summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2010-11-02 20:12:05 +0100
committerMiloslav Trmač <mitr@redhat.com>2010-11-02 20:12:05 +0100
commitbd08fece6e5c509dc22588c93303b067c6900b56 (patch)
treeb5554704b3c1b48915256fb48112871da87d3160
parente6b6e8785e16f1c824fd1f1f333ef2591f6f0a10 (diff)
parent278a10d4af56af2af8fcb4aa81f492db6109ef58 (diff)
downloadncrypto-bd08fece6e5c509dc22588c93303b067c6900b56.tar.gz
ncrypto-bd08fece6e5c509dc22588c93303b067c6900b56.tar.xz
ncrypto-bd08fece6e5c509dc22588c93303b067c6900b56.zip
Merge branch 'local'
Diffstat
-rw-r--r--Makefile.am6
-rw-r--r--include/ncrypto/ncrypto.h12
-rw-r--r--lib/internal.h2
-rw-r--r--lib/ncrypto_local.c57
-rw-r--r--tests/symm_ciphers.c12
-rw-r--r--tests/symm_keys.c135
-rw-r--r--tests/symm_signatures.c11
7 files changed, 205 insertions, 30 deletions
diff --git a/Makefile.am b/Makefile.am
index 2a95d2f..1631982 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -35,7 +35,8 @@ AM_CPPFLAGS = -I $(top_srcdir)/include $(GLIB_CFLAGS) $(NSS_CFLAGS) \
## Targets
lib_LTLIBRARIES = lib/libncrypto.la
pkginclude_HEADERS = include/ncrypto/ncrypto.h
-TESTS = tests/digests tests/rsa tests/symm_ciphers tests/symm_signatures
+TESTS = tests/digests tests/rsa tests/symm_ciphers tests/symm_keys \
+ tests/symm_signatures
## Rules
noinst_PROGRAMS = $(TESTS)
@@ -53,5 +54,8 @@ tests_rsa_LDFLAGS = -no-install
tests_symm_ciphers_LDADD = lib/libncrypto.la $(GLIB_LIBS)
tests_symm_ciphers_LDFLAGS = -no-install
+tests_symm_keys_LDADD = lib/libncrypto.la $(GLIB_LIBS)
+tests_symm_keys_LDFLAGS = -no-install
+
tests_symm_signatures_LDADD = lib/libncrypto.la $(GLIB_LIBS)
tests_symm_signatures_LDFLAGS = -no-install
diff --git a/include/ncrypto/ncrypto.h b/include/ncrypto/ncrypto.h
index 01964f9..024d5a7 100644
--- a/include/ncrypto/ncrypto.h
+++ b/include/ncrypto/ncrypto.h
@@ -55,10 +55,15 @@ CK_RV ncr_get_random_bytes (void *dest, size_t size);
struct ncr_symm_key;
+/* "Sensitive" corresponds to CKA_SENSITIVE. */
CK_RV ncr_symm_key_create (struct ncr_symm_key **key, CK_KEY_TYPE type,
- const void *value, size_t value_size);
+ _Bool sensitive, const void *value,
+ size_t value_size);
CK_RV ncr_symm_key_generate (struct ncr_symm_key **key, CK_MECHANISM_TYPE mech,
- size_t value_size);
+ _Bool sensitive, size_t value_size);
+CK_RV ncr_symm_key_set_sensitive (struct ncr_symm_key *key);
+CK_RV ncr_symm_key_export (struct ncr_symm_key *key, void *dest,
+ size_t *dest_size_ptr);
CK_RV ncr_symm_key_destroy (struct ncr_symm_key *key);
/* Asymmetric keys */
@@ -147,8 +152,7 @@ CK_RV ncr_digest_standalone (CK_MECHANISM_TYPE mech, void *dest,
struct ncr_symm_cipher_session;
-/* Note that for *_ECB and *_CBC, the input must be block-aligned. For
- *_CBC_PAD, it does not have to be. */
+/* Note that for *_ECB and *_CBC, the input must be block-aligned. */
/* Session lifetime management. */
CK_RV ncr_symm_cipher_alloc (struct ncr_symm_cipher_session **sess,
diff --git a/lib/internal.h b/lib/internal.h
index 97fb77d..8b6d25b 100644
--- a/lib/internal.h
+++ b/lib/internal.h
@@ -29,12 +29,14 @@ Red Hat author: Miloslav Trmač <mitr@redhat.com> */
#include <config.h>
+#include <stdbool.h>
#include <stdint.h>
#include <ncrypto/ncrypto.h>
struct ncr_symm_key
{
CK_KEY_TYPE type;
+ bool sensitive;
size_t size;
uint8_t value[];
};
diff --git a/lib/ncrypto_local.c b/lib/ncrypto_local.c
index 0dc9cbe..6d7af27 100644
--- a/lib/ncrypto_local.c
+++ b/lib/ncrypto_local.c
@@ -62,7 +62,7 @@ ncr_get_random_bytes (void *dest, size_t size)
CK_RV
ncr_symm_key_create (struct ncr_symm_key **key, CK_KEY_TYPE type,
- const void *value, size_t value_size)
+ _Bool sensitive, const void *value, size_t value_size)
{
struct ncr_symm_key *k;
@@ -76,6 +76,7 @@ ncr_symm_key_create (struct ncr_symm_key **key, CK_KEY_TYPE type,
return CKR_HOST_MEMORY;
k->type = type;
+ k->sensitive = sensitive;
k->size = value_size;
memcpy (k->value, value, value_size);
*key = k;
@@ -137,7 +138,7 @@ des3_fixup_key (uint8_t value[static 3 * DES_KEY_SIZE])
CK_RV
ncr_symm_key_generate (struct ncr_symm_key **key, CK_MECHANISM_TYPE mech,
- size_t value_size)
+ _Bool sensitive, size_t value_size)
{
struct ncr_symm_key *k;
CK_KEY_TYPE type;
@@ -174,6 +175,7 @@ ncr_symm_key_generate (struct ncr_symm_key **key, CK_MECHANISM_TYPE mech,
return CKR_HOST_MEMORY;
k->type = type;
+ k->sensitive = sensitive;
k->size = value_size;
regenerate:
res = ncr_get_random_bytes (k->value, value_size);
@@ -194,6 +196,41 @@ ncr_symm_key_generate (struct ncr_symm_key **key, CK_MECHANISM_TYPE mech,
}
CK_RV
+ncr_symm_key_set_sensitive (struct ncr_symm_key *key)
+{
+ g_return_val_if_fail (key != NULL, CKR_KEY_HANDLE_INVALID);
+ key->sensitive = true;
+ return CKR_OK;
+}
+
+CK_RV
+ncr_symm_key_export (struct ncr_symm_key *key, void *dest,
+ size_t *dest_size_ptr)
+{
+ g_return_val_if_fail (key != NULL, CKR_KEY_HANDLE_INVALID);
+ g_return_val_if_fail (dest_size_ptr != NULL, CKR_ARGUMENTS_BAD);
+
+ g_return_val_if_fail (!key->sensitive, CKR_ATTRIBUTE_SENSITIVE);
+
+ if (dest == NULL)
+ {
+ *dest_size_ptr = key->size;
+ return CKR_OK;
+ }
+ if (*dest_size_ptr < key->size)
+ {
+ *dest_size_ptr = key->size;
+ return CKR_BUFFER_TOO_SMALL;
+ }
+
+ g_return_val_if_fail (dest != NULL, CKR_ARGUMENTS_BAD);
+
+ memcpy (dest, key->value, key->size);
+ *dest_size_ptr = key->size;
+ return CKR_OK;
+}
+
+CK_RV
ncr_symm_key_destroy (struct ncr_symm_key *key)
{
g_return_val_if_fail (key != NULL, CKR_KEY_HANDLE_INVALID);
@@ -209,7 +246,6 @@ struct ncr_symm_cipher_session
{
EVP_CIPHER_CTX ctx;
CK_MECHANISM_TYPE mech;
- size_t padding_size; /* Additional space to reserve for padding */
bool encrypting;
/* Debugging only */
enum { NSCS_NEW, NSCS_INITIALIZED, NSCS_UPDATED, NSCS_FINISHED } state;
@@ -251,7 +287,6 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt,
size_t param_size)
{
const EVP_CIPHER *type;
- bool padding;
g_return_val_if_fail (sess != NULL, CKR_SESSION_HANDLE_INVALID);
g_return_val_if_fail (sess->state == NSCS_NEW || sess->state == NSCS_FINISHED,
@@ -279,15 +314,12 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt,
g_return_val_if_fail (key->type == CKK_AES, CKR_KEY_TYPE_INCONSISTENT);
g_return_val_if_fail (param_size == 0, CKR_MECHANISM_PARAM_INVALID);
AES_SWITCH (ecb);
- padding = false;
break;
case CKM_AES_CBC:
- case CKM_AES_CBC_PAD:
g_return_val_if_fail (key->type == CKK_AES, CKR_KEY_TYPE_INCONSISTENT);
g_return_val_if_fail (param_size == 16, CKR_MECHANISM_PARAM_INVALID);
AES_SWITCH (cbc);
- padding = sess->mech == CKM_AES_CBC_PAD;
break;
#undef AES_ENTRY
@@ -296,16 +328,13 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt,
g_return_val_if_fail (key->size == 24, CKR_KEY_SIZE_RANGE);
g_return_val_if_fail (param_size == 0, CKR_MECHANISM_PARAM_INVALID);
type = EVP_des_ede3 ();
- padding = false;
break;
case CKM_DES3_CBC:
- case CKM_DES3_CBC_PAD:
g_return_val_if_fail (key->type == CKK_DES3, CKR_KEY_TYPE_INCONSISTENT);
g_return_val_if_fail (key->size == 24, CKR_KEY_SIZE_RANGE);
g_return_val_if_fail (param_size == 8, CKR_MECHANISM_PARAM_INVALID);
type = EVP_des_ede3_cbc ();
- padding = sess->mech == CKM_DES3_CBC_PAD;
break;
default:
@@ -315,10 +344,9 @@ symm_cipher_init (struct ncr_symm_cipher_session *sess, bool encrypt,
if (EVP_CipherInit_ex (&sess->ctx, type, NULL, key->value,
param_size != 0 ? param : NULL, encrypt ? 1 : 0) == 0)
return ckr_openssl ();
- if (!padding && EVP_CIPHER_CTX_set_padding (&sess->ctx, 0) == 0)
+ if (EVP_CIPHER_CTX_set_padding (&sess->ctx, 0) == 0)
return ckr_openssl ();
- sess->padding_size = padding ? EVP_CIPHER_block_size (type) : 0;
sess->encrypting = encrypt;
sess->state = NSCS_INITIALIZED;
return CKR_OK;
@@ -341,7 +369,7 @@ symm_cipher_update (struct ncr_symm_cipher_session *sess, bool encrypt,
if (dest == NULL)
{
- *dest_size_ptr = src_size + sess->padding_size;
+ *dest_size_ptr = src_size;
return CKR_OK;
}
if (*dest_size_ptr < src_size) /* FIXME? this does not handle partial data */
@@ -377,10 +405,9 @@ do_symm_cipher_update_final (struct ncr_symm_cipher_session *sess,
if (dest == NULL)
{
- *dest_size_ptr = src_size + sess->padding_size;
+ *dest_size_ptr = src_size;
return CKR_OK;
}
- /* FIXME? this does not handle partial data or padding. */
if (*dest_size_ptr < src_size)
{
*dest_size_ptr = src_size;
diff --git a/tests/symm_ciphers.c b/tests/symm_ciphers.c
index 1995eeb..27a9752 100644
--- a/tests/symm_ciphers.c
+++ b/tests/symm_ciphers.c
@@ -26,6 +26,7 @@ POSSIBILITY OF SUCH DAMAGE.
Red Hat author: Miloslav Trmač <mitr@redhat.com> */
#include <assert.h>
+#include <stdbool.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
@@ -48,7 +49,6 @@ struct tv
size_t output_size;
};
-/* FIXME: Test CBC_PAD as well. */
static const struct tv tvs[] =
{
#define TV(M, GM, K, KEY, IV, IN, OUT) \
@@ -110,7 +110,7 @@ main (void)
res = ncr_symm_cipher_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_create (&key, tvs[i].key_type, tvs[i].key,
+ res = ncr_symm_key_create (&key, tvs[i].key_type, true, tvs[i].key,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -165,7 +165,7 @@ main (void)
res = ncr_symm_cipher_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_create (&key, tvs[i].key_type, tvs[i].key,
+ res = ncr_symm_key_create (&key, tvs[i].key_type, true, tvs[i].key,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -206,7 +206,8 @@ main (void)
res = ncr_symm_cipher_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_generate (&key, tvs[i].key_gen_mech, tvs[i].key_size);
+ res = ncr_symm_key_generate (&key, tvs[i].key_gen_mech, true,
+ tvs[i].key_size);
assert (res == CKR_OK);
for (j = 0; j < 2; j++)
@@ -258,7 +259,8 @@ main (void)
res = ncr_symm_cipher_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_generate (&key, tvs[i].key_gen_mech, tvs[i].key_size);
+ res = ncr_symm_key_generate (&key, tvs[i].key_gen_mech, true,
+ tvs[i].key_size);
assert (res == CKR_OK);
for (j = 0; j < 2; j++)
diff --git a/tests/symm_keys.c b/tests/symm_keys.c
new file mode 100644
index 0000000..aee5396
--- /dev/null
+++ b/tests/symm_keys.c
@@ -0,0 +1,135 @@
+/* ncr_symm_key_* tests.
+
+Copyright 2010 Red Hat, Inc.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice, this
+ list of conditions and the following disclaimer.
+
+2. Redistributions in binary form must reproduce the above copyright notice,
+ this list of conditions and the following disclaimer in the documentation
+ and/or other materials provided with the distribution.
+
+THIS SOFTWARE IS PROVIDED BY CONTRIBUTORS ``AS IS'' AND ANY EXPRESS OR IMPLIED
+WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+EVENT SHALL CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR
+BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER
+IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGE.
+
+Red Hat author: Miloslav Trmač <mitr@redhat.com> */
+
+#include <assert.h>
+#include <stdbool.h>
+#include <stdint.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <glib.h>
+#include <ncrypto/ncrypto.h>
+
+static void
+log_silent (const gchar *log_domain, GLogLevelFlags log_level,
+ const gchar *message, gpointer user_data)
+{
+ (void)log_domain;
+ (void)log_level;
+ (void)message;
+ (void)user_data;
+}
+
+static void
+check_set_sentitive_failure (struct ncr_symm_key *key)
+{
+ uint8_t dest[256];
+ size_t dest_size;
+ CK_RV res;
+
+ /* Extraction of a sensitive value is a programming error, so we complain to
+ stderr. Hide this in the test output. */
+
+ g_log_set_default_handler (log_silent, NULL);
+
+ dest_size = sizeof (dest);
+ res = ncr_symm_key_export (key, dest, &dest_size);
+ assert (res == CKR_ATTRIBUTE_SENSITIVE);
+
+ g_log_set_default_handler (g_log_default_handler, NULL);
+}
+
+int
+main (void)
+{
+ static const uint8_t input[32]
+ = "\x00\x01\x02\x03\x04\x05\x06\x07\x08\x09\x0A\x0B\x0C\x0D\x0E\x0F\x10\x11\x12\x13\x14\x15\x16\x17\x18\x19\x1A\x1B\x1C\x1D\x1E\x1F";
+
+ uint8_t dest[256];
+ size_t dest_size;
+ struct ncr_symm_key *key;
+ CK_RV res;
+
+ res = ncr_symm_key_create (&key, CKK_AES, false, input, sizeof (input));
+ assert (res == CKR_OK);
+
+ dest_size = sizeof (dest);
+ res = ncr_symm_key_export (key, dest, &dest_size);
+ assert (res == CKR_OK);
+ assert (dest_size == sizeof (input));
+ assert (memcmp (dest, input, dest_size) == 0);
+
+ res = ncr_symm_key_set_sensitive (key);
+ assert (res == CKR_OK);
+
+ res = ncr_symm_key_set_sensitive (key);
+ assert (res == CKR_OK);
+
+ check_set_sentitive_failure (key);
+
+ res = ncr_symm_key_destroy (key);
+ assert (res == CKR_OK);
+
+
+ res = ncr_symm_key_create (&key, CKK_AES, true, input, sizeof (input));
+ assert (res == CKR_OK);
+
+ check_set_sentitive_failure (key);
+
+ res = ncr_symm_key_destroy (key);
+ assert (res == CKR_OK);
+
+
+ res = ncr_symm_key_generate (&key, CKM_AES_KEY_GEN, false, sizeof (input));
+ assert (res == CKR_OK);
+
+ dest_size = sizeof (dest);
+ res = ncr_symm_key_export (key, dest, &dest_size);
+ assert (res == CKR_OK);
+ assert (dest_size == sizeof (input));
+
+ res = ncr_symm_key_set_sensitive (key);
+ assert (res == CKR_OK);
+
+ res = ncr_symm_key_set_sensitive (key);
+ assert (res == CKR_OK);
+
+ check_set_sentitive_failure (key);
+
+ res = ncr_symm_key_destroy (key);
+ assert (res == CKR_OK);
+
+
+ res = ncr_symm_key_generate (&key, CKM_AES_KEY_GEN, true, sizeof (input));
+ assert (res == CKR_OK);
+
+ check_set_sentitive_failure (key);
+
+ res = ncr_symm_key_destroy (key);
+ assert (res == CKR_OK);
+ return EXIT_SUCCESS;
+}
diff --git a/tests/symm_signatures.c b/tests/symm_signatures.c
index 003d19d..d53eeef 100644
--- a/tests/symm_signatures.c
+++ b/tests/symm_signatures.c
@@ -26,6 +26,7 @@ POSSIBILITY OF SUCH DAMAGE.
Red Hat author: Miloslav Trmač <mitr@redhat.com> */
#include <assert.h>
+#include <stdbool.h>
#include <stdint.h>
#include <stdlib.h>
#include <string.h>
@@ -81,7 +82,7 @@ main (void)
res = ncr_symm_signature_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, tvs[i].key,
+ res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, true, tvs[i].key,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -132,7 +133,7 @@ main (void)
res = ncr_symm_signature_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, tvs[i].key,
+ res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, true, tvs[i].key,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -225,7 +226,7 @@ main (void)
res = ncr_symm_signature_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, tvs[i].key,
+ res = ncr_symm_key_create (&key, CKK_GENERIC_SECRET, true, tvs[i].key,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -269,7 +270,7 @@ main (void)
res = ncr_symm_signature_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_generate (&key, CKM_GENERIC_SECRET_KEY_GEN,
+ res = ncr_symm_key_generate (&key, CKM_GENERIC_SECRET_KEY_GEN, true,
tvs[i].key_size);
assert (res == CKR_OK);
@@ -318,7 +319,7 @@ main (void)
res = ncr_symm_signature_alloc (&sess, tvs[i].mech);
assert (res == CKR_OK);
- res = ncr_symm_key_generate (&key, CKM_GENERIC_SECRET_KEY_GEN,
+ res = ncr_symm_key_generate (&key, CKM_GENERIC_SECRET_KEY_GEN, true,
tvs[i].key_size);
assert (res == CKR_OK);
generated by cgit (git 2.34.1) at 2024-05-11 00:22:07 +0000