From fe7358893ae875ed7a5e98bb2936da6ee73efeed Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Tue, 27 Jul 2010 22:25:47 +0200 Subject: Drop left-over code for data objects --- ncr-int.h | 1 - ncr.c | 3 --- 2 files changed, 4 deletions(-) diff --git a/ncr-int.h b/ncr-int.h index 2af794f..733bb77 100644 --- a/ncr-int.h +++ b/ncr-int.h @@ -98,7 +98,6 @@ struct list_sem_st { * are here. */ struct ncr_lists { - struct list_sem_st data; struct list_sem_st key; /* sessions */ diff --git a/ncr.c b/ncr.c index 87bd052..624d217 100644 --- a/ncr.c +++ b/ncr.c @@ -52,9 +52,6 @@ void* ncr_init_lists(void) memset(lst, 0, sizeof(*lst)); - init_MUTEX(&lst->data.sem); - INIT_LIST_HEAD(&lst->data.list); - init_MUTEX(&lst->key.sem); INIT_LIST_HEAD(&lst->key.list); -- cgit From 36ad042166bbc02bfa9c274ff6336de1e7d4e336 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Wed, 28 Jul 2010 02:43:11 +0200 Subject: Drop a duplicate prototype --- ncr-int.h | 1 - 1 file changed, 1 deletion(-) diff --git a/ncr-int.h b/ncr-int.h index 733bb77..489e052 100644 --- a/ncr-int.h +++ b/ncr-int.h @@ -123,7 +123,6 @@ int ncr_key_generate(struct list_sem_st* data_lst, void __user* arg); int ncr_key_info(struct list_sem_st*, void __user* arg); int ncr_key_generate_pair(struct list_sem_st* lst, void __user* arg); -int ncr_key_derive(struct list_sem_st*, void __user* arg); int ncr_key_get_public(struct list_sem_st* lst, void __user* arg); int ncr_key_item_get_read(struct key_item_st**st, struct list_sem_st* lst, -- cgit From bba63cee75974056789ec0d08a9ff60513fdf12a Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Wed, 28 Jul 2010 02:43:53 +0200 Subject: Return ENOMEM on session allocation errors --- ncr-sessions.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ncr-sessions.c b/ncr-sessions.c index c5b31ac..0f0fb50 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -229,7 +229,7 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses ns = ncr_session_new(&lists->sessions); if (ns == NULL) { err(); - return -EINVAL; + return -ENOMEM; } ns->op = session->op; -- cgit From 451524e494cfc9dcace5193e130a0384ce59a3d7 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Wed, 28 Jul 2010 02:44:44 +0200 Subject: Fix kmalloc return value check --- ncr-limits.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ncr-limits.c b/ncr-limits.c index bbcd1e9..a1ad7e3 100644 --- a/ncr-limits.c +++ b/ncr-limits.c @@ -148,7 +148,7 @@ int ret; if (add) { pitem = kmalloc(sizeof(*pitem), GFP_KERNEL); - if (uitem == NULL) { + if (pitem == NULL) { err(); up(&limits.processes.sem); ret = -ENOMEM; -- cgit From c7d95c16bdd1fcbf3948647ca6a3c5d15eec9a91 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Wed, 28 Jul 2010 02:48:35 +0200 Subject: Fix error paths in _ncr_session_init --- ncr-sessions.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/ncr-sessions.c b/ncr-sessions.c index 0f0fb50..7d79753 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -263,7 +263,8 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses if (ns->algorithm->kstr == NULL) { err(); - return -EINVAL; + ret = -EINVAL; + goto fail; } ret = cryptodev_cipher_init(&ns->cipher, ns->algorithm->kstr, @@ -342,7 +343,8 @@ static int _ncr_session_init(struct ncr_lists* lists, struct ncr_session_st* ses sign_hash = ncr_key_params_get_sign_hash(ns->key->algorithm, &session->params); if (IS_ERR(sign_hash)) { err(); - return PTR_ERR(sign_hash); + ret = PTR_ERR(sign_hash); + goto fail; } if (!sign_hash->can_digest) { -- cgit From c3a197347ffd389572e0941cbcbbf8c076dd4d76 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Wed, 28 Jul 2010 02:48:46 +0200 Subject: Don't access new objects when not holding a reference --- ncr-key.c | 2 +- ncr-sessions.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ncr-key.c b/ncr-key.c index e0361bc..4ea933c 100644 --- a/ncr-key.c +++ b/ncr-key.c @@ -189,9 +189,9 @@ int ncr_key_init(struct list_sem_st* lst, void __user* arg) list_add(&key->list, &lst->list); + desc = key->desc; up(&lst->sem); - desc = key->desc; ret = copy_to_user(arg, &desc, sizeof(desc)); if (unlikely(ret)) { down(&lst->sem); diff --git a/ncr-sessions.c b/ncr-sessions.c index 7d79753..365935f 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -121,7 +121,7 @@ struct session_item_st* ncr_session_new(struct list_sem_st* lst) } init_MUTEX(&sess->mem_mutex); - atomic_set(&sess->refcnt, 1); + atomic_set(&sess->refcnt, 2); /* One for lst->list, one for "sess" */ down(&lst->sem); @@ -392,6 +392,7 @@ fail: if (ret < 0) { _ncr_session_remove(&lists->sessions, ns->desc); } + _ncr_sessions_item_put(ns); return ret; } -- cgit From 83924dc84eb373b88dd6295e87842041a54e6938 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 28 Jul 2010 18:20:13 +0200 Subject: Added Mirek. --- AUTHORS | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/AUTHORS b/AUTHORS index 5a6ced0..bf97734 100644 --- a/AUTHORS +++ b/AUTHORS @@ -4,6 +4,7 @@ Michal Ludvig: Nikos Mavrogiannopoulos: Port to 2.6.27 and later, better compatibility with OpenBSD (and FreeBSD) cryptodev and maintanance. + Design and implementation of NCR (NewCrypto) API. Michael Weiser: Porting to blkcipher async API. Several hardware drivers @@ -12,5 +13,8 @@ Michael Weiser: Phil Sutter: Implemented a zero copy version of the internal engine. +Miloslav Trmač: + Several optimizations and bugfixes in the NCR API. + Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) -- cgit From be973132e3717f46bbc7b5e54889ec5736c4f9a6 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 28 Jul 2010 20:22:54 +0200 Subject: Use less stack and memory. --- ncr-key-wrap.c | 180 +++++++++++++++++++++++++++++---------------------------- 1 file changed, 91 insertions(+), 89 deletions(-) diff --git a/ncr-key-wrap.c b/ncr-key-wrap.c index 5d3ec67..cb431c9 100644 --- a/ncr-key-wrap.c +++ b/ncr-key-wrap.c @@ -46,7 +46,7 @@ static void val64_xor( val64_t val, uint32_t x) val[4] ^= (x >> 24) & 0xff; } -static int rfc3394_wrap(val64_t R[], unsigned int n, struct cipher_data* ctx, +static int rfc3394_wrap(val64_t *R, unsigned int n, struct cipher_data* ctx, uint8_t* output, size_t *output_size, const uint8_t iv[8]) { val64_t A; @@ -120,6 +120,7 @@ size_t n; int i, ret; struct cipher_data ctx; uint8_t iv[8]; +val64_t *R = NULL; if (iv_size != 4) { memcpy(iv, RFC5649_IV, 4); @@ -144,33 +145,32 @@ uint8_t iv[8]; return ret; } - { - val64_t *R; + R = kmalloc(n * sizeof (*R), GFP_KERNEL); + if (R == NULL) { + err(); + ret = -ENOMEM; + goto cleanup; + } - R = kmalloc(n * sizeof (*R), GFP_KERNEL); - if (R == NULL) { - err(); - ret = -ENOMEM; - goto cleanup; - } - /* R = P */ - for (i=0;i n*8 || size < (n-1)*8 || *kdata_size < size) { - err(); - kfree(R); - ret = -EINVAL; - goto cleanup; - } + if (memcmp(A, iv, 4)!= 0) { + err(); + ret = -EINVAL; + goto cleanup; + } - memset(kdata, 0, size); - *kdata_size = size; - for (i=0;i n*8 || size < (n-1)*8 || *kdata_size < size) { + err(); + ret = -EINVAL; + goto cleanup; } + memset(kdata, 0, size); + *kdata_size = size; + for (i=0;itype != NCR_KEY_TYPE_SECRET) { err(); @@ -322,24 +317,28 @@ struct cipher_data ctx; n = key_size/8; - { - val64_t R[(NCR_CIPHER_MAX_KEY_LEN + 7) / 8]; + R = kmalloc(sizeof(*R)*n, GFP_KERNEL); + if (R == NULL) { + err(); + ret = -ENOMEM; + goto cleanup; + } - /* R = P */ - for (i=0;ikey.secret.data) < (n-1)*8) { + if (NCR_CIPHER_MAX_KEY_LEN < (n-1)*8) { err(); ret = -EINVAL; goto cleanup; } - { - val64_t R[sizeof(output->key.secret.data)/8 + 1]; - - ret = rfc3394_unwrap(wrapped_key, R, n, A, &ctx); - if (ret < 0) { - err(); - return ret; - } - - if (memcmp(A, iv, 8)!= 0) { - err(); - ret = -EINVAL; - goto cleanup; - } + R = kmalloc(sizeof(*R)*n, GFP_KERNEL); + if (R == NULL) { + err(); + ret = -ENOMEM; + goto cleanup; + } - memset(&output->key, 0, sizeof(output->key)); - for (i=0;ikey.secret.data[i*8], R[i], sizeof(R[i])); - } - output->key.secret.size = n*8; - output->flags = NCR_KEY_FLAG_WRAPPABLE; - output->type = NCR_KEY_TYPE_SECRET; + ret = rfc3394_unwrap(wrapped_key, R, n, A, &ctx); + if (ret < 0) { + err(); + return ret; + } + if (memcmp(A, iv, 8)!= 0) { + err(); + ret = -EINVAL; + goto cleanup; } + memset(&output->key, 0, sizeof(output->key)); + for (i=0;ikey.secret.data[i*8], R[i], sizeof(R[i])); + } + output->key.secret.size = n*8; + output->flags = NCR_KEY_FLAG_WRAPPABLE; + output->type = NCR_KEY_TYPE_SECRET; ret = 0; cleanup: + kfree(R); cryptodev_cipher_deinit(&ctx); return ret; -- cgit From 7a31387b49e0b04ba43bdf6fbc869c6a3e970251 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Wed, 28 Jul 2010 20:26:44 +0200 Subject: NCR_CIPHER_MAX_KEY_LEN no longer exist in userspace API. --- TODO | 1 + ncr-int.h | 1 + ncr.c | 7 +++++-- ncr.h | 3 +-- userspace/setkey.c | 4 +++- 5 files changed, 11 insertions(+), 5 deletions(-) diff --git a/TODO b/TODO index 5ed80e1..98b81fc 100644 --- a/TODO +++ b/TODO @@ -1,3 +1,4 @@ * ioctl_compat() mode for ncr.h API as it is in cryptodev.h * Put limits to sessions * Export private keys to PKCS #8 format (can it be implemented?) +* Documentation for functions diff --git a/ncr-int.h b/ncr-int.h index 489e052..e79747c 100644 --- a/ncr-int.h +++ b/ncr-int.h @@ -8,6 +8,7 @@ #include #define KEY_DATA_MAX_SIZE 3*1024 +#define NCR_CIPHER_MAX_KEY_LEN 1024 #define err() printk(KERN_DEBUG"ncr: %s: %s: %d\n", __FILE__, __func__, __LINE__) diff --git a/ncr.c b/ncr.c index 624d217..7608312 100644 --- a/ncr.c +++ b/ncr.c @@ -103,11 +103,14 @@ struct ncr_master_key_st st; dprintk(0, KERN_DEBUG, "Master key was previously initialized.\n"); } + if (unlikely(copy_from_user(master_key.key.secret.data, st.key, st.key_size))) { + err(); + return -EFAULT; + } + dprintk(0, KERN_INFO, "Initializing master key.\n"); master_key.type = NCR_KEY_TYPE_SECRET; - - memcpy(master_key.key.secret.data, st.key, st.key_size); master_key.key.secret.size = st.key_size; return 0; diff --git a/ncr.h b/ncr.h index 01fd413..53c77be 100644 --- a/ncr.h +++ b/ncr.h @@ -7,7 +7,6 @@ #endif #define NCR_CIPHER_MAX_BLOCK_LEN 32 -#define NCR_CIPHER_MAX_KEY_LEN 512 #define NCR_HASH_MAX_OUTPUT_SIZE 64 typedef enum { @@ -221,7 +220,7 @@ struct ncr_key_wrap_st { /* Internal ops */ struct ncr_master_key_st { - uint8_t key[NCR_CIPHER_MAX_KEY_LEN]; + uint8_t __user * key; uint16_t key_size; }; diff --git a/userspace/setkey.c b/userspace/setkey.c index d0a2b62..ea9d30e 100644 --- a/userspace/setkey.c +++ b/userspace/setkey.c @@ -25,6 +25,7 @@ int main(int argc, char** argv) struct ncr_master_key_st key; int size, ret; struct stat st; + uint8_t rawkey[32]; if (argc != 2) { fprintf(stderr, "Usage: setkey [filename]\n"); @@ -52,12 +53,13 @@ int main(int argc, char** argv) exit(1); } - size = fread(key.key, 1, sizeof(key.key), fp); + size = fread(rawkey, 1, sizeof(rawkey), fp); if (size < 16) { fprintf(stderr, "Illegal key!\n"); exit(1); } fclose(fp); + key.key = rawkey; key.key_size = size; /* Open the crypto device */ -- cgit From ad1c16ec19dddb272d6e4fd8b1a368444fff08c3 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 02:28:33 +0200 Subject: updated --- README | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/README b/README index 8e80fcb..aacd304 100644 --- a/README +++ b/README @@ -1,8 +1,7 @@ -This is the linux-cryptodev [newapi] branch. Here a new API is being -designed. The ioctl() API is in ncr.h and the userspace in ncrypto.h. +This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h. For the new API to fully operate, root must load a system key (constant -per system) using the setkey program. After this stage the new API should +per system) using the ncr-setkey program. After this stage the new API should be fully operational. Example: $ dd if=/dev/urandom of=/boot/key count=1 bs=16 $ chmod 600 /boot/key @@ -15,11 +14,8 @@ keys will not be possible. -The old OpenBSD API via /dev/crypto device driver is still supported. +A compatibility API using OpenBSD's interface via /dev/crypto device driver +is supported. -It was initially written for linux 2.6.8 by Michal Ludvig. Compatibility -fixes for *BSD cryptodev as well as porting to 2.6.27 blkcipher API -by Nikos Mavrogiannopoulos. Initial blkcipher async API porting by -Michael Weiser. Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) -- cgit From ba92b699323738ea883b5c8226b3b1e565cd9649 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 09:08:26 +0200 Subject: small change in AUTHORS. --- AUTHORS | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/AUTHORS b/AUTHORS index bf97734..7373dbd 100644 --- a/AUTHORS +++ b/AUTHORS @@ -1,5 +1,5 @@ Michal Ludvig: - Initial implementation for linux 2.6.8 + Initial implementation of OpenBSD's /dev/crypto API for linux 2.6.8 Nikos Mavrogiannopoulos: Port to 2.6.27 and later, better compatibility -- cgit From 047bd90807930f589df5aae1a632a831fca976bb Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 09:14:09 +0200 Subject: updated README. --- README | 17 +++++++++++++---- TODO | 1 + 2 files changed, 14 insertions(+), 4 deletions(-) diff --git a/README b/README index aacd304..cc49177 100644 --- a/README +++ b/README @@ -1,3 +1,5 @@ +=== NCR API === + This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h. For the new API to fully operate, root must load a system key (constant @@ -8,14 +10,21 @@ $ chmod 600 /boot/key $ userspace/ncr-setkey /boot/key The main concept of the new API is disallow userspace applications -access to cryptographic keys. Operations should be possible (such -as encryption/decryption/signing/verifying), but raw access to the -keys will not be possible. +access to cryptographic keys. Operations are possible (such as +encryption/decryption/signing/verifying), but raw access to the +keys is not be possible. +=== OpenBSD crypto compatibility === A compatibility API using OpenBSD's interface via /dev/crypto device driver -is supported. +is supported. This enables access to kernel space cipher implementations +and hardware accelerators. + + + +For questions and suggestions please use the mailing lists at: +http://home.gna.org/cryptodev-linux/lists.html Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) diff --git a/TODO b/TODO index 98b81fc..2c0e1db 100644 --- a/TODO +++ b/TODO @@ -2,3 +2,4 @@ * Put limits to sessions * Export private keys to PKCS #8 format (can it be implemented?) * Documentation for functions +* Is a writev() like interface needed? -- cgit From 6c3e93a9398c33e39279a986722290048f4592fe Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 09:25:04 +0200 Subject: put correct license. --- .../der/x509/der_decode_subject_public_key_info.c | 24 +++++++++++++++++----- .../der/x509/der_encode_subject_public_key_info.c | 24 +++++++++++++++++----- 2 files changed, 38 insertions(+), 10 deletions(-) diff --git a/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c b/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c index 6c97e96..c0a2e22 100644 --- a/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c +++ b/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c @@ -1,11 +1,25 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis +/* + * New driver for /dev/crypto device (aka CryptoDev) + + * Copyright (c) 2010 Katholieke Universiteit Leuven * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. + * Author: Nikos Mavrogiannopoulos * - * The library is free for all purposes without any express - * guarantee it works. + * This file is part of linux cryptodev. * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #include "tomcrypt.h" /** diff --git a/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c b/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c index e37c4b4..4c7e966 100644 --- a/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c +++ b/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c @@ -1,11 +1,25 @@ -/* LibTomCrypt, modular cryptographic library -- Tom St Denis +/* + * New driver for /dev/crypto device (aka CryptoDev) + + * Copyright (c) 2010 Katholieke Universiteit Leuven * - * LibTomCrypt is a library that provides various cryptographic - * algorithms in a highly modular and flexible manner. + * Author: Nikos Mavrogiannopoulos * - * The library is free for all purposes without any express - * guarantee it works. + * This file is part of linux cryptodev. * + * This program is free software; you can redistribute it and/or + * modify it under the terms of the GNU General Public License + * as published by the Free Software Foundation; either version 2 + * of the License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. */ #include "tomcrypt.h" -- cgit From af51c84e19753ec0c9de368816a30bcc4fb90c24 Mon Sep 17 00:00:00 2001 From: Nikos Mavrogiannopoulos Date: Thu, 29 Jul 2010 09:26:38 +0200 Subject: just noticed that the DSA generation algorithm is not the nist one. --- TODO | 1 + 1 file changed, 1 insertion(+) diff --git a/TODO b/TODO index 2c0e1db..875738e 100644 --- a/TODO +++ b/TODO @@ -3,3 +3,4 @@ * Export private keys to PKCS #8 format (can it be implemented?) * Documentation for functions * Is a writev() like interface needed? +* Implement the NIST DSA generation algorithm. -- cgit