Update upstream source from tag 'upstream/1.2.0'
Update to upstream version '1.2.0'
with Debian dir da29debf68a64a2dff502b86219f114e6c3eab91
Mathieu Malaterre
3 years ago
0 | Changes 1.2.0 | |
1 | * enhancement: kcapi-hasher: add madvise and 64 bit support by Brandur Simonsen | |
2 | * fix: fix clang warnding in KDF implementation by Khem Raj | |
3 | * fix: fix inverted logic in kcapi-main test logic reported by Ondrej Mosnáček | |
4 | * fix: return error when iteration count is zero for PBKDF as reported by | |
5 | Guido Vranken | |
6 | * enhancement: add function kcapi_cipher_stream_update_last to indicate the | |
7 | last block of a symmetric cipher stream operation | |
8 | * disable XTS multithreaded tests as it triggers a race discussed in | |
9 | https://github.com/smuellerDD/libkcapi/issues/92. The conclusion is | |
10 | the following: xts(aes) doesn't support chaining requests like for other | |
11 | ciphers such as CBC (at least as implemented in the kernel Crypto API). | |
12 | That can be seen in `crypto/testmgr.h` - the ciphers that are expected to | |
13 | return IVs usable for chaining have the `.iv_out` entries filled in in their | |
14 | test vectors (and those that don't support it do not). One can see that only | |
15 | CTR and CBC test vectors have them, not XTS. | |
16 | Looking again at how XTS is defined, it seems one could implement | |
17 | transparent chaining by simply decrypting the final tweak using the tweak | |
18 | key and return it as the output IV... but I believe this has never been | |
19 | mandated nor implemented in the Crypto API (likely because of the overhead | |
20 | of the final tweak decryption, which would be pointless if you're not going | |
21 | to use the output IV - and there is currently no way to signal to the driver | |
22 | that you are going to need it). | |
23 | * disable AIO parallel tests due to undefined behavior | |
24 | ||
0 | 25 | Changes 1.1.5 |
1 | 26 | * Fix invocation of ansi_cprng in FIPS mode during testing |
2 | 27 | * Fix testing on kernels >= 5.0 |
0 | Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
0 | Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
1 | 1 | |
2 | 2 | Redistribution and use in source and binary forms, with or without |
3 | 3 | modification, are permitted provided that the following conditions |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
34 | 34 | static unsigned int verbosity = KCAPI_LOG_NONE; |
35 | 35 | static char appname[16]; |
36 | 36 | |
37 | static uint8_t hex_char(unsigned int bin, int u) | |
38 | { | |
39 | uint8_t hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7', | |
37 | static char hex_char(unsigned int bin, int u) | |
38 | { | |
39 | char hex_char_map_l[] = { '0', '1', '2', '3', '4', '5', '6', '7', | |
40 | 40 | '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; |
41 | uint8_t hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7', | |
41 | char hex_char_map_u[] = { '0', '1', '2', '3', '4', '5', '6', '7', | |
42 | 42 | '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' }; |
43 | 43 | if (bin < sizeof(hex_char_map_l)) |
44 | 44 | return (u) ? hex_char_map_u[bin] : hex_char_map_l[bin]; |
54 | 54 | * twice binlen -- if not, only a fraction of binlen is converted) |
55 | 55 | * @u [in] case of hex characters (0=>lower case, 1=>upper case) |
56 | 56 | */ |
57 | void bin2hex(const uint8_t *bin, uint32_t binlen, | |
58 | char *hex, uint32_t hexlen, int u) | |
57 | void bin2hex(const uint8_t *bin, size_t binlen, | |
58 | char *hex, size_t hexlen, int u) | |
59 | 59 | { |
60 | 60 | uint32_t i = 0; |
61 | uint32_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen; | |
61 | size_t chars = (binlen > (hexlen / 2)) ? (hexlen / 2) : binlen; | |
62 | 62 | |
63 | 63 | for (i = 0; i < chars; i++) { |
64 | 64 | hex[(i*2)] = hex_char((bin[i] >> 4), u); |
66 | 66 | } |
67 | 67 | } |
68 | 68 | |
69 | void bin2print(const uint8_t *bin, uint32_t binlen, | |
69 | void bin2print(const uint8_t *bin, size_t binlen, | |
70 | 70 | const char *filename, FILE *outfile, uint32_t lfcr) |
71 | 71 | { |
72 | 72 | char *hex; |
73 | uint32_t hexlen = binlen * 2 + 1; | |
73 | size_t hexlen = binlen * 2 + 1; | |
74 | 74 | |
75 | 75 | hex = calloc(1, hexlen); |
76 | 76 | if (!hex) |
77 | 77 | return; |
78 | 78 | bin2hex(bin, binlen, hex, hexlen - 1 , 0); |
79 | 79 | /* fipshmac does not want the file name :-( */ |
80 | if (outfile != stdout) { | |
81 | if (lfcr) | |
82 | fprintf(outfile, "%s\n", hex); | |
80 | if (outfile != stdout) | |
81 | fprintf(outfile, "%s", hex); | |
82 | else | |
83 | if (filename) | |
84 | fprintf(outfile, "%s %s", hex, filename); | |
83 | 85 | else |
84 | 86 | fprintf(outfile, "%s", hex); |
85 | } else { | |
86 | if (filename) { | |
87 | if (lfcr) | |
88 | fprintf(outfile, "%s %s\n", hex, filename); | |
89 | else | |
90 | fprintf(outfile, "%s %s", hex, filename); | |
91 | } else { | |
92 | if (lfcr) | |
93 | fprintf(outfile, "%s\n", hex); | |
94 | else | |
95 | fprintf(outfile, "%s", hex); | |
96 | } | |
97 | } | |
87 | ||
88 | if (lfcr == 1) | |
89 | fputc(0x0a, outfile); | |
90 | if (lfcr == 2) | |
91 | fputc(0x00, outfile); | |
92 | ||
98 | 93 | free(hex); |
99 | 94 | } |
100 | 95 | |
155 | 150 | verbosity = level; |
156 | 151 | } |
157 | 152 | |
158 | static int bin_char(char hex) | |
153 | static uint8_t bin_char(char hex) | |
159 | 154 | { |
160 | 155 | if (48 <= hex && 57 >= hex) |
161 | return (hex - 48); | |
156 | return (uint8_t)(hex - 48); | |
162 | 157 | if (65 <= hex && 70 >= hex) |
163 | return (hex - 55); | |
158 | return (uint8_t)(hex - 55); | |
164 | 159 | if (97 <= hex && 102 >= hex) |
165 | return (hex - 87); | |
160 | return (uint8_t)(hex - 87); | |
166 | 161 | return 0; |
167 | 162 | } |
168 | 163 | |
190 | 185 | } |
191 | 186 | |
192 | 187 | for (i = 0; i < chars; i++) { |
193 | bin[i] = bin_char(hex[(i*2)]) << 4; | |
188 | bin[i] = (uint8_t)(bin_char(hex[(i*2)]) << 4); | |
194 | 189 | bin[i] |= bin_char(hex[((i*2)+1)]); |
195 | 190 | } |
196 | 191 | } |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see COPYING file in root directory |
4 | 4 | * |
48 | 48 | void hex2bin(const char *hex, uint32_t hexlen, uint8_t *bin, uint32_t binlen); |
49 | 49 | int hex2bin_alloc(const char *hex, uint32_t hexlen, |
50 | 50 | uint8_t **bin, uint32_t *binlen); |
51 | void bin2hex(const uint8_t *bin, uint32_t binlen, | |
52 | char *hex, uint32_t hexlen, int u); | |
53 | void bin2print(const uint8_t *bin, uint32_t binlen, | |
51 | void bin2hex(const uint8_t *bin, size_t binlen, | |
52 | char *hex, size_t hexlen, int u); | |
53 | void bin2print(const uint8_t *bin, size_t binlen, | |
54 | 54 | const char *filename, FILE *outfile, uint32_t lfcr); |
55 | 55 | int read_complete(int fd, uint8_t *buf, uint32_t buflen); |
56 | 56 | int check_filetype(int fd, struct stat *sb, const char *filename); |
0 | .\" Copyright (c) 2017 - 2019 by Stephan Mueller (smueller@chronox.de) | |
0 | .\" Copyright (c) 2017 - 2020 by Stephan Mueller (smueller@chronox.de) | |
1 | 1 | .\" |
2 | 2 | .\" Permission is granted to make and distribute verbatim copies of this |
3 | 3 | .\" manual provided the copyright notice and this permission notice are |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | .\" Copyright (c) 2017 - 2019 by Stephan Mueller (smueller@chronox.de) | |
0 | .\" Copyright (c) 2017 - 2020 by Stephan Mueller (smueller@chronox.de) | |
1 | 1 | .\" |
2 | 2 | .\" Permission is granted to make and distribute verbatim copies of this |
3 | 3 | .\" manual provided the copyright notice and this permission notice are |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
66 | 66 | struct iovec *iov, uint32_t iovlen); |
67 | 67 | int32_t (*func_stream_update)(struct kcapi_handle *handle, |
68 | 68 | struct iovec *iov, uint32_t iovlen); |
69 | int32_t (*func_stream_update_last)(struct kcapi_handle *handle, | |
70 | struct iovec *iov, uint32_t iovlen); | |
69 | 71 | int32_t (*func_stream_op)(struct kcapi_handle *handle, |
70 | 72 | struct iovec *iov, uint32_t iovlen); |
71 | 73 | uint32_t (*func_blocksize)(struct kcapi_handle *handle); |
224 | 226 | int outfd, uint32_t outsize, uint32_t offset, |
225 | 227 | uint32_t unpad) |
226 | 228 | { |
227 | if (opts->aad) { | |
228 | /* Tell kernel that we have sent all data */ | |
229 | int ret = kcapi_aead_stream_update_last(handle, NULL, 0); | |
230 | ||
231 | if (ret < 0) | |
232 | return ret; | |
233 | } | |
229 | /* Tell kernel that we have sent all data */ | |
230 | int ret = opts->func_stream_update_last(handle, NULL, 0); | |
231 | if (ret < 0) | |
232 | return ret; | |
234 | 233 | |
235 | 234 | /* send generated data to stdout */ |
236 | 235 | if (outfd == STDOUT_FD) |
603 | 602 | goto out; |
604 | 603 | } |
605 | 604 | |
606 | if (outfd != STDOUT_FD) { | |
605 | if (outfd != STDOUT_FD && insb.st_size) { | |
607 | 606 | uint8_t padbyte; |
608 | 607 | |
609 | 608 | outsize = outbufsize(handle, opts, insb.st_size); |
1107 | 1106 | opts.func_stream_init_enc = kcapi_aead_stream_init_enc; |
1108 | 1107 | opts.func_stream_init_dec = kcapi_aead_stream_init_dec; |
1109 | 1108 | opts.func_stream_update = kcapi_aead_stream_update; |
1109 | opts.func_stream_update_last = kcapi_aead_stream_update_last; | |
1110 | 1110 | opts.func_stream_op = kcapi_aead_stream_op; |
1111 | 1111 | opts.func_blocksize = kcapi_aead_blocksize; |
1112 | 1112 | } else { |
1116 | 1116 | opts.func_stream_init_enc = kcapi_cipher_stream_init_enc; |
1117 | 1117 | opts.func_stream_init_dec = kcapi_cipher_stream_init_dec; |
1118 | 1118 | opts.func_stream_update = kcapi_cipher_stream_update; |
1119 | opts.func_stream_update_last = kcapi_cipher_stream_update_last; | |
1119 | 1120 | opts.func_stream_op = kcapi_cipher_stream_op; |
1120 | 1121 | opts.func_blocksize = kcapi_cipher_blocksize; |
1121 | 1122 | } |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2019, Red Hat, Inc. All rights reserved. | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2020, Red Hat, Inc. All rights reserved. | |
3 | 3 | * |
4 | 4 | * License: see LICENSE file in root directory |
5 | 5 | * |
55 | 55 | #include <dlfcn.h> |
56 | 56 | #include <libgen.h> |
57 | 57 | #include <limits.h> |
58 | #include <inttypes.h> | |
58 | 59 | |
59 | 60 | #include <kcapi.h> |
60 | 61 | |
72 | 73 | struct hash_key { |
73 | 74 | const char *checkdir; |
74 | 75 | const uint8_t *data; |
75 | uint32_t len; | |
76 | off_t len; | |
76 | 77 | }; |
77 | 78 | |
78 | 79 | struct hash_params { |
80 | 81 | struct hash_key key; |
81 | 82 | uint32_t hashlen; |
82 | 83 | int bsd_style; |
84 | uint32_t newline; | |
83 | 85 | }; |
84 | 86 | |
85 | 87 | static const struct hash_name NAMES_MD5[2] = { |
151 | 153 | fprintf(stderr, "\t --tag\t\tCreate a BSD-style checksum\n"); |
152 | 154 | fprintf(stderr, "\t-d\t\t\tCheck directory for fipshmac; otherwise ignored\n"); |
153 | 155 | fprintf(stderr, "\t-b, -P\t\t\tCompatibility hmaccalc options; ignored\n"); |
156 | fprintf(stderr, "\t-z\t\t\tNUL line termination\n"); | |
154 | 157 | fprintf(stderr, "\t --help\t\tPrint this help text\n"); |
155 | 158 | fprintf(stderr, "\t-v --version\t\tShow version\n"); |
156 | 159 | } |
165 | 168 | fprintf(stderr, "%s: %s\n", basename(name), version); |
166 | 169 | } |
167 | 170 | |
168 | static int mmap_file(const char *filename, uint8_t **memory, uint32_t *size) | |
171 | static int mmap_file(const char *filename, uint8_t **memory, off_t *size, | |
172 | size_t *mapped, off_t offset) | |
169 | 173 | { |
170 | 174 | int fd = -1; |
171 | 175 | int ret = 0; |
178 | 182 | return -EIO; |
179 | 183 | } |
180 | 184 | |
181 | ret = check_filetype(fd, &sb, filename); | |
182 | if (ret) | |
185 | if (*size) { | |
186 | if ((*size - offset) < (off_t)*mapped ) | |
187 | *mapped = (size_t)(*size - offset); | |
188 | } else { | |
189 | ret = check_filetype(fd, &sb, filename); | |
190 | if (ret) | |
191 | goto out; | |
192 | *size = sb.st_size; | |
193 | if (*size <= (off_t)*mapped) { | |
194 | *mapped = (size_t)*size; | |
195 | if (*size == 0) | |
196 | goto out; | |
197 | } | |
198 | } | |
199 | ||
200 | *memory = mmap(NULL, *mapped, PROT_READ, MAP_PRIVATE | MAP_POPULATE, fd, | |
201 | offset); | |
202 | if (*memory == MAP_FAILED) { | |
203 | *memory = NULL; | |
204 | ret = -errno; | |
183 | 205 | goto out; |
184 | ||
185 | *memory = NULL; | |
186 | *size = sb.st_size; | |
187 | ||
188 | if (sb.st_size) { | |
189 | *memory = mmap(NULL, sb.st_size, PROT_READ, MAP_SHARED, fd, 0); | |
190 | if (*memory == MAP_FAILED) | |
191 | { | |
192 | *memory = NULL; | |
193 | fprintf(stderr, "Use of mmap failed\n"); | |
194 | ret = -ENOMEM; | |
195 | goto out; | |
196 | } | |
197 | } | |
206 | } | |
207 | madvise(*memory, *mapped, MADV_SEQUENTIAL | MADV_WILLNEED); | |
208 | ||
198 | 209 | out: |
199 | 210 | close(fd); |
200 | 211 | return ret; |
201 | 212 | } |
202 | 213 | |
203 | static int load_file(const char *filename, uint8_t **memory, uint32_t *size) | |
214 | static int load_file(const char *filename, uint8_t **memory, off_t *size) | |
204 | 215 | { |
205 | 216 | int fd = -1; |
206 | 217 | int ret = 0; |
207 | 218 | uint8_t *buffer = NULL; |
208 | 219 | uint32_t buffer_size = 4096; |
209 | size_t offset = 0; | |
220 | off_t offset = 0; | |
210 | 221 | ssize_t rdbytes; |
211 | 222 | |
212 | 223 | fd = open(filename, O_RDONLY | O_CLOEXEC); |
231 | 242 | goto out; |
232 | 243 | } |
233 | 244 | |
234 | offset += (size_t)rdbytes; | |
235 | if (offset == buffer_size) { | |
245 | offset += (off_t)rdbytes; | |
246 | if (offset == (off_t)buffer_size) { | |
236 | 247 | uint8_t *new_buffer; |
237 | 248 | |
238 | 249 | if (buffer_size == UINT32_MAX) { |
256 | 267 | } |
257 | 268 | |
258 | 269 | *memory = buffer; |
259 | *size = (uint32_t)offset; | |
270 | *size = offset; | |
260 | 271 | |
261 | 272 | close(fd); |
262 | 273 | return 0; |
271 | 282 | static int hasher(struct kcapi_handle *handle, const struct hash_params *params, |
272 | 283 | const char *filename, const char *comphash, uint32_t comphashlen, |
273 | 284 | FILE *outfile) |
274 | { | |
285 | { | |
286 | /* Mapping file in 16M segments */ | |
287 | size_t mapped = 16<<20; | |
288 | off_t offset = 0, size = 0; | |
289 | uint32_t hashlen = params->hashlen; | |
275 | 290 | int ret = 0; |
276 | 291 | uint8_t *memblock = NULL; |
277 | 292 | uint8_t *memblock_p; |
278 | uint32_t size, left, hashlen = params->hashlen; | |
279 | 293 | uint8_t md[64]; |
280 | 294 | |
281 | 295 | if (filename) { |
282 | ret = mmap_file(filename, &memblock, &size); | |
283 | if (ret) | |
284 | goto out; | |
285 | /* Compute hash */ | |
286 | memblock_p = memblock; | |
287 | left = size; | |
288 | while (left) { | |
289 | uint32_t todo = (left > INT_MAX) ? INT_MAX : left; | |
290 | ||
291 | ret = kcapi_md_update(handle, memblock_p, todo); | |
292 | if (ret < 0) | |
296 | do { | |
297 | ret = mmap_file(filename, &memblock, &size, &mapped, | |
298 | offset); | |
299 | if (ret) { | |
300 | fprintf(stderr, | |
301 | "Use of mmap failed mapping %zu bytes at offset %" PRId64 " of file %s (%d)\n", | |
302 | mapped, (int64_t)offset, filename, ret); | |
293 | 303 | goto out; |
294 | left -= todo; | |
295 | memblock_p += todo; | |
296 | } | |
304 | } | |
305 | /* Compute hash */ | |
306 | memblock_p = memblock; | |
307 | size_t left = mapped; | |
308 | do { | |
309 | uint32_t todo = (left > INT_MAX) ? | |
310 | INT_MAX : (uint32_t)left; | |
311 | ||
312 | ret = kcapi_md_update(handle, memblock_p, todo); | |
313 | if (ret < 0) | |
314 | goto out; | |
315 | left -= todo; | |
316 | memblock_p += todo; | |
317 | } while (left); | |
318 | munmap(memblock, mapped); | |
319 | offset = offset + mapped; | |
320 | } while (offset ^ size); | |
297 | 321 | } else { |
298 | 322 | uint8_t tmpbuf[TMPBUFLEN] __aligned(KCAPI_APP_ALIGN); |
299 | size_t bufsize; | |
323 | uint32_t bufsize; | |
300 | 324 | |
301 | 325 | while ((bufsize = |
302 | fread(tmpbuf, sizeof(uint8_t), TMPBUFLEN, stdin))) { | |
326 | (uint32_t)fread(tmpbuf, sizeof(uint8_t), TMPBUFLEN, | |
327 | stdin))) { | |
303 | 328 | |
304 | 329 | ret = kcapi_md_update(handle, tmpbuf, bufsize); |
305 | 330 | if (ret < 0) |
332 | 357 | ret = 0; |
333 | 358 | } else { |
334 | 359 | if (outfile == NULL) { /* only print hash (hmaccalc -S) */ |
335 | bin2print(md, hashlen, NULL, stdout, 1); | |
360 | bin2print(md, hashlen, NULL, stdout, | |
361 | params->newline); | |
336 | 362 | } else if (params->bsd_style) { |
337 | fprintf(outfile, "%s (%s) = ", params->name.bsdname, | |
363 | fprintf(outfile, "%s (%s) = ", | |
364 | params->name.bsdname, | |
338 | 365 | filename ? filename : "-"); |
339 | bin2print(md, hashlen, NULL, outfile, 1); | |
366 | bin2print(md, hashlen, NULL, outfile, | |
367 | params->newline); | |
340 | 368 | } else { |
341 | 369 | bin2print(md, hashlen, filename ? filename : "-", |
342 | outfile, 1); | |
370 | outfile, params->newline); | |
343 | 371 | } |
344 | 372 | ret = 0; |
345 | 373 | } |
350 | 378 | |
351 | 379 | out: |
352 | 380 | if (memblock) |
353 | munmap(memblock, size); | |
381 | munmap(memblock, mapped); | |
354 | 382 | |
355 | 383 | return ret; |
356 | 384 | } |
385 | 413 | static char *get_hmac_file(const char *filename, const char *checkdir) |
386 | 414 | { |
387 | 415 | size_t i, filelen, pathlen, namelen, basenamestart = 0; |
388 | size_t prefixlen = strlen(CHECK_PREFIX); | |
416 | const char *check_prefix = CHECK_PREFIX; | |
417 | size_t prefixlen = strlen(check_prefix); | |
389 | 418 | size_t suffixlen = strlen(CHECK_SUFFIX); |
390 | 419 | char *cursor, *checkfile = NULL; |
420 | ||
421 | if (prefixlen == 0 && checkdir == NULL) { | |
422 | check_prefix = "."; | |
423 | prefixlen = 1; | |
424 | } | |
391 | 425 | |
392 | 426 | filelen = strlen(filename); |
393 | 427 | if (filelen > 4096) { |
414 | 448 | } else if (pathlen > 0) |
415 | 449 | cursor = paste(cursor, filename, pathlen); |
416 | 450 | |
417 | cursor = paste(cursor, CHECK_PREFIX, prefixlen); | |
451 | cursor = paste(cursor, check_prefix, prefixlen); | |
418 | 452 | cursor = paste(cursor, filename + basenamestart, namelen); |
419 | 453 | cursor = paste(cursor, "."CHECK_SUFFIX, 1 + suffixlen); |
420 | 454 | strncpy(cursor, "\0", 1); |
438 | 472 | return -EFAULT; |
439 | 473 | } |
440 | 474 | if (params->key.data) { |
441 | ret = kcapi_md_setkey(handle, params->key.data, params->key.len); | |
475 | ret = kcapi_md_setkey(handle, params->key.data, | |
476 | (uint32_t)params->key.len); | |
442 | 477 | if (ret) { |
443 | 478 | fprintf(stderr, "Setting HMAC key for %s failed (%d)\n", |
444 | 479 | hashname, ret); |
511 | 546 | return -EFAULT; |
512 | 547 | } |
513 | 548 | if (params->key.data) { |
514 | ret = kcapi_md_setkey(handle, params->key.data, params->key.len); | |
549 | ret = kcapi_md_setkey(handle, params->key.data, | |
550 | (uint32_t)params->key.len); | |
515 | 551 | if (ret) { |
516 | 552 | fprintf(stderr, "Setting HMAC key for %s failed (%d)\n", |
517 | 553 | hashname, ret); |
531 | 567 | char *filename = NULL; // parsed file name |
532 | 568 | char *hexhash = NULL; // parsed hex value of hash |
533 | 569 | uint32_t hexhashlen = 0; // length of hash hex value |
534 | uint32_t linelen = strlen(buf); | |
570 | uint32_t linelen = (uint32_t)strlen(buf); | |
535 | 571 | uint32_t i; |
536 | 572 | uint32_t bsd_style = 0; // >0 if --tag formatted style |
537 | 573 | |
668 | 704 | #define BUFSIZE 4096 |
669 | 705 | char selfname[BUFSIZE]; |
670 | 706 | char *names[] = { selfname }; |
671 | int32_t selfnamesize = 0; | |
707 | ssize_t selfnamesize = 0; | |
672 | 708 | Dl_info info; |
673 | 709 | void *dl = NULL, *sym; |
674 | 710 | |
693 | 729 | } |
694 | 730 | } |
695 | 731 | |
696 | n = fread((void *)fipsflag, 1, 1, fipsfile); | |
732 | n = (uint32_t)fread((void *)fipsflag, 1, 1, fipsfile); | |
697 | 733 | fclose(fipsfile); |
698 | 734 | if (n != 1) { |
699 | 735 | fprintf(stderr, "Cannot read FIPS flag\n"); |
796 | 832 | .key = { NULL, NULL, 0 }, |
797 | 833 | .hashlen = 0, |
798 | 834 | .bsd_style = 0, |
835 | .newline = 1, | |
799 | 836 | }; |
800 | 837 | const struct hash_params *params_self; |
801 | 838 | char *basec = NULL; |
802 | 839 | const char *basen = NULL; |
803 | 840 | int ret = -EFAULT; |
841 | /* File memory-mapping size limit set at 64MB in 32bit and 1GB in 64bit virtual memory space */ | |
842 | size_t mapped = (sizeof(void*) == 4) ? 64<<20 : 1<<30; | |
804 | 843 | |
805 | 844 | char *checkfile = NULL; |
806 | 845 | const char *targetfile = NULL; |
820 | 859 | {0, 0, 0, 0} |
821 | 860 | }; |
822 | 861 | |
823 | static const char *opts_short = "c:uh:t:SLqk:K:vbd:P"; | |
862 | static const char *opts_short = "c:uh:t:SLqk:K:vbd:Pz"; | |
824 | 863 | static const struct option opts[] = { |
825 | 864 | {"help", 0, 0, 0}, |
826 | 865 | {"tag", 0, 0, 0}, |
923 | 962 | params_self = &PARAMS_SELF_HMACCALC; |
924 | 963 | } else { |
925 | 964 | fprintf(stderr, "Unknown invocation name: %s\n", basen); |
965 | usage(argv[0], fipscheck); | |
926 | 966 | ret = 1; |
927 | 967 | goto out; |
928 | 968 | } |
961 | 1001 | case 'u': |
962 | 1002 | if (hmackey_alloc) { |
963 | 1003 | kcapi_memset_secure(hmackey_alloc, 0, |
964 | params.key.len); | |
1004 | (uint32_t)params.key.len); | |
965 | 1005 | free(hmackey_alloc); |
966 | 1006 | hmackey_alloc = NULL; |
967 | 1007 | } else if (hmackey_mmap) { |
1015 | 1055 | case 'k': |
1016 | 1056 | if (hmackey_alloc) { |
1017 | 1057 | kcapi_memset_secure(hmackey_alloc, 0, |
1018 | params.key.len); | |
1058 | (uint32_t)params.key.len); | |
1019 | 1059 | free(hmackey_alloc); |
1020 | 1060 | hmackey_alloc = NULL; |
1021 | 1061 | } else if (hmackey_mmap) { |
1022 | 1062 | munmap(hmackey_mmap, params.key.len); |
1023 | 1063 | hmackey_mmap = NULL; |
1024 | 1064 | } |
1025 | ret = mmap_file(optarg, &hmackey_mmap, ¶ms.key.len); | |
1065 | params.key.len = 0; | |
1066 | ret = mmap_file(optarg, &hmackey_mmap, | |
1067 | ¶ms.key.len, | |
1068 | &mapped, 0); | |
1026 | 1069 | if (!ret) { |
1027 | 1070 | params.key.data = hmackey_mmap; |
1028 | 1071 | hmac = 1; |
1029 | 1072 | break; |
1030 | 1073 | } |
1031 | 1074 | /* fallback to normal file I/O: */ |
1032 | ret = load_file(optarg, &hmackey_alloc, ¶ms.key.len); | |
1075 | ret = load_file(optarg, &hmackey_alloc, | |
1076 | ¶ms.key.len); | |
1033 | 1077 | if (ret) { |
1034 | 1078 | ret = 1; |
1035 | 1079 | goto out; |
1040 | 1084 | case 'K': |
1041 | 1085 | if (hmackey_alloc) { |
1042 | 1086 | kcapi_memset_secure(hmackey_alloc, 0, |
1043 | params.key.len); | |
1087 | (uint32_t)params.key.len); | |
1044 | 1088 | free(hmackey_alloc); |
1045 | 1089 | hmackey_alloc = NULL; |
1046 | 1090 | } else if (hmackey_mmap) { |
1068 | 1112 | case 'P': |
1069 | 1113 | /* Compatibility options, just ignore */ |
1070 | 1114 | break; |
1115 | case 'z': | |
1116 | params.newline = 2; | |
1117 | break; | |
1071 | 1118 | default: |
1072 | 1119 | usage(argv[0], fipscheck); |
1073 | 1120 | ret = 1; |
1127 | 1174 | } |
1128 | 1175 | |
1129 | 1176 | if (!checkfile) |
1130 | ret = hash_files(¶ms, argv + optind, (argc - optind), | |
1177 | ret = hash_files(¶ms, argv + optind, | |
1178 | (uint32_t)(argc - optind), | |
1131 | 1179 | fipshmac, checkdir, 0); |
1132 | 1180 | else if (optind == argc) |
1133 | 1181 | ret = process_checkfile(¶ms, checkfile, targetfile, loglevel); |
1143 | 1191 | if (checkfile) |
1144 | 1192 | free(checkfile); |
1145 | 1193 | if (hmackey_alloc) { |
1146 | kcapi_memset_secure(hmackey_alloc, 0, params.key.len); | |
1194 | kcapi_memset_secure(hmackey_alloc, 0, (uint32_t)params.key.len); | |
1147 | 1195 | free(hmackey_alloc); |
1148 | 1196 | } else if (hmackey_mmap) { |
1149 | 1197 | munmap(hmackey_mmap, params.key.len); |
0 | .\" Copyright (c) 2017 - 2019 by Stephan Mueller (smueller@chronox.de) | |
0 | .\" Copyright (c) 2017 - 2020 by Stephan Mueller (smueller@chronox.de) | |
1 | 1 | .\" |
2 | 2 | .\" Permission is granted to make and distribute verbatim copies of this |
3 | 3 | .\" manual provided the copyright notice and this permission notice are |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see COPYING file in root directory |
4 | 4 | * |
9 | 9 | dnl enhancements, bug fixes only. Versions with |
10 | 10 | dnl a decimal point are pre-releases. |
11 | 11 | m4_define([__KCAPI_MAJVERSION], [1]) |
12 | m4_define([__KCAPI_MINVERSION], [1]) | |
13 | m4_define([__KCAPI_PATCHLEVEL], [5]) | |
12 | m4_define([__KCAPI_MINVERSION], [2]) | |
13 | m4_define([__KCAPI_PATCHLEVEL], [0]) | |
14 | 14 | m4_define([KCAPI_VERSION], [__KCAPI_MAJVERSION.__KCAPI_MINVERSION.__KCAPI_PATCHLEVEL]) |
15 | 15 | |
16 | 16 | AC_INIT([libkcapi], [KCAPI_VERSION]) |
157 | 157 | AC_DEFINE_UNQUOTED(CHECK_DIR,"$CHECK_DIR",[Define to the directory which contains the hmac for a binary.]) |
158 | 158 | ]) |
159 | 159 | |
160 | AC_SYS_LARGEFILE | |
161 | AC_TYPE_OFF_T | |
162 | AC_FUNC_FSEEKO | |
163 | ||
160 | 164 | PKG_INSTALLDIR |
161 | 165 | if test "x$pkgconfigdir" = "x"; then |
162 | 166 | pkgconfigdir="${libdir}/pkgconfig" |
58 | 58 | +/* |
59 | 59 | + * algif_akcipher: User-space interface for asymmetric cipher algorithms |
60 | 60 | + * |
61 | + * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
61 | + * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
62 | 62 | + * |
63 | 63 | + * This file provides the user-space API for asymmetric ciphers. |
64 | 64 | + * |
98 | 98 | +/* |
99 | 99 | + * algif_kpp: User-space interface for key protocol primitives algorithms |
100 | 100 | + * |
101 | + * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
101 | + * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
102 | 102 | + * |
103 | 103 | + * This file provides the user-space API for key protocol primitives. |
104 | 104 | + * |
58 | 58 | +/* |
59 | 59 | + * algif_akcipher: User-space interface for asymmetric cipher algorithms |
60 | 60 | + * |
61 | + * Copyright (C) 2018 - 2019, Stephan Mueller <smueller@chronox.de> | |
61 | + * Copyright (C) 2018 - 2020, Stephan Mueller <smueller@chronox.de> | |
62 | 62 | + * |
63 | 63 | + * This file provides the user-space API for asymmetric ciphers. |
64 | 64 | + * |
98 | 98 | +/* |
99 | 99 | + * algif_kpp: User-space interface for key protocol primitives algorithms |
100 | 100 | + * |
101 | + * Copyright (C) 2018 - 2019, Stephan Mueller <smueller@chronox.de> | |
101 | + * Copyright (C) 2018 - 2020, Stephan Mueller <smueller@chronox.de> | |
102 | 102 | + * |
103 | 103 | + * This file provides the user-space API for key protocol primitives. |
104 | 104 | + * |
0 | 0 | /* |
1 | * Copyright (C) 2018 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2018 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see COPYING file in root directory |
4 | 4 | * |
790 | 790 | !Fkcapi.h kcapi_cipher_stream_init_enc |
791 | 791 | !Fkcapi.h kcapi_cipher_stream_init_dec |
792 | 792 | !Fkcapi.h kcapi_cipher_stream_update |
793 | !Fkcapi.h kcapi_cipher_stream_update_last | |
793 | 794 | !Fkcapi.h kcapi_cipher_stream_op |
794 | 795 | </sect1> |
795 | 796 | <sect1><title>AEAD Cipher API - Generic</title> |
0 | 0 | /* |
1 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see COPYING file in root directory |
4 | 4 | * |
0 | 0 | /* Kernel crypto API AF_ALG AEAD API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG Asymmetric Cipher API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG SP800-108 / SP800-132 KDF API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
53 | 53 | #include "kcapi.h" |
54 | 54 | #include "internal.h" |
55 | 55 | |
56 | static inline uint32_t rol32(uint32_t x, int n) | |
57 | { | |
58 | return ( (x << (n&(32-1))) | (x >> ((32-n)&(32-1))) ); | |
59 | } | |
60 | ||
61 | static inline uint32_t ror32(uint32_t x, int n) | |
62 | { | |
63 | return ( (x >> (n&(32-1))) | (x << ((32-n)&(32-1))) ); | |
64 | } | |
65 | ||
66 | static inline uint32_t _bswap32(uint32_t x) | |
67 | { | |
68 | return ((rol32(x, 8) & 0x00ff00ffL) | (ror32(x, 8) & 0xff00ff00L)); | |
69 | } | |
56 | #ifndef __has_builtin | |
57 | # define __has_builtin(x) 0 | |
58 | #endif | |
70 | 59 | |
71 | 60 | #define GCC_VERSION (__GNUC__ * 10000 \ |
72 | 61 | + __GNUC_MINOR__ * 100 \ |
73 | 62 | + __GNUC_PATCHLEVEL__) |
74 | #if GCC_VERSION >= 40400 | |
63 | #if GCC_VERSION >= 40400 || (defined(__clang__) && __has_builtin(__builtin_bswap32)) | |
75 | 64 | # define __HAVE_BUILTIN_BSWAP32__ |
76 | 65 | #endif |
77 | 66 | |
78 | #ifdef __HAVE_BUILTIN_BSWAP32__ | |
79 | # define _swap32(x) (uint32_t)__builtin_bswap32((uint32_t)(x)) | |
80 | #else | |
81 | # define _swap32(x) _bswap32(x) | |
82 | #endif | |
83 | ||
84 | 67 | /* Endian dependent byte swap operations. */ |
85 | #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ | |
68 | #if __BYTE_ORDER__ == __ORDER_BIG_ENDIAN__ | |
86 | 69 | # define be_bswap32(x) ((uint32_t)(x)) |
87 | 70 | #elif __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__ |
88 | # define be_bswap32(x) _swap32(x) | |
71 | # ifdef __HAVE_BUILTIN_BSWAP32__ | |
72 | # define be_bswap32(x) (uint32_t)__builtin_bswap32((uint32_t)(x)) | |
73 | # else | |
74 | static inline uint32_t rol32(uint32_t x, int n) | |
75 | { | |
76 | return ( (x << (n&(32-1))) | (x >> ((32-n)&(32-1))) ); | |
77 | } | |
78 | ||
79 | static inline uint32_t ror32(uint32_t x, int n) | |
80 | { | |
81 | return ( (x >> (n&(32-1))) | (x << ((32-n)&(32-1))) ); | |
82 | } | |
83 | ||
84 | static inline uint32_t _bswap32(uint32_t x) | |
85 | { | |
86 | return ((rol32(x, 8) & 0x00ff00ffL) | (ror32(x, 8) & 0xff00ff00L)); | |
87 | } | |
88 | # define be_bswap32(x) _bswap32(x) | |
89 | # endif | |
89 | 90 | #else |
90 | #error "Endianess not defined" | |
91 | # error "Endianess not defined" | |
91 | 92 | #endif |
92 | 93 | |
93 | 94 | DSO_PUBLIC |
545 | 546 | if (keylen > INT_MAX) |
546 | 547 | return -EMSGSIZE; |
547 | 548 | |
549 | if (count == 0) | |
550 | return -EINVAL; | |
551 | ||
548 | 552 | err = kcapi_md_init(&handle, hashname, 0); |
549 | 553 | if (err) |
550 | 554 | return err; |
0 | 0 | /* Kernel crypto API AF_ALG interface code |
1 | 1 | * |
2 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG Key-Agreement Protocol Primitives API |
1 | 1 | * |
2 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG Message Digest API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG Random Number Generator API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* Kernel crypto API AF_ALG Symmetric Cipher API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
184 | 184 | } |
185 | 185 | |
186 | 186 | DSO_PUBLIC |
187 | int32_t kcapi_cipher_stream_update_last(struct kcapi_handle *handle, | |
188 | struct iovec *iov, uint32_t iovlen) | |
189 | { | |
190 | if (handle->processed_sg <= handle->flags.alg_max_pages) | |
191 | return _kcapi_common_vmsplice_iov(handle, iov, iovlen, 0); | |
192 | else | |
193 | return _kcapi_common_send_data(handle, iov, iovlen, 0); | |
194 | } | |
195 | ||
196 | DSO_PUBLIC | |
187 | 197 | int32_t kcapi_cipher_stream_op(struct kcapi_handle *handle, |
188 | 198 | struct iovec *iov, uint32_t iovlen) |
189 | 199 | { |
0 | 0 | /* libkcapi Utilities API |
1 | 1 | * |
2 | * Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | * Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | * |
4 | 4 | * License: see COPYING file in root directory |
5 | 5 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see COPYING file in root directory |
4 | 4 | * |
379 | 379 | */ |
380 | 380 | int32_t kcapi_cipher_stream_update(struct kcapi_handle *handle, |
381 | 381 | struct iovec *iov, uint32_t iovlen); |
382 | ||
383 | /** | |
384 | * kcapi_cipher_stream_update_last() - send last data for processing (stream) | |
385 | * | |
386 | * @handle: [in] cipher handle | |
387 | * @iov: [in] scatter/gather list with data to be processed by the cipher | |
388 | * operation. | |
389 | * @iovlen: [in] number of scatter/gather list elements. | |
390 | * | |
391 | * Using this function call, more plaintext for encryption or ciphertext for | |
392 | * decryption can be submitted to the kernel. | |
393 | * | |
394 | * This call is identical to the kcapi_cipher_stream_update() call with the | |
395 | * exception that it marks the last data buffer before the cipher operation | |
396 | * is triggered. This is call is important for stream ciphers like CTR or CTS | |
397 | * mode when providing the last block. It is permissible to provide a zero | |
398 | * buffer if all data including the last block is already provided by | |
399 | * kcapi_cipher_stream_update. | |
400 | * | |
401 | * WARNING: If this call is not made for stream ciphers with input data | |
402 | * that is not a multiple of the block size of the block cipher, the kernel | |
403 | * will not return the last block that contains less data than the block | |
404 | * size of the block cipher. For example, sending 257 bytes of data to be | |
405 | * encrypted with ctr(aes), the kernel will return only 256 bytes without | |
406 | * this call. | |
407 | * | |
408 | * @return number of bytes sent to the kernel upon success; | |
409 | * a negative errno-style error code if an error occurred | |
410 | */ | |
411 | int32_t kcapi_cipher_stream_update_last(struct kcapi_handle *handle, | |
412 | struct iovec *iov, uint32_t iovlen); | |
382 | 413 | |
383 | 414 | /** |
384 | 415 | * kcapi_cipher_stream_op() - obtain processed data (stream) |
147 | 147 | |
148 | 148 | LIBKCAPI_1.1.5 { |
149 | 149 | } LIBKCAPI_1.1.4; |
150 | ||
151 | LIBKCAPI_1.2.0 { | |
152 | kcapi_cipher_stream_update_last; | |
153 | } LIBKCAPI_1.1.5; |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | /* |
1 | * Copyright (C) 2015 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2015 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | /* |
1 | * Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | /* |
1 | * Copyright (C) 2014 - 2019, Stephan Mueller <smueller@chronox.de> | |
1 | * Copyright (C) 2014 - 2020, Stephan Mueller <smueller@chronox.de> | |
2 | 2 | * |
3 | 3 | * License: see LICENSE file in root directory |
4 | 4 | * |
236 | 236 | |
237 | 237 | static int get_random(uint8_t *buf, uint32_t buflen, unsigned int flags) |
238 | 238 | { |
239 | int ret; | |
239 | int ret = 0; | |
240 | 240 | |
241 | 241 | if (buflen > INT_MAX) |
242 | 242 | return 1; |
758 | 758 | fprintf(stderr, "\t\t0 for encryption\n"); |
759 | 759 | fprintf(stderr, "\t\t1 for decryption\n"); |
760 | 760 | fprintf(stderr, "\t\t2 for signing\n"); |
761 | fprintf(stderr, "\t\t2 for verification\n"); | |
761 | fprintf(stderr, "\t\t3 for verification\n"); | |
762 | 762 | fprintf(stderr, "\t-c --cipher\tKernel Crypto API cipher name to be used for operation\n"); |
763 | 763 | fprintf(stderr, "\t-p --pt\t\tPlaintext used during encryption / message digest\n"); |
764 | 764 | fprintf(stderr, "\t-q --ct\t\tCiphertext used during decryption\n"); |
893 | 893 | pid_t pid; |
894 | 894 | |
895 | 895 | pid = fork(); |
896 | if (!pid) | |
896 | if (pid) | |
897 | /* parent - return and continue */ | |
897 | 898 | return; |
898 | ||
899 | sleep(1); | |
900 | } | |
901 | ||
902 | ret = kcapi_cipher_stream_update(handle, iov, 1); | |
899 | } | |
900 | ||
901 | ret = kcapi_cipher_stream_update_last(handle, iov, 1); | |
903 | 902 | if (0 > ret) |
904 | 903 | printf("Sending of data failed\n"); |
905 | 904 |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2017 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2017 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2016 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2016 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
0 | 0 | #!/bin/bash |
1 | 1 | # |
2 | # Copyright (C) 2014 - 2019, Stephan Mueller <smueller@chronox.de> | |
2 | # Copyright (C) 2014 - 2020, Stephan Mueller <smueller@chronox.de> | |
3 | 3 | # |
4 | 4 | # License: see LICENSE file in root directory |
5 | 5 | # |
629 | 629 | aligned=$3 |
630 | 630 | aiofallback=$4 |
631 | 631 | |
632 | SYMEXEC="1 2 3 4 5 6 7 8 9 10 11 12" | |
633 | ||
632 | 634 | if [ x"$stream" = x"X" ] |
633 | 635 | then |
634 | 636 | stream="" |
660 | 662 | then |
661 | 663 | sout="multithreaded" |
662 | 664 | stream="-s -j" |
665 | ||
666 | # Disable XTS tests for multi-threading due to the issue | |
667 | # discussed in https://github.com/smuellerDD/libkcapi/issues/92 | |
668 | SYMEXEC="1 2 3 4 5 6 7" | |
663 | 669 | else |
664 | 670 | sout="one shot" |
665 | 671 | fi |
676 | 682 | return 0 |
677 | 683 | fi |
678 | 684 | |
679 | SYMEXEC="1 2 3 4 5 6 7 8 9 10 11 12" | |
680 | 685 | for i in $SYMEXEC |
681 | 686 | do |
682 | 687 | eval SYM_name=\$SYM_name_$i |
1463 | 1468 | multipletest_sym 1 # sync, no splice, one shot sendmsg |
1464 | 1469 | multipletest_sym 1 -s # sync, no splice, stream sendmsg |
1465 | 1470 | multipletest_sym 1 -v # sync, splice |
1466 | multipletest_sym 9 X -g # async, AIO fallback, no splice, one shot sendmsg | |
1467 | multipletest_sym 9 -s -g # async, AIO fallback, no splice, stream sendmsg | |
1468 | multipletest_sym 9 -v -g # async, AIO fallback, splice | |
1471 | ||
1472 | # Parallel AIO requests are undefined - it may be the case that such parallel | |
1473 | # requests are serialized by the driver or that they are processed independently | |
1474 | # of each other. | |
1475 | #multipletest_sym 9 X -g # async, AIO fallback, no splice, one shot sendmsg | |
1476 | #multipletest_sym 9 -s -g # async, AIO fallback, no splice, stream sendmsg | |
1477 | #multipletest_sym 9 -v -g # async, AIO fallback, splice | |
1469 | 1478 | |
1470 | 1479 | if $(check_min_kernelver 4 14); then |
1471 | 1480 | symfunc 9 |