Replace ncr_wrap_algorithm_t by NLA_NUL_STRING

5 files changed, 29 insertions, 40 deletions

diff --git a/examples/ncr.c b/examples/ncr.c
index a9b0cea..343208e 100644
--- a/examples/ncr.c
+++ b/examples/ncr.c
@@ -369,12 +369,12 @@ test_ncr_wrap_key(int cfd)
 	struct __attribute__((packed)) {
 		struct ncr_key_wrap f;
 		struct nlattr algo_head ALIGN_NL;
-		uint32_t algo ALIGN_NL;
+		char algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL;
 	} kwrap;
 	struct __attribute__((packed)) {
 		struct ncr_key_unwrap f;
 		struct nlattr wrap_algo_head ALIGN_NL;
-		uint32_t wrap_algo ALIGN_NL;
+		char wrap_algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL;
 		struct nlattr algo_head ALIGN_NL;
 		char algo[sizeof(ALG_AES_CBC)] ALIGN_NL;
 	} kunwrap;
@@ -464,7 +464,7 @@ test_ncr_wrap_key(int cfd)
 	kwrap.f.buffer_size = sizeof(data);
 	kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo);
 	kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM;
-	kwrap.algo = NCR_WALG_AES_RFC3394;
+	strcpy(kwrap.algo, NCR_WALG_AES_RFC3394);
 
 	data_size = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap);
 	if (geteuid() == 0 && data_size < 0) {
@@ -513,7 +513,7 @@ test_ncr_wrap_key(int cfd)
 	kunwrap.f.data_size = data_size;
 	kunwrap.wrap_algo_head.nla_len = NLA_HDRLEN + sizeof(kunwrap.wrap_algo);
 	kunwrap.wrap_algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM;
-	kunwrap.wrap_algo = NCR_WALG_AES_RFC3394;
+	strcpy(kunwrap.wrap_algo, NCR_WALG_AES_RFC3394);
 	kunwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kunwrap.algo);
 	kunwrap.algo_head.nla_type = NCR_ATTR_ALGORITHM;
 	strcpy(kunwrap.algo, ALG_AES_CBC);
@@ -579,7 +579,7 @@ test_ncr_wrap_key2(int cfd)
 	struct __attribute__((packed)) {
 		struct ncr_key_wrap f;
 		struct nlattr algo_head ALIGN_NL;
-		uint32_t algo ALIGN_NL;
+		char algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL;
 	} kwrap;
 	uint8_t data[WRAPPED_KEY_DATA_SIZE];
 
@@ -667,7 +667,7 @@ test_ncr_wrap_key2(int cfd)
 	kwrap.f.buffer_size = sizeof(data);
 	kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo);
 	kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM;
-	kwrap.algo = NCR_WALG_AES_RFC3394;
+	strcpy(kwrap.algo, NCR_WALG_AES_RFC3394);
 
 	ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap);
 	if (ret < 0) {
diff --git a/examples/pk.c b/examples/pk.c
index 599f396..1db7aaf 100644
--- a/examples/pk.c
+++ b/examples/pk.c
@@ -618,12 +618,12 @@ test_ncr_wrap_key3(int cfd)
 	struct __attribute__((packed)) {
 		struct ncr_key_wrap f;
 		struct nlattr algo_head ALIGN_NL;
-		uint32_t algo ALIGN_NL;
+		char algo[sizeof(NCR_WALG_AES_RFC5649)] ALIGN_NL;
 	} kwrap;
 	struct __attribute__((packed)) {
 		struct ncr_key_unwrap f;
 		struct nlattr wrap_algo_head ALIGN_NL;
-		uint32_t wrap_algo ALIGN_NL;
+		char wrap_algo[sizeof(NCR_WALG_AES_RFC5649)] ALIGN_NL;
 		struct nlattr algo_head ALIGN_NL;
 		char algo[sizeof(ALG_RSA)] ALIGN_NL;
 	} kunwrap;
@@ -731,7 +731,7 @@ test_ncr_wrap_key3(int cfd)
 		kwrap.f.buffer_size = sizeof(data);
 		kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo);
 		kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM;
-		kwrap.algo = NCR_WALG_AES_RFC5649;
+		strcpy(kwrap.algo, NCR_WALG_AES_RFC5649);
 
 		ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap);
 		if (ret < 0) {
@@ -749,7 +749,7 @@ test_ncr_wrap_key3(int cfd)
 		kwrap.f.buffer_size = sizeof(data);
 		kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo);
 		kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM;
-		kwrap.algo = NCR_WALG_AES_RFC5649;
+		strcpy(kwrap.algo, NCR_WALG_AES_RFC5649);
 
 		ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap);
 		if (ret < 0 && i != 2) {
@@ -776,7 +776,7 @@ test_ncr_wrap_key3(int cfd)
 				= NLA_HDRLEN + sizeof(kunwrap.wrap_algo);
 			kunwrap.wrap_algo_head.nla_type
 				= NCR_ATTR_WRAPPING_ALGORITHM;
-			kunwrap.wrap_algo = NCR_WALG_AES_RFC5649;
+			strcpy(kunwrap.wrap_algo, NCR_WALG_AES_RFC5649);
 			kunwrap.algo_head.nla_len
 				= NLA_HDRLEN + sizeof(kunwrap.algo);
 			kunwrap.algo_head.nla_type = NCR_ATTR_ALGORITHM;
diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c
index de4bcdd..4111ab1 100644
--- a/ncr-key-wrap.c
+++ b/ncr-key-wrap.c
@@ -590,18 +590,14 @@ int ret;
 		ret = -EINVAL;
 		goto fail;
 	}
-	switch (nla_get_u32(nla)) {
-		case NCR_WALG_AES_RFC3394:
-			ret = wrap_aes(wkey, key, data, &data_size, iv,
+	if (nla_strcmp(nla, NCR_WALG_AES_RFC3394) == 0)
+		ret = wrap_aes(wkey, key, data, &data_size, iv, iv_size);
+	else if (nla_strcmp(nla, NCR_WALG_AES_RFC5649) == 0)
+		ret = wrap_aes_rfc5649(wkey, key, data, &data_size, iv,
 				       iv_size);
-			break;
-		case NCR_WALG_AES_RFC5649:
-			ret = wrap_aes_rfc5649(wkey, key, data, &data_size, iv,
-					       iv_size);
-			break;
-		default:
-			err();
-			ret = -EINVAL;
+	else {
+		err();
+		ret = -EINVAL;
 	}
 	
 	if (ret < 0) {
@@ -678,18 +674,13 @@ int ret;
 		ret = -EINVAL;
 		goto fail;
 	}
-	switch (nla_get_u32(nla)) {
-		case NCR_WALG_AES_RFC3394:
-			ret = unwrap_aes_rfc3394(wkey, key, data, data_size,
-						 tb);
-			break;
-		case NCR_WALG_AES_RFC5649:
-			ret = unwrap_aes_rfc5649(wkey, key, data, data_size,
-						 tb);
-			break;
-		default:
-			err();
-			ret = -EINVAL;
+	if (nla_strcmp(nla, NCR_WALG_AES_RFC3394) == 0)
+		ret = unwrap_aes_rfc3394(wkey, key, data, data_size, tb);
+	else if (nla_strcmp(nla, NCR_WALG_AES_RFC5649) == 0)
+		ret = unwrap_aes_rfc5649(wkey, key, data, data_size, tb);
+	else {
+		err();
+		ret = -EINVAL;
 	}
 	
 fail:
diff --git a/ncr.h b/ncr.h
index 7f8fba4..180aa3a 100644
--- a/ncr.h
+++ b/ncr.h
@@ -33,7 +33,7 @@ enum {
 	NCR_ATTR_ALGORITHM,	      /* NLA_NUL_STRING */
 	NCR_ATTR_DERIVATION_ALGORITHM, /* NLA_NUL_STRING - NCR_DERIVE_* */
 	NCR_ATTR_SIGNATURE_HASH_ALGORITHM, /* NLA_NUL_STRING */
-	NCR_ATTR_WRAPPING_ALGORITHM,  /* NLA_U32 - ncr_wrap_algorithm_t */
+	NCR_ATTR_WRAPPING_ALGORITHM,  /* NLA_NUL_STRING - NCR_WALG_* */
 	NCR_ATTR_UPDATE_INPUT_DATA,   /* NLA_BINARY - ncr_session_input_data */
 	/* NLA_BINARY - ncr_session_output_buffer */
 	NCR_ATTR_UPDATE_OUTPUT_BUFFER,
@@ -68,10 +68,8 @@ enum {
 #define NCR_CIPHER_MAX_BLOCK_LEN 32
 #define NCR_HASH_MAX_OUTPUT_SIZE  64
 
-typedef enum {
-	NCR_WALG_AES_RFC3394, /* for secret keys only */
-	NCR_WALG_AES_RFC5649, /* can wrap arbitrary key */
-} ncr_wrap_algorithm_t;
+#define NCR_WALG_AES_RFC3394 "walg-aes-rfc3394" /* for secret keys only */
+#define NCR_WALG_AES_RFC5649 "walg-aes-rfc5649" /* can wrap arbitrary key */
 
 typedef enum {
 	NCR_KEY_TYPE_INVALID,
diff --git a/utils.c b/utils.c
index 113a1ee..514833c 100644
--- a/utils.c
+++ b/utils.c
@@ -51,7 +51,7 @@ static const struct nla_policy ncr_attr_policy[NCR_ATTR_MAX + 1] = {
 	[NCR_ATTR_ALGORITHM] = { NLA_NUL_STRING, 0 },
 	[NCR_ATTR_DERIVATION_ALGORITHM] = { NLA_NUL_STRING, 0 },
 	[NCR_ATTR_SIGNATURE_HASH_ALGORITHM] = { NLA_NUL_STRING, 0 },
-	[NCR_ATTR_WRAPPING_ALGORITHM] = { NLA_U32, 0 },
+	[NCR_ATTR_WRAPPING_ALGORITHM] = { NLA_NUL_STRING, 0 },
 	[NCR_ATTR_UPDATE_INPUT_DATA] = {
 		NLA_BINARY, MAX_SESSION_INPUT_DATA_SIZE
 	},