/* * Copyright 2010 Red Hat, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright notice, * this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright notice, * this list of conditions and the following disclaimer in the documentation * and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY RED HAT, INC. AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL RED HAT, INC. OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER * CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH * DAMAGE. * * Red Hat author: Jan Chadima */ #include #include #include #include #include #include "ncrypto.h" #include "ncrypto_internal.h" int ncr_session_once_key_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, ncr_key_t input, void *output, size_t output_size) { struct ncr_session_once_op_st io; memset(&io, 0, sizeof(io)); if (input == NCR_KEY_INVALID || !output || !output_size) { errno = EINVAL; return -1; } io.init.algorithm = algorithm; io.init.key = key; if (params) memmove(&io.init.params, params, sizeof(io.init.params)); io.init.op = op; io.op.data.kdata.input = input; io.op.data.kdata.output = output; io.op.data.kdata.output_size = output_size; io.op.type = NCR_KEY_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; switch (io.op.err) { case NCR_VERIFICATION_FAILED: errno = EDOM; return -1; case NCR_SUCCESS: errno = 0; return io.op.data.kdata.output_size; default: errno = EFAULT; return -1; } } int ncr_session_once_direct_data(ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm, void *input, size_t input_size, void *output, size_t output_size) { struct ncr_session_once_op_st io; memset(&io, 0, sizeof(io)); if (!input || !input_size || !output || !output_size) { errno = EINVAL; return -1; } io.init.key = key; if (params) memmove(&io.init.params, params, sizeof(io.init.params)); io.init.algorithm = algorithm; io.init.op = op; io.op.data.udata.input = input; io.op.data.udata.input_size = input_size; io.op.data.udata.output = output; io.op.data.udata.output_size = output_size; io.op.type = NCR_DIRECT_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_ONCE, &io) < 0) return -1; switch (io.op.err) { case NCR_VERIFICATION_FAILED: errno = EDOM; return -1; case NCR_SUCCESS: errno = 0; return io.op.data.udata.output_size; default: errno = EFAULT; return -1; } } int ncr_session_init(ncr_session_t *session, ncr_key_t key, ncr_key_params_t params, ncr_crypto_op_t op, ncr_algorithm_t algorithm) { struct ncr_session_st io; memset(&io, 0, sizeof(io)); if (!session) { errno = EINVAL; return -1; } io.algorithm = algorithm; io.key = key; if (params) memmove(&io.params, params, sizeof(io.params)); io.op = op; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_INIT, &io) < 0) return -1; *session = io.ses; return 0; } int ncr_session_update_key_data(ncr_session_t session, ncr_key_t input, void *output, size_t output_size) { struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); if (session == NCR_SESSION_INVALID || input == NCR_KEY_INVALID) { errno = EINVAL; return -1; } io.ses = session; io.data.kdata.input = input; io.data.kdata.output = output; io.data.kdata.output_size = output_size; io.type = NCR_KEY_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) return -1; return io.data.kdata.output_size; } int ncr_session_update_direct_data(ncr_session_t session, void *input, size_t input_size, void *output, size_t output_size) { struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); if (session == NCR_SESSION_INVALID || !input || !input_size) { errno = EINVAL; return -1; } io.ses = session; io.data.udata.input = input; io.data.udata.input_size = input_size; io.data.udata.output = output; io.data.udata.output_size = output_size; io.type = NCR_DIRECT_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_UPDATE, &io) < 0) return -1; return io.data.udata.output_size; } int ncr_session_final(ncr_session_t session, void *output, size_t output_size) { struct ncr_session_op_st io; memset(&io, 0, sizeof(io)); if (session == NCR_SESSION_INVALID) { errno = EINVAL; return -1; } io.ses = session; io.data.udata.output = output; io.data.udata.output_size = output_size; io.type = NCR_DIRECT_DATA; if (__ncr_file_descriptor < 0) { errno = EBADF; return -1; } if (ioctl(__ncr_file_descriptor, NCRIO_SESSION_FINAL, &io) < 0) return -1; switch (io.err) { case NCR_VERIFICATION_FAILED: errno = EDOM; return -1; case NCR_SUCCESS: errno = 0; return io.data.udata.output_size; default: errno = EFAULT; return -1; } }