fastd/fastd
1
0
Fork 0
mirror of https://github.com/neocturne/fastd.git synced 2025-05-15 12:45:09 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: separate cipher/MAC availability check from information request

Browse source
This commit is contained in:
Matthias Schiffer 2013-11-29 22:15:58 +01:00
parent 27c14deaed
commit d0707b161d
8 changed files with 104 additions and 104 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/crypto.h
View file

@ -67,11 +67,15 @@ struct fastd_mac {
void fastd_cipher_init(fastd_context_t *ctx); void fastd_cipher_init(fastd_context_t *ctx);
void fastd_cipher_free(fastd_context_t *ctx); void fastd_cipher_free(fastd_context_t *ctx);
bool fastd_cipher_is_available(const char *name);
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name); const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name);
const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_context_t **cctx); const fastd_cipher_t* fastd_cipher_get_by_name(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_context_t **cctx);
void fastd_mac_init(fastd_context_t *ctx); void fastd_mac_init(fastd_context_t *ctx);
void fastd_mac_free(fastd_context_t *ctx); void fastd_mac_free(fastd_context_t *ctx);
bool fastd_mac_is_available(const char *name);
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name); const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name);
const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info, const fastd_mac_context_t **cctx); const fastd_mac_t* fastd_mac_get_by_name(fastd_context_t *ctx, const char *name, const fastd_mac_info_t **info, const fastd_mac_context_t **cctx);

14
src/crypto/cipher/ciphers.c.in
View file

@ -107,7 +107,7 @@ void fastd_cipher_free(fastd_context_t *ctx) {
free(ctx->cipher_contexts); free(ctx->cipher_contexts);
} }
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) { bool fastd_cipher_is_available(const char *name) {
size_t i, j; size_t i, j;
for (i = 0; i < array_size(ciphers); i++) { for (i = 0; i < array_size(ciphers); i++) {
if (strcmp(ciphers[i].name, name)) if (strcmp(ciphers[i].name, name))
@ -115,12 +115,22 @@ const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
for (j = 0; ciphers[i].impls[j].impl; j++) { for (j = 0; ciphers[i].impls[j].impl; j++) {
if (ciphers[i].impls[j].impl->available()) if (ciphers[i].impls[j].impl->available())
return ciphers[i].info; return true;
} }
break; break;
} }
return false;
}
const fastd_cipher_info_t* fastd_cipher_info_get_by_name(const char *name) {
size_t i, j;
for (i = 0; i < array_size(ciphers); i++) {
if (!strcmp(ciphers[i].name, name))
return ciphers[i].info;
}
return NULL; return NULL;
} }

14
src/crypto/mac/macs.c.in
View file

@ -107,7 +107,7 @@ void fastd_mac_free(fastd_context_t *ctx) {
free(ctx->mac_contexts); free(ctx->mac_contexts);
} }
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) { bool fastd_mac_is_available(const char *name) {
size_t i, j; size_t i, j;
for (i = 0; i < array_size(macs); i++) { for (i = 0; i < array_size(macs); i++) {
if (strcmp(macs[i].name, name)) if (strcmp(macs[i].name, name))
@ -115,12 +115,22 @@ const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
for (j = 0; macs[i].impls[j].impl; j++) { for (j = 0; macs[i].impls[j].impl; j++) {
if (macs[i].impls[j].impl->available()) if (macs[i].impls[j].impl->available())
return macs[i].info; return true;
} }
break; break;
} }
return false;
}
const fastd_mac_info_t* fastd_mac_info_get_by_name(const char *name) {
size_t i, j;
for (i = 0; i < array_size(macs); i++) {
if (!strcmp(macs[i].name, name))
return macs[i].info;
}
return NULL; return NULL;
} }

26
src/methods/cipher_test/cipher_test.c
View file

@ -38,7 +38,7 @@ struct fastd_method_session_state {
}; };
static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) { static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
size_t len = strlen(name); size_t len = strlen(name);
if (len < 12) if (len < 12)
@ -51,33 +51,25 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-12); memcpy(cipher_name, name, len-12);
cipher_name[len-12] = 0; cipher_name[len-12] = 0;
const fastd_cipher_info_t *cipher_info = NULL; if (check && !fastd_cipher_is_available(cipher_name))
if (ctx) {
*cipher = fastd_cipher_get_by_name(ctx, cipher_name, &cipher_info, cctx);
if (!*cipher)
return false; return false;
}
else {
cipher_info = fastd_cipher_info_get_by_name(cipher_name);
if (!cipher_info)
return false;
}
if (info) if (ctx)
*info = cipher_info; *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
else if (cipher_info)
*cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true; return true;
} }
static bool method_provides(const char *name) { static bool method_provides(const char *name) {
return cipher_get(NULL, name, NULL, NULL, NULL); return cipher_get(NULL, name, NULL, NULL, NULL, true);
} }
static size_t method_key_length(fastd_context_t *ctx, const char *name) { static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *info; const fastd_cipher_info_t *info;
if (!cipher_get(NULL, name, &info, NULL, NULL)) if (!cipher_get(NULL, name, &info, NULL, NULL, false))
exit_bug(ctx, "cipher-test: can't get cipher key length"); exit_bug(ctx, "cipher-test: can't get cipher key length");
return info->key_length; return info->key_length;
@ -88,7 +80,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator); fastd_method_common_init(ctx, &session->common, initiator);
if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx)) if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "cipher-test: can't instanciate cipher"); exit_bug(ctx, "cipher-test: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret); session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);

34
src/methods/composed_gmac/composed_gmac.c
View file

@ -52,8 +52,9 @@ struct fastd_method_session_state {
static bool cipher_get(fastd_context_t *ctx, const char *name, static bool cipher_get(fastd_context_t *ctx, const char *name,
const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx,
const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher, const fastd_cipher_context_t **gmac_cctx) { const fastd_cipher_info_t **gmac_cipher_info, const fastd_cipher_t **gmac_cipher, const fastd_cipher_context_t **gmac_cctx,
if (!fastd_mac_info_get_by_name("ghash")) bool check) {
if (check && !fastd_mac_is_available("ghash"))
return false; return false;
size_t len = strlen(name); size_t len = strlen(name);
@ -76,27 +77,19 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
*gmac_cipher_name = 0; *gmac_cipher_name = 0;
gmac_cipher_name++; gmac_cipher_name++;
const fastd_cipher_info_t *info = NULL; if (check && (!fastd_cipher_is_available(cipher_name) || !fastd_cipher_is_available(gmac_cipher_name)))
const fastd_cipher_info_t *gmac_info = NULL; return false;
if (ctx) { if (ctx) {
*cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx); *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
*gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, &gmac_info, gmac_cctx); *gmac_cipher = fastd_cipher_get_by_name(ctx, gmac_cipher_name, gmac_cipher_info, gmac_cctx);
if (!(*cipher && *gmac_cipher))
return false;
} }
else { else {
info = fastd_cipher_info_get_by_name(cipher_name);
gmac_info = fastd_cipher_info_get_by_name(gmac_cipher_name);
if (!(info && gmac_info))
return false;
}
if (cipher_info) if (cipher_info)
*cipher_info = info; *cipher_info = fastd_cipher_info_get_by_name(cipher_name);
if (gmac_cipher_info) if (gmac_cipher_info)
*gmac_cipher_info = gmac_info; *gmac_cipher_info = fastd_cipher_info_get_by_name(gmac_cipher_name);
}
return true; return true;
} }
@ -105,7 +98,7 @@ static bool cipher_get(fastd_context_t *ctx, const char *name,
static bool method_provides(const char *name) { static bool method_provides(const char *name) {
const fastd_cipher_info_t *gmac_cipher_info; const fastd_cipher_info_t *gmac_cipher_info;
if (!cipher_get(NULL, name, NULL, NULL, NULL, &gmac_cipher_info, NULL, NULL)) if (!cipher_get(NULL, name, NULL, NULL, NULL, &gmac_cipher_info, NULL, NULL, true))
return false; return false;
if (gmac_cipher_info->iv_length <= COMMON_NONCEBYTES) if (gmac_cipher_info->iv_length <= COMMON_NONCEBYTES)
@ -118,7 +111,7 @@ static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info; const fastd_cipher_info_t *cipher_info;
const fastd_cipher_info_t *gmac_cipher_info; const fastd_cipher_info_t *gmac_cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, &gmac_cipher_info, NULL, NULL)) if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, &gmac_cipher_info, NULL, NULL, false))
exit_bug(ctx, "composed-gmac: can't get cipher key length"); exit_bug(ctx, "composed-gmac: can't get cipher key length");
return cipher_info->key_length + gmac_cipher_info->key_length; return cipher_info->key_length + gmac_cipher_info->key_length;
@ -131,7 +124,8 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
if (!cipher_get(ctx, name, if (!cipher_get(ctx, name,
&session->cipher_info, &session->cipher, &session->cipher_ctx, &session->cipher_info, &session->cipher, &session->cipher_ctx,
&session->gmac_cipher_info, &session->gmac_cipher, &session->gmac_cipher_ctx)) &session->gmac_cipher_info, &session->gmac_cipher, &session->gmac_cipher_ctx,
false))
exit_bug(ctx, "composed-gmac: can't instanciate cipher"); exit_bug(ctx, "composed-gmac: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret); session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);

39
src/methods/generic_gcm/generic_gcm.c
View file

@ -43,8 +43,8 @@ struct fastd_method_session_state {
}; };
static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) { static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
if (!fastd_mac_info_get_by_name("ghash")) if (check && !fastd_mac_is_available("ghash"))
return false; return false;
size_t len = strlen(name); size_t len = strlen(name);
@ -59,36 +59,33 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(name_ctr, name, len-3); memcpy(name_ctr, name, len-3);
strncpy(name_ctr+len-3, "ctr", 4); strncpy(name_ctr+len-3, "ctr", 4);
const fastd_cipher_info_t *info = NULL; if (check && !fastd_cipher_is_available(name_ctr))
if (ctx) {
*cipher = fastd_cipher_get_by_name(ctx, name_ctr, &info, cctx);
if (!*cipher)
return false;
}
else {
info = fastd_cipher_info_get_by_name(name_ctr);
if (!info)
return false;
}
if (info->iv_length <= COMMON_NONCEBYTES)
return false; return false;
if (cipher_info) if (ctx)
*cipher_info = info; *cipher = fastd_cipher_get_by_name(ctx, name_ctr, cipher_info, cctx);
else if (cipher_info)
*cipher_info = fastd_cipher_info_get_by_name(name_ctr);
return true; return true;
} }
static bool method_provides(const char *name) { static bool method_provides(const char *name) {
return cipher_get(NULL, name, NULL, NULL, NULL); const fastd_cipher_info_t *cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
return false;
if (cipher_info->iv_length <= COMMON_NONCEBYTES)
return false;
return true;
} }
static size_t method_key_length(fastd_context_t *ctx, const char *name) { static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info; const fastd_cipher_info_t *cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL)) if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, false))
exit_bug(ctx, "generic-gcm: can't get cipher key length"); exit_bug(ctx, "generic-gcm: can't get cipher key length");
return cipher_info->key_length; return cipher_info->key_length;
@ -99,7 +96,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator); fastd_method_common_init(ctx, &session->common, initiator);
if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx)) if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "generic-gcm: can't instanciate cipher"); exit_bug(ctx, "generic-gcm: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret); session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);

40
src/methods/generic_gmac/generic_gmac.c
View file

@ -43,8 +43,8 @@ struct fastd_method_session_state {
}; };
static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) { static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
if (!fastd_mac_info_get_by_name("ghash")) if (check && !fastd_mac_is_available("ghash"))
return false; return false;
size_t len = strlen(name); size_t len = strlen(name);
@ -62,36 +62,32 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-5); memcpy(cipher_name, name, len-5);
cipher_name[len-5] = 0; cipher_name[len-5] = 0;
const fastd_cipher_info_t *info = NULL; if (check && !fastd_cipher_is_available(cipher_name))
if (ctx) {
*cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
if (!*cipher)
return false;
}
else {
info = fastd_cipher_info_get_by_name(cipher_name);
if (!info)
return false;
}
if (info->iv_length <= COMMON_NONCEBYTES)
return false; return false;
if (cipher_info) if (ctx)
*cipher_info = info; *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
else if (cipher_info)
*cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true; return true;
} }
static bool method_provides(const char *name) { static bool method_provides(const char *name) {
return cipher_get(NULL, name, NULL, NULL, NULL); const fastd_cipher_info_t *cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
return false;
if (cipher_info->iv_length <= COMMON_NONCEBYTES)
return false;
return true;
} }
static size_t method_key_length(fastd_context_t *ctx, const char *name) { static size_t method_key_length(fastd_context_t *ctx, const char *name) {
const fastd_cipher_info_t *cipher_info; const fastd_cipher_info_t *cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL)) if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, false))
exit_bug(ctx, "generic-gmac: can't get cipher key length"); exit_bug(ctx, "generic-gmac: can't get cipher key length");
return cipher_info->key_length + sizeof(fastd_block128_t); return cipher_info->key_length + sizeof(fastd_block128_t);
@ -102,7 +98,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, c
fastd_method_common_init(ctx, &session->common, initiator); fastd_method_common_init(ctx, &session->common, initiator);
if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx)) if (!cipher_get(ctx, name, &session->cipher_info, &session->cipher, &session->cipher_ctx, false))
exit_bug(ctx, "generic-gmac: can't instanciate cipher"); exit_bug(ctx, "generic-gmac: can't instanciate cipher");
session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret); session->cipher_state = session->cipher->init_state(ctx, session->cipher_ctx, secret);

33
src/methods/generic_poly1305/generic_poly1305.c
View file

@ -43,7 +43,7 @@ struct fastd_method_session_state {
}; };
static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx) { static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_cipher_info_t **cipher_info, const fastd_cipher_t **cipher, const fastd_cipher_context_t **cctx, bool check) {
size_t len = strlen(name); size_t len = strlen(name);
if (len < 9) if (len < 9)
@ -56,31 +56,28 @@ static bool cipher_get(fastd_context_t *ctx, const char *name, const fastd_ciphe
memcpy(cipher_name, name, len-9); memcpy(cipher_name, name, len-9);
cipher_name[len-9] = 0; cipher_name[len-9] = 0;
const fastd_cipher_info_t *info = NULL; if (check && !fastd_cipher_is_available(cipher_name))
if (ctx) {
*cipher = fastd_cipher_get_by_name(ctx, cipher_name, &info, cctx);
if (!*cipher)
return false;
}
else {
info = fastd_cipher_info_get_by_name(cipher_name);
if (!info)
return false;
}
if (info->iv_length <= COMMON_NONCEBYTES)
return false; return false;
if (cipher_info) if (ctx)
*cipher_info = info; *cipher = fastd_cipher_get_by_name(ctx, cipher_name, cipher_info, cctx);
else if (cipher_info)
*cipher_info = fastd_cipher_info_get_by_name(cipher_name);
return true; return true;
} }
static bool method_provides(const char *name) { static bool method_provides(const char *name) {
return cipher_get(NULL, name, NULL, NULL, NULL); const fastd_cipher_info_t *cipher_info;
if (!cipher_get(NULL, name, &cipher_info, NULL, NULL, true))
return false;
if (cipher_info->iv_length <= COMMON_NONCEBYTES)
return false;
return true;
} }
static size_t method_key_length(fastd_context_t *ctx, const char *name) { static size_t method_key_length(fastd_context_t *ctx, const char *name) {