aboutsummaryrefslogblamecommitdiff
path: root/rpc_client_daemon.c
blob: 1c506eb42eb0b57e0451d6111d40f9e3457f099b (plain) (tree) 
f94203f










































a031d72

f94203f

f94203f




17366b5

f94203f

f94203f

17366b5

f94203f


17366b5


f94203f


17366b5


f94203f













17366b5

f94203f


17366b5

f94203f




17366b5






















f94203f


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42

43

44

45
46
47
48

49

50

51

52

53
54

55
56

57
58

59
60

61
62
63
64
65
66
67
68
69
70
71
72
73

74

75
76

77

78
79
80
81

82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103

104
105










































                                                                           
                          
 



                                               
                                                                     
                            
 
                                           

                                                         

                                                         

                                                 

                                                                                       












                                                          
 

                                                                     
                                   



                                                                 





















                                                                    

                  
/*
 * rpc_client_daemon.c
 * -------------------
 * Remote procedure call transport over a socket to a daemon.
 *
 * Copyright (c) 2016, NORDUnet A/S All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 * - Redistributions of source code must retain the above copyright notice,
 *   this list of conditions and the following disclaimer.
 *
 * - Redistributions in binary form must reproduce the above copyright
 *   notice, this list of conditions and the following disclaimer in the
 *   documentation and/or other materials provided with the distribution.
 *
 * - Neither the name of the NORDUnet nor the names of its contributors may
 *   be used to endorse or promote products derived from this software
 *   without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include <stdio.h>
#include <string.h>
#include <netinet/in.h>
#include <unistd.h>
#include <sys/un.h>

#include "hal.h"
#include "hal_internal.h"
#include "slip_internal.h"

static int sock = -1;

hal_error_t hal_rpc_client_transport_init(void)
{
    const char *sockname = getenv("CRYPTECH_RPC_CLIENT_SOCKET_NAME");
    struct sockaddr_un name;

    sock = socket(AF_UNIX, SOCK_STREAM, 0);
    if (sock == -1)
        return perror("socket"), HAL_ERROR_RPC_TRANSPORT;
    if (sockname == NULL)
        sockname = HAL_CLIENT_DAEMON_DEFAULT_SOCKET_NAME;
    memset(&name, 0, sizeof(struct sockaddr_un));
    name.sun_family = AF_UNIX;
    strncpy(name.sun_path, sockname, sizeof(name.sun_path) - 1);
    if (connect(sock, (const struct sockaddr *) &name, sizeof(struct sockaddr_un)) < 0)
        return perror("connect"), HAL_ERROR_RPC_TRANSPORT;
    return HAL_OK;
}

hal_error_t hal_rpc_client_transport_close(void)
{
    int ret = close(sock);
    sock = -1;
    if (ret != 0)
        return perror("close"), HAL_ERROR_RPC_TRANSPORT;
    return HAL_OK;
}


hal_error_t hal_rpc_send(const uint8_t * const buf, const size_t len)
{
    return hal_slip_send(buf, len);
}

hal_error_t hal_rpc_recv(uint8_t * const buf, size_t * const len)
{
    size_t maxlen = *len;
    *len = 0;
    hal_error_t err = hal_slip_recv(buf, len, maxlen);
    return err;
}

/*
 * These two are sort of mis-named, fix eventually, but this is what
 * the code in slip.c expects.
 */

hal_error_t hal_serial_send_char(const uint8_t c)
{
    if (write(sock, &c, 1) != 1)
	return perror("write"), HAL_ERROR_RPC_TRANSPORT;
    return HAL_OK;
}

hal_error_t hal_serial_recv_char(uint8_t * const c)
{
    if (read(sock, c, 1) != 1)
	return perror("read"), HAL_ERROR_RPC_TRANSPORT;
    return HAL_OK;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 18:17:23 +0000
an class="n">HAL_OK || (err = hal_io_write(AES_ADDR_CONFIG, config, sizeof(config))) != HAL_OK || (err = hal_io_init(AES_ADDR_CTRL)) != HAL_OK) return err; return HAL_OK; } /* * Process one block. Since AES Key Wrap always deals with 64-bit * half blocks and since the bus is going to break this up into 32-bit * words no matter what we do, we can eliminate a few gratuitous * memcpy() operations by receiving our arguments as two half blocks. * * Since the length of these half blocks is constant, there's no real * point in passing the length as an argument, we'd just be checking a * constant against a constant and a smart compiler will optimize * the whole check out. * * Just be VERY careful if you change anything here. */ static hal_error_t do_block(uint8_t *b1, uint8_t *b2) { hal_error_t err; assert(b1 != NULL && b2 != NULL); if ((err = hal_io_write(AES_ADDR_BLOCK0, b1, 8)) != HAL_OK || (err = hal_io_write(AES_ADDR_BLOCK2, b2, 8)) != HAL_OK || (err = hal_io_next(AES_ADDR_CTRL)) != HAL_OK || (err = hal_io_wait_ready(AES_ADDR_STATUS)) != HAL_OK || (err = hal_io_read(AES_ADDR_RESULT0, b1, 8)) != HAL_OK || (err = hal_io_read(AES_ADDR_RESULT2, b2, 8)) != HAL_OK) return err; return HAL_OK; } /* * Wrap plaintext Q using KEK K, placing result in C. * * Q and C can overlap. For encrypt-in-place, use Q = C + 8 (that is, * leave 8 empty bytes before the plaintext). * * Use hal_aes_keywrap_ciphertext_length() to calculate the correct * buffer size. */ hal_error_t hal_aes_keywrap(const uint8_t *K, const size_t K_len, const uint8_t * const Q, const size_t m, uint8_t *C, size_t *C_len) { const size_t calculated_C_len = hal_aes_keywrap_ciphertext_length(m); hal_error_t err; uint32_t n; long i, j; assert(calculated_C_len % 8 == 0); if (Q == NULL || C == NULL || C_len == NULL || *C_len < calculated_C_len) return HAL_ERROR_BAD_ARGUMENTS; if ((err = load_kek(K, K_len, KEK_encrypting)) != HAL_OK) return err; *C_len = calculated_C_len; if (C + 8 != Q) memmove(C + 8, Q, m); if (m % 8 != 0) memset(C + 8 + m, 0, 8 - (m % 8)); C[0] = 0xA6; C[1] = 0x59; C[2] = 0x59; C[3] = 0xA6; C[4] = (m >> 24) & 0xFF; C[5] = (m >> 16) & 0xFF; C[6] = (m >> 8) & 0xFF; C[7] = (m >> 0) & 0xFF; n = calculated_C_len/8 - 1; if (n == 1) { if ((err = do_block(C, C + 8)) != HAL_OK) return err; } else { for (j = 0; j <= 5; j++) { for (i = 1; i <= n; i++) { uint32_t t = n * j + i; if ((err = do_block(C, C + i * 8)) != HAL_OK) return err; C[7] ^= t & 0xFF; t >>= 8; C[6] ^= t & 0xFF; t >>= 8; C[5] ^= t & 0xFF; t >>= 8; C[4] ^= t & 0xFF; } } } return HAL_OK; } /* * Unwrap ciphertext C using KEK K, placing result in Q. * * Q should be the same size as C. Q and C can overlap. */ hal_error_t hal_aes_keyunwrap(const uint8_t *K, const size_t K_len, const uint8_t * const C, const size_t C_len, uint8_t *Q, size_t *Q_len) { hal_error_t err; uint32_t n; long i, j; size_t m; if (C == NULL || Q == NULL || C_len % 8 != 0 || C_len < 16 || Q_len == NULL || *Q_len < C_len) return HAL_ERROR_BAD_ARGUMENTS; if ((err = load_kek(K, K_len, KEK_decrypting)) != HAL_OK) return err; n = (C_len / 8) - 1; if (Q != C) memmove(Q, C, C_len); if (n == 1) { if ((err = do_block(Q, Q + 8)) != HAL_OK) return err; } else { for (j = 5; j >= 0; j--) { for (i = n; i >= 1; i--) { uint32_t t = n * j + i; Q[7] ^= t & 0xFF; t >>= 8; Q[6] ^= t & 0xFF; t >>= 8; Q[5] ^= t & 0xFF; t >>= 8; Q[4] ^= t & 0xFF; if ((err = do_block(Q, Q + i * 8)) != HAL_OK) return err; } } } if (Q[0] != 0xA6 || Q[1] != 0x59 || Q[2] != 0x59 || Q[3] != 0xA6) return HAL_ERROR_KEYWRAP_BAD_MAGIC; m = (((((Q[4] << 8) + Q[5]) << 8) + Q[6]) << 8) + Q[7]; if (m <= 8 * (n - 1) || m > 8 * n) return HAL_ERROR_KEYWRAP_BAD_LENGTH; if (m % 8 != 0) for (i = m + 8; i < 8 * (n + 1); i++) if (Q[i] != 0x00) return HAL_ERROR_KEYWRAP_BAD_PADDING; *Q_len = m; memmove(Q, Q + 8, m); return HAL_OK; } /* * "Any programmer who fails to comply with the standard naming, formatting, * or commenting conventions should be shot. If it so happens that it is * inconvenient to shoot him, then he is to be politely requested to recode * his program in adherence to the above standard." * -- Michael Spier, Digital Equipment Corporation * * Local variables: * indent-tabs-mode: nil * End: */
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-16 18:17:21 +0000