Added test case for hashing secret keys. Some corrections in independent session updates.

2 files changed, 141 insertions, 33 deletions

diff --git a/examples/ncr.c b/examples/ncr.c
index 4ff59fd..4231ffa 100644
--- a/examples/ncr.c
+++ b/examples/ncr.c
@@ -797,6 +797,119 @@ test_ncr_hash(int cfd)
 
 }
 
+static int
+test_ncr_hash_key(int cfd)
+{
+	ncr_key_t key;
+	struct ncr_key_data_st keydata;
+	uint8_t data[HASH_DATA_SIZE];
+	int j, data_size;
+	struct ncr_session_op_st op;
+	struct ncr_session_st op_init;
+	const uint8_t *output = (void*)"\xe2\xd7\x2c\x2e\x14\xad\x97\xc8\xd2\xdb\xce\xd8\xb3\x52\x9f\x1c\xb3\x2c\x5c\xec";
+
+	/* convert it to key */
+	if (ioctl(cfd, NCRIO_KEY_INIT, &key)) {
+		perror("ioctl(NCRIO_KEY_INIT)");
+		return 1;
+	}
+
+	keydata.key_id[0] = 'a';
+	keydata.key_id[2] = 'b';
+	keydata.key_id_size = 2;
+	keydata.type = NCR_KEY_TYPE_SECRET;
+	keydata.algorithm = NCR_ALG_AES_CBC;
+	keydata.flags = NCR_KEY_FLAG_EXPORTABLE;
+
+	fprintf(stdout, "Tests on Hashes of Keys\n");
+
+	fprintf(stdout, "\t%s:\n", hash_vectors[0].name);
+	/* import key */
+	keydata.key = key;
+	keydata.idata = (void*)hash_vectors[0].plaintext;
+	keydata.idata_size =  hash_vectors[0].plaintext_size;
+	if (ioctl(cfd, NCRIO_KEY_IMPORT, &keydata)) {
+		fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
+		perror("ioctl(NCRIO_KEY_IMPORT)");
+		return 1;
+	}
+
+	/* encrypt */
+	memset(&op_init, 0, sizeof(op_init));
+	op_init.algorithm = hash_vectors[0].algorithm;
+	op_init.op = hash_vectors[0].op;
+
+	if (ioctl(cfd, NCRIO_SESSION_INIT, &op_init)) {
+		fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
+		perror("ioctl(NCRIO_SESSION_INIT)");
+		return 1;
+	}
+
+	memset(&op, 0, sizeof(op));
+	op.ses = op_init.ses;
+	op.data.udata.input = (void*)hash_vectors[0].plaintext;
+	op.data.udata.input_size = hash_vectors[0].plaintext_size;
+	op.data.udata.output = NULL;
+	op.data.udata.output_size = 0;
+	op.type = NCR_DIRECT_DATA;
+
+	if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) {
+		fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
+		perror("ioctl(NCRIO_SESSION_UPDATE)");
+		return 1;
+	}
+
+	memset(&op, 0, sizeof(op));
+	op.ses = op_init.ses;
+	op.data.kdata.input = key;
+	op.data.kdata.output = NULL;
+	op.data.kdata.output_size = 0;
+	op.type = NCR_KEY_DATA;
+
+	if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) {
+		fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
+		perror("ioctl(NCRIO_SESSION_UPDATE)");
+		return 1;
+	}
+
+	op.data.udata.input = NULL;
+	op.data.udata.input_size = 0;
+	op.data.udata.output = data;
+	op.data.udata.output_size = sizeof(data);
+	op.type = NCR_DIRECT_DATA;
+
+	if (ioctl(cfd, NCRIO_SESSION_FINAL, &op)) {
+		fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
+		perror("ioctl(NCRIO_SESSION_FINAL)");
+		return 1;
+	}		
+
+	data_size = op.data.udata.output_size;
+
+
+	if (data_size != hash_vectors[0].output_size ||
+			memcmp(data, output, hash_vectors[0].output_size) != 0) {
+			fprintf(stderr, "HASH test vector %d failed!\n", 0);
+
+			fprintf(stderr, "Output[%d]: ", (int)data_size);
+			for(j=0;j<data_size;j++)
+			  fprintf(stderr, "%.2x:", (int)data[j]);
+			fprintf(stderr, "\n");
+
+			fprintf(stderr, "Expected[%d]: ", hash_vectors[0].output_size);
+			for(j=0;j<hash_vectors[0].output_size;j++)
+			  fprintf(stderr, "%.2x:", (int)output[j]);
+			fprintf(stderr, "\n");
+			return 1;
+	}
+
+
+	fprintf(stdout, "\n");
+
+	return 0;
+
+}
+
 
 int
 main()
@@ -819,6 +932,9 @@ main()
 	if (test_ncr_hash(fd))
 		return 1;
 
+	if (test_ncr_hash_key(fd))
+		return 1;
+
 	if (test_ncr_wrap_key(fd))
 		return 1;
 
diff --git a/ncr-sessions.c b/ncr-sessions.c
index f9043ec..466558b 100644
--- a/ncr-sessions.c
+++ b/ncr-sessions.c
@@ -495,13 +495,17 @@ static int get_userbuf1(struct session_item_st* ses,
 {
 	int pagecount = 0;
 
-	if (udata == NULL) {
+	if (unlikely(udata == NULL)) {
+		err();
 		return -EINVAL;
 	}
 
-	pagecount = PAGECOUNT(udata, udata_size);
+	if (unlikely(ses->sg == NULL || ses->pages == NULL)) {
+		err();
+		return -ENOMEM;
+	}
 
-	ses->available_pages = pagecount;
+	pagecount = PAGECOUNT(udata, udata_size);
 
 	if (pagecount > ses->array_size) {
 		while (ses->array_size < pagecount)
@@ -514,19 +518,21 @@ static int get_userbuf1(struct session_item_st* ses,
 		ses->sg = krealloc(ses->sg, ses->array_size *
 				sizeof(struct scatterlist), GFP_KERNEL);
 
-		if (ses->sg == NULL || ses->pages == NULL) {
+		if (unlikely(ses->sg == NULL || ses->pages == NULL)) {
 			return -ENOMEM;
 		}
 	}
 
 	if (__get_userbuf(udata, udata_size, 1,
 			pagecount, ses->pages, ses->sg)) {
-		dprintk(1, KERN_ERR, "failed to get user pages for data input\n");
+		err();
 		return -EINVAL;
 	}
 	(*dst_sg) = ses->sg;
 	*dst_cnt = pagecount;
 
+	ses->available_pages = pagecount;
+
 	return 0;
 }
 
@@ -538,16 +544,22 @@ static int get_userbuf2(struct session_item_st* ses,
 	int src_pagecount, dst_pagecount = 0, pagecount, write_src = 1;
 	size_t input_size = op->data.udata.input_size;
 
-	if (op->data.udata.input == NULL) {
+	if (unlikely(op->data.udata.input == NULL)) {
+		err();
 		return -EINVAL;
 	}
 
+	if (unlikely(ses->sg == NULL || ses->pages == NULL)) {
+		err();
+		return -ENOMEM;
+	}
+
 	src_pagecount = PAGECOUNT(op->data.udata.input, input_size);
 
 	if (op->data.udata.input != op->data.udata.output) {	/* non-in-situ transformation */
+		write_src = 0;
 		if (op->data.udata.output != NULL) {
 			dst_pagecount = PAGECOUNT(op->data.udata.output, op->data.udata.output_size);
-			write_src = 0;
 		} else {
 			dst_pagecount = 0;
 		}
@@ -557,7 +569,7 @@ static int get_userbuf2(struct session_item_st* ses,
 		input_size = max(input_size, (size_t)op->data.udata.output_size);
 	}
 
-	ses->available_pages = pagecount = src_pagecount + dst_pagecount;
+	pagecount = src_pagecount + dst_pagecount;
 
 	if (pagecount > ses->array_size) {
 		while (ses->array_size < pagecount)
@@ -577,7 +589,8 @@ static int get_userbuf2(struct session_item_st* ses,
 
 	if (__get_userbuf(op->data.udata.input, input_size, write_src,
 			src_pagecount, ses->pages, ses->sg)) {
-		dprintk(1, KERN_ERR, "failed to get user pages for data input\n");
+		err();
+		printk("write: %d\n", write_src);
 		return -EINVAL;
 	}
 	(*src_sg) = ses->sg;
@@ -589,7 +602,7 @@ static int get_userbuf2(struct session_item_st* ses,
 
 		if (__get_userbuf(op->data.udata.output, op->data.udata.output_size, 1, dst_pagecount,
 					ses->pages + src_pagecount, *dst_sg)) {
-			dprintk(1, KERN_ERR, "failed to get user pages for data output\n");
+			err();
 			release_user_pages(ses->pages, src_pagecount);
 			return -EINVAL;
 		}
@@ -602,6 +615,8 @@ static int get_userbuf2(struct session_item_st* ses,
 			*dst_sg = NULL;
 		}
 	}
+	
+	ses->available_pages = pagecount;
 
 	return 0;
 }
@@ -892,9 +907,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o
 	int ret;
 	struct session_item_st* sess;
 	struct key_item_st* key = NULL;
-	struct scatterlist *osg;
-	unsigned osg_cnt=0;
-	size_t osg_size;
 
 	sess = ncr_sessions_item_get( &lists->sessions, op->ses);
 	if (sess == NULL) {
@@ -915,21 +927,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o
 		goto fail;
 	}
 
-	if (down_interruptible(&sess->mem_mutex)) {
-		err();
-		_ncr_sessions_item_put(sess);
-		return -ERESTARTSYS;
-	}
-
-	ret = get_userbuf1(sess, op->data.kdata.output, op->data.kdata.output_size, 
-		&osg, &osg_cnt);
-	if (ret < 0) {
-		err();
-		goto fail;
-	}
-
-	osg_size = op->data.kdata.output_size;
-
 	switch(sess->op) {
 		case NCR_OP_ENCRYPT:
 		case NCR_OP_DECRYPT:
@@ -954,11 +951,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o
 	ret = 0;
 
 fail:
-	if (sess->available_pages) {
-		release_user_pages(sess->pages, sess->available_pages);
-		sess->available_pages = 0;
-	}
-	up(&sess->mem_mutex);
 	if (key) _ncr_key_item_put(key);
 	_ncr_sessions_item_put(sess);