diff options
| -rw-r--r-- | AUTHORS | 20 | ||||
| -rw-r--r-- | COPYING | 339 | ||||
| -rw-r--r-- | README | 30 | ||||
| -rw-r--r-- | TODO | 7 | ||||
| -rw-r--r-- | crypto.4 | 748 | ||||
| -rw-r--r-- | crypto/userspace/Makefile (renamed from Makefile) | 0 | ||||
| -rw-r--r-- | crypto/userspace/cryptodev_cipher.c (renamed from cryptodev_cipher.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/cryptodev_int.h (renamed from cryptodev_int.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/cryptodev_main.c (renamed from cryptodev_main.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/hashes/crypt_hash_is_valid.c (renamed from libtomcrypt/hashes/crypt_hash_is_valid.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/hashes/hash_get_oid.c (renamed from libtomcrypt/hashes/hash_get_oid.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/hashes/hash_memory.c (renamed from libtomcrypt/hashes/hash_memory.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/hashes/hash_memory_multi.c (renamed from libtomcrypt/hashes/hash_memory_multi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt.h (renamed from libtomcrypt/headers/tomcrypt.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_argchk.h (renamed from libtomcrypt/headers/tomcrypt_argchk.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_cfg.h (renamed from libtomcrypt/headers/tomcrypt_cfg.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_custom.h (renamed from libtomcrypt/headers/tomcrypt_custom.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_hash.h (renamed from libtomcrypt/headers/tomcrypt_hash.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_macros.h (renamed from libtomcrypt/headers/tomcrypt_macros.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_math.h (renamed from libtomcrypt/headers/tomcrypt_math.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_misc.h (renamed from libtomcrypt/headers/tomcrypt_misc.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_pk.h (renamed from libtomcrypt/headers/tomcrypt_pk.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_pkcs.h (renamed from libtomcrypt/headers/tomcrypt_pkcs.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/headers/tomcrypt_prng.h (renamed from libtomcrypt/headers/tomcrypt_prng.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/math/rand_prime.c (renamed from libtomcrypt/math/rand_prime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/misc/crypt/crypt_argchk.c (renamed from libtomcrypt/misc/crypt/crypt_argchk.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/misc/pk_get_oid.c (renamed from libtomcrypt/misc/pk_get_oid.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/misc/qsort.c (renamed from libtomcrypt/misc/qsort.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/misc/zeromem.c (renamed from libtomcrypt/misc/zeromem.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c (renamed from libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c (renamed from libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c (renamed from libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c (renamed from libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c (renamed from libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c (renamed from libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/choice/der_decode_choice.c (renamed from libtomcrypt/pk/asn1/der/choice/der_decode_choice.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c (renamed from libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c (renamed from libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c (renamed from libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c (renamed from libtomcrypt/pk/asn1/der/integer/der_decode_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c (renamed from libtomcrypt/pk/asn1/der/integer/der_encode_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_length_integer.c (renamed from libtomcrypt/pk/asn1/der/integer/der_length_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c (renamed from libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c (renamed from libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c (renamed from libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c (renamed from libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c (renamed from libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c (renamed from libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c (renamed from libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c (renamed from libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c (renamed from libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c (renamed from libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_set.c (renamed from libtomcrypt/pk/asn1/der/set/der_encode_set.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_setof.c (renamed from libtomcrypt/pk/asn1/der/set/der_encode_setof.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c (renamed from libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c (renamed from libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c (renamed from libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c (renamed from libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c (renamed from libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c (renamed from libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c (renamed from libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c (renamed from libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c (renamed from libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c (renamed from libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c (renamed from libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_export.c (renamed from libtomcrypt/pk/dsa/dsa_export.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_free.c (renamed from libtomcrypt/pk/dsa/dsa_free.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_import.c (renamed from libtomcrypt/pk/dsa/dsa_import.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_make_key.c (renamed from libtomcrypt/pk/dsa/dsa_make_key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_sign_hash.c (renamed from libtomcrypt/pk/dsa/dsa_sign_hash.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_hash.c (renamed from libtomcrypt/pk/dsa/dsa_verify_hash.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_key.c (renamed from libtomcrypt/pk/dsa/dsa_verify_key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c (renamed from libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_decrypt_key.c (renamed from libtomcrypt/pk/rsa/rsa_decrypt_key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_encrypt_key.c (renamed from libtomcrypt/pk/rsa/rsa_encrypt_key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_export.c (renamed from libtomcrypt/pk/rsa/rsa_export.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_exptmod.c (renamed from libtomcrypt/pk/rsa/rsa_exptmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_free.c (renamed from libtomcrypt/pk/rsa/rsa_free.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_import.c (renamed from libtomcrypt/pk/rsa/rsa_import.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_make_key.c (renamed from libtomcrypt/pk/rsa/rsa_make_key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_sign_hash.c (renamed from libtomcrypt/pk/rsa/rsa_sign_hash.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtomcrypt/pk/rsa/rsa_verify_hash.c (renamed from libtomcrypt/pk/rsa/rsa_verify_hash.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/LICENSE (renamed from libtommath/LICENSE) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_error.c (renamed from libtommath/bn_error.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_fast_mp_invmod.c (renamed from libtommath/bn_fast_mp_invmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_fast_mp_montgomery_reduce.c (renamed from libtommath/bn_fast_mp_montgomery_reduce.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_fast_s_mp_mul_digs.c (renamed from libtommath/bn_fast_s_mp_mul_digs.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_fast_s_mp_mul_high_digs.c (renamed from libtommath/bn_fast_s_mp_mul_high_digs.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_fast_s_mp_sqr.c (renamed from libtommath/bn_fast_s_mp_sqr.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_2expt.c (renamed from libtommath/bn_mp_2expt.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_abs.c (renamed from libtommath/bn_mp_abs.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_add.c (renamed from libtommath/bn_mp_add.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_add_d.c (renamed from libtommath/bn_mp_add_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_addmod.c (renamed from libtommath/bn_mp_addmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_and.c (renamed from libtommath/bn_mp_and.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_clamp.c (renamed from libtommath/bn_mp_clamp.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_clear.c (renamed from libtommath/bn_mp_clear.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_clear_multi.c (renamed from libtommath/bn_mp_clear_multi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_cmp.c (renamed from libtommath/bn_mp_cmp.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_cmp_d.c (renamed from libtommath/bn_mp_cmp_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_cmp_mag.c (renamed from libtommath/bn_mp_cmp_mag.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_cnt_lsb.c (renamed from libtommath/bn_mp_cnt_lsb.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_copy.c (renamed from libtommath/bn_mp_copy.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_count_bits.c (renamed from libtommath/bn_mp_count_bits.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_div.c (renamed from libtommath/bn_mp_div.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_div_2.c (renamed from libtommath/bn_mp_div_2.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_div_2d.c (renamed from libtommath/bn_mp_div_2d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_div_3.c (renamed from libtommath/bn_mp_div_3.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_div_d.c (renamed from libtommath/bn_mp_div_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_dr_is_modulus.c (renamed from libtommath/bn_mp_dr_is_modulus.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_dr_reduce.c (renamed from libtommath/bn_mp_dr_reduce.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_dr_setup.c (renamed from libtommath/bn_mp_dr_setup.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_exch.c (renamed from libtommath/bn_mp_exch.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_expt_d.c (renamed from libtommath/bn_mp_expt_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_exptmod.c (renamed from libtommath/bn_mp_exptmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_exptmod_fast.c (renamed from libtommath/bn_mp_exptmod_fast.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_exteuclid.c (renamed from libtommath/bn_mp_exteuclid.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_gcd.c (renamed from libtommath/bn_mp_gcd.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_get_int.c (renamed from libtommath/bn_mp_get_int.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_grow.c (renamed from libtommath/bn_mp_grow.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init.c (renamed from libtommath/bn_mp_init.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init_copy.c (renamed from libtommath/bn_mp_init_copy.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init_multi.c (renamed from libtommath/bn_mp_init_multi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init_set.c (renamed from libtommath/bn_mp_init_set.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init_set_int.c (renamed from libtommath/bn_mp_init_set_int.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_init_size.c (renamed from libtommath/bn_mp_init_size.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_invmod.c (renamed from libtommath/bn_mp_invmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_invmod_slow.c (renamed from libtommath/bn_mp_invmod_slow.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_is_square.c (renamed from libtommath/bn_mp_is_square.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_jacobi.c (renamed from libtommath/bn_mp_jacobi.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_karatsuba_mul.c (renamed from libtommath/bn_mp_karatsuba_mul.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_karatsuba_sqr.c (renamed from libtommath/bn_mp_karatsuba_sqr.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_lcm.c (renamed from libtommath/bn_mp_lcm.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_lshd.c (renamed from libtommath/bn_mp_lshd.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mod.c (renamed from libtommath/bn_mp_mod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mod_2d.c (renamed from libtommath/bn_mp_mod_2d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mod_d.c (renamed from libtommath/bn_mp_mod_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_montgomery_calc_normalization.c (renamed from libtommath/bn_mp_montgomery_calc_normalization.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_montgomery_reduce.c (renamed from libtommath/bn_mp_montgomery_reduce.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_montgomery_setup.c (renamed from libtommath/bn_mp_montgomery_setup.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mul.c (renamed from libtommath/bn_mp_mul.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mul_2.c (renamed from libtommath/bn_mp_mul_2.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mul_2d.c (renamed from libtommath/bn_mp_mul_2d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mul_d.c (renamed from libtommath/bn_mp_mul_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_mulmod.c (renamed from libtommath/bn_mp_mulmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_n_root.c (renamed from libtommath/bn_mp_n_root.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_neg.c (renamed from libtommath/bn_mp_neg.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_or.c (renamed from libtommath/bn_mp_or.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_fermat.c (renamed from libtommath/bn_mp_prime_fermat.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_is_divisible.c (renamed from libtommath/bn_mp_prime_is_divisible.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_is_prime.c (renamed from libtommath/bn_mp_prime_is_prime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_miller_rabin.c (renamed from libtommath/bn_mp_prime_miller_rabin.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_next_prime.c (renamed from libtommath/bn_mp_prime_next_prime.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_rabin_miller_trials.c (renamed from libtommath/bn_mp_prime_rabin_miller_trials.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_prime_random_ex.c (renamed from libtommath/bn_mp_prime_random_ex.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_radix_size.c (renamed from libtommath/bn_mp_radix_size.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_radix_smap.c (renamed from libtommath/bn_mp_radix_smap.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_rand.c (renamed from libtommath/bn_mp_rand.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_read_radix.c (renamed from libtommath/bn_mp_read_radix.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_read_signed_bin.c (renamed from libtommath/bn_mp_read_signed_bin.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_read_unsigned_bin.c (renamed from libtommath/bn_mp_read_unsigned_bin.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce.c (renamed from libtommath/bn_mp_reduce.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_2k.c (renamed from libtommath/bn_mp_reduce_2k.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_2k_l.c (renamed from libtommath/bn_mp_reduce_2k_l.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_2k_setup.c (renamed from libtommath/bn_mp_reduce_2k_setup.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_2k_setup_l.c (renamed from libtommath/bn_mp_reduce_2k_setup_l.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_is_2k.c (renamed from libtommath/bn_mp_reduce_is_2k.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_is_2k_l.c (renamed from libtommath/bn_mp_reduce_is_2k_l.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_reduce_setup.c (renamed from libtommath/bn_mp_reduce_setup.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_rshd.c (renamed from libtommath/bn_mp_rshd.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_set.c (renamed from libtommath/bn_mp_set.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_set_int.c (renamed from libtommath/bn_mp_set_int.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_shrink.c (renamed from libtommath/bn_mp_shrink.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_signed_bin_size.c (renamed from libtommath/bn_mp_signed_bin_size.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_sqr.c (renamed from libtommath/bn_mp_sqr.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_sqrmod.c (renamed from libtommath/bn_mp_sqrmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_sqrt.c (renamed from libtommath/bn_mp_sqrt.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_sub.c (renamed from libtommath/bn_mp_sub.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_sub_d.c (renamed from libtommath/bn_mp_sub_d.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_submod.c (renamed from libtommath/bn_mp_submod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_to_signed_bin.c (renamed from libtommath/bn_mp_to_signed_bin.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_to_signed_bin_n.c (renamed from libtommath/bn_mp_to_signed_bin_n.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_to_unsigned_bin.c (renamed from libtommath/bn_mp_to_unsigned_bin.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_to_unsigned_bin_n.c (renamed from libtommath/bn_mp_to_unsigned_bin_n.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_toom_mul.c (renamed from libtommath/bn_mp_toom_mul.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_toom_sqr.c (renamed from libtommath/bn_mp_toom_sqr.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_toradix.c (renamed from libtommath/bn_mp_toradix.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_toradix_n.c (renamed from libtommath/bn_mp_toradix_n.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_unsigned_bin_size.c (renamed from libtommath/bn_mp_unsigned_bin_size.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_xor.c (renamed from libtommath/bn_mp_xor.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_mp_zero.c (renamed from libtommath/bn_mp_zero.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_prime_tab.c (renamed from libtommath/bn_prime_tab.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_reverse.c (renamed from libtommath/bn_reverse.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_add.c (renamed from libtommath/bn_s_mp_add.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_exptmod.c (renamed from libtommath/bn_s_mp_exptmod.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_mul_digs.c (renamed from libtommath/bn_s_mp_mul_digs.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_mul_high_digs.c (renamed from libtommath/bn_s_mp_mul_high_digs.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_sqr.c (renamed from libtommath/bn_s_mp_sqr.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bn_s_mp_sub.c (renamed from libtommath/bn_s_mp_sub.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/bncore.c (renamed from libtommath/bncore.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/changes.txt (renamed from libtommath/changes.txt) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/pretty.build (renamed from libtommath/pretty.build) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/tommath.h (renamed from libtommath/tommath.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/tommath_class.h (renamed from libtommath/tommath_class.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/libtommath/tommath_superclass.h (renamed from libtommath/tommath_superclass.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-dh.c (renamed from ncr-dh.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-dh.h (renamed from ncr-dh.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-int.h (renamed from ncr-int.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-key-storage.c (renamed from ncr-key-storage.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-key-wrap.c (renamed from ncr-key-wrap.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-key.c (renamed from ncr-key.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-limits.c (renamed from ncr-limits.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-pk.c (renamed from ncr-pk.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-pk.h (renamed from ncr-pk.h) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr-sessions.c (renamed from ncr-sessions.c) | 0 | ||||
| -rw-r--r-- | crypto/userspace/ncr.c (renamed from ncr.c) | 0 | ||||
| -rw-r--r-- | examples/Makefile | 23 | ||||
| -rw-r--r-- | examples/ncr.c | 1645 | ||||
| -rw-r--r-- | examples/pk.c | 1665 | ||||
| -rw-r--r-- | examples/speed.c | 212 | ||||
| -rw-r--r-- | include/linux/ncr.h (renamed from ncr.h) | 0 | ||||
| -rw-r--r-- | userspace/Makefile | 12 | ||||
| -rw-r--r-- | userspace/ncrypto.h | 141 | ||||
| -rw-r--r-- | userspace/setkey.c | 87 |
238 files changed, 0 insertions, 4929 deletions
diff --git a/AUTHORS b/AUTHORS deleted file mode 100644 index 7373dbd215b..00000000000 --- a/AUTHORS +++ /dev/null @@ -1,20 +0,0 @@ -Michal Ludvig: - Initial implementation of OpenBSD's /dev/crypto API for linux 2.6.8 - -Nikos Mavrogiannopoulos: - Port to 2.6.27 and later, better compatibility - with OpenBSD (and FreeBSD) cryptodev and maintanance. - Design and implementation of NCR (NewCrypto) API. - -Michael Weiser: - Porting to blkcipher async API. Several hardware drivers - only implemented this API. - -Phil Sutter: - Implemented a zero copy version of the internal engine. - -Miloslav Trmač: - Several optimizations and bugfixes in the NCR API. - - -Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) diff --git a/COPYING b/COPYING deleted file mode 100644 index d159169d105..00000000000 --- a/COPYING +++ /dev/null @@ -1,339 +0,0 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 - - Copyright (C) 1989, 1991 Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA - Everyone is permitted to copy and distribute verbatim copies - of this license document, but changing it is not allowed. - - Preamble - - The licenses for most software are designed to take away your -freedom to share and change it. By contrast, the GNU General Public -License is intended to guarantee your freedom to share and change free -software--to make sure the software is free for all its users. This -General Public License applies to most of the Free Software -Foundation's software and to any other program whose authors commit to -using it. (Some other Free Software Foundation software is covered by -the GNU Lesser General Public License instead.) You can apply it to -your programs, too. - - When we speak of free software, we are referring to freedom, not -price. Our General Public Licenses are designed to make sure that you -have the freedom to distribute copies of free software (and charge for -this service if you wish), that you receive source code or can get it -if you want it, that you can change the software or use pieces of it -in new free programs; and that you know you can do these things. - - To protect your rights, we need to make restrictions that forbid -anyone to deny you these rights or to ask you to surrender the rights. -These restrictions translate to certain responsibilities for you if you -distribute copies of the software, or if you modify it. - - For example, if you distribute copies of such a program, whether -gratis or for a fee, you must give the recipients all the rights that -you have. You must make sure that they, too, receive or can get the -source code. And you must show them these terms so they know their -rights. - - We protect your rights with two steps: (1) copyright the software, and -(2) offer you this license which gives you legal permission to copy, -distribute and/or modify the software. - - Also, for each author's protection and ours, we want to make certain -that everyone understands that there is no warranty for this free -software. If the software is modified by someone else and passed on, we -want its recipients to know that what they have is not the original, so -that any problems introduced by others will not reflect on the original -authors' reputations. - - Finally, any free program is threatened constantly by software -patents. We wish to avoid the danger that redistributors of a free -program will individually obtain patent licenses, in effect making the -program proprietary. To prevent this, we have made it clear that any -patent must be licensed for everyone's free use or not licensed at all. - - The precise terms and conditions for copying, distribution and -modification follow. - - GNU GENERAL PUBLIC LICENSE - TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION - - 0. This License applies to any program or other work which contains -a notice placed by the copyright holder saying it may be distributed -under the terms of this General Public License. The "Program", below, -refers to any such program or work, and a "work based on the Program" -means either the Program or any derivative work under copyright law: -that is to say, a work containing the Program or a portion of it, -either verbatim or with modifications and/or translated into another -language. (Hereinafter, translation is included without limitation in -the term "modification".) Each licensee is addressed as "you". - -Activities other than copying, distribution and modification are not -covered by this License; they are outside its scope. The act of -running the Program is not restricted, and the output from the Program -is covered only if its contents constitute a work based on the -Program (independent of having been made by running the Program). -Whether that is true depends on what the Program does. - - 1. You may copy and distribute verbatim copies of the Program's -source code as you receive it, in any medium, provided that you -conspicuously and appropriately publish on each copy an appropriate -copyright notice and disclaimer of warranty; keep intact all the -notices that refer to this License and to the absence of any warranty; -and give any other recipients of the Program a copy of this License -along with the Program. - -You may charge a fee for the physical act of transferring a copy, and -you may at your option offer warranty protection in exchange for a fee. - - 2. You may modify your copy or copies of the Program or any portion -of it, thus forming a work based on the Program, and copy and -distribute such modifications or work under the terms of Section 1 -above, provided that you also meet all of these conditions: - - a) You must cause the modified files to carry prominent notices - stating that you changed the files and the date of any change. - - b) You must cause any work that you distribute or publish, that in - whole or in part contains or is derived from the Program or any - part thereof, to be licensed as a whole at no charge to all third - parties under the terms of this License. - - c) If the modified program normally reads commands interactively - when run, you must cause it, when started running for such - interactive use in the most ordinary way, to print or display an - announcement including an appropriate copyright notice and a - notice that there is no warranty (or else, saying that you provide - a warranty) and that users may redistribute the program under - these conditions, and telling the user how to view a copy of this - License. (Exception: if the Program itself is interactive but - does not normally print such an announcement, your work based on - the Program is not required to print an announcement.) - -These requirements apply to the modified work as a whole. If -identifiable sections of that work are not derived from the Program, -and can be reasonably considered independent and separate works in -themselves, then this License, and its terms, do not apply to those -sections when you distribute them as separate works. But when you -distribute the same sections as part of a whole which is a work based -on the Program, the distribution of the whole must be on the terms of -this License, whose permissions for other licensees extend to the -entire whole, and thus to each and every part regardless of who wrote it. - -Thus, it is not the intent of this section to claim rights or contest -your rights to work written entirely by you; rather, the intent is to -exercise the right to control the distribution of derivative or -collective works based on the Program. - -In addition, mere aggregation of another work not based on the Program -with the Program (or with a work based on the Program) on a volume of -a storage or distribution medium does not bring the other work under -the scope of this License. - - 3. You may copy and distribute the Program (or a work based on it, -under Section 2) in object code or executable form under the terms of -Sections 1 and 2 above provided that you also do one of the following: - - a) Accompany it with the complete corresponding machine-readable - source code, which must be distributed under the terms of Sections - 1 and 2 above on a medium customarily used for software interchange; or, - - b) Accompany it with a written offer, valid for at least three - years, to give any third party, for a charge no more than your - cost of physically performing source distribution, a complete - machine-readable copy of the corresponding source code, to be - distributed under the terms of Sections 1 and 2 above on a medium - customarily used for software interchange; or, - - c) Accompany it with the information you received as to the offer - to distribute corresponding source code. (This alternative is - allowed only for noncommercial distribution and only if you - received the program in object code or executable form with such - an offer, in accord with Subsection b above.) - -The source code for a work means the preferred form of the work for -making modifications to it. For an executable work, complete source -code means all the source code for all modules it contains, plus any -associated interface definition files, plus the scripts used to -control compilation and installation of the executable. However, as a -special exception, the source code distributed need not include -anything that is normally distributed (in either source or binary -form) with the major components (compiler, kernel, and so on) of the -operating system on which the executable runs, unless that component -itself accompanies the executable. - -If distribution of executable or object code is made by offering -access to copy from a designated place, then offering equivalent -access to copy the source code from the same place counts as -distribution of the source code, even though third parties are not -compelled to copy the source along with the object code. - - 4. You may not copy, modify, sublicense, or distribute the Program -except as expressly provided under this License. Any attempt -otherwise to copy, modify, sublicense or distribute the Program is -void, and will automatically terminate your rights under this License. -However, parties who have received copies, or rights, from you under -this License will not have their licenses terminated so long as such -parties remain in full compliance. - - 5. You are not required to accept this License, since you have not -signed it. However, nothing else grants you permission to modify or -distribute the Program or its derivative works. These actions are -prohibited by law if you do not accept this License. Therefore, by -modifying or distributing the Program (or any work based on the -Program), you indicate your acceptance of this License to do so, and -all its terms and conditions for copying, distributing or modifying -the Program or works based on it. - - 6. Each time you redistribute the Program (or any work based on the -Program), the recipient automatically receives a license from the -original licensor to copy, distribute or modify the Program subject to -these terms and conditions. You may not impose any further -restrictions on the recipients' exercise of the rights granted herein. -You are not responsible for enforcing compliance by third parties to -this License. - - 7. If, as a consequence of a court judgment or allegation of patent -infringement or for any other reason (not limited to patent issues), -conditions are imposed on you (whether by court order, agreement or -otherwise) that contradict the conditions of this License, they do not -excuse you from the conditions of this License. If you cannot -distribute so as to satisfy simultaneously your obligations under this -License and any other pertinent obligations, then as a consequence you -may not distribute the Program at all. For example, if a patent -license would not permit royalty-free redistribution of the Program by -all those who receive copies directly or indirectly through you, then -the only way you could satisfy both it and this License would be to -refrain entirely from distribution of the Program. - -If any portion of this section is held invalid or unenforceable under -any particular circumstance, the balance of the section is intended to -apply and the section as a whole is intended to apply in other -circumstances. - -It is not the purpose of this section to induce you to infringe any -patents or other property right claims or to contest validity of any -such claims; this section has the sole purpose of protecting the -integrity of the free software distribution system, which is -implemented by public license practices. Many people have made -generous contributions to the wide range of software distributed -through that system in reliance on consistent application of that -system; it is up to the author/donor to decide if he or she is willing -to distribute software through any other system and a licensee cannot -impose that choice. - -This section is intended to make thoroughly clear what is believed to -be a consequence of the rest of this License. - - 8. If the distribution and/or use of the Program is restricted in -certain countries either by patents or by copyrighted interfaces, the -original copyright holder who places the Program under this License -may add an explicit geographical distribution limitation excluding -those countries, so that distribution is permitted only in or among -countries not thus excluded. In such case, this License incorporates -the limitation as if written in the body of this License. - - 9. The Free Software Foundation may publish revised and/or new versions -of the General Public License from time to time. Such new versions will -be similar in spirit to the present version, but may differ in detail to -address new problems or concerns. - -Each version is given a distinguishing version number. If the Program -specifies a version number of this License which applies to it and "any -later version", you have the option of following the terms and conditions -either of that version or of any later version published by the Free -Software Foundation. If the Program does not specify a version number of -this License, you may choose any version ever published by the Free Software -Foundation. - - 10. If you wish to incorporate parts of the Program into other free -programs whose distribution conditions are different, write to the author -to ask for permission. For software which is copyrighted by the Free -Software Foundation, write to the Free Software Foundation; we sometimes -make exceptions for this. Our decision will be guided by the two goals -of preserving the free status of all derivatives of our free software and -of promoting the sharing and reuse of software generally. - - NO WARRANTY - - 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY -FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN -OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES -PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED -OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS -TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE -PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, -REPAIR OR CORRECTION. - - 12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING -WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR -REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, -INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING -OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED -TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY -YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER -PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE -POSSIBILITY OF SUCH DAMAGES. - - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs - - If you develop a new program, and you want it to be of the greatest -possible use to the public, the best way to achieve this is to make it -free software which everyone can redistribute and change under these terms. - - To do so, attach the following notices to the program. It is safest -to attach them to the start of each source file to most effectively -convey the exclusion of warranty; and each file should have at least -the "copyright" line and a pointer to where the full notice is found. - - <one line to give the program's name and a brief idea of what it does.> - Copyright (C) <year> <name of author> - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License along - with this program; if not, write to the Free Software Foundation, Inc., - 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -Also add information on how to contact you by electronic and paper mail. - -If the program is interactive, make it output a short notice like this -when it starts in an interactive mode: - - Gnomovision version 69, Copyright (C) year name of author - Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. - This is free software, and you are welcome to redistribute it - under certain conditions; type `show c' for details. - -The hypothetical commands `show w' and `show c' should show the appropriate -parts of the General Public License. Of course, the commands you use may -be called something other than `show w' and `show c'; they could even be -mouse-clicks or menu items--whatever suits your program. - -You should also get your employer (if you work as a programmer) or your -school, if any, to sign a "copyright disclaimer" for the program, if -necessary. Here is a sample; alter the names: - - Yoyodyne, Inc., hereby disclaims all copyright interest in the program - `Gnomovision' (which makes passes at compilers) written by James Hacker. - - <signature of Ty Coon>, 1 April 1989 - Ty Coon, President of Vice - -This General Public License does not permit incorporating your program into -proprietary programs. If your program is a subroutine library, you may -consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Lesser General -Public License instead of this License. diff --git a/README b/README deleted file mode 100644 index cc49177774f..00000000000 --- a/README +++ /dev/null @@ -1,30 +0,0 @@ -=== NCR API === - -This is the linux-cryptodev NCR branch. The ioctl() API is in ncr.h. - -For the new API to fully operate, root must load a system key (constant -per system) using the ncr-setkey program. After this stage the new API should -be fully operational. Example: -$ dd if=/dev/urandom of=/boot/key count=1 bs=16 -$ chmod 600 /boot/key -$ userspace/ncr-setkey /boot/key - -The main concept of the new API is disallow userspace applications -access to cryptographic keys. Operations are possible (such as -encryption/decryption/signing/verifying), but raw access to the -keys is not be possible. - - -=== OpenBSD crypto compatibility === - -A compatibility API using OpenBSD's interface via /dev/crypto device driver -is supported. This enables access to kernel space cipher implementations -and hardware accelerators. - - - -For questions and suggestions please use the mailing lists at: -http://home.gna.org/cryptodev-linux/lists.html - - -Maintained by Nikos Mavrogiannopoulos (nmav [at] gnutls [dot] org) diff --git a/TODO b/TODO deleted file mode 100644 index 876b1f2d6f2..00000000000 --- a/TODO +++ /dev/null @@ -1,7 +0,0 @@ -* Put limits to sessions -* Export private keys to PKCS #8 format (can it be implemented?) -* Documentation for functions -* Is a writev() like interface needed? -* Implement the NIST DSA generation algorithm. -* Make key generation interruptible. -* Allow assymetric keys to wrap other keys. diff --git a/crypto.4 b/crypto.4 deleted file mode 100644 index a1339339841..00000000000 --- a/crypto.4 +++ /dev/null @@ -1,748 +0,0 @@ -.\" A man page for /dev/crypto(4). -*- nroff -*- -.\" -.\" Copyright (C) 2010 Red Hat, Inc. All rights reserved. -.\" -.\" This copyrighted material is made available to anyone wishing to use, -.\" modify, copy, or redistribute it subject to the terms and conditions of the -.\" GNU General Public License v.2 or (at your option) any later version. -.\" -.\" This program is distributed in the hope that it will be useful, but WITHOUT -.\" ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or -.\" FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for -.\" more details. -.\" -.\" You should have received a copy of the GNU General Public License along -.\" with this program; if not, write to the Free Software Foundation, Inc., -.\" 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. -.\" -.\" Author: Miloslav Trmač <mitr@redhat.com> -.TH CRYPTO 4 2010-08-20 Linux "Linux Programmer's Manual" - -.SH NAME -/dev/crypto \- kernel cryptographic module interface - -.SH SYNOPSIS - -.B #include <ncr.h> -.br -.B int fd = open("/dev/crypto", O_RDWR); -.br -.B int res = ioctl(fd, \fINCRIO...\fP, &\fIdata\fP); - -.SH DESCRIPTION -The -.I /dev/crypto -device file provides an -.BR ioctl (2) -interface to the kernel-space crypto implementation. - -Each -.BR open (2) -of the -.I /dev/crypto -file establishes a separate namespace within which crypto operations work. -The namespace can be shared across threads and processes -by sharing the open file description. -Last close of the open file description automatically destroys all objects -allocated within the namespace. - -All -.BR ioctl (2)s -have the same form: -The user sets up a data structure with input data, -and passes a pointer to the data structure as the third parameter to -.BR ioctl (2). -On success, output data is available in the same structure. - -.SH OPERATION ATTRIBUTES - -In addition to the fixed members of data structures, -a process can pass additional attributes on input of most operations, -and receive additional attributes back from the kernel. -If this is supported by a specific operation, -the fixed data structure members for this operation include -.B input_size -and \fBoutput_size\fR. - -The input attributes immediately follow the fixed data structure as a sequence -of correctly aligned (\fBstruct nlattr\fP, attribute data) pairs, -using the same data layout and formatting rules as -.BR netlink (7) -messages. -The -.B input_size -member must be initialized to the total length of input (including both the -fixed data structure and the attributes). - -There is an (unspecified) upper limit on the total size of all attributes, -which should be large enough to accommodate any reasonable application. -If a larger input is provided nevertheless, -the operation will fail with \fBEOVERFLOW\fP. - -Output attributes, if any, are written by the kernel in the same format -following the fixed data structure (overwriting input attributes, if any). -The -.B output_size -member must be initialized to the total space available for output -(including the fixed data structure and space for attributes), -and is updated by the kernel with the total space actually used for attributes. - -If the space available for output attributes is too small, -the operation will fail with \fBERANGE\fP. - -As a special case, -.B input_size -may be zero to indicate no input attributes are supplied. -Similarly, -.B output_size -may be zero to indicate no space for output attributes is provided; -in such case -.B output_size -is not overwritten by the kernel with the total space actually used -(which is equal to size of the fixed data structure) -and remains zero when the operation finishes. - -The kernel accepts and silently ignores unknown attributes. - -The kernel will not add new output attributes to existing operations -in future releases -unless the new output attribute was explicitly requested by the application. -(Therefore, the application does not have to allocate any extra space for -output attributes it does not expect.) - -The following attributes are used in more than one operation: - -.TP -.B NCR_ATTR_ALGORITHM -A NUL-terminated string specifying an algorithm -(to be used in an operation, or as a property of a key), -using the Linux crypto API algorithm names. - -Three additional algorithm names are recognized: \fBrsa\fP, \fBdsa\fP, \fBdh\fP. - -.TP -.B NCR_ATTR_IV -Unformatted binary data specifying an initialization vector, - -.TP -.B NCR_ATTR_KEY_FLAGS -An 32-bit unsigned integer in native byte order specifying key flags, -a combination of -.B NCR_KEY_FLAG_EXPORTABLE -(the key material can be exported in plaintext to user space) -and -.B NCR_KEY_FLAG_WRAPPABLE -(the key material can be wrapped and the result made available to user space). - -.TP -.B NCR_ATTR_KEY_ID -Arbitrary binary data -which can be used by the application for key identification. - -.TP -.B NCR_ATTR_KEY_TYPE -An 32-bit unsigned integer in native byte order specifying key type, -one of \fBNCR_KEY_TYPE_SECRET\fP, \fBNCR_KEY_TYPE_PUBLIC\fP and -\fBNCR_KEY_TYPE_PRIVATE\fP. - -.TP -.B NCR_ATTR_WRAPPING_ALGORITHM -A NUL-terminated string specifying a key wrapping algorithm. -The values -.B walg-aes-rfc3394 -and -.B walg-aes-rfc5649 -are currently supported. -.RE - -.SH OPERATIONS - -The following operations are defined: - -.TP -.B NCRIO_KEY_INIT -Allocate a kernel-space key object. -The third -.BR ioctl (s) -parameter is ignored -(key attributes are set later, when the key material is initialized). -Returns an -.B ncr_key_t -descriptor for the key object -(valid within the current -.I /dev/crypto -namespace) -on success. - -There is a per-process and per-user (not per-namespace) limit -on the number key objects that can be allocated. - -.TP -.B NCRIO_KEY_DEINIT -Deallocate a kernel-space key object. -The parameter points to a -.B ncr_key_t -descriptor of the key object. -After all other operations using this key object (if any) terminate, -the key material will be cleared and the object will be freed. -Note that this may happen both before this operation returns, -and after it returns, depending on other references to this key object. - -.TP -.B NCRIO_KEY_GENERATE -Clear existing key material in the specified key object, -and generate new key material. - -The parameter points to \fBstruct ncr_key_generate\fP, -which specifies the destination key object in its -.B key -member. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_ALGORITHM\fP -Mandatory. -.IP \fBNCR_ATTR_KEY_FLAGS\fP -Optional, flags are unchanged if not present. -.IP \fBNCR_ATTR_SECRET_KEY_BITS\fP -Mandatory for symmetric keys. -An 32-bit unsigned integer in native byte order specifying key length in bits. -.RE - -.IP -Only symmetric keys can be currently generated using this operation. - -In addition to generating the key material, -the "persistent" key ID is reset to a random value. - -.TP -.B NCRIO_KEY_GENERATE_PAIR -Similar to \fBNCRIO_KEY_GENERATE\fP, -except that a pair of public/private keys is generated. - -The parameter points to \fBstruct ncr_key_generate_pair\fP, -which specifies the destination key objects in its -.B private_key -and -.B public_key -members. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_KEY_FLAGS\fP -Optional, flags are unchanged if not present. -.IP \fBNCR_ATTR_RSA_E\fP -For RSA keys, -the public exponent as a big-endian multiple-precision integer. -Optional, defaults to 65537. -.IP \fBNCR_ATTR_RSA_MODULUS_BITS\fP -Mandatory for RSA keys. -An 32-bit unsigned integer in native byte order -specifying modulus length in bits. -.IP \fBNCR_ATTR_DSA_P_BITS\fP -For DSA keys, length of the "p" key parameter in bits -as an 32-bit unsigned integer in native byte order. -Optional, defaults to 1024. -.IP \fBNCR_ATTR_DSA_Q_BITS\fP -For DSA keys, length of the "q" key parameter in bits -as an 32-bit unsigned integer in native byte order. -Optional, defaults to 160. -.IP \fBNCR_ATTR_DH_BASE\fP -Mandatory for D-H keys. -The prime modulus of a D-H group as a big-endian multiple-precision integer. -.IP \fBNCR_ATTR_DH_PRIME\fP -Mandatory for D-H keys. -The generator of a D-H group as a big-endian multiple-precision integer. -.RE - -.IP -The -.B NCR_KEY_FLAG_EXPORTABLE -and -.B NCR_KEY_FLAG_WRAPPABLE -flags are automatically set on the public key. - -In addition to generating the key material, -the "persistent" key ID of both keys is set to a same value -derived from the public key. - -.TP -.B NCRIO_KEY_DERIVE -Derive a new key using one key and additional data. - -The parameter points to \fBstruct ncr_key_derive\fP, -which specifies the source and destination keys in the -.B input_key -and -.B new_key -members. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_KEY_FLAGS\fP -Optional, flags are unchanged if not present. -.IP \fBNCR_ATTR_DERIVATION_ALGORITHM\fP -Mandatory. -A NUL-terminated string specifying a key derivation algorithm. -Only -.B dh -is currently supported. -.IP \fBNCR_ATTR_DH_PUBLIC\fP -Mandatory for D-H derivation. -The peer's public D-H value as a big-endian multiple-precision integer. -.RE - -.TP -.B NCRIO_KEY_EXPORT -Export key material in the specified key object to user space. -Only keys with the -.B NCR_KEY_FLAG_EXPORTABLE -flag can be exported using this operation. - -The parameter points to \fBstruct ncr_key_export\fP, -which specifies the key to export in the -.B key -member, -and a buffer for the exported data in the -.B buffer -and -.B buffer_size -members. - -On success, size of the exported key is returned. - -Symmetric keys are written directly into the destination buffer. -Public and private keys are formatted using ASN.1, -except for DH public keys, which are written a raw binary number. - -.TP -.B NCRIO_KEY_IMPORT -Clear existing key material in the specified key object, -and import key material from user space. - -The parameter points to \fBstruct ncr_key_import\fP, -which specifies the destination key in the -.B key -member, -and the input data in the -.B data -and -.B data_size -members. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_ALGORITHM\fP -Mandatory. -.IP \fBNCR_ATTR_KEY_FLAGS\fP -Optional, flags are unchanged if not present. -.IP \fBNCR_ATTR_KEY_ID\fP -Optional, the "persistent" key ID is unchanged if not present. -.IP \fBNCR_ATTR_KEY_TYPE\fP -Mandatory. -.RE - -.IP -The data format is the same as in the -.B NCRIO_KEY_EXPORT -operation. - -.TP -.B NCRIO_KEY_GET_INFO -Get metadata of an existing key. - -The parameter points to \fBstruct ncr_key_get_info\fP, -which specifies \fBkey\fP, the key descriptor. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_WANTED_ATTRS\fP -An array of unsigned 16-bit integers in native byte order, -specifying the set of output attributes that should be returned. -\fBNCR_ATTR_ALGORITHM\fP, -.B NCR_ATTR_KEY_FLAGS -and -.B NCR_ATTR_KEY_TYPE -are currently supported. -Unsupported attribute requests are silently ignored -.RE - -.IP -The output attributes explicitly requested in \fBNCR_ATTR_WANTED_ATTRS\fP, -and no other output attributes, -are returned. - -.TP -.B NCRIO_KEY_WRAP -Wrap one key using another, and write the result to user space. -Only keys with the -.B NCR_KEY_FLAG_WRAPPABLE -flag can be wrapped using this operation. - -The parameter points to \fBstruct ncr_key_wrap\fP, -which specifies the key to wrap in the -.B source_key -member, -the wrapping key in the -.B wrapping_key -member, -and a buffer for the wrapped data in the -.B buffer -and -.B buffer_size -members. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_IV\fP -Optional, an empty IV is used if not present. -.IP \fBNCR_ATTR_WRAPPING_ALGORITHM\fP -Mandatory. -.RE - -.IP -Only secret keys can be currently wrapped. - -On success, size of the wrapped key is returned. - -.TP -.B NCRIO_KEY_UNWRAP -Unwrap user-space data into a kernel-space key using another key. - -The parameter points to \fBstruct ncr_key_unwrap\fP, -which specifies the destination key in the -.B dest_key -member, -the wrapping key in the -.B wrapping_key -member, -and the wrapped data in the -.B data -and -.B data_size -members. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_IV\fP -Optional, an empty IV is used if not present. -.IP \fBNCR_ATTR_KEY_FLAGS\fP -Optional, flags are unchanged if not present. -.IP \fBNCR_ATTR_WRAPPING_ALGORITHM\fP -Mandatory. -.RE - -.IP -The unwrapped key will have the -.B NCR_KEY_FLAG_WRAPPABLE -flag set, and the -.B NCR_KEY_FLAG_EXPORTABLE -flag clear. - -.TP -.B NCRIO_KEY_STORAGE_WRAP -Wrap a key object and associated metadata using the system-wide storage master -key, -and write the result to user space. - -Only keys with the -.B NCR_KEY_FLAG_WRAPPABLE -flag can be wrapped using this operation. - -The parameter points to \fBstruct ncr_key_storage_wrap\fP, -which specifies the key to wrap in the -.B key -member, -and a buffer for the wrapped data in the -.B buffer -and -.B buffer_size -members. - -On success, size of the wrapped key is returned. - -Both symmetric and asymmetric keys can be wrapped using this operation. -The wrapped data includes data corresponding the -\fBNCR_ATTR_ALGORITHM\fP, \fBNCR_ATTR_KEY_FLAGS\fP, -.B NCR_ATTR_KEY_TYPE -and -.B NCR_ATTR_KEY_ID -attributes -in addition to the raw key material: - -.TP -.B NCRIO_KEY_STORAGE_UNWRAP -Unwrap key and associated metadata created using \fBNCRIO_KEY_STORAGE_WRAP\fP, -and restore the information into a specified key object. - -The parameter points to \fBstruct ncr_key_storage_unwrap\fP, -which specifies the destination key in the -.B key -member -and the wrapped data in the -.B data -and -.B data_size -members. - -See -.B NCRIO_KEY_STORAGE_WRAP -above for the list of attributes that will be restored. - -.TP -.B NCRIO_SESSION_INIT -Allocate a session for performing crypto operations. - -The parameter points to \fBstruct ncr_session_init\fP, -which specifies the operation to perform, -one of \fBNCR_OP_ENCRYPT\fP, \fBNCR_OP_DECRYPT\fP, -.B NCR_OP_SIGN -and \fBNCR_OP_VERIFY\fP, -in the -.B op -member. -Use -.B NCR_OP_SIGN -for computing an unkeyed hash as well as keyed hashes and signatures. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_ALGORITHM\fP -Mandatory unless -.B NCR_ATTR_SESSION_CLONE_FROM -is provided. -.IP \fBNCR_ATTR_IV\fP -Mandatory for some operations and algorithms. -.IP \fBNCR_ATTR_KEY\fP -Mandatory for some operations and algorithms. -An 32-bit unsigned integer in native byte order -specifying the key to use for the operation. -If -.B NCR_ATTR_SESSION_CLONE_FROM -is provided, the key from the original session is used. -.IP \fBNCR_ATTR_RSA_ENCODING_METHOD\fP -Mandatory for RSA. -An 32-bit unsigned integer in native byte order -specifying a RSA encoding method, -one of \fBRSA_PKCS1_V1_5\fP, -.B RSA_PKCS1_OAEP -and \fBRSA_PKCS1_PSS\fP. -.IP \fBNCR_ATTR_RSA_OAEP_HASH_ALGORITHM\fP -Mandatory for RSA with \fBRSA_PKCS1_OAEP\fP. -A NUL-terminated string specifying a hash algorithm used in the -OAEP encoding method. -.IP \fBNCR_ATTR_RSA_PSS_SALT_LENGTH\fP -For RSA with \fBRSA_PKCS1_PSS\fP. -An 32-bit unsigned integer in native byte order -specifying the PSS salt length. -Optional, defaults to 0. -.IP \fBNCR_ATTR_SESSION_CLONE_FROM\fP -Optional, a 32-bit unsigned integer in native byte order -specifying session state to clone. -Only supported for some operations and algorithms. -.IP \fBNCR_ATTR_SIGNATURE_HASH_ALGORITHM\fP -Mandatory for some operations and algorithms. -A NUL-terminated string specifying a hash algorithm underlying a signature, -using the same formats as \fBNCR_ATTR_ALGORITHM\fP. -.RE - -.IP -On success, an integer descriptor for the created session -(valid within the current -.I /dev/crypto -namespace) -is returned. - -.TP -.B NCRIO_SESSION_UPDATE -Update an existing crypto session with new data -(for operations, such as hashing, for which data can be supplied in pieces), -or perform a single operation using the session context (for operations, such -as public key encryption, that work on separate units of data). - -The parameter points to \fBstruct ncr_session_update\fP, -which specifies the descriptor of the session in the -.B ses -member. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_IV\fP -Only used for some operations and algorithms. -Optional, -IV from session initialization or left from last update is used if not present. -.IP \fBNCR_ATTR_UPDATE_INPUT_DATA\fP -A -.B struct ncr_session_input_data -specifying input for the operation in its -.B data -and -.B data_size -members. -.IP \fBNCR_ATTR_UPDATE_INPUT_KEY_AS_DATA\fP -An 32-bit unsigned integer in native byte order -specifying the key descriptor serving as input for the operation. -This can be currently used only to compute or verify a signature or hash -of a symmetric key: -the keying material is directly used as input data for the underlying hash. -.IP \fBNCR_ATTR_UPDATE_OUTPUT_BUFFER\fP -Mandatory for some operations and algorithms. -A -.B struct ncr_session_output_buffer -specifying buffer for operation output in its -.B buffer -and -.B buffer_size -members. -On success the size of output is written to the variable pointed to by the -.B result_size_ptr -member. -.RE - -.IP -It is mandatory to include one of the -.B NCR_ATTR_UPDATE_INPUT_DATA -and -.B NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA -attributes. - -For the -.B NCR_OP_ENCRYPT -and -.B NCR_OP_DECRYPT -operations using symmetric ciphers, -the operation is performed on the input data, -resulting in an output data block of the same size; -for operations using public-key cryptography, -a single operation is performed on the input data, -resulting in output data. - -For the -.B NCR_OP_SIGN -and -.B NCR_OP_VERIFY -operations, -the input data is supplied to the underlying hash function; -no output data is produced. - -.TP -.B NCRIO_SESSION_FINAL -Finalize an existing crypto session and deallocate it. - -The parameter points to \fBstruct ncr_session_final\fP, -which specifies the descriptor of the session in the -.B ses -member. - -If one of the -.B NCR_ATTR_UPDATE_INPUT_DATA -and -.B NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA -attributes is present, -all attributes are first processed as if using \fBNCRIO_SESSION_UPDATE\fP; -thus, the last update operation can be performed together with the finalization -in one step. - -The following input attributes are recognized: - -.RS -.IP \fBNCR_ATTR_FINAL_INPUT_DATA\fP -Mandatory for some operations and algorithms. -A -.B struct ncr_session_input_data -as described above, specifying input for the operation. -.IP \fBNCR_ATTR_FINAL_OUTPUT_BUFFER\fP -Mandatory for some operations and algorithms. -A -.B struct ncr_session_output_buffer -as described above, specifying buffer for operation output. -.RE - -.IP -There is no specific finalization operation performed for -.B NCR_OP_ENCRYPT -and \fBNCR_OP_DECRYPT\fP. - -For the -.B NCR_OP_SIGN -operation, -the signature is created and written as output data. - -For the -.B NCR_OP_VERIFY -operation, -a signature specified as input is verified and -the result of this operation is returned: -non-zero for a valid signature, zero for an invalid signature. -Note that the -.BR ioctl (2) -operation return value will be non-negative, i.e. "success", -even if the signature verification fails, -as long all inputs were specified correctly. - -The session will be deallocated even if the -.B NCRIO_SESSION_FINAL -operation reports an error, -as long as a valid session descriptor was specified. - -.TP -.B NCRIO_SESSION_ONCE -Perform an one-shot crypto operation, -allocating a temporary session, -supplying a single instance of data, -and finalizing the session in one operation. - -The parameter points to \fBstruct ncr_session_once\fP, -which specifies the operation to perform in the -.B op -member. - -The attributes handled as if by passing to a -.B NCRIO_SESSION_INIT -operation followed by a -.B NCRIO_SESSION_FINAL -operation, -and the return value of the -.B NCRIO_SESSION_FINAL -is returned on success. - -.TP -.B NCRIO_MASTER_KEY_SET -Set the system-wide storage master key. -Only a process with EUID 0 and the -.B CAP_SYS_ADMIN -capability is allowed to perform this operation. -Once a master key is set, -it can be changed only by rebooting the system -and setting a different key. - -The parameter points to \fBstruct ncr_master_key_set\fP, -which specifies the key material in user space using the -.B key -and -.B key_size -members. - -Only an AES key with size 16, 24, or 32 bytes is currently acceptable. - -.SH CONFIGURATION -The -.B NCRIO_KEY_STORAGE_WRAP -and -.B NCRIO_KEY_STORAGE_UNWRAP -.BR ioctl ()s -work only after a storage master key is configured by the system -administrator. -See \fBNCRIO_MASTER_KEY_SET\fP above. - -.SH FILES -.I /dev/crypto diff --git a/Makefile b/crypto/userspace/Makefile index cdaab9339e3..cdaab9339e3 100644 --- a/Makefile +++ b/crypto/userspace/Makefile diff --git a/cryptodev_cipher.c b/crypto/userspace/cryptodev_cipher.c index 1fb11473715..1fb11473715 100644 --- a/cryptodev_cipher.c +++ b/crypto/userspace/cryptodev_cipher.c diff --git a/cryptodev_int.h b/crypto/userspace/cryptodev_int.h index 4b140ba9820..4b140ba9820 100644 --- a/cryptodev_int.h +++ b/crypto/userspace/cryptodev_int.h diff --git a/cryptodev_main.c b/crypto/userspace/cryptodev_main.c index 2a11fdb1258..2a11fdb1258 100644 --- a/cryptodev_main.c +++ b/crypto/userspace/cryptodev_main.c diff --git a/libtomcrypt/hashes/crypt_hash_is_valid.c b/crypto/userspace/libtomcrypt/hashes/crypt_hash_is_valid.c index d01d4183f80..d01d4183f80 100644 --- a/libtomcrypt/hashes/crypt_hash_is_valid.c +++ b/crypto/userspace/libtomcrypt/hashes/crypt_hash_is_valid.c diff --git a/libtomcrypt/hashes/hash_get_oid.c b/crypto/userspace/libtomcrypt/hashes/hash_get_oid.c index 39f43722884..39f43722884 100644 --- a/libtomcrypt/hashes/hash_get_oid.c +++ b/crypto/userspace/libtomcrypt/hashes/hash_get_oid.c diff --git a/libtomcrypt/hashes/hash_memory.c b/crypto/userspace/libtomcrypt/hashes/hash_memory.c index c6f51881245..c6f51881245 100644 --- a/libtomcrypt/hashes/hash_memory.c +++ b/crypto/userspace/libtomcrypt/hashes/hash_memory.c diff --git a/libtomcrypt/hashes/hash_memory_multi.c b/crypto/userspace/libtomcrypt/hashes/hash_memory_multi.c index 74226767a72..74226767a72 100644 --- a/libtomcrypt/hashes/hash_memory_multi.c +++ b/crypto/userspace/libtomcrypt/hashes/hash_memory_multi.c diff --git a/libtomcrypt/headers/tomcrypt.h b/crypto/userspace/libtomcrypt/headers/tomcrypt.h index fdb6c8d1f16..fdb6c8d1f16 100644 --- a/libtomcrypt/headers/tomcrypt.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt.h diff --git a/libtomcrypt/headers/tomcrypt_argchk.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_argchk.h index 1ba08c7ffad..1ba08c7ffad 100644 --- a/libtomcrypt/headers/tomcrypt_argchk.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_argchk.h diff --git a/libtomcrypt/headers/tomcrypt_cfg.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_cfg.h index 8ad90bce4b0..8ad90bce4b0 100644 --- a/libtomcrypt/headers/tomcrypt_cfg.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_cfg.h diff --git a/libtomcrypt/headers/tomcrypt_custom.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_custom.h index c537dc7605a..c537dc7605a 100644 --- a/libtomcrypt/headers/tomcrypt_custom.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_custom.h diff --git a/libtomcrypt/headers/tomcrypt_hash.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_hash.h index e4e84e4841b..e4e84e4841b 100644 --- a/libtomcrypt/headers/tomcrypt_hash.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_hash.h diff --git a/libtomcrypt/headers/tomcrypt_macros.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_macros.h index 53bda9bb4ba..53bda9bb4ba 100644 --- a/libtomcrypt/headers/tomcrypt_macros.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_macros.h diff --git a/libtomcrypt/headers/tomcrypt_math.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_math.h index 6c0e6c5fb34..6c0e6c5fb34 100644 --- a/libtomcrypt/headers/tomcrypt_math.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_math.h diff --git a/libtomcrypt/headers/tomcrypt_misc.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_misc.h index f5384cacc51..f5384cacc51 100644 --- a/libtomcrypt/headers/tomcrypt_misc.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_misc.h diff --git a/libtomcrypt/headers/tomcrypt_pk.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_pk.h index 73348805748..73348805748 100644 --- a/libtomcrypt/headers/tomcrypt_pk.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_pk.h diff --git a/libtomcrypt/headers/tomcrypt_pkcs.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_pkcs.h index be0d7f6822a..be0d7f6822a 100644 --- a/libtomcrypt/headers/tomcrypt_pkcs.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_pkcs.h diff --git a/libtomcrypt/headers/tomcrypt_prng.h b/crypto/userspace/libtomcrypt/headers/tomcrypt_prng.h index 26bf711e3ce..26bf711e3ce 100644 --- a/libtomcrypt/headers/tomcrypt_prng.h +++ b/crypto/userspace/libtomcrypt/headers/tomcrypt_prng.h diff --git a/libtomcrypt/math/rand_prime.c b/crypto/userspace/libtomcrypt/math/rand_prime.c index 5eff3a188ca..5eff3a188ca 100644 --- a/libtomcrypt/math/rand_prime.c +++ b/crypto/userspace/libtomcrypt/math/rand_prime.c diff --git a/libtomcrypt/misc/crypt/crypt_argchk.c b/crypto/userspace/libtomcrypt/misc/crypt/crypt_argchk.c index 143b784359d..143b784359d 100644 --- a/libtomcrypt/misc/crypt/crypt_argchk.c +++ b/crypto/userspace/libtomcrypt/misc/crypt/crypt_argchk.c diff --git a/libtomcrypt/misc/pk_get_oid.c b/crypto/userspace/libtomcrypt/misc/pk_get_oid.c index 197d7aea20d..197d7aea20d 100644 --- a/libtomcrypt/misc/pk_get_oid.c +++ b/crypto/userspace/libtomcrypt/misc/pk_get_oid.c diff --git a/libtomcrypt/misc/qsort.c b/crypto/userspace/libtomcrypt/misc/qsort.c index 72f51088e35..72f51088e35 100644 --- a/libtomcrypt/misc/qsort.c +++ b/crypto/userspace/libtomcrypt/misc/qsort.c diff --git a/libtomcrypt/misc/zeromem.c b/crypto/userspace/libtomcrypt/misc/zeromem.c index a4bb124fdc6..a4bb124fdc6 100644 --- a/libtomcrypt/misc/zeromem.c +++ b/crypto/userspace/libtomcrypt/misc/zeromem.c diff --git a/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c index c9f6368e0ff..c9f6368e0ff 100644 --- a/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_decode_bit_string.c diff --git a/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c index d1b6064a86c..d1b6064a86c 100644 --- a/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_encode_bit_string.c diff --git a/libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c index 3b7a8e14e4f..3b7a8e14e4f 100644 --- a/libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/bit/der_length_bit_string.c diff --git a/libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c index f374aa6920a..f374aa6920a 100644 --- a/libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_decode_boolean.c diff --git a/libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c index df497bfb7e6..df497bfb7e6 100644 --- a/libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_encode_boolean.c diff --git a/libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c index aa3e03d764e..aa3e03d764e 100644 --- a/libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/boolean/der_length_boolean.c diff --git a/libtomcrypt/pk/asn1/der/choice/der_decode_choice.c b/crypto/userspace/libtomcrypt/pk/asn1/der/choice/der_decode_choice.c index 277c731b093..277c731b093 100644 --- a/libtomcrypt/pk/asn1/der/choice/der_decode_choice.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/choice/der_decode_choice.c diff --git a/libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c index 001477b6ffb..001477b6ffb 100644 --- a/libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_decode_ia5_string.c diff --git a/libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c index 82ed4666984..82ed4666984 100644 --- a/libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_encode_ia5_string.c diff --git a/libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c index 4d60f8ead7b..4d60f8ead7b 100644 --- a/libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/ia5/der_length_ia5_string.c diff --git a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c index d7b13cfa7c8..d7b13cfa7c8 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_decode_integer.c diff --git a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c index 830446a26cc..830446a26cc 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_encode_integer.c diff --git a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_length_integer.c index 40addd5842b..40addd5842b 100644 --- a/libtomcrypt/pk/asn1/der/integer/der_length_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/integer/der_length_integer.c diff --git a/libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c index cdd296d27b2..cdd296d27b2 100644 --- a/libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_decode_object_identifier.c diff --git a/libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c index b26ebdf5170..b26ebdf5170 100644 --- a/libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_encode_object_identifier.c diff --git a/libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c index ada54ab720d..ada54ab720d 100644 --- a/libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/object_identifier/der_length_object_identifier.c diff --git a/libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c index ab5bc10e3bd..ab5bc10e3bd 100644 --- a/libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_decode_octet_string.c diff --git a/libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c index 64a07709e03..64a07709e03 100644 --- a/libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_encode_octet_string.c diff --git a/libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c index c49415951b2..c49415951b2 100644 --- a/libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/octet/der_length_octet_string.c diff --git a/libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c index 8504f7719dd..8504f7719dd 100644 --- a/libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_decode_printable_string.c diff --git a/libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c index deccdee88aa..deccdee88aa 100644 --- a/libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_encode_printable_string.c diff --git a/libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c index 997d3b5f9e9..997d3b5f9e9 100644 --- a/libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/printable_string/der_length_printable_string.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c index 20674370be5..20674370be5 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_ex.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c index e84f72e7cd9..e84f72e7cd9 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_flexi.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c index c064d9ee3ff..c064d9ee3ff 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_decode_sequence_multi.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c index e92f7c310d6..e92f7c310d6 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_ex.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c index 8d53c623965..8d53c623965 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_encode_sequence_multi.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c index d2e9803d75e..d2e9803d75e 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_length_sequence.c diff --git a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c index 90a1297347d..90a1297347d 100644 --- a/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/sequence/der_sequence_free.c diff --git a/libtomcrypt/pk/asn1/der/set/der_encode_set.c b/crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_set.c index 8a13479a180..8a13479a180 100644 --- a/libtomcrypt/pk/asn1/der/set/der_encode_set.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_set.c diff --git a/libtomcrypt/pk/asn1/der/set/der_encode_setof.c b/crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_setof.c index aa1af729b6b..aa1af729b6b 100644 --- a/libtomcrypt/pk/asn1/der/set/der_encode_setof.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/set/der_encode_setof.c diff --git a/libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c index fbb89a4f850..fbb89a4f850 100644 --- a/libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_decode_short_integer.c diff --git a/libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c index cd9e6d1015e..cd9e6d1015e 100644 --- a/libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_encode_short_integer.c diff --git a/libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c index ec3f8f14f82..ec3f8f14f82 100644 --- a/libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/short_integer/der_length_short_integer.c diff --git a/libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c index 54fc204adee..54fc204adee 100644 --- a/libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_decode_utctime.c diff --git a/libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c index cb32dfa619b..cb32dfa619b 100644 --- a/libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_encode_utctime.c diff --git a/libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c index e5922b02308..e5922b02308 100644 --- a/libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utctime/der_length_utctime.c diff --git a/libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c index 9df7e2315c1..9df7e2315c1 100644 --- a/libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_decode_utf8_string.c diff --git a/libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c index d1efb09c7b4..d1efb09c7b4 100644 --- a/libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_encode_utf8_string.c diff --git a/libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c index 920bd003fe5..920bd003fe5 100644 --- a/libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/utf8/der_length_utf8_string.c diff --git a/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c b/crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c index 3ebb8ea977f..3ebb8ea977f 100644 --- a/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_decode_subject_public_key_info.c diff --git a/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c b/crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c index 4c7e966491d..4c7e966491d 100644 --- a/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c +++ b/crypto/userspace/libtomcrypt/pk/asn1/der/x509/der_encode_subject_public_key_info.c diff --git a/libtomcrypt/pk/dsa/dsa_export.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_export.c index 5a2d5df87c7..5a2d5df87c7 100644 --- a/libtomcrypt/pk/dsa/dsa_export.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_export.c diff --git a/libtomcrypt/pk/dsa/dsa_free.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_free.c index 37a330d14e8..37a330d14e8 100644 --- a/libtomcrypt/pk/dsa/dsa_free.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_free.c diff --git a/libtomcrypt/pk/dsa/dsa_import.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_import.c index c6a1f6f6037..c6a1f6f6037 100644 --- a/libtomcrypt/pk/dsa/dsa_import.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_import.c diff --git a/libtomcrypt/pk/dsa/dsa_make_key.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_make_key.c index eab5d155899..eab5d155899 100644 --- a/libtomcrypt/pk/dsa/dsa_make_key.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_make_key.c diff --git a/libtomcrypt/pk/dsa/dsa_sign_hash.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_sign_hash.c index 6f4dad8d3e6..6f4dad8d3e6 100644 --- a/libtomcrypt/pk/dsa/dsa_sign_hash.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_sign_hash.c diff --git a/libtomcrypt/pk/dsa/dsa_verify_hash.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_hash.c index 3a82d1bc420..3a82d1bc420 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_hash.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_hash.c diff --git a/libtomcrypt/pk/dsa/dsa_verify_key.c b/crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_key.c index 71635d25912..71635d25912 100644 --- a/libtomcrypt/pk/dsa/dsa_verify_key.c +++ b/crypto/userspace/libtomcrypt/pk/dsa/dsa_verify_key.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c index 70294a505e0..70294a505e0 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_i2osp.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c index bfa3e7e9192..bfa3e7e9192 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_mgf1.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c index 04833ff03b1..04833ff03b1 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_decode.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c index ab75f73d7d0..ab75f73d7d0 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_oaep_encode.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c index 513abb69f84..513abb69f84 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_os2ip.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c index 789d12d9d42..789d12d9d42 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_decode.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c index d3ce3d9c012..d3ce3d9c012 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_pss_encode.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c index 1bb08e31558..1bb08e31558 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_decode.c diff --git a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c index 048fe69280b..048fe69280b 100644 --- a/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c +++ b/crypto/userspace/libtomcrypt/pk/pkcs1/pkcs_1_v1_5_encode.c diff --git a/libtomcrypt/pk/rsa/rsa_decrypt_key.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_decrypt_key.c index 813a76544f1..813a76544f1 100644 --- a/libtomcrypt/pk/rsa/rsa_decrypt_key.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_decrypt_key.c diff --git a/libtomcrypt/pk/rsa/rsa_encrypt_key.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_encrypt_key.c index 8d3f2db1daa..8d3f2db1daa 100644 --- a/libtomcrypt/pk/rsa/rsa_encrypt_key.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_encrypt_key.c diff --git a/libtomcrypt/pk/rsa/rsa_export.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_export.c index 21f859caaab..21f859caaab 100644 --- a/libtomcrypt/pk/rsa/rsa_export.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_export.c diff --git a/libtomcrypt/pk/rsa/rsa_exptmod.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_exptmod.c index 35ebfe3bb96..35ebfe3bb96 100644 --- a/libtomcrypt/pk/rsa/rsa_exptmod.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_exptmod.c diff --git a/libtomcrypt/pk/rsa/rsa_free.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_free.c index d38b266197f..d38b266197f 100644 --- a/libtomcrypt/pk/rsa/rsa_free.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_free.c diff --git a/libtomcrypt/pk/rsa/rsa_import.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_import.c index 87cb1030d47..87cb1030d47 100644 --- a/libtomcrypt/pk/rsa/rsa_import.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_import.c diff --git a/libtomcrypt/pk/rsa/rsa_make_key.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_make_key.c index 6718f09bc9f..6718f09bc9f 100644 --- a/libtomcrypt/pk/rsa/rsa_make_key.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_make_key.c diff --git a/libtomcrypt/pk/rsa/rsa_sign_hash.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_sign_hash.c index faf13d27b8f..faf13d27b8f 100644 --- a/libtomcrypt/pk/rsa/rsa_sign_hash.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_sign_hash.c diff --git a/libtomcrypt/pk/rsa/rsa_verify_hash.c b/crypto/userspace/libtomcrypt/pk/rsa/rsa_verify_hash.c index 803b7cd4edf..803b7cd4edf 100644 --- a/libtomcrypt/pk/rsa/rsa_verify_hash.c +++ b/crypto/userspace/libtomcrypt/pk/rsa/rsa_verify_hash.c diff --git a/libtommath/LICENSE b/crypto/userspace/libtommath/LICENSE index 5baa792a650..5baa792a650 100644 --- a/libtommath/LICENSE +++ b/crypto/userspace/libtommath/LICENSE diff --git a/libtommath/bn_error.c b/crypto/userspace/libtommath/bn_error.c index b1b7177e61f..b1b7177e61f 100644 --- a/libtommath/bn_error.c +++ b/crypto/userspace/libtommath/bn_error.c diff --git a/libtommath/bn_fast_mp_invmod.c b/crypto/userspace/libtommath/bn_fast_mp_invmod.c index ff03dfffe3d..ff03dfffe3d 100644 --- a/libtommath/bn_fast_mp_invmod.c +++ b/crypto/userspace/libtommath/bn_fast_mp_invmod.c diff --git a/libtommath/bn_fast_mp_montgomery_reduce.c b/crypto/userspace/libtommath/bn_fast_mp_montgomery_reduce.c index b6c0694bd2f..b6c0694bd2f 100644 --- a/libtommath/bn_fast_mp_montgomery_reduce.c +++ b/crypto/userspace/libtommath/bn_fast_mp_montgomery_reduce.c diff --git a/libtommath/bn_fast_s_mp_mul_digs.c b/crypto/userspace/libtommath/bn_fast_s_mp_mul_digs.c index 91e10d670fe..91e10d670fe 100644 --- a/libtommath/bn_fast_s_mp_mul_digs.c +++ b/crypto/userspace/libtommath/bn_fast_s_mp_mul_digs.c diff --git a/libtommath/bn_fast_s_mp_mul_high_digs.c b/crypto/userspace/libtommath/bn_fast_s_mp_mul_high_digs.c index 5b114d717ab..5b114d717ab 100644 --- a/libtommath/bn_fast_s_mp_mul_high_digs.c +++ b/crypto/userspace/libtommath/bn_fast_s_mp_mul_high_digs.c diff --git a/libtommath/bn_fast_s_mp_sqr.c b/crypto/userspace/libtommath/bn_fast_s_mp_sqr.c index 19e92ef1807..19e92ef1807 100644 --- a/libtommath/bn_fast_s_mp_sqr.c +++ b/crypto/userspace/libtommath/bn_fast_s_mp_sqr.c diff --git a/libtommath/bn_mp_2expt.c b/crypto/userspace/libtommath/bn_mp_2expt.c index f422ffc9946..f422ffc9946 100644 --- a/libtommath/bn_mp_2expt.c +++ b/crypto/userspace/libtommath/bn_mp_2expt.c diff --git a/libtommath/bn_mp_abs.c b/crypto/userspace/libtommath/bn_mp_abs.c index 09dd7229eb5..09dd7229eb5 100644 --- a/libtommath/bn_mp_abs.c +++ b/crypto/userspace/libtommath/bn_mp_abs.c diff --git a/libtommath/bn_mp_add.c b/crypto/userspace/libtommath/bn_mp_add.c index be20644770d..be20644770d 100644 --- a/libtommath/bn_mp_add.c +++ b/crypto/userspace/libtommath/bn_mp_add.c diff --git a/libtommath/bn_mp_add_d.c b/crypto/userspace/libtommath/bn_mp_add_d.c index 8ca36c1124f..8ca36c1124f 100644 --- a/libtommath/bn_mp_add_d.c +++ b/crypto/userspace/libtommath/bn_mp_add_d.c diff --git a/libtommath/bn_mp_addmod.c b/crypto/userspace/libtommath/bn_mp_addmod.c index 6d8afe18c93..6d8afe18c93 100644 --- a/libtommath/bn_mp_addmod.c +++ b/crypto/userspace/libtommath/bn_mp_addmod.c diff --git a/libtommath/bn_mp_and.c b/crypto/userspace/libtommath/bn_mp_and.c index 8ea22878f91..8ea22878f91 100644 --- a/libtommath/bn_mp_and.c +++ b/crypto/userspace/libtommath/bn_mp_and.c diff --git a/libtommath/bn_mp_clamp.c b/crypto/userspace/libtommath/bn_mp_clamp.c index 359c2ff24d2..359c2ff24d2 100644 --- a/libtommath/bn_mp_clamp.c +++ b/crypto/userspace/libtommath/bn_mp_clamp.c diff --git a/libtommath/bn_mp_clear.c b/crypto/userspace/libtommath/bn_mp_clear.c index a65f0a36c49..a65f0a36c49 100644 --- a/libtommath/bn_mp_clear.c +++ b/crypto/userspace/libtommath/bn_mp_clear.c diff --git a/libtommath/bn_mp_clear_multi.c b/crypto/userspace/libtommath/bn_mp_clear_multi.c index daaea79a3bd..daaea79a3bd 100644 --- a/libtommath/bn_mp_clear_multi.c +++ b/crypto/userspace/libtommath/bn_mp_clear_multi.c diff --git a/libtommath/bn_mp_cmp.c b/crypto/userspace/libtommath/bn_mp_cmp.c index 533f36bf931..533f36bf931 100644 --- a/libtommath/bn_mp_cmp.c +++ b/crypto/userspace/libtommath/bn_mp_cmp.c diff --git a/libtommath/bn_mp_cmp_d.c b/crypto/userspace/libtommath/bn_mp_cmp_d.c index 724c1c36344..724c1c36344 100644 --- a/libtommath/bn_mp_cmp_d.c +++ b/crypto/userspace/libtommath/bn_mp_cmp_d.c diff --git a/libtommath/bn_mp_cmp_mag.c b/crypto/userspace/libtommath/bn_mp_cmp_mag.c index 693eb7cc729..693eb7cc729 100644 --- a/libtommath/bn_mp_cmp_mag.c +++ b/crypto/userspace/libtommath/bn_mp_cmp_mag.c diff --git a/libtommath/bn_mp_cnt_lsb.c b/crypto/userspace/libtommath/bn_mp_cnt_lsb.c index 66d1a74714b..66d1a74714b 100644 --- a/libtommath/bn_mp_cnt_lsb.c +++ b/crypto/userspace/libtommath/bn_mp_cnt_lsb.c diff --git a/libtommath/bn_mp_copy.c b/crypto/userspace/libtommath/bn_mp_copy.c index b0de16d8abf..b0de16d8abf 100644 --- a/libtommath/bn_mp_copy.c +++ b/crypto/userspace/libtommath/bn_mp_copy.c diff --git a/libtommath/bn_mp_count_bits.c b/crypto/userspace/libtommath/bn_mp_count_bits.c index 8bc5657a333..8bc5657a333 100644 --- a/libtommath/bn_mp_count_bits.c +++ b/crypto/userspace/libtommath/bn_mp_count_bits.c diff --git a/libtommath/bn_mp_div.c b/crypto/userspace/libtommath/bn_mp_div.c index aee9c94324d..aee9c94324d 100644 --- a/libtommath/bn_mp_div.c +++ b/crypto/userspace/libtommath/bn_mp_div.c diff --git a/libtommath/bn_mp_div_2.c b/crypto/userspace/libtommath/bn_mp_div_2.c index 7ee3e5b70fd..7ee3e5b70fd 100644 --- a/libtommath/bn_mp_div_2.c +++ b/crypto/userspace/libtommath/bn_mp_div_2.c diff --git a/libtommath/bn_mp_div_2d.c b/crypto/userspace/libtommath/bn_mp_div_2d.c index 4f7fa59e3f3..4f7fa59e3f3 100644 --- a/libtommath/bn_mp_div_2d.c +++ b/crypto/userspace/libtommath/bn_mp_div_2d.c diff --git a/libtommath/bn_mp_div_3.c b/crypto/userspace/libtommath/bn_mp_div_3.c index 3c60269ecea..3c60269ecea 100644 --- a/libtommath/bn_mp_div_3.c +++ b/crypto/userspace/libtommath/bn_mp_div_3.c diff --git a/libtommath/bn_mp_div_d.c b/crypto/userspace/libtommath/bn_mp_div_d.c index 6a26d4f0cf6..6a26d4f0cf6 100644 --- a/libtommath/bn_mp_div_d.c +++ b/crypto/userspace/libtommath/bn_mp_div_d.c diff --git a/libtommath/bn_mp_dr_is_modulus.c b/crypto/userspace/libtommath/bn_mp_dr_is_modulus.c index 52373440d83..52373440d83 100644 --- a/libtommath/bn_mp_dr_is_modulus.c +++ b/crypto/userspace/libtommath/bn_mp_dr_is_modulus.c diff --git a/libtommath/bn_mp_dr_reduce.c b/crypto/userspace/libtommath/bn_mp_dr_reduce.c index e60b5784f16..e60b5784f16 100644 --- a/libtommath/bn_mp_dr_reduce.c +++ b/crypto/userspace/libtommath/bn_mp_dr_reduce.c diff --git a/libtommath/bn_mp_dr_setup.c b/crypto/userspace/libtommath/bn_mp_dr_setup.c index 1d7d856ef0a..1d7d856ef0a 100644 --- a/libtommath/bn_mp_dr_setup.c +++ b/crypto/userspace/libtommath/bn_mp_dr_setup.c diff --git a/libtommath/bn_mp_exch.c b/crypto/userspace/libtommath/bn_mp_exch.c index 38574e0a5e9..38574e0a5e9 100644 --- a/libtommath/bn_mp_exch.c +++ b/crypto/userspace/libtommath/bn_mp_exch.c diff --git a/libtommath/bn_mp_expt_d.c b/crypto/userspace/libtommath/bn_mp_expt_d.c index 4bdc2d13a69..4bdc2d13a69 100644 --- a/libtommath/bn_mp_expt_d.c +++ b/crypto/userspace/libtommath/bn_mp_expt_d.c diff --git a/libtommath/bn_mp_exptmod.c b/crypto/userspace/libtommath/bn_mp_exptmod.c index 023191657ab..023191657ab 100644 --- a/libtommath/bn_mp_exptmod.c +++ b/crypto/userspace/libtommath/bn_mp_exptmod.c diff --git a/libtommath/bn_mp_exptmod_fast.c b/crypto/userspace/libtommath/bn_mp_exptmod_fast.c index 2a3b3c9e816..2a3b3c9e816 100644 --- a/libtommath/bn_mp_exptmod_fast.c +++ b/crypto/userspace/libtommath/bn_mp_exptmod_fast.c diff --git a/libtommath/bn_mp_exteuclid.c b/crypto/userspace/libtommath/bn_mp_exteuclid.c index e6c4ce2b853..e6c4ce2b853 100644 --- a/libtommath/bn_mp_exteuclid.c +++ b/crypto/userspace/libtommath/bn_mp_exteuclid.c diff --git a/libtommath/bn_mp_gcd.c b/crypto/userspace/libtommath/bn_mp_gcd.c index b39ba9041db..b39ba9041db 100644 --- a/libtommath/bn_mp_gcd.c +++ b/crypto/userspace/libtommath/bn_mp_gcd.c diff --git a/libtommath/bn_mp_get_int.c b/crypto/userspace/libtommath/bn_mp_get_int.c index 17162e2bf1f..17162e2bf1f 100644 --- a/libtommath/bn_mp_get_int.c +++ b/crypto/userspace/libtommath/bn_mp_get_int.c diff --git a/libtommath/bn_mp_grow.c b/crypto/userspace/libtommath/bn_mp_grow.c index cf2b949b248..cf2b949b248 100644 --- a/libtommath/bn_mp_grow.c +++ b/crypto/userspace/libtommath/bn_mp_grow.c diff --git a/libtommath/bn_mp_init.c b/crypto/userspace/libtommath/bn_mp_init.c index 8be27f5696a..8be27f5696a 100644 --- a/libtommath/bn_mp_init.c +++ b/crypto/userspace/libtommath/bn_mp_init.c diff --git a/libtommath/bn_mp_init_copy.c b/crypto/userspace/libtommath/bn_mp_init_copy.c index 0160811affb..0160811affb 100644 --- a/libtommath/bn_mp_init_copy.c +++ b/crypto/userspace/libtommath/bn_mp_init_copy.c diff --git a/libtommath/bn_mp_init_multi.c b/crypto/userspace/libtommath/bn_mp_init_multi.c index 59dc3a9ea75..59dc3a9ea75 100644 --- a/libtommath/bn_mp_init_multi.c +++ b/crypto/userspace/libtommath/bn_mp_init_multi.c diff --git a/libtommath/bn_mp_init_set.c b/crypto/userspace/libtommath/bn_mp_init_set.c index 34edad92ff0..34edad92ff0 100644 --- a/libtommath/bn_mp_init_set.c +++ b/crypto/userspace/libtommath/bn_mp_init_set.c diff --git a/libtommath/bn_mp_init_set_int.c b/crypto/userspace/libtommath/bn_mp_init_set_int.c index 5c559931520..5c559931520 100644 --- a/libtommath/bn_mp_init_set_int.c +++ b/crypto/userspace/libtommath/bn_mp_init_set_int.c diff --git a/libtommath/bn_mp_init_size.c b/crypto/userspace/libtommath/bn_mp_init_size.c index 8e014183a3e..8e014183a3e 100644 --- a/libtommath/bn_mp_init_size.c +++ b/crypto/userspace/libtommath/bn_mp_init_size.c diff --git a/libtommath/bn_mp_invmod.c b/crypto/userspace/libtommath/bn_mp_invmod.c index 154651468fb..154651468fb 100644 --- a/libtommath/bn_mp_invmod.c +++ b/crypto/userspace/libtommath/bn_mp_invmod.c diff --git a/libtommath/bn_mp_invmod_slow.c b/crypto/userspace/libtommath/bn_mp_invmod_slow.c index eedd47dcf13..eedd47dcf13 100644 --- a/libtommath/bn_mp_invmod_slow.c +++ b/crypto/userspace/libtommath/bn_mp_invmod_slow.c diff --git a/libtommath/bn_mp_is_square.c b/crypto/userspace/libtommath/bn_mp_is_square.c index 50c524444ec..50c524444ec 100644 --- a/libtommath/bn_mp_is_square.c +++ b/crypto/userspace/libtommath/bn_mp_is_square.c diff --git a/libtommath/bn_mp_jacobi.c b/crypto/userspace/libtommath/bn_mp_jacobi.c index 91cfeeade4c..91cfeeade4c 100644 --- a/libtommath/bn_mp_jacobi.c +++ b/crypto/userspace/libtommath/bn_mp_jacobi.c diff --git a/libtommath/bn_mp_karatsuba_mul.c b/crypto/userspace/libtommath/bn_mp_karatsuba_mul.c index 8ea2c2792a9..8ea2c2792a9 100644 --- a/libtommath/bn_mp_karatsuba_mul.c +++ b/crypto/userspace/libtommath/bn_mp_karatsuba_mul.c diff --git a/libtommath/bn_mp_karatsuba_sqr.c b/crypto/userspace/libtommath/bn_mp_karatsuba_sqr.c index a5e198be12f..a5e198be12f 100644 --- a/libtommath/bn_mp_karatsuba_sqr.c +++ b/crypto/userspace/libtommath/bn_mp_karatsuba_sqr.c diff --git a/libtommath/bn_mp_lcm.c b/crypto/userspace/libtommath/bn_mp_lcm.c index 781eef5659e..781eef5659e 100644 --- a/libtommath/bn_mp_lcm.c +++ b/crypto/userspace/libtommath/bn_mp_lcm.c diff --git a/libtommath/bn_mp_lshd.c b/crypto/userspace/libtommath/bn_mp_lshd.c index f118cf1ae56..f118cf1ae56 100644 --- a/libtommath/bn_mp_lshd.c +++ b/crypto/userspace/libtommath/bn_mp_lshd.c diff --git a/libtommath/bn_mp_mod.c b/crypto/userspace/libtommath/bn_mp_mod.c index f5cf8d09f2d..f5cf8d09f2d 100644 --- a/libtommath/bn_mp_mod.c +++ b/crypto/userspace/libtommath/bn_mp_mod.c diff --git a/libtommath/bn_mp_mod_2d.c b/crypto/userspace/libtommath/bn_mp_mod_2d.c index e194a068702..e194a068702 100644 --- a/libtommath/bn_mp_mod_2d.c +++ b/crypto/userspace/libtommath/bn_mp_mod_2d.c diff --git a/libtommath/bn_mp_mod_d.c b/crypto/userspace/libtommath/bn_mp_mod_d.c index 9ca37e67327..9ca37e67327 100644 --- a/libtommath/bn_mp_mod_d.c +++ b/crypto/userspace/libtommath/bn_mp_mod_d.c diff --git a/libtommath/bn_mp_montgomery_calc_normalization.c b/crypto/userspace/libtommath/bn_mp_montgomery_calc_normalization.c index c669fe0ec3a..c669fe0ec3a 100644 --- a/libtommath/bn_mp_montgomery_calc_normalization.c +++ b/crypto/userspace/libtommath/bn_mp_montgomery_calc_normalization.c diff --git a/libtommath/bn_mp_montgomery_reduce.c b/crypto/userspace/libtommath/bn_mp_montgomery_reduce.c index b76509051be..b76509051be 100644 --- a/libtommath/bn_mp_montgomery_reduce.c +++ b/crypto/userspace/libtommath/bn_mp_montgomery_reduce.c diff --git a/libtommath/bn_mp_montgomery_setup.c b/crypto/userspace/libtommath/bn_mp_montgomery_setup.c index f08274936ed..f08274936ed 100644 --- a/libtommath/bn_mp_montgomery_setup.c +++ b/crypto/userspace/libtommath/bn_mp_montgomery_setup.c diff --git a/libtommath/bn_mp_mul.c b/crypto/userspace/libtommath/bn_mp_mul.c index 8b1117a63ba..8b1117a63ba 100644 --- a/libtommath/bn_mp_mul.c +++ b/crypto/userspace/libtommath/bn_mp_mul.c diff --git a/libtommath/bn_mp_mul_2.c b/crypto/userspace/libtommath/bn_mp_mul_2.c index 02455fc35d4..02455fc35d4 100644 --- a/libtommath/bn_mp_mul_2.c +++ b/crypto/userspace/libtommath/bn_mp_mul_2.c diff --git a/libtommath/bn_mp_mul_2d.c b/crypto/userspace/libtommath/bn_mp_mul_2d.c index efeff2e7518..efeff2e7518 100644 --- a/libtommath/bn_mp_mul_2d.c +++ b/crypto/userspace/libtommath/bn_mp_mul_2d.c diff --git a/libtommath/bn_mp_mul_d.c b/crypto/userspace/libtommath/bn_mp_mul_d.c index 00f9a899ef4..00f9a899ef4 100644 --- a/libtommath/bn_mp_mul_d.c +++ b/crypto/userspace/libtommath/bn_mp_mul_d.c diff --git a/libtommath/bn_mp_mulmod.c b/crypto/userspace/libtommath/bn_mp_mulmod.c index 003ceb9b97e..003ceb9b97e 100644 --- a/libtommath/bn_mp_mulmod.c +++ b/crypto/userspace/libtommath/bn_mp_mulmod.c diff --git a/libtommath/bn_mp_n_root.c b/crypto/userspace/libtommath/bn_mp_n_root.c index 0e7bedca72c..0e7bedca72c 100644 --- a/libtommath/bn_mp_n_root.c +++ b/crypto/userspace/libtommath/bn_mp_n_root.c diff --git a/libtommath/bn_mp_neg.c b/crypto/userspace/libtommath/bn_mp_neg.c index a7d035ab6dd..a7d035ab6dd 100644 --- a/libtommath/bn_mp_neg.c +++ b/crypto/userspace/libtommath/bn_mp_neg.c diff --git a/libtommath/bn_mp_or.c b/crypto/userspace/libtommath/bn_mp_or.c index bff49954896..bff49954896 100644 --- a/libtommath/bn_mp_or.c +++ b/crypto/userspace/libtommath/bn_mp_or.c diff --git a/libtommath/bn_mp_prime_fermat.c b/crypto/userspace/libtommath/bn_mp_prime_fermat.c index c23d77f6de7..c23d77f6de7 100644 --- a/libtommath/bn_mp_prime_fermat.c +++ b/crypto/userspace/libtommath/bn_mp_prime_fermat.c diff --git a/libtommath/bn_mp_prime_is_divisible.c b/crypto/userspace/libtommath/bn_mp_prime_is_divisible.c index 8e7871c2c65..8e7871c2c65 100644 --- a/libtommath/bn_mp_prime_is_divisible.c +++ b/crypto/userspace/libtommath/bn_mp_prime_is_divisible.c diff --git a/libtommath/bn_mp_prime_is_prime.c b/crypto/userspace/libtommath/bn_mp_prime_is_prime.c index c316d621090..c316d621090 100644 --- a/libtommath/bn_mp_prime_is_prime.c +++ b/crypto/userspace/libtommath/bn_mp_prime_is_prime.c diff --git a/libtommath/bn_mp_prime_miller_rabin.c b/crypto/userspace/libtommath/bn_mp_prime_miller_rabin.c index ddf03582ac4..ddf03582ac4 100644 --- a/libtommath/bn_mp_prime_miller_rabin.c +++ b/crypto/userspace/libtommath/bn_mp_prime_miller_rabin.c diff --git a/libtommath/bn_mp_prime_next_prime.c b/crypto/userspace/libtommath/bn_mp_prime_next_prime.c index bc31cc72086..bc31cc72086 100644 --- a/libtommath/bn_mp_prime_next_prime.c +++ b/crypto/userspace/libtommath/bn_mp_prime_next_prime.c diff --git a/libtommath/bn_mp_prime_rabin_miller_trials.c b/crypto/userspace/libtommath/bn_mp_prime_rabin_miller_trials.c index 248c2fd2e6e..248c2fd2e6e 100644 --- a/libtommath/bn_mp_prime_rabin_miller_trials.c +++ b/crypto/userspace/libtommath/bn_mp_prime_rabin_miller_trials.c diff --git a/libtommath/bn_mp_prime_random_ex.c b/crypto/userspace/libtommath/bn_mp_prime_random_ex.c index 07aae4b072e..07aae4b072e 100644 --- a/libtommath/bn_mp_prime_random_ex.c +++ b/crypto/userspace/libtommath/bn_mp_prime_random_ex.c diff --git a/libtommath/bn_mp_radix_size.c b/crypto/userspace/libtommath/bn_mp_radix_size.c index 1b61e3a1be9..1b61e3a1be9 100644 --- a/libtommath/bn_mp_radix_size.c +++ b/crypto/userspace/libtommath/bn_mp_radix_size.c diff --git a/libtommath/bn_mp_radix_smap.c b/crypto/userspace/libtommath/bn_mp_radix_smap.c index 7d72feb84e6..7d72feb84e6 100644 --- a/libtommath/bn_mp_radix_smap.c +++ b/crypto/userspace/libtommath/bn_mp_radix_smap.c diff --git a/libtommath/bn_mp_rand.c b/crypto/userspace/libtommath/bn_mp_rand.c index af66a67eea1..af66a67eea1 100644 --- a/libtommath/bn_mp_rand.c +++ b/crypto/userspace/libtommath/bn_mp_rand.c diff --git a/libtommath/bn_mp_read_radix.c b/crypto/userspace/libtommath/bn_mp_read_radix.c index 91c46c22f74..91c46c22f74 100644 --- a/libtommath/bn_mp_read_radix.c +++ b/crypto/userspace/libtommath/bn_mp_read_radix.c diff --git a/libtommath/bn_mp_read_signed_bin.c b/crypto/userspace/libtommath/bn_mp_read_signed_bin.c index 8da651ce30f..8da651ce30f 100644 --- a/libtommath/bn_mp_read_signed_bin.c +++ b/crypto/userspace/libtommath/bn_mp_read_signed_bin.c diff --git a/libtommath/bn_mp_read_unsigned_bin.c b/crypto/userspace/libtommath/bn_mp_read_unsigned_bin.c index 1ebba13a02c..1ebba13a02c 100644 --- a/libtommath/bn_mp_read_unsigned_bin.c +++ b/crypto/userspace/libtommath/bn_mp_read_unsigned_bin.c diff --git a/libtommath/bn_mp_reduce.c b/crypto/userspace/libtommath/bn_mp_reduce.c index 21d07309058..21d07309058 100644 --- a/libtommath/bn_mp_reduce.c +++ b/crypto/userspace/libtommath/bn_mp_reduce.c diff --git a/libtommath/bn_mp_reduce_2k.c b/crypto/userspace/libtommath/bn_mp_reduce_2k.c index d9620c221c2..d9620c221c2 100644 --- a/libtommath/bn_mp_reduce_2k.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_2k.c diff --git a/libtommath/bn_mp_reduce_2k_l.c b/crypto/userspace/libtommath/bn_mp_reduce_2k_l.c index f06103d6a67..f06103d6a67 100644 --- a/libtommath/bn_mp_reduce_2k_l.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_2k_l.c diff --git a/libtommath/bn_mp_reduce_2k_setup.c b/crypto/userspace/libtommath/bn_mp_reduce_2k_setup.c index a80e7a22f22..a80e7a22f22 100644 --- a/libtommath/bn_mp_reduce_2k_setup.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_2k_setup.c diff --git a/libtommath/bn_mp_reduce_2k_setup_l.c b/crypto/userspace/libtommath/bn_mp_reduce_2k_setup_l.c index 7cf002e8885..7cf002e8885 100644 --- a/libtommath/bn_mp_reduce_2k_setup_l.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_2k_setup_l.c diff --git a/libtommath/bn_mp_reduce_is_2k.c b/crypto/userspace/libtommath/bn_mp_reduce_is_2k.c index 7308be73e2b..7308be73e2b 100644 --- a/libtommath/bn_mp_reduce_is_2k.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_is_2k.c diff --git a/libtommath/bn_mp_reduce_is_2k_l.c b/crypto/userspace/libtommath/bn_mp_reduce_is_2k_l.c index 14a4d218461..14a4d218461 100644 --- a/libtommath/bn_mp_reduce_is_2k_l.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_is_2k_l.c diff --git a/libtommath/bn_mp_reduce_setup.c b/crypto/userspace/libtommath/bn_mp_reduce_setup.c index 370f20bb17c..370f20bb17c 100644 --- a/libtommath/bn_mp_reduce_setup.c +++ b/crypto/userspace/libtommath/bn_mp_reduce_setup.c diff --git a/libtommath/bn_mp_rshd.c b/crypto/userspace/libtommath/bn_mp_rshd.c index 2a693c5a5b3..2a693c5a5b3 100644 --- a/libtommath/bn_mp_rshd.c +++ b/crypto/userspace/libtommath/bn_mp_rshd.c diff --git a/libtommath/bn_mp_set.c b/crypto/userspace/libtommath/bn_mp_set.c index 174adcbc6d6..174adcbc6d6 100644 --- a/libtommath/bn_mp_set.c +++ b/crypto/userspace/libtommath/bn_mp_set.c diff --git a/libtommath/bn_mp_set_int.c b/crypto/userspace/libtommath/bn_mp_set_int.c index cf10ea1a448..cf10ea1a448 100644 --- a/libtommath/bn_mp_set_int.c +++ b/crypto/userspace/libtommath/bn_mp_set_int.c diff --git a/libtommath/bn_mp_shrink.c b/crypto/userspace/libtommath/bn_mp_shrink.c index 4b8c5ef11ad..4b8c5ef11ad 100644 --- a/libtommath/bn_mp_shrink.c +++ b/crypto/userspace/libtommath/bn_mp_shrink.c diff --git a/libtommath/bn_mp_signed_bin_size.c b/crypto/userspace/libtommath/bn_mp_signed_bin_size.c index 6739d19e2bc..6739d19e2bc 100644 --- a/libtommath/bn_mp_signed_bin_size.c +++ b/crypto/userspace/libtommath/bn_mp_signed_bin_size.c diff --git a/libtommath/bn_mp_sqr.c b/crypto/userspace/libtommath/bn_mp_sqr.c index 868ccbbaef5..868ccbbaef5 100644 --- a/libtommath/bn_mp_sqr.c +++ b/crypto/userspace/libtommath/bn_mp_sqr.c diff --git a/libtommath/bn_mp_sqrmod.c b/crypto/userspace/libtommath/bn_mp_sqrmod.c index 161cbbb30dd..161cbbb30dd 100644 --- a/libtommath/bn_mp_sqrmod.c +++ b/crypto/userspace/libtommath/bn_mp_sqrmod.c diff --git a/libtommath/bn_mp_sqrt.c b/crypto/userspace/libtommath/bn_mp_sqrt.c index 8fd057ceedb..8fd057ceedb 100644 --- a/libtommath/bn_mp_sqrt.c +++ b/crypto/userspace/libtommath/bn_mp_sqrt.c diff --git a/libtommath/bn_mp_sub.c b/crypto/userspace/libtommath/bn_mp_sub.c index f5015cce45e..f5015cce45e 100644 --- a/libtommath/bn_mp_sub.c +++ b/crypto/userspace/libtommath/bn_mp_sub.c diff --git a/libtommath/bn_mp_sub_d.c b/crypto/userspace/libtommath/bn_mp_sub_d.c index 06cdca636d9..06cdca636d9 100644 --- a/libtommath/bn_mp_sub_d.c +++ b/crypto/userspace/libtommath/bn_mp_sub_d.c diff --git a/libtommath/bn_mp_submod.c b/crypto/userspace/libtommath/bn_mp_submod.c index 869e23cded5..869e23cded5 100644 --- a/libtommath/bn_mp_submod.c +++ b/crypto/userspace/libtommath/bn_mp_submod.c diff --git a/libtommath/bn_mp_to_signed_bin.c b/crypto/userspace/libtommath/bn_mp_to_signed_bin.c index 9df83ca5266..9df83ca5266 100644 --- a/libtommath/bn_mp_to_signed_bin.c +++ b/crypto/userspace/libtommath/bn_mp_to_signed_bin.c diff --git a/libtommath/bn_mp_to_signed_bin_n.c b/crypto/userspace/libtommath/bn_mp_to_signed_bin_n.c index 677f827d4f4..677f827d4f4 100644 --- a/libtommath/bn_mp_to_signed_bin_n.c +++ b/crypto/userspace/libtommath/bn_mp_to_signed_bin_n.c diff --git a/libtommath/bn_mp_to_unsigned_bin.c b/crypto/userspace/libtommath/bn_mp_to_unsigned_bin.c index c137f104ac7..c137f104ac7 100644 --- a/libtommath/bn_mp_to_unsigned_bin.c +++ b/crypto/userspace/libtommath/bn_mp_to_unsigned_bin.c diff --git a/libtommath/bn_mp_to_unsigned_bin_n.c b/crypto/userspace/libtommath/bn_mp_to_unsigned_bin_n.c index 0dc00c623d3..0dc00c623d3 100644 --- a/libtommath/bn_mp_to_unsigned_bin_n.c +++ b/crypto/userspace/libtommath/bn_mp_to_unsigned_bin_n.c diff --git a/libtommath/bn_mp_toom_mul.c b/crypto/userspace/libtommath/bn_mp_toom_mul.c index ad5d9e9b649..ad5d9e9b649 100644 --- a/libtommath/bn_mp_toom_mul.c +++ b/crypto/userspace/libtommath/bn_mp_toom_mul.c diff --git a/libtommath/bn_mp_toom_sqr.c b/crypto/userspace/libtommath/bn_mp_toom_sqr.c index 48880d0350c..48880d0350c 100644 --- a/libtommath/bn_mp_toom_sqr.c +++ b/crypto/userspace/libtommath/bn_mp_toom_sqr.c diff --git a/libtommath/bn_mp_toradix.c b/crypto/userspace/libtommath/bn_mp_toradix.c index 0adc28d2fdb..0adc28d2fdb 100644 --- a/libtommath/bn_mp_toradix.c +++ b/crypto/userspace/libtommath/bn_mp_toradix.c diff --git a/libtommath/bn_mp_toradix_n.c b/crypto/userspace/libtommath/bn_mp_toradix_n.c index 796ed55c65e..796ed55c65e 100644 --- a/libtommath/bn_mp_toradix_n.c +++ b/crypto/userspace/libtommath/bn_mp_toradix_n.c diff --git a/libtommath/bn_mp_unsigned_bin_size.c b/crypto/userspace/libtommath/bn_mp_unsigned_bin_size.c index 6dc3bd5fc1b..6dc3bd5fc1b 100644 --- a/libtommath/bn_mp_unsigned_bin_size.c +++ b/crypto/userspace/libtommath/bn_mp_unsigned_bin_size.c diff --git a/libtommath/bn_mp_xor.c b/crypto/userspace/libtommath/bn_mp_xor.c index 59ff2e18320..59ff2e18320 100644 --- a/libtommath/bn_mp_xor.c +++ b/crypto/userspace/libtommath/bn_mp_xor.c diff --git a/libtommath/bn_mp_zero.c b/crypto/userspace/libtommath/bn_mp_zero.c index b0977d44316..b0977d44316 100644 --- a/libtommath/bn_mp_zero.c +++ b/crypto/userspace/libtommath/bn_mp_zero.c diff --git a/libtommath/bn_prime_tab.c b/crypto/userspace/libtommath/bn_prime_tab.c index bd252477ec6..bd252477ec6 100644 --- a/libtommath/bn_prime_tab.c +++ b/crypto/userspace/libtommath/bn_prime_tab.c diff --git a/libtommath/bn_reverse.c b/crypto/userspace/libtommath/bn_reverse.c index ddfa827a09f..ddfa827a09f 100644 --- a/libtommath/bn_reverse.c +++ b/crypto/userspace/libtommath/bn_reverse.c diff --git a/libtommath/bn_s_mp_add.c b/crypto/userspace/libtommath/bn_s_mp_add.c index f034ae62aad..f034ae62aad 100644 --- a/libtommath/bn_s_mp_add.c +++ b/crypto/userspace/libtommath/bn_s_mp_add.c diff --git a/libtommath/bn_s_mp_exptmod.c b/crypto/userspace/libtommath/bn_s_mp_exptmod.c index 097d894702b..097d894702b 100644 --- a/libtommath/bn_s_mp_exptmod.c +++ b/crypto/userspace/libtommath/bn_s_mp_exptmod.c diff --git a/libtommath/bn_s_mp_mul_digs.c b/crypto/userspace/libtommath/bn_s_mp_mul_digs.c index f5bbf39ce24..f5bbf39ce24 100644 --- a/libtommath/bn_s_mp_mul_digs.c +++ b/crypto/userspace/libtommath/bn_s_mp_mul_digs.c diff --git a/libtommath/bn_s_mp_mul_high_digs.c b/crypto/userspace/libtommath/bn_s_mp_mul_high_digs.c index 2b718f23ccf..2b718f23ccf 100644 --- a/libtommath/bn_s_mp_mul_high_digs.c +++ b/crypto/userspace/libtommath/bn_s_mp_mul_high_digs.c diff --git a/libtommath/bn_s_mp_sqr.c b/crypto/userspace/libtommath/bn_s_mp_sqr.c index d2531c29255..d2531c29255 100644 --- a/libtommath/bn_s_mp_sqr.c +++ b/crypto/userspace/libtommath/bn_s_mp_sqr.c diff --git a/libtommath/bn_s_mp_sub.c b/crypto/userspace/libtommath/bn_s_mp_sub.c index 6a60c3932c4..6a60c3932c4 100644 --- a/libtommath/bn_s_mp_sub.c +++ b/crypto/userspace/libtommath/bn_s_mp_sub.c diff --git a/libtommath/bncore.c b/crypto/userspace/libtommath/bncore.c index 8fb1824c6f5..8fb1824c6f5 100644 --- a/libtommath/bncore.c +++ b/crypto/userspace/libtommath/bncore.c diff --git a/libtommath/changes.txt b/crypto/userspace/libtommath/changes.txt index b0da4da4f91..b0da4da4f91 100644 --- a/libtommath/changes.txt +++ b/crypto/userspace/libtommath/changes.txt diff --git a/libtommath/pretty.build b/crypto/userspace/libtommath/pretty.build index a708b8af221..a708b8af221 100644 --- a/libtommath/pretty.build +++ b/crypto/userspace/libtommath/pretty.build diff --git a/libtommath/tommath.h b/crypto/userspace/libtommath/tommath.h index 31ded829977..31ded829977 100644 --- a/libtommath/tommath.h +++ b/crypto/userspace/libtommath/tommath.h diff --git a/libtommath/tommath_class.h b/crypto/userspace/libtommath/tommath_class.h index 166dd80e5ea..166dd80e5ea 100644 --- a/libtommath/tommath_class.h +++ b/crypto/userspace/libtommath/tommath_class.h diff --git a/libtommath/tommath_superclass.h b/crypto/userspace/libtommath/tommath_superclass.h index 2fdebe6838f..2fdebe6838f 100644 --- a/libtommath/tommath_superclass.h +++ b/crypto/userspace/libtommath/tommath_superclass.h diff --git a/ncr-dh.c b/crypto/userspace/ncr-dh.c index bc45723fe3e..bc45723fe3e 100644 --- a/ncr-dh.c +++ b/crypto/userspace/ncr-dh.c diff --git a/ncr-dh.h b/crypto/userspace/ncr-dh.h index 183f7909154..183f7909154 100644 --- a/ncr-dh.h +++ b/crypto/userspace/ncr-dh.h diff --git a/ncr-int.h b/crypto/userspace/ncr-int.h index 87964b08065..87964b08065 100644 --- a/ncr-int.h +++ b/crypto/userspace/ncr-int.h diff --git a/ncr-key-storage.c b/crypto/userspace/ncr-key-storage.c index 9afa2dc0411..9afa2dc0411 100644 --- a/ncr-key-storage.c +++ b/crypto/userspace/ncr-key-storage.c diff --git a/ncr-key-wrap.c b/crypto/userspace/ncr-key-wrap.c index 7ea70cfc847..7ea70cfc847 100644 --- a/ncr-key-wrap.c +++ b/crypto/userspace/ncr-key-wrap.c diff --git a/ncr-key.c b/crypto/userspace/ncr-key.c index 406e03299c3..406e03299c3 100644 --- a/ncr-key.c +++ b/crypto/userspace/ncr-key.c diff --git a/ncr-limits.c b/crypto/userspace/ncr-limits.c index 0c12824a211..0c12824a211 100644 --- a/ncr-limits.c +++ b/crypto/userspace/ncr-limits.c diff --git a/ncr-pk.c b/crypto/userspace/ncr-pk.c index 9b9078efe38..9b9078efe38 100644 --- a/ncr-pk.c +++ b/crypto/userspace/ncr-pk.c diff --git a/ncr-pk.h b/crypto/userspace/ncr-pk.h index fb9aba5b5ee..fb9aba5b5ee 100644 --- a/ncr-pk.h +++ b/crypto/userspace/ncr-pk.h diff --git a/ncr-sessions.c b/crypto/userspace/ncr-sessions.c index c65db2f751e..c65db2f751e 100644 --- a/ncr-sessions.c +++ b/crypto/userspace/ncr-sessions.c diff --git a/ncr.c b/crypto/userspace/ncr.c index 55b40ef6d24..55b40ef6d24 100644 --- a/ncr.c +++ b/crypto/userspace/ncr.c diff --git a/examples/Makefile b/examples/Makefile deleted file mode 100644 index 9911100263e..00000000000 --- a/examples/Makefile +++ /dev/null @@ -1,23 +0,0 @@ -CC = gcc -CFLAGS = -Wall -g -O2 - -progs := ncr pk speed - -all: $(progs) - -speed: speed.c - $(CC) $(CFLAGS) $< -o $@ - -ncr: ncr.c - $(CC) $(CFLAGS) $< -o $@ - -pk: pk.c - $(CC) $(CFLAGS) $< -o $@ -L/usr/local/lib -lgnutls - -check: $(progs) - ./ncr - ./pk - ./speed - -clean: - rm -f *.o *~ $(progs) diff --git a/examples/ncr.c b/examples/ncr.c deleted file mode 100644 index 9691fea5dc1..00000000000 --- a/examples/ncr.c +++ /dev/null @@ -1,1645 +0,0 @@ -/* - * Demo on how to use /dev/crypto device for HMAC. - * - * Placed under public domain. - * - */ -#include <stdint.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <fcntl.h> -#include <time.h> -#include <sys/ioctl.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/socket.h> -#include <linux/netlink.h> -#include "../ncr.h" -#include <stdlib.h> - -#define DATA_SIZE 4096 - -#define ALIGN_NL __attribute__((aligned(NLA_ALIGNTO))) - -#define ALG_AES_CBC "cbc(aes)" -#define ALG_AES_ECB "ecb(aes)" - -static void randomize_data(uint8_t * data, size_t data_size) -{ -int i; - - srand(time(0)*getpid()); - for (i=0;i<data_size;i++) { - data[i] = rand() & 0xff; - } -} - -#define KEY_DATA_SIZE 16 -#define WRAPPED_KEY_DATA_SIZE 32 -static int -test_ncr_key(int cfd) -{ - struct __attribute__((packed)) { - struct ncr_key_generate f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr bits_head ALIGN_NL; - uint32_t bits ALIGN_NL; - } kgen; - struct __attribute__((packed)) { - struct ncr_key_get_info f; - /* This union is only here to stop gcc from complaining about - aliasing. */ - union { - unsigned char __reserve[DATA_SIZE]; - struct nlattr first_header; - } u ALIGN_NL; - } kinfo; - struct nlattr *nla; - ncr_key_t key; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - struct ncr_key_export kexport; - uint8_t data[KEY_DATA_SIZE]; - uint8_t data_bak[KEY_DATA_SIZE]; - uint16_t *attr_p; - int got_algo, got_flags, got_type; - - fprintf(stdout, "Tests on Keys:\n"); - - /* test 1: generate a key in userspace import it - * to kernel via data and export it. - */ - - fprintf(stdout, "\tKey generation...\n"); - - randomize_data(data, sizeof(data)); - memcpy(data_bak, data, sizeof(data)); - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = data; - kimport.f.data_size = sizeof(data); - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* now try to read it */ - fprintf(stdout, "\tKey export...\n"); - - memset(&kexport, 0, sizeof(kexport)); - kexport.key = key; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - if (ioctl(cfd, NCRIO_KEY_EXPORT, &kexport) != sizeof(data)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - if (memcmp(data, data_bak, sizeof(data))!=0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "data returned but differ!\n"); - return 1; - } - - if (ioctl(cfd, NCRIO_KEY_DEINIT, &key)) { - perror("ioctl(NCRIO_KEY_DEINIT)"); - return 1; - } - - /* finished, we keep data for next test */ - - /* test 2: generate a key in kernel space and - * export it. - */ - - fprintf(stdout, "\tKey import...\n"); - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.input_size = sizeof(kgen); - kgen.f.key = key; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_AES_CBC); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE; - kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); - kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; - kgen.bits = 128; /* 16 bytes */ - - if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE)"); - return 1; - } - - memset(data, 0, sizeof(data)); - - memset(&kexport, 0, sizeof(kexport)); - kexport.key = key; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - if (ioctl(cfd, NCRIO_KEY_EXPORT, &kexport) != sizeof(data)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - if (data[0] == 0 && data[1] == 0 && data[2] == 0 && data[4] == 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "Generated key: %.2x.%.2x.%.2x.%.2x.%.2x.%.2x.%.2x.%.2x." - "%.2x.%.2x.%.2x.%.2x.%.2x.%.2x.%.2x.%.2x\n", data[0], data[1], - data[2], data[3], data[4], data[5], data[6], data[7], data[8], - data[9], data[10], data[11], data[12], data[13], data[14], - data[15]); - return 1; - } - - memset(&kinfo.f, 0, sizeof(kinfo.f)); - kinfo.f.output_size = sizeof(kinfo); - kinfo.f.key = key; - nla = &kinfo.u.first_header; - nla->nla_type = NCR_ATTR_WANTED_ATTRS; - attr_p = (uint16_t *)((char *)nla + NLA_HDRLEN); - *attr_p++ = NCR_ATTR_ALGORITHM; - *attr_p++ = NCR_ATTR_KEY_FLAGS; - *attr_p++ = NCR_ATTR_KEY_TYPE; - nla->nla_len = (char *)attr_p - (char *)nla; - kinfo.f.input_size = (char *)attr_p - (char *)&kinfo; - - if (ioctl(cfd, NCRIO_KEY_GET_INFO, &kinfo)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GET_INFO)"); - return 1; - } - - got_algo = got_flags = got_type = 0; - if (kinfo.f.output_size < - (char *)&kinfo.u.first_header - (char *)&kinfo) { - fprintf(stderr, "No nlattr returned\n"); - return 1; - } - nla = &kinfo.u.first_header; - for (;;) { - void *data; - - if (nla->nla_len > - kinfo.f.output_size - ((char *)nla - (char *)&kinfo)) { - fprintf(stderr, "Attributes overflow\n"); - return 1; - } - data = (char *)nla + NLA_HDRLEN; - switch (nla->nla_type) { - case NCR_ATTR_ALGORITHM: - if (nla->nla_len < NLA_HDRLEN + 1) { - fprintf(stderr, "Attribute too small\n"); - return 1; - } - if (((char *)data)[nla->nla_len - NLA_HDRLEN - 1] - != 0) { - fprintf(stderr, "NUL missing\n"); - return 1; - } - if (strcmp(data, ALG_AES_CBC) != 0) { - fprintf(stderr, "Unexpected algorithm\n"); - return 1; - } - got_algo++; - break; - case NCR_ATTR_KEY_FLAGS: - if (nla->nla_len < NLA_HDRLEN + sizeof(uint32_t)) { - fprintf(stderr, "Attribute too small\n"); - return 1; - } - if (*(uint32_t *)data != NCR_KEY_FLAG_EXPORTABLE) { - fprintf(stderr, "Unexpected key flags\n"); - return 1; - } - got_flags++; - break; - case NCR_ATTR_KEY_TYPE: - if (nla->nla_len < NLA_HDRLEN + sizeof(uint32_t)) { - fprintf(stderr, "Attribute too small\n"); - return 1; - } - if (*(uint32_t *)data != NCR_KEY_TYPE_SECRET) { - fprintf(stderr, "Unexpected key type\n"); - return 1; - } - got_type++; - break; - } - - if (NLA_ALIGN(nla->nla_len) + NLA_HDRLEN > - kinfo.f.output_size - ((char *)nla - (char *)&kinfo)) - break; - nla = (struct nlattr *)((char *)nla + NLA_ALIGN(nla->nla_len)); - } - if (got_algo != 1 || got_flags != 1 || got_type != 1) { - fprintf(stderr, "Unexpected attrs - %d, %d, %d\n", got_algo, - got_flags, got_type); - return 1; - } - - if (ioctl(cfd, NCRIO_KEY_DEINIT, &key)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_DEINIT)"); - return 1; - } - - /* test 3: generate an unexportable key in kernel space and - * try to export it. - */ - fprintf(stdout, "\tKey protection of non-exportable keys...\n"); - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.input_size = sizeof(kgen); - kgen.f.key = key; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_AES_CBC); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = 0; - kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; - kgen.bits = 128; /* 16 bytes */ - - if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { - perror("ioctl(NCRIO_KEY_GENERATE)"); - return 1; - } - - memset(data, 0, sizeof(data)); - - memset(&kexport, 0, sizeof(kexport)); - kexport.key = key; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - /* try to get the output data - should fail */ - - if (ioctl(cfd, NCRIO_KEY_EXPORT, &kexport) >= 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "Data were exported, but shouldn't be!\n"); - return 1; - } - - if (ioctl(cfd, NCRIO_KEY_DEINIT, &key)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_DEINIT)"); - return 1; - } - - return 0; -} - - - -/* Key wrapping */ -static int -test_ncr_wrap_key(int cfd) -{ - int i, ret; - ncr_key_t key, key2; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - struct __attribute__((packed)) { - struct ncr_key_wrap f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL; - } kwrap; - struct __attribute__((packed)) { - struct ncr_key_unwrap f; - struct nlattr wrap_algo_head ALIGN_NL; - char wrap_algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kunwrap; - uint8_t data[WRAPPED_KEY_DATA_SIZE]; - int data_size; - - fprintf(stdout, "Tests on Keys:\n"); - - /* test 1: generate a key in userspace import it - * to kernel via data and export it. - */ - - fprintf(stdout, "\tKey Wrap test...\n"); - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPING|NCR_KEY_FLAG_UNWRAPPING; - - ret = ioctl(cfd, NCRIO_KEY_IMPORT, &kimport); - if (geteuid() == 0 && ret) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - if (geteuid() != 0) { - /* cannot test further */ - fprintf(stdout, "\t(Wrapping test not completed. Run as root)\n"); - return 0; - } - - /* convert it to key */ - key2 = ioctl(cfd, NCRIO_KEY_INIT); - if (key2 == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key2; -#define DKEY "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" - kimport.f.data = DKEY; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'b'; - kimport.id[1] = 'a'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* now try wrapping key2 using key */ - memset(&kwrap.f, 0, sizeof(kwrap.f)); - kwrap.f.input_size = sizeof(kwrap); - kwrap.f.wrapping_key = key; - kwrap.f.source_key = key2; - kwrap.f.buffer = data; - kwrap.f.buffer_size = sizeof(data); - kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo); - kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kwrap.algo, NCR_WALG_AES_RFC3394); - - data_size = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_WRAP)"); - return 1; - } - - if (data_size != 24 || memcmp(data, - "\x1F\xA6\x8B\x0A\x81\x12\xB4\x47\xAE\xF3\x4B\xD8\xFB\x5A\x7B\x82\x9D\x3E\x86\x23\x71\xD2\xCF\xE5", 24) != 0) { - fprintf(stderr, "Wrapped data do not match.\n"); - - fprintf(stderr, "Data[%d]: ",(int) data_size); - for(i=0;i<data_size;i++) - fprintf(stderr, "%.2x:", data[i]); - fprintf(stderr, "\n"); - return 1; - } - - /* test unwrapping */ - fprintf(stdout, "\tKey Unwrap test...\n"); - - /* reset key2 */ - if (ioctl(cfd, NCRIO_KEY_DEINIT, &key2)) { - perror("ioctl(NCRIO_KEY_DEINIT)"); - return 1; - } - - key2 = ioctl(cfd, NCRIO_KEY_INIT); - if (key2 == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kunwrap.f, 0, sizeof(kunwrap.f)); - kunwrap.f.input_size = sizeof(kunwrap); - kunwrap.f.wrapping_key = key; - kunwrap.f.dest_key = key2; - kunwrap.f.data = data; - kunwrap.f.data_size = data_size; - kunwrap.wrap_algo_head.nla_len = NLA_HDRLEN + sizeof(kunwrap.wrap_algo); - kunwrap.wrap_algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kunwrap.wrap_algo, NCR_WALG_AES_RFC3394); - kunwrap.flags_head.nla_len = NLA_HDRLEN + sizeof(kunwrap.flags); - kunwrap.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kunwrap.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - - if (ioctl(cfd, NCRIO_KEY_UNWRAP, &kunwrap)) { - perror("ioctl(NCRIO_KEY_UNWRAP)"); - return 1; - } - - /* now export the unwrapped */ -#if 0 - /* this cannot be performed like that, because unwrap - * always sets keys as unexportable. Maybe we can implement - * a data comparison ioctl(). - */ - memset(&keydata, 0, sizeof(keydata)); - keydata.key = key2; - keydata.data = kdata.desc; - - if (ioctl(cfd, NCRIO_KEY_EXPORT, &keydata)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - if (ioctl(cfd, NCRIO_DATA_GET, &kdata)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_DATA_GET)"); - return 1; - } - - if (kdata.data_size != 16 || memcmp(kdata.data, DKEY, 16) != 0) { - fprintf(stderr, "Unwrapped data do not match.\n"); - fprintf(stderr, "Data[%d]: ", (int) kdata.data_size); - for(i=0;i<kdata.data_size;i++) - fprintf(stderr, "%.2x:", data[i]); - fprintf(stderr, "\n"); - return 1; - } -#endif - - return 0; -} - -/* check whether wrapping of long keys is not allowed with - * shorted wrapping keys */ -static int -test_ncr_wrap_key2(int cfd) -{ - int ret; - ncr_key_t key, key2; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - struct __attribute__((packed)) { - struct ncr_key_wrap f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_WALG_AES_RFC3394)] ALIGN_NL; - } kwrap; - uint8_t data[WRAPPED_KEY_DATA_SIZE]; - - /* test 1: generate a key in userspace import it - * to kernel via data and export it. - */ - - fprintf(stdout, "\tKey Wrap test II...\n"); - - if (geteuid() != 0) { - /* cannot test further */ - fprintf(stdout, "\t(Wrapping test not completed. Run as root)\n"); - return 0; - } - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPING|NCR_KEY_FLAG_UNWRAPPING; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - - /* convert it to key */ - key2 = ioctl(cfd, NCRIO_KEY_INIT); - if (key2 == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key2; - kimport.f.data = "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF"; - kimport.f.data_size = 32; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'b'; - kimport.id[1] = 'a'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* now try wrapping key2 using key */ - memset(&kwrap.f, 0, sizeof(kwrap.f)); - kwrap.f.input_size = sizeof(kwrap); - kwrap.f.wrapping_key = key; - kwrap.f.source_key = key2; - kwrap.f.buffer = data; - kwrap.f.buffer_size = sizeof(data); - kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo); - kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kwrap.algo, NCR_WALG_AES_RFC3394); - - ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap); - if (ret >= 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - /* wrapping shouldn't have been allowed */ - return 1; - } - - return 0; -} - -static int -test_ncr_store_wrap_key(int cfd) -{ - int i; - ncr_key_t key2; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - struct ncr_key_export kexport; - struct ncr_key_storage_wrap kwrap; - struct ncr_key_storage_unwrap kunwrap; - uint8_t data[DATA_SIZE]; - int data_size; - - fprintf(stdout, "Tests on Key storage:\n"); - - /* test 1: generate a key in userspace import it - * to kernel via data and export it. - */ - - fprintf(stdout, "\tKey Storage wrap test...\n"); - - /* convert it to key */ - key2 = ioctl(cfd, NCRIO_KEY_INIT); - if (key2 == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key2; -#define DKEY "\x00\x11\x22\x33\x44\x55\x66\x77\x88\x99\xAA\xBB\xCC\xDD\xEE\xFF" - kimport.f.data = DKEY; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'b'; - kimport.id[1] = 'a'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* now try wrapping key2 using key */ - memset(&kwrap, 0, sizeof(kwrap)); - kwrap.key = key2; - kwrap.buffer = data; - kwrap.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_STORAGE_WRAP, &kwrap); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_STORAGE_WRAP)"); - return 1; - } - - /* test unwrapping */ - fprintf(stdout, "\tKey Storage Unwrap test...\n"); - - /* reset key2 */ - if (ioctl(cfd, NCRIO_KEY_DEINIT, &key2)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_DEINIT)"); - return 1; - } - - key2 = ioctl(cfd, NCRIO_KEY_INIT); - if (key2 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kunwrap, 0, sizeof(kunwrap)); - kunwrap.key = key2; - kunwrap.data = data; - kunwrap.data_size = data_size; - - if (ioctl(cfd, NCRIO_KEY_STORAGE_UNWRAP, &kunwrap)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_STORAGE_UNWRAP)"); - return 1; - } - - /* now export the unwrapped */ - memset(&kexport, 0, sizeof(kexport)); - kexport.key = key2; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (data_size != 16) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - if (memcmp(data, DKEY, 16) != 0) { - fprintf(stderr, "Unwrapped data do not match.\n"); - fprintf(stderr, "Data[%d]: ", (int) data_size); - for(i=0;i<data_size;i++) - fprintf(stderr, "%.2x:", data[i]); - fprintf(stderr, "\n"); - return 1; - } - - return 0; - -} - -struct aes_vectors_st { - const uint8_t* key; - const uint8_t* plaintext; - const uint8_t* ciphertext; -} aes_vectors[] = { - { - .key = (uint8_t*)"\xc0\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .plaintext = (uint8_t*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .ciphertext = (uint8_t*)"\x4b\xc3\xf8\x83\x45\x0c\x11\x3c\x64\xca\x42\xe1\x11\x2a\x9e\x87", - }, - { - .key = (uint8_t*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .plaintext = (uint8_t*)"\xf3\x44\x81\xec\x3c\xc6\x27\xba\xcd\x5d\xc3\xfb\x08\xf2\x73\xe6", - .ciphertext = (uint8_t*)"\x03\x36\x76\x3e\x96\x6d\x92\x59\x5a\x56\x7c\xc9\xce\x53\x7f\x5e", - }, - { - .key = (uint8_t*)"\x10\xa5\x88\x69\xd7\x4b\xe5\xa3\x74\xcf\x86\x7c\xfb\x47\x38\x59", - .plaintext = (uint8_t*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .ciphertext = (uint8_t*)"\x6d\x25\x1e\x69\x44\xb0\x51\xe0\x4e\xaa\x6f\xb4\xdb\xf7\x84\x65", - }, - { - .key = (uint8_t*)"\xca\xea\x65\xcd\xbb\x75\xe9\x16\x9e\xcd\x22\xeb\xe6\xe5\x46\x75", - .plaintext = (uint8_t*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .ciphertext = (uint8_t*)"\x6e\x29\x20\x11\x90\x15\x2d\xf4\xee\x05\x81\x39\xde\xf6\x10\xbb", - }, - { - .key = (uint8_t*)"\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xff\xfe", - .plaintext = (uint8_t*)"\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - .ciphertext = (uint8_t*)"\x9b\xa4\xa9\x14\x3f\x4e\x5d\x40\x48\x52\x1c\x4f\x88\x77\xd8\x8e", - }, -}; - -/* AES cipher */ -static int -test_ncr_aes(int cfd) -{ - ncr_key_t key; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_ECB)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - uint8_t data[KEY_DATA_SIZE]; - int i, j; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_ECB)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - } op; - size_t data_size; - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - fprintf(stdout, "Tests on AES Encryption\n"); - for (i=0;i<sizeof(aes_vectors)/sizeof(aes_vectors[0]);i++) { - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = aes_vectors[i].key; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_ECB); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* encrypt */ - memset(&op.f, 0, sizeof(op.f)); - op.f.input_size = sizeof(op); - op.f.op = NCR_OP_ENCRYPT; - op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(op.algo, ALG_AES_ECB); - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = key; - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = aes_vectors[i].plaintext; - op.input.data_size = 16; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; - op.output.buffer = data; - op.output.buffer_size = sizeof(data); - op.output.result_size_ptr = &data_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - /* verify */ - - if (data_size != 16 || memcmp(data, aes_vectors[i].ciphertext, 16) != 0) { - fprintf(stderr, "AES test vector %d failed!\n", i); - - fprintf(stderr, "Cipher[%d]: ", (int)data_size); - for(j=0;j<data_size;j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", 16); - for(j=0;j<16;j++) - fprintf(stderr, "%.2x:", (int)aes_vectors[i].ciphertext[j]); - fprintf(stderr, "\n"); - return 1; - } - } - - fprintf(stdout, "Tests on AES Decryption\n"); - for (i=0;i<sizeof(aes_vectors)/sizeof(aes_vectors[0]);i++) { - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = aes_vectors[i].key; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - /* decrypt */ - memset(&op.f, 0, sizeof(op.f)); - op.f.input_size = sizeof(op); - op.f.op = NCR_OP_DECRYPT; - op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(op.algo, ALG_AES_ECB); - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = key; - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = aes_vectors[i].ciphertext; - op.input.data_size = 16; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; - op.output.buffer = data; - op.output.buffer_size = sizeof(data); - op.output.result_size_ptr = &data_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (data_size != 16 || memcmp(data, aes_vectors[i].plaintext, 16) != 0) { - fprintf(stderr, "AES test vector %d failed!\n", i); - - fprintf(stderr, "Plain[%d]: ", (int)data_size); - for(j=0;j<data_size;j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", 16); - for(j=0;j<16;j++) - fprintf(stderr, "%.2x:", (int)aes_vectors[i].plaintext[j]); - fprintf(stderr, "\n"); - return 1; - } - } - - - fprintf(stdout, "\n"); - - return 0; - -} - -struct hash_vectors_st { - const char* algorithm; - const uint8_t* key; /* if hmac */ - int key_size; - const uint8_t* plaintext; - int plaintext_size; - const uint8_t* output; - int output_size; - ncr_crypto_op_t op; -} hash_vectors[] = { - { - .algorithm = "sha1", - .key = NULL, - .plaintext = (uint8_t*)"what do ya want for nothing?", - .plaintext_size = sizeof("what do ya want for nothing?")-1, - .output = (uint8_t*)"\x8f\x82\x03\x94\xf9\x53\x35\x18\x20\x45\xda\x24\xf3\x4d\xe5\x2b\xf8\xbc\x34\x32", - .output_size = 20, - .op = NCR_OP_SIGN, - }, - { - .algorithm = "hmac(md5)", - .key = (uint8_t*)"Jefe", - .key_size = 4, - .plaintext = (uint8_t*)"what do ya want for nothing?", - .plaintext_size = sizeof("what do ya want for nothing?")-1, - .output = (uint8_t*)"\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7\x38", - .output_size = 16, - .op = NCR_OP_SIGN, - }, - /* from rfc4231 */ - { - .algorithm = "hmac(sha224)", - .key = (uint8_t*)"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - .key_size = 20, - .plaintext = (uint8_t*)"Hi There", - .plaintext_size = sizeof("Hi There")-1, - .output = (uint8_t*)"\x89\x6f\xb1\x12\x8a\xbb\xdf\x19\x68\x32\x10\x7c\xd4\x9d\xf3\x3f\x47\xb4\xb1\x16\x99\x12\xba\x4f\x53\x68\x4b\x22", - .output_size = 28, - .op = NCR_OP_SIGN, - }, - { - .algorithm = "hmac(sha256)", - .key = (uint8_t*)"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - .key_size = 20, - .plaintext = (uint8_t*)"Hi There", - .plaintext_size = sizeof("Hi There")-1, - .output = (uint8_t*)"\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32\xcf\xf7", - .output_size = 32, - .op = NCR_OP_SIGN, - }, - { - .algorithm = "hmac(sha384)", - .key = (uint8_t*)"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - .key_size = 20, - .plaintext = (uint8_t*)"Hi There", - .plaintext_size = sizeof("Hi There")-1, - .output = (uint8_t*)"\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2\xfa\x9c\xb6", - .output_size = 48, - .op = NCR_OP_SIGN, - }, - { - .algorithm = "hmac(sha512)", - .key = (uint8_t*)"\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", - .key_size = 20, - .plaintext = (uint8_t*)"Hi There", - .plaintext_size = sizeof("Hi There")-1, - .output = (uint8_t*)"\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20\x3a\x12\x68\x54", - .output_size = 64, - .op = NCR_OP_SIGN, - }, -}; - -#define HASH_DATA_SIZE 64 - -/* SHA1 and other hashes */ -static int -test_ncr_hash(int cfd) -{ - ncr_key_t key; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } kimport; - uint8_t data[HASH_DATA_SIZE]; - int i, j; - size_t data_size; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } op; - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - fprintf(stdout, "Tests on Hashes\n"); - for (i=0;i<sizeof(hash_vectors)/sizeof(hash_vectors[0]);i++) { - size_t algo_size; - - algo_size = strlen(hash_vectors[i].algorithm) + 1; - fprintf(stdout, "\t%s:\n", hash_vectors[i].algorithm); - /* import key */ - if (hash_vectors[i].key != NULL) { - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.key = key; - kimport.f.data = hash_vectors[i].key; - kimport.f.data_size = hash_vectors[i].key_size; - kimport.id_head.nla_len - = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len - = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.flags_head.nla_len - = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - kimport.algo_head.nla_len = NLA_HDRLEN + algo_size; - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(kimport.algo, hash_vectors[i].algorithm, - algo_size); - kimport.f.input_size - = kimport.algo + algo_size - (char *)&kimport; - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - } - - memset(&op.f, 0, sizeof(op.f)); - op.f.op = hash_vectors[i].op; - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = hash_vectors[i].key != NULL ? key : NCR_KEY_INVALID; - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = hash_vectors[i].plaintext; - op.input.data_size = hash_vectors[i].plaintext_size; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - op.output.buffer = data; - op.output.buffer_size = sizeof(data); - op.output.result_size_ptr = &data_size; - op.algo_head.nla_len = NLA_HDRLEN + algo_size; - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(op.algo, hash_vectors[i].algorithm, algo_size); - op.f.input_size = op.algo + algo_size - (char *)&op; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (data_size != hash_vectors[i].output_size || - memcmp(data, hash_vectors[i].output, hash_vectors[i].output_size) != 0) { - fprintf(stderr, "HASH test vector %d failed!\n", i); - - fprintf(stderr, "Output[%d]: ", (int)data_size); - for(j=0;j<data_size;j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", hash_vectors[i].output_size); - for(j=0;j<hash_vectors[i].output_size;j++) - fprintf(stderr, "%.2x:", (int)hash_vectors[i].output[j]); - fprintf(stderr, "\n"); - return 1; - } - } - - fprintf(stdout, "\n"); - - return 0; - -} - -static int -test_ncr_hash_clone(int cfd) -{ - ncr_key_t key; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } kimport; - uint8_t data[HASH_DATA_SIZE]; - const struct hash_vectors_st *hv; - int j; - size_t data_size; - struct __attribute__((packed)) { - struct ncr_session_init f; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } kinit; - struct __attribute__((packed)) { - struct ncr_session_update f; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - } kupdate; - struct __attribute__((packed)) { - struct ncr_session_final f; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - } kfinal; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr clone_head ALIGN_NL; - uint32_t clone ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - } kclone; - ncr_session_t ses; - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - fprintf(stdout, "Tests of hash cloning\n"); - for (hv = hash_vectors; - hv < hash_vectors + sizeof(hash_vectors) / sizeof(hash_vectors[0]); - hv++) { - size_t algo_size; - - algo_size = strlen(hv->algorithm) + 1; - fprintf(stdout, "\t%s:\n", hv->algorithm); - /* import key */ - if (hv->key != NULL) { - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.key = key; - kimport.f.data = hv->key; - kimport.f.data_size = hv->key_size; - kimport.id_head.nla_len - = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len - = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.flags_head.nla_len - = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - kimport.algo_head.nla_len = NLA_HDRLEN + algo_size; - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(kimport.algo, hv->algorithm, algo_size); - kimport.f.input_size - = kimport.algo + algo_size - (char *)&kimport; - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - } - - /* Initialize a session */ - memset(&kinit.f, 0, sizeof(kinit.f)); - kinit.f.op = hv->op; - kinit.key_head.nla_len = NLA_HDRLEN + sizeof(kinit.key); - kinit.key_head.nla_type = NCR_ATTR_KEY; - kinit.key = hv->key != NULL ? key : NCR_KEY_INVALID; - kinit.algo_head.nla_len = NLA_HDRLEN + algo_size; - kinit.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(kinit.algo, hv->algorithm, algo_size); - kinit.f.input_size = kinit.algo + algo_size - (char *)&kinit; - - ses = ioctl(cfd, NCRIO_SESSION_INIT, &kinit); - if (ses < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_INIT)"); - return 1; - } - - /* Submit half of the data */ - memset(&kupdate.f, 0, sizeof(kupdate.f)); - kupdate.f.input_size = sizeof(kupdate); - kupdate.f.ses = ses; - kupdate.input_head.nla_len = NLA_HDRLEN + sizeof(kupdate.input); - kupdate.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kupdate.input.data = hv->plaintext; - kupdate.input.data_size = hv->plaintext_size / 2; - - if (ioctl(cfd, NCRIO_SESSION_UPDATE, &kupdate)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_UPDATE)"); - return 1; - } - - /* Clone a session, submit the other half, verify. */ - memset(&kclone.f, 0, sizeof(kclone.f)); - kclone.f.input_size = sizeof(kclone); - kclone.f.op = hv->op; - kclone.clone_head.nla_len = NLA_HDRLEN + sizeof(kclone.clone); - kclone.clone_head.nla_type = NCR_ATTR_SESSION_CLONE_FROM; - kclone.clone = ses; - kclone.input_head.nla_len = NLA_HDRLEN + sizeof(kclone.input); - kclone.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kclone.input.data = hv->plaintext + hv->plaintext_size / 2; - kclone.input.data_size - = hv->plaintext_size - hv->plaintext_size / 2; - kclone.output_head.nla_len = NLA_HDRLEN + sizeof(kclone.output); - kclone.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - kclone.output.buffer = data; - kclone.output.buffer_size = sizeof(data); - kclone.output.result_size_ptr = &data_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &kclone)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (data_size != hv->output_size - || memcmp(data, hv->output, hv->output_size) != 0) { - fprintf(stderr, "HASH test vector %td failed!\n", - hv - hash_vectors); - - fprintf(stderr, "Output[%zu]: ", data_size); - for(j = 0; j < data_size; j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", hv->output_size); - for (j = 0; j < hv->output_size; j++) - fprintf(stderr, "%.2x:", (int)hv->output[j]); - fprintf(stderr, "\n"); - return 1; - } - - /* Submit the other half to the original session, verify. */ - memset(&kfinal.f, 0, sizeof(kfinal.f)); - kfinal.f.input_size = sizeof(kfinal); - kfinal.f.ses = ses; - kfinal.input_head.nla_len = NLA_HDRLEN + sizeof(kfinal.input); - kfinal.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kfinal.input.data = hv->plaintext + hv->plaintext_size / 2; - kfinal.input.data_size - = hv->plaintext_size - hv->plaintext_size / 2; - kfinal.output_head.nla_len = NLA_HDRLEN + sizeof(kfinal.output); - kfinal.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - kfinal.output.buffer = data; - kfinal.output.buffer_size = sizeof(data); - kfinal.output.result_size_ptr = &data_size; - - if (ioctl(cfd, NCRIO_SESSION_FINAL, &kfinal)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_FINAL)"); - return 1; - } - - if (data_size != hv->output_size - || memcmp(data, hv->output, hv->output_size) != 0) { - fprintf(stderr, "HASH test vector %td failed!\n", - hv - hash_vectors); - - fprintf(stderr, "Output[%zu]: ", data_size); - for(j = 0; j < data_size; j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", hv->output_size); - for (j = 0; j < hv->output_size; j++) - fprintf(stderr, "%.2x:", (int)hv->output[j]); - fprintf(stderr, "\n"); - return 1; - } - } - - fprintf(stdout, "\n"); - - return 0; - -} - -static int -test_ncr_hash_key(int cfd) -{ - ncr_key_t key; - ncr_session_t ses; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } kimport; - uint8_t data[HASH_DATA_SIZE]; - int j; - size_t data_size, algo_size; - struct __attribute__((packed)) { - struct ncr_session_init f; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } op_init; - struct __attribute__((packed)) { - struct ncr_session_update f; - struct nlattr data_head ALIGN_NL; - struct ncr_session_input_data data ALIGN_NL; - } op_up_data; - struct __attribute__((packed)) { - struct ncr_session_update f; - struct nlattr key_head ALIGN_NL; - uint32_t key; - } op_up_key; - struct __attribute__((packed)) { - struct ncr_session_final f; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - } op_final; - const uint8_t *output = (void*)"\xe2\xd7\x2c\x2e\x14\xad\x97\xc8\xd2\xdb\xce\xd8\xb3\x52\x9f\x1c\xb3\x2c\x5c\xec"; - - /* convert it to key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - fprintf(stdout, "Tests on Hashes of Keys\n"); - - fprintf(stdout, "\t%s:\n", hash_vectors[0].algorithm); - algo_size = strlen(hash_vectors[0].algorithm) + 1; - /* import key */ - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.key = key; - kimport.f.data = hash_vectors[0].plaintext; - kimport.f.data_size = hash_vectors[0].plaintext_size; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE; - kimport.algo_head.nla_len = NLA_HDRLEN + algo_size; - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(kimport.algo, hash_vectors[0].algorithm, algo_size); - kimport.f.input_size = kimport.algo + algo_size - (char *)&kimport; - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - memset(&op_init.f, 0, sizeof(op_init.f)); - op_init.f.op = hash_vectors[0].op; - op_init.algo_head.nla_len = NLA_HDRLEN + algo_size; - op_init.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(op_init.algo, hash_vectors[0].algorithm, algo_size); - op_init.f.input_size = op_init.algo + algo_size - (char *)&op_init; - - ses = ioctl(cfd, NCRIO_SESSION_INIT, &op_init); - if (ses < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_INIT)"); - return 1; - } - - memset(&op_up_data.f, 0, sizeof(op_up_data.f)); - op_up_data.f.input_size = sizeof(op_up_data); - op_up_data.f.ses = ses; - op_up_data.data_head.nla_len = NLA_HDRLEN + sizeof(op_up_data.data); - op_up_data.data_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op_up_data.data.data = hash_vectors[0].plaintext; - op_up_data.data.data_size = hash_vectors[0].plaintext_size; - - if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op_up_data)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_UPDATE)"); - return 1; - } - - memset(&op_up_key.f, 0, sizeof(op_up_key.f)); - op_up_key.f.input_size = sizeof(op_up_key); - op_up_key.f.ses = ses; - op_up_key.key_head.nla_len = NLA_HDRLEN + sizeof(op_up_key.key); - op_up_key.key_head.nla_type = NCR_ATTR_UPDATE_INPUT_KEY_AS_DATA; - op_up_key.key = key; - - if (ioctl(cfd, NCRIO_SESSION_UPDATE, &op_up_key)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_UPDATE)"); - return 1; - } - - memset(&op_final.f, 0, sizeof(op_final.f)); - op_final.f.input_size = sizeof(op_final); - op_final.f.ses = ses; - op_final.output_head.nla_len = NLA_HDRLEN + sizeof(op_final.output); - op_final.output_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - op_final.output.buffer = data; - op_final.output.buffer_size = sizeof(data); - op_final.output.result_size_ptr = &data_size; - - if (ioctl(cfd, NCRIO_SESSION_FINAL, &op_final)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_FINAL)"); - return 1; - } - - - if (data_size != hash_vectors[0].output_size || - memcmp(data, output, hash_vectors[0].output_size) != 0) { - fprintf(stderr, "HASH test vector %d failed!\n", 0); - - fprintf(stderr, "Output[%d]: ", (int)data_size); - for(j=0;j<data_size;j++) - fprintf(stderr, "%.2x:", (int)data[j]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Expected[%d]: ", hash_vectors[0].output_size); - for(j=0;j<hash_vectors[0].output_size;j++) - fprintf(stderr, "%.2x:", (int)output[j]); - fprintf(stderr, "\n"); - return 1; - } - - - fprintf(stdout, "\n"); - - return 0; - -} - - -int -main() -{ - int fd = -1; - - /* Open the crypto device */ - fd = open("/dev/crypto", O_RDWR, 0); - if (fd < 0) { - perror("open(/dev/crypto)"); - return 1; - } - - if (test_ncr_key(fd)) - return 1; - - if (test_ncr_aes(fd)) - return 1; - - if (test_ncr_hash(fd)) - return 1; - - if (test_ncr_hash_clone(fd)) - return 1; - - if (test_ncr_hash_key(fd)) - return 1; - - if (test_ncr_wrap_key(fd)) - return 1; - - if (test_ncr_wrap_key2(fd)) - return 1; - - if (test_ncr_store_wrap_key(fd)) - return 1; - - /* Close the original descriptor */ - if (close(fd)) { - perror("close(fd)"); - return 1; - } - - return 0; -} diff --git a/examples/pk.c b/examples/pk.c deleted file mode 100644 index 5ccb73e5205..00000000000 --- a/examples/pk.c +++ /dev/null @@ -1,1665 +0,0 @@ -/* - * Demo on how to use /dev/crypto device for HMAC. - * - * Placed under public domain. - * - */ -#include <assert.h> -#include <stdint.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <fcntl.h> -#include <time.h> -#include <sys/ioctl.h> -#include <sys/socket.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <linux/netlink.h> -#include "../ncr.h" -#include <stdlib.h> -#include <gnutls/gnutls.h> -#include <gnutls/x509.h> -#if GNUTLS_VERSION_NUMBER >= 0x020b00 -# include <gnutls/abstract.h> -#endif - -#define DATA_SIZE 4096 - -#define ALIGN_NL __attribute__((aligned(NLA_ALIGNTO))) - -#define SIGNATURE_HASH "sha1" -#define SIGNATURE_HASH_SIZE 20 - -#define ALG_AES_CBC "cbc(aes)" -#define ALG_DH "dh" -#define ALG_DSA "dsa" -#define ALG_RSA "rsa" - -static void -print_hex_datum (gnutls_datum_t * dat) -{ - unsigned int j; -#define SPACE "\t" - fprintf (stdout, "\n" SPACE); - for (j = 0; j < dat->size; j++) - { - fprintf (stdout, "%.2x:", (unsigned char) dat->data[j]); - if ((j + 1) % 15 == 0) - fprintf (stdout, "\n" SPACE); - } - fprintf (stdout, "\n"); -} - -static void -print_dsa_pkey (gnutls_datum_t * x, gnutls_datum_t * y, gnutls_datum_t * p, - gnutls_datum_t * q, gnutls_datum_t * g) -{ - if (x) - { - fprintf (stdout, "private key:"); - print_hex_datum (x); - } - fprintf (stdout, "public key:"); - print_hex_datum (y); - fprintf (stdout, "p:"); - print_hex_datum (p); - fprintf (stdout, "q:"); - print_hex_datum (q); - fprintf (stdout, "g:"); - print_hex_datum (g); -} - -static void -print_rsa_pkey (gnutls_datum_t * m, gnutls_datum_t * e, gnutls_datum_t * d, - gnutls_datum_t * p, gnutls_datum_t * q, gnutls_datum_t * u, - gnutls_datum_t * exp1, gnutls_datum_t *exp2) -{ - fprintf (stdout, "modulus:"); - print_hex_datum (m); - fprintf (stdout, "public exponent:"); - print_hex_datum (e); - if (d) - { - fprintf (stdout, "private exponent:"); - print_hex_datum (d); - fprintf (stdout, "prime1:"); - print_hex_datum (p); - fprintf (stdout, "prime2:"); - print_hex_datum (q); - fprintf (stdout, "coefficient:"); - print_hex_datum (u); - if (exp1 && exp2) - { - fprintf (stdout, "exp1:"); - print_hex_datum (exp1); - fprintf (stdout, "exp2:"); - print_hex_datum (exp2); - } - } -} - -static const char * -raw_to_string (const unsigned char *raw, size_t raw_size) -{ - static char buf[1024]; - size_t i; - if (raw_size == 0) - return NULL; - - if (raw_size * 3 + 1 >= sizeof (buf)) - return NULL; - - for (i = 0; i < raw_size; i++) { - sprintf (&(buf[i * 3]), "%02X%s", raw[i], - (i == raw_size - 1) ? "" : ":"); - } - buf[sizeof (buf) - 1] = '\0'; - - return buf; -} - -int privkey_info (void* data, int data_size, int verbose) -{ - gnutls_x509_privkey_t key; - size_t size; - int ret; - gnutls_datum_t der; - unsigned char buffer[5*1024]; - const char *cprint; - - ret = gnutls_x509_privkey_init (&key); - if (ret < 0) { - fprintf(stderr, "error in privkey_init\n"); - return 1; - } - - der.data = data; - der.size = data_size; - - ret = gnutls_x509_privkey_import (key, &der, GNUTLS_X509_FMT_DER); - if (ret < 0) { - fprintf(stderr, "unable to import privkey\n"); - return 1; - } - - if (verbose > 0) { - /* Public key algorithm - */ - fprintf (stdout, "Public Key Info:\n"); - ret = gnutls_x509_privkey_get_pk_algorithm (key); - - fprintf (stdout, "\tPublic Key Algorithm: "); - cprint = gnutls_pk_algorithm_get_name (ret); - fprintf (stdout, "%s\n", cprint ? cprint : "Unknown"); - - /* Print the raw public and private keys - */ - if (ret == GNUTLS_PK_RSA) { - gnutls_datum_t m, e, d, p, q, u, exp1={NULL,0}, exp2={NULL,0}; - -#if GNUTLS_VERSION_NUMBER >= 0x020b00 - ret = gnutls_x509_privkey_export_rsa_raw2 (key, &m, &e, &d, &p, &q, &u, &exp1, &exp2); -#else - ret = gnutls_x509_privkey_export_rsa_raw (key, &m, &e, &d, &p, &q, &u); -#endif - if (ret < 0) - fprintf (stderr, "Error in key RSA data export: %s\n", - gnutls_strerror (ret)); - else { - print_rsa_pkey (&m, &e, &d, &p, &q, &u, &exp1, &exp2); - gnutls_free (m.data); - gnutls_free (e.data); - gnutls_free (d.data); - gnutls_free (p.data); - gnutls_free (q.data); - gnutls_free (u.data); - gnutls_free (exp1.data); - gnutls_free (exp2.data); - } - } else if (ret == GNUTLS_PK_DSA) { - gnutls_datum_t p, q, g, y, x; - - ret = gnutls_x509_privkey_export_dsa_raw (key, &p, &q, &g, &y, &x); - if (ret < 0) - fprintf (stderr, "Error in key DSA data export: %s\n", - gnutls_strerror (ret)); - else { - print_dsa_pkey (&x, &y, &p, &q, &g); - gnutls_free (x.data); - gnutls_free (y.data); - gnutls_free (p.data); - gnutls_free (q.data); - gnutls_free (g.data); - } - } - - fprintf (stdout, "\n"); - - size = sizeof (buffer); - if ((ret = gnutls_x509_privkey_get_key_id (key, 0, buffer, &size)) < 0) { - fprintf (stderr, "Error in key id calculation: %s\n", - gnutls_strerror (ret)); - } else { - fprintf (stdout, "Public Key ID: %s\n", raw_to_string (buffer, size)); - } - - size = sizeof (buffer); - ret = gnutls_x509_privkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) { - fprintf(stderr, "Error in privkey_export\n"); - return 1; - } - - fprintf (stdout, "\n%s\n", buffer); - } - - gnutls_x509_privkey_deinit (key); - - return 0; -} - - - -int pubkey_info(void* data, int data_size, int verbose) -{ -#if GNUTLS_VERSION_NUMBER >= 0x020b00 - gnutls_pubkey_t key; - size_t size; - int ret; - gnutls_datum_t der; - unsigned char buffer[5*1024]; - const char *cprint; - - ret = gnutls_pubkey_init (&key); - if (ret < 0) { - fprintf(stderr, "error in pubkey_init\n"); - return 1; - } - - der.data = data; - der.size = data_size; - - ret = gnutls_pubkey_import (key, &der, GNUTLS_X509_FMT_DER); - if (ret < 0) { - fprintf(stderr, "unable to import pubkey\n"); - return 1; - } - - if (verbose > 0) { - /* Public key algorithm - */ - fprintf (stdout, "Public Key Info:\n"); - ret = gnutls_pubkey_get_pk_algorithm (key, NULL); - - fprintf (stdout, "\tPublic Key Algorithm: "); - cprint = gnutls_pk_algorithm_get_name (ret); - fprintf (stdout, "%s\n", cprint ? cprint : "Unknown"); - - /* Print the raw public and private keys - */ - if (ret == GNUTLS_PK_RSA) { - gnutls_datum_t m, e; - - ret = gnutls_pubkey_get_pk_rsa_raw (key, &m, &e); - if (ret < 0) - fprintf (stderr, "Error in key RSA data export: %s\n", - gnutls_strerror (ret)); - else { - print_rsa_pkey (&m, &e, NULL, NULL, NULL, NULL, NULL, NULL); - gnutls_free (m.data); - gnutls_free (e.data); - } - } else if (ret == GNUTLS_PK_DSA) { - gnutls_datum_t p, q, g, y; - - ret = gnutls_pubkey_get_pk_dsa_raw (key, &p, &q, &g, &y); - if (ret < 0) - fprintf (stderr, "Error in key DSA data export: %s\n", - gnutls_strerror (ret)); - else { - print_dsa_pkey (NULL, &y, &p, &q, &g); - gnutls_free (y.data); - gnutls_free (p.data); - gnutls_free (q.data); - gnutls_free (g.data); - } - } - - fprintf (stdout, "\n"); - - size = sizeof (buffer); - if ((ret = gnutls_pubkey_get_key_id (key, 0, buffer, &size)) < 0) { - fprintf (stderr, "Error in key id calculation: %s\n", - gnutls_strerror (ret)); - } else { - fprintf (stdout, "Public Key ID: %s\n", raw_to_string (buffer, size)); - } - - size = sizeof (buffer); - ret = gnutls_pubkey_export (key, GNUTLS_X509_FMT_PEM, buffer, &size); - if (ret < 0) { - fprintf(stderr, "Error in privkey_export\n"); - return 1; - } - - fprintf (stdout, "\n%s\n", buffer); - } - - gnutls_pubkey_deinit (key); -#endif - return 0; -} - -/* Diffie Hellman */ -const char dh_params_txt[] = "-----BEGIN DH PARAMETERS-----\n"\ -"MIGHAoGBAKMox0/IjuGqSaGMJESYMhdmXiTe1pY8gkSzWZ/ktWaUdaYAzgAZp7r3\n"\ -"OCh68YslS9Oi7/UQjmBbgGuOucMKgq3tYeYzY8G2epIuIzM4TAogaEqwkdSrXlth\n"\ -"MMsP2FhLhHg8m6V6iItitnMOz9r8t3BEf04GRlfzgZraM0gUUwTjAgEF\n"\ -"-----END DH PARAMETERS-----\n"; - -static int test_ncr_dh(int cfd) -{ -struct __attribute__((packed)) { - struct ncr_key_generate_pair f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_DH)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - unsigned char buffer[DATA_SIZE] ALIGN_NL; -} kgen; -struct nlattr *nla; -ncr_key_t private1, public1, public2, private2; -ncr_key_t z1, z2; -int ret; -gnutls_datum g, p, params; -gnutls_dh_params_t dhp; -unsigned char y1[1024], y2[1024]; -ssize_t y1_size, y2_size; -struct ncr_key_export kexport; -struct __attribute__((packed)) { - struct ncr_key_derive f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_DERIVE_DH)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr public_head ALIGN_NL; - unsigned char public[DATA_SIZE] ALIGN_NL; -} kderive; - - fprintf(stdout, "Tests on DH key exchange:"); - fflush(stdout); - - params.data = (void*)dh_params_txt; - params.size = sizeof(dh_params_txt)-1; - - ret = gnutls_dh_params_init(&dhp); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); - return 1; - } - - ret = gnutls_dh_params_import_pkcs3(dhp, ¶ms, GNUTLS_X509_FMT_PEM); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); - return 1; - } - - ret = gnutls_dh_params_export_raw(dhp, &p, &g, NULL); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "gnutls: %s\n", gnutls_strerror(ret)); - return 1; - } - - /* generate a DH key */ - private1 = ioctl(cfd, NCRIO_KEY_INIT); - if (private1 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - public1 = ioctl(cfd, NCRIO_KEY_INIT); - if (public1 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.private_key = private1; - kgen.f.public_key = public1; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_DH); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE; - nla = (struct nlattr *)kgen.buffer; - nla->nla_len = NLA_HDRLEN + p.size; - nla->nla_type = NCR_ATTR_DH_PRIME; - memcpy((char *)nla + NLA_HDRLEN, p.data, p.size); - nla = (struct nlattr *)((char *)nla + NLA_ALIGN(nla->nla_len)); - nla->nla_len = NLA_HDRLEN + g.size; - nla->nla_type = NCR_ATTR_DH_BASE; - memcpy((char *)nla + NLA_HDRLEN, g.data, g.size); - nla = (struct nlattr *)((char *)nla + NLA_ALIGN(nla->nla_len)); - kgen.f.input_size = (char *)nla - (char *)&kgen; - assert(kgen.f.input_size <= sizeof(kgen)); - - if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); - return 1; - } - - /* generate another DH key */ - private2 = ioctl(cfd, NCRIO_KEY_INIT); - if (private2 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - public2 = ioctl(cfd, NCRIO_KEY_INIT); - if (public2 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.private_key = private2; - kgen.f.public_key = public2; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_DH); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE; - nla = (struct nlattr *)kgen.buffer; - nla->nla_len = NLA_HDRLEN + p.size; - nla->nla_type = NCR_ATTR_DH_PRIME; - memcpy((char *)nla + NLA_HDRLEN, p.data, p.size); - nla = (struct nlattr *)((char *)nla + NLA_ALIGN(nla->nla_len)); - nla->nla_len = NLA_HDRLEN + g.size; - nla->nla_type = NCR_ATTR_DH_BASE; - memcpy((char *)nla + NLA_HDRLEN, g.data, g.size); - nla = (struct nlattr *)((char *)nla + NLA_ALIGN(nla->nla_len)); - kgen.f.input_size = (char *)nla - (char *)&kgen; - assert(kgen.f.input_size <= sizeof(kgen)); - - if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); - return 1; - } - - /* export y1=g^x1 */ - memset(&kexport, 0, sizeof(kexport)); - kexport.key = public1; - kexport.buffer = y1; - kexport.buffer_size = sizeof(y1); - - y1_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (y1_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - /* export y2=g^x2 */ - memset(&kexport, 0, sizeof(kexport)); - kexport.key = public2; - kexport.buffer = y2; - kexport.buffer_size = sizeof(y2); - - y2_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (y2_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - /* z1=y1^x2 */ - z1 = ioctl(cfd, NCRIO_KEY_INIT); - if (z1 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kderive.f, 0, sizeof(kderive.f)); - kderive.f.input_key = private1; - kderive.f.new_key = z1; - kderive.algo_head.nla_len = NLA_HDRLEN + sizeof(kderive.algo); - kderive.algo_head.nla_type = NCR_ATTR_DERIVATION_ALGORITHM; - strcpy(kderive.algo, NCR_DERIVE_DH); - kderive.flags_head.nla_len = NLA_HDRLEN + sizeof(kderive.flags); - kderive.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kderive.flags = NCR_KEY_FLAG_EXPORTABLE; - kderive.public_head.nla_len = NLA_HDRLEN + y2_size; - kderive.public_head.nla_type = NCR_ATTR_DH_PUBLIC; - memcpy(kderive.public, y2, y2_size); - nla = (struct nlattr *)((char *)&kderive.public_head - + NLA_ALIGN(kderive.public_head.nla_len)); - kderive.f.input_size = (char *)nla - (char *)&kderive; - assert(kderive.f.input_size <= sizeof(kderive)); - - if (ioctl(cfd, NCRIO_KEY_DERIVE, &kderive)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_DERIVE)"); - return 1; - } - - /* z2=y2^x1 */ - z2 = ioctl(cfd, NCRIO_KEY_INIT); - if (z2 == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kderive.f, 0, sizeof(kderive.f)); - kderive.f.input_key = private2; - kderive.f.new_key = z2; - kderive.algo_head.nla_len = NLA_HDRLEN + sizeof(kderive.algo); - kderive.algo_head.nla_type = NCR_ATTR_DERIVATION_ALGORITHM; - strcpy(kderive.algo, NCR_DERIVE_DH); - kderive.flags_head.nla_len = NLA_HDRLEN + sizeof(kderive.flags); - kderive.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kderive.flags = NCR_KEY_FLAG_EXPORTABLE; - kderive.public_head.nla_len = NLA_HDRLEN + y2_size; - kderive.public_head.nla_type = NCR_ATTR_DH_PUBLIC; - memcpy(kderive.public, y1, y1_size); - nla = (struct nlattr *)((char *)&kderive.public_head - + NLA_ALIGN(kderive.public_head.nla_len)); - kderive.f.input_size = (char *)nla - (char *)&kderive; - assert(kderive.f.input_size <= sizeof(kderive)); - - if (ioctl(cfd, NCRIO_KEY_DERIVE, &kderive)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_DERIVE)"); - return 1; - } - - /* z1==z2 */ - memset(&kexport, 0, sizeof(kexport)); - kexport.key = z1; - kexport.buffer = y1; - kexport.buffer_size = sizeof(y1); - - y1_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (y1_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - memset(&kexport, 0, sizeof(kexport)); - kexport.key = z2; - kexport.buffer = y2; - kexport.buffer_size = sizeof(y2); - - y2_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (y2_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - if (y1_size == 0 || y1_size != y2_size || memcmp(y1, y2, y1_size) != 0) { - int i; - - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "Output in DH does not match (%d, %d)!\n", - (int)y1_size, (int)y2_size); - - fprintf(stderr, "Key1[%d]: ", (int) y1_size); - for(i=0;i<y1_size;i++) - fprintf(stderr, "%.2x:", y1[i]); - fprintf(stderr, "\n"); - - fprintf(stderr, "Key2[%d]: ", (int) y2_size); - for(i=0;i<y2_size;i++) - fprintf(stderr, "%.2x:", y2[i]); - fprintf(stderr, "\n"); - - return 1; - } - - - fprintf(stdout, " Success\n"); - - return 0; -} - -/* check whether wrapping of long keys is not allowed with - * shorted wrapping keys */ -static int -test_ncr_wrap_key3(int cfd) -{ - int ret, i; - ncr_key_t key; - size_t data_size; - struct __attribute__((packed)) { - struct ncr_key_import f; - struct nlattr id_head ALIGN_NL; - uint8_t id[2] ALIGN_NL; - struct nlattr type_head ALIGN_NL; - uint32_t type ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kimport; - struct __attribute__((packed)) { - struct ncr_key_wrap f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_WALG_AES_RFC5649)] ALIGN_NL; - } kwrap; - struct __attribute__((packed)) { - struct ncr_key_unwrap f; - struct nlattr wrap_algo_head ALIGN_NL; - char wrap_algo[sizeof(NCR_WALG_AES_RFC5649)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - } kunwrap; - struct __attribute__((packed)) { - struct ncr_key_generate_pair f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_RSA)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr bits_head ALIGN_NL; - uint32_t bits ALIGN_NL; - } kgen; - ncr_key_t pubkey, privkey; - uint8_t data[DATA_SIZE]; - /* only the first two should be allowed to be wrapped. - * the latter shouldn't because it has security level larger - * then 128 bits (the size of the wrapping key). - */ - const int sizes[] = {1024, 3248, 5200}; - - fprintf(stdout, "Tests on key wrapping (might take long): "); - fflush(stdout); - - /* convert it to key */ - privkey = ioctl(cfd, NCRIO_KEY_INIT); - if (privkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - pubkey = ioctl(cfd, NCRIO_KEY_INIT); - if (pubkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - if (geteuid() != 0) { - /* cannot test further */ - fprintf(stdout, "\t(Wrapping test not completed. Run as root)\n"); - return 0; - } - - /* make a wrapping key */ - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kimport.f, 0, sizeof(kimport.f)); - kimport.f.input_size = sizeof(kimport); - kimport.f.key = key; - kimport.f.data = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F"; - kimport.f.data_size = 16; - kimport.id_head.nla_len = NLA_HDRLEN + sizeof(kimport.id); - kimport.id_head.nla_type = NCR_ATTR_KEY_ID; - kimport.id[0] = 'a'; - kimport.id[1] = 'b'; - kimport.type_head.nla_len = NLA_HDRLEN + sizeof(kimport.type); - kimport.type_head.nla_type = NCR_ATTR_KEY_TYPE; - kimport.type = NCR_KEY_TYPE_SECRET; - kimport.algo_head.nla_len = NLA_HDRLEN + sizeof(kimport.algo); - kimport.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kimport.algo, ALG_AES_CBC); - kimport.flags_head.nla_len = NLA_HDRLEN + sizeof(kimport.flags); - kimport.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kimport.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPING|NCR_KEY_FLAG_UNWRAPPING; - - if (ioctl(cfd, NCRIO_KEY_IMPORT, &kimport)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_IMPORT)"); - return 1; - } - - for (i=0;i<sizeof(sizes)/sizeof(sizes[0]);i++) { - - fprintf(stdout, "."); - fflush(stdout); - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.input_size = sizeof(kgen); - kgen.f.private_key = privkey; - kgen.f.public_key = pubkey; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_RSA); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); - kgen.bits_head.nla_type = NCR_ATTR_RSA_MODULUS_BITS; - kgen.bits = sizes[i]; - - if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { - fprintf(stderr, "Error[%d-%d]: %s:%d\n", i, sizes[i], __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); - return 1; - } - - /* now try wrapping key2 using key */ - memset(&kwrap.f, 0, sizeof(kwrap.f)); - kwrap.f.input_size = sizeof(kwrap); - kwrap.f.wrapping_key = key; - kwrap.f.source_key = pubkey; - kwrap.f.buffer = data; - kwrap.f.buffer_size = sizeof(data); - kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo); - kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kwrap.algo, NCR_WALG_AES_RFC5649); - - ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap); - if (ret < 0) { - fprintf(stderr, "Error[%d-%d]: %s:%d\n", i, sizes[i], __func__, __LINE__); - /* wrapping of public key should have been allowed! */ - return 1; - } - - /* now try wrapping private using key */ - memset(&kwrap.f, 0, sizeof(kwrap.f)); - kwrap.f.input_size = sizeof(kwrap); - kwrap.f.wrapping_key = key; - kwrap.f.source_key = privkey; - kwrap.f.buffer = data; - kwrap.f.buffer_size = sizeof(data); - kwrap.algo_head.nla_len = NLA_HDRLEN + sizeof(kwrap.algo); - kwrap.algo_head.nla_type = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kwrap.algo, NCR_WALG_AES_RFC5649); - - ret = ioctl(cfd, NCRIO_KEY_WRAP, &kwrap); - if (ret < 0 && i != 2) { - fprintf(stderr, "Error[%d-%d]: %s:%d\n", i, sizes[i], __func__, __LINE__); - /* wrapping should have been allowed */ - return 1; - } else if (ret >= 0 && i == 2) { - fprintf(stderr, "Error[%d-%d]: %s:%d\n", i, sizes[i], __func__, __LINE__); - /* wrapping shouldn't have been allowed */ - return 1; - } - - if (ret >= 0) { - data_size = ret; - - /* try unwrapping */ - memset(&kunwrap.f, 0, sizeof(kunwrap.f)); - kunwrap.f.input_size = sizeof(kunwrap); - kunwrap.f.wrapping_key = key; - kunwrap.f.dest_key = privkey; - kunwrap.f.data = data; - kunwrap.f.data_size = data_size; - kunwrap.wrap_algo_head.nla_len - = NLA_HDRLEN + sizeof(kunwrap.wrap_algo); - kunwrap.wrap_algo_head.nla_type - = NCR_ATTR_WRAPPING_ALGORITHM; - strcpy(kunwrap.wrap_algo, NCR_WALG_AES_RFC5649); - kunwrap.flags_head.nla_len - = NLA_HDRLEN + sizeof(kunwrap.flags); - kunwrap.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kunwrap.flags = 0; - - ret = ioctl(cfd, NCRIO_KEY_UNWRAP, &kunwrap); - if (ret) { - fprintf(stderr, "Error[%d-%d]: %s:%d\n", i, sizes[i], __func__, __LINE__); - return 1; - } - } - fprintf(stdout, "*"); - fflush(stdout); - - } - - fprintf(stdout, " Success\n"); - return 0; -} - -#define RSA_ENCRYPT_SIZE 32 - -static int rsa_key_encrypt(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int oaep) -{ - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_RSA)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr rsa_head ALIGN_NL; - uint32_t rsa ALIGN_NL; - struct nlattr oaep_hash_head ALIGN_NL; - char oaep_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - } op; - uint8_t data[DATA_SIZE]; - uint8_t vdata[RSA_ENCRYPT_SIZE]; - size_t enc_size, dec_size; - - fprintf(stdout, "Tests on RSA (%s) key encryption:", (oaep!=0)?"OAEP":"PKCS V1.5"); - fflush(stdout); - - memset(data, 0x3, sizeof(data)); - memcpy(vdata, data, sizeof(vdata)); - - /* do encryption */ - memset(&op.f, 0, sizeof(op.f)); - op.f.input_size = sizeof(op); - op.f.op = NCR_OP_ENCRYPT; - op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(op.algo, ALG_RSA); - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = pubkey; - op.rsa_head.nla_len = NLA_HDRLEN + sizeof(op.rsa); - op.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - if (oaep) { - op.rsa = RSA_PKCS1_OAEP; - } else { - op.rsa = RSA_PKCS1_V1_5; - } - op.oaep_hash_head.nla_len = NLA_HDRLEN + sizeof(op.oaep_hash); - op.oaep_hash_head.nla_type = NCR_ATTR_RSA_OAEP_HASH_ALGORITHM; - strcpy(op.oaep_hash, SIGNATURE_HASH); /* Ignored if not using OAEP */ - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = data; - op.input.data_size = RSA_ENCRYPT_SIZE; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; - op.output.buffer = data; - op.output.buffer_size = sizeof(data); - op.output.result_size_ptr = &enc_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - /* decrypt data */ - memset(&op.f, 0, sizeof(op.f)); - op.f.input_size = sizeof(op); - op.f.op = NCR_OP_DECRYPT; - op.algo_head.nla_len = NLA_HDRLEN + sizeof(op.algo); - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(op.algo, ALG_RSA); - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = privkey; - op.rsa_head.nla_len = NLA_HDRLEN + sizeof(op.rsa); - op.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - if (oaep) { - op.rsa = RSA_PKCS1_OAEP; - } else { - op.rsa = RSA_PKCS1_V1_5; - } - op.oaep_hash_head.nla_len = NLA_HDRLEN + sizeof(op.oaep_hash); - op.oaep_hash_head.nla_type = NCR_ATTR_RSA_OAEP_HASH_ALGORITHM; - strcpy(op.oaep_hash, SIGNATURE_HASH); /* Ignored if not using OAEP */ - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = data; - op.input.data_size = enc_size; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; - op.output.buffer = data; - op.output.buffer_size = sizeof(data); - op.output.result_size_ptr = &dec_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (dec_size != sizeof(vdata) - || memcmp(vdata, data, sizeof(vdata)) != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - fprintf(stderr, "Decrypted data do not match!\n"); - return 1; - } - - fprintf(stdout, " Success\n"); - - return 0; - -} - -#define DATA_TO_SIGN 52 - -static int rsa_key_sign_verify(int cfd, ncr_key_t privkey, ncr_key_t pubkey, int pss) -{ - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_RSA)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr rsa_head ALIGN_NL; - uint32_t rsa ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_output_buffer signature ALIGN_NL; - } ksign; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_RSA)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr rsa_head ALIGN_NL; - uint32_t rsa ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_input_data signature ALIGN_NL; - } kverify; - uint8_t data[DATA_SIZE]; - uint8_t sig[DATA_SIZE]; - size_t sig_size; - int ret; - - fprintf(stdout, "Tests on RSA (%s) key signature:", (pss!=0)?"PSS":"PKCS V1.5"); - fflush(stdout); - - memset(data, 0x3, sizeof(data)); - - /* sign data */ - memset(&ksign.f, 0, sizeof(ksign.f)); - ksign.f.input_size = sizeof(ksign); - ksign.f.op = NCR_OP_SIGN; - ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); - ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(ksign.algo, ALG_RSA); - ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); - ksign.key_head.nla_type = NCR_ATTR_KEY; - ksign.key = privkey; - ksign.rsa_head.nla_len = NLA_HDRLEN + sizeof(ksign.rsa); - ksign.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - ksign.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; - ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); - ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(ksign.sign_hash, SIGNATURE_HASH); - ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); - ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - ksign.input.data = data; - ksign.input.data_size = DATA_TO_SIGN; - ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); - ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - ksign.signature.buffer = sig; - ksign.signature.buffer_size = sizeof(sig); - ksign.signature.result_size_ptr = &sig_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - /* verify signature */ - memset(data, 0x3, sizeof(data)); - - memset(&kverify.f, 0, sizeof(kverify.f)); - kverify.f.input_size = sizeof(kverify); - kverify.f.op = NCR_OP_VERIFY; - kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); - kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kverify.algo, ALG_RSA); - kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); - kverify.key_head.nla_type = NCR_ATTR_KEY; - kverify.key = pubkey; - kverify.rsa_head.nla_len = NLA_HDRLEN + sizeof(kverify.rsa); - kverify.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - kverify.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; - kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); - kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(kverify.sign_hash, SIGNATURE_HASH); - kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); - kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kverify.input.data = data; - kverify.input.data_size = DATA_TO_SIGN; - kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); - kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; - kverify.signature.data = sig; - kverify.signature.data_size = sig_size; - - ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (ret) - fprintf(stdout, " Success\n"); - else { - fprintf(stdout, " Verification Failed!\n"); - return 1; - } - - return 0; - -} - -static int rsa_key_sign_verify_transparent(int cfd, ncr_key_t privkey, - ncr_key_t pubkey, int pss) -{ - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_ALG_RSA_TRANSPARENT_HASH)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr rsa_head ALIGN_NL; - uint32_t rsa ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_output_buffer signature ALIGN_NL; - } ksign; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_ALG_RSA_TRANSPARENT_HASH)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr rsa_head ALIGN_NL; - uint32_t rsa ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_input_data signature ALIGN_NL; - } kverify; - uint8_t data[SIGNATURE_HASH_SIZE]; - uint8_t sig[DATA_SIZE]; - size_t sig_size; - int ret; - - fprintf(stdout, "Tests on transparent RSA (%s) key signature:", - (pss != 0) ? "PSS" : "PKCS V1.5"); - fflush(stdout); - - memset(data, 0x3, sizeof(data)); - - /* sign data */ - memset(&ksign.f, 0, sizeof(ksign.f)); - ksign.f.input_size = sizeof(ksign); - ksign.f.op = NCR_OP_SIGN; - ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); - ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(ksign.algo, NCR_ALG_RSA_TRANSPARENT_HASH); - ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); - ksign.key_head.nla_type = NCR_ATTR_KEY; - ksign.key = privkey; - ksign.rsa_head.nla_len = NLA_HDRLEN + sizeof(ksign.rsa); - ksign.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - ksign.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; - ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); - ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(ksign.sign_hash, SIGNATURE_HASH); - ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); - ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - ksign.input.data = data; - ksign.input.data_size = SIGNATURE_HASH_SIZE; - ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); - ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - ksign.signature.buffer = sig; - ksign.signature.buffer_size = sizeof(sig); - ksign.signature.result_size_ptr = &sig_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - /* verify signature */ - memset(data, 0x3, sizeof(data)); - - memset(&kverify.f, 0, sizeof(kverify.f)); - kverify.f.input_size = sizeof(kverify); - kverify.f.op = NCR_OP_VERIFY; - kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); - kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kverify.algo, NCR_ALG_RSA_TRANSPARENT_HASH); - kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); - kverify.key_head.nla_type = NCR_ATTR_KEY; - kverify.key = pubkey; - kverify.rsa_head.nla_len = NLA_HDRLEN + sizeof(kverify.rsa); - kverify.rsa_head.nla_type = NCR_ATTR_RSA_ENCODING_METHOD; - kverify.rsa = (pss != 0) ? RSA_PKCS1_PSS : RSA_PKCS1_V1_5; - kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); - kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(kverify.sign_hash, SIGNATURE_HASH); - kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); - kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kverify.input.data = data; - kverify.input.data_size = SIGNATURE_HASH_SIZE; - kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); - kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; - kverify.signature.data = sig; - kverify.signature.data_size = sig_size; - - ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (ret) - fprintf(stdout, " Success\n"); - else { - fprintf(stdout, " Verification Failed!\n"); - return 1; - } - - return 0; -} - -static int dsa_key_sign_verify(int cfd, ncr_key_t privkey, ncr_key_t pubkey) -{ - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_DSA)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_output_buffer signature ALIGN_NL; - } ksign; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_DSA)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_input_data signature ALIGN_NL; - } kverify; - uint8_t data[DATA_SIZE]; - uint8_t sig[DATA_SIZE]; - size_t sig_size; - int ret; - - fprintf(stdout, "Tests on DSA key signature:"); - fflush(stdout); - - memset(data, 0x3, sizeof(data)); - - /* sign data */ - memset(&ksign.f, 0, sizeof(ksign.f)); - ksign.f.input_size = sizeof(ksign); - ksign.f.op = NCR_OP_SIGN; - ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); - ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(ksign.algo, ALG_DSA); - ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); - ksign.key_head.nla_type = NCR_ATTR_KEY; - ksign.key = privkey; - ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); - ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(ksign.sign_hash, SIGNATURE_HASH); - ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); - ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - ksign.input.data = data; - ksign.input.data_size = DATA_TO_SIGN; - ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); - ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - ksign.signature.buffer = sig; - ksign.signature.buffer_size = sizeof(sig); - ksign.signature.result_size_ptr = &sig_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - /* verify signature */ - memset(&kverify.f, 0, sizeof(kverify.f)); - kverify.f.input_size = sizeof(kverify); - kverify.f.op = NCR_OP_VERIFY; - kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); - kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kverify.algo, ALG_DSA); - kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); - kverify.key_head.nla_type = NCR_ATTR_KEY; - kverify.key = pubkey; - kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); - kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(kverify.sign_hash, SIGNATURE_HASH); - kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); - kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kverify.input.data = data; - kverify.input.data_size = DATA_TO_SIGN; - kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); - kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; - kverify.signature.data = sig; - kverify.signature.data_size = sizeof(sig); - - ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (ret) - fprintf(stdout, " Success\n"); - else { - fprintf(stdout, " Verification Failed!\n"); - return 1; - } - - return 0; - -} - -static int dsa_key_sign_verify_transparent(int cfd, ncr_key_t privkey, - ncr_key_t pubkey) -{ - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_ALG_DSA_TRANSPARENT_HASH)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_output_buffer signature ALIGN_NL; - } ksign; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(NCR_ALG_DSA_TRANSPARENT_HASH)] ALIGN_NL; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr sign_hash_head ALIGN_NL; - char sign_hash[sizeof(SIGNATURE_HASH)] ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr signature_head ALIGN_NL; - struct ncr_session_input_data signature ALIGN_NL; - } kverify; - uint8_t data[SIGNATURE_HASH_SIZE]; - uint8_t sig[DATA_SIZE]; - size_t sig_size; - int ret; - - fprintf(stdout, "Tests on transparent DSA key signature:"); - fflush(stdout); - - memset(data, 0x3, sizeof(data)); - - /* sign data */ - memset(&ksign.f, 0, sizeof(ksign.f)); - ksign.f.input_size = sizeof(ksign); - ksign.f.op = NCR_OP_SIGN; - ksign.algo_head.nla_len = NLA_HDRLEN + sizeof(ksign.algo); - ksign.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(ksign.algo, NCR_ALG_DSA_TRANSPARENT_HASH); - ksign.key_head.nla_len = NLA_HDRLEN + sizeof(ksign.key); - ksign.key_head.nla_type = NCR_ATTR_KEY; - ksign.key = privkey; - ksign.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(ksign.sign_hash); - ksign.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(ksign.sign_hash, SIGNATURE_HASH); - ksign.input_head.nla_len = NLA_HDRLEN + sizeof(ksign.input); - ksign.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - ksign.input.data = data; - ksign.input.data_size = SIGNATURE_HASH_SIZE; - ksign.signature_head.nla_len = NLA_HDRLEN + sizeof(ksign.signature); - ksign.signature_head.nla_type = NCR_ATTR_FINAL_OUTPUT_BUFFER; - ksign.signature.buffer = sig; - ksign.signature.buffer_size = sizeof(sig); - ksign.signature.result_size_ptr = &sig_size; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &ksign)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - /* verify signature */ - memset(&kverify.f, 0, sizeof(kverify.f)); - kverify.f.input_size = sizeof(kverify); - kverify.f.op = NCR_OP_VERIFY; - kverify.algo_head.nla_len = NLA_HDRLEN + sizeof(kverify.algo); - kverify.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kverify.algo, NCR_ALG_DSA_TRANSPARENT_HASH); - kverify.key_head.nla_len = NLA_HDRLEN + sizeof(kverify.key); - kverify.key_head.nla_type = NCR_ATTR_KEY; - kverify.key = pubkey; - kverify.sign_hash_head.nla_len = NLA_HDRLEN + sizeof(kverify.sign_hash); - kverify.sign_hash_head.nla_type = NCR_ATTR_SIGNATURE_HASH_ALGORITHM; - strcpy(kverify.sign_hash, SIGNATURE_HASH); - kverify.input_head.nla_len = NLA_HDRLEN + sizeof(kverify.input); - kverify.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - kverify.input.data = data; - kverify.input.data_size = SIGNATURE_HASH_SIZE; - kverify.signature_head.nla_len = NLA_HDRLEN + sizeof(kverify.signature); - kverify.signature_head.nla_type = NCR_ATTR_FINAL_INPUT_DATA; - kverify.signature.data = sig; - kverify.signature.data_size = sizeof(sig); - - ret = ioctl(cfd, NCRIO_SESSION_ONCE, &kverify); - if (ret < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - if (ret) - fprintf(stdout, " Success\n"); - else { - fprintf(stdout, " Verification Failed!\n"); - return 1; - } - - return 0; -} - -static int test_ncr_rsa(int cfd) -{ - int ret; - struct __attribute__((packed)) { - struct ncr_key_generate_pair f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_RSA)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr bits_head ALIGN_NL; - uint32_t bits ALIGN_NL; - } kgen; - ncr_key_t pubkey, privkey; - struct ncr_key_export kexport; - uint8_t data[DATA_SIZE]; - int data_size; - - fprintf(stdout, "Tests on RSA key generation:"); - fflush(stdout); - - /* convert it to key */ - privkey = ioctl(cfd, NCRIO_KEY_INIT); - if (privkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - pubkey = ioctl(cfd, NCRIO_KEY_INIT); - if (pubkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen, 0, sizeof(kgen)); - kgen.f.input_size = sizeof(kgen); - kgen.f.private_key = privkey; - kgen.f.public_key = pubkey; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_RSA); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); - kgen.bits_head.nla_type = NCR_ATTR_RSA_MODULUS_BITS; - kgen.bits = 1024; - - if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); - return 1; - } - - /* export the private key */ - memset(data, 0, sizeof(data)); - memset(&kexport, 0, sizeof(kexport)); - kexport.key = privkey; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - ret = privkey_info(data, data_size, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - /* export the public key */ - - memset(data, 0, sizeof(data)); - memset(&kexport, 0, sizeof(kexport)); - kexport.key = pubkey; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - ret = pubkey_info(data, data_size, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - fprintf(stdout, " Success\n"); - - ret = rsa_key_sign_verify(cfd, privkey, pubkey, 1); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = rsa_key_sign_verify(cfd, privkey, pubkey, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = rsa_key_sign_verify_transparent(cfd, privkey, pubkey, 1); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = rsa_key_sign_verify_transparent(cfd, privkey, pubkey, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = rsa_key_encrypt(cfd, privkey, pubkey, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = rsa_key_encrypt(cfd, privkey, pubkey, 1); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - return 0; - -} - -static int test_ncr_dsa(int cfd) -{ - int ret; - struct __attribute__((packed)) { - struct ncr_key_generate_pair f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_DSA)] ALIGN_NL; - struct nlattr flags_head ALIGN_NL; - uint32_t flags ALIGN_NL; - struct nlattr q_bits_head ALIGN_NL; - uint32_t q_bits ALIGN_NL; - struct nlattr p_bits_head ALIGN_NL; - uint32_t p_bits ALIGN_NL; - } kgen; - ncr_key_t pubkey, privkey; - struct ncr_key_export kexport; - uint8_t data[DATA_SIZE]; - int data_size; - - fprintf(stdout, "Tests on DSA key generation:"); - fflush(stdout); - - /* convert it to key */ - privkey = ioctl(cfd, NCRIO_KEY_INIT); - if (privkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - pubkey = ioctl(cfd, NCRIO_KEY_INIT); - if (pubkey == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen, 0, sizeof(kgen)); - kgen.f.input_size = sizeof(kgen); - kgen.f.private_key = privkey; - kgen.f.public_key = pubkey; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_DSA); - kgen.flags_head.nla_len = NLA_HDRLEN + sizeof(kgen.flags); - kgen.flags_head.nla_type = NCR_ATTR_KEY_FLAGS; - kgen.flags = NCR_KEY_FLAG_EXPORTABLE|NCR_KEY_FLAG_WRAPPABLE; - kgen.q_bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.q_bits); - kgen.q_bits_head.nla_type = NCR_ATTR_DSA_Q_BITS; - kgen.q_bits = 160; - kgen.p_bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.p_bits); - kgen.p_bits_head.nla_type = NCR_ATTR_DSA_P_BITS; - kgen.p_bits = 1024; - - if (ioctl(cfd, NCRIO_KEY_GENERATE_PAIR, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE_PAIR)"); - return 1; - } - - memset(data, 0, sizeof(data)); - memset(&kexport, 0, sizeof(kexport)); - kexport.key = privkey; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - ret = privkey_info(data, data_size, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - /* export the public key */ - - memset(data, 0, sizeof(data)); - memset(&kexport, 0, sizeof(kexport)); - kexport.key = pubkey; - kexport.buffer = data; - kexport.buffer_size = sizeof(data); - - data_size = ioctl(cfd, NCRIO_KEY_EXPORT, &kexport); - if (data_size < 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_EXPORT)"); - return 1; - } - - ret = pubkey_info(data, data_size, 0); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - fprintf(stdout, " Success\n"); - - ret = dsa_key_sign_verify(cfd, privkey, pubkey); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - ret = dsa_key_sign_verify_transparent(cfd, privkey, pubkey); - if (ret != 0) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - return 1; - } - - return 0; - -} - - -int -main() -{ - int fd = -1; - - gnutls_global_init(); - - /* actually test if the initial close - * will really delete all used lists */ - - fd = open("/dev/crypto", O_RDWR, 0); - if (fd < 0) { - perror("open(/dev/crypto)"); - return 1; - } - - if (test_ncr_dh(fd)) - return 1; - - if (test_ncr_rsa(fd)) - return 1; - - if (test_ncr_dsa(fd)) - return 1; - - if (test_ncr_wrap_key3(fd)) - return 1; - - /* Close the original descriptor */ - if (close(fd)) { - perror("close(fd)"); - return 1; - } - - return 0; -} diff --git a/examples/speed.c b/examples/speed.c deleted file mode 100644 index 70a2ed851c3..00000000000 --- a/examples/speed.c +++ /dev/null @@ -1,212 +0,0 @@ -/* cryptodev_test - simple benchmark tool for cryptodev - * - * Copyright (C) 2010 by Phil Sutter <phil.sutter@viprinet.com> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA - */ -#include <fcntl.h> -#include <stdint.h> -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <sys/ioctl.h> -#include <sys/time.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/socket.h> -#include <signal.h> -#include <unistd.h> -#include <linux/netlink.h> -#include "../ncr.h" - -#define ALIGN_NL __attribute__((aligned(NLA_ALIGNTO))) -#define ALG_AES_CBC "cbc(aes)" - -static double udifftimeval(struct timeval start, struct timeval end) -{ - return (double)(end.tv_usec - start.tv_usec) + - (double)(end.tv_sec - start.tv_sec) * 1000 * 1000; -} - -static int must_finish = 0; - -static void alarm_handler(int signo) -{ - must_finish = 1; -} - -static void value2human(double bytes, double time, double* data, double* speed,char* metric) -{ - if (bytes > 1000 && bytes < 1000*1000) { - *data = ((double)bytes)/1000; - *speed = *data/time; - strcpy(metric, "Kb"); - return; - } else if (bytes >= 1000*1000 && bytes < 1000*1000*1000) { - *data = ((double)bytes)/(1000*1000); - *speed = *data/time; - strcpy(metric, "Mb"); - return; - } else if (bytes >= 1000*1000*1000) { - *data = ((double)bytes)/(1000*1000*1000); - *speed = *data/time; - strcpy(metric, "Gb"); - return; - } else { - *data = (double)bytes; - *speed = *data/time; - strcpy(metric, "bytes"); - return; - } -} - - -int encrypt_data_ncr_direct(int cfd, const char *algo, int chunksize) -{ - char *buffer, iv[32]; - static int val = 23; - struct timeval start, end; - double total = 0; - double secs, ddata, dspeed; - char metric[16]; - ncr_key_t key; - struct __attribute__((packed)) { - struct ncr_key_generate f; - struct nlattr algo_head ALIGN_NL; - char algo[sizeof(ALG_AES_CBC)] ALIGN_NL; - struct nlattr bits_head ALIGN_NL; - uint32_t bits ALIGN_NL; - } kgen; - struct __attribute__((packed)) { - struct ncr_session_once f; - struct nlattr key_head ALIGN_NL; - uint32_t key ALIGN_NL; - struct nlattr input_head ALIGN_NL; - struct ncr_session_input_data input ALIGN_NL; - struct nlattr output_head ALIGN_NL; - struct ncr_session_output_buffer output ALIGN_NL; - struct nlattr iv_head ALIGN_NL; - struct nlattr algo_head ALIGN_NL; - char algo[128] ALIGN_NL; - } op; - size_t algo_size; - - algo_size = strlen(algo) + 1; - key = ioctl(cfd, NCRIO_KEY_INIT); - if (key == -1) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_INIT)"); - return 1; - } - - memset(&kgen.f, 0, sizeof(kgen.f)); - kgen.f.input_size = sizeof(kgen); - kgen.f.key = key; - kgen.algo_head.nla_len = NLA_HDRLEN + sizeof(kgen.algo); - kgen.algo_head.nla_type = NCR_ATTR_ALGORITHM; - strcpy(kgen.algo, ALG_AES_CBC); - kgen.bits_head.nla_len = NLA_HDRLEN + sizeof(kgen.bits); - kgen.bits_head.nla_type = NCR_ATTR_SECRET_KEY_BITS; - kgen.bits = 128; /* 16 bytes */ - - if (ioctl(cfd, NCRIO_KEY_GENERATE, &kgen)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_KEY_GENERATE)"); - return 1; - } - - - buffer = malloc(chunksize); - memset(iv, 0x23, 32); - - printf("\tEncrypting in chunks of %d bytes: ", chunksize); - fflush(stdout); - - memset(buffer, val++, chunksize); - - must_finish = 0; - alarm(5); - - gettimeofday(&start, NULL); - do { - size_t output_size; - - memset(&op.f, 0, sizeof(op.f)); - op.f.op = NCR_OP_ENCRYPT; - op.key_head.nla_len = NLA_HDRLEN + sizeof(op.key); - op.key_head.nla_type = NCR_ATTR_KEY; - op.key = key; - op.input_head.nla_len = NLA_HDRLEN + sizeof(op.input); - op.input_head.nla_type = NCR_ATTR_UPDATE_INPUT_DATA; - op.input.data = buffer; - op.input.data_size = chunksize; - op.output_head.nla_len = NLA_HDRLEN + sizeof(op.output); - op.output_head.nla_type = NCR_ATTR_UPDATE_OUTPUT_BUFFER; - op.output.buffer = buffer; - op.output.buffer_size = chunksize; - op.output.result_size_ptr = &output_size; - op.iv_head.nla_len = NLA_HDRLEN + 0; - op.iv_head.nla_type = NCR_ATTR_IV; - op.algo_head.nla_len = NLA_HDRLEN + algo_size; - op.algo_head.nla_type = NCR_ATTR_ALGORITHM; - memcpy(op.algo, algo, algo_size); - op.f.input_size = op.algo + algo_size - (char *)&op; - - if (ioctl(cfd, NCRIO_SESSION_ONCE, &op)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_SESSION_ONCE)"); - return 1; - } - - total+=chunksize; - } while(must_finish==0); - gettimeofday(&end, NULL); - - secs = udifftimeval(start, end)/ 1000000.0; - - value2human(total, secs, &ddata, &dspeed, metric); - printf ("done. %.2f %s in %.2f secs: ", ddata, metric, secs); - printf ("%.2f %s/sec\n", dspeed, metric); - - return 0; -} - -int main(void) -{ - int fd, i; - - signal(SIGALRM, alarm_handler); - - if ((fd = open("/dev/crypto", O_RDWR, 0)) < 0) { - perror("open()"); - return 1; - } - - fprintf(stderr, "\nTesting NCR-DIRECT with NULL cipher: \n"); - for (i = 256; i <= (64 * 1024); i *= 2) { - if (encrypt_data_ncr_direct(fd, "ecb(cipher_null)", i)) - break; - } - - - fprintf(stderr, "\nTesting NCR-DIRECT with AES-128-CBC cipher: \n"); - for (i = 256; i <= (64 * 1024); i *= 2) { - if (encrypt_data_ncr_direct(fd, "cbc(aes)", i)) - break; - } - - close(fd); - return 0; -} diff --git a/ncr.h b/include/linux/ncr.h index ce84f7a7f85..ce84f7a7f85 100644 --- a/ncr.h +++ b/include/linux/ncr.h diff --git a/userspace/Makefile b/userspace/Makefile deleted file mode 100644 index fddefb30e86..00000000000 --- a/userspace/Makefile +++ /dev/null @@ -1,12 +0,0 @@ -CC = gcc -CFLAGS = -Wall -g -O2 - -progs := ncr-setkey - -all: $(progs) - -ncr-setkey: setkey.c - $(CC) $(CFLAGS) $< -o $@ - -clean: - rm -f *.o *~ ncr-setkey diff --git a/userspace/ncrypto.h b/userspace/ncrypto.h deleted file mode 100644 index 546b6ba6640..00000000000 --- a/userspace/ncrypto.h +++ /dev/null @@ -1,141 +0,0 @@ -#include <crypto/ncr.h> - -int ncr_global_init(unsigned int flags); /* open device */ -void ncr_global_deinit(void); /* close device */ - - -/* parameters for key generation - */ -int ncr_generate_params_init(ncr_generate_params_t*); /* userspace */ -void ncr_generate_params_deinit(ncr_generate_params_t); /* userspace */ - -/* common for ciphers and public key algorithms */ -void ncr_generate_params_set_algorithm(ncr_generate_params_t, ncr_algorithm_t); /* userspace */ - -/* public key algorithms */ -void ncr_generate_params_set_bits(ncr_generate_params_t, unsigned int bits); /* RSA+DSA */ -int ncr_generate_params_set_rsa_e(ncr_generate_params_t, void* e, unsigned int e_size); /* RSA */ - -/* parameters for encryption/decryption/derivation - */ -int ncr_params_init(ncr_params_t*); /* userspace */ -void ncr_params_deinit(ncr_params_t); /* userspace */ - -int ncr_params_set_cipher_iv(ncr_params_t, void* iv, unsigned int iv_size); /* userspace */ - -int ncr_params_set_dh_key(ncr_params_t, ncr_key_t dh_priv); /* DH */ - - -/* data flags are of NCR_DATA_FLAG_* type */ - -int ncr_data_init(ncr_data_t *, size_t max_object_size, unsigned int dataflags); /* ioctl DATA_INIT */ -size_t ncr_data_get_size(ncr_data_t); /* ioctl DATA_GET */ -int ncr_data_get_data(ncr_data_t, void* data_ptr, size_t *data_size); /* ioctl DATA_GET */ -int ncr_data_set_data(ncr_data_t, void* data_ptr, size_t data_size); /* ioctl DATA_SET */ -int ncr_data_append_data(ncr_data_t, void* data_ptr, size_t data_size); /* ioctl DATA_SET */ -void ncr_data_deinit(ncr_data_t); /* ioctl DATA_DEINIT */ - -/* key flags are NCR_KEY_FLAG_* */ - -int ncr_key_init(ncr_key_t* key); /* ioctl KEY_INIT */ -int ncr_key_generate(ncr_key_t key, ncr_algorithm_t algorithm, unsigned int bits, unsigned int keyflags); /* ioctl KEY_GENERATE */ -int ncr_key_generate_pair(ncr_key_t public_key, ncr_key_t private_key, ncr_generate_params_t params, unsigned int keyflags); /* ioctl KEY_GENERATE_PAIR */ -int ncr_key_derive(ncr_key_t newkey, ncr_params_t params, unsigned int keyflags, ncr_key_t data); /* ioctl KEY_DERIVE */ -unsigned int ncr_key_get_flags(ncr_key_t key); /* ioctl KEY_GET_INFO */ -ncr_key_type_t ncr_key_get_type(ncr_key_t key); /* ioctl KEY_GET_INFO */ -int ncr_key_export(ncr_key_t key, ncr_data_t obj); /* ioctl KEY_EXPORT */ -int ncr_key_import(ncr_key_t key, ncr_data_t obj); /* ioctl KEY_IMPORT */ -int ncr_key_get_id(ncr_key_t, void* id, size_t* id_size); /* KEY_GET_INFO */ -void ncr_key_deinit(ncr_key_t); /* ioctl KEY_DEINIT */ - -typedef enum { - NCR_RSA_MODULUS, - NCR_RSA_EXPONENT, - NCR_DSA_P, - NCR_DSA_Q, - NCR_DSA_Y, -} ncr_public_param_t; - -int ncr_key_get_public_param(ncr_key_t key, ncr_public_param_t, void* output, size_t* output_size); - -/* store keys */ -int ncr_storage_store(const char* label, mode_t mode, ncr_key_t key); /* ioctl STORE_STORE */ -int ncr_storage_mkstemp(char* template, mode_t mode, ncr_key_t key);/* ioctl STORE_MKSTEMP */ -ncr_key_t ncr_storage_load(const char* label); /* ioctl STORE_LOAD */ - -int ncr_storage_chmod(const char* label, mode_t newmode); /* ioctl STORE_CHMOD */ -int ncr_storage_chown(const char* label, uid_t owner, gid_t grp); /* ioctl STORE_CHOWN */ -int ncr_storage_remove(const char* label); /* ioctl STORE_REMOVE */ - -typedef struct {} * ncr_metadata_t; - -int ncr_metadata_init(ncr_metadata_t* metadata); /* userspace */ -void ncr_metadata_deinit(ncr_metadata_t metadata);/* userspace */ - -/* read info from metadata */ -const char* ncr_metadata_get_label(ncr_metadata_t); /* userspace */ -ncr_key_type_t ncr_metadata_get_type(ncr_metadata_t); /* userspace */ - -/* id of the key. For public/private key pairs it should be the same */ -int ncr_metadata_get_id(ncr_metadata_t, void* id, size_t* id_size); /* userspace */ -/* this has meaning only if type is public or private key */ -ncr_algorithm_t ncr_metadata_get_algorithm(ncr_metadata_t); /* userspace */ - -uid_t ncr_metadata_get_uid(ncr_metadata_t); /* userspace */ -gid_t ncr_metadata_get_gid(ncr_metadata_t); /* userspace */ -mode_t ncr_metadata_get_mode(ncr_metadata_t); /*userspace */ - -/* load metadata for particular file */ -int ncr_metadata_load(const char* label, ncr_metadata_t metadata); /* ioctl STORE_METADATA_GET_INFO */ - -/* traverse all storage entries */ -int ncr_storage_traverse_init(ncr_traverse_t* tr); /* ioctl STORE_METADATA_TRAVERSE_INIT */ -int ncr_storage_traverse_next(ncr_traverse_t, ncr_metadata_t metadata); /* ioctl STORE_METADATA_TRAVERSE_NEXT */ -void ncr_storage_traverse_deinit(ncr_traverse_t); /* ioctl STORE_METADATA_TRAVERSE_DEINIT */ - -/* wrap unwrap */ -int ncr_key_wrap(ncr_key_t wrapping_key, ncr_params_t params, ncr_key_t key, void* output_data, size_t output_data_size); /* ioctl KEY_WRAP */ -int ncr_key_unwrap(ncr_key_t*key, ncr_key_t wrapping_key, ncr_params_t params, unsigned int keyflags, void* input_data, size_t input_data_size); /* ioctl KEY_UNWRAP */ - -/* operations to objects result in objects that have the same properties as the original - * object. I.e. encrypting a secret key under an object will not allow you to export it. - */ - -int ncr_session_copy(ncr_session_t* copy, ncr_session_t source); /* ioctl SESSION_COPY */ - -/* encryption functions */ -int ncr_encrypt_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); /* ioctl SESSION_INIT */ -int ncr_encrypt_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t ciphertext); /*userspace */ -int ncr_encrypt_update(ncr_session_t session, const ncr_data_t plaintext, ncr_data_t ciphertext); /* ioctl SESSION_UPDATE */ -int ncr_encrypt_final(ncr_session_t session, ncr_data_t obj); /* ioctl SESSION_FINAL */ - -/* decryption functions */ -int ncr_decrypt_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_decrypt_once(ncr_key_t key, ncr_params_t params, const ncr_data_t ciphertext, ncr_data_t plaintext); -int ncr_decrypt_update(ncr_session_t session, const ncr_data_t ciphertext, ncr_data_t plaintext); -int ncr_decrypt_final(ncr_session_t session, ncr_data_t obj); - -/* PK hash functions */ -int ncr_digest_init(ncr_session_t* session, ncr_params_t params); -int ncr_digest_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t hash); -int ncr_digest_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_digest_final(ncr_session_t session, ncr_data_t hash); - -/* PK SIGN and MAC functions */ -int ncr_sign_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_sign_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, ncr_data_t signature); -int ncr_sign_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_sign_final(ncr_session_t session, ncr_data_t signature); - -/* Verify PK signature or MAC signature */ -int ncr_verify_init(ncr_session_t* session, ncr_key_t key, ncr_params_t params); -int ncr_verify_once(ncr_key_t key, ncr_params_t params, const ncr_data_t plaintext, const ncr_data_t signature); -int ncr_verify_update(ncr_session_t session, const ncr_data_t plaintext); -int ncr_verify_final(ncr_session_t session, const ncr_data_t signature); - -/* Everything looks straight forward except for authentication - * algorithms such as Diffie Hellman. This should be done as in PKCS #11 - * as: - * ncr_key_generate_pair(our_pubkey, our_privkey) - * ncr_key_derive(shared_key, params -contain our privkey-, flags_for_new_key, peer_pubkey); - */ diff --git a/userspace/setkey.c b/userspace/setkey.c deleted file mode 100644 index 10e22b9cab6..00000000000 --- a/userspace/setkey.c +++ /dev/null @@ -1,87 +0,0 @@ -/* - * Demo on how to use /dev/crypto device for HMAC. - * - * Placed under public domain. - * - */ -#include <stdint.h> -#include <stdio.h> -#include <string.h> -#include <unistd.h> -#include <fcntl.h> -#include <time.h> -#include <sys/ioctl.h> -#include <sys/types.h> -#include <sys/stat.h> -#include "../ncr.h" -#include <stdlib.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <unistd.h> - -int main(int argc, char** argv) -{ - int fd = -1; - FILE* fp; - struct ncr_master_key_set key; - int size, ret; - struct stat st; - uint8_t rawkey[32]; - - if (argc != 2) { - fprintf(stderr, "Usage: setkey [filename]\n"); - exit(1); - } - - /* check permissions */ - ret = stat(argv[1], &st); - if (ret < 0) { - fprintf(stderr, "Cannot find key: %s\n", argv[1]); - exit(1); - } - - if (st.st_mode & S_IROTH || st.st_mode & S_IRGRP || st.st_uid != 0) { - fprintf(stderr, "Key file must belong to root and must be readable by him only.\n"); - exit(1); - } - - /* read key */ - - memset(&key, 0, sizeof(key)); - fp = fopen(argv[1], "r"); - if (fp == NULL) { - fprintf(stderr, "Cannot read %s\n", argv[1]); - exit(1); - } - - size = fread(rawkey, 1, sizeof(rawkey), fp); - if (size < 16) { - fprintf(stderr, "Illegal key!\n"); - exit(1); - } - fclose(fp); - key.key = rawkey; - key.key_size = size; - - /* Open the crypto device */ - fd = open("/dev/crypto", O_RDWR, 0); - if (fd < 0) { - perror("open(/dev/crypto)"); - return 1; - } - - /* encrypt */ - - if (ioctl(fd, NCRIO_MASTER_KEY_SET, &key)) { - fprintf(stderr, "Error: %s:%d\n", __func__, __LINE__); - perror("ioctl(NCRIO_MASTER_KEY_SET)"); - return 1; - } - /* Close the original descriptor */ - if (close(fd)) { - perror("close(fd)"); - return 1; - } - - return 0; -} |