diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-05 17:49:48 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2010-09-05 17:49:48 +0200 |
commit | c5fb18ff697aefb156dfebe87ded77a9e1371c45 (patch) | |
tree | 4c010eac56a1d6958e7c86d97579be6338552d51 | |
parent | a33f87422c42e0d44ab080f0305c7ccf430ec4d0 (diff) | |
download | kernel-crypto-c5fb18ff697aefb156dfebe87ded77a9e1371c45.tar.gz kernel-crypto-c5fb18ff697aefb156dfebe87ded77a9e1371c45.tar.xz kernel-crypto-c5fb18ff697aefb156dfebe87ded77a9e1371c45.zip |
Use the ncr_algorithm_t as an identifier for storage data. This will allow
keys tied to RSA-transparent, to be used for RSA operations as well (once keys
are made tied to an algorithm).
-rw-r--r-- | ncr-int.h | 12 | ||||
-rw-r--r-- | ncr-key-storage.c | 10 | ||||
-rw-r--r-- | ncr-pk.c | 2 | ||||
-rw-r--r-- | ncr-sessions.c | 7 |
4 files changed, 14 insertions, 17 deletions
diff --git a/ncr-int.h b/ncr-int.h index 5f4dced284f..400cf7e5218 100644 --- a/ncr-int.h +++ b/ncr-int.h @@ -20,7 +20,7 @@ struct ncr_out; // Not all known algorithms - only for quick internal identification. Note // that more than one struct algo_properties_st may share the same enum value! -enum ncr_algorithm { +typedef enum { NCR_ALG_NONE, NCR_ALG_NULL, @@ -35,17 +35,17 @@ enum ncr_algorithm { NCR_ALG_CAMELIA_CBC, NCR_ALG_CAMELIA_CTR, - NCR_ALG_MD5=60, + NCR_ALG_MD5=200, NCR_ALG_SHA1, NCR_ALG_SHA2_224, NCR_ALG_SHA2_256, NCR_ALG_SHA2_384, NCR_ALG_SHA2_512, - NCR_ALG_RSA=120, + NCR_ALG_RSA=600, NCR_ALG_DSA, NCR_ALG_DH, -}; +} ncr_algorithm_t; struct algo_oid_st { oid_st oid; @@ -53,7 +53,7 @@ struct algo_oid_st { }; struct algo_properties_st { - enum ncr_algorithm algo; + ncr_algorithm_t algo; const char *kstr; size_t kstr_len; unsigned needs_iv:1; @@ -204,7 +204,7 @@ int key_to_storage_data( uint8_t** data, size_t * data_size, const struct key_it /* misc helper macros */ -const struct algo_properties_st *_ncr_algo_to_properties(const char *algo); +const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo); const struct algo_properties_st *_ncr_nla_to_properties(const struct nlattr *nla); int _ncr_key_get_sec_level(struct key_item_st* item); const struct algo_properties_st *_ncr_oid_to_properties(oid_st* oid); diff --git a/ncr-key-storage.c b/ncr-key-storage.c index 9afa2dc0411..bc64131ea82 100644 --- a/ncr-key-storage.c +++ b/ncr-key-storage.c @@ -35,7 +35,7 @@ struct packed_key { uint32_t version; uint8_t type; uint32_t flags; - uint8_t algorithm[32]; /* NUL-terminated */ + uint32_t algorithm; uint8_t key_id[MAX_KEY_ID_SIZE]; uint8_t key_id_size; @@ -43,7 +43,7 @@ struct packed_key { uint32_t raw_size; } __attribute__((__packed__)); -#define THIS_VERSION 1 +#define THIS_VERSION 2 int key_to_storage_data( uint8_t** sdata, size_t * sdata_size, const struct key_item_st *key) { @@ -59,8 +59,9 @@ int key_to_storage_data( uint8_t** sdata, size_t * sdata_size, const struct key_ pkey->version = THIS_VERSION; pkey->type = key->type; pkey->flags = key->flags; - BUG_ON(strlen(key->algorithm->kstr) > sizeof(pkey->algorithm) - 1); - strcpy(pkey->algorithm, key->algorithm->kstr); + + pkey->algorithm = key->algorithm->algo; + pkey->key_id_size = key->key_id_size; memcpy(pkey->key_id, key->key_id, key->key_id_size); @@ -96,7 +97,6 @@ int key_from_storage_data(struct key_item_st* key, const void* data, size_t data int ret; if (data_size != sizeof(*pkey) || pkey->version != THIS_VERSION - || memchr(pkey->algorithm, '\0', sizeof(pkey->algorithm)) == NULL || pkey->key_id_size > MAX_KEY_ID_SIZE) { err(); return -EINVAL; @@ -123,7 +123,7 @@ static int ncr_pk_make_public_and_id( struct key_item_st * private, struct key_i } key_id_size = MAX_KEY_ID_SIZE; - cret = hash_memory(_ncr_algo_to_properties("sha1"), tmp, max_size, + cret = hash_memory(_ncr_algo_to_properties(NCR_ALG_SHA1), tmp, max_size, private->key_id, &key_id_size); if (cret != CRYPT_OK) { err(); diff --git a/ncr-sessions.c b/ncr-sessions.c index bf7c5fa4e45..cb18853d974 100644 --- a/ncr-sessions.c +++ b/ncr-sessions.c @@ -384,16 +384,13 @@ static const struct algo_properties_st algo_properties[] = { /* The lookups by string are inefficient - can we look up all we need from crypto API? */ -const struct algo_properties_st *_ncr_algo_to_properties(const char *algo) +const struct algo_properties_st *_ncr_algo_to_properties(ncr_algorithm_t algo) { const struct algo_properties_st *a; - size_t name_len; - name_len = strlen(algo); for (a = algo_properties; a < algo_properties + ARRAY_SIZE(algo_properties); a++) { - if (a->kstr_len == name_len - && memcmp(a->kstr, algo, name_len) == 0) + if (a->algo == algo) return a; } |