summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorNikos Mavrogiannopoulos <nmav@gnutls.org>2010-07-07 22:54:53 +0200
committerNikos Mavrogiannopoulos <nmav@gnutls.org>2010-07-07 22:54:53 +0200
commitada6106692c72168dbe4defd2ec44f273c670e88 (patch)
tree1fc8ef20085a4e320c8072f242f8db42e41e9ebd
parent2acb2200b547f89a6f8e745c65ebd49300012cc6 (diff)
downloadcryptodev-linux-ada6106692c72168dbe4defd2ec44f273c670e88.tar.gz
cryptodev-linux-ada6106692c72168dbe4defd2ec44f273c670e88.tar.xz
cryptodev-linux-ada6106692c72168dbe4defd2ec44f273c670e88.zip
Several fixes. RSA key generation tested and works.
Diffstat
-rw-r--r--examples/pk.c28
-rw-r--r--libtomcrypt/hashes/hash_memory.c6
-rw-r--r--libtomcrypt/hashes/hash_memory_multi.c6
-rw-r--r--libtomcrypt/pk/dsa/dsa_export.c18
-rw-r--r--libtomcrypt/pk/dsa/dsa_import.c18
-rw-r--r--libtomcrypt/pk/rsa/rsa_export.c20
-rw-r--r--libtomcrypt/pk/rsa/rsa_import.c26
-rw-r--r--ncr-key.c22
-rw-r--r--ncr-pk.c17
9 files changed, 100 insertions, 61 deletions
diff --git a/examples/pk.c b/examples/pk.c
index 926d991..1513d62 100644
--- a/examples/pk.c
+++ b/examples/pk.c
@@ -108,18 +108,23 @@ int privkey_info (void* data, int data_size)
size_t size;
int ret;
gnutls_datum_t pem;
- unsigned char buffer[256];
+ unsigned char buffer[5*1024];
const char *cprint;
- gnutls_x509_privkey_init (&key);
+ ret = gnutls_x509_privkey_init (&key);
+ if (ret < 0) {
+ fprintf(stderr, "error in privkey_init\n");
+ return 1;
+ }
pem.data = data;
pem.size = data_size;
ret = gnutls_x509_privkey_import (key, &pem, GNUTLS_X509_FMT_DER);
-
- if (ret < 0)
- return 1;
+ if (ret < 0) {
+ fprintf(stderr, "unable to import privkey\n");
+ return 1;
+ }
/* Public key algorithm
*/
@@ -133,9 +138,10 @@ int privkey_info (void* data, int data_size)
/* Print the raw public and private keys
*/
if (ret == GNUTLS_PK_RSA) {
- gnutls_datum_t m, e, d, p, q, u, exp1, exp2;
+ gnutls_datum_t m, e, d, p, q, u, exp1={NULL,0}, exp2={NULL,0};
- ret = gnutls_x509_privkey_export_rsa_raw2 (key, &m, &e, &d, &p, &q, &u, &exp1, &exp2);
+ //ret = gnutls_x509_privkey_export_rsa_raw2 (key, &m, &e, &d, &p, &q, &u, &exp1, &exp2);
+ ret = gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u);
if (ret < 0)
fprintf (stderr, "Error in key RSA data export: %s\n",
gnutls_strerror (ret));
@@ -255,7 +261,7 @@ test_ncr_rsa(int cfd)
if (ioctl(cfd, NCRIO_KEY_EXPORT, &keydata)) {
fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
- perror("ioctl(NCRIO_KEY_IMPORT)");
+ perror("ioctl(NCRIO_KEY_EXPORT)");
return 1;
}
@@ -272,9 +278,9 @@ test_ncr_rsa(int cfd)
perror("ioctl(NCRIO_DATA_GET)");
return 1;
}
-
+
ret = privkey_info(kdata.data, kdata.data_size);
- if (ret < 0) {
+ if (ret != 0) {
fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__);
return 1;
}
@@ -323,6 +329,8 @@ main()
{
int fd = -1;
+ gnutls_global_init();
+
/* actually test if the initial close
* will really delete all used lists */
diff --git a/libtomcrypt/hashes/hash_memory.c b/libtomcrypt/hashes/hash_memory.c
index 274c208..7c0aa4e 100644
--- a/libtomcrypt/hashes/hash_memory.c
+++ b/libtomcrypt/hashes/hash_memory.c
@@ -52,6 +52,12 @@ int hash_memory(int hash, const unsigned char *in, unsigned long inlen, unsigned
goto LBL_ERR;
}
+ err = cryptodev_hash_reset( &hdata);
+ if (err < 0) {
+ err = CRYPT_INVALID_HASH;
+ goto LBL_ERR;
+ }
+
if ((err = _cryptodev_hash_update(&hdata, in, inlen)) < 0) {
err = CRYPT_ERROR;
goto LBL_ERR;
diff --git a/libtomcrypt/hashes/hash_memory_multi.c b/libtomcrypt/hashes/hash_memory_multi.c
index 6a85f65..52e8076 100644
--- a/libtomcrypt/hashes/hash_memory_multi.c
+++ b/libtomcrypt/hashes/hash_memory_multi.c
@@ -58,6 +58,12 @@ int hash_memory_multi(int hash, unsigned char *out, unsigned long *outlen,
goto LBL_ERR;
}
+ err = cryptodev_hash_reset( &hdata);
+ if (err < 0) {
+ err = CRYPT_INVALID_HASH;
+ goto LBL_ERR;
+ }
+
va_start(args, inlen);
curptr = in;
curlen = inlen;
diff --git a/libtomcrypt/pk/dsa/dsa_export.c b/libtomcrypt/pk/dsa/dsa_export.c
index 3b6f9bb..30145a3 100644
--- a/libtomcrypt/pk/dsa/dsa_export.c
+++ b/libtomcrypt/pk/dsa/dsa_export.c
@@ -47,19 +47,19 @@ int dsa_export(unsigned char *out, unsigned long *outlen, int type, dsa_key *key
if (type == PK_PRIVATE) {
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, key->g,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->y,
- LTC_ASN1_INTEGER, 1UL, key->x,
+ LTC_ASN1_INTEGER, 1UL, &key->g,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->y,
+ LTC_ASN1_INTEGER, 1UL, &key->x,
LTC_ASN1_EOL, 0UL, NULL);
} else {
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, key->g,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->y,
+ LTC_ASN1_INTEGER, 1UL, &key->g,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->y,
LTC_ASN1_EOL, 0UL, NULL);
}
}
diff --git a/libtomcrypt/pk/dsa/dsa_import.c b/libtomcrypt/pk/dsa/dsa_import.c
index f6c07f1..3172d5d 100644
--- a/libtomcrypt/pk/dsa/dsa_import.c
+++ b/libtomcrypt/pk/dsa/dsa_import.c
@@ -47,11 +47,11 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
if (flags[0] == 1) {
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, key->g,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->y,
- LTC_ASN1_INTEGER, 1UL, key->x,
+ LTC_ASN1_INTEGER, 1UL, &key->g,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->y,
+ LTC_ASN1_INTEGER, 1UL, &key->x,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error;
}
@@ -59,10 +59,10 @@ int dsa_import(const unsigned char *in, unsigned long inlen, dsa_key *key)
} else {
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_BIT_STRING, 1UL, flags,
- LTC_ASN1_INTEGER, 1UL, key->g,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->y,
+ LTC_ASN1_INTEGER, 1UL, &key->g,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->y,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto error;
}
diff --git a/libtomcrypt/pk/rsa/rsa_export.c b/libtomcrypt/pk/rsa/rsa_export.c
index 2ba747c..04e59d8 100644
--- a/libtomcrypt/pk/rsa/rsa_export.c
+++ b/libtomcrypt/pk/rsa/rsa_export.c
@@ -44,20 +44,20 @@ int rsa_export(unsigned char *out, unsigned long *outlen, int type, rsa_key *key
*/
return der_encode_sequence_multi(out, outlen,
LTC_ASN1_SHORT_INTEGER, 1UL, &zero,
- LTC_ASN1_INTEGER, 1UL, key->N,
- LTC_ASN1_INTEGER, 1UL, key->e,
- LTC_ASN1_INTEGER, 1UL, key->d,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->dP,
- LTC_ASN1_INTEGER, 1UL, key->dQ,
- LTC_ASN1_INTEGER, 1UL, key->qP,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->e,
+ LTC_ASN1_INTEGER, 1UL, &key->d,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->dP,
+ LTC_ASN1_INTEGER, 1UL, &key->dQ,
+ LTC_ASN1_INTEGER, 1UL, &key->qP,
LTC_ASN1_EOL, 0UL, NULL);
} else {
/* public key */
return der_encode_sequence_multi(out, outlen,
- LTC_ASN1_INTEGER, 1UL, key->N,
- LTC_ASN1_INTEGER, 1UL, key->e,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->e,
LTC_ASN1_EOL, 0UL, NULL);
}
}
diff --git a/libtomcrypt/pk/rsa/rsa_import.c b/libtomcrypt/pk/rsa/rsa_import.c
index 2f6d40e..db78236 100644
--- a/libtomcrypt/pk/rsa/rsa_import.c
+++ b/libtomcrypt/pk/rsa/rsa_import.c
@@ -74,8 +74,8 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
/* now it should be SEQUENCE { INTEGER, INTEGER } */
if ((err = der_decode_sequence_multi(tmpbuf, t,
- LTC_ASN1_INTEGER, 1UL, key->N,
- LTC_ASN1_INTEGER, 1UL, key->e,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->e,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
XFREE(tmpbuf);
goto LBL_ERR;
@@ -88,7 +88,7 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
/* not SSL public key, try to match against LTC_PKCS #1 standards */
if ((err = der_decode_sequence_multi(in, inlen,
- LTC_ASN1_INTEGER, 1UL, key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
@@ -100,14 +100,14 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
/* it's a private key */
if ((err = der_decode_sequence_multi(in, inlen,
LTC_ASN1_INTEGER, 1UL, zero,
- LTC_ASN1_INTEGER, 1UL, key->N,
- LTC_ASN1_INTEGER, 1UL, key->e,
- LTC_ASN1_INTEGER, 1UL, key->d,
- LTC_ASN1_INTEGER, 1UL, key->p,
- LTC_ASN1_INTEGER, 1UL, key->q,
- LTC_ASN1_INTEGER, 1UL, key->dP,
- LTC_ASN1_INTEGER, 1UL, key->dQ,
- LTC_ASN1_INTEGER, 1UL, key->qP,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->e,
+ LTC_ASN1_INTEGER, 1UL, &key->d,
+ LTC_ASN1_INTEGER, 1UL, &key->p,
+ LTC_ASN1_INTEGER, 1UL, &key->q,
+ LTC_ASN1_INTEGER, 1UL, &key->dP,
+ LTC_ASN1_INTEGER, 1UL, &key->dQ,
+ LTC_ASN1_INTEGER, 1UL, &key->qP,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
mp_clear(&zero);
goto LBL_ERR;
@@ -121,8 +121,8 @@ int rsa_import(const unsigned char *in, unsigned long inlen, rsa_key *key)
} else {
/* it's a public key and we lack e */
if ((err = der_decode_sequence_multi(in, inlen,
- LTC_ASN1_INTEGER, 1UL, key->N,
- LTC_ASN1_INTEGER, 1UL, key->e,
+ LTC_ASN1_INTEGER, 1UL, &key->N,
+ LTC_ASN1_INTEGER, 1UL, &key->e,
LTC_ASN1_EOL, 0UL, NULL)) != CRYPT_OK) {
goto LBL_ERR;
}
diff --git a/ncr-key.c b/ncr-key.c
index dbd8f57..31026ab 100644
--- a/ncr-key.c
+++ b/ncr-key.c
@@ -160,6 +160,7 @@ int ncr_key_export(struct list_sem_st* data_lst,
struct ncr_key_data_st data;
struct key_item_st* item = NULL;
struct data_item_st* ditem = NULL;
+uint32_t size;
int ret;
ret = copy_from_user( &data, arg, sizeof(data));
@@ -181,6 +182,8 @@ int ret;
goto fail;
}
+ ditem->flags = key_flags_to_data(item->flags);
+
switch (item->type) {
case NCR_KEY_TYPE_SECRET:
if (item->key.secret.size > ditem->max_data_size) {
@@ -190,15 +193,26 @@ int ret;
}
/* found */
- ditem->flags = key_flags_to_data(item->flags);
-
if (item->key.secret.size > 0) {
memcpy(ditem->data, item->key.secret.data, item->key.secret.size);
}
ditem->data_size = item->key.secret.size;
break;
- case NCR_KEY_TYPE_PUBLIC: /* FIXME: export in a blob -ASN.1? */
- case NCR_KEY_TYPE_PRIVATE: /* FIXME export in a blob -ASN.1? */
+ case NCR_KEY_TYPE_PUBLIC:
+ case NCR_KEY_TYPE_PRIVATE:
+ size = ditem->max_data_size;
+ ret = ncr_pk_pack(item, ditem->data, &size);
+
+ ditem->data_size = size;
+
+ if (ret < 0) {
+ err();
+ goto fail;
+ }
+
+ break;
+
+
default:
err();
ret = -EINVAL;
diff --git a/ncr-pk.c b/ncr-pk.c
index 53dcd1b..6b90571 100644
--- a/ncr-pk.c
+++ b/ncr-pk.c
@@ -62,7 +62,7 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i
uint8_t * tmp;
long max_size;
int ret, cret;
- unsigned long key_id_size = MAX_KEY_ID_SIZE;
+ unsigned long key_id_size;
max_size = KEY_DATA_MAX_SIZE;
tmp = kmalloc(max_size, GFP_KERNEL);
@@ -108,6 +108,7 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i
goto fail;
}
+ key_id_size = MAX_KEY_ID_SIZE;
cret = hash_memory(NCR_ALG_SHA1, tmp, max_size, private->key_id, &key_id_size);
if (cret != CRYPT_OK) {
err();
@@ -126,9 +127,14 @@ fail:
int ncr_pk_pack( const struct key_item_st * key, uint8_t * packed, uint32_t * packed_size)
{
- long max_size = *packed_size;
+ unsigned long max_size = *packed_size;
int cret;
+ if (packed == NULL || packed_size == NULL) {
+ err();
+ return -EINVAL;
+ }
+
switch(key->algorithm) {
case NCR_ALG_RSA:
cret = rsa_export(packed, &max_size, key->key.pk.rsa.type, (void*)&key->key.pk.rsa);
@@ -177,10 +183,9 @@ static void keygen_handler(struct work_struct *instance)
e = st->params->params.rsa.e;
if (e == 0)
- e = 65537;
+ e = 65537;
cret = rsa_make_key(st->params->params.rsa.bits/8, e, &st->private->key.pk.rsa);
if (cret != CRYPT_OK) {
- printk("ret: %d/%d\n", cret, st->params->params.rsa.bits);
err();
st->ret = tomerr(cret);
}
@@ -229,7 +234,7 @@ struct keygen_st st;
err();
return ret;
}
-
+
wait_for_completion(&st.completed);
if (st.ret < 0) {
@@ -237,7 +242,7 @@ struct keygen_st st;
return ret;
}
-// ret = ncr_pk_make_public_and_id(private, public);
+ ret = ncr_pk_make_public_and_id(private, public);
if (ret < 0) {
err();
return ret;
generated by cgit (git 2.34.1) at 2025-09-16 06:10:54 +0000