Refactored ksecprintf -> secprintf. Secure code is now all in common libtest161.

This library gets linked in by default in userland, and the common files are
included in the kernel.

common/libc/secure/secure.h

@@ -1,16 +0,0 @@
-#ifndef _SECURE_H
-#define _SECURE_H
-
-#define SHA256_BLOCK_SIZE 64
-#define SHA256_OUTPUT_SIZE 32
-
-#define TOHEX(n) n < 10 ? '0'+n : 'a' + (n-10)
-
-// Compute the hex string from SHA256 hash output
-void hex_from_hash(unsigned char hash[SHA256_OUTPUT_SIZE], char res[SHA256_OUTPUT_SIZE*2 + 1]);
-
-// Compute the FIPS 198-1 complient HMAC of msg using SHA256
-void hmac_sha256(const char *msg, size_t msg_len, char *key, size_t key_len, 
-		unsigned char output[SHA256_OUTPUT_SIZE]);
-
-#endif //_SECURE_H

common/libtest161/secure.c

@@ -27,12 +27,28 @@
 static const unsigned char ipad[SHA256_BLOCK_SIZE] = { [0 ... SHA256_BLOCK_SIZE-1] = 0x36 };
 static const unsigned char opad[SHA256_BLOCK_SIZE] = { [0 ... SHA256_BLOCK_SIZE-1] = 0x5c };
 
+// Hack for not having a userspace malloc until ASST3. We 'allocate' these statuc buffers.
+// This works because the process single-threaded.
+#define NUM_BUFFERS 4
+#define BUFFER_LEN 1024
+
+static char temp_buffers[NUM_BUFFERS][BUFFER_LEN];
+static int buf_num = 0;
+
 static void * _alloc(size_t size)
 {
 #ifdef _KERNEL
+	// Compiler
+	(void)temp_buffers;
+	(void)buf_num;
+
 	return kmalloc(size);
 #else
-	return malloc(size);
+	(void)size;
+	void *ptr = temp_buffers[buf_num];
+	buf_num++;
+	buf_num = buf_num % NUM_BUFFERS;
+	return ptr;
 #endif
 }
 
@@ -41,7 +57,7 @@ static void _free(void *ptr)
 #ifdef _KERNEL
 	kfree(ptr);
 #else
-	free(ptr);
+	(void)ptr;
 #endif
 }
 

common/libtest161/test161.c

@@ -0,0 +1,107 @@
+// Beware, this code is shared between the kernel and userspace.
+
+#ifdef _KERNEL
+#include <types.h>
+#include <lib.h>
+#include <kern/errno.h>
+#include <kern/secure.h>
+#include <kern/test161.h>
+#else
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <test161/test161.h>
+#include <test161/secure.h>
+#endif
+
+// Hack for allocating userspace memory without malloc.
+static char temp_buffer[4096];
+
+static inline void * _alloc(size_t size)
+{
+#ifdef _KERNEL
+	(void)temp_buffer;
+	return kmalloc(size);
+#else
+	(void)size;
+	return temp_buffer;
+#endif
+}
+
+static inline void _free(void *ptr)
+{
+#ifdef _KERNEL
+	kfree(ptr);
+#else
+	(void)ptr;
+#endif
+}
+
+/*
+ * Common success function for kernel tests. If SECRET_TESTING is defined,
+ * ksecprintf will compute the hmac/sha256 hash of any message using the
+ * shared secret and a random salt value. The (secure) server also knows
+ * the secret and can verify the message was generated by a trusted source.
+ * The salt value prevents against replay attacks.
+ */
+int
+success(int status, const char * secret, const char * name) {
+	if (status == TEST161_SUCCESS) {
+		return secprintf(secret, "SUCCESS", name);
+	} else {
+		return secprintf(secret, "FAIL", name);
+	}
+}
+
+#ifndef SECRET_TESTING
+
+int
+secprintf(const char * secret, const char * msg, const char * name)
+{
+	(void)secret;
+
+#ifdef _KERNEL
+	return kprintf("%s: %s\n", name, msg);
+#else
+	return printf("%s: %s\n", name, msg);
+#endif
+}
+
+#else
+
+int
+secprintf(const char * secret, const char * msg, const char * name)
+{
+	char *hash, *salt, *fullmsg;
+	int res;
+	size_t len;
+
+	hash = salt = fullmsg = NULL;
+
+	// test161 expects "name: msg"
+	len = strlen(name) + strlen(msg) + 3;	// +3 for " :" and null terminator
+	fullmsg = (char *)_alloc(len);
+	if (fullmsg == NULL) {
+		return -ENOMEM;
+	}
+	snprintf(fullmsg, len, "%s: %s", name, msg);
+
+	res = hmac_salted(fullmsg, len-1, secret, strlen(secret), &hash, &salt);
+	if (res)
+		return -res;
+
+#ifdef _KERNEL
+	res = kprintf("(%s, %s, %s, %s: %s)\n", name, hash, salt, name, msg);
+#else
+	res = printf("(%s, %s, %s, %s: %s)\n", name, hash, salt, name, msg);
+#endif
+
+	_free(hash);
+	_free(salt);
+	_free(fullmsg);
+
+	return res;
+}
+
+#endif