Refactored ksecprintf -> secprintf. Secure code is now all in common libtest161.
This library gets linked in by default in userland, and the common files are included in the kernel.
This commit is contained in:
Scott Haseley
107
common/libtest161/test161.c
Normal file
107
common/libtest161/test161.c
Normal file
@@ -0,0 +1,107 @@
|
||||
// Beware, this code is shared between the kernel and userspace.
|
||||
|
||||
#ifdef _KERNEL
|
||||
#include <types.h>
|
||||
#include <lib.h>
|
||||
#include <kern/errno.h>
|
||||
#include <kern/secure.h>
|
||||
#include <kern/test161.h>
|
||||
#else
|
||||
#include <string.h>
|
||||
#include <stdlib.h>
|
||||
#include <stdio.h>
|
||||
#include <errno.h>
|
||||
#include <test161/test161.h>
|
||||
#include <test161/secure.h>
|
||||
#endif
|
||||
|
||||
// Hack for allocating userspace memory without malloc.
|
||||
static char temp_buffer[4096];
|
||||
|
||||
static inline void * _alloc(size_t size)
|
||||
{
|
||||
#ifdef _KERNEL
|
||||
(void)temp_buffer;
|
||||
return kmalloc(size);
|
||||
#else
|
||||
(void)size;
|
||||
return temp_buffer;
|
||||
#endif
|
||||
}
|
||||
|
||||
static inline void _free(void *ptr)
|
||||
{
|
||||
#ifdef _KERNEL
|
||||
kfree(ptr);
|
||||
#else
|
||||
(void)ptr;
|
||||
#endif
|
||||
}
|
||||
|
||||
/*
|
||||
* Common success function for kernel tests. If SECRET_TESTING is defined,
|
||||
* ksecprintf will compute the hmac/sha256 hash of any message using the
|
||||
* shared secret and a random salt value. The (secure) server also knows
|
||||
* the secret and can verify the message was generated by a trusted source.
|
||||
* The salt value prevents against replay attacks.
|
||||
*/
|
||||
int
|
||||
success(int status, const char * secret, const char * name) {
|
||||
if (status == TEST161_SUCCESS) {
|
||||
return secprintf(secret, "SUCCESS", name);
|
||||
} else {
|
||||
return secprintf(secret, "FAIL", name);
|
||||
}
|
||||
}
|
||||
|
||||
#ifndef SECRET_TESTING
|
||||
|
||||
int
|
||||
secprintf(const char * secret, const char * msg, const char * name)
|
||||
{
|
||||
(void)secret;
|
||||
|
||||
#ifdef _KERNEL
|
||||
return kprintf("%s: %s\n", name, msg);
|
||||
#else
|
||||
return printf("%s: %s\n", name, msg);
|
||||
#endif
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
int
|
||||
secprintf(const char * secret, const char * msg, const char * name)
|
||||
{
|
||||
char *hash, *salt, *fullmsg;
|
||||
int res;
|
||||
size_t len;
|
||||
|
||||
hash = salt = fullmsg = NULL;
|
||||
|
||||
// test161 expects "name: msg"
|
||||
len = strlen(name) + strlen(msg) + 3; // +3 for " :" and null terminator
|
||||
fullmsg = (char *)_alloc(len);
|
||||
if (fullmsg == NULL) {
|
||||
return -ENOMEM;
|
||||
}
|
||||
snprintf(fullmsg, len, "%s: %s", name, msg);
|
||||
|
||||
res = hmac_salted(fullmsg, len-1, secret, strlen(secret), &hash, &salt);
|
||||
if (res)
|
||||
return -res;
|
||||
|
||||
#ifdef _KERNEL
|
||||
res = kprintf("(%s, %s, %s, %s: %s)\n", name, hash, salt, name, msg);
|
||||
#else
|
||||
res = printf("(%s, %s, %s, %s: %s)\n", name, hash, salt, name, msg);
|
||||
#endif
|
||||
|
||||
_free(hash);
|
||||
_free(salt);
|
||||
_free(fullmsg);
|
||||
|
||||
return res;
|
||||
}
|
||||
|
||||
#endif
|
||||
Reference in New Issue
Block a user