diff options
author | Miloslav Trmač <mitr@redhat.com> | 2010-08-18 03:42:55 +0200 |
---|---|---|
committer | Miloslav Trmač <mitr@redhat.com> | 2010-08-24 22:52:39 +0200 |
commit | 2c51dc1a549816a34cb78230bf656537ecd21961 (patch) | |
tree | ef746b51a12d651384b4ae87db677630db4e578a | |
parent | 491fc6dd6fff9b4d9676e03189ae76538184b51d (diff) | |
download | cryptodev-linux-2c51dc1a549816a34cb78230bf656537ecd21961.tar.gz cryptodev-linux-2c51dc1a549816a34cb78230bf656537ecd21961.tar.xz cryptodev-linux-2c51dc1a549816a34cb78230bf656537ecd21961.zip |
Convert *_KEY_GENERATE
-rw-r--r-- | examples/ncr.c | 54 | ||||
-rw-r--r-- | examples/speed.c | 30 | ||||
-rw-r--r-- | ncr-int.h | 3 | ||||
-rw-r--r-- | ncr-key.c | 33 | ||||
-rw-r--r-- | ncr.c | 24 | ||||
-rw-r--r-- | ncr.h | 8 |
6 files changed, 115 insertions, 37 deletions
diff --git a/examples/ncr.c b/examples/ncr.c index 8b33206..568b63c 100644 --- a/examples/ncr.c +++ b/examples/ncr.c @@ -13,11 +13,15 @@ #include <sys/ioctl.h> #include <sys/types.h> #include <sys/stat.h> +#include <sys/socket.h> +#include <linux/netlink.h> #include "../ncr.h" #include <stdlib.h> #define DATA_SIZE 4096 +#define ALIGN_NL __attribute__((aligned(NLA_ALIGNTO))) + static void randomize_data(uint8_t * data, size_t data_size) { int i; @@ -33,7 +37,15 @@ int i; static int test_ncr_key(int cfd) { - struct ncr_key_generate_st kgen; + struct __attribute__((packed)) { + struct ncr_key_generate f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr flags_head ALIGN_NL; + uint32_t flags ALIGN_NL; + struct nlattr bits_head ALIGN_NL; + uint32_t bits ALIGN_NL; + } kgen; ncr_key_t key; struct ncr_key_data_st keydata; uint8_t data[KEY_DATA_SIZE]; @@ -120,14 +132,22 @@ test_ncr_key(int cfd) return 1; } - kgen.desc = key; - kgen.params.algorithm = NCR_ALG_AES_CBC; - kgen.params.keyflags = NCR_KEY_FLAG_EXPORTABLE; - kgen.params.params.secret.bits = 128; /* 16 bytes */ - + memset(&kgen.f, 0, sizeof(kgen.f)); + kgen.f.input_size = sizeof(kgen); + kgen.f.key = key; + kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); + kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; + kgen.algo = NCR_ALG_AES_CBC; + kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); + kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; + kgen.flags = NCR_KEY_FLAG_EXPORTABLE; + kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); + kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; + kgen.bits = 128; /* 16 bytes */ + if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); + perror("ioctl(NCRIO_KEY_GENERATE)"); return 1; } @@ -171,13 +191,21 @@ test_ncr_key(int cfd) return 1; } - kgen.desc = key; - kgen.params.algorithm = NCR_ALG_AES_CBC; - kgen.params.keyflags = 0; - kgen.params.params.secret.bits = 128; /* 16 bytes */ - + memset(&kgen.f, 0, sizeof(kgen.f)); + kgen.f.input_size = sizeof(kgen); + kgen.f.key = key; + kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); + kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; + kgen.algo = NCR_ALG_AES_CBC; + kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); + kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; + kgen.flags = 0; + kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); + kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; + kgen.bits = 128; /* 16 bytes */ + if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { - perror("ioctl(NCRIO_KEY_IMPORT)"); + perror("ioctl(NCRIO_KEY_GENERATE)"); return 1; } diff --git a/examples/speed.c b/examples/speed.c index 6227cad..9c2e8b8 100644 --- a/examples/speed.c +++ b/examples/speed.c @@ -17,6 +17,7 @@ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA */ #include <fcntl.h> +#include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> @@ -24,10 +25,14 @@ #include <sys/time.h> #include <sys/types.h> #include <sys/stat.h> +#include <sys/socket.h> #include <signal.h> #include <unistd.h> +#include <linux/netlink.h> #include "../ncr.h" +#define ALIGN_NL __attribute__((aligned(NLA_ALIGNTO))) + static double udifftimeval(struct timeval start, struct timeval end) { return (double)(end.tv_usec - start.tv_usec) + @@ -76,7 +81,13 @@ int encrypt_data_ncr_direct(int cfd, int algo, int chunksize) double secs, ddata, dspeed; char metric[16]; ncr_key_t key; - struct ncr_key_generate_st kgen; + struct __attribute__((packed)) { + struct ncr_key_generate f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr bits_head ALIGN_NL; + uint32_t bits ALIGN_NL; + } kgen; struct ncr_session_once_op_st nop; key = ioctl(cfd, NCRIO_KEY_INIT); @@ -86,14 +97,19 @@ int encrypt_data_ncr_direct(int cfd, int algo, int chunksize) return 1; } - kgen.desc = key; - kgen.params.algorithm = NCR_ALG_AES_CBC; - kgen.params.keyflags = NCR_KEY_FLAG_EXPORTABLE; - kgen.params.params.secret.bits = 128; /* 16 bytes */ - + memset(&kgen.f, 0, sizeof(kgen.f)); + kgen.f.input_size = sizeof(kgen); + kgen.f.key = key; + kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); + kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; + kgen.algo = NCR_ALG_AES_CBC; + kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); + kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; + kgen.bits = 128; /* 16 bytes */ + if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); + perror("ioctl(NCRIO_KEY_GENERATE)"); return 1; } @@ -122,7 +122,8 @@ int ncr_key_deinit(struct ncr_lists *lst, void __user* arg); int ncr_key_export(struct ncr_lists *lst, void __user* arg); int ncr_key_import(struct ncr_lists *lst, void __user* arg); void ncr_key_list_deinit(struct ncr_lists *lst); -int ncr_key_generate(struct ncr_lists *lst, void __user* arg); +int ncr_key_generate(struct ncr_lists *lst, const struct ncr_key_generate *gen, + struct nlattr *tb[]); int ncr_key_info(struct ncr_lists *lst, void __user* arg); int ncr_key_generate_pair(struct ncr_lists *lst, void __user* arg); @@ -28,6 +28,7 @@ #include <linux/random.h> #include <linux/uaccess.h> #include <linux/scatterlist.h> +#include <net/netlink.h> #include "ncr.h" #include "ncr-int.h" @@ -423,20 +424,16 @@ void ncr_key_clear(struct key_item_st* item) /* Generate a secret key */ -int ncr_key_generate(struct ncr_lists *lst, void __user* arg) +int ncr_key_generate(struct ncr_lists *lst, const struct ncr_key_generate *gen, + struct nlattr *tb[]) { -struct ncr_key_generate_st gen; +const struct nlattr *nla; struct key_item_st* item = NULL; const struct algo_properties_st *algo; int ret; size_t size; - if (unlikely(copy_from_user(&gen, arg, sizeof(gen)))) { - err(); - return -EFAULT; - } - - ret = ncr_key_item_get_write( &item, lst, gen.desc); + ret = ncr_key_item_get_write(&item, lst, gen->key); if (ret < 0) { err(); return ret; @@ -445,9 +442,11 @@ size_t size; ncr_key_clear(item); /* we generate only secret keys */ - ncr_key_assign_flags(item, gen.params.keyflags); + nla = tb[NCR_ATTR_KEY_FLAGS]; + if (nla != NULL) + ncr_key_assign_flags(item, nla_get_u32(nla)); - algo = _ncr_algo_to_properties(gen.params.algorithm); + algo = _ncr_nla_to_properties(tb[NCR_ATTR_ALGORITHM]); if (algo == NULL) { err(); ret = -EINVAL; @@ -455,11 +454,19 @@ size_t size; } item->type = algo->key_type; if (item->type == NCR_KEY_TYPE_SECRET) { + u32 key_bits; + item->algorithm = algo; - size = gen.params.params.secret.bits/8; - if ((gen.params.params.secret.bits % 8 != 0) || - (size > NCR_CIPHER_MAX_KEY_LEN)) { + nla = tb[NCR_ATTR_SECRET_KEY_BITS]; + if (nla == NULL) { + err(); + ret = -EINVAL; + goto fail; + } + key_bits = nla_get_u32(nla); + size = key_bits / 8; + if (key_bits % 8 != 0 || size > NCR_CIPHER_MAX_KEY_LEN) { err(); ret = -EINVAL; goto fail; @@ -34,6 +34,7 @@ #include <linux/capability.h> #include "ncr.h" #include "ncr-int.h" +#include "utils.h" #include <linux/workqueue.h> /* This is the master wrapping key for storage of keys @@ -120,17 +121,32 @@ int ncr_ioctl(struct ncr_lists *lst, unsigned int cmd, unsigned long arg_) { void __user *arg = (void __user *)arg_; + struct nlattr *tb[NCR_ATTR_MAX + 1]; + void *attr_buf; + int ret; if (unlikely(!lst)) BUG(); switch (cmd) { +#define CASE_NO_OUTPUT(LABEL, STRUCT, FUNCTION) \ + case (LABEL): { \ + struct STRUCT data; \ + \ + attr_buf = NCR_GET_INPUT_ARGS_NO_OUTPUT(&data, tb, arg); \ + if (IS_ERR(attr_buf)) { \ + err(); \ + return PTR_ERR(attr_buf); \ + } \ + ret = (FUNCTION)(lst, &data, tb); \ + break; \ + } + case NCRIO_KEY_INIT: return ncr_key_init(lst); + CASE_NO_OUTPUT(NCRIO_KEY_GENERATE, ncr_key_generate, ncr_key_generate); case NCRIO_KEY_DEINIT: return ncr_key_deinit(lst, arg); - case NCRIO_KEY_GENERATE: - return ncr_key_generate(lst, arg); case NCRIO_KEY_EXPORT: return ncr_key_export(lst, arg); case NCRIO_KEY_IMPORT: @@ -162,7 +178,10 @@ ncr_ioctl(struct ncr_lists *lst, unsigned int cmd, unsigned long arg_) return ncr_key_derive(lst, arg); default: return -EINVAL; +#undef CASE_NO_OUTPUT } + kfree(attr_buf); + return ret; } #ifdef CONFIG_COMPAT @@ -174,6 +193,7 @@ ncr_compat_ioctl(struct ncr_lists *lst, unsigned int cmd, unsigned long arg_) switch (cmd) { case NCRIO_KEY_INIT: + case NCRIO_KEY_GENERATE: return ncr_ioctl(lst, cmd, arg_); default: return -EINVAL; @@ -148,6 +148,12 @@ struct ncr_key_generate_st { struct ncr_key_generate_params_st params; }; +struct ncr_key_generate { + __u32 input_size, output_size; + ncr_key_t key; + __NL_ATTRIBUTES; +}; + typedef enum { RSA_PKCS1_V1_5, /* both signatures and encryption */ RSA_PKCS1_OAEP, /* for encryption only */ @@ -224,7 +230,7 @@ struct ncr_key_data_st { #define NCRIO_KEY_INIT _IO('c', 204) /* generate a secret key */ -#define NCRIO_KEY_GENERATE _IOR ('c', 205, struct ncr_key_generate_st) +#define NCRIO_KEY_GENERATE _IOWR('c', 205, struct ncr_key_generate) /* generate a public key pair */ #define NCRIO_KEY_GENERATE_PAIR _IOR ('c', 206, struct ncr_key_generate_st) /* derive a new key from an old one */ |