aboutsummaryrefslogtreecommitdiff
path: root/tests
diff options
context:
space:
mode:
Diffstat (limited to 'tests')
-rw-r--r--tests/test-aes-key-wrap.c16
-rw-r--r--tests/test-ecdsa.c56
-rw-r--r--tests/test-hash.c34
-rw-r--r--tests/test-pbkdf2.c25
-rw-r--r--tests/test-rsa.c53
5 files changed, 83 insertions, 101 deletions
diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c
index f8467ec..3e9b10d 100644
--- a/tests/test-aes-key-wrap.c
+++ b/tests/test-aes-key-wrap.c
@@ -108,7 +108,8 @@ static const char *format_hex(const uint8_t *bin, const size_t len, char *hex, c
return hex;
}
-static int run_test(const uint8_t * const K, const size_t K_len,
+static int run_test(const hal_core_t *core,
+ const uint8_t * const K, const size_t K_len,
const uint8_t * const C, const size_t C_len)
{
const size_t Q_len = sizeof(Q);
@@ -123,7 +124,7 @@ static int run_test(const uint8_t * const K, const size_t K_len,
*/
printf("Wrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8);
- if ((err = hal_aes_keywrap(K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) {
+ if ((err = hal_aes_keywrap(core, K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) {
printf("Couldn't wrap with %lu-bit KEK: %s\n",
(unsigned long) K_len * 8, hal_error_string(err));
ok1 = 0;
@@ -143,7 +144,7 @@ static int run_test(const uint8_t * const K, const size_t K_len,
*/
printf("Unwrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8);
- if ((err = hal_aes_keyunwrap(K, K_len, C, C_len, q, &q_len)) != HAL_OK) {
+ if ((err = hal_aes_keyunwrap(core, K, K_len, C, C_len, q, &q_len)) != HAL_OK) {
printf("Couldn't unwrap with %lu-bit KEK: %s\n",
(unsigned long) K_len * 8, hal_error_string(err));
ok2 = 0;
@@ -166,15 +167,18 @@ int main (int argc, char *argv[])
int failures = 0;
printf("Testing whether AES core reports present...");
- if (hal_io_expected(AES_ADDR_NAME0, (const uint8_t *) (AES_CORE_NAME0 AES_CORE_NAME1), 8) != HAL_OK) {
+
+ const hal_core_t *core = hal_core_find(AES_CORE_NAME, NULL);
+
+ if (core == NULL) {
printf("no, skipping keywrap tests\n");
}
else {
printf("yes\n");
- if (!run_test(K_128, sizeof(K_128), C_128, sizeof(C_128)))
+ if (!run_test(core, K_128, sizeof(K_128), C_128, sizeof(C_128)))
failures++;
- if (!run_test(K_256, sizeof(K_256), C_256, sizeof(C_256)))
+ if (!run_test(core, K_256, sizeof(K_256), C_256, sizeof(C_256)))
failures++;
}
diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c
index 558120b..e940498 100644
--- a/tests/test-ecdsa.c
+++ b/tests/test-ecdsa.c
@@ -113,7 +113,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
uint8_t keybuf1[hal_ecdsa_key_t_size];
hal_ecdsa_key_t *key1 = NULL;
- if ((err = hal_ecdsa_key_gen(&key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK)
+ if ((err = hal_ecdsa_key_gen(NULL, &key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK)
return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0;
uint8_t Qx[tc->Qx_len], Qy[tc->Qy_len];
@@ -151,13 +151,13 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
uint8_t sig[tc->sig_len + 4];
size_t sig_len;
- if ((err = hal_ecdsa_sign(key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+ if ((err = hal_ecdsa_sign(NULL, key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0;
if (sig_len != tc->sig_len || memcmp(sig, tc->sig, tc->sig_len) != 0)
return printf("Signature mismatch\n"), 0;
- if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+ if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
return printf("hal_ecdsa_verify(private) failed: %s\n", hal_error_string(err)), 0;
hal_ecdsa_key_clear(key2);
@@ -177,7 +177,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc)
tc->Qx, tc->Qx_len, tc->Qy, tc->Qy_len)) != HAL_OK)
return printf("hal_ecdsa_load_public() failed: %s\n", hal_error_string(err)), 0;
- if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
+ if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
return printf("hal_ecdsa_verify(public) failed: %s\n", hal_error_string(err)), 0;
uint8_t point[hal_ecdsa_key_to_ecpoint_len(key1)];
@@ -236,7 +236,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
printf("Generating key\n");
- if ((err = hal_ecdsa_key_gen(&key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
+ if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK)
return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0;
printf("Generating digest\n");
@@ -248,7 +248,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
uint8_t statebuf[hash_descriptor->hash_state_length];
hal_hash_state_t *state = NULL;
- if ((err = hal_hash_initialize(hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK ||
+ if ((err = hal_hash_initialize(NULL, hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK ||
(err = hal_hash_update(state, plaintext, strlen((const char *) plaintext))) != HAL_OK ||
(err = hal_hash_finalize(state, hashbuf, sizeof(hashbuf))) != HAL_OK)
return printf("Couldn't hash plaintext: %s\n", hal_error_string(err)), 0;
@@ -263,13 +263,13 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve)
printf("Signing\n");
- if ((err = hal_ecdsa_sign(key, hashbuf, sizeof(hashbuf),
+ if ((err = hal_ecdsa_sign(NULL, key, hashbuf, sizeof(hashbuf),
sigbuf, &siglen, sizeof(sigbuf), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0;
printf("Verifying\n");
- if ((err = hal_ecdsa_verify(key, hashbuf, sizeof(hashbuf),
+ if ((err = hal_ecdsa_verify(NULL, key, hashbuf, sizeof(hashbuf),
sigbuf, siglen, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK)
return printf("hal_ecdsa_verify() failed: %s\n", hal_error_string(err)), 0;
@@ -306,22 +306,24 @@ static void _time_check(const struct timeval t0, const int ok)
} while (0)
-int main(int argc, char *argv[])
+static void show_core(const hal_core_t *core, const char *whinge)
{
- uint8_t name[8], version[4];
- hal_error_t err;
-
- /*
- * Initialize EIM and report what core we're running.
- */
+ const hal_core_info_t *core_info = hal_core_info(core);
+ if (core_info != NULL)
+ printf("\"%8.8s\" \"%4.4s\"\n", core_info->name, core_info->version);
+ else if (whinge != NULL)
+ printf("%s core not present\n", whinge);
+}
- if ((err = hal_io_read(CSPRNG_ADDR_NAME0, name, sizeof(name))) != HAL_OK ||
- (err = hal_io_read(CSPRNG_ADDR_VERSION, version, sizeof(version))) != HAL_OK) {
- printf("Initialization failed: %s\n", hal_error_string(err));
- return 1;
- }
+int main(int argc, char *argv[])
+{
+ const hal_core_t *sha256_core = hal_core_find(SHA256_NAME, NULL);
+ const hal_core_t *sha512_core = hal_core_find(SHA512_NAME, NULL);
+ const hal_core_t *csprng_core = hal_core_find(CSPRNG_NAME, NULL);
- printf("\"%8.8s\" \"%4.4s\"\n\n", name, version);
+ show_core(sha256_core, "sha-256");
+ show_core(sha512_core, "sha-512");
+ show_core(csprng_core, "csprng");
int ok = 1;
@@ -334,9 +336,15 @@ int main(int argc, char *argv[])
/*
* Generate/sign/verify test for each curve.
*/
- time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256));
- time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384));
- time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521));
+
+ if (csprng_core != NULL && sha256_core != NULL) {
+ time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256));
+ }
+
+ if (csprng_core != NULL && sha512_core != NULL) {
+ time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384));
+ time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521));
+ }
return !ok;
}
diff --git a/tests/test-hash.c b/tests/test-hash.c
index 144b1b9..b6001e0 100644
--- a/tests/test-hash.c
+++ b/tests/test-hash.c
@@ -542,23 +542,14 @@ static int _test_hash(const hal_hash_descriptor_t * const descriptor,
printf("Starting %s test\n", label);
- err = hal_hash_core_present(descriptor);
+ const hal_core_t *core = hal_core_find(descriptor->core_name, NULL);
- switch (err) {
-
- case HAL_OK:
- break;
-
- case HAL_ERROR_IO_UNEXPECTED:
- printf("Core not present, skipping test\n");
+ if (core == NULL) {
+ printf("Core not found, skipping test\n");
return 1;
-
- default:
- printf("Failed while checking for core: %s\n", hal_error_string(err));
- return 0;
}
- if ((err = hal_hash_initialize(descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) {
+ if ((err = hal_hash_initialize(core, descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) {
printf("Failed while initializing hash: %s\n", hal_error_string(err));
return 0;
}
@@ -606,23 +597,14 @@ static int _test_hmac(const hal_hash_descriptor_t * const descriptor,
printf("Starting %s test\n", label);
- err = hal_hash_core_present(descriptor);
+ const hal_core_t *core = hal_core_find(descriptor->core_name, NULL);
- switch (err) {
-
- case HAL_OK:
- break;
-
- case HAL_ERROR_IO_UNEXPECTED:
- printf("Core not present, skipping test\n");
+ if (core == NULL) {
+ printf("Core not found, skipping test\n");
return 1;
-
- default:
- printf("Failed while checking for core: %s\n", hal_error_string(err));
- return 0;
}
- if ((err = hal_hmac_initialize(descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) {
+ if ((err = hal_hmac_initialize(core, descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) {
printf("Failed while initializing HMAC: %s\n", hal_error_string(err));
return 0;
}
diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c
index 0688226..744ca47 100644
--- a/tests/test-pbkdf2.c
+++ b/tests/test-pbkdf2.c
@@ -158,7 +158,8 @@ static void print_hex(const uint8_t * const val, const size_t len)
printf(" %02x", val[i]);
}
-static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len,
+static int _test_pbkdf2(const hal_core_t *core,
+ const uint8_t * const pwd, const size_t pwd_len,
const uint8_t * const salt, const size_t salt_len,
const uint8_t * const dk, const size_t dk_len,
const unsigned count, const char * const label)
@@ -167,7 +168,7 @@ static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len,
uint8_t result[dk_len];
- hal_error_t err = hal_pbkdf2(hal_hash_sha1, pwd, pwd_len, salt, salt_len,
+ hal_error_t err = hal_pbkdf2(core, hal_hash_sha1, pwd, pwd_len, salt, salt_len,
result, dk_len, count);
if (err != HAL_OK) {
@@ -193,35 +194,27 @@ static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len,
}
#define test_pbkdf2(_n_) \
- _test_pbkdf2(pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password), \
+ _test_pbkdf2(core, \
+ pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password), \
pbkdf2_tc_##_n_##_salt, sizeof(pbkdf2_tc_##_n_##_salt), \
pbkdf2_tc_##_n_##_DK, sizeof(pbkdf2_tc_##_n_##_DK), \
pbkdf2_tc_##_n_##_count, #_n_)
int main (int argc, char *argv[])
{
- hal_error_t err = hal_hash_core_present(hal_hash_sha1);
+ const hal_core_t *core = hal_core_find(SHA1_NAME, NULL);
int ok = 1;
- switch (err) {
+ if (core == NULL)
+ printf("SHA-1 core not present, not testing PBKDF2\n");
- case HAL_OK:
+ else {
ok &= test_pbkdf2(1);
ok &= test_pbkdf2(2);
ok &= test_pbkdf2(3);
ok &= test_pbkdf2(4);
ok &= test_pbkdf2(5);
ok &= test_pbkdf2(6);
- break;
-
- case HAL_ERROR_IO_UNEXPECTED:
- printf("SHA-1 core not present, not testing PBKDF2\n");
- break;
-
- default:
- printf("Unexpected error while probing for hash core: %s\n", hal_error_string(err));
- ok = 0;
- break;
}
return !ok;
diff --git a/tests/test-rsa.c b/tests/test-rsa.c
index 46afa03..c6bf97a 100644
--- a/tests/test-rsa.c
+++ b/tests/test-rsa.c
@@ -55,7 +55,8 @@
* Run one modexp test.
*/
-static int test_modexp(const char * const kind,
+static int test_modexp(const hal_core_t *core,
+ const char * const kind,
const rsa_tc_t * const tc,
const rsa_tc_bn_t * const msg, /* Input message */
const rsa_tc_bn_t * const exp, /* Exponent */
@@ -65,7 +66,7 @@ static int test_modexp(const char * const kind,
printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
- if (hal_modexp(msg->val, msg->len, exp->val, exp->len,
+ if (hal_modexp(core, msg->val, msg->len, exp->val, exp->len,
tc->n.val, tc->n.len, result, sizeof(result)) != HAL_OK) {
printf("ModExp failed\n");
return 0;
@@ -83,7 +84,9 @@ static int test_modexp(const char * const kind,
* Run one RSA CRT test.
*/
-static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
+static int test_decrypt(const hal_core_t *core,
+ const char * const kind,
+ const rsa_tc_t * const tc)
{
printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
@@ -107,7 +110,7 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
uint8_t result[tc->n.len];
- if ((err = hal_rsa_decrypt(key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
+ if ((err = hal_rsa_decrypt(core, key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
printf("RSA CRT failed: %s\n", hal_error_string(err));
const int mismatch = (err == HAL_OK && memcmp(result, tc->s.val, tc->s.len) != 0);
@@ -124,7 +127,9 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc)
* Run one RSA key generation + CRT test.
*/
-static int test_gen(const char * const kind, const rsa_tc_t * const tc)
+static int test_gen(const hal_core_t *core,
+ const char * const kind,
+ const rsa_tc_t * const tc)
{
printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size);
@@ -136,7 +141,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
const uint8_t f4[] = { 0x01, 0x00, 0x01 };
- if ((err = hal_rsa_key_gen(&key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) {
+ if ((err = hal_rsa_key_gen(core, &key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) {
printf("RSA key generation failed: %s\n", hal_error_string(err));
return 0;
}
@@ -185,7 +190,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
uint8_t result[tc->n.len];
- if ((err = hal_rsa_decrypt(key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
+ if ((err = hal_rsa_decrypt(core, key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK)
printf("RSA CRT failed: %s\n", hal_error_string(err));
snprintf(fn, sizeof(fn), "test-rsa-sig-%04lu.der", (unsigned long) tc->size);
@@ -209,7 +214,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc)
if (err != HAL_OK) /* Deferred failure from hal_rsa_decrypt(), above */
return 0;
- if ((err = hal_rsa_encrypt(key1, result, sizeof(result), result, sizeof(result))) != HAL_OK)
+ if ((err = hal_rsa_encrypt(core, key1, result, sizeof(result), result, sizeof(result))) != HAL_OK)
printf("RSA signature check failed: %s\n", hal_error_string(err));
const int mismatch = (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0);
@@ -258,42 +263,32 @@ static void _time_check(const struct timeval t0, const int ok)
* and try generating a signature with that.
*/
-static int test_rsa(const rsa_tc_t * const tc)
+static int test_rsa(const hal_core_t *core, const rsa_tc_t * const tc)
{
int ok = 1;
/* RSA encryption */
- time_check(test_modexp("Verification", tc, &tc->s, &tc->e, &tc->m));
+ time_check(test_modexp(core, "Verification", tc, &tc->s, &tc->e, &tc->m));
/* Brute force RSA decryption */
- time_check(test_modexp("Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s));
+ time_check(test_modexp(core, "Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s));
/* RSA decyrption using CRT */
- time_check(test_decrypt("Signature (CRT)", tc));
+ time_check(test_decrypt(core, "Signature (CRT)", tc));
/* Key generation and CRT -- not test vector, so writes key and sig to file */
- time_check(test_gen("Generation and CRT", tc));
+ time_check(test_gen(core, "Generation and CRT", tc));
return ok;
}
int main(int argc, char *argv[])
{
- uint8_t name[8], version[4];
- hal_error_t err;
- int i;
+ const hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL);
+ const hal_core_info_t *core_info = hal_core_info(core);
- /*
- * Initialize EIM and report what core we're running.
- */
-
- if ((err = hal_io_read(MODEXPS6_ADDR_NAME0, name, sizeof(name))) != HAL_OK ||
- (err = hal_io_read(MODEXPS6_ADDR_VERSION, version, sizeof(version))) != HAL_OK) {
- printf("Initialization failed: %s\n", hal_error_string(err));
- return 1;
- }
-
- printf("\"%8.8s\" \"%4.4s\"\n\n", name, version);
+ if (core_info != NULL)
+ printf("\"%8.8s\" \"%4.4s\"\n\n", core_info->name, core_info->version);
/*
* Run the test cases.
@@ -303,8 +298,8 @@ int main(int argc, char *argv[])
/* Normal test */
- for (i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++)
- if (!test_rsa(&rsa_tc[i]))
+ for (int i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++)
+ if (!test_rsa(core, &rsa_tc[i]))
return 1;
return 0;