diff options
| -rw-r--r-- | examples/ncr.c | 116 | ||||
| -rw-r--r-- | ncr-sessions.c | 58 |
2 files changed, 141 insertions, 33 deletions
diff --git a/examples/ncr.c b/examples/ncr.c index 4ff59fd..4231ffa 100644 --- a/examples/ncr.c +++ b/examples/ncr.c @@ -797,6 +797,119 @@ test_ncr_hash(int cfd) } +static int +test_ncr_hash_key(int cfd) +{ + ncr_key_t key; + struct ncr_key_data_st keydata; + uint8_t data[HASH_DATA_SIZE]; + int j, data_size; + struct ncr_session_op_st op; + struct ncr_session_st op_init; + const uint8_t *output = (void*)"\xe2\xd7\x2c\x2e\x14\xad\x97\xc8\xd2\xdb\xce\xd8\xb3\x52\x9f\x1c\xb3\x2c\x5c\xec"; + + /* convert it to key */ + if (ioctl(cfd, NCRIO_KEY_INIT, &key)) { + perror("ioctl(NCRIO_KEY_INIT)"); + return 1; + } + + keydata.key_id[0] = 'a'; + keydata.key_id[2] = 'b'; + keydata.key_id_size = 2; + keydata.type = NCR_KEY_TYPE_SECRET; + keydata.algorithm = NCR_ALG_AES_CBC; + keydata.flags = NCR_KEY_FLAG_EXPORTABLE; + + fprintf(stdout, "Tests on Hashes of Keys\n"); + + fprintf(stdout, "\t%s:\n", hash_vectors[0].name); + /* import key */ + keydata.key = key; + keydata.idata = (void*)hash_vectors[0].plaintext; + keydata.idata_size = hash_vectors[0].plaintext_size; + if (ioctl(cfd, NCRIO_KEY_IMPORT, &keydata)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_KEY_IMPORT)"); + return 1; + } + + /* encrypt */ + memset(&op_init, 0, sizeof(op_init)); + op_init.algorithm = hash_vectors[0].algorithm; + op_init.op = hash_vectors[0].op; + + if (ioctl(cfd, NCRIO_SESSION_INIT, &op_init)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_SESSION_INIT)"); + return 1; + } + + memset(&op, 0, sizeof(op)); + op.ses = op_init.ses; + op.data.udata.input = (void*)hash_vectors[0].plaintext; + op.data.udata.input_size = hash_vectors[0].plaintext_size; + op.data.udata.output = NULL; + op.data.udata.output_size = 0; + op.type = NCR_DIRECT_DATA; + + if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_SESSION_UPDATE)"); + return 1; + } + + memset(&op, 0, sizeof(op)); + op.ses = op_init.ses; + op.data.kdata.input = key; + op.data.kdata.output = NULL; + op.data.kdata.output_size = 0; + op.type = NCR_KEY_DATA; + + if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_SESSION_UPDATE)"); + return 1; + } + + op.data.udata.input = NULL; + op.data.udata.input_size = 0; + op.data.udata.output = data; + op.data.udata.output_size = sizeof(data); + op.type = NCR_DIRECT_DATA; + + if (ioctl(cfd, NCRIO_SESSION_FINAL, &op)) { + fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); + perror("ioctl(NCRIO_SESSION_FINAL)"); + return 1; + } + + data_size = op.data.udata.output_size; + + + if (data_size != hash_vectors[0].output_size || + memcmp(data, output, hash_vectors[0].output_size) != 0) { + fprintf(stderr, "HASH test vector %d failed!\n", 0); + + fprintf(stderr, "Output[%d]: ", (int)data_size); + for(j=0;j<data_size;j++) + fprintf(stderr, "%.2x:", (int)data[j]); + fprintf(stderr, "\n"); + + fprintf(stderr, "Expected[%d]: ", hash_vectors[0].output_size); + for(j=0;j<hash_vectors[0].output_size;j++) + fprintf(stderr, "%.2x:", (int)output[j]); + fprintf(stderr, "\n"); + return 1; + } + + + fprintf(stdout, "\n"); + + return 0; + +} + int main() @@ -819,6 +932,9 @@ main() if (test_ncr_hash(fd)) return 1; + if (test_ncr_hash_key(fd)) + return 1; + if (test_ncr_wrap_key(fd)) return 1; diff --git a/ncr-sessions.c b/ncr-sessions.c index f9043ec..466558b 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -495,13 +495,17 @@ static int get_userbuf1(struct session_item_st* ses, { int pagecount = 0; - if (udata == NULL) { + if (unlikely(udata == NULL)) { + err(); return -EINVAL; } - pagecount = PAGECOUNT(udata, udata_size); + if (unlikely(ses->sg == NULL || ses->pages == NULL)) { + err(); + return -ENOMEM; + } - ses->available_pages = pagecount; + pagecount = PAGECOUNT(udata, udata_size); if (pagecount > ses->array_size) { while (ses->array_size < pagecount) @@ -514,19 +518,21 @@ static int get_userbuf1(struct session_item_st* ses, ses->sg = krealloc(ses->sg, ses->array_size * sizeof(struct scatterlist), GFP_KERNEL); - if (ses->sg == NULL || ses->pages == NULL) { + if (unlikely(ses->sg == NULL || ses->pages == NULL)) { return -ENOMEM; } } if (__get_userbuf(udata, udata_size, 1, pagecount, ses->pages, ses->sg)) { - dprintk(1, KERN_ERR, "failed to get user pages for data input\n"); + err(); return -EINVAL; } (*dst_sg) = ses->sg; *dst_cnt = pagecount; + ses->available_pages = pagecount; + return 0; } @@ -538,16 +544,22 @@ static int get_userbuf2(struct session_item_st* ses, int src_pagecount, dst_pagecount = 0, pagecount, write_src = 1; size_t input_size = op->data.udata.input_size; - if (op->data.udata.input == NULL) { + if (unlikely(op->data.udata.input == NULL)) { + err(); return -EINVAL; } + if (unlikely(ses->sg == NULL || ses->pages == NULL)) { + err(); + return -ENOMEM; + } + src_pagecount = PAGECOUNT(op->data.udata.input, input_size); if (op->data.udata.input != op->data.udata.output) { /* non-in-situ transformation */ + write_src = 0; if (op->data.udata.output != NULL) { dst_pagecount = PAGECOUNT(op->data.udata.output, op->data.udata.output_size); - write_src = 0; } else { dst_pagecount = 0; } @@ -557,7 +569,7 @@ static int get_userbuf2(struct session_item_st* ses, input_size = max(input_size, (size_t)op->data.udata.output_size); } - ses->available_pages = pagecount = src_pagecount + dst_pagecount; + pagecount = src_pagecount + dst_pagecount; if (pagecount > ses->array_size) { while (ses->array_size < pagecount) @@ -577,7 +589,8 @@ static int get_userbuf2(struct session_item_st* ses, if (__get_userbuf(op->data.udata.input, input_size, write_src, src_pagecount, ses->pages, ses->sg)) { - dprintk(1, KERN_ERR, "failed to get user pages for data input\n"); + err(); + printk("write: %d\n", write_src); return -EINVAL; } (*src_sg) = ses->sg; @@ -589,7 +602,7 @@ static int get_userbuf2(struct session_item_st* ses, if (__get_userbuf(op->data.udata.output, op->data.udata.output_size, 1, dst_pagecount, ses->pages + src_pagecount, *dst_sg)) { - dprintk(1, KERN_ERR, "failed to get user pages for data output\n"); + err(); release_user_pages(ses->pages, src_pagecount); return -EINVAL; } @@ -602,6 +615,8 @@ static int get_userbuf2(struct session_item_st* ses, *dst_sg = NULL; } } + + ses->available_pages = pagecount; return 0; } @@ -892,9 +907,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o int ret; struct session_item_st* sess; struct key_item_st* key = NULL; - struct scatterlist *osg; - unsigned osg_cnt=0; - size_t osg_size; sess = ncr_sessions_item_get( &lists->sessions, op->ses); if (sess == NULL) { @@ -915,21 +927,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o goto fail; } - if (down_interruptible(&sess->mem_mutex)) { - err(); - _ncr_sessions_item_put(sess); - return -ERESTARTSYS; - } - - ret = get_userbuf1(sess, op->data.kdata.output, op->data.kdata.output_size, - &osg, &osg_cnt); - if (ret < 0) { - err(); - goto fail; - } - - osg_size = op->data.kdata.output_size; - switch(sess->op) { case NCR_OP_ENCRYPT: case NCR_OP_DECRYPT: @@ -954,11 +951,6 @@ static int _ncr_session_update_key(struct ncr_lists* lists, struct ncr_session_o ret = 0; fail: - if (sess->available_pages) { - release_user_pages(sess->pages, sess->available_pages); - sess->available_pages = 0; - } - up(&sess->mem_mutex); if (key) _ncr_key_item_put(key); _ncr_sessions_item_put(sess); |