diff options
| author | Miloslav Trmač <mitr@redhat.com> | 2010-08-16 22:50:56 +0200 |
|---|---|---|
| committer | Miloslav Trmač <mitr@redhat.com> | 2010-08-24 23:49:09 +0200 |
| commit | 7017a63132bc03462ba75e399c083e00f4e19573 (patch) | |
| tree | ba790f1e3e542492640e6bf63ad1f3d6f62153e3 /examples | |
| parent | e536df1a394cf653ecc5964ece0551b0259abeb4 (diff) | |
| download | cryptodev-linux-7017a63132bc03462ba75e399c083e00f4e19573.tar.gz cryptodev-linux-7017a63132bc03462ba75e399c083e00f4e19573.tar.xz cryptodev-linux-7017a63132bc03462ba75e399c083e00f4e19573.zip | |
Convert *_SESSION_*
Diffstat (limited to 'examples')
| -rw-r--r-- | examples/ncr.c | 218 | ||||
| -rw-r--r-- | examples/pk.c | 334 | ||||
| -rw-r--r-- | examples/speed.c | 48 |
3 files changed, 410 insertions, 190 deletions
diff --git a/examples/ncr.c b/examples/ncr.c index 49f5e38..facecd8 100644 --- a/examples/ncr.c +++ b/examples/ncr.c @@ -843,8 +843,18 @@ test_ncr_aes(int cfd) } kimport; uint8_t data[KEY_DATA_SIZE]; int i, j; - struct ncr_session_once_op_st nop; - int data_size; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr output_head ALIGN_NL; + struct ncr_session_output_buffer output ALIGN_NL; + } op; + size_t data_size; /* convert it to key */ key = ioctl(cfd, NCRIO_KEY_INIT); @@ -881,23 +891,30 @@ test_ncr_aes(int cfd) } /* encrypt */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_AES_ECB; - nop.init.key = key; - nop.init.op = NCR_OP_ENCRYPT; - nop.op.data.udata.input = (void*)aes_vectors[i].plaintext; - nop.op.data.udata.input_size = 16; - nop.op.data.udata.output = data; - nop.op.data.udata.output_size = sizeof(data); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = NCR_OP_ENCRYPT; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = NCR_ALG_AES_ECB; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = key; + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = aes_vectors[i].plaintext; + op.input.data_size = 16; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; + op.output.buffer = data; + op.output.buffer_size = sizeof(data); + op.output.result_size_ptr = &data_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - data_size = nop.op.data.udata.output_size; /* verify */ if (data_size != 16 || memcmp(data, aes_vectors[i].ciphertext, 16) != 0) { @@ -944,24 +961,30 @@ test_ncr_aes(int cfd) } /* decrypt */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_AES_ECB; - nop.init.key = key; - nop.init.op = NCR_OP_DECRYPT; - nop.op.data.udata.input = (void*)aes_vectors[i].ciphertext; - nop.op.data.udata.input_size = 16; - nop.op.data.udata.output = data; - nop.op.data.udata.output_size = sizeof(data); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = NCR_OP_DECRYPT; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = NCR_ALG_AES_ECB; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = key; + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = aes_vectors[i].ciphertext; + op.input.data_size = 16; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; + op.output.buffer = data; + op.output.buffer_size = sizeof(data); + op.output.result_size_ptr = &data_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - data_size = nop.op.data.udata.output_size; - if (data_size != 16 || memcmp(data, aes_vectors[i].plaintext, 16) != 0) { fprintf(stderr, "AES test vector %d failed!\n", i); @@ -1084,8 +1107,19 @@ test_ncr_hash(int cfd) uint32_t flags ALIGN_NL; } kimport; uint8_t data[HASH_DATA_SIZE]; - int i, j, data_size; - struct ncr_session_once_op_st nop; + int i, j; + size_t data_size; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr output_head ALIGN_NL; + struct ncr_session_output_buffer output ALIGN_NL; + } op; /* convert it to key */ key = ioctl(cfd, NCRIO_KEY_INIT); @@ -1130,26 +1164,30 @@ test_ncr_hash(int cfd) } } - /* encrypt */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = hash_vectors[i].algorithm; - if (hash_vectors[i].key != NULL) - nop.init.key = key; - nop.init.op = hash_vectors[i].op; - nop.op.data.udata.input = (void*)hash_vectors[i].plaintext; - nop.op.data.udata.input_size = hash_vectors[i].plaintext_size; - nop.op.data.udata.output = data; - nop.op.data.udata.output_size = sizeof(data); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = hash_vectors[i].op; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = hash_vectors[i].algorithm; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = hash_vectors[i].key != NULL ? key : NCR_KEY_INVALID; + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = hash_vectors[i].plaintext; + op.input.data_size = hash_vectors[i].plaintext_size; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; + op.output.buffer = data; + op.output.buffer_size = sizeof(data); + op.output.result_size_ptr = &data_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - data_size = nop.op.data.udata.output_size; - if (data_size != hash_vectors[i].output_size || memcmp(data, hash_vectors[i].output, hash_vectors[i].output_size) != 0) { @@ -1178,6 +1216,7 @@ static int test_ncr_hash_key(int cfd) { ncr_key_t key; + ncr_session_t ses; struct __attribute__((packed)) { struct ncr_key_import f; struct nlattr id_head ALIGN_NL; @@ -1190,9 +1229,28 @@ test_ncr_hash_key(int cfd) uint32_t flags ALIGN_NL; } kimport; uint8_t data[HASH_DATA_SIZE]; - int j, data_size; - struct ncr_session_op_st op; - struct ncr_session_st op_init; + int j; + size_t data_size; + struct __attribute__((packed)) { + struct ncr_session_init f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + } op_init; + struct __attribute__((packed)) { + struct ncr_session_update f; + struct nlattr data_head ALIGN_NL; + struct ncr_session_input_data data ALIGN_NL; + } op_up_data; + struct __attribute__((packed)) { + struct ncr_session_update f; + struct nlattr key_head ALIGN_NL; + uint32_t key; + } op_up_key; + struct __attribute__((packed)) { + struct ncr_session_final f; + struct nlattr output_head ALIGN_NL; + struct ncr_session_output_buffer output ALIGN_NL; + } op_final; const uint8_t *output = (void*)"\xe2\xd7\x2c\x2e\x14\xad\x97\xc8\xd2\xdb\xce\xd8\xb3\x52\x9f\x1c\xb3\x2c\x5c\xec"; /* convert it to key */ @@ -1230,58 +1288,62 @@ test_ncr_hash_key(int cfd) return 1; } - /* encrypt */ - memset(&op_init, 0, sizeof(op_init)); - op_init.algorithm = hash_vectors[0].algorithm; - op_init.op = hash_vectors[0].op; + memset(&op_init.f, 0, sizeof(op_init.f)); + op_init.f.input_size = sizeof(op_init); + op_init.f.op = hash_vectors[0].op; + op_init.algo_head.nla_len = NLA_HDRLEN + sizeof(op_init.algo); + op_init.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op_init.algo = hash_vectors[0].algorithm; - if (ioctl(cfd, NCRIO_SESSION_INIT, &op_init)) { + ses = ioctl(cfd, NCRIO_SESSION_INIT, &op_init); + if (ses < 0) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_INIT)"); return 1; } - memset(&op, 0, sizeof(op)); - op.ses = op_init.ses; - op.data.udata.input = (void*)hash_vectors[0].plaintext; - op.data.udata.input_size = hash_vectors[0].plaintext_size; - op.data.udata.output = NULL; - op.data.udata.output_size = 0; - op.type = NCR_DIRECT_DATA; + memset(&op_up_data.f, 0, sizeof(op_up_data.f)); + op_up_data.f.input_size = sizeof(op_up_data); + op_up_data.f.ses = ses; + op_up_data.data_head.nla_len = NLA_HDRLEN + sizeof(op_up_data.data); + op_up_data.data_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op_up_data.data.data = hash_vectors[0].plaintext; + op_up_data.data.data_size = hash_vectors[0].plaintext_size; - if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) { + if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op_up_data)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_UPDATE)"); return 1; } - memset(&op, 0, sizeof(op)); - op.ses = op_init.ses; - op.data.kdata.input = key; - op.data.kdata.output = NULL; - op.data.kdata.output_size = 0; - op.type = NCR_KEY_DATA; + memset(&op_up_key.f, 0, sizeof(op_up_key.f)); + op_up_key.f.input_size = sizeof(op_up_key); + op_up_key.f.ses = ses; + op_up_key.key_head.nla_len = NLA_HDRLEN + sizeof(op_up_key.key); + op_up_key.key_head.nla_type = NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA; + op_up_key.key = key; - if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) { + if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op_up_key)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_UPDATE)"); return 1; } - op.data.udata.input = NULL; - op.data.udata.input_size = 0; - op.data.udata.output = data; - op.data.udata.output_size = sizeof(data); - op.type = NCR_DIRECT_DATA; + memset(&op_final.f, 0, sizeof(op_final.f)); + op_final.f.input_size = sizeof(op_final); + op_final.f.ses = ses; + op_final.output_head.nla_len = NLA_HDRLEN + sizeof(op_final.output); + op_final.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; + op_final.output.buffer = data; + op_final.output.buffer_size = sizeof(data); + op_final.output.result_size_ptr = &data_size; - if (ioctl(cfd, NCRIO_SESSION_FINAL, &op)) { + if (ioctl(cfd, NCRIO_SESSION_FINAL, &op_final)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_FINAL)"); return 1; } - data_size = op.data.udata.output_size; - if (data_size != hash_vectors[0].output_size || memcmp(data, output, hash_vectors[0].output_size) != 0) { diff --git a/examples/pk.c b/examples/pk.c index ac95820..8645fd4 100644 --- a/examples/pk.c +++ b/examples/pk.c @@ -794,10 +794,24 @@ test_ncr_wrap_key3(int cfd) static int rsa_key_encrypt(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int oaep) { - struct ncr_session_once_op_st nop; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr rsa_head ALIGN_NL; + uint32_t rsa ALIGN_NL; + struct nlattr oaep_hash_head ALIGN_NL; + uint32_t oaep_hash ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr output_head ALIGN_NL; + struct ncr_session_output_buffer output ALIGN_NL; + } op; uint8_t data[DATA_SIZE]; uint8_t vdata[RSA_ENCRYPT_SIZE]; - int enc_size; + size_t enc_size, dec_size; fprintf(stdout, "Tests on RSA (%s) key encryption:", (oaep!=0)?"OAEP":"PKCS V1.5"); fflush(stdout); @@ -806,55 +820,79 @@ static int rsa_key_encrypt(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int oae memcpy(vdata, data, sizeof(vdata)); /* do encryption */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_RSA; - nop.init.key = pubkey; + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = NCR_OP_ENCRYPT; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = NCR_ALG_RSA; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = pubkey; + op.rsa_head.nla_len = NLA_HDRLEN + sizeof(op.rsa); + op.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; if (oaep) { - nop.init.params.params.rsa.type = RSA_PKCS1_OAEP; - nop.init.params.params.rsa.oaep_hash = NCR_ALG_SHA1; + op.rsa = RSA_PKCS1_OAEP; } else { - nop.init.params.params.rsa.type = RSA_PKCS1_V1_5; + op.rsa = RSA_PKCS1_V1_5; } - nop.init.op = NCR_OP_ENCRYPT; - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = RSA_ENCRYPT_SIZE; - nop.op.data.udata.output = data; - nop.op.data.udata.output_size = sizeof(data); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + op.oaep_hash_head.nla_len = NLA_HDRLEN + sizeof(op.oaep_hash); + op.oaep_hash_head.nla_type = NCR_ATTR_RSA_OAEP_HASH_ALGORITHM; + op.oaep_hash = NCR_ALG_SHA1; /* Ignored if not using OAEP */ + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = data; + op.input.data_size = RSA_ENCRYPT_SIZE; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; + op.output.buffer = data; + op.output.buffer_size = sizeof(data); + op.output.result_size_ptr = &enc_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - enc_size = nop.op.data.udata.output_size; /* decrypt data */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_RSA; - nop.init.key = privkey; - nop.init.op = NCR_OP_DECRYPT; + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = NCR_OP_DECRYPT; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = NCR_ALG_RSA; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = privkey; + op.rsa_head.nla_len = NLA_HDRLEN + sizeof(op.rsa); + op.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; if (oaep) { - nop.init.params.params.rsa.type = RSA_PKCS1_OAEP; - nop.init.params.params.rsa.oaep_hash = NCR_ALG_SHA1; + op.rsa = RSA_PKCS1_OAEP; } else { - nop.init.params.params.rsa.type = RSA_PKCS1_V1_5; + op.rsa = RSA_PKCS1_V1_5; } - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = enc_size; - nop.op.data.udata.output = data; - nop.op.data.udata.output_size = sizeof(data); - nop.op.type = NCR_DIRECT_DATA; - - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + op.oaep_hash_head.nla_len = NLA_HDRLEN + sizeof(op.oaep_hash); + op.oaep_hash_head.nla_type = NCR_ATTR_RSA_OAEP_HASH_ALGORITHM; + op.oaep_hash = NCR_ALG_SHA1; /* Ignored if not using OAEP */ + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = data; + op.input.data_size = enc_size; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; + op.output.buffer = data; + op.output.buffer_size = sizeof(data); + op.output.result_size_ptr = &dec_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - if (memcmp(vdata, data, sizeof(vdata)) != 0) { + if (dec_size != sizeof(vdata) + || memcmp(vdata, data, sizeof(vdata)) != 0) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); fprintf(stderr, "Decrypted data do not match!\n"); return 1; @@ -870,61 +908,113 @@ static int rsa_key_encrypt(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int oae static int rsa_key_sign_verify(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int pss) { - struct ncr_session_once_op_st nop; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr rsa_head ALIGN_NL; + uint32_t rsa ALIGN_NL; + struct nlattr sign_hash_head ALIGN_NL; + uint32_t sign_hash ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr signature_head ALIGN_NL; + struct ncr_session_output_buffer signature ALIGN_NL; + } ksign; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr rsa_head ALIGN_NL; + uint32_t rsa ALIGN_NL; + struct nlattr sign_hash_head ALIGN_NL; + uint32_t sign_hash ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr signature_head ALIGN_NL; + struct ncr_session_input_data signature ALIGN_NL; + } kverify; uint8_t data[DATA_SIZE]; uint8_t sig[DATA_SIZE]; - int sig_size; + size_t sig_size; + int ret; fprintf(stdout, "Tests on RSA (%s) key signature:", (pss!=0)?"PSS":"PKCS V1.5"); fflush(stdout); memset(data, 0x3, sizeof(data)); - /* sign datad */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_RSA; - nop.init.key = privkey; - nop.init.params.params.rsa.type = (pss!=0)?RSA_PKCS1_PSS:RSA_PKCS1_V1_5; - nop.init.params.params.rsa.sign_hash = NCR_ALG_SHA1; - - nop.init.op = NCR_OP_SIGN; - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = DATA_TO_SIGN; - nop.op.data.udata.output = sig; - nop.op.data.udata.output_size = sizeof(sig); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + /* sign data */ + memset(&ksign.f, 0, sizeof(ksign.f)); + ksign.f.input_size = sizeof(ksign); + ksign.f.op = NCR_OP_SIGN; + ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); + ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; + ksign.algo = NCR_ALG_RSA; + ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); + ksign.key_head.nla_type = NCR_ATTR_KEY; + ksign.key = privkey; + ksign.rsa_head.nla_len = NLA_HDRLEN + sizeof(ksign.rsa); + ksign.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; + ksign.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; + ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); + ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; + ksign.sign_hash = NCR_ALG_SHA1; + ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); + ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + ksign.input.data = data; + ksign.input.data_size = DATA_TO_SIGN; + ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); + ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; + ksign.signature.buffer = sig; + ksign.signature.buffer_size = sizeof(sig); + ksign.signature.result_size_ptr = &sig_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - sig_size = nop.op.data.udata.output_size; /* verify signature */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_RSA; - nop.init.key = pubkey; - nop.init.params.params.rsa.type = (pss!=0)?RSA_PKCS1_PSS:RSA_PKCS1_V1_5; - nop.init.params.params.rsa.sign_hash = NCR_ALG_SHA1; - memset(data, 0x3, sizeof(data)); - nop.init.op = NCR_OP_VERIFY; - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = DATA_TO_SIGN; - nop.op.data.udata.output = sig; - nop.op.data.udata.output_size = sig_size; - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + memset(&kverify.f, 0, sizeof(kverify.f)); + kverify.f.input_size = sizeof(kverify); + kverify.f.op = NCR_OP_VERIFY; + kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); + kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; + kverify.algo = NCR_ALG_RSA; + kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); + kverify.key_head.nla_type = NCR_ATTR_KEY; + kverify.key = pubkey; + kverify.rsa_head.nla_len = NLA_HDRLEN + sizeof(kverify.rsa); + kverify.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; + kverify.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; + kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); + kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; + kverify.sign_hash = NCR_ALG_SHA1; + kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); + kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + kverify.input.data = data; + kverify.input.data_size = DATA_TO_SIGN; + kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); + kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; + kverify.signature.data = sig; + kverify.signature.data_size = sig_size; + + ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); + if (ret < 0) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - if (nop.op.err == NCR_SUCCESS) + if (ret) fprintf(stdout, " Success\n"); else { fprintf(stdout, " Verification Failed!\n"); @@ -937,57 +1027,101 @@ static int rsa_key_sign_verify(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int static int dsa_key_sign_verify(int cfd, ncr_key_t privkey, ncr_key_t pubkey) { - struct ncr_session_once_op_st nop; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr sign_hash_head ALIGN_NL; + uint32_t sign_hash ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr signature_head ALIGN_NL; + struct ncr_session_output_buffer signature ALIGN_NL; + } ksign; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr sign_hash_head ALIGN_NL; + uint32_t sign_hash ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr signature_head ALIGN_NL; + struct ncr_session_input_data signature ALIGN_NL; + } kverify; uint8_t data[DATA_SIZE]; uint8_t sig[DATA_SIZE]; - int sig_size; + size_t sig_size; + int ret; fprintf(stdout, "Tests on DSA key signature:"); fflush(stdout); memset(data, 0x3, sizeof(data)); - /* sign datad */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_DSA; - nop.init.key = privkey; - nop.init.params.params.dsa.sign_hash = NCR_ALG_SHA1; - - nop.init.op = NCR_OP_SIGN; - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = DATA_TO_SIGN; - nop.op.data.udata.output = sig; - nop.op.data.udata.output_size = sizeof(sig); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + /* sign data */ + memset(&ksign.f, 0, sizeof(ksign.f)); + ksign.f.input_size = sizeof(ksign); + ksign.f.op = NCR_OP_SIGN; + ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); + ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; + ksign.algo = NCR_ALG_DSA; + ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); + ksign.key_head.nla_type = NCR_ATTR_KEY; + ksign.key = privkey; + ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); + ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; + ksign.sign_hash = NCR_ALG_SHA1; + ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); + ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + ksign.input.data = data; + ksign.input.data_size = DATA_TO_SIGN; + ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); + ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; + ksign.signature.buffer = sig; + ksign.signature.buffer_size = sizeof(sig); + ksign.signature.result_size_ptr = &sig_size; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - - sig_size = nop.op.data.udata.output_size; /* verify signature */ - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = NCR_ALG_DSA; - nop.init.key = pubkey; - nop.init.params.params.dsa.sign_hash = NCR_ALG_SHA1; - - nop.init.op = NCR_OP_VERIFY; - nop.op.data.udata.input = data; - nop.op.data.udata.input_size = DATA_TO_SIGN; - nop.op.data.udata.output = sig; - nop.op.data.udata.output_size = sizeof(sig); - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + memset(&kverify.f, 0, sizeof(kverify.f)); + kverify.f.input_size = sizeof(kverify); + kverify.f.op = NCR_OP_VERIFY; + kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); + kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; + kverify.algo = NCR_ALG_DSA; + kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); + kverify.key_head.nla_type = NCR_ATTR_KEY; + kverify.key = pubkey; + kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); + kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; + kverify.sign_hash = NCR_ALG_SHA1; + kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); + kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + kverify.input.data = data; + kverify.input.data_size = DATA_TO_SIGN; + kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); + kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; + kverify.signature.data = sig; + kverify.signature.data_size = sizeof(sig); + + ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); + if (ret < 0) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; } - if (nop.op.err == NCR_SUCCESS) + if (ret) fprintf(stdout, " Success\n"); else { fprintf(stdout, " Verification Failed!\n"); diff --git a/examples/speed.c b/examples/speed.c index 9c2e8b8..a75009e 100644 --- a/examples/speed.c +++ b/examples/speed.c @@ -88,7 +88,18 @@ int encrypt_data_ncr_direct(int cfd, int algo, int chunksize) struct nlattr bits_head ALIGN_NL; uint32_t bits ALIGN_NL; } kgen; - struct ncr_session_once_op_st nop; + struct __attribute__((packed)) { + struct ncr_session_once f; + struct nlattr algo_head ALIGN_NL; + uint32_t algo ALIGN_NL; + struct nlattr key_head ALIGN_NL; + uint32_t key ALIGN_NL; + struct nlattr input_head ALIGN_NL; + struct ncr_session_input_data input ALIGN_NL; + struct nlattr output_head ALIGN_NL; + struct ncr_session_output_buffer output ALIGN_NL; + struct nlattr iv_head ALIGN_NL; + } op; key = ioctl(cfd, NCRIO_KEY_INIT); if (key == -1) { @@ -127,17 +138,30 @@ int encrypt_data_ncr_direct(int cfd, int algo, int chunksize) gettimeofday(&start, NULL); do { - memset(&nop, 0, sizeof(nop)); - nop.init.algorithm = algo; - nop.init.key = key; - nop.init.op = NCR_OP_ENCRYPT; - nop.op.data.udata.input = buffer; - nop.op.data.udata.input_size = chunksize; - nop.op.data.udata.output = buffer; - nop.op.data.udata.output_size = chunksize; - nop.op.type = NCR_DIRECT_DATA; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &nop)) { + size_t output_size; + + memset(&op.f, 0, sizeof(op.f)); + op.f.input_size = sizeof(op); + op.f.op = NCR_OP_ENCRYPT; + op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); + op.algo_head.nla_type = NCR_ATTR_ALGORITHM; + op.algo = algo; + op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); + op.key_head.nla_type = NCR_ATTR_KEY; + op.key = key; + op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); + op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; + op.input.data = buffer; + op.input.data_size = chunksize; + op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); + op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; + op.output.buffer = buffer; + op.output.buffer_size = chunksize; + op.output.result_size_ptr = &output_size; + op.iv_head.nla_len = NLA_HDRLEN + 0; + op.iv_head.nla_type = NCR_ATTR_IV; + + if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); perror("ioctl(NCRIO_SESSION_ONCE)"); return 1; |