From 04ed92600509e5a664727573b5e8983376024945 Mon Sep 17 00:00:00 2001 From: Ondrej Mosnacek Date: Tue, 7 Aug 2018 17:38:32 +0200 Subject: [PATCH] Produce a subpackage with test scripts --- ...g_tests_outside_of_build_environment.patch | 965 ++++++++++++++++++ libkcapi.spec | 18 +- 2 files changed, 982 insertions(+), 1 deletion(-) create mode 100644 libkcapi-1.1.1-test_Allow_running_tests_outside_of_build_environment.patch diff --git a/libkcapi-1.1.1-test_Allow_running_tests_outside_of_build_environment.patch b/libkcapi-1.1.1-test_Allow_running_tests_outside_of_build_environment.patch new file mode 100644 index 0000000..b4b9719 --- /dev/null +++ b/libkcapi-1.1.1-test_Allow_running_tests_outside_of_build_environment.patch @@ -0,0 +1,965 @@ +From 7223cbef97f346026e29de73f547b7074d8f5b94 Mon Sep 17 00:00:00 2001 +From: Ondrej Mosnacek +Date: Mon, 6 Aug 2018 15:47:15 +0200 +Subject: [PATCH 1/3] test: Remove an unnecessary hack + +--- + test/libtest.sh | 2 -- + 1 file changed, 2 deletions(-) + +diff --git a/test/libtest.sh b/test/libtest.sh +index d969277..2a90d91 100644 +--- a/test/libtest.sh ++++ b/test/libtest.sh +@@ -20,8 +20,6 @@ + # Common code for test cases + # + +-export PATH=$PATH:. +- + ##################################################################### + # Common functions + ##################################################################### + +From 0bc71e19b51a45dbcc6c3710d3d4ffed0707e68a Mon Sep 17 00:00:00 2001 +From: Ondrej Mosnacek +Date: Tue, 7 Aug 2018 09:51:08 +0200 +Subject: [PATCH 2/3] test: Allow running tests outside of build environment + +This patch slightly refactors the test scripts so they can be installed +along with the binaries and ran on the installed system. The old way of +running test-invocation.sh in the build environment still works. + +The test scripts are installed into %pkglibexecdir%, along with the test +binaries (so that the test scripts can easily find them). Note that the +test binaries are also still installed in %bindir% to not break the +backwards compatibility. + +Distribuitons are recommended to put the test files into a separate +subpackage that can be installed for debugging/QA purposes. +--- + Makefile.am | 13 ++++++ + test/compile-test.sh | 57 ++++--------------------- + test/hasher-test.sh | 82 ++++++++++++++++++++++-------------- + test/kcapi-convenience.sh | 12 +++--- + test/kcapi-dgst-test.sh | 38 ++++++++--------- + test/kcapi-enc-test-large.sh | 9 ++-- + test/kcapi-enc-test.sh | 44 +++++++++---------- + test/kcapi-fuzz-test.sh | 5 ++- + test/libtest.sh | 71 +++++++++++++++++-------------- + test/test-invocation.sh | 45 +++++++++----------- + test/test-is-local | 0 + test/test.sh | 5 ++- + test/virttest.sh | 7 +-- + 13 files changed, 192 insertions(+), 196 deletions(-) + create mode 100644 test/test-is-local + +diff --git a/Makefile.am b/Makefile.am +index 9bc3c3e..c922f4e 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -108,6 +108,19 @@ bin_kcapi_convenience_SOURCES = test/kcapi-convenience.c + EXTRA_bin_kcapi_convenience_DEPENDENCIES = libtool + + SCAN_FILES += $(bin_kcapi_convenience_SOURCES) ++ ++pkglibexec_PROGRAMS = bin/kcapi bin/kcapi-enc-test-large bin/kcapi-convenience ++ ++pkglibexec_SCRIPTS = test/libtest.sh \ ++ test/test.sh \ ++ test/kcapi-enc-test.sh \ ++ test/kcapi-enc-test-large.sh \ ++ test/kcapi-dgst-test.sh \ ++ test/kcapi-convenience.sh \ ++ test/hasher-test.sh \ ++ test/compile-test.sh \ ++ test/virttest.sh \ ++ test/test-invocation.sh + endif + + if ENABLE_KCAPI_SPEED +diff --git a/test/compile-test.sh b/test/compile-test.sh +index 0568a5e..1205cda 100755 +--- a/test/compile-test.sh ++++ b/test/compile-test.sh +@@ -19,57 +19,16 @@ + # + # This test tries to compile all code and tries to install it + # +-LOCALDIR=$(pwd) +-INSTALLTARGET=$LOCALDIR/tmp-install + +-failures=0 ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-# color -- emit ansi color codes +-color() +-{ +- bg=0 +- echo -ne "\033[0m" +- while [[ $# -gt 0 ]]; do +- code=0 +- case $1 in +- black) code=30 ;; +- red) code=31 ;; +- green) code=32 ;; +- yellow) code=33 ;; +- blue) code=34 ;; +- magenta) code=35 ;; +- cyan) code=36 ;; +- white) code=37 ;; +- background|bg) bg=10 ;; +- foreground|fg) bg=0 ;; +- reset|off|default) code=0 ;; +- bold|bright) code=1 ;; +- esac +- [[ $code == 0 ]] || echo -ne "\033[$(printf "%02d" $((code+bg)))m" +- shift +- done +-} +- +-echo_pass() +-{ +- echo "------------------------------------------------------------------" +- echo $(color "green")[PASSED]$(color off) $@ +- echo "==================================================================" +-} ++if [ "$KCAPI_TEST_LOCAL" -ne 1 ]; then ++ echo "Compile test can only be run in a local test!" ++ exit 1 ++fi + +-echo_fail() +-{ +- echo "------------------------------------------------------------------" +- echo $(color "red")[FAILED: $1]$(color off) $@ +- echo "==================================================================" +-} +- +-echo_deact() +-{ +- echo "------------------------------------------------------------------" +- echo $(color "yellow")[DEACTIVATED: $1]$(color off) $@ +- echo "==================================================================" +-} ++INSTALLTARGET="$(pwd)/tmp-install" + + check_result() + { +@@ -90,7 +49,7 @@ check_result() + trap "rm -rf $INSTALLTARGET; exit" 0 1 2 3 15 + + mkdir -p $INSTALLTARGET +-cd .. ++cd "$DIRNAME/.." + make distclean > /dev/null 2>&1 + ./configure --enable-kcapi-test \ + --enable-kcapi-speed \ +diff --git a/test/hasher-test.sh b/test/hasher-test.sh +index f36897b..c9bc03b 100755 +--- a/test/hasher-test.sh ++++ b/test/hasher-test.sh +@@ -18,29 +18,39 @@ + # DAMAGE. + # + +-. libtest.sh +- +-HASHERBIN="${APPDIR}/kcapi-hasher" +-find_platform $HASHERBIN +- +-function run_hasher() { +- "$HASHERBIN" -n "$@" +-} ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + + SUMHASHER="md5sum sha1sum sha256sum sha384sum sha512sum" + HMACHASHER="sha1hmac sha256hmac sha384hmac sha512hmac" + CHKFILE="${TMPDIR}/chk.$$" + ANOTHER="${TMPDIR}/test.$$" + +-touch $ANOTHER +-trap "rm -f $ANOTHER $CHKFILE" 0 1 2 3 15 ++if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then ++ find_platform kcapi-hasher ++ function run_hasher() { ++ run_app kcapi-hasher -n "$@" ++ } ++else ++ find_platform sha1hmac ++ function run_hasher() { ++ "$@" ++ } + +-if [ ! -e $HASHERBIN ] +-then +- echo "Hasher binary missing" +- exit 1 ++ for hasher in $SUMHASHER $HMACHASHER ++ do ++ binary="$(find_app_binary $hasher)" ++ if [ ! -x "$(command -v "$binary")" ] ++ then ++ echo "Hasher binary $hasher missing" ++ exit 1 ++ fi ++ done + fi + ++touch $ANOTHER ++trap "rm -f $ANOTHER $CHKFILE" 0 1 2 3 15 ++ + for hasher in $SUMHASHER $HMACHASHER + do + >$CHKFILE +@@ -62,7 +72,7 @@ do + fi + + run_hasher $hasher $0 $ANOTHER | sed -E 's/(\w+\s)\s/\1*/' >$CHKFILE +- run_hasher $hasher -q -c $CHKFILE ++ run_hasher $hasher --status -c $CHKFILE + if [ $? -eq 0 ] + then + echo_pass "Parsing checker file with asterisk with $hasher" +@@ -70,7 +80,7 @@ do + echo_fail "Parsing checker file with asterisk (binary mode) with $hasher failed" + fi + +- run_hasher $hasher $0 $ANOTHER | run_hasher $hasher -q -c - ++ run_hasher $hasher $0 $ANOTHER | run_hasher $hasher --status -c - + if [ $? -eq 0 ] + then + echo_pass "Checker file '-' interpretation with $hasher" +@@ -125,24 +135,26 @@ do + run_hasher $hasher --status -c $CHKFILE + [ $? -ne 0 ] && echo_fail "Verification of checker file $CHKFILE with hasher $hasher failed" + +- echo -n 123 >$CHKFILE +- +- a=$(openssl dgst -$hash -hmac 123 $0 | cut -f 2 -d" ") +- b=$(run_hasher $hasher -K 123 $0 | cut -f 1 -d" ") +- c=$(run_hasher $hasher -k $CHKFILE $0 | cut -f 1 -d" ") +- [ x"$a" != x"$b" ] && { +- echo_fail "HMAC calculation for $hasher failed (cmdline key)" +- continue +- } +- [ x"$a" != x"$b" ] && { +- echo_fail "HMAC calculation for $hasher failed (key in regular file)" +- continue +- } +- echo_pass "HMAC calculation for $hasher" ++ if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then ++ echo -n 123 >$CHKFILE ++ ++ a=$(openssl dgst -$hash -hmac 123 $0 | cut -f 2 -d" ") ++ b=$(run_hasher $hasher -K 123 $0 | cut -f 1 -d" ") ++ c=$(run_hasher $hasher -k $CHKFILE $0 | cut -f 1 -d" ") ++ [ x"$a" != x"$b" ] && { ++ echo_fail "HMAC calculation for $hasher failed (cmdline key)" ++ continue ++ } ++ [ x"$a" != x"$b" ] && { ++ echo_fail "HMAC calculation for $hasher failed (key in regular file)" ++ continue ++ } ++ echo_pass "HMAC calculation for $hasher" ++ fi + rm -f $CHKFILE + done + +-for i in $HMACHASHER ++[ "$KCAPI_TEST_LOCAL" -eq 1 ] && for i in $HMACHASHER + do + hasher=$i + hash=${hasher%%hmac} +@@ -320,7 +332,13 @@ function run_kat() { + fi + } + +-for suffix in sum hmac ++if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then ++ KAT_SUFFIXES="sum hmac" ++else ++ KAT_SUFFIXES="hmac" ++fi ++ ++for suffix in $KAT_SUFFIXES + do + run_kat sha1$suffix "RFC 2202, section 3, #1" 0x0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b "Hi There" 0xb617318655057264e28bc0b6fb378c8ef146be00 + run_kat sha1$suffix "RFC 2202, section 3, #2" "Jefe" "what do ya want for nothing?" 0xeffcdf6ae5eb2fa2d27416d5f184df9c259a7c79 +diff --git a/test/kcapi-convenience.sh b/test/kcapi-convenience.sh +index 30f0399..c0090da 100755 +--- a/test/kcapi-convenience.sh ++++ b/test/kcapi-convenience.sh +@@ -18,17 +18,17 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-APP="${APPDIR}/kcapi-convenience" +-find_platform $APP ++find_platform "$KCAPI_TEST_BIN_DIR/kcapi-convenience" + +-$APP ++"$KCAPI_TEST_BIN_DIR/kcapi-convenience" + if [ $? -eq 0 ] + then +- echo_pass "Convenience essage digest operation" ++ echo_pass "Convenience message digest operation" + else +- echo_fail "Convenience essage digest operation" ++ echo_fail "Convenience message digest operation" + fi + + echo "===================================================================" +diff --git a/test/kcapi-dgst-test.sh b/test/kcapi-dgst-test.sh +index b9d41b4..a6af16d 100755 +--- a/test/kcapi-dgst-test.sh ++++ b/test/kcapi-dgst-test.sh +@@ -18,10 +18,10 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-APP="${APPDIR}/kcapi-dgst" +-find_platform $APP ++find_platform kcapi-dgst + TSTPREFIX="${TMPDIR}/kcapi-dgst-testfiles." + KEYFILE_128="${TSTPREFIX}128key" + KEYFILE_256="${TSTPREFIX}256key" +@@ -91,7 +91,7 @@ test_stdin_stdout() + exit 1 + fi + +- $APP -c "sha256" --hex < $ORIGPT > $GENDGST ++ run_app kcapi-dgst -c "sha256" --hex < $ORIGPT > $GENDGST + echo >> $GENDGST + openssl dgst -sha256 $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "STDIN / STDOUT test (hash)" +@@ -100,13 +100,13 @@ test_stdin_stdout() + keysize=$((keysize*8)) + eval opensslkey=\$OPENSSLKEY${keysize} + +- exec 10<$keyfile; $APP --keyfd 10 -c "hmac(sha256)" --hex < $ORIGPT > $GENDGST ++ exec 10<$keyfile; run_app kcapi-dgst --keyfd 10 -c "hmac(sha256)" --hex < $ORIGPT > $GENDGST + echo >> $GENDGST + openssl dgst -sha256 -hmac $opensslkey $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "STDIN / STDOUT test (keyed MD $keysize bits)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" < $ORIGPT > $GENDGST +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" < $ORIGPT > $GENDGST.2 ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" < $ORIGPT > $GENDGST ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" < $ORIGPT > $GENDGST.2 + + diff_file $GENDGST $GENDGST.2 "STDIN / STDOUT test (password)" + } +@@ -121,7 +121,7 @@ test_stdin_fileout() + exit 1 + fi + +- $APP -c "sha256" --hex -o $GENDGST < $ORIGPT ++ run_app kcapi-dgst -c "sha256" --hex -o $GENDGST < $ORIGPT + echo >> $GENDGST + openssl dgst -sha256 $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "STDIN / FILEOUT test (hash)" +@@ -130,13 +130,13 @@ test_stdin_fileout() + keysize=$((keysize*8)) + eval opensslkey=\$OPENSSLKEY${keysize} + +- exec 10<$keyfile; $APP --keyfd 10 -c "hmac(sha256)" --hex -o $GENDGST < $ORIGPT ++ exec 10<$keyfile; run_app kcapi-dgst --keyfd 10 -c "hmac(sha256)" --hex -o $GENDGST < $ORIGPT + echo >> $GENDGST + openssl dgst -sha256 -hmac $opensslkey $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "STDIN / FILEOUT test (keyed MD $keysize bits)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -o $GENDGST < $ORIGPT +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -o $GENDGST.2 < $ORIGPT ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -o $GENDGST < $ORIGPT ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -o $GENDGST.2 < $ORIGPT + + diff_file $GENDGST $GENDGST.2 "STDIN / FILEOUT test (password)" + } +@@ -151,7 +151,7 @@ test_filein_stdout() + exit 1 + fi + +- $APP -c "sha256" --hex -i $ORIGPT > $GENDGST ++ run_app kcapi-dgst -c "sha256" --hex -i $ORIGPT > $GENDGST + echo >> $GENDGST + openssl dgst -sha256 $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "FILEIN / STDOUT test (hash)" +@@ -160,13 +160,13 @@ test_filein_stdout() + keysize=$((keysize*8)) + eval opensslkey=\$OPENSSLKEY${keysize} + +- exec 10<$keyfile; $APP --keyfd 10 -c "hmac(sha256)" --hex -i $ORIGPT > $GENDGST ++ exec 10<$keyfile; run_app kcapi-dgst --keyfd 10 -c "hmac(sha256)" --hex -i $ORIGPT > $GENDGST + echo >> $GENDGST + openssl dgst -sha256 -hmac $opensslkey $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "FILEIN / STDOUT test (keyed MD $keysize bits)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT > $GENDGST +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT > $GENDGST.2 ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT > $GENDGST ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT > $GENDGST.2 + + diff_file $GENDGST $GENDGST.2 "FILEIN / STDOUT test (password)" + } +@@ -183,7 +183,7 @@ test_filein_fileout() + exit 1 + fi + +- $APP -c "sha256" --hex -i $ORIGPT -o $GENDGST ++ run_app kcapi-dgst -c "sha256" --hex -i $ORIGPT -o $GENDGST + echo >> $GENDGST + openssl dgst -sha256 $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "FILEIN / FILEOUT test (hash)" +@@ -192,13 +192,13 @@ test_filein_fileout() + keysize=$((keysize*8)) + eval opensslkey=\$OPENSSLKEY${keysize} + +- exec 10<$keyfile; $APP --keyfd 10 -c "hmac(sha256)" --hex -i $ORIGPT -o $GENDGST ++ exec 10<$keyfile; run_app kcapi-dgst --keyfd 10 -c "hmac(sha256)" --hex -i $ORIGPT -o $GENDGST + echo >> $GENDGST + openssl dgst -sha256 -hmac $opensslkey $ORIGPT | awk 'BEGIN {FS="= "} {print $2}' > $GENDGST.openssl + diff_file $GENDGST $GENDGST.openssl "FILEIN / FILEOUT test (keyed MD $keysize bits)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT -o $GENDGST +- $APP -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT -o $GENDGST.2 ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT -o $GENDGST ++ run_app kcapi-dgst -q --pbkdfiter 1000 -p "passwd" -s $SALT -c "hmac(sha256)" -i $ORIGPT -o $GENDGST.2 + + diff_file $GENDGST $GENDGST.2 "FILEIN / FILEOUT test (password)" + } +diff --git a/test/kcapi-enc-test-large.sh b/test/kcapi-enc-test-large.sh +index 7d45ef3..4dd5a0a 100755 +--- a/test/kcapi-enc-test-large.sh ++++ b/test/kcapi-enc-test-large.sh +@@ -18,17 +18,18 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + + if ! $(check_min_kernelver 4 14); then + echo_deact "Large encryption operation" + exit 0 + fi + +-APP="${APPDIR}/kcapi-enc-test-large" +-find_platform $APP ++APP="$KCAPI_TEST_BIN_DIR/kcapi-enc-test-large" ++find_platform "$APP" + +-$APP ++"$APP" + if [ $? -eq 0 ] + then + echo_pass "Large encryption operation" +diff --git a/test/kcapi-enc-test.sh b/test/kcapi-enc-test.sh +index c7c5ebb..a5db04c 100755 +--- a/test/kcapi-enc-test.sh ++++ b/test/kcapi-enc-test.sh +@@ -18,10 +18,10 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-APP="${APPDIR}/kcapi-enc" +-find_platform $APP ++find_platform kcapi-enc + TSTPREFIX="${TMPDIR}/kcapi-enc-testfiles." + KEYFILE_AES128="${TSTPREFIX}aes128key" + KEYFILE_AES256="${TSTPREFIX}aes256key" +@@ -151,8 +151,8 @@ test_stdin_stdout() + local keysize=$(stat -c %s $keyfile) + keysize=$((keysize*8)) + +- exec 10<$keyfile; $APP --keyfd 10 -e -c "ctr(aes)" --iv $IV < $ORIGPT > $GENCT +- exec 10<$keyfile; $APP --keyfd 10 -d -c "ctr(aes)" --iv $IV < $GENCT > $GENPT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -e -c "ctr(aes)" --iv $IV < $ORIGPT > $GENCT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -d -c "ctr(aes)" --iv $IV < $GENCT > $GENPT + + diff_file $ORIGPT $GENPT "STDIN / STDOUT enc test ($keysize bits)" + +@@ -163,8 +163,8 @@ test_stdin_stdout() + diff_file $GENCT $GENCT.openssl "STDIN / STDOUT enc test ($keysize bits) (openssl generated CT)" + diff_file $GENPT $GENPT.openssl "STDIN / STDOUT enc test ($keysize bits) (openssl generated PT)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV < $ORIGPT > $GENCT +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV < $GENCT > $GENPT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV < $ORIGPT > $GENCT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV < $GENCT > $GENPT + + diff_file $ORIGPT $GENPT "STDIN / STDOUT enc test (password)" + } +@@ -183,8 +183,8 @@ test_stdin_fileout() + local keysize=$(stat -c %s $keyfile) + keysize=$((keysize*8)) + +- exec 10<$keyfile; $APP --keyfd 10 -e -c "ctr(aes)" --iv $IV -o $GENCT < $ORIGPT +- exec 10<$keyfile; $APP --keyfd 10 -d -c "ctr(aes)" --iv $IV -o $GENPT < $GENCT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -e -c "ctr(aes)" --iv $IV -o $GENCT < $ORIGPT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -d -c "ctr(aes)" --iv $IV -o $GENPT < $GENCT + + diff_file $ORIGPT $GENPT "STDIN / FILEOUT test ($keysize bits)" + +@@ -195,8 +195,8 @@ test_stdin_fileout() + diff_file $GENCT $GENCT.openssl "STDIN / FILEOUT enc test ($keysize bits) (openssl generated CT)" + diff_file $GENPT $GENPT.openssl "STDIN / FILEOUT enc test ($keysize bits) (openssl generated PT)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV -o $GENCT < $ORIGPT +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV -o $GENPT < $GENCT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV -o $GENCT < $ORIGPT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV -o $GENPT < $GENCT + + diff_file $ORIGPT $GENPT "STDIN / FILEOUT enc test (password)" + } +@@ -215,8 +215,8 @@ test_filein_stdout() + local keysize=$(stat -c %s $keyfile) + keysize=$((keysize*8)) + +- exec 10<$keyfile; $APP --keyfd 10 -e -c "ctr(aes)" --iv $IV -i $ORIGPT > $GENCT +- exec 10<$keyfile; $APP --keyfd 10 -d -c "ctr(aes)" --iv $IV -i $GENCT > $GENPT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -e -c "ctr(aes)" --iv $IV -i $ORIGPT > $GENCT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -d -c "ctr(aes)" --iv $IV -i $GENCT > $GENPT + + diff_file $ORIGPT $GENPT "FILEIN / STDOUT enc test ($keysize bits)" + +@@ -227,8 +227,8 @@ test_filein_stdout() + diff_file $GENCT $GENCT.openssl "FILEIN / STDOUT enc test ($keysize bits) (openssl generated CT)" + diff_file $GENPT $GENPT.openssl "FILEIN / STDOUT enc test ($keysize bits) (openssl generated PT)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV -i $ORIGPT > $GENCT +- $APP -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV -i $GENCT > $GENPT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -e -c "ctr(aes)" --iv $IV -i $ORIGPT > $GENCT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s $IV -d -c "ctr(aes)" --iv $IV -i $GENCT > $GENPT + + diff_file $ORIGPT $GENPT "FILEIN / STDOUT enc test (password)" + } +@@ -248,8 +248,8 @@ test_filein_fileout() + keysize=$((keysize*8)) + + +- exec 10<$keyfile; $APP --keyfd 10 -e -c "cbc(aes)" --iv $IV -i $ORIGPT -o $GENCT +- exec 10<$keyfile; $APP --keyfd 10 -d -c "cbc(aes)" --iv $IV -i $GENCT -o $GENPT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -e -c "cbc(aes)" --iv $IV -i $ORIGPT -o $GENCT ++ exec 10<$keyfile; run_app kcapi-enc --keyfd 10 -d -c "cbc(aes)" --iv $IV -i $GENCT -o $GENPT + + diff_file $ORIGPT $GENPT "FILEIN / FILEOUT enc test ($keysize bits)" + +@@ -269,8 +269,8 @@ test_filein_fileout() + diff_file $GENCT $GENCT.openssl "FILEIN / FILEOUT enc test ($keysize bits) (openssl generated CT)" + diff_file $GENPT $GENPT.openssl "FILEIN / FILEOUT enc test ($keysize bits) (openssl generated PT)" + +- $APP -q --pbkdfiter 1000 -p "passwd" -s "123" -e -c "cbc(aes)" --iv $IV -i $ORIGPT -o $GENCT +- $APP -q --pbkdfiter 1000 -p "passwd" -s "123" -d -c "cbc(aes)" --iv $IV -i $GENCT -o $GENPT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s "123" -e -c "cbc(aes)" --iv $IV -i $ORIGPT -o $GENCT ++ run_app kcapi-enc -q --pbkdfiter 1000 -p "passwd" -s "123" -d -c "cbc(aes)" --iv $IV -i $GENCT -o $GENPT + + diff_file $ORIGPT $GENPT "FILEIN / FILEOUT enc test (password)" + } +@@ -281,7 +281,7 @@ test_ccm_dec() + + aadlen=$(($aadlen/2)) + +- exec 10<${TSTPREFIX}ccm_key; $APP --keyfd 10 -d -c "ccm(aes)" -i ${TSTPREFIX}ccm_msg -o ${TSTPREFIX}ccm_out --ccm-nonce $CCM_NONCE --aad $CCM_AAD --tag $CCM_TAG ++ exec 10<${TSTPREFIX}ccm_key; run_app kcapi-enc --keyfd 10 -d -c "ccm(aes)" -i ${TSTPREFIX}ccm_msg -o ${TSTPREFIX}ccm_out --ccm-nonce $CCM_NONCE --aad $CCM_AAD --tag $CCM_TAG + local hexret=$(bin2hex_noaad ${TSTPREFIX}ccm_out $aadlen) + + if [ x"$hexret" != x"$CCM_EXP" ] +@@ -291,7 +291,7 @@ test_ccm_dec() + echo_pass_local "FILEIN / FILEOUT CCM decrypt" + fi + +- exec 10<${TSTPREFIX}ccm_key; $APP --keyfd 10 -d -c "ccm(aes)" -i ${TSTPREFIX}ccm_msg -o ${TSTPREFIX}ccm_out --ccm-nonce $CCM_NONCE --aad $CCM_AAD --tag $CCM_TAG_FAIL -q ++ exec 10<${TSTPREFIX}ccm_key; run_app kcapi-enc --keyfd 10 -d -c "ccm(aes)" -i ${TSTPREFIX}ccm_msg -o ${TSTPREFIX}ccm_out --ccm-nonce $CCM_NONCE --aad $CCM_AAD --tag $CCM_TAG_FAIL -q + + # 182 == -EBADMSG + if [ $? -eq 182 ] +@@ -308,7 +308,7 @@ test_gcm_enc() + + aadlen=$(($aadlen/2)) + +- exec 10<${TSTPREFIX}gcm_key; $APP --keyfd 10 -e -c "gcm(aes)" -i ${TSTPREFIX}gcm_msg -o ${TSTPREFIX}gcm_out --iv $GCM_IV --aad $GCM_AAD --taglen $GCM_TAGLEN ++ exec 10<${TSTPREFIX}gcm_key; run_app kcapi-enc --keyfd 10 -e -c "gcm(aes)" -i ${TSTPREFIX}gcm_msg -o ${TSTPREFIX}gcm_out --iv $GCM_IV --aad $GCM_AAD --taglen $GCM_TAGLEN + local hexret=$(bin2hex_noaad ${TSTPREFIX}gcm_out $aadlen) + + if [ x"$hexret" != x"$GCM_EXP" ] +diff --git a/test/kcapi-fuzz-test.sh b/test/kcapi-fuzz-test.sh +index 2d7b8bd..9eacec9 100755 +--- a/test/kcapi-fuzz-test.sh ++++ b/test/kcapi-fuzz-test.sh +@@ -18,9 +18,10 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-KCAPI="${APPDIR}/kcapi" ++KCAPI="$KCAPI_TEST_BIN_DIR/kcapi" + find_platform $KCAPI + + ROUNDS=100 +diff --git a/test/libtest.sh b/test/libtest.sh +index 2a90d91..4a90a00 100644 +--- a/test/libtest.sh ++++ b/test/libtest.sh +@@ -23,12 +23,45 @@ + ##################################################################### + # Common functions + ##################################################################### +-# color -- emit ansi color codes ++ ++DIRNAME="$(dirname "$0")" ++ ++# Allow overriding default value: ++if [ -e "$DIRNAME/test-is-local" ]; then ++ KCAPI_TEST_LOCAL=${KCAPI_TEST_LOCAL:-1} ++else ++ KCAPI_TEST_LOCAL=${KCAPI_TEST_LOCAL:-0} ++fi ++ ++if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then ++ run_app() ++ { ++ local appname="$1"; shift ++ ++ "$DIRNAME/../bin/$appname" "$@" ++ } ++ find_app_binary() ++ { ++ echo -n "$(dirname "$1")/.libs/$(basename "$1")" ++ } ++ KCAPI_TEST_BIN_DIR="$DIRNAME/../bin" ++else ++ run_app() ++ { ++ "$@" ++ } ++ find_app_binary() ++ { ++ echo -n "$1" ++ } ++ KCAPI_TEST_BIN_DIR="$DIRNAME" ++fi + + failures=0 + PLATFORM="unknown wordsize" + KERNVER=$(uname -r) + ++# color -- emit ansi color codes + color() + { + bg=0 +@@ -70,30 +103,15 @@ echo_deact() + echo $(color "yellow")[DEACTIVATED: $PLATFORM - $KERNVER]$(color off) $@ + } + +-get_binlocation() +-{ +- local app=$1 +- local binlocation="$(dirname $app)/.libs/$(basename $app)" +- echo $binlocation +-} +- + find_platform() + { + local app=$1 +- +- if [ ! -x "$app" ] +- then +- echo_fail "Application binary $app not found" +- exit 1 +- fi +- +- local binlocation=$(get_binlocation $app) +- if [ -x "$binlocation" ] ++ local binlocation="$(find_app_binary $app)" ++ if ! [ -x "$binlocation" ] + then +- PLATFORM=$(file $binlocation | cut -d" " -f 3) +- else +- PLATFORM=$(file $app | cut -d" " -f 3) ++ binlocation="$app" + fi ++ PLATFORM=$(file "$binlocation" | cut -d" " -f 3) + } + + # check whether a given kernel version is present +@@ -113,21 +131,10 @@ check_min_kernelver() { + ##################################################################### + # Common variables + ##################################################################### +-# Location of apps +-APPDIR="../bin" +-if [ ! -d $APPDIR ] +-then +- APPDIR="../bin" +-fi +-if [ ! -d $APPDIR ] +-then +- echo_fail "No appdir found" +- exit 1 +-fi + + # Storage location of temp files + TMPDIR="/var/tmp" + if [ ! -d $TMPDIR ] + then +- TMPD="." ++ TMPDIR="." + fi +diff --git a/test/test-invocation.sh b/test/test-invocation.sh +index 7106c3c..73c1f67 100755 +--- a/test/test-invocation.sh ++++ b/test/test-invocation.sh +@@ -18,49 +18,49 @@ + # DAMAGE. + # + +-DIR=$(dirname $0) +-cd $DIR ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + + COMPILE_OPTS="--enable-kcapi-test --enable-kcapi-encapp --enable-kcapi-hasher --enable-kcapi-dgstapp --enable-kcapi-rngapp --enable-lib-kpp --enable-lib-asym" + + exec_test() + { +- ${DIR}/test.sh ++ "$DIRNAME/test.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +- ${DIR}/kcapi-enc-test.sh ++ "$DIRNAME/kcapi-enc-test.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +- ${DIR}/kcapi-dgst-test.sh ++ "$DIRNAME/kcapi-dgst-test.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +- ${DIR}/hasher-test.sh ++ "$DIRNAME/hasher-test.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +- ${DIR}/kcapi-enc-test-large.sh ++ "$DIRNAME/kcapi-enc-test-large.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +- ${DIR}/kcapi-convenience.sh ++ "$DIRNAME/kcapi-convenience.sh" + ret=$? + if [ $ret -ne 0 ] + then +@@ -70,7 +70,7 @@ exec_test() + # Run optionally. + if [ ! -z "$ENABLE_FUZZ_TEST" ] + then +- ${DIR}/kcapi-fuzz-test.sh ++ "$DIRNAME/kcapi-fuzz-test.sh" + ret=$? + if [ $ret -ne 0 ] + then +@@ -81,7 +81,7 @@ exec_test() + # Only execute on bare metal + if ! dmesg | grep -i Hypervisor | grep -q -i detected + then +- ${DIR}/virttest.sh ++ "$DIRNAME/virttest.sh" + ret=$? + if [ $ret -ne 0 ] + then +@@ -91,51 +91,46 @@ exec_test() + } + + # Only execute tests without compilation on virtual environment +-if mount | grep -q "9p2000" ++if [ "$KCAPI_TEST_LOCAL" -ne 1 ] || mount | grep -q "9p2000" + then + exec_test + exit 0 + fi + + # default invocation +-CWD=$(pwd) +-cd .. +-./configure $COMPILE_OPTS +-make ++(cd "$DIRNAME/.." && ./configure $COMPILE_OPTS && make) + if [ $? -ne 0 ] + then + echo "Compilation failure" + exit 1 + fi +-cd $CWD + exec_test + +-${DIR}/compile-test.sh ++"$DIRNAME/compile-test.sh" + ret=$? + if [ $ret -ne 0 ] + then + exit $ret + fi + +-cd .. +- +-make distclean > /dev/null 2>&1 ++(cd "$DIRNAME/.." && make distclean > /dev/null 2>&1) + + # if we are on 64 bit system, test 32 bit alternative mode, + # except is has been disabled explicitly. + if $(uname -m | grep -q "x86_64") && [ -z "$NO_32BIT_TEST" ] + then +- LDFLAGS=-m32 CFLAGS=-m32 ./configure $COMPILE_OPTS +- make ++ ( ++ cd "$DIRNAME/.." && \ ++ LDFLAGS=-m32 CFLAGS=-m32 ./configure $COMPILE_OPTS && \ ++ make ++ ) + if [ $? -ne 0 ] + then + echo "32 bit compilation failure" + exit 1 + fi +- cd $CWD + exec_test +- cd .. +- make distclean > /dev/null 2>&1 ++ (cd "$DIRNAME/.." && make distclean > /dev/null 2>&1) + fi + + exit 0 +diff --git a/test/test-is-local b/test/test-is-local +new file mode 100644 +index 0000000..e69de29 +diff --git a/test/test.sh b/test/test.sh +index 6523a4a..d39b146 100755 +--- a/test/test.sh ++++ b/test/test.sh +@@ -18,9 +18,10 @@ + # DAMAGE. + # + +-. ./libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + +-KCAPI="${APPDIR}/kcapi" ++KCAPI="$KCAPI_TEST_BIN_DIR/kcapi" + find_platform $KCAPI + + HASH_name_1="cmac(des3_ede)" +diff --git a/test/virttest.sh b/test/virttest.sh +index c4a5c01..64c5d22 100755 +--- a/test/virttest.sh ++++ b/test/virttest.sh +@@ -18,7 +18,8 @@ + # DAMAGE. + # + +-. libtest.sh ++DIRNAME="$(dirname "$0")" ++. "$DIRNAME/libtest.sh" + + ################################################################### + # Test configuration - may be changed +@@ -48,8 +49,8 @@ TESTKERNELS="linux-4.17 linux-4.13 linux-4.12 linux-4.10 linux-4.7 linux-4.5 lin + ################################################################### + # General variables - do not change + ################################################################### +-SCRIPT="$(pwd)/test-invocation.sh" +-EUDYPTULA="${HOME}/bin/eudyptula-boot" ++SCRIPT="$DIRNAME/test-invocation.sh" ++EUDYPTULA="${EUDYPTULA:-"${HOME}/bin/eudyptula-boot"}" + + ################################################################### + # Code - do not change + +From c7707ad1ddcbaa6f6722862cb4de9d3a3ea133b5 Mon Sep 17 00:00:00 2001 +From: Ondrej Mosnacek +Date: Tue, 7 Aug 2018 18:43:08 +0200 +Subject: [PATCH 3/3] test: Fix platform detection + +--- + test/libtest.sh | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +diff --git a/test/libtest.sh b/test/libtest.sh +index 4a90a00..67be2d1 100644 +--- a/test/libtest.sh ++++ b/test/libtest.sh +@@ -34,11 +34,15 @@ else + fi + + if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then ++ get_app_path() ++ { ++ echo -n "$DIRNAME/../bin/$1" ++ } + run_app() + { + local appname="$1"; shift + +- "$DIRNAME/../bin/$appname" "$@" ++ "$(get_app_path "$appname")" "$@" + } + find_app_binary() + { +@@ -46,6 +50,10 @@ if [ "$KCAPI_TEST_LOCAL" -eq 1 ]; then + } + KCAPI_TEST_BIN_DIR="$DIRNAME/../bin" + else ++ get_app_path() ++ { ++ command -v "$1" ++ } + run_app() + { + "$@" +@@ -105,7 +113,7 @@ echo_deact() + + find_platform() + { +- local app=$1 ++ local app="$(get_app_path "$1")" + local binlocation="$(find_app_binary $app)" + if ! [ -x "$binlocation" ] + then diff --git a/libkcapi.spec b/libkcapi.spec index 04ea48a..b860f09 100644 --- a/libkcapi.spec +++ b/libkcapi.spec @@ -92,7 +92,7 @@ bin/kcapi-hasher -n fipshmac -d "$lib_path"/fipscheck \\\ Name: libkcapi Version: %{vmajor}.%{vminor}.%{vpatch} -Release: 11%{?dist} +Release: 12%{?dist} Summary: User space interface to the Linux Kernel Crypto API License: BSD or GPLv2 @@ -109,6 +109,7 @@ Patch5: %{giturl}/compare/decf850ab9bb...ec9c36216623.patch#/%{name}-1.1 Patch6: %{giturl}/compare/4a1a30f75e70...c9ed6b2c0702.patch#/%{name}-1.1.1-Coverity_PR_follow-up.patch Patch7: %{giturl}/pull/68.patch#/%{name}-1.1.1-test_Fix_AEAD_fuzz_test_for_big-endian_archs.patch Patch8: %{giturl}/pull/70.patch#/%{name}-1.1.1-lib_Fix_kcapi_handle_destroy_closing_FD_0.patch +Patch9: %{giturl}/pull/71.patch#/%{name}-1.1.1-test_Allow_running_tests_outside_of_build_environment.patch BuildRequires: clang BuildRequires: coreutils @@ -227,6 +228,14 @@ tools to use message digests, symmetric ciphers and random number generators implemented in the Linux kernel from command line. +%package tests +Summary: Testing scripts for the %{name} package +Requires: %{name}-tools%{?_isa} == %{version}-%{release} + +%description tests +Auxiliary scripts for testing %{name}. + + %prep %autosetup -p 1 -S git @@ -421,7 +430,14 @@ popd %{_mandir}/man1/kcapi*.1.* +%files tests +%{_libexecdir}/%{name}/* + + %changelog +* Tue Aug 07 2018 Ondrej Mosnáček - 1.1.1-12 +- Produce a subpackage with test scripts + * Wed Aug 01 2018 Ondrej Mosnáček - 1.1.1-11 - Add patch to fix unwanted closing of FD 0