[BACK]Return to af_alg_ops.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / af_alg
File:  [ELWIX - Embedded LightWeight unIX -] / embedaddon / strongswan / src / libstrongswan / plugins / af_alg / af_alg_ops.c
Revision 1.1.1.1 (vendor branch): download - view: text, annotated - select for diffs - revision graph
Wed Jun 3 09:46:44 2020 UTC (4 years, 3 months ago) by misho
Branches: strongswan, MAIN
CVS tags: v5_9_2p0, v5_8_4p7, HEAD
Strongswan

/*
 * Copyright (C) 2010 Martin Willi
 * Copyright (C) 2010 revosec AG
 *
 * This program is free software; you can redistribute it and/or modify it
 * under the terms of the GNU General Public License as published by the
 * Free Software Foundation; either version 2 of the License, or (at your
 * option) any later version.  See <http://www.fsf.org/copyleft/gpl.txt>.
 *
 * This program is distributed in the hope that it will be useful, but
 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
 * or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
 * for more details.
 */

#include "af_alg_ops.h"

#include <unistd.h>
#include <errno.h>
#include <linux/socket.h>

#include <utils/debug.h>

typedef struct private_af_alg_ops_t private_af_alg_ops_t;

/**
 * Private data of an af_alg_ops_t object.
 */
struct private_af_alg_ops_t {

	/**
	 * Public af_alg_ops_t interface.
	 */
	af_alg_ops_t public;

	/**
	 * Transform FD
	 */
	int tfm;

	/**
	 * Operation FD
	 */
	int op;
};

METHOD(af_alg_ops_t, reset, void,
	private_af_alg_ops_t *this)
{
	if (this->op != -1)
	{
		close(this->op);
		this->op = -1;
	}
}

METHOD(af_alg_ops_t, hash, bool,
	private_af_alg_ops_t *this, chunk_t data, char *out, size_t outlen)
{
	ssize_t len;

	while (this->op == -1)
	{
		this->op = accept(this->tfm, NULL, 0);
		if (this->op == -1 && errno != EINTR)
		{
			DBG1(DBG_LIB, "opening AF_ALG hasher failed: %s", strerror(errno));
			return FALSE;
		}
	}

	do
	{
		len = send(this->op, data.ptr, data.len, out ? 0 : MSG_MORE);
		if (len == -1)
		{
			if (errno == EINTR)
			{
				continue;
			}
			DBG1(DBG_LIB, "writing to AF_ALG hasher failed: %s", strerror(errno));
			return FALSE;
		}
		data = chunk_skip(data, len);
	}
	while (data.len);

	if (out)
	{
		while (outlen)
		{
			len = read(this->op, out, outlen);
			if (len == -1)
			{
				if (errno == EINTR)
				{
					continue;
				}
				DBG1(DBG_LIB, "reading AF_ALG hasher failed: %s", strerror(errno));
				return FALSE;
			}
			outlen -= len;
			out += len;
		}
		reset(this);
	}
	return TRUE;
}

METHOD(af_alg_ops_t, crypt_, bool,
	private_af_alg_ops_t *this, uint32_t type, chunk_t iv, chunk_t data,
	char *out)
{
	struct msghdr msg = {};
	struct cmsghdr *cmsg;
	struct af_alg_iv *ivm;
	struct iovec iov;
	char buf[CMSG_SPACE(sizeof(type)) +
			 CMSG_SPACE(offsetof(struct af_alg_iv, iv) + iv.len)];
	ssize_t len;
	int op;

	do
	{
		op = accept(this->tfm, NULL, 0);
		if (op == -1 && errno != EINTR)
		{
			DBG1(DBG_LIB, "accepting AF_ALG crypter failed: %s", strerror(errno));
			return FALSE;
		}
	}
	while (op == -1);

	memset(buf, 0, sizeof(buf));

	msg.msg_control = buf;
	msg.msg_controllen = sizeof(buf);

	cmsg = CMSG_FIRSTHDR(&msg);
	cmsg->cmsg_level = SOL_ALG;
	cmsg->cmsg_type = ALG_SET_OP;
	cmsg->cmsg_len = CMSG_LEN(sizeof(type));
	memcpy(CMSG_DATA(cmsg), &type, sizeof(type));

	cmsg = CMSG_NXTHDR(&msg, cmsg);
	cmsg->cmsg_level = SOL_ALG;
	cmsg->cmsg_type = ALG_SET_IV;
	cmsg->cmsg_len = CMSG_LEN(offsetof(struct af_alg_iv, iv) + iv.len);
	ivm = (void*)CMSG_DATA(cmsg);
	ivm->ivlen = iv.len;
	memcpy(ivm->iv, iv.ptr, iv.len);

	msg.msg_iov = &iov;
	msg.msg_iovlen = 1;

	while (data.len)
	{
		iov.iov_base = data.ptr;
		iov.iov_len = data.len;

		len = sendmsg(op, &msg, 0);
		if (len == -1)
		{
			if (errno == EINTR)
			{
				continue;
			}
			DBG1(DBG_LIB, "writing to AF_ALG crypter failed: %s", strerror(errno));
			return FALSE;
		}
		while (read(op, out, len) != len)
		{
			if (errno != EINTR)
			{
				DBG1(DBG_LIB, "reading from AF_ALG crypter failed: %s",
					 strerror(errno));
				return FALSE;
			}
		}
		data = chunk_skip(data, len);
		/* no IV for subsequent data chunks */
		msg.msg_controllen = 0;
	}
	close(op);
	return TRUE;
}

METHOD(af_alg_ops_t, set_key, bool,
	private_af_alg_ops_t *this, chunk_t key)
{
	if (setsockopt(this->tfm, SOL_ALG, ALG_SET_KEY, key.ptr, key.len) == -1)
	{
		DBG1(DBG_LIB, "setting AF_ALG key failed: %s", strerror(errno));
		return FALSE;
	}
	return TRUE;
}

METHOD(af_alg_ops_t, destroy, void,
	private_af_alg_ops_t *this)
{
	close(this->tfm);
	if (this->op != -1)
	{
		close(this->op);
	}
	free(this);
}

/**
 * See header
 */
af_alg_ops_t *af_alg_ops_create(char *type, char *alg)
{
	private_af_alg_ops_t *this;
	struct sockaddr_alg sa = {
		.salg_family = AF_ALG,
	};

	strncpy(sa.salg_type, type, sizeof(sa.salg_type));
	strncpy(sa.salg_name, alg, sizeof(sa.salg_name));

	INIT(this,
		.public = {
			.hash = _hash,
			.reset = _reset,
			.crypt = _crypt_,
			.set_key = _set_key,
			.destroy = _destroy,
		},
		.tfm = socket(AF_ALG, SOCK_SEQPACKET, 0),
		.op = -1,
	);
	if (this->tfm == -1)
	{
		DBG1(DBG_LIB, "opening AF_ALG socket failed: %s", strerror(errno));
		free(this);
		return NULL;
	}
	if (bind(this->tfm, (struct sockaddr*)&sa, sizeof(sa)) == -1)
	{
		if (errno != ENOENT)
		{	/* fail silently if algorithm not supported */
			DBG1(DBG_LIB, "binding AF_ALG socket for '%s' failed: %s",
				 sa.salg_name, strerror(errno));
		}
		destroy(this);
		return NULL;
	}
	return &this->public;
}
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>