tests/hmac_comp.c

   1 /*
   2  * Compare HMAC results with ones from openssl.
   3  *
   4  * Placed under public domain.
   5  *
   6  */
   7 #include <stdio.h>
   8 #include <stdlib.h>
   9 #include <string.h>
  10 #include <unistd.h>
  11 #include <fcntl.h>
  12 #include <stdint.h>
  13
  14 #include <sys/ioctl.h>
  15 #include <crypto/cryptodev.h>
  16
  17 #include "openssl_wrapper.h"
  18
  19 #define BLOCK_SIZE      16
  20 #define KEY_SIZE        16
  21 #define MACKEY_SIZE     20
  22 #define MAX_DATALEN     (64 * 1024)
  23
  24 static void printhex(unsigned char *buf, int buflen)
  25 {
  26         while (buflen-- > 0) {
  27                 printf("\\x%.2x", *(buf++));
  28         }
  29         printf("\n");
  30 }
  31
  32 static int
  33 test_crypto(int cfd, struct session_op *sess, int datalen)
  34 {
  35         unsigned char *data, *encrypted;
  36         unsigned char *encrypted_comp;
  37
  38         unsigned char iv[BLOCK_SIZE];
  39         unsigned char mac[AALG_MAX_RESULT_LEN];
  40
  41         unsigned char mac_comp[AALG_MAX_RESULT_LEN];
  42
  43         struct crypt_op cryp;
  44
  45         int ret = 0;
  46
  47         data = malloc(datalen);
  48         encrypted = malloc(datalen);
  49         encrypted_comp = malloc(datalen);
  50         memset(data, datalen & 0xff, datalen);
  51         memset(encrypted, 0x27, datalen);
  52         memset(encrypted_comp, 0x27, datalen);
  53
  54         memset(iv, 0x23, sizeof(iv));
  55         memset(mac, 0, sizeof(mac));
  56         memset(mac_comp, 0, sizeof(mac_comp));
  57
  58         memset(&cryp, 0, sizeof(cryp));
  59
  60         /* Encrypt data.in to data.encrypted */
  61         cryp.ses = sess->ses;
  62         cryp.len = datalen;
  63         cryp.src = data;
  64         cryp.dst = encrypted;
  65         cryp.iv = iv;
  66         cryp.mac = mac;
  67         cryp.op = COP_ENCRYPT;
  68         if ((ret = ioctl(cfd, CIOCCRYPT, &cryp))) {
  69                 perror("ioctl(CIOCCRYPT)");
  70                 goto out;
  71         }
  72
  73         cryp.dst = encrypted_comp;
  74         cryp.mac = mac_comp;
  75
  76         if ((ret = openssl_cioccrypt(sess, &cryp))) {
  77                 fprintf(stderr, "openssl_cioccrypt() failed!\n");
  78                 goto out;
  79         }
  80
  81         if ((ret = memcmp(encrypted, encrypted_comp, cryp.len))) {
  82                 printf("fail for datalen %d, cipher texts do not match!\n", datalen);
  83         }
  84         if ((ret = memcmp(mac, mac_comp, AALG_MAX_RESULT_LEN))) {
  85                 printf("fail for datalen 0x%x, MACs do not match!\n", datalen);
  86                 printf("wrong mac: ");
  87                 printhex(mac, 20);
  88                 printf("right mac: ");
  89                 printhex(mac_comp, 20);
  90
  91         }
  92
  93 out:
  94         free(data);
  95         free(encrypted);
  96         free(encrypted_comp);
  97         return ret;
  98 }
  99
 100 #define max(a, b) ((a) > (b) ? (a) : (b))
 101 #define min(a, b) ((a) < (b) ? (a) : (b))
 102
 103 int
 104 main(int argc, char **argv)
 105 {
 106         int fd;
 107         struct session_op sess;
 108         unsigned char key[KEY_SIZE], mackey[MACKEY_SIZE];
 109         int datalen = BLOCK_SIZE;
 110         int datalen_end = MAX_DATALEN;
 111         int i;
 112
 113         if (argc > 1) {
 114                 datalen = min(max(atoi(argv[1]), BLOCK_SIZE), MAX_DATALEN);
 115                 datalen_end = datalen;
 116         }
 117         if (argc > 2) {
 118                 datalen_end = min(atoi(argv[2]), MAX_DATALEN);
 119                 if (datalen_end < datalen)
 120                         datalen_end = datalen;
 121         }
 122
 123         /* Open the crypto device */
 124         fd = open("/dev/crypto", O_RDWR, 0);
 125         if (fd < 0) {
 126                 perror("open(/dev/crypto)");
 127                 return 1;
 128         }
 129
 130         for (i = 0; i < KEY_SIZE; i++)
 131                 key[i] = i & 0xff;
 132         for (i = 0; i < MACKEY_SIZE; i++)
 133                 mackey[i] = i & 0xff;
 134
 135         memset(&sess, 0, sizeof(sess));
 136
 137         /* Hash and encryption in one step test */
 138         sess.cipher = CRYPTO_AES_CBC;
 139         sess.mac = CRYPTO_SHA1_HMAC;
 140         sess.keylen = KEY_SIZE;
 141         sess.key = key;
 142         sess.mackeylen = MACKEY_SIZE;
 143         sess.mackey = mackey;
 144         if (ioctl(fd, CIOCGSESSION, &sess)) {
 145                 perror("ioctl(CIOCGSESSION)");
 146                 return 1;
 147         }
 148
 149 #ifdef CIOCGSESSINFO
 150         {
 151                 struct session_info_op siop = {
 152                         .ses = sess.ses,
 153                 };
 154
 155                 if (ioctl(fd, CIOCGSESSINFO, &siop)) {
 156                         perror("ioctl(CIOCGSESSINFO)");
 157                 } else {
 158                         printf("requested cipher CRYPTO_AES_CBC and mac CRYPTO_SHA1_HMAC,"
 159                                " got cipher %s with driver %s and hash %s with driver %s\n",
 160                                         siop.cipher_info.cra_name, siop.cipher_info.cra_driver_name,
 161                                         siop.hash_info.cra_name, siop.hash_info.cra_driver_name);
 162                 }
 163         }
 164 #endif
 165
 166         for (; datalen <= datalen_end; datalen += BLOCK_SIZE) {
 167                 if (test_crypto(fd, &sess, datalen)) {
 168                         printf("test_crypto() failed for datalen of %d\n", datalen);
 169                         return 1;
 170                 }
 171         }
 172
 173         /* Finish crypto session */
 174         if (ioctl(fd, CIOCFSESSION, &sess.ses)) {
 175                 perror("ioctl(CIOCFSESSION)");
 176         }
 177
 178         close(fd);
 179         return 0;
 180 }