[svn] gcry - r1351 - trunk/tests

svn author wk cvs at cvs.gnupg.org
Thu Oct 30 11:23:18 CET 2008 

Author: wk
Date: 2008-10-30 11:23:17 +0100 (Thu, 30 Oct 2008)
New Revision: 1351

Modified:
   trunk/tests/ChangeLog
   trunk/tests/cavs_driver.pl
   trunk/tests/cavs_tests.sh
   trunk/tests/fipsdrv.c
Log:
Fix ECB mode test


Modified: trunk/tests/ChangeLog
===================================================================
--- trunk/tests/ChangeLog	2008-10-24 17:01:30 UTC (rev 1350)
+++ trunk/tests/ChangeLog	2008-10-30 10:23:17 UTC (rev 1351)
@@ -1,3 +1,11 @@
+2008-10-27  Werner Koch  <wk at g10code.com>
+
+	* fipsdrv.c (run_encrypt_decrypt): Make IV_BUFFER optional.
+	(main): Ditto.
+	* cavs_driver.pl: Remove the --no-fips flags.
+	(libgcrypt_encdec($$$$$)): Make IV optional.
+	(libgcrypt_state_cipher($$$$$)): Ditto.
+
 2008-10-24  Werner Koch  <wk at g10code.com>
 
 	* benchmark.c (md_bench): Do not test MD5 in fips mode.

Modified: trunk/tests/cavs_driver.pl
===================================================================
--- trunk/tests/cavs_driver.pl	2008-10-24 17:01:30 UTC (rev 1350)
+++ trunk/tests/cavs_driver.pl	2008-10-30 10:23:17 UTC (rev 1351)
@@ -289,8 +289,10 @@
 	my $enc = (shift) ? "encrypt" : "decrypt";
 	my $data=shift;
 
-	my $program="fipsdrv --no-fips --key $key --iv $iv --algo $cipher $enc";
+        $iv = "--iv $iv" if ($iv);
 
+	my $program="fipsdrv --key $key $iv --algo $cipher $enc";
+
 	return pipe_through_program($data,$program);
 }
 
@@ -333,7 +335,7 @@
 	my $pt = shift;
 	my $hashalgo = shift;
 
-	my $program = "fipsdrv --no-fips --algo $hashalgo digest";
+	my $program = "fipsdrv --algo $hashalgo digest";
 	die "ARCFOUR not available for hashes" if $opt{'R'};
 
 	return pipe_through_program($pt, $program);
@@ -346,7 +348,9 @@
 	my $key = shift;
 	my $iv = shift;
 
-	my $program="fipsdrv --no-fips --binary --key ".bin2hex($key)." --iv ".bin2hex($iv)." --algo '$cipher' --chunk '$bufsize' $enc";
+        $iv = "--iv $iv" if ($iv);
+
+	my $program="fipsdrv --binary --key ".bin2hex($key)." $iv ".bin2hex($iv)." --algo '$cipher' --chunk '$bufsize' $enc";
 	return $program;
 }
 
@@ -364,7 +368,7 @@
 	my $msg = shift;
 	my $hashtype = shift;
 
-	my $program = "fipsdrv --no-fips --key $key --algo $hashtype hmac-sha";
+	my $program = "fipsdrv --key $key --algo $hashtype hmac-sha";
 	return pipe_through_program($msg, $program);	
 }
 

Modified: trunk/tests/cavs_tests.sh
===================================================================
--- trunk/tests/cavs_tests.sh	2008-10-24 17:01:30 UTC (rev 1350)
+++ trunk/tests/cavs_tests.sh	2008-10-30 10:23:17 UTC (rev 1351)
@@ -55,13 +55,15 @@
     [ -f "$rspfile" ] &&  rm "$rspfile"
     
     if ./cavs_driver.pl -I libgcrypt "$reqfile"; then
-        echo "failed test: $reqfile" >&2
+      if [ -f "$tmprspfile" ]; then
+          mv "$tmprspfile" "$rspfile"
+      else 
+          echo "failed test: $reqfile" >&2
+          : >"$errors_seen_file"
+      fi
+    else
+        echo "failed test: $reqfile rc=$?" >&2
         : >"$errors_seen_file"
-    elif [ -f "$tmprspfile" ]; then
-        mv "$tmprspfile" "$rspfile"
-    else 
-        echo "failed test: $reqfile" >&2
-        : >"$errors_seen_file"
     fi
 }
 
@@ -72,7 +74,7 @@
 ARCH=$(arch || echo unknown)
 result_file="CAVS_results-$ARCH-$DATE.zip"
 
-for f in fipsdrv fipsrngdrv cavs_driver.pl; do
+for f in fipsdrv cavs_driver.pl; do
     if [ ! -f "./$f" ]; then
       echo "required program \"$f\" missing in current directory" >&2
       exit 2
@@ -110,6 +112,9 @@
 find cavs -type f -name "*.req" | while read f ; do
     echo "Running test file $f" >&2
     run_one_test "$f"
+    if [ -f "$errors_seen_file" ]; then
+        break;
+    fi
 done
 
 if [ -f "$errors_seen_file" ]; then

Modified: trunk/tests/fipsdrv.c
===================================================================
--- trunk/tests/fipsdrv.c	2008-10-24 17:01:30 UTC (rev 1350)
+++ trunk/tests/fipsdrv.c	2008-10-30 10:23:17 UTC (rev 1351)
@@ -867,10 +867,13 @@
     die ("gcry_cipher_setkey failed with keylen %u: %s\n",
          (unsigned int)key_buflen, gpg_strerror (err));
 
-  err = gcry_cipher_setiv (hd, iv_buffer, iv_buflen);
-  if (err)
-    die ("gcry_cipher_setiv failed with ivlen %u: %s\n",
-         (unsigned int)iv_buflen, gpg_strerror (err));
+  if (iv_buffer)
+    {
+      err = gcry_cipher_setiv (hd, iv_buffer, iv_buflen);
+      if (err)
+        die ("gcry_cipher_setiv failed with ivlen %u: %s\n",
+             (unsigned int)iv_buflen, gpg_strerror (err));
+    }
 
   inbuf = data? NULL : gcry_xmalloc (datalen);
   outbuflen = datalen;
@@ -1508,11 +1511,19 @@
       cipher_algo = map_openssl_cipher_name (algo_string, &cipher_mode);
       if (!cipher_algo)
         die ("cipher algorithm `%s' is not supported\n", algo_string);
-      if (!iv_string)
-        die ("option --iv is required in this mode\n");
-      iv_buffer = hex2buffer (iv_string, &iv_buflen);
-      if (!iv_buffer)
-        die ("invalid value for IV\n");
+      if (cipher_mode != GCRY_CIPHER_MODE_ECB)
+        {
+          if (!iv_string)
+            die ("option --iv is required in this mode\n");
+          iv_buffer = hex2buffer (iv_string, &iv_buflen);
+          if (!iv_buffer)
+            die ("invalid value for IV\n");
+        }
+      else
+        {
+          iv_buffer = NULL;
+          iv_buflen = 0;
+        }
       if (!key_string)
         die ("option --key is required in this mode\n");
       key_buffer = hex2buffer (key_string, &key_buflen);

More information about the Gnupg-commits mailing list