[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-28-g177755f
|
From: |
Nikos Mavrogiannopoulos |
|
Subject: |
[SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-28-g177755f |
|
Date: |
Tue, 21 Feb 2012 17:56:03 +0000 |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU gnutls".
http://git.savannah.gnu.org/cgit/gnutls.git/commit/?id=177755f804c0a1fa3efcebe1504e95aab786e814
The branch, master has been updated
via 177755f804c0a1fa3efcebe1504e95aab786e814 (commit)
via 864be199082e2eb7fd291d7d6443971081edf74c (commit)
via 48d453468b5995da66d3ef55b2f94f41485c8831 (commit)
via 2d3a7b8f20fcc912ea81125f9af370cddbb82b62 (commit)
from f9ae61d13e0915a303b6a69c8729bc6fc7b44088 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 177755f804c0a1fa3efcebe1504e95aab786e814
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 21 19:01:01 2012 +0100
updates for cryptodev. Require the COP_FLAG_RESET.
commit 864be199082e2eb7fd291d7d6443971081edf74c
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 21 19:00:15 2012 +0100
added error reporting
commit 48d453468b5995da66d3ef55b2f94f41485c8831
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 21 09:17:50 2012 +0100
properly deinitialize session.
commit 2d3a7b8f20fcc912ea81125f9af370cddbb82b62
Author: Nikos Mavrogiannopoulos <address@hidden>
Date: Tue Feb 21 09:12:42 2012 +0100
added (dead) code to test the _hmac_fast.
-----------------------------------------------------------------------
Summary of changes:
lib/accelerated/cryptodev.c | 120 +++++++++++++++++++-----------------------
tests/gc.c | 9 +++
tests/mini-loss-time.c | 13 ++++-
tests/pskself.c | 18 +++++++
tests/slow/cipher-test.c | 12 ++++
5 files changed, 104 insertions(+), 68 deletions(-)
diff --git a/lib/accelerated/cryptodev.c b/lib/accelerated/cryptodev.c
index 4e0f7ac..ce0af1b 100644
--- a/lib/accelerated/cryptodev.c
+++ b/lib/accelerated/cryptodev.c
@@ -49,7 +49,6 @@ struct cryptodev_ctx
struct session_op sess;
struct crypt_op cryp;
uint8_t iv[EALG_MAX_BLOCK_LEN];
- unsigned int hash_reset;
int cfd;
};
@@ -118,11 +117,11 @@ cryptodev_encrypt (void *_ctx, const void *plain, size_t
plainsize,
void *encr, size_t encrsize)
{
struct cryptodev_ctx *ctx = _ctx;
-
ctx->cryp.len = plainsize;
ctx->cryp.src = (void *) plain;
ctx->cryp.dst = encr;
ctx->cryp.op = COP_ENCRYPT;
+
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
gnutls_assert ();
@@ -285,14 +284,14 @@ _gnutls_cryptodev_init (void)
void
_gnutls_cryptodev_deinit (void)
{
- close (cryptodev_fd);
+ if (cryptodev_fd != -1) close (cryptodev_fd);
}
/* MAC and digest stuff */
/* if we are using linux /dev/crypto
*/
-#if defined COP_FLAG_UPDATE
+#if defined(COP_FLAG_UPDATE) && defined(COP_FLAG_RESET)
static const int gnutls_mac_map[] = {
[GNUTLS_MAC_MD5] = CRYPTO_MD5_HMAC,
@@ -351,14 +350,8 @@ cryptodev_mac_hash (void *_ctx, const void *text, size_t
textsize)
ctx->cryp.src = (void *) text;
ctx->cryp.dst = NULL;
ctx->cryp.op = COP_ENCRYPT;
+ ctx->cryp.flags = COP_FLAG_UPDATE;
- if (ctx->hash_reset == 0)
- ctx->cryp.flags = COP_FLAG_UPDATE;
- else
- {
- ctx->cryp.flags = 0;
- ctx->hash_reset = 0;
- }
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
gnutls_assert ();
@@ -371,11 +364,13 @@ static int
cryptodev_mac_output (void *_ctx, void *digest, size_t digestsize)
{
struct cryptodev_ctx *ctx = _ctx;
+
ctx->cryp.len = 0;
ctx->cryp.src = NULL;
ctx->cryp.mac = digest;
ctx->cryp.op = COP_ENCRYPT;
ctx->cryp.flags = COP_FLAG_FINAL;
+
if (ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp))
{
gnutls_assert ();
@@ -390,46 +385,46 @@ cryptodev_mac_reset (void *_ctx)
{
struct cryptodev_ctx *ctx = _ctx;
- ctx->hash_reset = 1;
+ ctx->cryp.len = 0;
+ ctx->cryp.src = NULL;
+ ctx->cryp.dst = NULL;
+ ctx->cryp.op = COP_ENCRYPT;
+ ctx->cryp.flags = COP_FLAG_RESET;
+
+ ioctl (ctx->cfd, CIOCCRYPT, &ctx->cryp);
}
static int
cryptodev_mac_fast (gnutls_mac_algorithm_t algo,
- const void *key, size_t key_size, const void *text,
- size_t text_size, void *digest)
+ const void *key, size_t key_size, const void *text,
+ size_t text_size, void *digest)
{
-int mac = gnutls_mac_map[algo];
-struct session_op sess;
-struct crypt_op cryp;
+struct cryptodev_ctx ctx;
int ret;
- memset(&sess, 0, sizeof(sess));
- memset(&cryp, 0, sizeof(cryp));
+ memset(&ctx, 0, sizeof(ctx));
+ ctx.cfd = cryptodev_fd;
+ ctx.sess.mac = gnutls_mac_map[algo];
- sess.mac = mac;
- sess.mackey = (void*)key;
- sess.mackeylen = key_size;
+ ctx.sess.mackeylen = key_size;
+ ctx.sess.mackey = (void*)key;
- if (ioctl (cryptodev_fd, CIOCGSESSION, &sess))
- {
- gnutls_assert ();
- return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
- }
- cryp.ses = sess.ses;
- cryp.len = text_size;
- cryp.src = (void *) text;
- cryp.dst = NULL;
- cryp.mac = digest;
- cryp.op = COP_ENCRYPT;
+ if (ioctl (ctx.cfd, CIOCGSESSION, &ctx.sess))
+ return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
- ret = ioctl (cryptodev_fd, CIOCCRYPT, &cryp);
- ioctl (cryptodev_fd, CIOCFSESSION, &sess.ses);
+ ctx.cryp.ses = ctx.sess.ses;
- if (ret)
- {
- gnutls_assert ();
- return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
- }
+ ctx.cryp.len = text_size;
+ ctx.cryp.src = (void *) text;
+ ctx.cryp.dst = NULL;
+ ctx.cryp.op = COP_ENCRYPT;
+ ctx.cryp.mac = digest;
+
+ ret = ioctl (ctx.cfd, CIOCCRYPT, &ctx.cryp);
+
+ ioctl (cryptodev_fd, CIOCFSESSION, &ctx.sess.ses);
+ if (ret != 0)
+ return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
return 0;
}
@@ -494,35 +489,29 @@ cryptodev_digest_fast (gnutls_digest_algorithm_t algo,
const void *text, size_t text_size,
void *digest)
{
-int dig = gnutls_digest_map[algo];
-struct session_op sess;
-struct crypt_op cryp;
+struct cryptodev_ctx ctx;
int ret;
- memset(&sess, 0, sizeof(sess));
- memset(&cryp, 0, sizeof(cryp));
- sess.mac = dig;
+ memset(&ctx, 0, sizeof(ctx));
+ ctx.cfd = cryptodev_fd;
+ ctx.sess.mac = gnutls_digest_map[algo];
- if (ioctl (cryptodev_fd, CIOCGSESSION, &sess))
- {
- gnutls_assert ();
- return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
- }
- cryp.ses = sess.ses;
- cryp.len = text_size;
- cryp.src = (void *) text;
- cryp.dst = NULL;
- cryp.mac = digest;
- cryp.op = COP_ENCRYPT;
-
- ret = ioctl (cryptodev_fd, CIOCCRYPT, &cryp);
- ioctl (cryptodev_fd, CIOCFSESSION, &sess.ses);
+ if (ioctl (ctx.cfd, CIOCGSESSION, &ctx.sess))
+ return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
+
+ ctx.cryp.ses = ctx.sess.ses;
+
+ ctx.cryp.len = text_size;
+ ctx.cryp.src = (void *) text;
+ ctx.cryp.dst = NULL;
+ ctx.cryp.op = COP_ENCRYPT;
+ ctx.cryp.mac = digest;
- if (ret)
- {
- gnutls_assert ();
- return GNUTLS_E_CRYPTODEV_IOCTL_ERROR;
- }
+ ret = ioctl (ctx.cfd, CIOCCRYPT, &ctx.cryp);
+
+ ioctl (cryptodev_fd, CIOCFSESSION, &ctx.sess.ses);
+ if (ret != 0)
+ return gnutls_assert_val(GNUTLS_E_CRYPTODEV_IOCTL_ERROR);
return 0;
}
@@ -588,7 +577,6 @@ register_mac_digest (int cfd)
gnutls_assert ();
return ret;
}
-
}
memset (&sess, 0, sizeof (sess));
diff --git a/tests/gc.c b/tests/gc.c
index 5058592..2cc0694 100644
--- a/tests/gc.c
+++ b/tests/gc.c
@@ -32,6 +32,12 @@
#include "../lib/x509/pbkdf2-sha1.h"
#include "../lib/debug.h"
+static void
+tls_log_func (int level, const char *str)
+{
+ fprintf (stderr, "|<%d>| %s", level, str);
+}
+
void
doit (void)
{
@@ -40,6 +46,9 @@ doit (void)
/* XXX: We need this to fix secure memory. */
gnutls_global_init ();
+ gnutls_global_set_log_function (tls_log_func);
+ if (debug)
+ gnutls_global_set_log_level (4711);
err =
_gnutls_hmac_fast (GNUTLS_MAC_MD5, "keykeykey", 9, "abcdefgh", 8, digest);
diff --git a/tests/mini-loss-time.c b/tests/mini-loss-time.c
index cc01dcd..303e89b 100644
--- a/tests/mini-loss-time.c
+++ b/tests/mini-loss-time.c
@@ -162,6 +162,9 @@ client (int fd, int packet)
ret = gnutls_handshake (session);
}
while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
+
+ gnutls_deinit(session);
+ gnutls_global_deinit();
if (ret < 0)
{
@@ -231,10 +234,12 @@ int ret;
ret = gnutls_handshake (session);
}
while (ret < 0 && gnutls_error_is_fatal(ret) == 0);
+
+ gnutls_deinit (session);
+ gnutls_global_deinit();
+
if (ret < 0)
{
- close (fd);
- gnutls_deinit (session);
return;
}
}
@@ -266,12 +271,16 @@ static void start (int server_packet, int client_packet)
if (child)
{
/* parent */
+ close(fd[1]);
server (fd[0], server_packet);
+ close(fd[0]);
kill(child, SIGTERM);
}
else
{
+ close(fd[0]);
client (fd[1], client_packet);
+ close(fd[1]);
exit(0);
}
}
diff --git a/tests/pskself.c b/tests/pskself.c
index f4c058b..f6eed94 100644
--- a/tests/pskself.c
+++ b/tests/pskself.c
@@ -46,6 +46,14 @@
/* A very basic TLS client, with PSK authentication.
*/
+const char* side = "";
+
+static void
+tls_log_func (int level, const char *str)
+{
+ fprintf (stderr, "%s|<%d>| %s", side, level, str);
+}
+
#define MAX_BUF 1024
#define MSG "Hello TLS"
@@ -60,6 +68,11 @@ client (void)
const gnutls_datum_t key = { (void *) "DEADBEEF", 8 };
gnutls_global_init ();
+ gnutls_global_set_log_function (tls_log_func);
+ if (debug)
+ gnutls_global_set_log_level (4711);
+
+ side = "client";
gnutls_psk_allocate_client_credentials (&pskcred);
gnutls_psk_set_client_credentials (pskcred, "test", &key,
@@ -237,6 +250,11 @@ server (void)
/* this must be called once in the program
*/
gnutls_global_init ();
+ gnutls_global_set_log_function (tls_log_func);
+ if (debug)
+ gnutls_global_set_log_level (4711);
+
+ side = "server";
gnutls_psk_allocate_server_credentials (&server_pskcred);
gnutls_psk_set_server_credentials_function (server_pskcred, pskfunc);
diff --git a/tests/slow/cipher-test.c b/tests/slow/cipher-test.c
index c39d2d8..c51a3a4 100644
--- a/tests/slow/cipher-test.c
+++ b/tests/slow/cipher-test.c
@@ -493,7 +493,18 @@ test_hash (void)
/* import key */
if (hash_vectors[i].key != NULL)
{
+#if 0
+ ret = gnutls_hmac_fast(hash_vectors[i].algorithm,
hash_vectors[i].key, hash_vectors[i].key_size,
+ hash_vectors[i].plaintext,
hash_vectors[i].plaintext_size, data);
+ if (ret < 0)
+ {
+ fprintf (stderr, "Error: %s:%d\n", __func__,
+ __LINE__);
+ return 1;
+ }
+#else
gnutls_hmac_hd_t hd;
+
ret = gnutls_hmac_init( &hd, hash_vectors[i].algorithm,
hash_vectors[i].key, hash_vectors[i].key_size);
if (ret < 0)
{
@@ -520,6 +531,7 @@ test_hash (void)
gnutls_hmac_output(hd, data);
gnutls_hmac_deinit(hd, NULL);
+#endif
data_size =
gnutls_hmac_get_len (hash_vectors[i].algorithm);
hooks/post-receive
--
GNU gnutls
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU gnutls branch, master, updated. gnutls_3_0_13-28-g177755f,
Nikos Mavrogiannopoulos <=