diff options
| author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-06 17:18:08 +0200 |
|---|---|---|
| committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-06 17:18:41 +0200 |
| commit | 943f9ab50c110133a5cd1118b5b19cb09301168f (patch) | |
| tree | 1cef7570d78539ad84de9ce81debb4dc12188df5 /ncr-pk.c | |
| parent | df05d27b761295820f3b13ec31c67c0ab0198bfc (diff) | |
| download | cryptodev-linux-943f9ab50c110133a5cd1118b5b19cb09301168f.tar.gz cryptodev-linux-943f9ab50c110133a5cd1118b5b19cb09301168f.tar.xz cryptodev-linux-943f9ab50c110133a5cd1118b5b19cb09301168f.zip | |
run scripts/Lindent.
Diffstat (limited to 'ncr-pk.c')
| -rw-r--r-- | ncr-pk.c | 619 |
1 files changed, 321 insertions, 298 deletions
@@ -38,37 +38,38 @@ int _ncr_tomerr(int err) { switch (err) { - case CRYPT_BUFFER_OVERFLOW: - return -ERANGE; - case CRYPT_MEM: - return -ENOMEM; - default: - return -EINVAL; + case CRYPT_BUFFER_OVERFLOW: + return -ERANGE; + case CRYPT_MEM: + return -ENOMEM; + default: + return -EINVAL; } } -void ncr_pk_clear(struct key_item_st* key) +void ncr_pk_clear(struct key_item_st *key) { if (key->algorithm == NULL) return; - switch(key->algorithm->algo) { - case NCR_ALG_RSA: - rsa_free(&key->key.pk.rsa); - break; - case NCR_ALG_DSA: - dsa_free(&key->key.pk.dsa); - break; - case NCR_ALG_DH: - dh_free(&key->key.pk.dh); - break; - default: - return; + switch (key->algorithm->algo) { + case NCR_ALG_RSA: + rsa_free(&key->key.pk.rsa); + break; + case NCR_ALG_DSA: + dsa_free(&key->key.pk.dsa); + break; + case NCR_ALG_DH: + dh_free(&key->key.pk.dh); + break; + default: + return; } } -static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_item_st * public) +static int ncr_pk_make_public_and_id(struct key_item_st *private, + struct key_item_st *public) { - uint8_t * tmp; + uint8_t *tmp; unsigned long max_size; int ret, cret; unsigned long key_id_size; @@ -80,48 +81,51 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i return -ENOMEM; } - switch(private->algorithm->algo) { - case NCR_ALG_RSA: - cret = rsa_export(tmp, &max_size, PK_PUBLIC, &private->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } + switch (private->algorithm->algo) { + case NCR_ALG_RSA: + cret = + rsa_export(tmp, &max_size, PK_PUBLIC, &private->key.pk.rsa); + if (cret != CRYPT_OK) { + err(); + ret = _ncr_tomerr(cret); + goto fail; + } - cret = rsa_import(tmp, max_size, &public->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } - break; - case NCR_ALG_DSA: - cret = dsa_export(tmp, &max_size, PK_PUBLIC, &private->key.pk.dsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } + cret = rsa_import(tmp, max_size, &public->key.pk.rsa); + if (cret != CRYPT_OK) { + err(); + ret = _ncr_tomerr(cret); + goto fail; + } + break; + case NCR_ALG_DSA: + cret = + dsa_export(tmp, &max_size, PK_PUBLIC, &private->key.pk.dsa); + if (cret != CRYPT_OK) { + err(); + ret = _ncr_tomerr(cret); + goto fail; + } - cret = dsa_import(tmp, max_size, &public->key.pk.dsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } - break; - case NCR_ALG_DH: - ret = dh_generate_public(&public->key.pk.dh, &private->key.pk.dh); - if (ret < 0) { - err(); - goto fail; - } - break; - default: + cret = dsa_import(tmp, max_size, &public->key.pk.dsa); + if (cret != CRYPT_OK) { err(); - ret = -EINVAL; + ret = _ncr_tomerr(cret); goto fail; + } + break; + case NCR_ALG_DH: + ret = + dh_generate_public(&public->key.pk.dh, &private->key.pk.dh); + if (ret < 0) { + err(); + goto fail; + } + break; + default: + err(); + ret = -EINVAL; + goto fail; } key_id_size = MAX_KEY_ID_SIZE; @@ -133,16 +137,17 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i goto fail; } private->key_id_size = public->key_id_size = key_id_size; - memcpy(public->key_id, private->key_id, key_id_size); + memcpy(public->key_id, private->key_id, key_id_size); ret = 0; -fail: +fail: kfree(tmp); - + return ret; } -int ncr_pk_pack( const struct key_item_st * key, uint8_t * packed, uint32_t * packed_size) +int ncr_pk_pack(const struct key_item_st *key, uint8_t * packed, + uint32_t * packed_size) { unsigned long max_size = *packed_size; int cret, ret; @@ -152,42 +157,49 @@ int ncr_pk_pack( const struct key_item_st * key, uint8_t * packed, uint32_t * pa return -EINVAL; } - switch(key->algorithm->algo) { - case NCR_ALG_RSA: - cret = rsa_export(packed, &max_size, key->key.pk.rsa.type, (void*)&key->key.pk.rsa); - if (cret != CRYPT_OK) { - *packed_size = max_size; - err(); - return _ncr_tomerr(cret); - } - break; - case NCR_ALG_DSA: - cret = dsa_export(packed, &max_size, key->key.pk.dsa.type, (void*)&key->key.pk.dsa); - if (cret != CRYPT_OK) { - *packed_size = max_size; - err(); - return _ncr_tomerr(cret); - } - break; - case NCR_ALG_DH: - ret = dh_export(packed, &max_size, key->key.pk.dh.type, (void*)&key->key.pk.dh); - if (ret < 0) { - *packed_size = max_size; - err(); - return ret; - } - break; - default: + switch (key->algorithm->algo) { + case NCR_ALG_RSA: + cret = + rsa_export(packed, &max_size, key->key.pk.rsa.type, + (void *)&key->key.pk.rsa); + if (cret != CRYPT_OK) { + *packed_size = max_size; err(); - return -EINVAL; + return _ncr_tomerr(cret); + } + break; + case NCR_ALG_DSA: + cret = + dsa_export(packed, &max_size, key->key.pk.dsa.type, + (void *)&key->key.pk.dsa); + if (cret != CRYPT_OK) { + *packed_size = max_size; + err(); + return _ncr_tomerr(cret); + } + break; + case NCR_ALG_DH: + ret = + dh_export(packed, &max_size, key->key.pk.dh.type, + (void *)&key->key.pk.dh); + if (ret < 0) { + *packed_size = max_size; + err(); + return ret; + } + break; + default: + err(); + return -EINVAL; } - + *packed_size = max_size; return 0; } -int ncr_pk_unpack( struct key_item_st * key, const void * packed, size_t packed_size) +int ncr_pk_unpack(struct key_item_st *key, const void *packed, + size_t packed_size) { int cret, ret; @@ -196,31 +208,33 @@ int ncr_pk_unpack( struct key_item_st * key, const void * packed, size_t packed_ return -EINVAL; } - switch(key->algorithm->algo) { - case NCR_ALG_RSA: - cret = rsa_import(packed, packed_size, (void*)&key->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - return _ncr_tomerr(cret); - } - break; - case NCR_ALG_DSA: - cret = dsa_import(packed, packed_size, (void*)&key->key.pk.dsa); - if (cret != CRYPT_OK) { - err(); - return _ncr_tomerr(cret); - } - break; - case NCR_ALG_DH: - ret = dh_import(packed, packed_size, (void*)&key->key.pk.dh); - if (ret < 0) { - err(); - return ret; - } - break; - default: + switch (key->algorithm->algo) { + case NCR_ALG_RSA: + cret = + rsa_import(packed, packed_size, (void *)&key->key.pk.rsa); + if (cret != CRYPT_OK) { err(); - return -EINVAL; + return _ncr_tomerr(cret); + } + break; + case NCR_ALG_DSA: + cret = + dsa_import(packed, packed_size, (void *)&key->key.pk.dsa); + if (cret != CRYPT_OK) { + err(); + return _ncr_tomerr(cret); + } + break; + case NCR_ALG_DH: + ret = dh_import(packed, packed_size, (void *)&key->key.pk.dh); + if (ret < 0) { + err(); + return ret; + } + break; + default: + err(); + return -EINVAL; } return 0; @@ -244,7 +258,7 @@ static int binary_to_ulong(unsigned long *dest, const struct nlattr *nla) } int ncr_pk_generate(const struct algo_properties_st *algo, struct nlattr *tb[], - struct key_item_st* private, struct key_item_st* public) + struct key_item_st *private, struct key_item_st *public) { const struct nlattr *nla; unsigned long e; @@ -253,28 +267,29 @@ int ncr_pk_generate(const struct algo_properties_st *algo, struct nlattr *tb[], private->algorithm = public->algorithm = algo; ret = 0; - switch(algo->algo) { - case NCR_ALG_RSA: - nla = tb[NCR_ATTR_RSA_E]; - if (nla != NULL) { - ret = binary_to_ulong(&e, nla); - if (ret != 0) - break; - } else - e = 65537; - - nla = tb[NCR_ATTR_RSA_MODULUS_BITS]; - if (nla == NULL) { - ret = -EINVAL; + switch (algo->algo) { + case NCR_ALG_RSA: + nla = tb[NCR_ATTR_RSA_E]; + if (nla != NULL) { + ret = binary_to_ulong(&e, nla); + if (ret != 0) break; - } - cret = rsa_make_key(nla_get_u32(nla) / 8, e, &private->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - return _ncr_tomerr(cret); - } + } else + e = 65537; + + nla = tb[NCR_ATTR_RSA_MODULUS_BITS]; + if (nla == NULL) { + ret = -EINVAL; break; - case NCR_ALG_DSA: { + } + cret = + rsa_make_key(nla_get_u32(nla) / 8, e, &private->key.pk.rsa); + if (cret != CRYPT_OK) { + err(); + return _ncr_tomerr(cret); + } + break; + case NCR_ALG_DSA:{ u32 q_bits, p_bits; nla = tb[NCR_ATTR_DSA_Q_BITS]; @@ -295,7 +310,7 @@ int ncr_pk_generate(const struct algo_properties_st *algo, struct nlattr *tb[], } break; } - case NCR_ALG_DH: { + case NCR_ALG_DH:{ const struct nlattr *p, *g; p = tb[NCR_ATTR_DH_PRIME]; @@ -320,9 +335,9 @@ int ncr_pk_generate(const struct algo_properties_st *algo, struct nlattr *tb[], } break; } - default: - err(); - return -EINVAL; + default: + err(); + return -EINVAL; } fail: @@ -336,14 +351,14 @@ fail: err(); return ret; } - + return 0; } /* Encryption/Decryption */ -void ncr_pk_cipher_deinit(struct ncr_pk_ctx* ctx) +void ncr_pk_cipher_deinit(struct ncr_pk_ctx *ctx) { if (ctx->init) { ctx->init = 0; @@ -352,14 +367,14 @@ void ncr_pk_cipher_deinit(struct ncr_pk_ctx* ctx) } int ncr_pk_cipher_init(const struct algo_properties_st *algo, - struct ncr_pk_ctx* ctx, struct nlattr *tb[], + struct ncr_pk_ctx *ctx, struct nlattr *tb[], struct key_item_st *key, const struct algo_properties_st *sign_hash) { const struct nlattr *nla; memset(ctx, 0, sizeof(*ctx)); - + /* Allow using the same key for transparent and non-transparent hashing. */ if (key->algorithm->algo != algo->algo) { @@ -372,57 +387,58 @@ int ncr_pk_cipher_init(const struct algo_properties_st *algo, ctx->sign_hash = sign_hash; ctx->salt_len = 0; - switch(algo->algo) { - case NCR_ALG_RSA: - nla = tb[NCR_ATTR_RSA_ENCODING_METHOD]; - if (nla == NULL) { - err(); - return -EINVAL; - } - switch (nla_get_u32(nla)) { - case RSA_PKCS1_V1_5: - ctx->type = LTC_LTC_PKCS_1_V1_5; - break; - case RSA_PKCS1_OAEP: - ctx->type = LTC_LTC_PKCS_1_OAEP; - nla = tb[NCR_ATTR_RSA_OAEP_HASH_ALGORITHM]; - ctx->oaep_hash = _ncr_nla_to_properties(nla); - if (ctx->oaep_hash == NULL) { - err(); - return -EINVAL; - } - break; - case RSA_PKCS1_PSS: - ctx->type = LTC_LTC_PKCS_1_PSS; - nla = tb[NCR_ATTR_RSA_PSS_SALT_LENGTH]; - if (nla != NULL) - ctx->salt_len = nla_get_u32(nla); - break; - default: + switch (algo->algo) { + case NCR_ALG_RSA: + nla = tb[NCR_ATTR_RSA_ENCODING_METHOD]; + if (nla == NULL) { + err(); + return -EINVAL; + } + switch (nla_get_u32(nla)) { + case RSA_PKCS1_V1_5: + ctx->type = LTC_LTC_PKCS_1_V1_5; + break; + case RSA_PKCS1_OAEP: + ctx->type = LTC_LTC_PKCS_1_OAEP; + nla = tb[NCR_ATTR_RSA_OAEP_HASH_ALGORITHM]; + ctx->oaep_hash = _ncr_nla_to_properties(nla); + if (ctx->oaep_hash == NULL) { err(); return -EINVAL; } break; - case NCR_ALG_DSA: + case RSA_PKCS1_PSS: + ctx->type = LTC_LTC_PKCS_1_PSS; + nla = tb[NCR_ATTR_RSA_PSS_SALT_LENGTH]; + if (nla != NULL) + ctx->salt_len = nla_get_u32(nla); break; default: err(); return -EINVAL; + } + break; + case NCR_ALG_DSA: + break; + default: + err(); + return -EINVAL; } - + ctx->init = 1; return 0; } -int ncr_pk_cipher_encrypt(const struct ncr_pk_ctx* ctx, - const struct scatterlist* isg, unsigned int isg_cnt, size_t isg_size, - struct scatterlist *osg, unsigned int osg_cnt, size_t* osg_size) +int ncr_pk_cipher_encrypt(const struct ncr_pk_ctx *ctx, + const struct scatterlist *isg, unsigned int isg_cnt, + size_t isg_size, struct scatterlist *osg, + unsigned int osg_cnt, size_t * osg_size) { -int cret, ret; -unsigned long osize = *osg_size; -uint8_t* tmp; -void * input, *output; + int cret, ret; + unsigned long osize = *osg_size; + uint8_t *tmp; + void *input, *output; tmp = kmalloc(isg_size + *osg_size, GFP_KERNEL); if (tmp == NULL) { @@ -430,7 +446,9 @@ void * input, *output; return -ENOMEM; } - ret = sg_copy_to_buffer((struct scatterlist*)isg, isg_cnt, tmp, isg_size); + ret = + sg_copy_to_buffer((struct scatterlist *)isg, isg_cnt, tmp, + isg_size); if (ret != isg_size) { err(); ret = -EINVAL; @@ -440,27 +458,27 @@ void * input, *output; input = tmp; output = &tmp[isg_size]; + switch (ctx->algorithm->algo) { + case NCR_ALG_RSA: + cret = rsa_encrypt_key_ex(input, isg_size, output, &osize, + NULL, 0, ctx->oaep_hash, ctx->type, + &ctx->key->key.pk.rsa); - switch(ctx->algorithm->algo) { - case NCR_ALG_RSA: - cret = rsa_encrypt_key_ex( input, isg_size, output, &osize, - NULL, 0, ctx->oaep_hash, ctx->type, &ctx->key->key.pk.rsa); - - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } - *osg_size = osize; - - break; - case NCR_ALG_DSA: - ret = -EINVAL; - goto fail; - default: + if (cret != CRYPT_OK) { err(); - ret = -EINVAL; + ret = _ncr_tomerr(cret); goto fail; + } + *osg_size = osize; + + break; + case NCR_ALG_DSA: + ret = -EINVAL; + goto fail; + default: + err(); + ret = -EINVAL; + goto fail; } ret = sg_copy_from_buffer(osg, osg_cnt, output, *osg_size); @@ -468,7 +486,7 @@ void * input, *output; err(); ret = -EINVAL; goto fail; - } + } ret = 0; @@ -477,15 +495,16 @@ fail: return ret; } -int ncr_pk_cipher_decrypt(const struct ncr_pk_ctx* ctx, - const struct scatterlist* isg, unsigned int isg_cnt, size_t isg_size, - struct scatterlist *osg, unsigned int osg_cnt, size_t* osg_size) +int ncr_pk_cipher_decrypt(const struct ncr_pk_ctx *ctx, + const struct scatterlist *isg, unsigned int isg_cnt, + size_t isg_size, struct scatterlist *osg, + unsigned int osg_cnt, size_t * osg_size) { -int cret, ret; -int stat; -unsigned long osize = *osg_size; -uint8_t* tmp; -void * input, *output; + int cret, ret; + int stat; + unsigned long osize = *osg_size; + uint8_t *tmp; + void *input, *output; tmp = kmalloc(isg_size + *osg_size, GFP_KERNEL); if (tmp == NULL) { @@ -496,38 +515,41 @@ void * input, *output; input = tmp; output = &tmp[isg_size]; - ret = sg_copy_to_buffer((struct scatterlist*)isg, isg_cnt, input, isg_size); + ret = + sg_copy_to_buffer((struct scatterlist *)isg, isg_cnt, input, + isg_size); if (ret != isg_size) { err(); ret = -EINVAL; goto fail; } - switch(ctx->algorithm->algo) { - case NCR_ALG_RSA: - cret = rsa_decrypt_key_ex( input, isg_size, output, &osize, - NULL, 0, ctx->oaep_hash, ctx->type, &stat, &ctx->key->key.pk.rsa); + switch (ctx->algorithm->algo) { + case NCR_ALG_RSA: + cret = rsa_decrypt_key_ex(input, isg_size, output, &osize, + NULL, 0, ctx->oaep_hash, ctx->type, + &stat, &ctx->key->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } - - if (stat==0) { - err(); - ret = -EINVAL; - goto fail; - } - *osg_size = osize; - break; - case NCR_ALG_DSA: - ret = -EINVAL; + if (cret != CRYPT_OK) { + err(); + ret = _ncr_tomerr(cret); goto fail; - default: + } + + if (stat == 0) { err(); ret = -EINVAL; goto fail; + } + *osg_size = osize; + break; + case NCR_ALG_DSA: + ret = -EINVAL; + goto fail; + default: + err(); + ret = -EINVAL; + goto fail; } ret = sg_copy_from_buffer(osg, osg_cnt, output, *osg_size); @@ -535,101 +557,102 @@ void * input, *output; err(); ret = -EINVAL; goto fail; - } + } ret = 0; fail: kfree(tmp); - + return ret; } int ncr_pk_cipher_sign(const struct ncr_pk_ctx *ctx, const void *hash, - size_t hash_size, void *sig, size_t *sig_size) + size_t hash_size, void *sig, size_t * sig_size) { int cret; unsigned long osize = *sig_size; - switch(ctx->algorithm->algo) { - case NCR_ALG_RSA: - if (ctx->sign_hash == NULL) { - err(); - return -EINVAL; - } - cret = rsa_sign_hash_ex(hash, hash_size, sig, &osize, - ctx->type, ctx->sign_hash, ctx->salt_len, &ctx->key->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - return _ncr_tomerr(cret); - } - *sig_size = osize; - break; - case NCR_ALG_DSA: - cret = dsa_sign_hash(hash, hash_size, sig, &osize, - &ctx->key->key.pk.dsa); - - if (cret != CRYPT_OK) { - err(); - return _ncr_tomerr(cret); - } - *sig_size = osize; - break; - default: + switch (ctx->algorithm->algo) { + case NCR_ALG_RSA: + if (ctx->sign_hash == NULL) { err(); return -EINVAL; + } + cret = rsa_sign_hash_ex(hash, hash_size, sig, &osize, + ctx->type, ctx->sign_hash, + ctx->salt_len, &ctx->key->key.pk.rsa); + if (cret != CRYPT_OK) { + err(); + return _ncr_tomerr(cret); + } + *sig_size = osize; + break; + case NCR_ALG_DSA: + cret = dsa_sign_hash(hash, hash_size, sig, &osize, + &ctx->key->key.pk.dsa); + + if (cret != CRYPT_OK) { + err(); + return _ncr_tomerr(cret); + } + *sig_size = osize; + break; + default: + err(); + return -EINVAL; } return 0; } -int ncr_pk_cipher_verify(const struct ncr_pk_ctx* ctx, const void *sig, +int ncr_pk_cipher_verify(const struct ncr_pk_ctx *ctx, const void *sig, size_t sig_size, const void *hash, size_t hash_size) { int cret, ret, stat; - switch(ctx->algorithm->algo) { - case NCR_ALG_RSA: - if (ctx->sign_hash == NULL) { - err(); - return -EINVAL; - } - cret = rsa_verify_hash_ex(sig, sig_size, hash, - hash_size, ctx->type, - ctx->sign_hash, ctx->salt_len, - &stat, &ctx->key->key.pk.rsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } - - ret = (stat == 1); - break; - case NCR_ALG_DSA: - cret = dsa_verify_hash(sig, sig_size, hash, hash_size, - &stat, &ctx->key->key.pk.dsa); - if (cret != CRYPT_OK) { - err(); - ret = _ncr_tomerr(cret); - goto fail; - } + switch (ctx->algorithm->algo) { + case NCR_ALG_RSA: + if (ctx->sign_hash == NULL) { + err(); + return -EINVAL; + } + cret = rsa_verify_hash_ex(sig, sig_size, hash, + hash_size, ctx->type, + ctx->sign_hash, ctx->salt_len, + &stat, &ctx->key->key.pk.rsa); + if (cret != CRYPT_OK) { + err(); + ret = _ncr_tomerr(cret); + goto fail; + } - ret = (stat == 1); - break; - default: + ret = (stat == 1); + break; + case NCR_ALG_DSA: + cret = dsa_verify_hash(sig, sig_size, hash, hash_size, + &stat, &ctx->key->key.pk.dsa); + if (cret != CRYPT_OK) { err(); - ret = -EINVAL; + ret = _ncr_tomerr(cret); goto fail; + } + + ret = (stat == 1); + break; + default: + err(); + ret = -EINVAL; + goto fail; } fail: return ret; } -int ncr_pk_derive(struct key_item_st* newkey, struct key_item_st* oldkey, +int ncr_pk_derive(struct key_item_st *newkey, struct key_item_st *oldkey, struct nlattr *tb[]) { -const struct nlattr *nla; -int ret; + const struct nlattr *nla; + int ret; nla = tb[NCR_ATTR_DERIVATION_ALGORITHM]; if (nla == NULL) { @@ -662,27 +685,27 @@ int ret; return 0; } -int ncr_pk_get_rsa_size( rsa_key* key) +int ncr_pk_get_rsa_size(rsa_key * key) { -int ret; + int ret; ret = mp_count_bits(&key->N); if (ret <= 0) { err(); return -EINVAL; } - + return ret; } -int ncr_pk_get_dsa_size( dsa_key* key) +int ncr_pk_get_dsa_size(dsa_key * key) { -int ret; + int ret; ret = mp_count_bits(&key->p); if (ret <= 0) { err(); return -EINVAL; } - + return ret; } |