From 30f8e4e85b6a337291b09d55d8edc15e422b6341 Mon Sep 17 00:00:00 2001 From: Paul Selkirk Date: Tue, 5 Jul 2016 22:45:35 -0400 Subject: Attempt to add resource management, for multiple cores of the same type. Find a suitable core, and mark it busy. Don't forget to release it as soon as you're done. This has a knock-on effect of un-const'ing core arguments and struct fields in a lot of places, and it moves some core checks around. --- aes_keywrap.c | 36 ++++++++++-------- core.c | 70 +++++++++++++++++++++++++++++----- csprng.c | 19 ++++++---- hal.h | 39 ++++++++++--------- hash.c | 92 ++++++++++++++++---------------------------- masterkey.c | 2 +- mkmif.c | 97 ++++++++++++++++++++++++----------------------- modexp.c | 20 +++++++++- pbkdf2.c | 11 +++++- rsa.c | 4 -- tests/test-aes-key-wrap.c | 4 +- tests/test-hash.c | 12 +++--- tests/test-mkmif.c | 12 +++--- tests/test-pbkdf2.c | 4 +- tests/test-rsa.c | 10 ++--- utils/cores.c | 2 +- 16 files changed, 248 insertions(+), 186 deletions(-) diff --git a/aes_keywrap.c b/aes_keywrap.c index d666624..08cc05f 100644 --- a/aes_keywrap.c +++ b/aes_keywrap.c @@ -156,7 +156,7 @@ static hal_error_t do_block(const hal_core_t *core, uint8_t *b1, uint8_t *b2) * buffer size. */ -hal_error_t hal_aes_keywrap(const hal_core_t *core, +hal_error_t hal_aes_keywrap(hal_core_t *core, const uint8_t *K, const size_t K_len, const uint8_t * const Q, const size_t m, @@ -170,15 +170,15 @@ hal_error_t hal_aes_keywrap(const hal_core_t *core, assert(calculated_C_len % 8 == 0); - if ((err = hal_core_check_name(&core, AES_CORE_NAME)) != HAL_OK) - return err; - if (Q == NULL || C == NULL || C_len == NULL || *C_len < calculated_C_len) return HAL_ERROR_BAD_ARGUMENTS; - if ((err = load_kek(core, K, K_len, KEK_encrypting)) != HAL_OK) + if ((err = hal_core_alloc(AES_CORE_NAME, &core)) != HAL_OK) return err; + if ((err = load_kek(core, K, K_len, KEK_encrypting)) != HAL_OK) + goto out; + *C_len = calculated_C_len; if (C + 8 != Q) @@ -198,7 +198,7 @@ hal_error_t hal_aes_keywrap(const hal_core_t *core, if (n == 1) { if ((err = do_block(core, C, C + 8)) != HAL_OK) - return err; + goto out; } else { @@ -206,7 +206,7 @@ hal_error_t hal_aes_keywrap(const hal_core_t *core, for (i = 1; i <= n; i++) { uint32_t t = n * j + i; if ((err = do_block(core, C, C + i * 8)) != HAL_OK) - return err; + goto out; C[7] ^= t & 0xFF; t >>= 8; C[6] ^= t & 0xFF; t >>= 8; C[5] ^= t & 0xFF; t >>= 8; @@ -215,7 +215,9 @@ hal_error_t hal_aes_keywrap(const hal_core_t *core, } } - return HAL_OK; +out: + hal_core_free(core); + return err; } @@ -225,7 +227,7 @@ hal_error_t hal_aes_keywrap(const hal_core_t *core, * Q should be the same size as C. Q and C can overlap. */ -hal_error_t hal_aes_keyunwrap(const hal_core_t * core, +hal_error_t hal_aes_keyunwrap(hal_core_t * core, const uint8_t *K, const size_t K_len, const uint8_t * const C, const size_t C_len, @@ -237,15 +239,15 @@ hal_error_t hal_aes_keyunwrap(const hal_core_t * core, long i, j; size_t m; - if ((err = hal_core_check_name(&core, AES_CORE_NAME)) != HAL_OK) - return err; - if (C == NULL || Q == NULL || C_len % 8 != 0 || C_len < 16 || Q_len == NULL || *Q_len < C_len) return HAL_ERROR_BAD_ARGUMENTS; - if ((err = load_kek(core, K, K_len, KEK_decrypting)) != HAL_OK) + if ((err = hal_core_alloc(AES_CORE_NAME, &core)) != HAL_OK) return err; + if ((err = load_kek(core, K, K_len, KEK_decrypting)) != HAL_OK) + goto out; + n = (C_len / 8) - 1; if (Q != C) @@ -253,7 +255,7 @@ hal_error_t hal_aes_keyunwrap(const hal_core_t * core, if (n == 1) { if ((err = do_block(core, Q, Q + 8)) != HAL_OK) - return err; + goto out; } else { @@ -265,7 +267,7 @@ hal_error_t hal_aes_keyunwrap(const hal_core_t * core, Q[5] ^= t & 0xFF; t >>= 8; Q[4] ^= t & 0xFF; if ((err = do_block(core, Q, Q + i * 8)) != HAL_OK) - return err; + goto out; } } } @@ -287,7 +289,9 @@ hal_error_t hal_aes_keyunwrap(const hal_core_t * core, memmove(Q, Q + 8, m); - return HAL_OK; +out: + hal_core_free(core); + return err; } /* diff --git a/core.c b/core.c index ffe61e6..9488ab9 100644 --- a/core.c +++ b/core.c @@ -76,6 +76,7 @@ struct hal_core { hal_core_info_t info; + uint32_t busy; struct hal_core *next; }; @@ -166,12 +167,12 @@ static hal_core_t *probe_cores(void) return NULL; } -const hal_core_t * hal_core_iterate(const hal_core_t *core) +hal_core_t * hal_core_iterate(hal_core_t *core) { return core == NULL ? probe_cores() : core->next; } -const hal_core_t *hal_core_find(const char *name, const hal_core_t *core) +hal_core_t *hal_core_find(const char *name, hal_core_t *core) { for (core = hal_core_iterate(core); core != NULL; core = core->next) if (name_matches(core, name)) @@ -179,18 +180,64 @@ const hal_core_t *hal_core_find(const char *name, const hal_core_t *core) return NULL; } -hal_error_t hal_core_check_name(const hal_core_t **core, const char *name) +__attribute__((weak)) void hal_critical_section_start(void) { - if (core == NULL || name == NULL) + return; +} + +__attribute__((weak)) void hal_critical_section_end(void) +{ + return; +} + +hal_error_t hal_core_alloc(const char *name, hal_core_t **pcore) +{ + hal_core_t *core; + hal_error_t err = HAL_ERROR_CORE_NOT_FOUND; + + if (name == NULL && (pcore == NULL || *pcore == NULL)) return HAL_ERROR_BAD_ARGUMENTS; - if (*core == NULL && (*core = hal_core_find(name, NULL)) != NULL) - return HAL_OK; + core = *pcore; + if (name == NULL) + name = core->info.name; + + hal_critical_section_start(); + if (core != NULL) { + /* if we can reallocate the same core, do it now */ + if (!core->busy) { + core->busy = 1; + hal_critical_section_end(); + return HAL_OK; + } + /* else fall through to search */ + } + for (core = hal_core_iterate(NULL); core != NULL; core = core->next) { + if (name_matches(core, name)) { + if (core->busy) { + err = HAL_ERROR_CORE_BUSY; + continue; + } + else { + err = HAL_OK; + *pcore = core; + core->busy = 1; + break; + } + } + } + hal_critical_section_end(); - if (*core == NULL || !name_matches(*core, name)) - return HAL_ERROR_CORE_NOT_FOUND; + return err; +} - return HAL_OK; +void hal_core_free(hal_core_t *core) +{ + if (core != NULL) { + hal_critical_section_start(); + core->busy = 0; + hal_critical_section_end(); + } } hal_addr_t hal_core_base(const hal_core_t *core) @@ -203,6 +250,11 @@ const hal_core_info_t *hal_core_info(const hal_core_t *core) return core == NULL ? NULL : &core->info; } +const int hal_core_busy(const hal_core_t *core) +{ + return (int)core->busy; +} + /* * Local variables: * indent-tabs-mode: nil diff --git a/csprng.c b/csprng.c index c6ae4e1..7ff6c69 100644 --- a/csprng.c +++ b/csprng.c @@ -43,23 +43,23 @@ #define WAIT_FOR_CSPRNG_VALID 1 #endif -hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t length) +hal_error_t hal_get_random(hal_core_t *core, void *buffer, const size_t length) { uint8_t temp[4], *buf = buffer; hal_error_t err; size_t i; - if ((err = hal_core_check_name(&core, CSPRNG_NAME)) != HAL_OK) + if ((err = hal_core_alloc(CSPRNG_NAME, &core)) != HAL_OK) return err; for (i = 0; i < length; i += 4) { const int last = (length - i) < 4; if (WAIT_FOR_CSPRNG_VALID && (err = hal_io_wait_valid(core)) != HAL_OK) - return err; + goto out; if ((err = hal_io_read(core, CSPRNG_ADDR_RANDOM, (last ? temp : &buf[i]), 4)) != HAL_OK) - return err; + goto out; if (last) for (; i < length; i++) @@ -67,10 +67,15 @@ hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t le } for (i = 0, buf = buffer; i < length; i++, buf++) - if (*buf != 0) - return HAL_OK; + if (*buf != 0) { + err = HAL_OK; + goto out; + } + err = HAL_ERROR_CSPRNG_BROKEN; - return HAL_ERROR_CSPRNG_BROKEN; +out: + hal_core_free(core); + return err; } /* diff --git a/hal.h b/hal.h index 04dab48..2955c2d 100644 --- a/hal.h +++ b/hal.h @@ -127,6 +127,7 @@ DEFINE_HAL_ERROR(HAL_ERROR_KEY_NOT_ON_CURVE, "EC key is not on its purported curve") \ DEFINE_HAL_ERROR(HAL_ERROR_INVALID_SIGNATURE, "Invalid signature") \ DEFINE_HAL_ERROR(HAL_ERROR_CORE_NOT_FOUND, "Requested core not found") \ + DEFINE_HAL_ERROR(HAL_ERROR_CORE_BUSY, "Requested core busy") \ DEFINE_HAL_ERROR(HAL_ERROR_KEYSTORE_ACCESS, "Could not access keystore") \ DEFINE_HAL_ERROR(HAL_ERROR_KEY_NOT_FOUND, "Key not found") \ DEFINE_HAL_ERROR(HAL_ERROR_KEY_NAME_IN_USE, "Key name in use") \ @@ -204,11 +205,15 @@ typedef struct { hal_addr_t base; } hal_core_info_t; -extern const hal_core_t *hal_core_find(const char *name, const hal_core_t *core); +extern hal_core_t *hal_core_find(const char *name, hal_core_t *core); extern const hal_core_info_t *hal_core_info(const hal_core_t *core); -extern hal_error_t hal_core_check_name(const hal_core_t **core, const char *name); extern hal_addr_t hal_core_base(const hal_core_t *core); -extern const hal_core_t * hal_core_iterate(const hal_core_t *core); +extern hal_core_t * hal_core_iterate(hal_core_t *core); +extern hal_error_t hal_core_alloc(const char *name, hal_core_t **core); +extern void hal_core_free(hal_core_t *core); +extern void hal_critical_section_start(void); +extern void hal_critical_section_end(void); +extern const int hal_core_busy(const hal_core_t *core); /* * Slightly higher level public API, still working directly with cores. @@ -218,7 +223,7 @@ extern const hal_core_t * hal_core_iterate(const hal_core_t *core); * Get random bytes from the CSPRNG. */ -extern hal_error_t hal_get_random(const hal_core_t *core, void *buffer, const size_t length); +extern hal_error_t hal_get_random(hal_core_t *core, void *buffer, const size_t length); /* * Hash and HMAC API. @@ -289,7 +294,7 @@ extern const hal_hash_descriptor_t hal_hash_sha512[1]; extern void hal_hash_set_debug(int onoff); -extern hal_error_t hal_hash_initialize(const hal_core_t *core, +extern hal_error_t hal_hash_initialize(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, hal_hash_state_t **state, void *state_buffer, const size_t state_length); @@ -300,7 +305,7 @@ extern hal_error_t hal_hash_update(hal_hash_state_t *state, extern hal_error_t hal_hash_finalize(hal_hash_state_t *state, uint8_t *digest, const size_t length); -extern hal_error_t hal_hmac_initialize(const hal_core_t *core, +extern hal_error_t hal_hmac_initialize(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, hal_hmac_state_t **state, void *state_buffer, const size_t state_length, @@ -323,12 +328,12 @@ extern const hal_hash_descriptor_t *hal_hmac_get_descriptor(const hal_hmac_state * AES key wrap functions. */ -extern hal_error_t hal_aes_keywrap(const hal_core_t *core, +extern hal_error_t hal_aes_keywrap(hal_core_t *core, const uint8_t *kek, const size_t kek_length, const uint8_t *plaintext, const size_t plaintext_length, uint8_t *cyphertext, size_t *ciphertext_length); -extern hal_error_t hal_aes_keyunwrap(const hal_core_t *core, +extern hal_error_t hal_aes_keyunwrap(hal_core_t *core, const uint8_t *kek, const size_t kek_length, const uint8_t *ciphertext, const size_t ciphertext_length, unsigned char *plaintext, size_t *plaintext_length); @@ -340,7 +345,7 @@ extern size_t hal_aes_keywrap_ciphertext_length(const size_t plaintext_length); * the pseudo-random function (PRF). */ -extern hal_error_t hal_pbkdf2(const hal_core_t *core, +extern hal_error_t hal_pbkdf2(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, const uint8_t * const password, const size_t password_length, const uint8_t * const salt, const size_t salt_length, @@ -353,7 +358,7 @@ extern hal_error_t hal_pbkdf2(const hal_core_t *core, extern void hal_modexp_set_debug(const int onoff); -extern hal_error_t hal_modexp(const hal_core_t *core, +extern hal_error_t hal_modexp(hal_core_t *core, const uint8_t * const msg, const size_t msg_len, /* Message */ const uint8_t * const exp, const size_t exp_len, /* Exponent */ const uint8_t * const mod, const size_t mod_len, /* Modulus */ @@ -363,13 +368,13 @@ extern hal_error_t hal_modexp(const hal_core_t *core, * Master Key Memory Interface */ -extern hal_error_t hal_mkmif_init(const hal_core_t *core); -extern hal_error_t hal_mkmif_set_clockspeed(const hal_core_t *core, const uint32_t divisor); -extern hal_error_t hal_mkmif_get_clockspeed(const hal_core_t *core, uint32_t *divisor); -extern hal_error_t hal_mkmif_write(const hal_core_t *core, uint32_t addr, const uint8_t *buf, size_t len); -extern hal_error_t hal_mkmif_write_word(const hal_core_t *core, uint32_t addr, const uint32_t data); -extern hal_error_t hal_mkmif_read(const hal_core_t *core, uint32_t addr, uint8_t *buf, size_t len); -extern hal_error_t hal_mkmif_read_word(const hal_core_t *core, uint32_t addr, uint32_t *data); +extern hal_error_t hal_mkmif_init(hal_core_t *core); +extern hal_error_t hal_mkmif_set_clockspeed(hal_core_t *core, const uint32_t divisor); +extern hal_error_t hal_mkmif_get_clockspeed(hal_core_t *core, uint32_t *divisor); +extern hal_error_t hal_mkmif_write(hal_core_t *core, uint32_t addr, const uint8_t *buf, size_t len); +extern hal_error_t hal_mkmif_write_word(hal_core_t *core, uint32_t addr, const uint32_t data); +extern hal_error_t hal_mkmif_read(hal_core_t *core, uint32_t addr, uint8_t *buf, size_t len); +extern hal_error_t hal_mkmif_read_word(hal_core_t *core, uint32_t addr, uint32_t *data); /* diff --git a/hash.c b/hash.c index 5fface0..5709a6a 100644 --- a/hash.c +++ b/hash.c @@ -100,11 +100,11 @@ struct hal_hash_driver { */ struct hal_hash_state { - const hal_core_t *core; + hal_core_t *core; const hal_hash_descriptor_t *descriptor; const hal_hash_driver_t *driver; - uint64_t msg_length_high; /* Total data hashed in this message */ - uint64_t msg_length_low; /* (128 bits in SHA-512 cases) */ + long long unsigned msg_length_high; /* Total data hashed in this message */ + long long unsigned msg_length_low; /* (128 bits in SHA-512 cases) */ uint8_t block[HAL_MAX_HASH_BLOCK_LENGTH], /* Block we're accumulating */ core_state[HAL_MAX_HASH_DIGEST_LENGTH]; /* Saved core state */ size_t block_used; /* How much of the block we've used */ @@ -361,43 +361,11 @@ static inline const hal_hash_driver_t *check_driver(const hal_hash_descriptor_t return descriptor == NULL ? NULL : descriptor->driver; } -/* - * Internal utility to check core against descriptor, including - * attempting to locate an appropriate core if we weren't given one. - */ - -static inline hal_error_t check_core(const hal_core_t **core, - const hal_hash_descriptor_t * const descriptor, - unsigned *flags) -{ - assert(descriptor != NULL && descriptor->driver != NULL); - -#if RPC_CLIENT == RPC_CLIENT_MIXED - hal_error_t err = HAL_ERROR_CORE_NOT_FOUND; -#else - hal_error_t err = hal_core_check_name(core, descriptor->core_name); -#endif - -#if HAL_ENABLE_SOFTWARE_HASH_CORES - - if (err == HAL_ERROR_CORE_NOT_FOUND && descriptor->driver->sw_core) { - - if (flags != NULL) - *flags |= STATE_FLAG_SOFTWARE_CORE; - - err = HAL_OK; - } - -#endif /* HAL_ENABLE_SOFTWARE_HASH_CORES */ - - return err; -} - /* * Initialize hash state. */ -hal_error_t hal_hash_initialize(const hal_core_t *core, +hal_error_t hal_hash_initialize(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, hal_hash_state_t **state_, void *state_buffer, const size_t state_length) @@ -405,7 +373,6 @@ hal_error_t hal_hash_initialize(const hal_core_t *core, const hal_hash_driver_t * const driver = check_driver(descriptor); hal_hash_state_t *state = state_buffer; unsigned flags = 0; - hal_error_t err; if (driver == NULL || state_ == NULL) return HAL_ERROR_BAD_ARGUMENTS; @@ -413,9 +380,6 @@ hal_error_t hal_hash_initialize(const hal_core_t *core, if (state_buffer != NULL && state_length < descriptor->hash_state_length) return HAL_ERROR_BAD_ARGUMENTS; - if ((err = check_core(&core, descriptor, &flags)) != HAL_OK) - return err; - if (state_buffer == NULL && (state = alloc_static_hash_state()) == NULL) return HAL_ERROR_ALLOCATION_FAILURE; @@ -515,9 +479,6 @@ static hal_error_t hash_write_block(hal_hash_state_t * const state) uint8_t ctrl_cmd[4]; hal_error_t err; - if (HAL_ENABLE_SOFTWARE_HASH_CORES && (state->flags & STATE_FLAG_SOFTWARE_CORE) != 0) - return state->driver->sw_core(state); - if ((err = hal_io_wait_ready(state->core)) != HAL_OK) return err; @@ -556,7 +517,7 @@ hal_error_t hal_hash_update(hal_hash_state_t *state, /* Opaque state size_t data_buffer_length) /* Length of data_buffer */ { const uint8_t *p = data_buffer; - hal_error_t err; + hal_error_t err = HAL_OK; size_t n; if (state == NULL || data_buffer == NULL) @@ -568,6 +529,11 @@ hal_error_t hal_hash_update(hal_hash_state_t *state, /* Opaque state assert(state->descriptor != NULL && state->driver != NULL); assert(state->descriptor->block_length <= sizeof(state->block)); +#if RPC_CLIENT != RPC_CLIENT_MIXED + if ((err = hal_core_alloc(state->descriptor->core_name, &state->core)) != HAL_OK) + return err; +#endif + while ((n = state->descriptor->block_length - state->block_used) <= data_buffer_length) { /* * We have enough data for another complete block. @@ -582,7 +548,7 @@ hal_error_t hal_hash_update(hal_hash_state_t *state, /* Opaque state data_buffer_length -= n; p += n; if ((err = hash_write_block(state)) != HAL_OK) - return err; + goto out; state->block_count++; } @@ -600,7 +566,11 @@ hal_error_t hal_hash_update(hal_hash_state_t *state, /* Opaque state state->block_used += data_buffer_length; } - return HAL_OK; +out: +#if RPC_CLIENT != RPC_CLIENT_MIXED + hal_core_free(state->core); +#endif + return err; } /* @@ -627,6 +597,11 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state, /* Opaqu assert(state->descriptor->block_length <= sizeof(state->block)); +#if RPC_CLIENT != RPC_CLIENT_MIXED + if ((err = hal_core_alloc(NULL, &state->core)) != HAL_OK) + return err; +#endif + /* * Add padding, then pull result from the core */ @@ -646,7 +621,7 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state, /* Opaqu if (n > 0) memset(state->block + state->block_used, 0, n); if ((err = hash_write_block(state)) != HAL_OK) - return err; + goto out; state->block_count++; state->block_used = 0; } @@ -671,25 +646,27 @@ hal_error_t hal_hash_finalize(hal_hash_state_t *state, /* Opaqu /* Push final block */ if ((err = hash_write_block(state)) != HAL_OK) - return err; + goto out; state->block_count++; /* All data pushed to core, now we just need to read back the result */ - if (HAL_ENABLE_SOFTWARE_HASH_CORES && (state->flags & STATE_FLAG_SOFTWARE_CORE) != 0) - swytebop(digest_buffer, state->core_state, state->descriptor->digest_length, state->driver->sw_word_size); -#if RPC_CLIENT != RPC_CLIENT_MIXED - else if ((err = hash_read_digest(state->core, state->driver, digest_buffer, state->descriptor->digest_length)) != HAL_OK) +#if RPC_CLIENT == RPC_CLIENT_MIXED + swytebop(digest_buffer, state->core_state, state->descriptor->digest_length, state->driver->sw_word_size); +out: + return err; +#else + err = hash_read_digest(state->core, state->driver, digest_buffer, state->descriptor->digest_length); +out: + hal_core_free(state->core); + return err; #endif - return err; - - return HAL_OK; } /* * Initialize HMAC state. */ -hal_error_t hal_hmac_initialize(const hal_core_t *core, +hal_error_t hal_hmac_initialize(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, hal_hmac_state_t **state_, void *state_buffer, const size_t state_length, @@ -706,9 +683,6 @@ hal_error_t hal_hmac_initialize(const hal_core_t *core, if (state_buffer != NULL && state_length < descriptor->hmac_state_length) return HAL_ERROR_BAD_ARGUMENTS; - if ((err = check_core(&core, descriptor, NULL)) != HAL_OK) - return err; - if (state_buffer == NULL && (state = alloc_static_hmac_state()) == NULL) return HAL_ERROR_ALLOCATION_FAILURE; diff --git a/masterkey.c b/masterkey.c index 6425515..ffae618 100644 --- a/masterkey.c +++ b/masterkey.c @@ -63,7 +63,7 @@ static int volatile_init = 0, flash_init = 0; -static const hal_core_t *core = NULL; +static hal_core_t *core = NULL; #define MKM_VOLATILE_STATUS_ADDRESS 0 #define MKM_VOLATILE_SCLK_DIV 0x20 diff --git a/mkmif.c b/mkmif.c index ffa9319..06a2c4b 100644 --- a/mkmif.c +++ b/mkmif.c @@ -43,77 +43,77 @@ typedef union { uint32_t word; } byteword_t; -hal_error_t hal_mkmif_init(const hal_core_t *core) +hal_error_t hal_mkmif_init(hal_core_t *core) { byteword_t cmd; hal_error_t err; - if (core == NULL) - return HAL_ERROR_CORE_NOT_FOUND; - cmd.word = htonl(MKMIF_CTRL_CMD_INIT); - if ((err = hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4)) || - (err = hal_io_wait_ready(core))) - return err; + err = hal_core_alloc(MKMIF_NAME, &core) || + hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4) || + hal_io_wait_ready(core); - return HAL_OK; + hal_core_free(core); + return err; } -hal_error_t hal_mkmif_set_clockspeed(const hal_core_t *core, const uint32_t divisor) +hal_error_t hal_mkmif_set_clockspeed(hal_core_t *core, const uint32_t divisor) { byteword_t data; - - if (core == NULL) - return HAL_ERROR_CORE_NOT_FOUND; + hal_error_t err; data.word = htonl(divisor); - return hal_io_write(core, MKMIF_ADDR_SCLK_DIV, data.byte, 4); + err = hal_core_alloc(MKMIF_NAME, &core) || + hal_io_write(core, MKMIF_ADDR_SCLK_DIV, data.byte, 4); + + hal_core_free(core); + return err; } -hal_error_t hal_mkmif_get_clockspeed(const hal_core_t *core, uint32_t *divisor) +hal_error_t hal_mkmif_get_clockspeed(hal_core_t *core, uint32_t *divisor) { byteword_t data; hal_error_t err; - if (core == NULL) - return HAL_ERROR_CORE_NOT_FOUND; + err = hal_core_alloc(MKMIF_NAME, &core) || + hal_io_read(core, MKMIF_ADDR_SCLK_DIV, data.byte, 4); - if ((err = hal_io_read(core, MKMIF_ADDR_SCLK_DIV, data.byte, 4))) - return err; + if (err == HAL_OK) + *divisor = htonl(data.word); - *divisor = htonl(data.word); - return HAL_OK; + hal_core_free(core); + return err; } -hal_error_t hal_mkmif_write(const hal_core_t *core, uint32_t addr, const uint8_t *buf, size_t len) +hal_error_t hal_mkmif_write(hal_core_t *core, uint32_t addr, const uint8_t *buf, size_t len) { byteword_t cmd; hal_error_t err; - if (core == NULL) - return HAL_ERROR_CORE_NOT_FOUND; - if (len % 4 != 0) return HAL_ERROR_IO_BAD_COUNT; cmd.word = htonl(MKMIF_CTRL_CMD_WRITE); - for (; len > 0; addr += 4, buf += 4, len -= 4) { - byteword_t write_addr; - write_addr.word = htonl((uint32_t)addr); - if ((err = hal_io_write(core, MKMIF_ADDR_EMEM_ADDR, write_addr.byte, 4)) || - (err = hal_io_write(core, MKMIF_ADDR_EMEM_DATA, buf, 4)) || - (err = hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4)) || - (err = hal_io_wait_ready(core))) - return err; + if ((err = hal_core_alloc(MKMIF_NAME, &core)) == HAL_OK) { + for (; len > 0; addr += 4, buf += 4, len -= 4) { + byteword_t write_addr; + write_addr.word = htonl((uint32_t)addr); + if ((err = hal_io_write(core, MKMIF_ADDR_EMEM_ADDR, write_addr.byte, 4)) || + (err = hal_io_write(core, MKMIF_ADDR_EMEM_DATA, buf, 4)) || + (err = hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4)) || + (err = hal_io_wait_ready(core))) + return err; + } } - return HAL_OK; + hal_core_free(core); + return err; } -hal_error_t hal_mkmif_write_word(const hal_core_t *core, uint32_t addr, const uint32_t data) +hal_error_t hal_mkmif_write_word(hal_core_t *core, uint32_t addr, const uint32_t data) { byteword_t d; @@ -122,33 +122,34 @@ hal_error_t hal_mkmif_write_word(const hal_core_t *core, uint32_t addr, const ui return hal_mkmif_write(core, addr, d.byte, 4); } -hal_error_t hal_mkmif_read(const hal_core_t *core, uint32_t addr, uint8_t *buf, size_t len) +hal_error_t hal_mkmif_read(hal_core_t *core, uint32_t addr, uint8_t *buf, size_t len) { byteword_t cmd; hal_error_t err; - if (core == NULL) - return HAL_ERROR_CORE_NOT_FOUND; - if (len % 4 != 0) return HAL_ERROR_IO_BAD_COUNT; cmd.word = htonl(MKMIF_CTRL_CMD_READ); - for (; len > 0; addr += 4, buf += 4, len -= 4) { - byteword_t read_addr; - read_addr.word = htonl((uint32_t)addr); - if ((err = hal_io_write(core, MKMIF_ADDR_EMEM_ADDR, read_addr.byte, 4)) || - (err = hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4)) || - (err = hal_io_wait_valid(core)) || - (err = hal_io_read(core, MKMIF_ADDR_EMEM_DATA, buf, 4))) - return err; + if ((err = hal_core_alloc(MKMIF_NAME, &core)) == HAL_OK) { + for (; len > 0; addr += 4, buf += 4, len -= 4) { + byteword_t read_addr; + read_addr.word = htonl((uint32_t)addr); + if ((err = hal_io_write(core, MKMIF_ADDR_EMEM_ADDR, read_addr.byte, 4)) || + (err = hal_io_write(core, MKMIF_ADDR_CTRL, cmd.byte, 4)) || + (err = hal_io_wait_valid(core)) || + (err = hal_io_read(core, MKMIF_ADDR_EMEM_DATA, buf, 4))) + goto out; + } } - return HAL_OK; +out: + hal_core_free(core); + return err; } -hal_error_t hal_mkmif_read_word(const hal_core_t *core, uint32_t addr, uint32_t *data) +hal_error_t hal_mkmif_read_word(hal_core_t *core, uint32_t addr, uint32_t *data) { byteword_t d; hal_error_t err; diff --git a/modexp.c b/modexp.c index b84c51b..bad492b 100644 --- a/modexp.c +++ b/modexp.c @@ -138,12 +138,14 @@ static hal_error_t set_buffer(const hal_core_t *core, * Run one modexp operation. */ -hal_error_t hal_modexp(const hal_core_t *core, +hal_error_t hal_modexp(hal_core_t *core, const uint8_t * const msg, const size_t msg_len, /* Message */ const uint8_t * const exp, const size_t exp_len, /* Exponent */ const uint8_t * const mod, const size_t mod_len, /* Modulus */ uint8_t *result, const size_t result_len) { + hal_error_t err; + /* * All pointers must be set, neither message nor exponent may be * longer than modulus, result buffer must not be shorter than @@ -160,6 +162,22 @@ hal_error_t hal_modexp(const hal_core_t *core, ((msg_len | exp_len | mod_len) & 3) != 0) return HAL_ERROR_BAD_ARGUMENTS; + if (((err = hal_core_alloc(MODEXPS6_NAME, &core)) == HAL_ERROR_CORE_NOT_FOUND) && + ((err = hal_core_alloc(MODEXPA7_NAME, &core)) != HAL_OK)) + return err; + +#undef check +#define check(_expr_) \ + do { \ + hal_error_t _err = (_expr_); \ + if (_err != HAL_OK && debug) \ + printf("%s failed: %s\n", #_expr_, hal_error_string(_err)); \ + if (_err != HAL_OK) { \ + hal_core_free(core); \ + return _err; \ + } \ + } while (0) + /* * We probably ought to take the mode (fast vs constant-time) as an * argument, but for the moment we just guess that really short diff --git a/pbkdf2.c b/pbkdf2.c index f361328..690831f 100644 --- a/pbkdf2.c +++ b/pbkdf2.c @@ -46,7 +46,7 @@ * if and when we get clever about reusing HMAC state for speed. */ -static hal_error_t do_hmac(const hal_core_t *core, +static hal_error_t do_hmac(hal_core_t *core, const hal_hash_descriptor_t * const d, const uint8_t * const pw, const size_t pw_len, const uint8_t * const data, const size_t data_len, @@ -78,7 +78,7 @@ static hal_error_t do_hmac(const hal_core_t *core, * Derive a key from a passphrase using the PBKDF2 algorithm. */ -hal_error_t hal_pbkdf2(const hal_core_t *core, +hal_error_t hal_pbkdf2(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, const uint8_t * const password, const size_t password_length, const uint8_t * const salt, const size_t salt_length, @@ -108,6 +108,13 @@ hal_error_t hal_pbkdf2(const hal_core_t *core, memset(result, 0, sizeof(result)); memset(mac, 0, sizeof(mac)); +#if 1 + /* HACK - find the second sha256 core, to avoid interfering with rpc. + */ + core = hal_core_find(descriptor->core_name, NULL); + core = hal_core_find(descriptor->core_name, core); +#endif + /* * We probably should check here to see whether the password is * longer than the HMAC block size, and, if so, we should hash the diff --git a/rsa.c b/rsa.c index c8a1479..82b7597 100644 --- a/rsa.c +++ b/rsa.c @@ -197,10 +197,6 @@ static hal_error_t modexp(const hal_core_t *core, { hal_error_t err = HAL_OK; - if (((err = hal_core_check_name(&core, MODEXPS6_NAME)) != HAL_OK) && - ((err = hal_core_check_name(&core, MODEXPA7_NAME)) != HAL_OK)) - return err; - assert(msg != NULL && exp != NULL && mod != NULL && res != NULL); fp_int reduced_msg[1] = INIT_FP_INT; diff --git a/tests/test-aes-key-wrap.c b/tests/test-aes-key-wrap.c index 1207acb..5ecd46d 100644 --- a/tests/test-aes-key-wrap.c +++ b/tests/test-aes-key-wrap.c @@ -109,7 +109,7 @@ static const char *format_hex(const uint8_t *bin, const size_t len, char *hex, c return hex; } -static int run_test(const hal_core_t *core, +static int run_test(hal_core_t *core, const uint8_t * const K, const size_t K_len, const uint8_t * const C, const size_t C_len) { @@ -169,7 +169,7 @@ int main (int argc, char *argv[]) printf("Testing whether AES core reports present..."); - const hal_core_t *core = hal_core_find(AES_CORE_NAME, NULL); + hal_core_t *core = hal_core_find(AES_CORE_NAME, NULL); if (core == NULL) { printf("no, skipping keywrap tests\n"); diff --git a/tests/test-hash.c b/tests/test-hash.c index 65ddf15..4e78243 100644 --- a/tests/test-hash.c +++ b/tests/test-hash.c @@ -540,7 +540,7 @@ static const uint8_t hmac_sha2_tc_7_result_sha512[] = { /* 64 bytes */ 0xfa, 0x8c, 0x6a, 0x58 }; -static int _test_hash(const hal_core_t *core, +static int _test_hash(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, const uint8_t * const data, const size_t data_len, const uint8_t * const result, const size_t result_len, @@ -588,7 +588,7 @@ static int _test_hash(const hal_core_t *core, return 1; } -static int _test_hmac(const hal_core_t *core, +static int _test_hmac(hal_core_t *core, const hal_hash_descriptor_t * const descriptor, const uint8_t * const key, const size_t key_len, const uint8_t * const data, const size_t data_len, @@ -643,7 +643,7 @@ static int _test_hmac(const hal_core_t *core, #define test_hmac(_core_, _desc_, _key_, _data_, _result_, _label_) \ _test_hmac(_core_, _desc_, _key_, sizeof(_key_), _data_, sizeof(_data_), _result_, sizeof(_result_), _label_) -static void show_core(const hal_core_t *core, const char *whinge) +static void show_core(hal_core_t *core, const char *whinge) { const hal_core_info_t *core_info = hal_core_info(core); if (core_info != NULL) @@ -654,9 +654,9 @@ static void show_core(const hal_core_t *core, const char *whinge) int main (int argc, char *argv[]) { - const hal_core_t * const sha1_core = hal_core_find(SHA1_NAME, NULL); - const hal_core_t * const sha256_core = hal_core_find(SHA256_NAME, NULL); - const hal_core_t * const sha512_core = hal_core_find(SHA512_NAME, NULL); + hal_core_t * const sha1_core = hal_core_find(SHA1_NAME, NULL); + hal_core_t * const sha256_core = hal_core_find(SHA256_NAME, NULL); + hal_core_t * const sha512_core = hal_core_find(SHA512_NAME, NULL); show_core(sha1_core, "sha-1"); show_core(sha256_core, "sha-256"); diff --git a/tests/test-mkmif.c b/tests/test-mkmif.c index a382cf6..ab5801e 100644 --- a/tests/test-mkmif.c +++ b/tests/test-mkmif.c @@ -19,7 +19,7 @@ typedef union { uint32_t word; } byteword_t; -static hal_error_t sclk_test(const hal_core_t *core, const uint32_t divisor) +static hal_error_t sclk_test(hal_core_t *core, const uint32_t divisor) { uint32_t readback; hal_error_t err; @@ -41,7 +41,7 @@ static hal_error_t sclk_test(const hal_core_t *core, const uint32_t divisor) return HAL_OK; } -static hal_error_t init_test(const hal_core_t *core) +static hal_error_t init_test(hal_core_t *core) { hal_error_t err; @@ -55,7 +55,7 @@ static hal_error_t init_test(const hal_core_t *core) return HAL_OK; } -static hal_error_t write_test(const hal_core_t *core) +static hal_error_t write_test(hal_core_t *core) { uint32_t write_data; uint32_t write_address; @@ -78,7 +78,7 @@ static hal_error_t write_test(const hal_core_t *core) return HAL_OK; } -static hal_error_t read_test(const hal_core_t *core) +static hal_error_t read_test(hal_core_t *core) { uint32_t read_data; uint32_t read_address; @@ -101,7 +101,7 @@ static hal_error_t read_test(const hal_core_t *core) return HAL_OK; } -static hal_error_t write_read_test(const hal_core_t *core) +static hal_error_t write_read_test(hal_core_t *core) { uint32_t data; uint32_t readback; @@ -131,7 +131,7 @@ static hal_error_t write_read_test(const hal_core_t *core) int main(void) { - const hal_core_t *core = hal_core_find(MKMIF_NAME, NULL); + hal_core_t *core = hal_core_find(MKMIF_NAME, NULL); if (core == NULL) { printf("MKMIF core not present, not testing.\n"); diff --git a/tests/test-pbkdf2.c b/tests/test-pbkdf2.c index 6de4b99..f3072a7 100644 --- a/tests/test-pbkdf2.c +++ b/tests/test-pbkdf2.c @@ -154,7 +154,7 @@ static void print_hex(const uint8_t * const val, const size_t len) printf(" %02x", val[i]); } -static int _test_pbkdf2(const hal_core_t *core, +static int _test_pbkdf2(hal_core_t *core, const uint8_t * const pwd, const size_t pwd_len, const uint8_t * const salt, const size_t salt_len, const uint8_t * const dk, const size_t dk_len, @@ -198,7 +198,7 @@ static int _test_pbkdf2(const hal_core_t *core, int main (int argc, char *argv[]) { - const hal_core_t *core = hal_core_find(SHA1_NAME, NULL); + hal_core_t *core = hal_core_find(SHA1_NAME, NULL); int ok = 1; if (core == NULL) diff --git a/tests/test-rsa.c b/tests/test-rsa.c index 60fe2a5..57037c0 100644 --- a/tests/test-rsa.c +++ b/tests/test-rsa.c @@ -49,7 +49,7 @@ * Run one modexp test. */ -static int test_modexp(const hal_core_t *core, +static int test_modexp(hal_core_t *core, const char * const kind, const rsa_tc_t * const tc, const rsa_tc_bn_t * const msg, /* Input message */ @@ -74,7 +74,7 @@ static int test_modexp(const hal_core_t *core, * Run one RSA CRT test. */ -static int test_decrypt(const hal_core_t *core, +static int test_decrypt(hal_core_t *core, const char * const kind, const rsa_tc_t * const tc) { @@ -115,7 +115,7 @@ static int test_decrypt(const hal_core_t *core, * Run one RSA key generation + CRT test. */ -static int test_gen(const hal_core_t *core, +static int test_gen(hal_core_t *core, const char * const kind, const rsa_tc_t * const tc) { @@ -277,7 +277,7 @@ static void _time_check(const struct timeval t0, const int ok) * and try generating a signature with that. */ -static int test_rsa(const hal_core_t *core, const rsa_tc_t * const tc) +static int test_rsa(hal_core_t *core, const rsa_tc_t * const tc) { int ok = 1; @@ -298,7 +298,7 @@ static int test_rsa(const hal_core_t *core, const rsa_tc_t * const tc) int main(int argc, char *argv[]) { - const hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL); + hal_core_t *core = hal_core_find(MODEXPS6_NAME, NULL); if (core == NULL) core = hal_core_find(MODEXPA7_NAME, NULL); const hal_core_info_t *core_info = hal_core_info(core); diff --git a/utils/cores.c b/utils/cores.c index 18e994d..b055dea 100644 --- a/utils/cores.c +++ b/utils/cores.c @@ -44,7 +44,7 @@ int main(int argc, char *argv[]) { - const hal_core_t *core; + hal_core_t *core; const hal_core_info_t *info; for (core = hal_core_iterate(NULL); core != NULL; core = hal_core_iterate(core)) { -- cgit v1.2.3