From 60e1158295f152cbe0d7d983dfd98d94b73314c1 Mon Sep 17 00:00:00 2001 From: Jan Chadima Date: Mon, 2 Aug 2010 10:56:34 +0200 Subject: Initial userspace library version --- userspace/Makefile | 11 +- userspace/ncrypto.h | 193 ++++++------------- userspace/ncrypto_fd.c | 37 ++++ userspace/ncrypto_generate_params.c | 98 ++++++++++ userspace/ncrypto_key.c | 370 ++++++++++++++++++++++++++++++++++++ userspace/ncrypto_masterkey.c | 35 ++++ userspace/ncrypto_params.c | 50 +++++ userspace/ncrypto_session.c | 194 +++++++++++++++++++ 8 files changed, 846 insertions(+), 142 deletions(-) create mode 100644 userspace/ncrypto_fd.c create mode 100644 userspace/ncrypto_generate_params.c create mode 100644 userspace/ncrypto_key.c create mode 100644 userspace/ncrypto_masterkey.c create mode 100644 userspace/ncrypto_params.c create mode 100644 userspace/ncrypto_session.c (limited to 'userspace') diff --git a/userspace/Makefile b/userspace/Makefile index fddefb3..7db92d5 100644 --- a/userspace/Makefile +++ b/userspace/Makefile @@ -1,12 +1,19 @@ CC = gcc -CFLAGS = -Wall -g -O2 +CFLAGS = -Wall -g -O2 -fPIC progs := ncr-setkey -all: $(progs) +libobj = ncrypto_fd.o ncrypto_generate_params.o ncrypto_key.o ncrypto_masterkey.o ncrypto_params.o ncrypto_session.o + +all: $(progs) libcryptodev.so ncr-setkey: setkey.c $(CC) $(CFLAGS) $< -o $@ +libcryptodev.so: ${libobj} + gcc -shared -o libcryptodev.so.0.0 -Wl,-soname,libcryptodev.so.0 ${libobj} + ln -sf libcryptodev.so.0.0 libcryptodev.so.0 + ln -sf libcryptodev.so.0.0 libcryptodev.so + clean: rm -f *.o *~ ncr-setkey diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 546b6ba..faba616 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -1,141 +1,54 @@ -#include -int ncr_global_init(unsigned int flags); /* open device */ -void ncr_global_deinit(void); /* close device */ - - -/* parameters for key generation - */ -int ncr_generate_params_init(ncr_generate_params_t*); /* userspace */ -void ncr_generate_params_deinit(ncr_generate_params_t); /* userspace */ - -/* common for ciphers and public key algorithms */ -void ncr_generate_params_set_algorithm(ncr_generate_params_t, ncr_algorithm_t); /* userspace */ - -/* public key algorithms */ -void ncr_generate_params_set_bits(ncr_generate_params_t, unsigned int bits); /* RSA+DSA */ -int ncr_generate_params_set_rsa_e(ncr_generate_params_t, void* e, unsigned int e_size); /* RSA */ - -/* parameters for encryption/decryption/derivation - */ -int ncr_params_init(ncr_params_t*); /* userspace */ -void ncr_params_deinit(ncr_params_t); /* userspace */ - -int ncr_params_set_cipher_iv(ncr_params_t, void* iv, unsigned int iv_size); /* userspace */ - -int ncr_params_set_dh_key(ncr_params_t, ncr_key_t dh_priv); /* DH */ - - -/* data flags are of NCR_DATA_FLAG_* type */ - -int ncr_data_init(ncr_data_t *, size_t max_object_size, unsigned int dataflags); /* ioctl DATA_INIT */ -size_t ncr_data_get_size(ncr_data_t); /* ioctl DATA_GET */ -int ncr_data_get_data(ncr_data_t, void* data_ptr, size_t *data_size); /* ioctl DATA_GET */ -int ncr_data_set_data(ncr_data_t, void* data_ptr, size_t data_size); /* ioctl DATA_SET */ -int ncr_data_append_data(ncr_data_t, void* data_ptr, size_t data_size); /* ioctl DATA_SET */ -void ncr_data_deinit(ncr_data_t); /* ioctl DATA_DEINIT */ - -/* key flags are NCR_KEY_FLAG_* */ - -int ncr_key_init(ncr_key_t* key); /* ioctl KEY_INIT */ -int ncr_key_generate(ncr_key_t key, ncr_algorithm_t algorithm, unsigned int bits, unsigned int keyflags); /* ioctl KEY_GENERATE */ -int ncr_key_generate_pair(ncr_key_t public_key, ncr_key_t private_key, ncr_generate_params_t params, unsigned int keyflags); /* ioctl KEY_GENERATE_PAIR */ -int ncr_key_derive(ncr_key_t newkey, ncr_params_t params, unsigned int keyflags, ncr_key_t data); /* ioctl KEY_DERIVE */ -unsigned int ncr_key_get_flags(ncr_key_t key); /* ioctl KEY_GET_INFO */ -ncr_key_type_t ncr_key_get_type(ncr_key_t key); /* ioctl KEY_GET_INFO */ -int ncr_key_export(ncr_key_t key, ncr_data_t obj); /* ioctl KEY_EXPORT */ -int ncr_key_import(ncr_key_t key, ncr_data_t obj); /* ioctl KEY_IMPORT */ -int ncr_key_get_id(ncr_key_t, void* id, size_t* id_size); /* KEY_GET_INFO */ -void ncr_key_deinit(ncr_key_t); /* ioctl KEY_DEINIT */ - -typedef enum { - NCR_RSA_MODULUS, - NCR_RSA_EXPONENT, - NCR_DSA_P, - NCR_DSA_Q, - NCR_DSA_Y, -} ncr_public_param_t; - -int ncr_key_get_public_param(ncr_key_t key, ncr_public_param_t, void* output, size_t* output_size); - -/* store keys */ -int ncr_storage_store(const char* label, mode_t mode, ncr_key_t key); /* ioctl STORE_STORE */ -int ncr_storage_mkstemp(char* template, mode_t mode, ncr_key_t key);/* ioctl STORE_MKSTEMP */ -ncr_key_t ncr_storage_load(const char* label); /* ioctl STORE_LOAD */ - -int ncr_storage_chmod(const char* label, mode_t newmode); /* ioctl STORE_CHMOD */ -int ncr_storage_chown(const char* label, uid_t owner, gid_t grp); /* ioctl STORE_CHOWN */ -int ncr_storage_remove(const char* label); /* ioctl STORE_REMOVE */ - -typedef struct {} * ncr_metadata_t; - -int ncr_metadata_init(ncr_metadata_t* metadata); /* userspace */ -void ncr_metadata_deinit(ncr_metadata_t metadata);/* userspace */ - -/* read info from metadata */ -const char* ncr_metadata_get_label(ncr_metadata_t); /* userspace */ -ncr_key_type_t ncr_metadata_get_type(ncr_metadata_t); /* userspace */ - -/* id of the key. For public/private key pairs it should be the same */ -int ncr_metadata_get_id(ncr_metadata_t, void* id, size_t* id_size); /* userspace */ -/* this has meaning only if type is public or private key */ -ncr_algorithm_t ncr_metadata_get_algorithm(ncr_metadata_t); /* userspace */ - -uid_t ncr_metadata_get_uid(ncr_metadata_t); /* userspace */ -gid_t ncr_metadata_get_gid(ncr_metadata_t); /* userspace */ -mode_t ncr_metadata_get_mode(ncr_metadata_t); /*userspace */ - -/* load metadata for particular file */ -int ncr_metadata_load(const char* label, ncr_metadata_t metadata); /* ioctl STORE_METADATA_GET_INFO */ - -/* traverse all storage entries */ -int ncr_storage_traverse_init(ncr_traverse_t* tr); /* ioctl STORE_METADATA_TRAVERSE_INIT */ -int ncr_storage_traverse_next(ncr_traverse_t, ncr_metadata_t metadata); /* ioctl STORE_METADATA_TRAVERSE_NEXT */ -void ncr_storage_traverse_deinit(ncr_traverse_t); /* ioctl STORE_METADATA_TRAVERSE_DEINIT */ - -/* wrap unwrap */ -int ncr_key_wrap(ncr_key_t wrapping_key, ncr_params_t params, ncr_key_t key, void* output_data, size_t output_data_size); /* ioctl KEY_WRAP */ -int ncr_key_unwrap(ncr_key_t*key, ncr_key_t wrapping_key, ncr_params_t params, unsigned int keyflags, void* input_data, size_t input_data_size); /* ioctl KEY_UNWRAP */ - -/* operations to objects result in objects that have the same properties as the original - * object. I.e. encrypting a secret key under an object will not allow you to export it. - */ - -int ncr_session_copy(ncr_session_t* copy, ncr_session_t source); /* ioctl SESSION_COPY */ - -/* encryption functions */ -int ncr_encrypt_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); /* ioctl SESSION_INIT */ -int ncr_encrypt_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t ciphertext); /*userspace */ -int ncr_encrypt_update(ncr_session_t session, const ncr_data_t plaintext, ncr_data_t ciphertext); /* ioctl SESSION_UPDATE */ -int ncr_encrypt_final(ncr_session_t session, ncr_data_t obj); /* ioctl SESSION_FINAL */ - -/* decryption functions */ -int ncr_decrypt_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_decrypt_once(ncr_key_t key, ncr_params_t params, const ncr_data_t ciphertext, ncr_data_t plaintext); -int ncr_decrypt_update(ncr_session_t session, const ncr_data_t ciphertext, ncr_data_t plaintext); -int ncr_decrypt_final(ncr_session_t session, ncr_data_t obj); - -/* PK hash functions */ -int ncr_digest_init(ncr_session_t* session, ncr_params_t params); -int ncr_digest_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t hash); -int ncr_digest_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_digest_final(ncr_session_t session, ncr_data_t hash); - -/* PK SIGN and MAC functions */ -int ncr_sign_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_sign_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t signature); -int ncr_sign_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_sign_final(ncr_session_t session, ncr_data_t signature); - -/* Verify PK signature or MAC signature */ -int ncr_verify_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_verify_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, const ncr_data_t signature); -int ncr_verify_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_verify_final(ncr_session_t session, const ncr_data_t signature); - -/* Everything looks straight forward except for authentication - * algorithms such as Diffie Hellman. This should be done as in PKCS #11 - * as: - * ncr_key_generate_pair(our_pubkey, our_privkey) - * ncr_key_derive(shared_key, params -contain our privkey-, flags_for_new_key, peer_pubkey); - */ +#ifndef __NCRYPT_H__ +#define __NCRYPT_H__ + +#define NCR_DATA_GET_LAST 1 +//#define NCR_DATA_SET_APPEND 1 +#define NCR_SESSION_FINAL 1 + +//struct ncr_key_generate_params_st; +typedef struct ncr_key_generate_params_st *ncr_key_generate_params_t; +//struct ncr_key_params_st; +typedef struct ncr_key_params_st *ncr_key_params_t; + +int ncr_global_init(unsigned int flags); +void ncr_global_deinit(void); + +int ncr_key_generate_params_init(ncr_key_generate_params_t *params); +int ncr_key_generate_params_deinit(ncr_key_generate_params_t params); +int ncr_key_generate_params_set_algorithm(ncr_key_generate_params_t params, ncr_algorithm_t algorithm); +int ncr_key_generate_params_set_keyflags(ncr_key_generate_params_t params, unsigned int keyflags); +int ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int bits); +int ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, unsigned int e_size); +int ncr_key_generate_params_set_dh(ncr_key_generate_params_t params, void *p, size_t p_size, void *g, size_t g_size); + +int ncr_key_init(ncr_key_t *key); +int ncr_key_generate(ncr_key_t key, ncr_key_generate_params_t params); +int ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t params); +int ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_params_t key_params); +int ncr_key_get_flags(ncr_key_t key); +ncr_key_type_t ncr_key_get_type(ncr_key_t key); +int ncr_key_get_id(ncr_key_t key, void *id, size_t *id_size); +int ncr_key_export(ncr_key_t key, void *idata, size_t idata_size); +int ncr_key_import(ncr_key_t key, void *idata, size_t idata_size, void *id, size_t id_size, ncr_algorithm_t algorithm, unsigned int type, unsigned int flags); +int ncr_key_wrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t params, ncr_key_t keytowrap, void *idata, size_t idata_size); +int ncr_key_unwrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t params, ncr_key_t keytowrap, void *idata, size_t idata_size); +int ncr_key_storage_wrap(ncr_key_t keytowrap, void *idata, size_t idata_size); +int ncr_key_storage_unwrap(ncr_key_t keytowrap, void *idata, size_t idata_size); +int ncr_key_deinit(ncr_key_t key); + +int ncr_masterkey_set(void *key, size_t key_size); + +int ncr_key_params_init(ncr_key_params_t *key_params); +void ncr_key_params_deinit(ncr_key_params_t key_params); +int ncr_key_params_set_cipher_iv(ncr_key_params_t key_params, void* iv, unsigned int iv_size); +int ncr_key_params_set_dh_key(ncr_key_params_t key_params, ncr_key_t dh_priv); + +int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size); +int ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size); +int ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t key_params, ncr_crypto_op_t op, ncr_algorithm_t algorithm); +int ncr_session_update_key_data(ncr_session_t session, ncr_key_t input); +int ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size); +int ncr_session_final(ncr_session_t session, void *output, size_t output_size); + +#endif diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c new file mode 100644 index 0000000..fe35529 --- /dev/null +++ b/userspace/ncrypto_fd.c @@ -0,0 +1,37 @@ + +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +int __ncr_file_descriptor = -1; +static int open_count = 0; +static pthread_mutex_t open_lock = PTHREAD_MUTEX_INITIALIZER; + +int +ncr_global_init(unsigned int flags) +{ + int rv = 0; + + /* Open the crypto device unles is not already initialized */ + pthread_mutex_lock(&open_lock); + if ((__ncr_file_descriptor < 0) && ((__ncr_file_descriptor = open("/dev/crypto", O_RDWR)) < 0)) + rv = -1; + else + ++open_count; + pthread_mutex_unlock(&open_lock); + return rv; +} + +void +ncr_global_deinit(void) +{ + pthread_mutex_lock(&open_lock); + if (!--open_count && (__ncr_file_descriptor >= 0)) { + close(__ncr_file_descriptor); + __ncr_file_descriptor = -1; + } + pthread_mutex_unlock(&open_lock); +} + diff --git a/userspace/ncrypto_generate_params.c b/userspace/ncrypto_generate_params.c new file mode 100644 index 0000000..67171c3 --- /dev/null +++ b/userspace/ncrypto_generate_params.c @@ -0,0 +1,98 @@ + +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +int +ncr_key_generate_params_init(ncr_key_generate_params_t *params) +{ + ncr_key_generate_params_t rv; + + if (!params) { + errno = EINVAL; + return -1; + } + + if (!(rv = calloc(1, sizeof(*rv)))) { + errno = ENOMEM; + return -1; + } + + rv->algorithm = NCR_ALG_NONE; + *params = rv; + + return 0; +} + +int +ncr_key_generate_params_deinit(ncr_key_generate_params_t params) +{ + if (params) + free(params); + + return 0; +} + +int +ncr_key_generate_params_set_algorithm(ncr_key_generate_params_t params, ncr_algorithm_t algorithm) +{ + if (!params) { + errno = EINVAL; + return -1; + } + + params->algorithm = algorithm; + + return 0; +} + +int +ncr_key_generate_params_set_keyflags(ncr_key_generate_params_t params, unsigned int keyflags) +{ + if (!params) { + errno = EINVAL; + return -1; + } + + params->keyflags = keyflags; + + return 0; +} + +int +ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int bits) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.secret.bits = bits; + + return 0; +} + +int +ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, size_t e_size) +{ + errno = ENOTSUP; + return -1; +} + +int +ncr_key_generate_params_set_dh(ncr_key_generate_params_t params, void *p, size_t p_size, void *g, size_t g_size) +{ + if (!params) { + errno = EINVAL; + return -1; + } + + params->params.dh.p = p; + params->params.dh.p_size = p_size; + params->params.dh.g = g; + params->params.dh.g_size = g_size; + + return 0; +} + diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c new file mode 100644 index 0000000..ca4cfeb --- /dev/null +++ b/userspace/ncrypto_key.c @@ -0,0 +1,370 @@ + +#include +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +extern int __ncr_file_descriptor; + +int +ncr_key_init(ncr_key_t *key) +{ + if ((__ncr_file_descriptor < 0) && (ncr_global_init(0) < 0)) + return -1; + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_INIT, key) < 0) + return -1; + + return 0; +} + +int +ncr_key_generate(ncr_key_t key, ncr_key_generate_params_t params) +{ + struct ncr_key_generate_st io; + memset(&io, 0, sizeof(io)); + + if (!key) { + errno = EINVAL; + return -1; + } + + io.desc = key; + if (params) + memmove(&io.params, params, sizeof(io.params)); + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GENERATE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t params) +{ + struct ncr_key_generate_st io; + memset(&io, 0, sizeof(io)); + + if (!key1 || !key2) { + errno = EINVAL; + return -1; + } + + io.desc = key1; + io.desc2 = key2; + if (params) + memmove(&io.params, params, sizeof(io.params)); + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GENERATE_PAIR, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_params_t params) +{ + struct ncr_key_derivation_params_st io; + memset(&io, 0, sizeof(io)); + + if (!newkey) { + errno = EINVAL; + return -1; + } + + io.newkey = newkey; + io.key = key; + io.keyflags = keyflags; + if (params) + memmove(&io.params, params, sizeof(io.params)); + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_DERIVE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_get_flags(ncr_key_t key) +{ + struct ncr_key_info_st io; + memset(&io, 0, sizeof(io)); + + if (!key) { + errno = EINVAL; + return -1; + } + + io.key = key; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + return -1; + + return io.flags; +} + +ncr_key_type_t +ncr_key_get_type(ncr_key_t key) +{ + struct ncr_key_info_st io; + memset(&io, 0, sizeof(io)); + + if (!key) { + errno = EINVAL; + return -1; + } + + io.key = key; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + return -1; + + return io.type; +} + +int +ncr_key_get_id(ncr_key_t key, void *id, size_t *id_size) +{ + struct ncr_key_info_st io; + memset(&io, 0, sizeof(io)); + + if (!key) { + errno = EINVAL; + return -1; + } + + io.key = key; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + return -1; + + if (io.key_id_size < *id_size) + *id_size = io.key_id_size; + + memmove(id, &io.key_id, *id_size); + + return 0; +} + +int +ncr_key_export(ncr_key_t key, void *idata, size_t idata_size) +{ + struct ncr_key_data_st io; + memset(&io, 0, sizeof(io)); + + if (!key || !idata || !idata_size) { + errno = EINVAL; + return -1; + } + + io.key = key; + io.idata = idata; + io.idata_size = idata_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_EXPORT, &io) < 0) + return -1; + + return io.idata_size; +} + +int +ncr_key_import(ncr_key_t key, void *idata, size_t idata_size, void *id, size_t id_size, ncr_algorithm_t algorithm, unsigned int type, unsigned int flags) +{ + struct ncr_key_data_st io; + memset(&io, 0, sizeof(io)); + + if (!key || !idata || !idata_size || !id || !id_size || (algorithm == NCR_ALG_NONE)) { + errno = EINVAL; + return -1; + } + + io.key = key; + io.idata = idata; + io.idata_size = idata_size; + if (id_size > MAX_KEY_ID_SIZE) + id_size = MAX_KEY_ID_SIZE; + memmove(&io.key_id, id, id_size); + io.key_id_size = id_size; + io.algorithm = algorithm; + io.type = type; + io.flags = flags; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_IMPORT, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_wrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t params, ncr_key_t keytowrap, void *idata, size_t idata_size) +{ + struct ncr_key_wrap_st io; + memset(&io, 0, sizeof(io)); + + if (!key || !keytowrap || !idata || !idata_size || (algorithm == NCR_ALG_NONE)) { + errno = EINVAL; + return -1; + } + + io.key = key; + io.algorithm = algorithm; + if (params) + memmove(&io.params, params, sizeof(io.params)); + io.keytowrap = keytowrap; + io.io = idata; + io.io_size = idata_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_WRAP, &io) < 0) + return -1; + + return io.io_size; +} + +int +ncr_key_unwrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t params, ncr_key_t keytowrap, void *idata, size_t idata_size) +{ + struct ncr_key_wrap_st io; + memset(&io, 0, sizeof(io)); + + if (!key || !keytowrap || !idata || !idata_size || (algorithm == NCR_ALG_NONE)) { + errno = EINVAL; + return -1; + } + + io.key = key; + io.algorithm = algorithm; + if (params) + memmove(&io.params, params, sizeof(io.params)); + io.keytowrap = keytowrap; + io.io = idata; + io.io_size = idata_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_UNWRAP, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_storage_wrap(ncr_key_t keytowrap, void *idata, size_t idata_size) +{ + struct ncr_key_storage_wrap_st io; + memset(&io, 0, sizeof(io)); + + if (!keytowrap || !idata || !idata_size) { + errno = EINVAL; + return -1; + } + + io.keytowrap = keytowrap; + io.io = idata; + io.io_size = idata_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_STORAGE_WRAP, &io) < 0) + return -1; + + return io.io_size; +} + +int +ncr_key_storage_unwrap(ncr_key_t keytowrap, void *idata, size_t idata_size) +{ + struct ncr_key_storage_wrap_st io; + memset(&io, 0, sizeof(io)); + + if (!keytowrap || !idata || !idata_size) { + errno = EINVAL; + return -1; + } + + io.keytowrap = keytowrap; + io.io = idata; + io.io_size = idata_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_STORAGE_UNWRAP, &io) < 0) + return -1; + + return 0; +} + +int +ncr_key_deinit(ncr_key_t key) +{ + if (!key) { + errno = EINVAL; + return -1; + } + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_DEINIT, &key) < 0) + return -1; + + return 0; +} + diff --git a/userspace/ncrypto_masterkey.c b/userspace/ncrypto_masterkey.c new file mode 100644 index 0000000..a5c55c3 --- /dev/null +++ b/userspace/ncrypto_masterkey.c @@ -0,0 +1,35 @@ + +#include +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +extern int __ncr_file_descriptor; + +int +ncr_masterkey_set(void *key, size_t key_size) +{ + struct ncr_master_key_st io; + memset(&io, 0, sizeof(io)); + + if (!key || !key_size) { + errno = EINVAL; + return -1; + } + + io.key = key = key; + io.key_size = key_size; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_MASTER_KEY_SET, &io) < 0) + return -1; + + return 0; +} + diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c new file mode 100644 index 0000000..c6b9002 --- /dev/null +++ b/userspace/ncrypto_params.c @@ -0,0 +1,50 @@ + +#include +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +int +ncr_key_params_init(ncr_key_params_t *params) +{ + ncr_key_params_t rv; + + if (!params) { + errno = EINVAL; + return -1; + } + if (!(rv = calloc(1, sizeof(*rv)))) { + errno = ENOMEM; + return -1; + } + *params = rv; + return 0; +} + +void +ncr_key_params_deinit(ncr_key_params_t params) +{ + if (params) + free(params); +} + +int +ncr_key_params_set_cipher_iv(ncr_key_params_t params, void* iv, unsigned int iv_size) +{ + if (!params || (iv_size > NCR_CIPHER_MAX_BLOCK_LEN)) { + errno = EINVAL; + return -1; + } + memmove(params->params.cipher.iv, iv, iv_size); + params->params.cipher.iv_size = iv_size; + return 0; +} + +int +ncr_key_params_set_dh_key(ncr_key_params_t params, ncr_key_t dh_priv) +{ + errno = EINVAL; +} + diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c new file mode 100644 index 0000000..f8c1784 --- /dev/null +++ b/userspace/ncrypto_session.c @@ -0,0 +1,194 @@ + +#include +#include +#include +#include +#include "../ncr.h" +#include "ncrypto.h" + +extern int __ncr_file_descriptor; + +int +ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size) +{ + struct ncr_session_once_op_st io; + memset(&io, 0, sizeof(io)); + + if (!input || !output || !output_size) { + errno = EINVAL; + return -1; + } + + io.init.algorithm = algorithm; + io.init.key = key; + if (!params) + memmove(&io.init.params, params, sizeof(io.init.params)); + io.init.op = op; + io.op.data.kdata.input = input; + io.op.data.kdata.output = output; + io.op.data.kdata.output_size = output_size; + io.op.type = NCR_KEY_DATA; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size) +{ + struct ncr_session_once_op_st io; + memset(&io, 0, sizeof(io)); + + if (!input || !input_size || !output || !output_size) { + errno = EINVAL; + return -1; + } + + io.init.algorithm = algorithm; + io.init.key = key; + if (!params) + memmove(&io.init.params, params, sizeof(io.init.params)); + io.init.op = op; + io.op.data.udata.input = input; + io.op.data.udata.input_size = input_size; + io.op.data.udata.output = output; + io.op.data.udata.output_size = output_size; + io.op.type = NCR_DIRECT_DATA; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm) +{ + struct ncr_session_st io; + memset(&io, 0, sizeof(io)); + + if (!session || (algorithm == NCR_ALG_NONE)) { + errno = EINVAL; + return -1; + } + + io.algorithm = algorithm; + io.key = key; + if (!params) + memmove(&io.params, params, sizeof(io.params)); + io.op = op; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_INIT, &io) < 0) + return -1; + + *session = io.ses; + + return 0; +} + +int +ncr_session_update_key_data(ncr_session_t session, ncr_key_t input) +{ + struct ncr_session_op_st io; + memset(&io, 0, sizeof(io)); + + if (!session || !input) { + errno = EINVAL; + return -1; + } + + io.ses = session; + io.data.kdata.input = input; + io.type = NCR_KEY_DATA; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size) +{ + struct ncr_session_op_st io; + memset(&io, 0, sizeof(io)); + + if (!session || !input || !input_size) { + errno = EINVAL; + return -1; + } + + io.ses = session; + io.data.udata.input = input; + io.data.udata.input_size = input_size; + io.type = NCR_DIRECT_DATA; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) + return -1; + + return 0; +} + +int +ncr_session_final(ncr_session_t session, void *output, size_t output_size) +{ + struct ncr_session_op_st io; + memset(&io, 0, sizeof(io)); + + if (!session) { + errno = EINVAL; + return -1; + } + + io.ses = session; + io.data.kdata.output = output; + io.data.kdata.output_size = output_size; + io.type = NCR_KEY_DATA; + + if (__ncr_file_descriptor < 0) { + errno = EBADF; + return -1; + } + + if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_FINAL, &io) < 0) + return -1; + + switch (io.err) { + case NCR_VERIFICATION_FAILED: + errno = EDOM; + return -1; + case NCR_SUCCESS: + return (errno = 0); + default: + errno = EFAULT; + return -1; + } +} + -- cgit From 8605bbe4b2c4cdeaacb4ac7918acdf7fd6122804 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 2 Aug 2010 10:59:47 +0200 Subject: Update prototype of ncr_key_generate_params_set_rsa_e --- userspace/ncrypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index faba616..f020f44 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -19,7 +19,7 @@ int ncr_key_generate_params_deinit(ncr_key_generate_params_t params); int ncr_key_generate_params_set_algorithm(ncr_key_generate_params_t params, ncr_algorithm_t algorithm); int ncr_key_generate_params_set_keyflags(ncr_key_generate_params_t params, unsigned int keyflags); int ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int bits); -int ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, unsigned int e_size); +int ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, size_t e_size); int ncr_key_generate_params_set_dh(ncr_key_generate_params_t params, void *p, size_t p_size, void *g, size_t g_size); int ncr_key_init(ncr_key_t *key); -- cgit From 8308517b7b9335ec4ca0ac6e6bcb8ddd9a3689c5 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 2 Aug 2010 11:00:11 +0200 Subject: Include the header file for close() --- userspace/ncrypto_fd.c | 1 + 1 file changed, 1 insertion(+) (limited to 'userspace') diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c index fe35529..a563694 100644 --- a/userspace/ncrypto_fd.c +++ b/userspace/ncrypto_fd.c @@ -2,6 +2,7 @@ #include #include #include +#include #include "../ncr.h" #include "ncrypto.h" -- cgit From 377e8e5dca01fa1a572ca1a84aee817279a86f9c Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 2 Aug 2010 11:00:22 +0200 Subject: Add missing "return"; --- userspace/ncrypto_params.c | 1 + 1 file changed, 1 insertion(+) (limited to 'userspace') diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index c6b9002..0bbe0df 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -46,5 +46,6 @@ int ncr_key_params_set_dh_key(ncr_key_params_t params, ncr_key_t dh_priv) { errno = EINVAL; + return -1; } -- cgit From b777f05372cd72112c10344630e8b1dc7918aa35 Mon Sep 17 00:00:00 2001 From: Jan Chadima Date: Thu, 5 Aug 2010 16:17:26 +0200 Subject: Userspace library updates from Jan --- userspace/ncrypto_key.c | 4 ++-- userspace/ncrypto_session.c | 21 +++++++++++---------- 2 files changed, 13 insertions(+), 12 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index ca4cfeb..b5f2c92 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -243,7 +243,7 @@ ncr_key_wrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t par struct ncr_key_wrap_st io; memset(&io, 0, sizeof(io)); - if (!key || !keytowrap || !idata || !idata_size || (algorithm == NCR_ALG_NONE)) { + if (!key || !keytowrap || !idata || !idata_size) { errno = EINVAL; return -1; } @@ -273,7 +273,7 @@ ncr_key_unwrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t p struct ncr_key_wrap_st io; memset(&io, 0, sizeof(io)); - if (!key || !keytowrap || !idata || !idata_size || (algorithm == NCR_ALG_NONE)) { + if (!key || !keytowrap || !idata || !idata_size) { errno = EINVAL; return -1; } diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index f8c1784..94a494a 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -21,7 +21,7 @@ ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_ io.init.algorithm = algorithm; io.init.key = key; - if (!params) + if (params) memmove(&io.init.params, params, sizeof(io.init.params)); io.init.op = op; io.op.data.kdata.input = input; @@ -37,7 +37,7 @@ ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_ if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; - return 0; + return io.op.data.kdata.output_size; } int @@ -51,10 +51,10 @@ ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_ return -1; } - io.init.algorithm = algorithm; io.init.key = key; - if (!params) + if (params) memmove(&io.init.params, params, sizeof(io.init.params)); + io.init.algorithm = algorithm; io.init.op = op; io.op.data.udata.input = input; io.op.data.udata.input_size = input_size; @@ -70,7 +70,7 @@ ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_ if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; - return 0; + return io.op.data.udata.output_size; } int @@ -86,7 +86,7 @@ ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t params, io.algorithm = algorithm; io.key = key; - if (!params) + if (params) memmove(&io.params, params, sizeof(io.params)); io.op = op; @@ -168,9 +168,9 @@ ncr_session_final(ncr_session_t session, void *output, size_t output_size) } io.ses = session; - io.data.kdata.output = output; - io.data.kdata.output_size = output_size; - io.type = NCR_KEY_DATA; + io.data.udata.output = output; + io.data.udata.output_size = output_size; + io.type = NCR_DIRECT_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; @@ -185,7 +185,8 @@ ncr_session_final(ncr_session_t session, void *output, size_t output_size) errno = EDOM; return -1; case NCR_SUCCESS: - return (errno = 0); + errno = 0; + return io.data.udata.output_size; default: errno = EFAULT; return -1; -- cgit From 04fd86aa0fd905aa25025f9d4785a0fd49cd2633 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Thu, 5 Aug 2010 16:38:25 +0200 Subject: Delete libcryptodev.so* on (make clean) --- userspace/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'userspace') diff --git a/userspace/Makefile b/userspace/Makefile index 7db92d5..b87bf0c 100644 --- a/userspace/Makefile +++ b/userspace/Makefile @@ -16,4 +16,4 @@ libcryptodev.so: ${libobj} ln -sf libcryptodev.so.0.0 libcryptodev.so clean: - rm -f *.o *~ ncr-setkey + rm -f *.o *~ libcryptodev.so* ncr-setkey -- cgit From a46cc44977691cf6ea62c19d2b57d74f94ae2e20 Mon Sep 17 00:00:00 2001 From: Jan Chadima Date: Thu, 5 Aug 2010 18:35:51 +0200 Subject: Use O_CLOEXEC for the internal file descriptor --- userspace/ncrypto_fd.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'userspace') diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c index a563694..ce925cf 100644 --- a/userspace/ncrypto_fd.c +++ b/userspace/ncrypto_fd.c @@ -17,7 +17,7 @@ ncr_global_init(unsigned int flags) /* Open the crypto device unles is not already initialized */ pthread_mutex_lock(&open_lock); - if ((__ncr_file_descriptor < 0) && ((__ncr_file_descriptor = open("/dev/crypto", O_RDWR)) < 0)) + if ((__ncr_file_descriptor < 0) && ((__ncr_file_descriptor = open("/dev/crypto", O_RDWR|O_CLOEXEC)) < 0)) rv = -1; else ++open_count; -- cgit From c162df10090ee57d0219adcd6b51809bd78a2dd2 Mon Sep 17 00:00:00 2001 From: Jan Chadima Date: Thu, 5 Aug 2010 18:36:18 +0200 Subject: Don't assume NCR_KEY_INVALID is 0 --- userspace/ncrypto_key.c | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index b5f2c92..47d4c94 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -26,7 +26,7 @@ ncr_key_generate(ncr_key_t key, ncr_key_generate_params_t params) struct ncr_key_generate_st io; memset(&io, 0, sizeof(io)); - if (!key) { + if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -52,7 +52,7 @@ ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t struct ncr_key_generate_st io; memset(&io, 0, sizeof(io)); - if (!key1 || !key2) { + if (key1 == NCR_KEY_INVALID|| key2 == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -79,7 +79,7 @@ ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_p struct ncr_key_derivation_params_st io; memset(&io, 0, sizeof(io)); - if (!newkey) { + if (newkey == NCR_KEY_INVALID || key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -107,7 +107,7 @@ ncr_key_get_flags(ncr_key_t key) struct ncr_key_info_st io; memset(&io, 0, sizeof(io)); - if (!key) { + if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -131,7 +131,7 @@ ncr_key_get_type(ncr_key_t key) struct ncr_key_info_st io; memset(&io, 0, sizeof(io)); - if (!key) { + if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -155,7 +155,7 @@ ncr_key_get_id(ncr_key_t key, void *id, size_t *id_size) struct ncr_key_info_st io; memset(&io, 0, sizeof(io)); - if (!key) { + if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -184,7 +184,7 @@ ncr_key_export(ncr_key_t key, void *idata, size_t idata_size) struct ncr_key_data_st io; memset(&io, 0, sizeof(io)); - if (!key || !idata || !idata_size) { + if (key == NCR_KEY_INVALID || !idata || !idata_size) { errno = EINVAL; return -1; } @@ -210,7 +210,7 @@ ncr_key_import(ncr_key_t key, void *idata, size_t idata_size, void *id, size_t i struct ncr_key_data_st io; memset(&io, 0, sizeof(io)); - if (!key || !idata || !idata_size || !id || !id_size || (algorithm == NCR_ALG_NONE)) { + if (key == NCR_KEY_INVALID || !idata || !idata_size || !id || !id_size || algorithm == NCR_ALG_NONE) { errno = EINVAL; return -1; } @@ -243,7 +243,7 @@ ncr_key_wrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t par struct ncr_key_wrap_st io; memset(&io, 0, sizeof(io)); - if (!key || !keytowrap || !idata || !idata_size) { + if (key == NCR_KEY_INVALID || keytowrap == NCR_KEY_INVALID || !idata || !idata_size) { errno = EINVAL; return -1; } @@ -273,7 +273,7 @@ ncr_key_unwrap(ncr_key_t key, ncr_wrap_algorithm_t algorithm, ncr_key_params_t p struct ncr_key_wrap_st io; memset(&io, 0, sizeof(io)); - if (!key || !keytowrap || !idata || !idata_size) { + if (key == NCR_KEY_INVALID || keytowrap == NCR_KEY_INVALID || !idata || !idata_size) { errno = EINVAL; return -1; } @@ -303,7 +303,7 @@ ncr_key_storage_wrap(ncr_key_t keytowrap, void *idata, size_t idata_size) struct ncr_key_storage_wrap_st io; memset(&io, 0, sizeof(io)); - if (!keytowrap || !idata || !idata_size) { + if (keytowrap == NCR_KEY_INVALID || !idata || !idata_size) { errno = EINVAL; return -1; } @@ -329,7 +329,7 @@ ncr_key_storage_unwrap(ncr_key_t keytowrap, void *idata, size_t idata_size) struct ncr_key_storage_wrap_st io; memset(&io, 0, sizeof(io)); - if (!keytowrap || !idata || !idata_size) { + if (keytowrap == NCR_KEY_INVALID|| !idata || !idata_size) { errno = EINVAL; return -1; } @@ -352,7 +352,7 @@ ncr_key_storage_unwrap(ncr_key_t keytowrap, void *idata, size_t idata_size) int ncr_key_deinit(ncr_key_t key) { - if (!key) { + if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } -- cgit From 9065dbb9f53d1728536c95c47f55fd525d032696 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Thu, 5 Aug 2010 18:16:09 +0200 Subject: Don't assume NCR_SESSION_INVALID is 0 --- userspace/ncrypto_session.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index 94a494a..7cc0ab3 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -14,7 +14,7 @@ ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_ struct ncr_session_once_op_st io; memset(&io, 0, sizeof(io)); - if (!input || !output || !output_size) { + if (input == NCR_KEY_INVALID || !output || !output_size) { errno = EINVAL; return -1; } @@ -109,7 +109,7 @@ ncr_session_update_key_data(ncr_session_t session, ncr_key_t input) struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); - if (!session || !input) { + if (session == NCR_SESSION_INVALID || input == NCR_KEY_INVALID) { errno = EINVAL; return -1; } @@ -135,7 +135,7 @@ ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_ struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); - if (!session || !input || !input_size) { + if (session == NCR_SESSION_INVALID || !input || !input_size) { errno = EINVAL; return -1; } @@ -162,7 +162,7 @@ ncr_session_final(ncr_session_t session, void *output, size_t output_size) struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); - if (!session) { + if (session == NCR_SESSION_INVALID) { errno = EINVAL; return -1; } -- cgit From 77fc876d20876c608110941576ee7e2f1b36f95d Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Thu, 5 Aug 2010 18:18:30 +0200 Subject: Don't prohibit NCR_ALG_NULL. It's used in examples/speed.c for testing. --- userspace/ncrypto_session.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'userspace') diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index 7cc0ab3..b8f5b67 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -79,7 +79,7 @@ ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t params, struct ncr_session_st io; memset(&io, 0, sizeof(io)); - if (!session || (algorithm == NCR_ALG_NONE)) { + if (!session) { errno = EINVAL; return -1; } -- cgit From 8b68956147faae4ce64c8a557c64ae2d004401d9 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 00:14:43 +0200 Subject: Support output data in NCRIO_SESSION_UPDATE --- userspace/ncrypto.h | 4 ++-- userspace/ncrypto_session.c | 12 ++++++++---- 2 files changed, 10 insertions(+), 6 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index f020f44..777f426 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -47,8 +47,8 @@ int ncr_key_params_set_dh_key(ncr_key_params_t key_params, ncr_key_t dh_priv); int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size); int ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size); int ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t key_params, ncr_crypto_op_t op, ncr_algorithm_t algorithm); -int ncr_session_update_key_data(ncr_session_t session, ncr_key_t input); -int ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size); +int ncr_session_update_key_data(ncr_session_t session, ncr_key_t input, void *output, size_t output_size); +int ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size, void *output, size_t output_size); int ncr_session_final(ncr_session_t session, void *output, size_t output_size); #endif diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index b8f5b67..9f6d317 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -104,7 +104,7 @@ ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t params, } int -ncr_session_update_key_data(ncr_session_t session, ncr_key_t input) +ncr_session_update_key_data(ncr_session_t session, ncr_key_t input, void *output, size_t output_size) { struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); @@ -116,6 +116,8 @@ ncr_session_update_key_data(ncr_session_t session, ncr_key_t input) io.ses = session; io.data.kdata.input = input; + io.data.kdata.output = output; + io.data.kdata.output_size = output_size; io.type = NCR_KEY_DATA; if (__ncr_file_descriptor < 0) { @@ -126,11 +128,11 @@ ncr_session_update_key_data(ncr_session_t session, ncr_key_t input) if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) return -1; - return 0; + return io.data.kdata.output_size; } int -ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size) +ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size, void *output, size_t output_size) { struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); @@ -143,6 +145,8 @@ ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_ io.ses = session; io.data.udata.input = input; io.data.udata.input_size = input_size; + io.data.udata.output = output; + io.data.udata.output_size = output_size; io.type = NCR_DIRECT_DATA; if (__ncr_file_descriptor < 0) { @@ -153,7 +157,7 @@ ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_ if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) return -1; - return 0; + return io.data.udata.output_size; } int -- cgit From 276569aa1c2ce3f2584c7286e11be671f85d1f65 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 00:22:48 +0200 Subject: Support NCR_OP_VERIFY in *_once_* --- userspace/ncrypto_session.c | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index 9f6d317..e37aa21 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -37,7 +37,17 @@ ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_ if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; - return io.op.data.kdata.output_size; + switch (io.op.err) { + case NCR_VERIFICATION_FAILED: + errno = EDOM; + return -1; + case NCR_SUCCESS: + errno = 0; + return io.op.data.kdata.output_size; + default: + errno = EFAULT; + return -1; + } } int @@ -70,7 +80,17 @@ ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_ if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; - return io.op.data.udata.output_size; + switch (io.op.err) { + case NCR_VERIFICATION_FAILED: + errno = EDOM; + return -1; + case NCR_SUCCESS: + errno = 0; + return io.op.data.udata.output_size; + default: + errno = EFAULT; + return -1; + } } int -- cgit From 7f0366558145a1bcdd5e877d7e5e25e246e01a37 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:25:17 +0200 Subject: Use EOVERFLOW if input data is too large --- userspace/ncrypto_key.c | 6 ++++-- userspace/ncrypto_params.c | 6 +++++- 2 files changed, 9 insertions(+), 3 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 47d4c94..758ff6f 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -218,8 +218,10 @@ ncr_key_import(ncr_key_t key, void *idata, size_t idata_size, void *id, size_t i io.key = key; io.idata = idata; io.idata_size = idata_size; - if (id_size > MAX_KEY_ID_SIZE) - id_size = MAX_KEY_ID_SIZE; + if (id_size > MAX_KEY_ID_SIZE) { + errno = EOVERFLOW; + return -1; + } memmove(&io.key_id, id, id_size); io.key_id_size = id_size; io.algorithm = algorithm; diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index 0bbe0df..d365432 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -33,10 +33,14 @@ ncr_key_params_deinit(ncr_key_params_t params) int ncr_key_params_set_cipher_iv(ncr_key_params_t params, void* iv, unsigned int iv_size) { - if (!params || (iv_size > NCR_CIPHER_MAX_BLOCK_LEN)) { + if (!params) { errno = EINVAL; return -1; } + if (iv_size > NCR_CIPHER_MAX_BLOCK_LEN) { + errno = EOVERFLOW; + return -1; + } memmove(params->params.cipher.iv, iv, iv_size); params->params.cipher.iv_size = iv_size; return 0; -- cgit From 1f6b4a82c825f253c94e74fe0969bf27c6598ac2 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:26:17 +0200 Subject: Allow empty id_size The ids are not really used for anything so far --- userspace/ncrypto_key.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'userspace') diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 758ff6f..6d9548d 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -210,7 +210,7 @@ ncr_key_import(ncr_key_t key, void *idata, size_t idata_size, void *id, size_t i struct ncr_key_data_st io; memset(&io, 0, sizeof(io)); - if (key == NCR_KEY_INVALID || !idata || !idata_size || !id || !id_size || algorithm == NCR_ALG_NONE) { + if (key == NCR_KEY_INVALID || !idata || !idata_size || (!id && id_size != 0) || algorithm == NCR_ALG_NONE) { errno = EINVAL; return -1; } -- cgit From 3bbecb0f648f3f831523e23f02a81e3e2cd5feac Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:44:51 +0200 Subject: Implement missing algorithm-specific keygen params Rename ncr_key_generate_params_set_bits to ncr_key_generate_params_set_secret_bits in the process, an incompatible change. --- userspace/ncrypto.h | 5 ++- userspace/ncrypto_generate_params.c | 62 ++++++++++++++++++++++++++++++++++--- 2 files changed, 62 insertions(+), 5 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 777f426..09455d6 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -18,8 +18,11 @@ int ncr_key_generate_params_init(ncr_key_generate_params_t *params); int ncr_key_generate_params_deinit(ncr_key_generate_params_t params); int ncr_key_generate_params_set_algorithm(ncr_key_generate_params_t params, ncr_algorithm_t algorithm); int ncr_key_generate_params_set_keyflags(ncr_key_generate_params_t params, unsigned int keyflags); -int ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int bits); +int ncr_key_generate_params_set_secret_bits(ncr_key_generate_params_t params, unsigned int bits); +int ncr_key_generate_params_set_rsa_bits(ncr_key_generate_params_t params, unsigned int bits); int ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, size_t e_size); +int ncr_key_generate_params_set_dsa_p_bits(ncr_key_generate_params_t params, unsigned int p_bits); +int ncr_key_generate_params_set_dsa_q_bits(ncr_key_generate_params_t params, unsigned int q_bits); int ncr_key_generate_params_set_dh(ncr_key_generate_params_t params, void *p, size_t p_size, void *g, size_t g_size); int ncr_key_init(ncr_key_t *key); diff --git a/userspace/ncrypto_generate_params.c b/userspace/ncrypto_generate_params.c index 67171c3..5772aaf 100644 --- a/userspace/ncrypto_generate_params.c +++ b/userspace/ncrypto_generate_params.c @@ -1,4 +1,4 @@ - +#include #include #include #include @@ -62,7 +62,7 @@ ncr_key_generate_params_set_keyflags(ncr_key_generate_params_t params, unsigned } int -ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int bits) +ncr_key_generate_params_set_secret_bits(ncr_key_generate_params_t params, unsigned int bits) { if (!params) { errno = EINVAL; @@ -73,11 +73,65 @@ ncr_key_generate_params_set_bits(ncr_key_generate_params_t params, unsigned int return 0; } +int +ncr_key_generate_params_set_rsa_bits(ncr_key_generate_params_t params, unsigned int bits) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.rsa.bits = bits; + + return 0; +} + int ncr_key_generate_params_set_rsa_e(ncr_key_generate_params_t params, void *e, size_t e_size) { - errno = ENOTSUP; - return -1; + unsigned long value; + const uint8_t *p; + + if (!params || !e) { + errno = EINVAL; + return -1; + } + value = 0; + for (p = e; p < (const uint8_t *)e + e_size; p++) { + if (value > (ULONG_MAX - *p) / 256) { + errno = EOVERFLOW; + return -1; + } + value = value * 256 + *p; + } + + params->params.rsa.e = value; + return 0; +} + +int +ncr_key_generate_params_set_dsa_p_bits(ncr_key_generate_params_t params, + unsigned int p_bits) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.dsa.p_bits = p_bits; + + return 0; +} + +int +ncr_key_generate_params_set_dsa_q_bits(ncr_key_generate_params_t params, + unsigned int q_bits) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.dsa.q_bits = q_bits; + + return 0; } int -- cgit From c61ec8d5ec0e30b60f04fbce411082ae8019051b Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:51:16 +0200 Subject: Add helper function ncr_key_get_info This avoids code duplication in the various ncr_key_get_* functions. --- userspace/ncrypto_key.c | 53 ++++++++++++++++--------------------------------- 1 file changed, 17 insertions(+), 36 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 6d9548d..e424c87 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -101,51 +101,45 @@ ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_p return 0; } -int -ncr_key_get_flags(ncr_key_t key) +static int +ncr_key_get_info(struct ncr_key_info_st *dest, ncr_key_t key) { - struct ncr_key_info_st io; - memset(&io, 0, sizeof(io)); - if (key == NCR_KEY_INVALID) { errno = EINVAL; return -1; } - io.key = key; + memset(dest, 0, sizeof(*dest)); + dest->key = key; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } - if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, dest) < 0) return -1; - return io.flags; + return 0; } -ncr_key_type_t -ncr_key_get_type(ncr_key_t key) +int +ncr_key_get_flags(ncr_key_t key) { struct ncr_key_info_st io; - memset(&io, 0, sizeof(io)); - if (key == NCR_KEY_INVALID) { - errno = EINVAL; + if (ncr_key_get_info(&io, key) < 0) return -1; - } - - io.key = key; + return io.flags; +} - if (__ncr_file_descriptor < 0) { - errno = EBADF; - return -1; - } +ncr_key_type_t +ncr_key_get_type(ncr_key_t key) +{ + struct ncr_key_info_st io; - if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + if (ncr_key_get_info(&io, key) < 0) return -1; - return io.type; } @@ -153,21 +147,8 @@ int ncr_key_get_id(ncr_key_t key, void *id, size_t *id_size) { struct ncr_key_info_st io; - memset(&io, 0, sizeof(io)); - - if (key == NCR_KEY_INVALID) { - errno = EINVAL; - return -1; - } - - io.key = key; - - if (__ncr_file_descriptor < 0) { - errno = EBADF; - return -1; - } - if (ioctl(__ncr_file_descriptor, NCRIO_KEY_GET_INFO, &io) < 0) + if (ncr_key_get_info(&io, key) < 0) return -1; if (io.key_id_size < *id_size) -- cgit From 6404fb1b9aaa2b4a5d85bf5f9422f3179e772689 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:52:00 +0200 Subject: Add ncr_key_get_algorithm() --- userspace/ncrypto.h | 1 + userspace/ncrypto_key.c | 10 ++++++++++ 2 files changed, 11 insertions(+) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 09455d6..6f75de8 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -29,6 +29,7 @@ int ncr_key_init(ncr_key_t *key); int ncr_key_generate(ncr_key_t key, ncr_key_generate_params_t params); int ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t params); int ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_params_t key_params); +ncr_algorithm_t ncr_key_get_algorithm(ncr_key_t key); int ncr_key_get_flags(ncr_key_t key); ncr_key_type_t ncr_key_get_type(ncr_key_t key); int ncr_key_get_id(ncr_key_t key, void *id, size_t *id_size); diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index e424c87..db46ee4 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -123,6 +123,16 @@ ncr_key_get_info(struct ncr_key_info_st *dest, ncr_key_t key) return 0; } +ncr_algorithm_t +ncr_key_get_algorithm(ncr_key_t key) +{ + struct ncr_key_info_st io; + + if (ncr_key_get_info(&io, key) < 0) + return -1; + return io.algorithm; +} + int ncr_key_get_flags(ncr_key_t key) { -- cgit From 8776b83f4f8301b944fd2d511ca7ee4c09d318ab Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 01:55:25 +0200 Subject: Implement DH key params New function ncr_key_params_set_dh_pub(), replacing ncr_key_params_set_dh_key(). --- userspace/ncrypto.h | 2 +- userspace/ncrypto_params.c | 11 ++++++++--- 2 files changed, 9 insertions(+), 4 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 6f75de8..cc30f2f 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -46,7 +46,7 @@ int ncr_masterkey_set(void *key, size_t key_size); int ncr_key_params_init(ncr_key_params_t *key_params); void ncr_key_params_deinit(ncr_key_params_t key_params); int ncr_key_params_set_cipher_iv(ncr_key_params_t key_params, void* iv, unsigned int iv_size); -int ncr_key_params_set_dh_key(ncr_key_params_t key_params, ncr_key_t dh_priv); +int ncr_key_params_set_dh_pub(ncr_key_params_t params, void *pub, size_t pub_size); int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size); int ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size); diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index d365432..253664b 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -47,9 +47,14 @@ ncr_key_params_set_cipher_iv(ncr_key_params_t params, void* iv, unsigned int iv_ } int -ncr_key_params_set_dh_key(ncr_key_params_t params, ncr_key_t dh_priv) +ncr_key_params_set_dh_pub(ncr_key_params_t params, void *pub, size_t pub_size) { - errno = EINVAL; - return -1; + if (!params || !pub || !pub_size) { + errno = EINVAL; + return -1; + } + params->params.dh.pub = pub; + params->params.dh.pub_size = pub_size; + return 0; } -- cgit From 18e1c9aa347e5cf8f6d28820d27c7e3083a24e38 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 02:21:53 +0200 Subject: Add remaining accessors for ncr_key_params_t --- userspace/ncrypto.h | 5 ++++ userspace/ncrypto_params.c | 58 ++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 63 insertions(+) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index cc30f2f..2660dde 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -47,6 +47,11 @@ int ncr_key_params_init(ncr_key_params_t *key_params); void ncr_key_params_deinit(ncr_key_params_t key_params); int ncr_key_params_set_cipher_iv(ncr_key_params_t key_params, void* iv, unsigned int iv_size); int ncr_key_params_set_dh_pub(ncr_key_params_t params, void *pub, size_t pub_size); +int ncr_key_params_set_rsa_type(ncr_key_params_t params, ncr_rsa_type_t type); +int ncr_key_params_set_rsa_oaep_hash(ncr_key_params_t params, ncr_algorithm_t oaep_hash); +int ncr_key_params_set_rsa_sign_hash(ncr_key_params_t params, ncr_algorithm_t sign_hash); +int ncr_key_params_set_rsa_pss_salt(ncr_key_params_t params, unsigned int pss_salt); +int ncr_key_params_set_dsa_sign_hash(ncr_key_params_t params, ncr_algorithm_t sign_hash); int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size); int ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size); diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index 253664b..f5385f4 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -58,3 +58,61 @@ ncr_key_params_set_dh_pub(ncr_key_params_t params, void *pub, size_t pub_size) return 0; } +int +ncr_key_params_set_rsa_type(ncr_key_params_t params, ncr_rsa_type_t type) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.rsa.type = type; + return 0; +} + +int +ncr_key_params_set_rsa_oaep_hash(ncr_key_params_t params, + ncr_algorithm_t oaep_hash) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.rsa.oaep_hash = oaep_hash; + return 0; +} + +int +ncr_key_params_set_rsa_sign_hash(ncr_key_params_t params, + ncr_algorithm_t sign_hash) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.rsa.sign_hash = sign_hash; + return 0; +} + +int +ncr_key_params_set_rsa_pss_salt(ncr_key_params_t params, unsigned int pss_salt) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.rsa.pss_salt = pss_salt; + return 0; +} + +int +ncr_key_params_set_dsa_sign_hash(ncr_key_params_t params, + ncr_algorithm_t sign_hash) +{ + if (!params) { + errno = EINVAL; + return -1; + } + params->params.dsa.sign_hash = sign_hash; + return 0; +} + -- cgit From 7ce2ba83b7c5aa729d2f6118f039ee0fffceceae Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Fri, 6 Aug 2010 02:32:40 +0200 Subject: Add derivation algorithm param to ncr_key_derive() --- userspace/ncrypto.h | 2 +- userspace/ncrypto_key.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 2660dde..9e32291 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -28,7 +28,7 @@ int ncr_key_generate_params_set_dh(ncr_key_generate_params_t params, void *p, si int ncr_key_init(ncr_key_t *key); int ncr_key_generate(ncr_key_t key, ncr_key_generate_params_t params); int ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t params); -int ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_params_t key_params); +int ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_derive_t derive, ncr_key_params_t key_params); ncr_algorithm_t ncr_key_get_algorithm(ncr_key_t key); int ncr_key_get_flags(ncr_key_t key); ncr_key_type_t ncr_key_get_type(ncr_key_t key); diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index db46ee4..924ac22 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -74,7 +74,7 @@ ncr_key_generate_pair(ncr_key_t key1, ncr_key_t key2, ncr_key_generate_params_t } int -ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_params_t params) +ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_derive_t derive, ncr_key_params_t params) { struct ncr_key_derivation_params_st io; memset(&io, 0, sizeof(io)); @@ -84,6 +84,7 @@ ncr_key_derive(ncr_key_t newkey, unsigned int keyflags, ncr_key_t key, ncr_key_p return -1; } + io.derive = derive; io.newkey = newkey; io.key = key; io.keyflags = keyflags; -- cgit From 6e6fafa6663724240e202ee95908b476e7443075 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Sat, 7 Aug 2010 07:14:40 +0200 Subject: Abstract from users Let users #include this header file alone, without caring about . To do so, set up a temporary copy of ncr.h so that the #include works at build time as well. --- userspace/Makefile | 10 ++++++++-- userspace/ncrypto.h | 2 ++ userspace/ncrypto_fd.c | 2 +- userspace/ncrypto_generate_params.c | 2 +- userspace/ncrypto_key.c | 2 +- userspace/ncrypto_masterkey.c | 2 +- userspace/ncrypto_params.c | 2 +- userspace/ncrypto_session.c | 2 +- 8 files changed, 16 insertions(+), 8 deletions(-) (limited to 'userspace') diff --git a/userspace/Makefile b/userspace/Makefile index b87bf0c..9156205 100644 --- a/userspace/Makefile +++ b/userspace/Makefile @@ -1,5 +1,5 @@ CC = gcc -CFLAGS = -Wall -g -O2 -fPIC +CFLAGS = -I. -Wall -g -O2 -fPIC progs := ncr-setkey @@ -15,5 +15,11 @@ libcryptodev.so: ${libobj} ln -sf libcryptodev.so.0.0 libcryptodev.so.0 ln -sf libcryptodev.so.0.0 libcryptodev.so +$(libobj): linux/ncr.h + +linux/ncr.h: ../ncr.h + mkdir -p linux + cp $< linux/ncr.h + clean: - rm -f *.o *~ libcryptodev.so* ncr-setkey + rm -rf *.o *~ libcryptodev.so* ncr-setkey linux diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 9e32291..752824d 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -2,6 +2,8 @@ #ifndef __NCRYPT_H__ #define __NCRYPT_H__ +#include + #define NCR_DATA_GET_LAST 1 //#define NCR_DATA_SET_APPEND 1 #define NCR_SESSION_FINAL 1 diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c index ce925cf..7e6741d 100644 --- a/userspace/ncrypto_fd.c +++ b/userspace/ncrypto_fd.c @@ -3,7 +3,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" int __ncr_file_descriptor = -1; diff --git a/userspace/ncrypto_generate_params.c b/userspace/ncrypto_generate_params.c index 5772aaf..9dd901d 100644 --- a/userspace/ncrypto_generate_params.c +++ b/userspace/ncrypto_generate_params.c @@ -2,7 +2,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" int diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 924ac22..5321c78 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -3,7 +3,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" extern int __ncr_file_descriptor; diff --git a/userspace/ncrypto_masterkey.c b/userspace/ncrypto_masterkey.c index a5c55c3..5910ac0 100644 --- a/userspace/ncrypto_masterkey.c +++ b/userspace/ncrypto_masterkey.c @@ -3,7 +3,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" extern int __ncr_file_descriptor; diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index f5385f4..6fb49f2 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -3,7 +3,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" int diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index e37aa21..e14dba2 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -3,7 +3,7 @@ #include #include #include -#include "../ncr.h" +#include #include "ncrypto.h" extern int __ncr_file_descriptor; -- cgit From e3bd8be964e355f83c1e6871f4c2b033103c3d0e Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Sat, 7 Aug 2010 08:22:16 +0200 Subject: Allow overriding CFLAGS --- userspace/Makefile | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) (limited to 'userspace') diff --git a/userspace/Makefile b/userspace/Makefile index 9156205..9431327 100644 --- a/userspace/Makefile +++ b/userspace/Makefile @@ -1,5 +1,6 @@ CC = gcc -CFLAGS = -I. -Wall -g -O2 -fPIC +AM_CFLAGS = -I. -fPIC +CFLAGS = -Wall -g -O2 progs := ncr-setkey @@ -8,10 +9,11 @@ libobj = ncrypto_fd.o ncrypto_generate_params.o ncrypto_key.o ncrypto_masterkey. all: $(progs) libcryptodev.so ncr-setkey: setkey.c - $(CC) $(CFLAGS) $< -o $@ + $(CC) $(AM_CFLAGS) $(CFLAGS) $< -o $@ libcryptodev.so: ${libobj} - gcc -shared -o libcryptodev.so.0.0 -Wl,-soname,libcryptodev.so.0 ${libobj} + $(CC) $(AM_CFLAGS) $(CFLAGS) -shared -o libcryptodev.so.0.0 \ + -Wl,-soname,libcryptodev.so.0 ${libobj} ln -sf libcryptodev.so.0.0 libcryptodev.so.0 ln -sf libcryptodev.so.0.0 libcryptodev.so @@ -23,3 +25,6 @@ linux/ncr.h: ../ncr.h clean: rm -rf *.o *~ libcryptodev.so* ncr-setkey linux + +.c.o: + $(CC) $(AM_CFLAGS) $(CFLAGS) -c -o $@ $< \ No newline at end of file -- cgit From aac00a3bf423f77344f62d129ef0050fea711756 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Sun, 8 Aug 2010 02:16:07 +0200 Subject: Don't assume includes --- userspace/ncrypto_generate_params.c | 1 + 1 file changed, 1 insertion(+) (limited to 'userspace') diff --git a/userspace/ncrypto_generate_params.c b/userspace/ncrypto_generate_params.c index 9dd901d..1034a9c 100644 --- a/userspace/ncrypto_generate_params.c +++ b/userspace/ncrypto_generate_params.c @@ -1,4 +1,5 @@ #include +#include #include #include #include -- cgit From 7687d57b337a16e82d0e70725a83c0e612d16f93 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 9 Aug 2010 20:05:22 +0200 Subject: Avoid unnecessary internal relocations Use __attribute__((visibility("hidden"))) for __ncr_file_descriptor to take advantage of PIC addressing instead of going through the dynamic linker. Add an internal alias for ncr_global_init() for the same reason. Add an internal header file to consolidate the "extern" references in the process. --- userspace/Makefile | 2 +- userspace/ncrypto_fd.c | 9 ++++++++- userspace/ncrypto_internal.h | 8 ++++++++ userspace/ncrypto_key.c | 5 ++--- userspace/ncrypto_masterkey.c | 3 +-- userspace/ncrypto_session.c | 3 +-- 6 files changed, 21 insertions(+), 9 deletions(-) create mode 100644 userspace/ncrypto_internal.h (limited to 'userspace') diff --git a/userspace/Makefile b/userspace/Makefile index 9431327..a2757a4 100644 --- a/userspace/Makefile +++ b/userspace/Makefile @@ -17,7 +17,7 @@ libcryptodev.so: ${libobj} ln -sf libcryptodev.so.0.0 libcryptodev.so.0 ln -sf libcryptodev.so.0.0 libcryptodev.so -$(libobj): linux/ncr.h +$(libobj): linux/ncr.h ncrypto_internal.h linux/ncr.h: ../ncr.h mkdir -p linux diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c index 7e6741d..f4dee3e 100644 --- a/userspace/ncrypto_fd.c +++ b/userspace/ncrypto_fd.c @@ -5,13 +5,14 @@ #include #include #include "ncrypto.h" +#include "ncrypto_internal.h" int __ncr_file_descriptor = -1; static int open_count = 0; static pthread_mutex_t open_lock = PTHREAD_MUTEX_INITIALIZER; int -ncr_global_init(unsigned int flags) +__ncr_global_init() { int rv = 0; @@ -25,6 +26,12 @@ ncr_global_init(unsigned int flags) return rv; } +int +ncr_global_init(unsigned int flags) +{ + return __ncr_global_init(); +} + void ncr_global_deinit(void) { diff --git a/userspace/ncrypto_internal.h b/userspace/ncrypto_internal.h new file mode 100644 index 0000000..29b2d8a --- /dev/null +++ b/userspace/ncrypto_internal.h @@ -0,0 +1,8 @@ +#ifndef NCRYPTO_INTERNAL_H__ +#define NCRYPTO_INTERNAL_H__ + +extern int __ncr_file_descriptor __attribute__((visibility ("hidden"))); + +extern int __ncr_global_init(void) __attribute__((visibility ("hidden"))); + +#endif diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 5321c78..9201d43 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -5,13 +5,12 @@ #include #include #include "ncrypto.h" - -extern int __ncr_file_descriptor; +#include "ncrypto_internal.h" int ncr_key_init(ncr_key_t *key) { - if ((__ncr_file_descriptor < 0) && (ncr_global_init(0) < 0)) + if ((__ncr_file_descriptor < 0) && (__ncr_global_init() < 0)) return -1; if (ioctl(__ncr_file_descriptor, NCRIO_KEY_INIT, key) < 0) diff --git a/userspace/ncrypto_masterkey.c b/userspace/ncrypto_masterkey.c index 5910ac0..68c79ee 100644 --- a/userspace/ncrypto_masterkey.c +++ b/userspace/ncrypto_masterkey.c @@ -5,8 +5,7 @@ #include #include #include "ncrypto.h" - -extern int __ncr_file_descriptor; +#include "ncrypto_internal.h" int ncr_masterkey_set(void *key, size_t key_size) diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index e14dba2..03ede25 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -5,8 +5,7 @@ #include #include #include "ncrypto.h" - -extern int __ncr_file_descriptor; +#include "ncrypto_internal.h" int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size) -- cgit From bd0b751d6e7ce55369327740c0663b698cdbbe90 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Sat, 21 Aug 2010 10:41:05 +0200 Subject: Add Red Hat copyright notices to libcryptodev --- userspace/ncrypto_fd.c | 27 +++++++++++++++++++++++++++ userspace/ncrypto_generate_params.c | 29 +++++++++++++++++++++++++++++ userspace/ncrypto_internal.h | 28 ++++++++++++++++++++++++++++ userspace/ncrypto_key.c | 27 +++++++++++++++++++++++++++ userspace/ncrypto_masterkey.c | 27 +++++++++++++++++++++++++++ userspace/ncrypto_params.c | 28 ++++++++++++++++++++++++++++ userspace/ncrypto_session.c | 27 +++++++++++++++++++++++++++ 7 files changed, 193 insertions(+) (limited to 'userspace') diff --git a/userspace/ncrypto_fd.c b/userspace/ncrypto_fd.c index f4dee3e..7a9aa5f 100644 --- a/userspace/ncrypto_fd.c +++ b/userspace/ncrypto_fd.c @@ -1,3 +1,30 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat author: Jan Chadima + */ #include #include diff --git a/userspace/ncrypto_generate_params.c b/userspace/ncrypto_generate_params.c index 1034a9c..a993360 100644 --- a/userspace/ncrypto_generate_params.c +++ b/userspace/ncrypto_generate_params.c @@ -1,3 +1,32 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat authors: Jan Chadima + * Miloslav Trmač #include #include diff --git a/userspace/ncrypto_internal.h b/userspace/ncrypto_internal.h index 29b2d8a..1a60631 100644 --- a/userspace/ncrypto_internal.h +++ b/userspace/ncrypto_internal.h @@ -1,3 +1,31 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat author: Miloslav Trmač + */ + #ifndef NCRYPTO_INTERNAL_H__ #define NCRYPTO_INTERNAL_H__ diff --git a/userspace/ncrypto_key.c b/userspace/ncrypto_key.c index 9201d43..66bbc96 100644 --- a/userspace/ncrypto_key.c +++ b/userspace/ncrypto_key.c @@ -1,3 +1,30 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat author: Jan Chadima + */ #include #include diff --git a/userspace/ncrypto_masterkey.c b/userspace/ncrypto_masterkey.c index 68c79ee..72aab75 100644 --- a/userspace/ncrypto_masterkey.c +++ b/userspace/ncrypto_masterkey.c @@ -1,3 +1,30 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat author: Jan Chadima + */ #include #include diff --git a/userspace/ncrypto_params.c b/userspace/ncrypto_params.c index 6fb49f2..7a4936d 100644 --- a/userspace/ncrypto_params.c +++ b/userspace/ncrypto_params.c @@ -1,3 +1,31 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat authors: Jan Chadima + * Miloslav Trmač #include diff --git a/userspace/ncrypto_session.c b/userspace/ncrypto_session.c index 03ede25..a81fb8c 100644 --- a/userspace/ncrypto_session.c +++ b/userspace/ncrypto_session.c @@ -1,3 +1,30 @@ +/* + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER + * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH + * DAMAGE. + * + * Red Hat author: Jan Chadima + */ #include #include -- cgit From a3fe06856efe0a7b4ad713ff73a14f6af995d07e Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 23 Aug 2010 18:12:25 +0200 Subject: Add copyright notice to userspace/ncrypto.h --- userspace/ncrypto.h | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) (limited to 'userspace') diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h index 752824d..5bcb4a7 100644 --- a/userspace/ncrypto.h +++ b/userspace/ncrypto.h @@ -1,3 +1,31 @@ +/* + * Copyright (c) 2010 Katholieke Universiteit Leuven + * Copyright 2010 Red Hat, Inc. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright notice, + * this list of conditions and the following disclaimer in the documentation + * and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO + * EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, + * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + * + * Author: Nikos Mavrogiannopoulos + * Red Hat author: Jan Chadima + */ #ifndef __NCRYPT_H__ #define __NCRYPT_H__ -- cgit