From b3bbd3dbccef8c499e980490203cd5085dd13a98 Mon Sep 17 00:00:00 2001 From: Rob Austein Date: Sun, 4 Oct 2015 22:31:47 -0400 Subject: Whack libhal API to use current configure_core_selector mechanism. Compiles, not yet tested. --- tests/test-aes-key-wrap.c | 16 +++++++++----- tests/test-ecdsa.c | 56 +++++++++++++++++++++++++++-------------------- tests/test-hash.c | 34 +++++++--------------------- tests/test-pbkdf2.c | 25 ++++++++------------- tests/test-rsa.c | 53 ++++++++++++++++++++------------------------ 5 files changed, 83 insertions(+), 101 deletions(-) (limited to 'tests') diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c index f8467ec..3e9b10d 100644 --- a/tests/test-aes-key-wrap.c +++ b/tests/test-aes-key-wrap.c @@ -108,7 +108,8 @@ static const char *format_hex(const uint8_t *bin, const size_t len, char *hex, c return hex; } -static int run_test(const uint8_t * const K, const size_t K_len, +static int run_test(const hal_core_t *core, + const uint8_t * const K, const size_t K_len, const uint8_t * const C, const size_t C_len) { const size_t Q_len = sizeof(Q); @@ -123,7 +124,7 @@ static int run_test(const uint8_t * const K, const size_t K_len, */ printf("Wrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8); - if ((err = hal_aes_keywrap(K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) { + if ((err = hal_aes_keywrap(core, K, K_len, Q, Q_len, c, &c_len)) != HAL_OK) { printf("Couldn't wrap with %lu-bit KEK: %s\n", (unsigned long) K_len * 8, hal_error_string(err)); ok1 = 0; @@ -143,7 +144,7 @@ static int run_test(const uint8_t * const K, const size_t K_len, */ printf("Unwrapping with %lu-bit KEK...\n", (unsigned long) K_len * 8); - if ((err = hal_aes_keyunwrap(K, K_len, C, C_len, q, &q_len)) != HAL_OK) { + if ((err = hal_aes_keyunwrap(core, K, K_len, C, C_len, q, &q_len)) != HAL_OK) { printf("Couldn't unwrap with %lu-bit KEK: %s\n", (unsigned long) K_len * 8, hal_error_string(err)); ok2 = 0; @@ -166,15 +167,18 @@ int main (int argc, char *argv[]) int failures = 0; printf("Testing whether AES core reports present..."); - if (hal_io_expected(AES_ADDR_NAME0, (const uint8_t *) (AES_CORE_NAME0 AES_CORE_NAME1), 8) != HAL_OK) { + + const hal_core_t *core = hal_core_find(AES_CORE_NAME, NULL); + + if (core == NULL) { printf("no, skipping keywrap tests\n"); } else { printf("yes\n"); - if (!run_test(K_128, sizeof(K_128), C_128, sizeof(C_128))) + if (!run_test(core, K_128, sizeof(K_128), C_128, sizeof(C_128))) failures++; - if (!run_test(K_256, sizeof(K_256), C_256, sizeof(C_256))) + if (!run_test(core, K_256, sizeof(K_256), C_256, sizeof(C_256))) failures++; } diff --git a/tests/test-ecdsa.c b/tests/test-ecdsa.c index 558120b..e940498 100644 --- a/tests/test-ecdsa.c +++ b/tests/test-ecdsa.c @@ -113,7 +113,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc) uint8_t keybuf1[hal_ecdsa_key_t_size]; hal_ecdsa_key_t *key1 = NULL; - if ((err = hal_ecdsa_key_gen(&key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK) + if ((err = hal_ecdsa_key_gen(NULL, &key1, keybuf1, sizeof(keybuf1), tc->curve)) != HAL_OK) return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0; uint8_t Qx[tc->Qx_len], Qy[tc->Qy_len]; @@ -151,13 +151,13 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc) uint8_t sig[tc->sig_len + 4]; size_t sig_len; - if ((err = hal_ecdsa_sign(key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) + if ((err = hal_ecdsa_sign(NULL, key1, tc->H, tc->H_len, sig, &sig_len, sizeof(sig), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0; if (sig_len != tc->sig_len || memcmp(sig, tc->sig, tc->sig_len) != 0) return printf("Signature mismatch\n"), 0; - if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) + if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) return printf("hal_ecdsa_verify(private) failed: %s\n", hal_error_string(err)), 0; hal_ecdsa_key_clear(key2); @@ -177,7 +177,7 @@ static int test_against_static_vectors(const ecdsa_tc_t * const tc) tc->Qx, tc->Qx_len, tc->Qy, tc->Qy_len)) != HAL_OK) return printf("hal_ecdsa_load_public() failed: %s\n", hal_error_string(err)), 0; - if ((err = hal_ecdsa_verify(key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) + if ((err = hal_ecdsa_verify(NULL, key2, tc->H, tc->H_len, sig, sig_len, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) return printf("hal_ecdsa_verify(public) failed: %s\n", hal_error_string(err)), 0; uint8_t point[hal_ecdsa_key_to_ecpoint_len(key1)]; @@ -236,7 +236,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve) printf("Generating key\n"); - if ((err = hal_ecdsa_key_gen(&key, keybuf, sizeof(keybuf), curve)) != HAL_OK) + if ((err = hal_ecdsa_key_gen(NULL, &key, keybuf, sizeof(keybuf), curve)) != HAL_OK) return printf("hal_ecdsa_key_gen() failed: %s\n", hal_error_string(err)), 0; printf("Generating digest\n"); @@ -248,7 +248,7 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve) uint8_t statebuf[hash_descriptor->hash_state_length]; hal_hash_state_t *state = NULL; - if ((err = hal_hash_initialize(hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK || + if ((err = hal_hash_initialize(NULL, hash_descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK || (err = hal_hash_update(state, plaintext, strlen((const char *) plaintext))) != HAL_OK || (err = hal_hash_finalize(state, hashbuf, sizeof(hashbuf))) != HAL_OK) return printf("Couldn't hash plaintext: %s\n", hal_error_string(err)), 0; @@ -263,13 +263,13 @@ static int test_keygen_sign_verify(const hal_ecdsa_curve_t curve) printf("Signing\n"); - if ((err = hal_ecdsa_sign(key, hashbuf, sizeof(hashbuf), + if ((err = hal_ecdsa_sign(NULL, key, hashbuf, sizeof(hashbuf), sigbuf, &siglen, sizeof(sigbuf), HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) return printf("hal_ecdsa_sign() failed: %s\n", hal_error_string(err)), 0; printf("Verifying\n"); - if ((err = hal_ecdsa_verify(key, hashbuf, sizeof(hashbuf), + if ((err = hal_ecdsa_verify(NULL, key, hashbuf, sizeof(hashbuf), sigbuf, siglen, HAL_ECDSA_SIGNATURE_FORMAT_ASN1)) != HAL_OK) return printf("hal_ecdsa_verify() failed: %s\n", hal_error_string(err)), 0; @@ -306,22 +306,24 @@ static void _time_check(const struct timeval t0, const int ok) } while (0) -int main(int argc, char *argv[]) +static void show_core(const hal_core_t *core, const char *whinge) { - uint8_t name[8], version[4]; - hal_error_t err; - - /* - * Initialize EIM and report what core we're running. - */ + const hal_core_info_t *core_info = hal_core_info(core); + if (core_info != NULL) + printf("\"%8.8s\" \"%4.4s\"\n", core_info->name, core_info->version); + else if (whinge != NULL) + printf("%s core not present\n", whinge); +} - if ((err = hal_io_read(CSPRNG_ADDR_NAME0, name, sizeof(name))) != HAL_OK || - (err = hal_io_read(CSPRNG_ADDR_VERSION, version, sizeof(version))) != HAL_OK) { - printf("Initialization failed: %s\n", hal_error_string(err)); - return 1; - } +int main(int argc, char *argv[]) +{ + const hal_core_t *sha256_core = hal_core_find(SHA256_NAME, NULL); + const hal_core_t *sha512_core = hal_core_find(SHA512_NAME, NULL); + const hal_core_t *csprng_core = hal_core_find(CSPRNG_NAME, NULL); - printf("\"%8.8s\" \"%4.4s\"\n\n", name, version); + show_core(sha256_core, "sha-256"); + show_core(sha512_core, "sha-512"); + show_core(csprng_core, "csprng"); int ok = 1; @@ -334,9 +336,15 @@ int main(int argc, char *argv[]) /* * Generate/sign/verify test for each curve. */ - time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256)); - time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384)); - time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521)); + + if (csprng_core != NULL && sha256_core != NULL) { + time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P256)); + } + + if (csprng_core != NULL && sha512_core != NULL) { + time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P384)); + time_check(test_keygen_sign_verify(HAL_ECDSA_CURVE_P521)); + } return !ok; } diff --git a/tests/test-hash.c b/tests/test-hash.c index 144b1b9..b6001e0 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -542,23 +542,14 @@ static int _test_hash(const hal_hash_descriptor_t * const descriptor, printf("Starting %s test\n", label); - err = hal_hash_core_present(descriptor); + const hal_core_t *core = hal_core_find(descriptor->core_name, NULL); - switch (err) { - - case HAL_OK: - break; - - case HAL_ERROR_IO_UNEXPECTED: - printf("Core not present, skipping test\n"); + if (core == NULL) { + printf("Core not found, skipping test\n"); return 1; - - default: - printf("Failed while checking for core: %s\n", hal_error_string(err)); - return 0; } - if ((err = hal_hash_initialize(descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) { + if ((err = hal_hash_initialize(core, descriptor, &state, statebuf, sizeof(statebuf))) != HAL_OK) { printf("Failed while initializing hash: %s\n", hal_error_string(err)); return 0; } @@ -606,23 +597,14 @@ static int _test_hmac(const hal_hash_descriptor_t * const descriptor, printf("Starting %s test\n", label); - err = hal_hash_core_present(descriptor); + const hal_core_t *core = hal_core_find(descriptor->core_name, NULL); - switch (err) { - - case HAL_OK: - break; - - case HAL_ERROR_IO_UNEXPECTED: - printf("Core not present, skipping test\n"); + if (core == NULL) { + printf("Core not found, skipping test\n"); return 1; - - default: - printf("Failed while checking for core: %s\n", hal_error_string(err)); - return 0; } - if ((err = hal_hmac_initialize(descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) { + if ((err = hal_hmac_initialize(core, descriptor, &state, statebuf, sizeof(statebuf), key, key_len)) != HAL_OK) { printf("Failed while initializing HMAC: %s\n", hal_error_string(err)); return 0; } diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c index 0688226..744ca47 100644 --- a/tests/test-pbkdf2.c +++ b/tests/test-pbkdf2.c @@ -158,7 +158,8 @@ static void print_hex(const uint8_t * const val, const size_t len) printf(" %02x", val[i]); } -static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len, +static int _test_pbkdf2(const hal_core_t *core, + const uint8_t * const pwd, const size_t pwd_len, const uint8_t * const salt, const size_t salt_len, const uint8_t * const dk, const size_t dk_len, const unsigned count, const char * const label) @@ -167,7 +168,7 @@ static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len, uint8_t result[dk_len]; - hal_error_t err = hal_pbkdf2(hal_hash_sha1, pwd, pwd_len, salt, salt_len, + hal_error_t err = hal_pbkdf2(core, hal_hash_sha1, pwd, pwd_len, salt, salt_len, result, dk_len, count); if (err != HAL_OK) { @@ -193,35 +194,27 @@ static int _test_pbkdf2(const uint8_t * const pwd, const size_t pwd_len, } #define test_pbkdf2(_n_) \ - _test_pbkdf2(pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password), \ + _test_pbkdf2(core, \ + pbkdf2_tc_##_n_##_password, sizeof(pbkdf2_tc_##_n_##_password), \ pbkdf2_tc_##_n_##_salt, sizeof(pbkdf2_tc_##_n_##_salt), \ pbkdf2_tc_##_n_##_DK, sizeof(pbkdf2_tc_##_n_##_DK), \ pbkdf2_tc_##_n_##_count, #_n_) int main (int argc, char *argv[]) { - hal_error_t err = hal_hash_core_present(hal_hash_sha1); + const hal_core_t *core = hal_core_find(SHA1_NAME, NULL); int ok = 1; - switch (err) { + if (core == NULL) + printf("SHA-1 core not present, not testing PBKDF2\n"); - case HAL_OK: + else { ok &= test_pbkdf2(1); ok &= test_pbkdf2(2); ok &= test_pbkdf2(3); ok &= test_pbkdf2(4); ok &= test_pbkdf2(5); ok &= test_pbkdf2(6); - break; - - case HAL_ERROR_IO_UNEXPECTED: - printf("SHA-1 core not present, not testing PBKDF2\n"); - break; - - default: - printf("Unexpected error while probing for hash core: %s\n", hal_error_string(err)); - ok = 0; - break; } return !ok; diff --git a/tests/test-rsa.c b/tests/test-rsa.c index 46afa03..c6bf97a 100644 --- a/tests/test-rsa.c +++ b/tests/test-rsa.c @@ -55,7 +55,8 @@ * Run one modexp test. */ -static int test_modexp(const char * const kind, +static int test_modexp(const hal_core_t *core, + const char * const kind, const rsa_tc_t * const tc, const rsa_tc_bn_t * const msg, /* Input message */ const rsa_tc_bn_t * const exp, /* Exponent */ @@ -65,7 +66,7 @@ static int test_modexp(const char * const kind, printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size); - if (hal_modexp(msg->val, msg->len, exp->val, exp->len, + if (hal_modexp(core, msg->val, msg->len, exp->val, exp->len, tc->n.val, tc->n.len, result, sizeof(result)) != HAL_OK) { printf("ModExp failed\n"); return 0; @@ -83,7 +84,9 @@ static int test_modexp(const char * const kind, * Run one RSA CRT test. */ -static int test_decrypt(const char * const kind, const rsa_tc_t * const tc) +static int test_decrypt(const hal_core_t *core, + const char * const kind, + const rsa_tc_t * const tc) { printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size); @@ -107,7 +110,7 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc) uint8_t result[tc->n.len]; - if ((err = hal_rsa_decrypt(key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK) + if ((err = hal_rsa_decrypt(core, key, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK) printf("RSA CRT failed: %s\n", hal_error_string(err)); const int mismatch = (err == HAL_OK && memcmp(result, tc->s.val, tc->s.len) != 0); @@ -124,7 +127,9 @@ static int test_decrypt(const char * const kind, const rsa_tc_t * const tc) * Run one RSA key generation + CRT test. */ -static int test_gen(const char * const kind, const rsa_tc_t * const tc) +static int test_gen(const hal_core_t *core, + const char * const kind, + const rsa_tc_t * const tc) { printf("%s test for %lu-bit RSA key\n", kind, (unsigned long) tc->size); @@ -136,7 +141,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc) const uint8_t f4[] = { 0x01, 0x00, 0x01 }; - if ((err = hal_rsa_key_gen(&key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) { + if ((err = hal_rsa_key_gen(core, &key1, keybuf1, sizeof(keybuf1), bitsToBytes(tc->size), f4, sizeof(f4))) != HAL_OK) { printf("RSA key generation failed: %s\n", hal_error_string(err)); return 0; } @@ -185,7 +190,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc) uint8_t result[tc->n.len]; - if ((err = hal_rsa_decrypt(key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK) + if ((err = hal_rsa_decrypt(core, key1, tc->m.val, tc->m.len, result, sizeof(result))) != HAL_OK) printf("RSA CRT failed: %s\n", hal_error_string(err)); snprintf(fn, sizeof(fn), "test-rsa-sig-%04lu.der", (unsigned long) tc->size); @@ -209,7 +214,7 @@ static int test_gen(const char * const kind, const rsa_tc_t * const tc) if (err != HAL_OK) /* Deferred failure from hal_rsa_decrypt(), above */ return 0; - if ((err = hal_rsa_encrypt(key1, result, sizeof(result), result, sizeof(result))) != HAL_OK) + if ((err = hal_rsa_encrypt(core, key1, result, sizeof(result), result, sizeof(result))) != HAL_OK) printf("RSA signature check failed: %s\n", hal_error_string(err)); const int mismatch = (err == HAL_OK && memcmp(result, tc->m.val, tc->m.len) != 0); @@ -258,42 +263,32 @@ static void _time_check(const struct timeval t0, const int ok) * and try generating a signature with that. */ -static int test_rsa(const rsa_tc_t * const tc) +static int test_rsa(const hal_core_t *core, const rsa_tc_t * const tc) { int ok = 1; /* RSA encryption */ - time_check(test_modexp("Verification", tc, &tc->s, &tc->e, &tc->m)); + time_check(test_modexp(core, "Verification", tc, &tc->s, &tc->e, &tc->m)); /* Brute force RSA decryption */ - time_check(test_modexp("Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s)); + time_check(test_modexp(core, "Signature (ModExp)", tc, &tc->m, &tc->d, &tc->s)); /* RSA decyrption using CRT */ - time_check(test_decrypt("Signature (CRT)", tc)); + time_check(test_decrypt(core, "Signature (CRT)", tc)); /* Key generation and CRT -- not test vector, so writes key and sig to file */ - time_check(test_gen("Generation and CRT", tc)); + time_check(test_gen(core, "Generation and CRT", tc)); return ok; } int main(int argc, char *argv[]) { - uint8_t name[8], version[4]; - hal_error_t err; - int i; + const hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL); + const hal_core_info_t *core_info = hal_core_info(core); - /* - * Initialize EIM and report what core we're running. - */ - - if ((err = hal_io_read(MODEXPS6_ADDR_NAME0, name, sizeof(name))) != HAL_OK || - (err = hal_io_read(MODEXPS6_ADDR_VERSION, version, sizeof(version))) != HAL_OK) { - printf("Initialization failed: %s\n", hal_error_string(err)); - return 1; - } - - printf("\"%8.8s\" \"%4.4s\"\n\n", name, version); + if (core_info != NULL) + printf("\"%8.8s\" \"%4.4s\"\n\n", core_info->name, core_info->version); /* * Run the test cases. @@ -303,8 +298,8 @@ int main(int argc, char *argv[]) /* Normal test */ - for (i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) - if (!test_rsa(&rsa_tc[i])) + for (int i = 0; i < (sizeof(rsa_tc)/sizeof(*rsa_tc)); i++) + if (!test_rsa(core, &rsa_tc[i])) return 1; return 0; -- cgit v1.2.3