src - FreeBSD source tree

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	cryptotest.py: Actually use NIST-KAT HMAC test vectors and test the right hashes	Conrad Meyer	2017-09-21	1	-7/+43
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	Previously, this test was entirely a no-op as no vector in the NIST-KAT file has a precisely 20-byte key. Additionally, not every vector in the file is SHA1. The length field determines the hash under test, and is now decoded correctly. Finally, due to a limitation I didn't feel like fixing in cryptodev.py, MACs are truncated to 16 bytes in this test. With this change and the uncommitted D12437 (to allow key sizes other than those used in IPSec), the SHA tests in cryptotest.py actually test something and e.g. at least cryptosoft passes the test. Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=323878
*	cryptotest.py: Do not run AES-CBC or AES-GCM tests on non-AES crypto(4) drivers	Conrad Meyer	2017-09-21	1	-0/+2
\| \| \| \| \| \| \| \| \| \| \|	For some reason, we only skipped AES-XTS tests if a driver was not in the aesmodules list. Skip other AES modes as well to prevent spurious failures in non-AES drivers. Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=323869
*	cryptotest.py: Add a seatbelt that we're actually testing anything	Conrad Meyer	2017-09-21	1	-0/+1
\| \| \| \| \| \| \| \| \| \|	Without nist-kat installed, cryptotest.py is a no-op. Showing 'success' in that case is unhelpful. Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=323843
*	Make test scripts under tests/... non-executable	Enji Cooper	2017-08-08	1	-0/+0
\| \| \| \| \| \| \| \| \| \|	Executable bits should be set at install time instead of in the repo. Setting executable bits on files triggers false positives with Phabricator. MFC after: 2 months Notes: svn path=/head/; revision=322214
*	Add the ccr0 device to the opencrypto tests against the NIST KAT tests.	John Baldwin	2017-06-08	1	-2/+3
\| \| \| \| \| \| \| \| \|	The ccr0 device supports both AES and SHA tests. Sponsored by: Chelsio Communications Notes: svn path=/head/; revision=319725
*	tests/sys/opencrypto/runtests: apply minor polish to test script	Enji Cooper	2017-06-01	1	-14/+20
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	- Refactor kld loading/unloading logic: -- Use a loop instead of an unrolled one. -- Check for the module being loaded before trying to load it, to reduce noise when loading modules that are already loaded. -- Don't mute stderr from kldload -- it could be potentially useful to the tester. -- In the event that the test script was terminated early, it would leave the modules still attached to the system (which is undesirable). Always unload the modules at test end with EXIT/SIGINT/SIGTERM so the system is returned to its former operating state as best possible. Unload the modules in reverse order, in part for consistency and/or dependency reasons. MFC after: 2 weeks Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=319456
*	Fix up `TEST_METADATA`	Enji Cooper	2017-06-01	1	-1/+3
\| \| \| \| \| \| \| \| \| \| \| \| \|	- `TEST_METADATA.foo` should be `TEST_METADATA.run_tests`: this will unbreak trying to run the tests on a system without python installed in $PATH. - The tests require root because they load aesni(4) and/or cryptodev(4) if not already loaded. MFC after: 2 weeks Sponsored by: Dell EMC Isilon Notes: svn path=/head/; revision=319455
*	Honor the requested crid when running a test.	John Baldwin	2017-06-01	1	-4/+1
\| \| \| \| \| \| \| \| \| \| \| \| \|	Otherwise, the kernel is free to choose an aribtrary crypto device rather than the requested device subverting tests that force the use of a specific device. MFC after: 1 week Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D10762 Notes: svn path=/head/; revision=319454
*	Merge ^/user/ngie/release-pkg-fix-tests to unbreak how test files are installed	Enji Cooper	2016-05-04	1	-4/+2
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	after r298107 Summary of changes: - Replace all instances of FILES/TESTS with ${PACKAGE}FILES. This ensures that namespacing is kept with FILES appropriately, and that this shouldn't need to be repeated if the namespace changes -- only the definition of PACKAGE needs to be changed - Allow PACKAGE to be overridden by callers instead of forcing it to always be `tests`. In the event we get to the point where things can be split up enough in the base system, it would make more sense to group the tests with the blocks they're a part of, e.g. byacc with byacc-tests, etc - Remove PACKAGE definitions where possible, i.e. where FILES wasn't used previously. - Remove unnecessary TESTSPACKAGE definitions; this has been elided into bsd.tests.mk - Remove unnecessary BINDIRs used previously with ${PACKAGE}FILES; ${PACKAGE}FILESDIR is now automatically defined in bsd.test.mk. - Fix installation of files under data/ subdirectories in lib/libc/tests/hash and lib/libc/tests/net/getaddrinfo - Remove unnecessary .include <bsd.own.mk>s (some opportunistic cleanup) Document the proposed changes in share/examples/tests/tests/... via examples so it's clear that ${PACKAGES}FILES is the suggested way forward in terms of replacing FILES. share/mk/bsd.README didn't seem like the appropriate method of communicating that info. MFC after: never probably X-MFC with: r298107 PR: 209114 Relnotes: yes Tested with: buildworld, installworld, checkworld; buildworld, packageworld Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=299094
*	MFH	Glen Barber	2016-03-10	1	-0/+11
\|\ \| \| \| \| \| \| \| \| \| \| \| \|	Sponsored by: The FreeBSD Foundation Notes: svn path=/projects/release-pkg/; revision=296625
\| *	DIRDEPS_BUILD: Connect MK_TESTS.	Bryan Drewery	2016-03-09	1	-0/+11
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	Sponsored by: EMC / Isilon Storage Division Notes: svn path=/head/; revision=296587
* \|	More 'tests' package fixes.	Glen Barber	2016-02-03	1	-0/+3
\|/ \| \| \| \| \| \|	Sponsored by: The FreeBSD Foundation Notes: svn path=/projects/release-pkg/; revision=295179
*	Add some new modes to OpenCrypto. These modes are AES-ICM (can be used	John-Mark Gurney	2014-12-12	6	-0/+1310
	for counter mode), and AES-GCM. Both of these modes have been added to the aesni module. Included is a set of tests to validate that the software and aesni module calculate the correct values. These use the NIST KAT test vectors. To run the test, you will need to install a soon to be committed port, nist-kat that will install the vectors. Using a port is necessary as the test vectors are around 25MB. All the man pages were updated. I have added a new man page, crypto.7, which includes a description of how to use each mode. All the new modes and some other AES modes are present. It would be good for someone else to go through and document the other modes. A new ioctl was added to support AEAD modes which AES-GCM is one of them. Without this ioctl, it is not possible to test AEAD modes from userland. Add a timing safe bcmp for use to compare MACs. Previously we were using bcmp which could leak timing info and result in the ability to forge messages. Add a minor optimization to the aesni module so that single segment mbufs don't get copied and instead are updated in place. The aesni module needs to be updated to support blocked IO so segmented mbufs don't have to be copied. We require that the IV be specified for all calls for both GCM and ICM. This is to ensure proper use of these functions. Obtained from: p4: //depot/projects/opencrypto Relnotes: yes Sponsored by: FreeBSD Foundation Sponsored by: NetGate Notes: svn path=/head/; revision=275732