From 8189ea825a2c1a3c7ed8df3d2fc0d1df078a4e31 Mon Sep 17 00:00:00 2001 From: Sebastian Huber Date: Tue, 27 Mar 2018 14:42:31 +0200 Subject: CRYPTO(4): Port to RTEMS --- freebsd/sys/opencrypto/cryptodev.c | 75 ++++++++++++++ libbsd.py | 2 + libbsd_waf.py | 11 ++ rtemsbsd/include/crypto/cryptodev.h | 1 + testsuite/crypto01/test_main.c | 198 ++++++++++++++++++++++++++++++++++++ 5 files changed, 287 insertions(+) create mode 100644 rtemsbsd/include/crypto/cryptodev.h create mode 100644 testsuite/crypto01/test_main.c diff --git a/freebsd/sys/opencrypto/cryptodev.c b/freebsd/sys/opencrypto/cryptodev.c index 06e2e902..20c8c89b 100644 --- a/freebsd/sys/opencrypto/cryptodev.c +++ b/freebsd/sys/opencrypto/cryptodev.c @@ -295,6 +295,7 @@ struct fcrypt { int sesn; }; +#ifndef __rtems__ static int cryptof_ioctl(struct file *, u_long, void *, struct ucred *, struct thread *); static int cryptof_stat(struct file *, struct stat *, @@ -317,6 +318,9 @@ static struct fileops cryptofops = { .fo_sendfile = invfo_sendfile, .fo_fill_kinfo = cryptof_fill_kinfo, }; +#else /* __rtems__ */ +static const rtems_filesystem_file_handlers_r cryptofops; +#endif /* __rtems__ */ static struct csession *csefind(struct fcrypt *, u_int); static int csedelete(struct fcrypt *, struct csession *); @@ -684,6 +688,27 @@ bail: return (error); #undef SES2 } +#ifdef __rtems__ +static int +rtems_bsd_cryptof_ioctl(rtems_libio_t *iop, ioctl_command_t request, + void *buffer) +{ + struct thread *td; + int error; + + td = rtems_bsd_get_curthread_or_null(); + if (td != NULL) { + struct file *fp; + + fp = rtems_bsd_iop_to_fp(iop); + error = cryptof_ioctl(fp, request, buffer, NULL, td); + } else { + error = ENOMEM; + } + + return (rtems_bsd_error_to_status_and_errno(error)); +} +#endif /* __rtems__ */ static int cryptodev_cb(void *); @@ -1170,11 +1195,17 @@ cryptodev_find(struct crypt_find_op *find) /* ARGSUSED */ static int +#ifndef __rtems__ cryptof_stat( struct file *fp, struct stat *sb, struct ucred *active_cred, struct thread *td) +#else /* __rtems__ */ +rtems_bsd_cryptof_stat(const rtems_filesystem_location_info_t *loc, + struct stat *buf +#endif /* __rtems__ */ +) { return (EOPNOTSUPP); @@ -1195,7 +1226,28 @@ cryptof_close(struct file *fp, struct thread *td) fp->f_data = NULL; return 0; } +#ifdef __rtems__ +static int +rtems_bsd_cryptof_close(rtems_libio_t *iop) +{ + struct thread *td; + int error; + + td = rtems_bsd_get_curthread_or_null(); + if (td != NULL) { + struct file *fp; + + fp = rtems_bsd_iop_to_fp(iop); + error = cryptof_close(fp, td); + } else { + error = ENOMEM; + } + return (rtems_bsd_error_to_status_and_errno(error)); +} +#endif /* __rtems__ */ + +#ifndef __rtems__ static int cryptof_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) { @@ -1203,6 +1255,7 @@ cryptof_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp kif->kf_type = KF_TYPE_CRYPTO; return (0); } +#endif /* __rtems__ */ static struct csession * csefind(struct fcrypt *fcr, u_int ses) @@ -1316,7 +1369,9 @@ cryptoioctl(struct cdev *dev, u_long cmd, caddr_t data, int flag, struct thread /* falloc automatically provides an extra reference to 'f'. */ finit(f, FREAD | FWRITE, DTYPE_CRYPTO, fcr, &cryptofops); *(u_int32_t *)data = fd; +#ifndef __rtems__ fdrop(f, td); +#endif /* __rtems__ */ break; case CRIOFINDDEV: error = cryptodev_find((struct crypt_find_op *)data); @@ -1373,3 +1428,23 @@ MODULE_VERSION(cryptodev, 1); DECLARE_MODULE(cryptodev, cryptodev_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); MODULE_DEPEND(cryptodev, crypto, 1, 1, 1); MODULE_DEPEND(cryptodev, zlib, 1, 1, 1); +#ifdef __rtems__ +static const rtems_filesystem_file_handlers_r cryptofops = { + .open_h = rtems_filesystem_default_open, + .close_h = rtems_bsd_cryptof_close, + .read_h = rtems_filesystem_default_read, + .write_h = rtems_filesystem_default_write, + .ioctl_h = rtems_bsd_cryptof_ioctl, + .lseek_h = rtems_filesystem_default_lseek, + .fstat_h = rtems_bsd_cryptof_stat, + .ftruncate_h = rtems_filesystem_default_ftruncate, + .fsync_h = rtems_filesystem_default_fsync_or_fdatasync, + .fdatasync_h = rtems_filesystem_default_fsync_or_fdatasync, + .fcntl_h = rtems_filesystem_default_fcntl, + .poll_h = rtems_filesystem_default_poll, + .kqfilter_h = rtems_filesystem_default_kqfilter, + .readv_h = rtems_filesystem_default_readv, + .writev_h = rtems_filesystem_default_writev, + .mmap_h = rtems_filesystem_default_mmap +}; +#endif /* __rtems__ */ diff --git a/libbsd.py b/libbsd.py index 233c06cd..b31d3546 100644 --- a/libbsd.py +++ b/libbsd.py @@ -2046,6 +2046,7 @@ def opencrypto(mm): 'sys/opencrypto/criov.c', 'sys/opencrypto/crypto.c', 'sys/opencrypto/cryptodeflate.c', + 'sys/opencrypto/cryptodev.c', 'sys/opencrypto/cryptosoft.c', 'sys/opencrypto/gfmult.c', 'sys/opencrypto/gmac.c', @@ -4443,6 +4444,7 @@ def tests(mm): '../termios/test_termios_utilities'])) mod.addTest(mm.generator['test-if-header']('debugger01', 'rtems/rtems-debugger.h', ['test_main'], runTest = False, netTest = True)) + mod.addTest(mm.generator['test']('crypto01', ['test_main'])) return mod # diff --git a/libbsd_waf.py b/libbsd_waf.py index 65f5ae0f..6bda48e5 100644 --- a/libbsd_waf.py +++ b/libbsd_waf.py @@ -2236,6 +2236,7 @@ def build(bld): 'freebsd/sys/opencrypto/criov.c', 'freebsd/sys/opencrypto/crypto.c', 'freebsd/sys/opencrypto/cryptodeflate.c', + 'freebsd/sys/opencrypto/cryptodev.c', 'freebsd/sys/opencrypto/cryptosoft.c', 'freebsd/sys/opencrypto/gfmult.c', 'freebsd/sys/opencrypto/gmac.c', @@ -2601,6 +2602,16 @@ def build(bld): lib = ["m", "z"], install_path = None) + test_crypto01 = ['testsuite/crypto01/test_main.c'] + bld.program(target = "crypto01.exe", + features = "cprogram", + cflags = cflags, + includes = includes, + source = test_crypto01, + use = ["bsd"], + lib = ["m", "z"], + install_path = None) + if bld.env["HAVE_RTEMS_RTEMS_DEBUGGER_H"]: test_debugger01 = ['testsuite/debugger01/test_main.c'] bld.program(target = "debugger01.exe", diff --git a/rtemsbsd/include/crypto/cryptodev.h b/rtemsbsd/include/crypto/cryptodev.h new file mode 100644 index 00000000..47720d78 --- /dev/null +++ b/rtemsbsd/include/crypto/cryptodev.h @@ -0,0 +1 @@ +#include diff --git a/testsuite/crypto01/test_main.c b/testsuite/crypto01/test_main.c new file mode 100644 index 00000000..5c6b725e --- /dev/null +++ b/testsuite/crypto01/test_main.c @@ -0,0 +1,198 @@ +/* + * Copyright (c) 2018 embedded brains GmbH. All rights reserved. + * + * embedded brains GmbH + * Dornierstr. 4 + * 82178 Puchheim + * Germany + * + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#include +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include + +#define TEST_NAME "LIBBSD CRYPTO 1" + +#define KEY_LENGTH 16 + +typedef struct { + int dev_fd; + int session_fd; + struct session2_op session; +} test_context; + +static test_context test_instance; + +/* Test data obtained from http://cryptodev-linux.org/ */ + +static const char iv[AES_BLOCK_LEN]; + +static const char key_0[KEY_LENGTH] = { 0xff, 0xff, 0xc0, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; + +static const char plaintext_0[AES_BLOCK_LEN]; + +static const char ciphertext_0[AES_BLOCK_LEN] = { 0xdf, 0x55, 0x6a, 0x33, 0x43, + 0x8d, 0xb8, 0x7b, 0xc4, 0x1b, 0x17, 0x52, 0xc5, 0x5e, 0x5e, 0x49 }; + +static const char key_1[KEY_LENGTH]; + +static const char plaintext_1[AES_BLOCK_LEN] = { 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xc0, 0x00 }; + +static const char ciphertext_1[AES_BLOCK_LEN] = { 0xb7, 0x97, 0x2b, 0x39, 0x41, + 0xc4, 0x4b, 0x90, 0xaf, 0xa7, 0xb2, 0x64, 0xbf, 0xba, 0x73, 0x87 }; + +static void +aes_session_create(test_context *ctx, const void *key, size_t keylen) +{ + int rv; + + rv = ioctl(ctx->dev_fd, CRIOGET, &ctx->session_fd); + assert(rv == 0); + + memset(&ctx->session, 0, sizeof(ctx->session)); + ctx->session.cipher = CRYPTO_AES_CBC; + ctx->session.key = (caddr_t)key; + ctx->session.keylen = (u_int32_t)keylen; + ctx->session.crid = CRYPTO_FLAG_HARDWARE | CRYPTO_FLAG_SOFTWARE; + + rv = ioctl(ctx->session_fd, CIOCGSESSION2, &ctx->session); + assert(rv == 0); +} + +static void +aes_session_destroy(test_context *ctx) +{ + int rv; + + rv = ioctl(ctx->session_fd, CIOCFSESSION, &ctx->session.ses); + assert(rv == 0); + + rv = close(ctx->session_fd); + assert(rv == 0); +} + +static void +aes_encrypt(const test_context *ctx, const void *iv, const void *plaintext, + void *ciphertext, size_t len) +{ + struct crypt_op op; + int rv; + + memset(&op, 0, sizeof(op)); + op.op = COP_ENCRYPT; + op.ses = ctx->session.ses; + op.len = (u_int)len; + op.src = __DECONST(void *, plaintext); + op.dst = ciphertext; + op.iv = __DECONST(void *, iv); + rv = ioctl(ctx->session_fd, CIOCCRYPT, &op); + assert(rv == 0); +} + +static void +aes_decrypt(const test_context *ctx, const void *iv, const void *ciphertext, + void *plaintext, size_t len) +{ + struct crypt_op op; + int rv; + + memset(&op, 0, sizeof(op)); + op.op = COP_DECRYPT; + op.ses = ctx->session.ses; + op.len = (u_int)len; + op.src = __DECONST(void *, ciphertext); + op.dst = plaintext; + op.iv = __DECONST(void *, iv); + rv = ioctl(ctx->session_fd, CIOCCRYPT, &op); + assert(rv == 0); +} + +static void +aes_test(test_context *ctx, const char *key, const char *plaintext, + const char *expected_ciphertext) +{ + char ciphertext[AES_BLOCK_LEN]; + char decrypted_ciphertext[AES_BLOCK_LEN]; + + aes_session_create(ctx, key, KEY_LENGTH); + + memset(ciphertext, 0xff, AES_BLOCK_LEN); + aes_encrypt(ctx, iv, plaintext, ciphertext, AES_BLOCK_LEN); + assert(memcmp(ciphertext, expected_ciphertext, AES_BLOCK_LEN) == 0); + + memset(decrypted_ciphertext, 0xff, AES_BLOCK_LEN); + aes_decrypt(ctx, iv, ciphertext, decrypted_ciphertext, AES_BLOCK_LEN); + assert(memcmp(decrypted_ciphertext, plaintext, AES_BLOCK_LEN) == 0); + + aes_session_destroy(ctx); +} + +static void +test_main(void) +{ + test_context *ctx; + int allow; + int rv; + + ctx = &test_instance; + + allow = 1; + rv = sysctlbyname("kern.cryptodevallowsoft", NULL, NULL, &allow, + sizeof(allow)); + assert(rv == 0); + + ctx->dev_fd = open("/dev/crypto", O_RDWR); + assert(ctx->dev_fd >= 0); + + aes_test(ctx, key_0, plaintext_0, ciphertext_0); + aes_test(ctx, key_1, plaintext_1, ciphertext_1); + + rv = close(ctx->dev_fd); + assert(rv == 0); + + exit(0); +} + +#include + +#include + +SYSINIT_MODULE_REFERENCE(cryptodev); + +RTEMS_BSD_DEFINE_NEXUS_DEVICE(cryptosoft, 0, 0, NULL); + +#include -- cgit v1.2.3