1272343Sngie/* $NetBSD: h_xcbcmac.c,v 1.4 2014/01/16 23:56:04 joerg Exp $ */ 2272343Sngie 3272343Sngie/*- 4272343Sngie * Copyright (c) 2014 The NetBSD Foundation, Inc. 5272343Sngie * All rights reserved. 6272343Sngie * 7272343Sngie * Redistribution and use in source and binary forms, with or without 8272343Sngie * modification, are permitted provided that the following conditions 9272343Sngie * are met: 10272343Sngie * 1. Redistributions of source code must retain the above copyright 11272343Sngie * notice, this list of conditions and the following disclaimer. 12272343Sngie * 2. Redistributions in binary form must reproduce the above copyright 13272343Sngie * notice, this list of conditions and the following disclaimer in the 14272343Sngie * documentation and/or other materials provided with the distribution. 15272343Sngie * 16272343Sngie * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 17272343Sngie * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 18272343Sngie * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 19272343Sngie * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 20272343Sngie * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 21272343Sngie * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 22272343Sngie * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 23272343Sngie * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 24272343Sngie * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 25272343Sngie * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 26272343Sngie * POSSIBILITY OF SUCH DAMAGE. 27272343Sngie */ 28272343Sngie 29272343Sngie#include <err.h> 30272343Sngie#include <fcntl.h> 31272343Sngie#include <stdio.h> 32272343Sngie#include <string.h> 33272343Sngie 34272343Sngie#include <sys/ioctl.h> 35272343Sngie#include <sys/time.h> 36272343Sngie 37272343Sngie#include <crypto/cryptodev.h> 38272343Sngie 39272343Sngie 40272343Sngie/* test vectors from RFC3566 */ 41272343Sngieunsigned char key[16] = { 42272343Sngie 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 43272343Sngie 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f 44272343Sngie}; 45272343Sngiechar plaintx[1000] = { 46272343Sngie 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 47272343Sngie 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, 48272343Sngie 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, 49272343Sngie 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, 50272343Sngie 0x20, 0x21 51272343Sngie}; 52272343Sngieconst struct { 53272343Sngie size_t len; 54272343Sngie unsigned char mac[12]; 55272343Sngie} tests[] = { 56272343Sngie { 0, { 0x75, 0xf0, 0x25, 0x1d, 0x52, 0x8a, 57272343Sngie 0xc0, 0x1c, 0x45, 0x73, 0xdf, 0xd5 } }, 58272343Sngie { 3, { 0x5b, 0x37, 0x65, 0x80, 0xae, 0x2f, 59272343Sngie 0x19, 0xaf, 0xe7, 0x21, 0x9c, 0xee } }, 60272343Sngie { 16, { 0xd2, 0xa2, 0x46, 0xfa, 0x34, 0x9b, 61272343Sngie 0x68, 0xa7, 0x99, 0x98, 0xa4, 0x39 } }, 62272343Sngie { 20, { 0x47, 0xf5, 0x1b, 0x45, 0x64, 0x96, 63272343Sngie 0x62, 0x15, 0xb8, 0x98, 0x5c, 0x63 } }, 64272343Sngie { 32, { 0xf5, 0x4f, 0x0e, 0xc8, 0xd2, 0xb9, 65272343Sngie 0xf3, 0xd3, 0x68, 0x07, 0x73, 0x4b } }, 66272343Sngie { 34, { 0xbe, 0xcb, 0xb3, 0xbc, 0xcd, 0xb5, 67272343Sngie 0x18, 0xa3, 0x06, 0x77, 0xd5, 0x48 } }, 68272343Sngie { 1000, { 0xf0, 0xda, 0xfe, 0xe8, 0x95, 0xdb, 69272343Sngie 0x30, 0x25, 0x37, 0x61, 0x10, 0x3b } }, 70272343Sngie}; 71272343Sngie 72272343Sngieint 73272343Sngiemain(void) 74272343Sngie{ 75272343Sngie int fd, res; 76272343Sngie size_t i; 77272343Sngie struct session_op cs; 78272343Sngie struct crypt_op co; 79272343Sngie unsigned char buf[16]; 80272343Sngie 81272343Sngie fd = open("/dev/crypto", O_RDWR, 0); 82272343Sngie if (fd < 0) 83272343Sngie err(1, "open"); 84272343Sngie memset(&cs, 0, sizeof(cs)); 85272343Sngie cs.mac = CRYPTO_AES_XCBC_MAC_96; 86272343Sngie cs.mackeylen = sizeof(key); 87272343Sngie cs.mackey = key; 88272343Sngie res = ioctl(fd, CIOCGSESSION, &cs); 89272343Sngie if (res < 0) 90272343Sngie err(1, "CIOCGSESSION"); 91272343Sngie 92272343Sngie for (i = 0; i < __arraycount(tests); i++) { 93272343Sngie memset(&co, 0, sizeof(co)); 94272343Sngie memset(buf, 0, sizeof(buf)); 95272343Sngie if (tests[i].len == sizeof(plaintx)) 96272343Sngie memset(&plaintx, 0, sizeof(plaintx)); 97272343Sngie co.ses = cs.ses; 98272343Sngie co.op = COP_ENCRYPT; 99272343Sngie co.len = tests[i].len; 100272343Sngie co.src = plaintx; 101272343Sngie co.mac = buf; 102272343Sngie res = ioctl(fd, CIOCCRYPT, &co); 103272343Sngie if (res < 0) 104272343Sngie err(1, "CIOCCRYPT test %zu", i); 105272343Sngie if (memcmp(buf, &tests[i].mac, sizeof(tests[i].mac))) 106272343Sngie errx(1, "verification failed test %zu", i); 107272343Sngie } 108272343Sngie return 0; 109272343Sngie} 110