lundman · August 23, 2016 08:00
diff --git a/illumos-crypto.c b/illumos-crypto.c


 unsigned char statickey[32] = {
    0x5c, 0x95, 0x64, 0x42, 0x00, 0x82, 0x1c, 0x9e,
    0xd4, 0xac, 0x01, 0x83, 0xc4, 0x9c, 0x14, 0x97,
    0x1c, 0x93, 0x04, 0xe2, 0x90, 0x99, 0x40, 0xfe,
    0x54, 0xec, 0xf1, 0x8a, 0x54, 0x22, 0x11, 0xff
 };
 #include <sys/zio_crypt.h>
 int cipher_test2(int verbose)
 {
    unsigned char *plaindata  = NULL;
    unsigned char *cipherdata = NULL;
    unsigned char *mac = NULL;
    unsigned char *out_mac = NULL;
    unsigned char *iv  = NULL;
    unsigned char *salt= NULL;
 	int size     = 512;
 	int saltsize = 8;
 	int macsize  = 16;
 	int ivsize   = 12;
 	zio_crypt_key_t zkey;
    unsigned char out[180];
    unsigned char d = 0;
 	int i, ret = ENOMEM;

 	if (verbose) cmn_err (CE_CONT, "*** ENCRYPTION TEST\n");

    plaindata  = kmem_alloc(size, KM_SLEEP);
    if (!plaindata) goto out;
    cipherdata = kmem_alloc(size, KM_SLEEP);
    if (!cipherdata) goto out;
    mac = kmem_alloc(macsize, KM_SLEEP);
    if (!mac) goto out;
    out_mac = kmem_alloc(macsize, KM_SLEEP);
    if (!out_mac) goto out;
    iv = kmem_alloc(ivsize, KM_SLEEP);
    if (!iv) goto out;
    salt = kmem_alloc(saltsize, KM_SLEEP);
    if (!salt) goto out;

    for (i = 0, d = 0; i < size; i++, d++)
        plaindata[i] = d;
    memset(cipherdata, 0, size);

 	if (verbose) cmn_err (CE_CONT, "Setting iv to: \n");
    for (i = 0, d=0xa8; i < ivsize; i++,d++) {
        iv[i] = d;
        if (verbose) cmn_err (CE_CONT, "0x%02x ", iv[i]);
    }
    if (verbose) cmn_err (CE_CONT, "\n");
 	if (verbose) cmn_err (CE_CONT, "Setting salt to: \n");
    for (i = 0, d=0x61; i < saltsize; i++,d++) {
        salt[i] = d;
        if (verbose) cmn_err (CE_CONT, "0x%02x ", salt[i]);
    }
    if (verbose) cmn_err (CE_CONT, "\n");

 	// Setup Key
 	zkey.zk_crypt = 5; /* aes-256-ccm */
 	zkey.zk_current_tmpl = NULL;
 	zkey.zk_salt_count = 0;
 	memcpy(zkey.zk_salt, salt, saltsize);
 	zkey.zk_current_key.ck_format = CRYPTO_KEY_RAW;
 	zkey.zk_current_key.ck_data = statickey;
 	zkey.zk_current_key.ck_length = BYTES_TO_BITS(sizeof(statickey));
 	rw_init(&zkey.zk_salt_lock, NULL, RW_DEFAULT, NULL);
 	// key done


 	ret = zio_do_crypt_data(B_TRUE, &zkey, salt, DMU_OT_NONE,
 							iv, mac, size, plaindata, cipherdata);

    if (verbose) cmn_err (CE_CONT, "zio_do_crypt_data encrypt %d\n", ret);

 	if (ret) goto out;

 	/*
 	  0x5f 0x8a 0xcb 0x82 0xf3 0xb1 0x2b 0xce
 	  0xa6 0x32 0x90 0x9b 0x08 0x78 0x20 0x12
 	  0x3b 0x97 0x67 0x1f 0x7e 0x79 0x14 0xab
 	  0xbb 0x8f 0x5b 0x17 0x9a 0x97 0xb9 0xae

 	  MAC output: 0x98 0x14 0x82 0xe4 0xbd 0xcb 0xee 0x9f
 	  0x57 0x3a 0x37 0x55 0xce 0xb6 0xaa 0x57
 	*/

 	*out = 0;
    for (i = 0; i < 32/* size */; i++) {
        snprintf((char*)out, sizeof(out), "%s 0x%02x", out, cipherdata[i]);
        if ((i % 8)==7) {
            if (verbose) cmn_err (CE_CONT, "%s\n", out);
            *out = 0;
        }
    }
    if (verbose) cmn_err (CE_CONT, "%s\nMAC output:", out);
    *out = 0;
    for (i = 0; i < 16; i++) {
        snprintf((char *)out, sizeof(out), "%s 0x%02x", out, mac[i]);
    }
    if (verbose) cmn_err (CE_CONT, "%s\n", out);




 	if (verbose) cmn_err (CE_CONT, "*** DECRYPTION TEST\n");


    memset(plaindata, 0, size);
 	if (verbose) cmn_err (CE_CONT, "Setting iv to: \n");
    for (i = 0, d=0xa8; i < ivsize; i++,d++) {
        iv[i] = d;
        if (verbose) cmn_err (CE_CONT, "0x%02x ", iv[i]);
    }
    if (verbose) cmn_err (CE_CONT, "\n");
 	if (verbose) cmn_err (CE_CONT, "Setting salt to: \n");
    for (i = 0, d=0x61; i < saltsize; i++,d++) {
        salt[i] = d;
        if (verbose) cmn_err (CE_CONT, "0x%02x ", salt[i]);
    }
    if (verbose) cmn_err (CE_CONT, "\n");

 	zkey.zk_salt_count = 0;
 	memcpy(zkey.zk_salt, salt, saltsize);


 	ret = zio_do_crypt_data(B_FALSE, &zkey, salt, DMU_OT_NONE,
 							iv, mac, size, plaindata, cipherdata);

    if (verbose) cmn_err (CE_CONT, "zio_do_crypt_data decrypt %d\n", ret);


 	*out = 0;
    for (i = 0; i < 32/* size */; i++) {
        snprintf((char*)out, sizeof(out), "%s 0x%02x", out, plaindata[i]);
        if ((i % 8)==7) {
            if (verbose) cmn_err (CE_CONT, "%s\n", out);
            *out = 0;
        }
    }
    if (verbose) cmn_err (CE_CONT, "%s\n", out);


 	rw_destroy(&zkey.zk_salt_lock);

 out:
    if (salt)       kmem_free(salt, saltsize);
    if (plaindata)  kmem_free(plaindata, size);
    if (cipherdata) kmem_free(cipherdata, size);
    if (mac)        kmem_free(mac, macsize);
    if (out_mac)    kmem_free(out_mac, macsize);
    if (iv)         kmem_free(iv, ivsize);

 	return ret;
 }


	unsigned char statickey[32] = {
	0x5c, 0x95, 0x64, 0x42, 0x00, 0x82, 0x1c, 0x9e,
	0xd4, 0xac, 0x01, 0x83, 0xc4, 0x9c, 0x14, 0x97,
	0x1c, 0x93, 0x04, 0xe2, 0x90, 0x99, 0x40, 0xfe,
	0x54, 0xec, 0xf1, 0x8a, 0x54, 0x22, 0x11, 0xff
	};
	#include <sys/zio_crypt.h>
	int cipher_test2(int verbose)
	{
	unsigned char *plaindata = NULL;
	unsigned char *cipherdata = NULL;
	unsigned char *mac = NULL;
	unsigned char *out_mac = NULL;
	unsigned char *iv = NULL;
	unsigned char *salt= NULL;
	int size = 512;
	int saltsize = 8;
	int macsize = 16;
	int ivsize = 12;
	zio_crypt_key_t zkey;
	unsigned char out[180];
	unsigned char d = 0;
	int i, ret = ENOMEM;

	if (verbose) cmn_err (CE_CONT, "*** ENCRYPTION TEST\n");

	plaindata = kmem_alloc(size, KM_SLEEP);
	if (!plaindata) goto out;
	cipherdata = kmem_alloc(size, KM_SLEEP);
	if (!cipherdata) goto out;
	mac = kmem_alloc(macsize, KM_SLEEP);
	if (!mac) goto out;
	out_mac = kmem_alloc(macsize, KM_SLEEP);
	if (!out_mac) goto out;
	iv = kmem_alloc(ivsize, KM_SLEEP);
	if (!iv) goto out;
	salt = kmem_alloc(saltsize, KM_SLEEP);
	if (!salt) goto out;

	for (i = 0, d = 0; i < size; i++, d++)
	plaindata[i] = d;
	memset(cipherdata, 0, size);

	if (verbose) cmn_err (CE_CONT, "Setting iv to: \n");
	for (i = 0, d=0xa8; i < ivsize; i++,d++) {
	iv[i] = d;
	if (verbose) cmn_err (CE_CONT, "0x%02x ", iv[i]);
	}
	if (verbose) cmn_err (CE_CONT, "\n");
	if (verbose) cmn_err (CE_CONT, "Setting salt to: \n");
	for (i = 0, d=0x61; i < saltsize; i++,d++) {
	salt[i] = d;
	if (verbose) cmn_err (CE_CONT, "0x%02x ", salt[i]);
	}
	if (verbose) cmn_err (CE_CONT, "\n");

	// Setup Key
	zkey.zk_crypt = 5; /* aes-256-ccm */
	zkey.zk_current_tmpl = NULL;
	zkey.zk_salt_count = 0;
	memcpy(zkey.zk_salt, salt, saltsize);
	zkey.zk_current_key.ck_format = CRYPTO_KEY_RAW;
	zkey.zk_current_key.ck_data = statickey;
	zkey.zk_current_key.ck_length = BYTES_TO_BITS(sizeof(statickey));
	rw_init(&zkey.zk_salt_lock, NULL, RW_DEFAULT, NULL);
	// key done


	ret = zio_do_crypt_data(B_TRUE, &zkey, salt, DMU_OT_NONE,
	iv, mac, size, plaindata, cipherdata);

	if (verbose) cmn_err (CE_CONT, "zio_do_crypt_data encrypt %d\n", ret);

	if (ret) goto out;

	/*
	0x5f 0x8a 0xcb 0x82 0xf3 0xb1 0x2b 0xce
	0xa6 0x32 0x90 0x9b 0x08 0x78 0x20 0x12
	0x3b 0x97 0x67 0x1f 0x7e 0x79 0x14 0xab
	0xbb 0x8f 0x5b 0x17 0x9a 0x97 0xb9 0xae

	MAC output: 0x98 0x14 0x82 0xe4 0xbd 0xcb 0xee 0x9f
	0x57 0x3a 0x37 0x55 0xce 0xb6 0xaa 0x57
	*/

	*out = 0;
	for (i = 0; i < 32/* size */; i++) {
	snprintf((char*)out, sizeof(out), "%s 0x%02x", out, cipherdata[i]);
	if ((i % 8)==7) {
	if (verbose) cmn_err (CE_CONT, "%s\n", out);
	*out = 0;
	}
	}
	if (verbose) cmn_err (CE_CONT, "%s\nMAC output:", out);
	*out = 0;
	for (i = 0; i < 16; i++) {
	snprintf((char *)out, sizeof(out), "%s 0x%02x", out, mac[i]);
	}
	if (verbose) cmn_err (CE_CONT, "%s\n", out);




	if (verbose) cmn_err (CE_CONT, "*** DECRYPTION TEST\n");


	memset(plaindata, 0, size);
	if (verbose) cmn_err (CE_CONT, "Setting iv to: \n");
	for (i = 0, d=0xa8; i < ivsize; i++,d++) {
	iv[i] = d;
	if (verbose) cmn_err (CE_CONT, "0x%02x ", iv[i]);
	}
	if (verbose) cmn_err (CE_CONT, "\n");
	if (verbose) cmn_err (CE_CONT, "Setting salt to: \n");
	for (i = 0, d=0x61; i < saltsize; i++,d++) {
	salt[i] = d;
	if (verbose) cmn_err (CE_CONT, "0x%02x ", salt[i]);
	}
	if (verbose) cmn_err (CE_CONT, "\n");

	zkey.zk_salt_count = 0;
	memcpy(zkey.zk_salt, salt, saltsize);


	ret = zio_do_crypt_data(B_FALSE, &zkey, salt, DMU_OT_NONE,
	iv, mac, size, plaindata, cipherdata);

	if (verbose) cmn_err (CE_CONT, "zio_do_crypt_data decrypt %d\n", ret);


	*out = 0;
	for (i = 0; i < 32/* size */; i++) {
	snprintf((char*)out, sizeof(out), "%s 0x%02x", out, plaindata[i]);
	if ((i % 8)==7) {
	if (verbose) cmn_err (CE_CONT, "%s\n", out);
	*out = 0;
	}
	}
	if (verbose) cmn_err (CE_CONT, "%s\n", out);


	rw_destroy(&zkey.zk_salt_lock);

	out:
	if (salt) kmem_free(salt, saltsize);
	if (plaindata) kmem_free(plaindata, size);
	if (cipherdata) kmem_free(cipherdata, size);
	if (mac) kmem_free(mac, macsize);
	if (out_mac) kmem_free(out_mac, macsize);
	if (iv) kmem_free(iv, ivsize);

	return ret;
	}