def runTDES(self, fname):
curfun = None
for mode, lines in cryptodev.KATParser(fname,
[ 'COUNT', 'KEYs', 'IV', 'PLAINTEXT', 'CIPHERTEXT', ]):
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %s' % `mode`)
for data in lines:
curcnt = int(data['COUNT'])
key = data['KEYs'] * 3
cipherkey = key.decode('hex')
iv = data['IV'].decode('hex')
pt = data['PLAINTEXT'].decode('hex')
ct = data['CIPHERTEXT'].decode('hex')
if swapptct:
pt, ct = ct, pt
# run the fun
c = Crypto(cryptodev.CRYPTO_3DES_CBC, cipherkey, crid=crid)
r = curfun(c, pt, iv)
self.assertEqual(r, ct)
def runSHA(self, fname):
# Skip SHA512_(224|256) tests
if fname.find('SHA512_') != -1:
return
columns = ['Len', 'Msg', 'MD']
with cryptodev.KATParser(fname, columns) as parser:
self.runSHAWithParser(parser)
def runXTS(self, fname, meth):
curfun = None
for mode, lines in cryptodev.KATParser(fname,
[ 'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT',
'CT' ]):
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %s' % `mode`)
for data in lines:
curcnt = int(data['COUNT'])
nbits = int(data['DataUnitLen'])
cipherkey = data['Key'].decode('hex')
iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0)
pt = data['PT'].decode('hex')
ct = data['CT'].decode('hex')
if nbits % 128 != 0:
# XXX - mark as skipped
continue
if swapptct:
pt, ct = ct, pt
# run the fun
c = Crypto(meth, cipherkey, crid=crid)
r = curfun(c, pt, iv)
self.assertEqual(r, ct)
def runCBC(self, fname):
curfun = None
for mode, lines in cryptodev.KATParser(fname, [
'COUNT',
'KEY',
'IV',
'PLAINTEXT',
'CIPHERTEXT',
]):
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %r' % repr(mode))
for data in lines:
curcnt = int(data['COUNT'])
cipherkey = binascii.unhexlify(data['KEY'])
iv = binascii.unhexlify(data['IV'])
pt = binascii.unhexlify(data['PLAINTEXT'])
ct = binascii.unhexlify(data['CIPHERTEXT'])
if swapptct:
pt, ct = ct, pt
# run the fun
c = Crypto(cryptodev.CRYPTO_AES_CBC, cipherkey, crid=crid)
r = curfun(c, pt, iv)
self.assertEqual(r, ct)
def runGCM(self, fname, mode):
curfun = None
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %s' % ` mode `)
for bogusmode, lines in cryptodev.KATParser(
fname, [
'Count',
'Key',
'IV',
'CT',
'AAD',
'Tag',
'PT',
]):
for data in lines:
curcnt = int(data['Count'])
cipherkey = data['Key'].decode('hex')
iv = data['IV'].decode('hex')
aad = data['AAD'].decode('hex')
tag = data['Tag'].decode('hex')
if 'FAIL' not in data:
pt = data['PT'].decode('hex')
ct = data['CT'].decode('hex')
if len(iv) != 12:
# XXX - isn't supported
continue
c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
cipherkey,
mac=self._gmacsizes[len(cipherkey)],
mackey=cipherkey,
crid=crid)
if mode == 'ENCRYPT':
rct, rtag = c.encrypt(pt, iv, aad)
rtag = rtag[:len(tag)]
data['rct'] = rct.encode('hex')
data['rtag'] = rtag.encode('hex')
self.assertEqual(rct, ct, ` data `)
self.assertEqual(rtag, tag, ` data `)
else:
if len(tag) != 16:
continue
args = (ct, iv, aad, tag)
if 'FAIL' in data:
self.assertRaises(IOError, c.decrypt, *args)
else:
rpt, rtag = c.decrypt(*args)
data['rpt'] = rpt.encode('hex')
data['rtag'] = rtag.encode('hex')
self.assertEqual(rpt, pt, ` data `)
def runSHA1HMAC(self, fname):
for hashlength, lines in cryptodev.KATParser(
fname, ['Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac']):
# E.g., hashlength will be "L=20" (bytes)
hashlen = int(hashlength.split("=")[1])
blocksize = None
if hashlen == 20:
alg = cryptodev.CRYPTO_SHA1_HMAC
blocksize = 64
elif hashlen == 28:
# Cryptodev doesn't support SHA-224
# Slurp remaining input in section
for data in lines:
continue
continue
elif hashlen == 32:
alg = cryptodev.CRYPTO_SHA2_256_HMAC
blocksize = 64
elif hashlen == 48:
alg = cryptodev.CRYPTO_SHA2_384_HMAC
blocksize = 128
elif hashlen == 64:
alg = cryptodev.CRYPTO_SHA2_512_HMAC
blocksize = 128
else:
# Skip unsupported hashes
# Slurp remaining input in section
for data in lines:
continue
continue
for data in lines:
key = data['Key'].decode('hex')
msg = data['Msg'].decode('hex')
mac = data['Mac'].decode('hex')
tlen = int(data['Tlen'])
if len(key) > blocksize:
continue
try:
c = Crypto(mac=alg, mackey=key, crid=crid)
except EnvironmentError, e:
# Can't test hashes the driver does not support.
if e.errno != errno.EOPNOTSUPP:
raise
continue
_, r = c.encrypt(msg, iv="")
# A limitation in cryptodev.py means we
# can only store MACs up to 16 bytes.
# That's good enough to validate the
# correct behavior, more or less.
maclen = min(tlen, 16)
self.assertEqual(r[:maclen], mac[:maclen], "Actual: " + \
repr(r[:maclen].encode("hex")) + " Expected: " + repr(data))
def runCBC(self, fname):
columns = [
'COUNT',
'KEY',
'IV',
'PLAINTEXT',
'CIPHERTEXT',
]
with cryptodev.KATParser(fname, columns) as parser:
self.runCBCWithParser(parser)
def runSHA1HMAC(self, fname):
for hashlength, lines in cryptodev.KATParser(
fname, ['Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac']):
# E.g., hashlength will be "L=20" (bytes)
hashlen = int(hashlength.split("=")[1])
blocksize = None
if hashlen == 20:
alg = cryptodev.CRYPTO_SHA1_HMAC
blocksize = 64
elif hashlen == 28:
alg = cryptodev.CRYPTO_SHA2_224_HMAC
blocksize = 64
elif hashlen == 32:
alg = cryptodev.CRYPTO_SHA2_256_HMAC
blocksize = 64
elif hashlen == 48:
alg = cryptodev.CRYPTO_SHA2_384_HMAC
blocksize = 128
elif hashlen == 64:
alg = cryptodev.CRYPTO_SHA2_512_HMAC
blocksize = 128
else:
# Skip unsupported hashes
# Slurp remaining input in section
for data in lines:
continue
continue
for data in lines:
key = data['Key'].decode('hex')
msg = data['Msg'].decode('hex')
mac = data['Mac'].decode('hex')
tlen = int(data['Tlen'])
if len(key) > blocksize:
continue
try:
c = Crypto(mac=alg,
mackey=key,
crid=crid,
maclen=hashlen)
except EnvironmentError, e:
# Can't test hashes the driver does not support.
if e.errno != errno.EOPNOTSUPP:
raise
continue
_, r = c.encrypt(msg, iv="")
self.assertEqual(r[:tlen], mac, "Actual: " + \
repr(r.encode("hex")) + " Expected: " + repr(data))
def runSHA1HMAC(self, fname):
for bogusmode, lines in cryptodev.KATParser(fname,
[ 'Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac' ]):
for data in lines:
key = data['Key'].decode('hex')
msg = data['Msg'].decode('hex')
mac = data['Mac'].decode('hex')
if len(key) != 20:
# XXX - implementation bug
continue
c = Crypto(mac=cryptodev.CRYPTO_SHA1_HMAC,
mackey=key, crid=crid)
r = c.encrypt(msg)
self.assertEqual(r, mac, `data`)
def runSHA(self, fname):
# Skip SHA512_(224|256) tests
if fname.find('SHA512_') != -1:
return
for hashlength, lines in cryptodev.KATParser(
fname, ['Len', 'Msg', 'MD']):
# E.g., hashlength will be "L=20" (bytes)
hashlen = int(hashlength.split("=")[1])
if hashlen == 20:
alg = cryptodev.CRYPTO_SHA1
elif hashlen == 28:
alg = cryptodev.CRYPTO_SHA2_224
elif hashlen == 32:
alg = cryptodev.CRYPTO_SHA2_256
elif hashlen == 48:
alg = cryptodev.CRYPTO_SHA2_384
elif hashlen == 64:
alg = cryptodev.CRYPTO_SHA2_512
else:
# Skip unsupported hashes
# Slurp remaining input in section
for data in lines:
continue
continue
for data in lines:
msg = data['Msg'].decode('hex')
msg = msg[:int(data['Len'])]
md = data['MD'].decode('hex')
try:
c = Crypto(mac=alg, crid=crid, maclen=hashlen)
except EnvironmentError, e:
# Can't test hashes the driver does not support.
if e.errno != errno.EOPNOTSUPP:
raise
continue
_, r = c.encrypt(msg, iv="")
self.assertEqual(r, md, "Actual: " + \
repr(r.encode("hex")) + " Expected: " + repr(data) + " on " + cname)
def runGCM(self, fname, mode):
curfun = None
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %r' % repr(mode))
columns = [
'Count',
'Key',
'IV',
'CT',
'AAD',
'Tag',
'PT',
]
with cryptodev.KATParser(fname, columns) as parser:
self.runGCMWithParser(parser, mode)
def runXTS(self, fname, meth):
curfun = None
for mode, lines in cryptodev.KATParser(fname, [
'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT',
'CT'
]):
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %r' % repr(mode))
for data in lines:
curcnt = int(data['COUNT'])
nbits = int(data['DataUnitLen'])
cipherkey = data['Key'].decode('hex')
iv = struct.pack('QQ', int(data['DataUnitSeqNumber']), 0)
pt = data['PT'].decode('hex')
ct = data['CT'].decode('hex')
if nbits % 128 != 0:
# XXX - mark as skipped
continue
if swapptct:
pt, ct = ct, pt
# run the fun
try:
c = Crypto(meth, cipherkey, crid=crid)
r = curfun(c, pt, iv)
except EnvironmentError, e:
# Can't test hashes the driver does not support.
if e.errno != errno.EOPNOTSUPP:
raise
continue
self.assertEqual(r, ct)
def runSHA1HMAC(self, fname):
columns = ['Count', 'Klen', 'Tlen', 'Key', 'Msg', 'Mac']
with cryptodev.KATParser(fname, columns) as parser:
self.runSHA1HMACWithParser(parser)
def runXTS(self, fname, meth):
columns = [
'COUNT', 'DataUnitLen', 'Key', 'DataUnitSeqNumber', 'PT', 'CT'
]
with cryptodev.KATParser(fname, columns) as parser:
self.runXTSWithParser(parser, meth)
def runGCM(self, fname, mode):
curfun = None
if mode == 'ENCRYPT':
swapptct = False
curfun = Crypto.encrypt
elif mode == 'DECRYPT':
swapptct = True
curfun = Crypto.decrypt
else:
raise RuntimeError('unknown mode: %r' % repr(mode))
for bogusmode, lines in cryptodev.KATParser(
fname, [
'Count',
'Key',
'IV',
'CT',
'AAD',
'Tag',
'PT',
]):
for data in lines:
curcnt = int(data['Count'])
cipherkey = data['Key'].decode('hex')
iv = data['IV'].decode('hex')
aad = data['AAD'].decode('hex')
tag = data['Tag'].decode('hex')
if 'FAIL' not in data:
pt = data['PT'].decode('hex')
ct = data['CT'].decode('hex')
if len(iv) != 12:
# XXX - isn't supported
continue
try:
c = Crypto(cryptodev.CRYPTO_AES_NIST_GCM_16,
cipherkey,
mac=self._gmacsizes[len(cipherkey)],
mackey=cipherkey,
crid=crid,
maclen=16)
except EnvironmentError, e:
# Can't test algorithms the driver does not support.
if e.errno != errno.EOPNOTSUPP:
raise
continue
if mode == 'ENCRYPT':
try:
rct, rtag = c.encrypt(pt, iv, aad)
except EnvironmentError, e:
# Can't test inputs the driver does not support.
if e.errno != errno.EINVAL:
raise
continue
rtag = rtag[:len(tag)]
data['rct'] = rct.encode('hex')
data['rtag'] = rtag.encode('hex')
self.assertEqual(rct, ct, repr(data))
self.assertEqual(rtag, tag, repr(data))
else:
if len(tag) != 16:
continue
args = (ct, iv, aad, tag)
if 'FAIL' in data:
self.assertRaises(IOError, c.decrypt, *args)
else:
try:
rpt, rtag = c.decrypt(*args)
except EnvironmentError, e:
# Can't test inputs the driver does not support.
if e.errno != errno.EINVAL:
raise
continue
data['rpt'] = rpt.encode('hex')
data['rtag'] = rtag.encode('hex')
self.assertEqual(rpt, pt, repr(data))