summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorMatthias Schiffer <mschiffer@universe-factory.net>2013-11-29 22:15:58 +0100
committerMatthias Schiffer <mschiffer@universe-factory.net>2013-11-29 22:15:58 +0100
commitd0707b161d10cf79242d40b24853988c89c7604a (patch)
tree2d7ebb6082708f49c17ec6385f6019b83be0dda6 /src
parent27c14deaedc8f914e82388e41e61e8adbfd13f35 (diff)
downloadfastd-d0707b161d10cf79242d40b24853988c89c7604a.tar
fastd-d0707b161d10cf79242d40b24853988c89c7604a.zip
crypto: separate cipher/MAC availability check from information request
Diffstat (limited to 'src')
-rw-r--r--src/crypto.h4
-rw-r--r--src/crypto/cipher/ciphers.c.in14
-rw-r--r--src/crypto/mac/macs.c.in14
-rw-r--r--src/methods/cipher_test/cipher_test.c28
-rw-r--r--src/methods/composed_gmac/composed_gmac.c36
-rw-r--r--src/methods/generic_gcm/generic_gcm.c39
-rw-r--r--src/methods/generic_gmac/generic_gmac.c40
-rw-r--r--src/methods/generic_poly1305/generic_poly1305.c33
8 files changed, 104 insertions, 104 deletions
diff --git a/src/crypto.h b/src/crypto.h
index 968483e..565de2c 100644
--- a/src/crypto.h
+++ b/src/crypto.h
@@ -67,11 +67,15 @@ struct fastd_mac {
void fastd_cipher_init(fastd_context_t *ctx);
void fastd_cipher_free(fastd_context_t *ctx);
+
+bool fastd_cipher_is_available(const char *name);
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name);
const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_context_t **cctx);
void fastd_mac_init(fastd_context_t *ctx);
void fastd_mac_free(fastd_context_t *ctx);
+
+bool fastd_mac_is_available(const char *name);
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name);
const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info, const fastd_mac_context_t **cctx);
diff --git a/src/crypto/cipher/ciphers.c.in b/src/crypto/cipher/ciphers.c.in
index b3c6b1b..84607a0 100644
--- a/src/crypto/cipher/ciphers.c.in
+++ b/src/crypto/cipher/ciphers.c.in
@@ -107,7 +107,7 @@ void fastd_cipher_free(fastd_context_t *ctx) {
free(ctx->cipher_contexts);
}
-const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
+bool fastd_cipher_is_available(const char *name) {
size_t i, j;
for (i = 0; i < array_size(ciphers); i++) {
if (strcmp(ciphers[i].name, name))
@@ -115,12 +115,22 @@ const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
for (j = 0; ciphers[i].impls[j].impl; j++) {
if (ciphers[i].impls[j].impl->available())
- return ciphers[i].info;
+ return true;
}
break;
}
+ return false;
+}
+
+const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
+ size_t i, j;
+ for (i = 0; i < array_size(ciphers); i++) {
+ if (!strcmp(ciphers[i].name, name))
+ return ciphers[i].info;
+ }
+
return NULL;
}
diff --git a/src/crypto/mac/macs.c.in b/src/crypto/mac/macs.c.in
index 3587322..c38e190 100644
--- a/src/crypto/mac/macs.c.in
+++ b/src/crypto/mac/macs.c.in
@@ -107,7 +107,7 @@ void fastd_mac_free(fastd_context_t *ctx) {
free(ctx->mac_contexts);
}
-const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
+bool fastd_mac_is_available(const char *name) {
size_t i, j;
for (i = 0; i < array_size(macs); i++) {
if (strcmp(macs[i].name, name))
@@ -115,12 +115,22 @@ const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
for (j = 0; macs[i].impls[j].impl; j++) {
if (macs[i].impls[j].impl->available())
- return macs[i].info;
+ return true;
}
break;
}
+ return false;
+}
+
+const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
+ size_t i, j;
+ for (i = 0; i < array_size(macs); i++) {
+ if (!strcmp(macs[i].name, name))
+ return macs[i].info;
+ }
+
return NULL;
}
diff --git a/src/methods/cipher_test/cipher_test.c b/src/methods/cipher_test/cipher_test.c
index 573e90a..32512b3 100644
--- a/src/methods/cipher_test/cipher_test.c
+++ b/src/methods/cipher_test/cipher_test.c
@@ -38,7 +38,7 @@ struct fastd_method_session_state {
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
size_t len = strlen(name);
if (len < 12)
@@ -51,33 +51,25 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-12);
cipher_name[len-12] = 0;
- const fastd_cipher_info_t *cipher_info = NULL;
-
- if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &cipher_info, cctx);
- if (!*cipher)
- return false;
- }
- else {
- cipher_info = fastd_cipher_info_get_by_name(cipher_name);
- if (!cipher_info)
- return false;
- }
+ if (check && !fastd_cipher_is_available(cipher_name))
+ return false;
- if (info)
- *info = cipher_info;
+ if (ctx)
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
+ else if (cipher_info)
+ *cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true;
}
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ return cipher_get(NULL, name, NULL, NULL, NULL, true);
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *info;
- if (!cipher_get(NULL, name, &info, NULL, NULL))
+ if (!cipher_get(NULL, name, &info, NULL, NULL, false))
exit_bug(ctx, "cipher-test: can't get cipher key length");
return info->key_length;
@@ -88,7 +80,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "cipher-test: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
diff --git a/src/methods/composed_gmac/composed_gmac.c b/src/methods/composed_gmac/composed_gmac.c
index b8ee2f6..870b82b 100644
--- a/src/methods/composed_gmac/composed_gmac.c
+++ b/src/methods/composed_gmac/composed_gmac.c
@@ -52,8 +52,9 @@ struct fastd_method_session_state {
static bool cipher_get(fastd_context_t *ctx, const char *name,
const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx,
- const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher, const fastd_cipher_context_t **gmac_cctx) {
- if (!fastd_mac_info_get_by_name("ghash"))
+ const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher, const fastd_cipher_context_t **gmac_cctx,
+ bool check) {
+ if (check && !fastd_mac_is_available("ghash"))
return false;
size_t len = strlen(name);
@@ -76,28 +77,20 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
*gmac_cipher_name = 0;
gmac_cipher_name++;
- const fastd_cipher_info_t *info = NULL;
- const fastd_cipher_info_t *gmac_info = NULL;
+ if (check && (!fastd_cipher_is_available(cipher_name) || !fastd_cipher_is_available(gmac_cipher_name)))
+ return false;
if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
- *gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, &gmac_info, gmac_cctx);
- if (!(*cipher && *gmac_cipher))
- return false;
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
+ *gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, gmac_cipher_info, gmac_cctx);
}
else {
- info = fastd_cipher_info_get_by_name(cipher_name);
- gmac_info = fastd_cipher_info_get_by_name(gmac_cipher_name);
- if (!(info && gmac_info))
- return false;
+ if (cipher_info)
+ *cipher_info = fastd_cipher_info_get_by_name(cipher_name);
+ if (gmac_cipher_info)
+ *gmac_cipher_info = fastd_cipher_info_get_by_name(gmac_cipher_name);
}
- if (cipher_info)
- *cipher_info = info;
-
- if (gmac_cipher_info)
- *gmac_cipher_info = gmac_info;
-
return true;
}
@@ -105,7 +98,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
static bool method_provides(const char *name) {
const fastd_cipher_info_t *gmac_cipher_info;
- if (!cipher_get(NULL, name, NULL, NULL, NULL, &gmac_cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, NULL, NULL, NULL, &gmac_cipher_info, NULL, NULL, true))
return false;
if (gmac_cipher_info->iv_length <= COMMON_NONCEBYTES)
@@ -118,7 +111,7 @@ static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
const fastd_cipher_info_t *gmac_cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, &gmac_cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, &gmac_cipher_info, NULL, NULL, false))
exit_bug(ctx, "composed-gmac: can't get cipher key length");
return cipher_info->key_length + gmac_cipher_info->key_length;
@@ -131,7 +124,8 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
if (!cipher_get(ctx, name,
&session->cipher_info, &session->cipher, &session->cipher_ctx,
- &session->gmac_cipher_info, &session->gmac_cipher, &session->gmac_cipher_ctx))
+ &session->gmac_cipher_info, &session->gmac_cipher, &session->gmac_cipher_ctx,
+ false))
exit_bug(ctx, "composed-gmac: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
diff --git a/src/methods/generic_gcm/generic_gcm.c b/src/methods/generic_gcm/generic_gcm.c
index 9481100..2a7987c 100644
--- a/src/methods/generic_gcm/generic_gcm.c
+++ b/src/methods/generic_gcm/generic_gcm.c
@@ -43,8 +43,8 @@ struct fastd_method_session_state {
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
- if (!fastd_mac_info_get_by_name("ghash"))
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
+ if (check && !fastd_mac_is_available("ghash"))
return false;
size_t len = strlen(name);
@@ -59,36 +59,33 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(name_ctr, name, len-3);
strncpy(name_ctr+len-3, "ctr", 4);
- const fastd_cipher_info_t *info = NULL;
-
- if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, name_ctr, &info, cctx);
- if (!*cipher)
- return false;
- }
- else {
- info = fastd_cipher_info_get_by_name(name_ctr);
- if (!info)
- return false;
- }
-
- if (info->iv_length <= COMMON_NONCEBYTES)
+ if (check && !fastd_cipher_is_available(name_ctr))
return false;
- if (cipher_info)
- *cipher_info = info;
+ if (ctx)
+ *cipher = fastd_cipher_get_by_name(ctx, name_ctr, cipher_info, cctx);
+ else if (cipher_info)
+ *cipher_info = fastd_cipher_info_get_by_name(name_ctr);
return true;
}
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ const fastd_cipher_info_t *cipher_info;
+
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
+ return false;
+
+ if (cipher_info->iv_length <= COMMON_NONCEBYTES)
+ return false;
+
+ return true;
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, false))
exit_bug(ctx, "generic-gcm: can't get cipher key length");
return cipher_info->key_length;
@@ -99,7 +96,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "generic-gcm: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
diff --git a/src/methods/generic_gmac/generic_gmac.c b/src/methods/generic_gmac/generic_gmac.c
index 5501076..50f4f57 100644
--- a/src/methods/generic_gmac/generic_gmac.c
+++ b/src/methods/generic_gmac/generic_gmac.c
@@ -43,8 +43,8 @@ struct fastd_method_session_state {
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
- if (!fastd_mac_info_get_by_name("ghash"))
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
+ if (check && !fastd_mac_is_available("ghash"))
return false;
size_t len = strlen(name);
@@ -62,36 +62,32 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-5);
cipher_name[len-5] = 0;
- const fastd_cipher_info_t *info = NULL;
-
- if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
- if (!*cipher)
- return false;
- }
- else {
- info = fastd_cipher_info_get_by_name(cipher_name);
- if (!info)
- return false;
- }
-
- if (info->iv_length <= COMMON_NONCEBYTES)
+ if (check && !fastd_cipher_is_available(cipher_name))
return false;
- if (cipher_info)
- *cipher_info = info;
+ if (ctx)
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
+ else if (cipher_info)
+ *cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true;
}
-
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ const fastd_cipher_info_t *cipher_info;
+
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
+ return false;
+
+ if (cipher_info->iv_length <= COMMON_NONCEBYTES)
+ return false;
+
+ return true;
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info;
- if (!cipher_get(NULL, name, &cipher_info, NULL, NULL))
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, false))
exit_bug(ctx, "generic-gmac: can't get cipher key length");
return cipher_info->key_length + sizeof(fastd_block128_t);
@@ -102,7 +98,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator);
- if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx))
+ if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "generic-gmac: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);
diff --git a/src/methods/generic_poly1305/generic_poly1305.c b/src/methods/generic_poly1305/generic_poly1305.c
index 3820907..80ced8c 100644
--- a/src/methods/generic_poly1305/generic_poly1305.c
+++ b/src/methods/generic_poly1305/generic_poly1305.c
@@ -43,7 +43,7 @@ struct fastd_method_session_state {
};
-static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) {
+static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
size_t len = strlen(name);
if (len < 9)
@@ -56,31 +56,28 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-9);
cipher_name[len-9] = 0;
- const fastd_cipher_info_t *info = NULL;
-
- if (ctx) {
- *cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
- if (!*cipher)
- return false;
- }
- else {
- info = fastd_cipher_info_get_by_name(cipher_name);
- if (!info)
- return false;
- }
-
- if (info->iv_length <= COMMON_NONCEBYTES)
+ if (check && !fastd_cipher_is_available(cipher_name))
return false;
- if (cipher_info)
- *cipher_info = info;
+ if (ctx)
+ *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
+ else if (cipher_info)
+ *cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true;
}
static bool method_provides(const char *name) {
- return cipher_get(NULL, name, NULL, NULL, NULL);
+ const fastd_cipher_info_t *cipher_info;
+
+ if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
+ return false;
+
+ if (cipher_info->iv_length <= COMMON_NONCEBYTES)
+ return false;
+
+ return true;
}
static size_t method_key_length(fastd_context_t *ctx, const char *name) {