diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-14 16:08:16 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-06-17 20:48:18 +0200 |
| commit | e9f738aa05a2dbf94fdf05de01d06d2ebf62529d (patch) | |
| tree | b07b75913153014c0019ed78cfdd3e7e2ccc5596 /cryptodev_main.c | |
| parent | 0b2ab77de147d60ca44de978a36e90e1138a5551 (diff) | |
| download | cryptodev-linux-e9f738aa05a2dbf94fdf05de01d06d2ebf62529d.tar.gz cryptodev-linux-e9f738aa05a2dbf94fdf05de01d06d2ebf62529d.tar.xz cryptodev-linux-e9f738aa05a2dbf94fdf05de01d06d2ebf62529d.zip | |
Added initial wrapping and unwrapping key API. Adds an implementation of the AES-WRAP (untested yet).
Diffstat (limited to 'cryptodev_main.c')
| -rw-r--r-- | cryptodev_main.c | 24 |
1 files changed, 22 insertions, 2 deletions
diff --git a/cryptodev_main.c b/cryptodev_main.c index 58ae45b..0b2493d 100644 --- a/cryptodev_main.c +++ b/cryptodev_main.c @@ -198,7 +198,17 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) /* Set-up crypto transform. */ if (alg_name) { - ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, sop->key, sop->keylen); + uint8_t keyp[CRYPTO_CIPHER_MAX_KEY_LEN]; + + if (unlikely(sop->keylen > CRYPTO_CIPHER_MAX_KEY_LEN)) { + dprintk(1,KERN_DEBUG,"Setting key failed for %s-%zu.\n", + alg_name, sop->keylen*8); + ret = -EINVAL; + goto error; + } + copy_from_user(keyp, sop->key, sop->keylen); + + ret = cryptodev_cipher_init(&ses_new->cdata, alg_name, keyp, sop->keylen); if (ret < 0) { dprintk(1,KERN_DEBUG,"%s: Failed to load cipher for %s\n", __func__, alg_name); @@ -208,7 +218,17 @@ crypto_create_session(struct fcrypt *fcr, struct session_op *sop) } if (hash_name) { - ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode, sop->mackey, sop->mackeylen); + uint8_t keyp[CRYPTO_HMAC_MAX_KEY_LEN]; + + if (unlikely(sop->mackeylen > CRYPTO_HMAC_MAX_KEY_LEN)) { + dprintk(1,KERN_DEBUG,"Setting key failed for %s-%zu.\n", + alg_name, sop->mackeylen*8); + ret = -EINVAL; + goto error; + } + copy_from_user(keyp, sop->mackey, sop->mackeylen); + + ret = cryptodev_hash_init(&ses_new->hdata, hash_name, hmac_mode, keyp, sop->mackeylen); if (ret != 0) { dprintk(1,KERN_DEBUG,"%s: Failed to load hash for %s\n", __func__, hash_name); |