?ac=10 Change 1202586 by jmg@jmg_carbon2 on 2014/11/07 00:28:51 make sure that the passed in name is NUL terminated so we don't strlen random kernel memory... use strncpy here... Even though we aren't leaking kernel memory, it's cleaner to NUL out the remaining buffer... for those that ask, there is a security reason why strncpy exists... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#11 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.c#11 (text+ko) ==== @@ -1151,14 +1151,16 @@ cryptodev_find(struct crypt_find_op *find) { device_t dev; + size_t fnlen = sizeof find->name; if (find->crid != -1) { dev = crypto_find_device_byhid(find->crid); if (dev == NULL) return (ENOENT); - strlcpy(find->name, device_get_nameunit(dev), - sizeof(find->name)); + strncpy(find->name, device_get_nameunit(dev), fnlen); + find->name[fnlen - 1] = '\x0'; } else { + find->name[fnlen - 1] = '\x0'; find->crid = crypto_find_driver(find->name); if (find->crid == -1) return (ENOENT); From owner-p4-projects@FreeBSD.ORG Fri Nov 7 00:41:43 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 4371BA32; Fri, 7 Nov 2014 00:41:43 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 04237A30 for ; Fri, 7 Nov 2014 00:41:43 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E505EA71 for ; Fri, 7 Nov 2014 00:41:42 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA70fggi015380 for ; Fri, 7 Nov 2014 00:41:42 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA70fgwi015377 for perforce@freebsd.org; Fri, 7 Nov 2014 00:41:42 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 00:41:42 GMT Message-Id: <201411070041.sA70fgwi015377@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202587 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 00:41:43 -0000 http://p4web.freebsd.org/@@1202587?ac=10 Change 1202587 by jmg@jmg_carbon2 on 2014/11/07 00:40:50 add a method to map a device name to it's crid... This will allow us to specify which device to test... It'd be nice in the future to query and test all of the devices that are in the system, though as each one will support a different set of features, it'll be complicated to test and make sure we know they are correct.. Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/tests/sys/opencrypto/cryptodev.py#2 edit Differences ... ==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptodev.py#2 (text+ko) ==== @@ -11,6 +11,12 @@ __all__ = [ 'Crypto', 'MismatchError', ] +class FindOp(dpkt.Packet): + __byte_order__ = '@' + __hdr__ = ( ('crid', 'i', 0), + ('name', '32s', 0), + ) + class SessionOp(dpkt.Packet): __byte_order__ = '@' __hdr__ = ( ('cipher', 'I', 0), @@ -89,7 +95,19 @@ _cryptodev = _getdev() class Crypto: - def __init__(self, cipher=0, key=None, mac=0, mackey=None): + @staticmethod + def findcrid(name): + fop = FindOp() + fop.crid = -1 + fop.name = name + s = array.array('B', fop.pack_hdr()) + ioctl(_cryptodev, CIOCFINDDEV, s, 1) + fop.unpack(s) + + return fop.crid + + def __init__(self, cipher=0, key=None, mac=0, mackey=None, + crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE): self._ses = None ses = SessionOp2() ses.cipher = cipher @@ -327,7 +345,10 @@ return ''.join(s.split()).decode('hex') if __name__ == '__main__': - if False: + if True: + print Crypto.findcrid('aesni0') + + elif False: kp = KATParser('/usr/home/jmg/aesni.testing/format tweak value input - data unit seq no/XTSGenAES128.rsp', [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', 'CT' ]) for mode, ni in kp: print `i`, `ni` From owner-p4-projects@FreeBSD.ORG Fri Nov 7 00:50:53 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 77638DC8; Fri, 7 Nov 2014 00:50:53 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 37E4EDC6 for ; Fri, 7 Nov 2014 00:50:53 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 244E6B88 for ; Fri, 7 Nov 2014 00:50:53 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA70orvj016633 for ; Fri, 7 Nov 2014 00:50:53 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA70oqme016630 for perforce@freebsd.org; Fri, 7 Nov 2014 00:50:52 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 00:50:52 GMT Message-Id: <201411070050.sA70oqme016630@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202588 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 00:50:53 -0000 http://p4web.freebsd.org/@@1202588?ac=10 Change 1202588 by jmg@jmg_carbon2 on 2014/11/07 00:50:03 add support for fetching the name of a crid... Add a small little test program that dumps the names of all the crypto devices in the system... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/tests/sys/opencrypto/cryptodev.py#3 edit Differences ... ==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptodev.py#3 (text+ko) ==== @@ -94,17 +94,30 @@ _cryptodev = _getdev() +def _findop(crid, name): + fop = FindOp() + fop.crid = crid + fop.name = name + s = array.array('B', fop.pack_hdr()) + ioctl(_cryptodev, CIOCFINDDEV, s, 1) + fop.unpack(s) + + try: + idx = fop.name.index('\x00') + name = fop.name[:idx] + except ValueError: + name = fop.name + + return fop.crid, name + class Crypto: @staticmethod def findcrid(name): - fop = FindOp() - fop.crid = -1 - fop.name = name - s = array.array('B', fop.pack_hdr()) - ioctl(_cryptodev, CIOCFINDDEV, s, 1) - fop.unpack(s) + return _findop(-1, name)[0] - return fop.crid + @staticmethod + def getcridname(crid): + return _findop(crid, '')[1] def __init__(self, cipher=0, key=None, mac=0, mackey=None, crid=CRYPTOCAP_F_SOFTWARE | CRYPTOCAP_F_HARDWARE): @@ -346,8 +359,18 @@ if __name__ == '__main__': if True: - print Crypto.findcrid('aesni0') + try: + crid = Crypto.findcrid('aesni0') + print 'aesni:', crid + except IOError: + print 'aesni0 not found' + for i in xrange(10): + try: + name = Crypto.getcridname(i) + print '%2d: %s' % (i, `name`) + except IOError: + pass elif False: kp = KATParser('/usr/home/jmg/aesni.testing/format tweak value input - data unit seq no/XTSGenAES128.rsp', [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', 'CT' ]) for mode, ni in kp: From owner-p4-projects@FreeBSD.ORG Fri Nov 7 03:17:31 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 5E2DBFF5; Fri, 7 Nov 2014 03:17:31 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 21D3DFF3 for ; Fri, 7 Nov 2014 03:17:31 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id E8252CBA for ; Fri, 7 Nov 2014 03:17:30 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA73HUgC055878 for ; Fri, 7 Nov 2014 03:17:30 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA73HUar055875 for perforce@freebsd.org; Fri, 7 Nov 2014 03:17:30 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 03:17:30 GMT Message-Id: <201411070317.sA73HUar055875@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202593 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 03:17:31 -0000 http://p4web.freebsd.org/@@1202593?ac=10 Change 1202593 by jmg@jmg_carbon2 on 2014/11/07 03:17:12 document CIOCFINDDEV so others are likely to use it... remove some NetBSD specific verbiage... I should look at this to see if we can do the same... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/share/man/man4/crypto.4#5 edit Differences ... ==== //depot/projects/opencrypto/share/man/man4/crypto.4#5 (text+ko) ==== @@ -4,7 +4,7 @@ .\" Copyright (c) 2014 The FreeBSD Foundation .\" All rights reserved. .\" -.\" Portions of this documentation were writen by John-Mark Gurney +.\" Portions of this documentation were written by John-Mark Gurney .\" under sponsorship of the FreeBSD Foundation and .\" Rubicon Communications, LLC (Netgate). .\" @@ -58,7 +58,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF .\" THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 12, 2014 +.Dd November 6, 2014 .Dt CRYPTO 4 .Os .Sh NAME @@ -154,19 +154,41 @@ requests against the session. .Ss Algorithms For a list of supported algorithms, see +.Xr crypto 7 +and .Xr crypto 9 . .Ss IOCTL Request Descriptions .\" .Bl -tag -width CIOCGSESSION .\" .It Dv CRIOGET Fa int *fd -This operation is deprecated and will be removed after -.Nx 5.0 . -It clones the fd argument to +Clone the fd argument to .Xr ioctl 2 , yielding a new file descriptor for the creation of sessions. -Because the device now clones on open, this operation is unnecessary. .\" +.It Dv CIOCFINDDEV Fa struct crypt_find_op *fop +.Bd -literal +struct crypt_find_op { + int crid; /* driver id + flags */ + char name[32]; /* device/driver name */ +}; + +.Ed +If +.Fa crid +is -1, then find the driver named +.Fa name +and return the id in +.Fa crid . +If +.Fa crid +is not -1, return the name of the driver with +.Fa crid +in +.Fa name . +In either case, if the driver is not found, +.Dv ENOENT +is returned. .It Dv CIOCGSESSION Fa struct session_op *sessp .Bd -literal struct session_op { From owner-p4-projects@FreeBSD.ORG Fri Nov 7 03:31:46 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id EC58B2F4; Fri, 7 Nov 2014 03:31:45 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE8922F2 for ; Fri, 7 Nov 2014 03:31:45 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 9AFF5E26 for ; Fri, 7 Nov 2014 03:31:45 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA73Vjxe060209 for ; Fri, 7 Nov 2014 03:31:45 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA73VjnV060206 for perforce@freebsd.org; Fri, 7 Nov 2014 03:31:45 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 03:31:45 GMT Message-Id: <201411070331.sA73VjnV060206@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202594 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 03:31:46 -0000 http://p4web.freebsd.org/@@1202594?ac=10 Change 1202594 by jmg@jmg_carbon2 on 2014/11/07 03:31:08 pull in mtree files so I can add the opencrypto dir to it... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/etc/mtree/BSD.debug.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.groff.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.include.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.release.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.root.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.sendmail.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.usr.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/BSD.var.dist#1 branch .. //depot/projects/opencrypto/etc/mtree/Makefile#1 branch .. //depot/projects/opencrypto/etc/mtree/README#1 branch Differences ... From owner-p4-projects@FreeBSD.ORG Fri Nov 7 03:47:01 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id C3513724; Fri, 7 Nov 2014 03:47:01 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85242722 for ; Fri, 7 Nov 2014 03:47:01 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 66B5FF11 for ; Fri, 7 Nov 2014 03:47:01 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA73l1qG063088 for ; Fri, 7 Nov 2014 03:47:01 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA73l17t063085 for perforce@freebsd.org; Fri, 7 Nov 2014 03:47:01 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 03:47:01 GMT Message-Id: <201411070347.sA73l17t063085@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202596 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 03:47:02 -0000 http://p4web.freebsd.org/@@1202596?ac=10 Change 1202596 by jmg@jmg_carbon2 on 2014/11/07 03:46:03 I believe that this should get things working for tests... Though when I run the tests, it doesn't run for some reason... Not sure why... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/runtests.sh#1 add Differences ... ==== //depot/projects/opencrypto/etc/mtree/BSD.tests.dist#2 (text+ko) ==== @@ -143,6 +143,8 @@ .. netinet .. + opencrypto + .. .. usr.bin apply ==== //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#2 (text+ko) ==== @@ -1,8 +1,43 @@ # $FreeBSD$ -TESTDIR= ${TESTSBASE}/sys/opencrypto +.PATH: ${.CURDIR}/data + +TESTSDIR= ${TESTSBASE}/sys/opencrypto BINDIR= ${TESTSDIR} +PLAIN_TESTS_SH= runtests + TEST_METADATA.foo+=required_programs="python" +PYMODULES= cryptodev.py cryptodevh.py cryptotest.py dpkt.py + +FILESDIR= ${TESTSDIR} +FILES= ${PYMODULES} + +FILES+= CBCGFSbox128.rsp +FILES+= CBCGFSbox192.rsp +FILES+= CBCGFSbox256.rsp +FILES+= CBCKeySbox128.rsp +FILES+= CBCKeySbox192.rsp +FILES+= CBCKeySbox256.rsp +FILES+= CBCVarKey128.rsp +FILES+= CBCVarKey192.rsp +FILES+= CBCVarKey256.rsp +FILES+= CBCVarTxt128.rsp +FILES+= CBCVarTxt192.rsp +FILES+= CBCVarTxt256.rsp +FILES+= HMAC.rsp +FILES+= TCBCinvperm.rsp +FILES+= TCBCpermop.rsp +FILES+= TCBCsubtab.rsp +FILES+= TCBCvarkey.rsp +FILES+= TCBCvartext.rsp +FILES+= XTSGenAES128.rsp +FILES+= XTSGenAES256.rsp +FILES+= gcmDecrypt128.rsp +FILES+= gcmDecrypt192.rsp +FILES+= gcmDecrypt256.rsp +FILES+= gcmEncryptExtIV128.rsp +FILES+= gcmEncryptExtIV192.rsp +FILES+= gcmEncryptExtIV256.rsp .include ==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#2 (text+ko) ==== @@ -7,196 +7,223 @@ from cryptodev import * from glob import iglob -class CryptoXTSTestCase(unittest.TestCase): - def test_xts(self): - for i in iglob('data/XTS*.rsp'): - self.runXTS(i, cryptodev.CRYPTO_AES_XTS) +aesmodules = [ 'cryptosoft0', 'aesni0', ] +desmodules = [ 'cryptosoft0', ] +shamodules = [ 'cryptosoft0', ] + +def GenTestCase(cname): + try: + crid = cryptodev.Crypto.findcrid(cname) + except IOError: + return None + + class GendCryptoTestCase(unittest.TestCase): + ############### + ##### AES ##### + ############### + @unittest.skipIf(cname not in aesmodules, 'skipping AES on %s' % `cname`) + def test_xts(self): + for i in iglob('data/XTS*.rsp'): + self.runXTS(i, cryptodev.CRYPTO_AES_XTS) + + def test_cbc(self): + for i in iglob('data/CBC[GKV]*.rsp'): + self.runCBC(i) - def test_cbc(self): - for i in iglob('data/CBC[GKV]*.rsp'): - self.runCBC(i) + def test_gcm(self): + for i in iglob('data/gcmEncrypt*'): + self.runGCM(i, 'ENCRYPT') - def test_tdes(self): - for i in iglob('data/TCBC[a-z]*.rsp'): - self.runTDES(i) + for i in iglob('data/gcmDecrypt*'): + self.runGCM(i, 'DECRYPT') - def test_gcm(self): - for i in iglob('data/gcmEncrypt*'): - self.runGCM(i, 'ENCRYPT') + _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC, + 24: cryptodev.CRYPTO_AES_192_NIST_GMAC, + 16: cryptodev.CRYPTO_AES_128_NIST_GMAC, + } + def runGCM(self, fname, mode): + curfun = None + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - for i in iglob('data/gcmDecrypt*'): - self.runGCM(i, 'DECRYPT') + for bogusmode, lines in cryptodev.KATParser(fname, + [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]): + for data in lines: + curcnt = int(data['Count']) + cipherkey = data['Key'].decode('hex') + iv = data['IV'].decode('hex') + aad = data['AAD'].decode('hex') + tag = data['Tag'].decode('hex') + if 'FAIL' not in data: + pt = data['PT'].decode('hex') + ct = data['CT'].decode('hex') - def test_sha(self): - # SHA not available in software - pass - #for i in iglob('data/SHA1*'): - # self.runSHA(i) + if len(iv) != 12: + # XXX - isn't supported + continue - def test_sha1hmac(self): - self.runSHA1HMAC('data/HMAC.rsp') + c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, + cipherkey, + mac=self._gmacsizes[len(cipherkey)], + mackey=cipherkey, crid=crid) - def runSHA1HMAC(self, fname): - for bogusmode, lines in cryptodev.KATParser(fname, - [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]): - for data in lines: - key = data['Key'].decode('hex') - msg = data['Msg'].decode('hex') - mac = data['Mac'].decode('hex') + if mode == 'ENCRYPT': + rct, rtag = c.encrypt(pt, iv, aad) + rtag = rtag[:len(tag)] + data['rct'] = rct.encode('hex') + data['rtag'] = rtag.encode('hex') + self.assertEqual(rct, ct, `data`) + self.assertEqual(rtag, tag, `data`) + else: + if len(tag) != 16: + continue + args = (ct, iv, aad, tag) + if 'FAIL' in data: + self.assertRaises(IOError, + c.decrypt, *args) + else: + rpt, rtag = c.decrypt(*args) + data['rpt'] = rpt.encode('hex') + data['rtag'] = rtag.encode('hex') + self.assertEqual(rpt, pt, + `data`) - if len(key) != 20: - # XXX - implementation bug - continue + def runCBC(self, fname): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC, - mackey=key) + for data in lines: + curcnt = int(data['COUNT']) + cipherkey = data['KEY'].decode('hex') + iv = data['IV'].decode('hex') + pt = data['PLAINTEXT'].decode('hex') + ct = data['CIPHERTEXT'].decode('hex') - r = c.encrypt(msg) - self.assertEqual(r, mac, `data`) + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC, - 24: cryptodev.CRYPTO_AES_192_NIST_GMAC, - 16: cryptodev.CRYPTO_AES_128_NIST_GMAC, - } - def runGCM(self, fname, mode): - curfun = None - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + def runXTS(self, fname, meth): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', + 'CT' ]): + if mode == 'ENCRYPT': + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt + else: + raise RuntimeError('unknown mode: %s' % `mode`) - for bogusmode, lines in cryptodev.KATParser(fname, - [ 'Count', 'Key', 'IV', 'CT', 'AAD', 'Tag', 'PT', ]): - for data in lines: - curcnt = int(data['Count']) - cipherkey = data['Key'].decode('hex') - iv = data['IV'].decode('hex') - aad = data['AAD'].decode('hex') - tag = data['Tag'].decode('hex') - if 'FAIL' not in data: + for data in lines: + curcnt = int(data['COUNT']) + nbits = int(data['DataUnitLen']) + cipherkey = data['Key'].decode('hex') + iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0) pt = data['PT'].decode('hex') - ct = data['CT'].decode('hex') + ct = data['CT'].decode('hex') - if len(iv) != 12: - # XXX - isn't supported - continue + if nbits % 128 != 0: + # XXX - mark as skipped + continue + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(meth, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16, - cipherkey, - mac=self._gmacsizes[len(cipherkey)], - mackey=cipherkey) + ############### + ##### DES ##### + ############### + @unittest.skipIf(cname not in desmodules, 'skipping DES on %s' % `cname`) + def test_tdes(self): + for i in iglob('data/TCBC[a-z]*.rsp'): + self.runTDES(i) + def runTDES(self, fname): + curfun = None + for mode, lines in cryptodev.KATParser(fname, + [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): if mode == 'ENCRYPT': - rct, rtag = c.encrypt(pt, iv, aad) - rtag = rtag[:len(tag)] - data['rct'] = rct.encode('hex') - data['rtag'] = rtag.encode('hex') - self.assertEqual(rct, ct, `data`) - self.assertEqual(rtag, tag, `data`) + swapptct = False + curfun = Crypto.encrypt + elif mode == 'DECRYPT': + swapptct = True + curfun = Crypto.decrypt else: - if len(tag) != 16: - continue - args = (ct, iv, aad, tag) - if 'FAIL' in data: - self.assertRaises(IOError, - c.decrypt, *args) - else: - rpt, rtag = c.decrypt(*args) - data['rpt'] = rpt.encode('hex') - data['rtag'] = rtag.encode('hex') - self.assertEqual(rpt, pt, - `data`) + raise RuntimeError('unknown mode: %s' % `mode`) + + for data in lines: + curcnt = int(data['COUNT']) + key = data['KEYs'] * 3 + cipherkey = key.decode('hex') + iv = data['IV'].decode('hex') + pt = data['PLAINTEXT'].decode('hex') + ct = data['CIPHERTEXT'].decode('hex') - def runTDES(self, fname): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + if swapptct: + pt, ct = ct, pt + # run the fun + c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey, crid=crid) + r = curfun(c, pt, iv) + self.assertEqual(r, ct) - for data in lines: - curcnt = int(data['COUNT']) - key = data['KEYs'] * 3 - cipherkey = key.decode('hex') - iv = data['IV'].decode('hex') - pt = data['PLAINTEXT'].decode('hex') - ct = data['CIPHERTEXT'].decode('hex') + ############### + ##### SHA ##### + ############### + @unittest.skipIf(cname not in shamodules, 'skipping SHA on %s' % `cname`) + def test_sha(self): + # SHA not available in software + pass + #for i in iglob('data/SHA1*'): + # self.runSHA(i) - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) + def test_sha1hmac(self): + self.runSHA1HMAC('data/HMAC.rsp') - def runCBC(self, fname): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'KEY', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + def runSHA1HMAC(self, fname): + for bogusmode, lines in cryptodev.KATParser(fname, + [ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]): + for data in lines: + key = data['Key'].decode('hex') + msg = data['Msg'].decode('hex') + mac = data['Mac'].decode('hex') - for data in lines: - curcnt = int(data['COUNT']) - cipherkey = data['KEY'].decode('hex') - iv = data['IV'].decode('hex') - pt = data['PLAINTEXT'].decode('hex') - ct = data['CIPHERTEXT'].decode('hex') + if len(key) != 20: + # XXX - implementation bug + continue - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) + c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC, + mackey=key, crid=crid) - def runXTS(self, fname, meth): - curfun = None - for mode, lines in cryptodev.KATParser(fname, - [ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', - 'CT' ]): - if mode == 'ENCRYPT': - swapptct = False - curfun = Crypto.encrypt - elif mode == 'DECRYPT': - swapptct = True - curfun = Crypto.decrypt - else: - raise RuntimeError('unknown mode: %s' % `mode`) + r = c.encrypt(msg) + self.assertEqual(r, mac, `data`) - for data in lines: - curcnt = int(data['COUNT']) - nbits = int(data['DataUnitLen']) - cipherkey = data['Key'].decode('hex') - iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0) - pt = data['PT'].decode('hex') - ct = data['CT'].decode('hex') + return GendCryptoTestCase - if nbits % 128 != 0: - # XXX - mark as skipped - continue - if swapptct: - pt, ct = ct, pt - # run the fun - c = Crypto(meth, cipherkey) - r = curfun(c, pt, iv) - self.assertEqual(r, ct) +cryptosoft = GenTestCase('cryptosoft0') +aesni = GenTestCase('aesni0') if __name__ == '__main__': unittest.main() From owner-p4-projects@FreeBSD.ORG Fri Nov 7 04:06:22 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id DE2678C3; Fri, 7 Nov 2014 04:06:21 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 85D0E8C1 for ; Fri, 7 Nov 2014 04:06:21 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6F45D111 for ; Fri, 7 Nov 2014 04:06:21 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA746L9h067818 for ; Fri, 7 Nov 2014 04:06:21 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA746L28067815 for perforce@freebsd.org; Fri, 7 Nov 2014 04:06:21 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 04:06:21 GMT Message-Id: <201411070406.sA746L28067815@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202597 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 04:06:22 -0000 http://p4web.freebsd.org/@@1202597?ac=10 Change 1202597 by jmg@jmg_carbon2 on 2014/11/07 04:05:32 fix the test... I need to cd into the script dir so that I can locate the program... It'd be nice to get better errors... The standard log doesn't appear to contain stderr... Move all the data files into the current directory.. This allows us to still run the tests here, and this is what other tests are doing... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCGFSbox128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCGFSbox192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCGFSbox256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCKeySbox128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCKeySbox192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCKeySbox256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarKey128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarKey192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarKey256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarTxt128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarTxt192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/CBCVarTxt256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/HMAC.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#3 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/TCBCinvperm.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/TCBCpermop.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/TCBCsubtab.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/TCBCvarkey.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/TCBCvartext.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/XTSGenAES128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/XTSGenAES256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#3 edit .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCGFSbox128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCGFSbox192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCGFSbox256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCKeySbox128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCKeySbox192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCKeySbox256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarKey128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarKey192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarKey256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarTxt128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarTxt192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/CBCVarTxt256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/HMAC.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/TCBCinvperm.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/TCBCpermop.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/TCBCsubtab.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/TCBCvarkey.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/TCBCvartext.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/XTSGenAES128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/XTSGenAES256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmDecrypt128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmDecrypt192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmDecrypt256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmEncryptExtIV128.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmEncryptExtIV192.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/data/gcmEncryptExtIV256.rsp#2 delete .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmDecrypt128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmDecrypt192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmDecrypt256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmEncryptExtIV128.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmEncryptExtIV192.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/gcmEncryptExtIV256.rsp#1 branch .. //depot/projects/opencrypto/tests/sys/opencrypto/runtests.sh#2 edit Differences ... ==== //depot/projects/opencrypto/tests/sys/opencrypto/Makefile#3 (text+ko) ==== @@ -1,7 +1,5 @@ # $FreeBSD$ -.PATH: ${.CURDIR}/data - TESTSDIR= ${TESTSBASE}/sys/opencrypto BINDIR= ${TESTSDIR} ==== //depot/projects/opencrypto/tests/sys/opencrypto/cryptotest.py#3 (text+ko) ==== @@ -23,18 +23,18 @@ ############### @unittest.skipIf(cname not in aesmodules, 'skipping AES on %s' % `cname`) def test_xts(self): - for i in iglob('data/XTS*.rsp'): + for i in iglob('XTS*.rsp'): self.runXTS(i, cryptodev.CRYPTO_AES_XTS) def test_cbc(self): - for i in iglob('data/CBC[GKV]*.rsp'): + for i in iglob('CBC[GKV]*.rsp'): self.runCBC(i) def test_gcm(self): - for i in iglob('data/gcmEncrypt*'): + for i in iglob('gcmEncrypt*'): self.runGCM(i, 'ENCRYPT') - for i in iglob('data/gcmDecrypt*'): + for i in iglob('gcmDecrypt*'): self.runGCM(i, 'DECRYPT') _gmacsizes = { 32: cryptodev.CRYPTO_AES_256_NIST_GMAC, @@ -158,7 +158,7 @@ ############### @unittest.skipIf(cname not in desmodules, 'skipping DES on %s' % `cname`) def test_tdes(self): - for i in iglob('data/TCBC[a-z]*.rsp'): + for i in iglob('TCBC[a-z]*.rsp'): self.runTDES(i) def runTDES(self, fname): @@ -196,11 +196,11 @@ def test_sha(self): # SHA not available in software pass - #for i in iglob('data/SHA1*'): + #for i in iglob('SHA1*'): # self.runSHA(i) def test_sha1hmac(self): - self.runSHA1HMAC('data/HMAC.rsp') + self.runSHA1HMAC('HMAC.rsp') def runSHA1HMAC(self, fname): for bogusmode, lines in cryptodev.KATParser(fname, ==== //depot/projects/opencrypto/tests/sys/opencrypto/runtests.sh#2 (text+ko) ==== @@ -14,6 +14,7 @@ oldcdas=$(sysctl -e kern.cryptodevallowsoft) sysctl kern.cryptodevallowsoft=1 +cd "$(dirname "$0")" python cryptotest.py sysctl "$oldcdas" From owner-p4-projects@FreeBSD.ORG Fri Nov 7 21:26:13 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id D7D15B9A; Fri, 7 Nov 2014 21:26:13 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 98BCBB98 for ; Fri, 7 Nov 2014 21:26:13 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 6B41DE2F for ; Fri, 7 Nov 2014 21:26:13 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA7LQDUk036360 for ; Fri, 7 Nov 2014 21:26:13 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA7LQD4u036357 for perforce@freebsd.org; Fri, 7 Nov 2014 21:26:13 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 21:26:13 GMT Message-Id: <201411072126.sA7LQD4u036357@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202624 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 21:26:14 -0000 http://p4web.freebsd.org/@@1202624?ac=10 Change 1202624 by jmg@jmg_carbon2 on 2014/11/07 21:25:16 remove some debugging... Affected files ... .. //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#13 edit Differences ... ==== //depot/projects/opencrypto/sys/crypto/aesni/aesni.c#13 (text+ko) ==== @@ -443,17 +443,6 @@ return (error); } -#if 0 -static void -printhexstr(uint8_t *ptr, int len) -{ - int i; - - for (i = 0; i < len; i++) - printf("%02hhx", ptr[i]); -} -#endif - /* * authcrd contains the associated date. */ @@ -517,7 +506,6 @@ /* Setup ses->iv */ bzero(ses->iv, sizeof ses->iv); - /*printf("crd_flags: %#x, ivlen: %d, iv: ", enccrd->crd_flags, ivlen);*/ if (encflag) { if ((enccrd->crd_flags & CRD_F_IV_EXPLICIT) != 0) bcopy(enccrd->crd_iv, ses->iv, ivlen); @@ -533,18 +521,12 @@ crypto_copydata(crp->crp_flags, crp->crp_buf, enccrd->crd_inject, ivlen, ses->iv); } - /*printhexstr(ses->iv, ivlen); - printf("\n");*/ - if (authcrd != NULL && !encflag) { + if (authcrd != NULL && !encflag) crypto_copydata(crp->crp_flags, crp->crp_buf, authcrd->crd_inject, GMAC_DIGEST_LEN, tag); - } else { - /*printf("ptag: "); - printhexstr(tag, sizeof tag); - printf("\n");*/ + else bzero(tag, sizeof tag); - } /* Do work */ switch (ses->algo) { @@ -572,18 +554,6 @@ ses->iv); break; case CRYPTO_AES_NIST_GCM_16: - /*printf("GCM: %d\n", encflag); - printf("buf(%d): ", enccrd->crd_len); - printhexstr(buf, enccrd->crd_len); - printf("\nauthbuf(%d): ", authcrd->crd_len); - printhexstr(authbuf, authcrd->crd_len); - printf("\niv: "); - printhexstr(ses->iv, ivlen); - printf("\ntag: "); - printhexstr(tag, 16); - printf("\nsched: "); - printhexstr(ses->enc_schedule, 16 * (ses->rounds + 1)); - printf("\n");*/ if (encflag) AES_GCM_encrypt(buf, buf, authbuf, ses->iv, tag, enccrd->crd_len, authcrd->crd_len, ivlen, @@ -605,7 +575,6 @@ * OpenBSD doesn't copy this back. This primes the IV for the next * chain. Why do we not do it for decrypt? */ - /*printf("t: %d, %d, %d, %d\n", enccrd->crd_skip, enccrd->crd_len, enccrd->crd_skip + enccrd->crd_len - AES_BLOCK_LEN, AES_BLOCK_LEN);*/ if (encflag && enccrd->crd_alg == CRYPTO_AES_CBC) bcopy(buf + enccrd->crd_len - AES_BLOCK_LEN, ses->iv, AES_BLOCK_LEN); From owner-p4-projects@FreeBSD.ORG Fri Nov 7 21:37:26 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 63A2D317; Fri, 7 Nov 2014 21:37:26 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 263ED315 for ; Fri, 7 Nov 2014 21:37:26 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 12C1CF5D for ; Fri, 7 Nov 2014 21:37:26 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA7LbPtS038897 for ; Fri, 7 Nov 2014 21:37:25 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA7LbPkC038894 for perforce@freebsd.org; Fri, 7 Nov 2014 21:37:25 GMT (envelope-from jmg@freebsd.org) Date: Fri, 7 Nov 2014 21:37:25 GMT Message-Id: <201411072137.sA7LbPkC038894@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202626 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 07 Nov 2014 21:37:26 -0000 http://p4web.freebsd.org/@@1202626?ac=10 Change 1202626 by jmg@jmg_carbon2 on 2014/11/07 21:37:05 remove some more debugging.. Affected files ... .. //depot/projects/opencrypto/sys/opencrypto/crypto.c#4 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/crypto.c#4 (text+ko) ==== @@ -316,12 +316,8 @@ /* See if all the algorithms are supported. */ for (cr = cri; cr; cr = cr->cri_next) - if (cap->cc_alg[cr->cri_alg] == 0) { -#ifdef DEBUG - printf("cr->cri_alg: %d\n", cr->cri_alg); -#endif + if (cap->cc_alg[cr->cri_alg] == 0) return 0; - } return 1; } From owner-p4-projects@FreeBSD.ORG Sat Nov 8 03:53:15 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id ED8BF817; Sat, 8 Nov 2014 03:53:14 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id AE2EE815 for ; Sat, 8 Nov 2014 03:53:14 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 814B8835 for ; Sat, 8 Nov 2014 03:53:14 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA83rE5n036413 for ; Sat, 8 Nov 2014 03:53:14 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA83rEKd036410 for perforce@freebsd.org; Sat, 8 Nov 2014 03:53:14 GMT (envelope-from jmg@freebsd.org) Date: Sat, 8 Nov 2014 03:53:14 GMT Message-Id: <201411080353.sA83rEKd036410@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202637 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Nov 2014 03:53:15 -0000 http://p4web.freebsd.org/@@1202637?ac=10 Change 1202637 by jmg@jmg_carbon2 on 2014/11/08 03:53:09 turn off debugging.. Affected files ... .. //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#11 edit Differences ... ==== //depot/projects/opencrypto/sys/opencrypto/cryptodev.h#11 (text+ko) ==== @@ -303,7 +303,7 @@ #ifdef _KERNEL -#if 1 +#if 0 #define CRYPTDEB(s) do { printf("%s:%d: %s\n", __FILE__, __LINE__, s); \ } while (0) #else From owner-p4-projects@FreeBSD.ORG Sat Nov 8 19:49:33 2014 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 30A6340C; Sat, 8 Nov 2014 19:49:33 +0000 (UTC) Delivered-To: perforce@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id E55C240A for ; Sat, 8 Nov 2014 19:49:32 +0000 (UTC) Received: from skunkworks.freebsd.org (skunkworks.freebsd.org [IPv6:2001:1900:2254:2068::682:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id D1C6038F for ; Sat, 8 Nov 2014 19:49:32 +0000 (UTC) Received: from skunkworks.freebsd.org ([127.0.1.74]) by skunkworks.freebsd.org (8.14.9/8.14.9) with ESMTP id sA8JnWwi079370 for ; Sat, 8 Nov 2014 19:49:32 GMT (envelope-from jmg@freebsd.org) Received: (from perforce@localhost) by skunkworks.freebsd.org (8.14.9/8.14.9/Submit) id sA8JnWLK079367 for perforce@freebsd.org; Sat, 8 Nov 2014 19:49:32 GMT (envelope-from jmg@freebsd.org) Date: Sat, 8 Nov 2014 19:49:32 GMT Message-Id: <201411081949.sA8JnWLK079367@skunkworks.freebsd.org> X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to jmg@freebsd.org using -f From: John-Mark Gurney Subject: PERFORCE change 1202650 for review To: Perforce Change Reviews Precedence: bulk X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.18-1 List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 08 Nov 2014 19:49:33 -0000 http://p4web.freebsd.org/@@1202650?ac=10 Change 1202650 by jmg@jmg_carbon2 on 2014/11/08 19:49:03 make sure I remeber to bump version w/ this change... Sponsored by: FreeBSD Foundation Sponsored by: Netgate Affected files ... .. //depot/projects/opencrypto/sys/sys/param.h#6 edit Differences ... ==== //depot/projects/opencrypto/sys/sys/param.h#6 (text+ko) ==== @@ -58,7 +58,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1100040 /* Master, propagated to newvers */ +#define __FreeBSD_version 1100041 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD,