On 03/13/2012 07:44 AM, Fabio M. Di Nitto wrote:
> From: "Fabio M. Di Nitto" <fdinitto@xxxxxxxxxx>
>
> totem doesn't need to understand what crypto does.
>
> totem needs to be able to tell crypto: "those are data, play with them"
> and crypto needs to return: "here are your scrambled data and the new size"
>
crypto should take a max size (the network mtu) and ensure that what it
will only take an input that would product a maximum packet size. This
is not trivial. I suggest having a call within crypto to return the
extra blob data needed by the crypto code to hit the mtu size.
What we want to avoid is ever sending packets larger then the MTU
because while udp can send up to 64k byte messages, when networks are
lossy it can trigger problems in totem to have udp-fragmented packets.
Regards
-steve
> similar to decrypt/verify.
>
> this way we add enough dynamic within crypto to change header size and all
> at any given time (for different hash algorithm for example) without
> affecting on wire compat.
>
> Signed-off-by: Fabio M. Di Nitto <fdinitto@xxxxxxxxxx>
> ---
> exec/crypto.c | 167 +++++++++++++---------------------------
> exec/crypto.h | 27 +++----
> exec/totemconfig.c | 2 +-
> exec/totemudp.c | 111 ++++++++------------------
> exec/totemudpu.c | 106 ++++++++-----------------
> include/corosync/totem/totem.h | 3 +-
> 6 files changed, 137 insertions(+), 279 deletions(-)
>
> diff --git a/exec/crypto.c b/exec/crypto.c
> index 7d40efc..2c6b9ef 100644
> --- a/exec/crypto.c
> +++ b/exec/crypto.c
> @@ -76,6 +76,13 @@
> #include <pkcs11.h>
> #include <prerror.h>
>
> +#define CRYPTO_HMAC_HASH_SIZE 20
> +struct crypto_security_header {
> + unsigned char hash_digest[CRYPTO_HMAC_HASH_SIZE]; /* The hash *MUST* be first in the data structure */
> + unsigned char salt[16]; /* random number */
> + char msg[0];
> +} __attribute__((packed));
> +
> struct crypto_instance {
> PK11SymKey *nss_sym_key;
> PK11SymKey *nss_sym_key_sign;
> @@ -84,6 +91,10 @@ struct crypto_instance {
>
> unsigned int private_key_len;
>
> + int crypto_crypt_type;
> +
> + int crypto_hash_type;
> +
> void (*log_printf_func) (
> int level,
> int subsys,
> @@ -117,58 +128,6 @@ do { \
> fmt ": %s (%d)", ##args, _error_ptr, err_num); \
> } while(0)
>
> -
> -static unsigned char *copy_from_iovec(
> - const struct iovec *iov,
> - unsigned int iov_len,
> - size_t *buf_size)
> -{
> - int i;
> - size_t bufptr;
> - size_t buflen = 0;
> - unsigned char *newbuf;
> -
> - for (i=0; i<iov_len; i++)
> - buflen += iov[i].iov_len;
> -
> - newbuf = malloc(buflen);
> - if (!newbuf)
> - return NULL;
> -
> - bufptr=0;
> - for (i=0; i<iov_len; i++) {
> - memcpy(newbuf+bufptr, iov[i].iov_base, iov[i].iov_len);
> - bufptr += iov[i].iov_len;
> - }
> - *buf_size = buflen;
> - return newbuf;
> -}
> -
> -static void copy_to_iovec(
> - struct iovec *iov,
> - unsigned int iov_len,
> - const unsigned char *buf,
> - size_t buf_size)
> -{
> - int i;
> - size_t copylen;
> - size_t bufptr = 0;
> -
> - bufptr=0;
> - for (i=0; i<iov_len; i++) {
> - copylen = iov[i].iov_len;
> - if (bufptr + copylen > buf_size) {
> - copylen = buf_size - bufptr;
> - }
> - memcpy(iov[i].iov_base, buf+bufptr, copylen);
> - bufptr += copylen;
> - if (iov[i].iov_len != copylen) {
> - iov[i].iov_len = copylen;
> - return;
> - }
> - }
> -}
> -
> static void init_nss_crypto(struct crypto_instance *instance)
> {
> PK11SlotInfo* aes_slot = NULL;
> @@ -186,6 +145,9 @@ static void init_nss_crypto(struct crypto_instance *instance)
> goto out;
> }
>
> + /*
> + * TODO: use instance info!
> + */
> aes_slot = PK11_GetBestSlot(CKM_AES_CBC_PAD, NULL);
> if (aes_slot == NULL)
> {
> @@ -234,19 +196,16 @@ out:
>
> static int encrypt_and_sign_nss (
> struct crypto_instance *instance,
> - unsigned char *buf,
> - size_t *buf_len,
> - const struct iovec *iovec,
> - unsigned int iov_len)
> + const unsigned char *buf_in,
> + const size_t buf_in_len,
> + unsigned char *buf_out,
> + size_t *buf_out_len)
> {
> PK11Context* enc_context = NULL;
> SECStatus rv1, rv2;
> int tmp1_outlen;
> unsigned int tmp2_outlen;
> - unsigned char *inbuf;
> - unsigned char *data;
> unsigned char *outdata;
> - size_t datalen;
> SECItem no_params;
> SECItem iv_item;
> struct crypto_security_header *header;
> @@ -259,17 +218,9 @@ static int encrypt_and_sign_nss (
> no_params.len = 0;
>
> tmp1_outlen = tmp2_outlen = 0;
> - inbuf = copy_from_iovec(iovec, iov_len, &datalen);
> - if (!inbuf) {
> - log_printf(instance->log_level_security, "malloc error copying buffer from iovec");
> - return -1;
> - }
> -
> - data = inbuf + sizeof (struct crypto_security_header);
> - datalen -= sizeof (struct crypto_security_header);
>
> - outdata = buf + sizeof (struct crypto_security_header);
> - header = (struct crypto_security_header *)buf;
> + outdata = buf_out + sizeof (struct crypto_security_header);
> + header = (struct crypto_security_header *)buf_out;
>
> rv = PK11_GenerateRandom (
> nss_iv_data,
> @@ -292,7 +243,6 @@ static int encrypt_and_sign_nss (
> log_printf(instance->log_level_security,
> "Failure to set up PKCS11 param (err %d)",
> PR_GetError());
> - free (inbuf);
> return (-1);
> }
>
> @@ -312,19 +262,16 @@ static int encrypt_and_sign_nss (
> "PK11_CreateContext failed (encrypt) crypt_type=%d (err %d): %s",
> CKM_AES_CBC_PAD,
> PR_GetError(), err);
> - free(inbuf);
> return -1;
> }
> rv1 = PK11_CipherOp(enc_context, outdata,
> &tmp1_outlen, FRAME_SIZE_MAX - sizeof(struct crypto_security_header),
> - data, datalen);
> + (unsigned char *)buf_in, buf_in_len);
> rv2 = PK11_DigestFinal(enc_context, outdata + tmp1_outlen, &tmp2_outlen,
> FRAME_SIZE_MAX - tmp1_outlen);
> PK11_DestroyContext(enc_context, PR_TRUE);
>
> - *buf_len = tmp1_outlen + tmp2_outlen;
> - free(inbuf);
> -// memcpy(&outdata[*buf_len], nss_iv_data, sizeof(nss_iv_data));
> + *buf_out_len = tmp1_outlen + tmp2_outlen;
>
> if (rv1 != SECSuccess || rv2 != SECSuccess)
> goto out;
> @@ -344,7 +291,7 @@ static int encrypt_and_sign_nss (
>
> PK11_DigestBegin(enc_context);
>
> - rv1 = PK11_DigestOp(enc_context, outdata - 16, *buf_len + 16);
> + rv1 = PK11_DigestOp(enc_context, outdata - 16, *buf_out_len + 16);
> rv2 = PK11_DigestFinal(enc_context, header->hash_digest, &tmp2_outlen, sizeof(header->hash_digest));
>
> PK11_DestroyContext(enc_context, PR_TRUE);
> @@ -353,7 +300,7 @@ static int encrypt_and_sign_nss (
> goto out;
>
>
> - *buf_len = *buf_len + sizeof(struct crypto_security_header);
> + *buf_out_len = *buf_out_len + sizeof(struct crypto_security_header);
> SECITEM_FreeItem(nss_sec_param, PR_TRUE);
> return 0;
>
> @@ -364,8 +311,8 @@ out:
>
> static int authenticate_and_decrypt_nss (
> struct crypto_instance *instance,
> - struct iovec *iov,
> - unsigned int iov_len)
> + unsigned char *buf,
> + int *buf_len)
> {
> PK11Context* enc_context = NULL;
> SECStatus rv1, rv2;
> @@ -378,7 +325,7 @@ static int authenticate_and_decrypt_nss (
> unsigned char *data;
> unsigned char *inbuf;
> size_t datalen;
> - struct crypto_security_header *header = (struct crypto_security_header *)iov[0].iov_base;
> + struct crypto_security_header *header = (struct crypto_security_header *)buf;
> SECItem no_params;
> SECItem ivdata;
>
> @@ -387,17 +334,8 @@ static int authenticate_and_decrypt_nss (
> no_params.len = 0;
>
> tmp1_outlen = tmp2_outlen = 0;
> - if (iov_len > 1) {
> - inbuf = copy_from_iovec(iov, iov_len, &datalen);
> - if (!inbuf) {
> - log_printf(instance->log_level_security, "malloc error copying buffer from iovec");
> - return -1;
> - }
> - }
> - else {
> - inbuf = (unsigned char *)iov[0].iov_base;
> - datalen = iov[0].iov_len;
> - }
> + inbuf = (unsigned char *)buf;
> + datalen = *buf_len;
> data = inbuf + sizeof (struct crypto_security_header) - 16;
> datalen = datalen - sizeof (struct crypto_security_header) + 16;
>
> @@ -414,7 +352,6 @@ static int authenticate_and_decrypt_nss (
> err[PR_GetErrorTextLength()] = 0;
> log_printf(instance->log_level_security, "PK11_CreateContext failed (check digest) err %d: %s",
> PR_GetError(), err);
> - free (inbuf);
> return -1;
> }
>
> @@ -470,10 +407,10 @@ static int authenticate_and_decrypt_nss (
> PK11_DestroyContext(enc_context, PR_TRUE);
> result_len = tmp1_outlen + tmp2_outlen + sizeof (struct crypto_security_header);
>
> - /* Copy it back to the buffer */
> - copy_to_iovec(iov, iov_len, outbuf, result_len);
> - if (iov_len > 1)
> - free(inbuf);
> + memset(buf, 0, *buf_len);
> + memcpy(buf, outdata, result_len);
> +
> + *buf_len = result_len;
>
> if (rv1 != SECSuccess || rv2 != SECSuccess)
> return -1;
> @@ -481,36 +418,36 @@ static int authenticate_and_decrypt_nss (
> return 0;
> }
>
> +size_t crypto_sec_header_size(int crypt_hash_type)
> +{
> + /*
> + * TODO: add switch / size mapping
> + */
> + return sizeof(struct crypto_security_header);
> +}
> +
> int crypto_encrypt_and_sign (
> struct crypto_instance *instance,
> - unsigned char *buf,
> - size_t *buf_len,
> - const struct iovec *iovec,
> - unsigned int iov_len)
> + const unsigned char *buf_in,
> + const size_t buf_in_len,
> + unsigned char *buf_out,
> + size_t *buf_out_len)
> {
> -
> - return (encrypt_and_sign_nss(instance, buf, buf_len, iovec, iov_len));
> + return (encrypt_and_sign_nss(instance, buf_in, buf_in_len, buf_out, buf_out_len));
> }
>
> int crypto_authenticate_and_decrypt (struct crypto_instance *instance,
> - struct iovec *iov,
> - unsigned int iov_len)
> + unsigned char *buf,
> + int *buf_len)
> {
> - unsigned char type;
> - unsigned char *endbuf = (unsigned char *)iov[iov_len-1].iov_base;
> -
> - /*
> - * Get the encryption type and remove it from the buffer
> - */
> - type = endbuf[iov[iov_len-1].iov_len-1];
> - iov[iov_len-1].iov_len -= 1;
> -
> - return (authenticate_and_decrypt_nss(instance, iov, iov_len));
> + return (authenticate_and_decrypt_nss(instance, buf, buf_len));
> }
>
> struct crypto_instance *crypto_init(
> const unsigned char *private_key,
> unsigned int private_key_len,
> + int crypto_crypt_type,
> + int crypto_hash_type,
> void (*log_printf_func) (
> int level,
> int subsys,
> @@ -533,6 +470,8 @@ struct crypto_instance *crypto_init(
>
> memcpy(instance->private_key, private_key, private_key_len);
> instance->private_key_len = private_key_len;
> + instance->crypto_crypt_type = crypto_crypt_type;
> + instance->crypto_hash_type = crypto_hash_type;
> instance->log_printf_func = log_printf_func;
> instance->log_level_security = log_level_security;
> instance->log_level_notice = log_level_notice;
> diff --git a/exec/crypto.h b/exec/crypto.h
> index b98ca48..74c6434 100644
> --- a/exec/crypto.h
> +++ b/exec/crypto.h
> @@ -38,29 +38,28 @@
>
> #include <sys/types.h>
>
> -#define CRYPTO_HMAC_HASH_SIZE 20
> -struct crypto_security_header {
> - unsigned char hash_digest[CRYPTO_HMAC_HASH_SIZE]; /* The hash *MUST* be first in the data structure */
> - unsigned char salt[16]; /* random number */
> - char msg[0];
> -} __attribute__((packed));
> -
> struct crypto_instance;
>
> -extern int crypto_authenticate_and_decrypt (struct crypto_instance *instance,
> - struct iovec *iov,
> - unsigned int iov_len);
> +extern size_t crypto_sec_header_size(
> + int crypt_hash_type);
>
> -extern int crypto_encrypt_and_sign (
> +extern int crypto_authenticate_and_decrypt (
> struct crypto_instance *instance,
> unsigned char *buf,
> - size_t *buf_len,
> - const struct iovec *iovec,
> - unsigned int iov_len);
> + int *buf_len);
> +
> +extern int crypto_encrypt_and_sign (
> + struct crypto_instance *instance,
> + const unsigned char *buf_in,
> + const size_t buf_in_len,
> + unsigned char *buf_out,
> + size_t *buf_out_len);
>
> extern struct crypto_instance *crypto_init(
> const unsigned char *private_key,
> unsigned int private_key_len,
> + int crypto_crypt_type,
> + int crypto_hash_type,
> void (*log_printf_func) (
> int level,
> int subsys,
> diff --git a/exec/totemconfig.c b/exec/totemconfig.c
> index dcc9b66..a5c1617 100644
> --- a/exec/totemconfig.c
> +++ b/exec/totemconfig.c
> @@ -130,7 +130,7 @@ static void totem_get_crypto_type(struct totem_config *totem_config)
> * Encryption type can be set on-the-fly using CFG
> */
> totem_config->crypto_crypt_type = CKM_AES_CBC_PAD;
> - totem_config->crypto_sign_type = CKM_SHA256_RSA_PKCS;
> + totem_config->crypto_hash_type = CKM_SHA256_RSA_PKCS;
>
> if (icmap_get_string("totem.crypto_type", &str) == CS_OK) {
> if (strcmp(str, "nss") == 0 || strcmp(str, "aes256") == 0) {
> diff --git a/exec/totemudp.c b/exec/totemudp.c
> index 5386ede..b49110b 100644
> --- a/exec/totemudp.c
> +++ b/exec/totemudp.c
> @@ -253,42 +253,30 @@ static inline void ucast_sendmsg (
> {
> struct msghdr msg_ucast;
> int res = 0;
> - size_t buf_len;
> - unsigned char sheader[sizeof (struct crypto_security_header)];
> - unsigned char encrypt_data[FRAME_SIZE_MAX];
> - struct iovec iovec_encrypt[2];
> - const struct iovec *iovec_sendmsg;
> + size_t buf_out_len;
> + unsigned char buf_out[FRAME_SIZE_MAX];
> struct sockaddr_storage sockaddr;
> struct iovec iovec;
> - unsigned int iov_len;
> int addrlen;
>
> if (instance->totem_config->secauth == 1) {
> - iovec_encrypt[0].iov_base = (void *)sheader;
> - iovec_encrypt[0].iov_len = sizeof (struct crypto_security_header);
> - iovec_encrypt[1].iov_base = (void *)msg;
> - iovec_encrypt[1].iov_len = msg_len;
> /*
> * Encrypt and digest the message
> */
> - crypto_encrypt_and_sign (
> + if (crypto_encrypt_and_sign (
> instance->crypto_inst,
> - encrypt_data,
> - &buf_len,
> - iovec_encrypt,
> - 2);
> -
> - encrypt_data[buf_len++] = instance->totem_config->crypto_type;
> + (const unsigned char *)msg,
> + msg_len,
> + buf_out,
> + &buf_out_len) != 0) {
> + log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
> + }
>
> - iovec_encrypt[0].iov_base = (void *)encrypt_data;
> - iovec_encrypt[0].iov_len = buf_len;
> - iovec_sendmsg = &iovec_encrypt[0];
> - iov_len = 1;
> + iovec.iov_base = (void *)buf_out;
> + iovec.iov_len = buf_out_len;
> } else {
> iovec.iov_base = (void *)msg;
> iovec.iov_len = msg_len;
> - iovec_sendmsg = &iovec;
> - iov_len = 1;
> }
>
> /*
> @@ -298,8 +286,8 @@ static inline void ucast_sendmsg (
> instance->totem_interface->ip_port, &sockaddr, &addrlen);
> msg_ucast.msg_name = &sockaddr;
> msg_ucast.msg_namelen = addrlen;
> - msg_ucast.msg_iov = (void *) iovec_sendmsg;
> - msg_ucast.msg_iovlen = iov_len;
> + msg_ucast.msg_iov = (void *)&iovec;
> + msg_ucast.msg_iovlen = 1;
> #if !defined(COROSYNC_SOLARIS)
> msg_ucast.msg_control = 0;
> msg_ucast.msg_controllen = 0;
> @@ -329,45 +317,30 @@ static inline void mcast_sendmsg (
> {
> struct msghdr msg_mcast;
> int res = 0;
> - size_t buf_len;
> - unsigned char sheader[sizeof (struct crypto_security_header)];
> - unsigned char encrypt_data[FRAME_SIZE_MAX];
> - struct iovec iovec_encrypt[2];
> + size_t buf_out_len;
> + unsigned char buf_out[FRAME_SIZE_MAX];
> struct iovec iovec;
> - const struct iovec *iovec_sendmsg;
> struct sockaddr_storage sockaddr;
> - unsigned int iov_len;
> int addrlen;
>
> if (instance->totem_config->secauth == 1) {
> -
> - iovec_encrypt[0].iov_base = (void *)sheader;
> - iovec_encrypt[0].iov_len = sizeof (struct crypto_security_header);
> - iovec_encrypt[1].iov_base = (void *)msg;
> - iovec_encrypt[1].iov_len = msg_len;
> -
> /*
> * Encrypt and digest the message
> */
> - crypto_encrypt_and_sign (
> + if (crypto_encrypt_and_sign (
> instance->crypto_inst,
> - encrypt_data,
> - &buf_len,
> - iovec_encrypt,
> - 2);
> -
> - encrypt_data[buf_len++] = instance->totem_config->crypto_type;
> + (const unsigned char *)msg,
> + msg_len,
> + buf_out,
> + &buf_out_len) != 0) {
> + log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
> + }
>
> - iovec_encrypt[0].iov_base = (void *)encrypt_data;
> - iovec_encrypt[0].iov_len = buf_len;
> - iovec_sendmsg = &iovec_encrypt[0];
> - iov_len = 1;
> + iovec.iov_base = (void *)&buf_out;
> + iovec.iov_len = buf_out_len;
> } else {
> iovec.iov_base = (void *)msg;
> iovec.iov_len = msg_len;
> -
> - iovec_sendmsg = &iovec;
> - iov_len = 1;
> }
>
> /*
> @@ -377,8 +350,8 @@ static inline void mcast_sendmsg (
> instance->totem_interface->ip_port, &sockaddr, &addrlen);
> msg_mcast.msg_name = &sockaddr;
> msg_mcast.msg_namelen = addrlen;
> - msg_mcast.msg_iov = (void *) iovec_sendmsg;
> - msg_mcast.msg_iovlen = iov_len;
> + msg_mcast.msg_iov = (void *)&iovec;
> + msg_mcast.msg_iovlen = 1;
> #if !defined(COROSYNC_SOLARIS)
> msg_mcast.msg_control = 0;
> msg_mcast.msg_controllen = 0;
> @@ -439,8 +412,6 @@ static int net_deliver_fn (
> struct sockaddr_storage system_from;
> int bytes_received;
> int res = 0;
> - unsigned char *msg_offset;
> - unsigned int size_delv;
> char *message_type;
>
> if (instance->flushing == 1) {
> @@ -472,20 +443,11 @@ static int net_deliver_fn (
> instance->stats_recv += bytes_received;
> }
>
> - if ((instance->totem_config->secauth == 1) &&
> - (bytes_received < sizeof (struct crypto_security_header))) {
> -
> - log_printf (instance->totemudp_log_level_security, "Received message is too short... ignoring %d.", bytes_received);
> - return (0);
> - }
> -
> - iovec->iov_len = bytes_received;
> if (instance->totem_config->secauth == 1) {
> /*
> * Authenticate and if authenticated, decrypt datagram
> */
> -
> - res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec, 1);
> + res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
> if (res == -1) {
> log_printf (instance->totemudp_log_level_security, "Received message has invalid digest... ignoring.");
> log_printf (instance->totemudp_log_level_security,
> @@ -493,31 +455,26 @@ static int net_deliver_fn (
> iovec->iov_len = FRAME_SIZE_MAX;
> return 0;
> }
> - msg_offset = (unsigned char *)iovec->iov_base +
> - sizeof (struct crypto_security_header);
> - size_delv = bytes_received - sizeof (struct crypto_security_header);
> - } else {
> - msg_offset = (void *)iovec->iov_base;
> - size_delv = bytes_received;
> }
> + iovec->iov_len = bytes_received;
>
> /*
> * Drop all non-mcast messages (more specifically join
> * messages should be dropped)
> */
> - message_type = (char *)msg_offset;
> + message_type = (char *)iovec->iov_base;
> if (instance->flushing == 1 && *message_type != MESSAGE_TYPE_MCAST) {
> iovec->iov_len = FRAME_SIZE_MAX;
> return (0);
> }
> -
> +
> /*
> * Handle incoming message
> */
> instance->totemudp_deliver_fn (
> instance->context,
> - msg_offset,
> - size_delv);
> + iovec->iov_base,
> + iovec->iov_len);
>
> iovec->iov_len = FRAME_SIZE_MAX;
> return (0);
> @@ -1067,6 +1024,8 @@ int totemudp_initialize (
> */
> instance->crypto_inst = crypto_init (totem_config->private_key,
> totem_config->private_key_len,
> + totem_config->crypto_crypt_type,
> + totem_config->crypto_hash_type,
> instance->totemudp_log_printf,
> instance->totemudp_log_level_security,
> instance->totemudp_log_level_notice,
> @@ -1221,7 +1180,7 @@ extern void totemudp_net_mtu_adjust (void *udp_context, struct totem_config *tot
> {
> #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */
> if (totem_config->secauth == 1) {
> - totem_config->net_mtu -= sizeof (struct crypto_security_header) +
> + totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
> UDPIP_HEADER_SIZE;
> } else {
> totem_config->net_mtu -= UDPIP_HEADER_SIZE;
> diff --git a/exec/totemudpu.c b/exec/totemudpu.c
> index 7ed366e..ab1a059 100644
> --- a/exec/totemudpu.c
> +++ b/exec/totemudpu.c
> @@ -241,43 +241,30 @@ static inline void ucast_sendmsg (
> {
> struct msghdr msg_ucast;
> int res = 0;
> - size_t buf_len;
> - unsigned char sheader[sizeof (struct crypto_security_header)];
> - unsigned char encrypt_data[FRAME_SIZE_MAX];
> - struct iovec iovec_encrypt[2];
> - const struct iovec *iovec_sendmsg;
> + size_t buf_out_len;
> + unsigned char buf_out[FRAME_SIZE_MAX];
> struct sockaddr_storage sockaddr;
> struct iovec iovec;
> - unsigned int iov_len;
> int addrlen;
>
> if (instance->totem_config->secauth == 1) {
> - iovec_encrypt[0].iov_base = (void *)sheader;
> - iovec_encrypt[0].iov_len = sizeof (struct crypto_security_header);
> - iovec_encrypt[1].iov_base = (void *)msg;
> - iovec_encrypt[1].iov_len = msg_len;
> -
> /*
> * Encrypt and digest the message
> */
> - crypto_encrypt_and_sign (
> + if (crypto_encrypt_and_sign (
> instance->crypto_inst,
> - encrypt_data,
> - &buf_len,
> - iovec_encrypt,
> - 2);
> -
> - encrypt_data[buf_len++] = instance->totem_config->crypto_type;
> + (const unsigned char *)msg,
> + msg_len,
> + buf_out,
> + &buf_out_len) != 0) {
> + log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?");
> + }
>
> - iovec_encrypt[0].iov_base = (void *)encrypt_data;
> - iovec_encrypt[0].iov_len = buf_len;
> - iovec_sendmsg = &iovec_encrypt[0];
> - iov_len = 1;
> + iovec.iov_base = (void *)buf_out;
> + iovec.iov_len = buf_out_len;
> } else {
> iovec.iov_base = (void *)msg;
> iovec.iov_len = msg_len;
> - iovec_sendmsg = &iovec;
> - iov_len = 1;
> }
>
> /*
> @@ -287,8 +274,8 @@ static inline void ucast_sendmsg (
> instance->totem_interface->ip_port, &sockaddr, &addrlen);
> msg_ucast.msg_name = &sockaddr;
> msg_ucast.msg_namelen = addrlen;
> - msg_ucast.msg_iov = (void *) iovec_sendmsg;
> - msg_ucast.msg_iovlen = iov_len;
> + msg_ucast.msg_iov = (void *)&iovec;
> + msg_ucast.msg_iovlen = 1;
> #if !defined(COROSYNC_SOLARIS)
> msg_ucast.msg_control = 0;
> msg_ucast.msg_controllen = 0;
> @@ -317,46 +304,32 @@ static inline void mcast_sendmsg (
> {
> struct msghdr msg_mcast;
> int res = 0;
> - size_t buf_len;
> - unsigned char sheader[sizeof (struct crypto_security_header)];
> - unsigned char encrypt_data[FRAME_SIZE_MAX];
> - struct iovec iovec_encrypt[2];
> + size_t buf_out_len;
> + unsigned char buf_out[FRAME_SIZE_MAX];
> struct iovec iovec;
> - const struct iovec *iovec_sendmsg;
> struct sockaddr_storage sockaddr;
> - unsigned int iov_len;
> int addrlen;
> struct list_head *list;
> struct totemudpu_member *member;
>
> if (instance->totem_config->secauth == 1) {
> - iovec_encrypt[0].iov_base = (void *)sheader;
> - iovec_encrypt[0].iov_len = sizeof (struct crypto_security_header);
> - iovec_encrypt[1].iov_base = (void *)msg;
> - iovec_encrypt[1].iov_len = msg_len;
> -
> /*
> * Encrypt and digest the message
> */
> - crypto_encrypt_and_sign (
> + if(crypto_encrypt_and_sign (
> instance->crypto_inst,
> - encrypt_data,
> - &buf_len,
> - iovec_encrypt,
> - 2);
> -
> - encrypt_data[buf_len++] = instance->totem_config->crypto_type;
> + (const unsigned char *)msg,
> + msg_len,
> + buf_out,
> + &buf_out_len) != 0) {
> + log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?");
> + }
>
> - iovec_encrypt[0].iov_base = (void *)encrypt_data;
> - iovec_encrypt[0].iov_len = buf_len;
> - iovec_sendmsg = &iovec_encrypt[0];
> - iov_len = 1;
> + iovec.iov_base = (void *)buf_out;
> + iovec.iov_len = buf_out_len;
> } else {
> iovec.iov_base = (void *)msg;
> iovec.iov_len = msg_len;
> -
> - iovec_sendmsg = &iovec;
> - iov_len = 1;
> }
>
> /*
> @@ -374,8 +347,8 @@ static inline void mcast_sendmsg (
> instance->totem_interface->ip_port, &sockaddr, &addrlen);
> msg_mcast.msg_name = &sockaddr;
> msg_mcast.msg_namelen = addrlen;
> - msg_mcast.msg_iov = (void *) iovec_sendmsg;
> - msg_mcast.msg_iovlen = iov_len;
> + msg_mcast.msg_iov = (void *)&iovec;
> + msg_mcast.msg_iovlen = 1;
> #if !defined(COROSYNC_SOLARIS)
> msg_mcast.msg_control = 0;
> msg_mcast.msg_controllen = 0;
> @@ -423,8 +396,6 @@ static int net_deliver_fn (
> struct sockaddr_storage system_from;
> int bytes_received;
> int res = 0;
> - unsigned char *msg_offset;
> - unsigned int size_delv;
>
> iovec = &instance->totemudpu_iov_recv;
>
> @@ -451,20 +422,12 @@ static int net_deliver_fn (
> instance->stats_recv += bytes_received;
> }
>
> - if ((instance->totem_config->secauth == 1) &&
> - (bytes_received < sizeof (struct crypto_security_header))) {
> -
> - log_printf (instance->totemudpu_log_level_security, "Received message is too short... ignoring %d.", bytes_received);
> - return (0);
> - }
> -
> - iovec->iov_len = bytes_received;
> if (instance->totem_config->secauth == 1) {
> /*
> * Authenticate and if authenticated, decrypt datagram
> */
>
> - res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec, 1);
> + res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received);
> if (res == -1) {
> log_printf (instance->totemudpu_log_level_security, "Received message has invalid digest... ignoring.");
> log_printf (instance->totemudpu_log_level_security,
> @@ -472,21 +435,16 @@ static int net_deliver_fn (
> iovec->iov_len = FRAME_SIZE_MAX;
> return 0;
> }
> - msg_offset = (unsigned char *)iovec->iov_base +
> - sizeof (struct crypto_security_header);
> - size_delv = bytes_received - sizeof (struct crypto_security_header);
> - } else {
> - msg_offset = (void *)iovec->iov_base;
> - size_delv = bytes_received;
> }
> + iovec->iov_len = bytes_received;
>
> /*
> * Handle incoming message
> */
> instance->totemudpu_deliver_fn (
> instance->context,
> - msg_offset,
> - size_delv);
> + iovec->iov_base,
> + iovec->iov_len);
>
> iovec->iov_len = FRAME_SIZE_MAX;
> return (0);
> @@ -786,6 +744,8 @@ int totemudpu_initialize (
> */
> instance->crypto_inst = crypto_init (totem_config->private_key,
> totem_config->private_key_len,
> + totem_config->crypto_crypt_type,
> + totem_config->crypto_hash_type,
> instance->totemudpu_log_printf,
> instance->totemudpu_log_level_security,
> instance->totemudpu_log_level_notice,
> @@ -925,7 +885,7 @@ extern void totemudpu_net_mtu_adjust (void *udpu_context, struct totem_config *t
> {
> #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */
> if (totem_config->secauth == 1) {
> - totem_config->net_mtu -= sizeof (struct crypto_security_header) +
> + totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) +
> UDPIP_HEADER_SIZE;
> } else {
> totem_config->net_mtu -= UDPIP_HEADER_SIZE;
> diff --git a/include/corosync/totem/totem.h b/include/corosync/totem/totem.h
> index 3128537..333c632 100644
> --- a/include/corosync/totem/totem.h
> +++ b/include/corosync/totem/totem.h
> @@ -172,7 +172,8 @@ struct totem_config {
> enum { TOTEM_CRYPTO_AES256 = 0} crypto_type;
>
> int crypto_crypt_type;
> - int crypto_sign_type;
> +
> + int crypto_hash_type;
>
> totem_transport_t transport_number;
>
_______________________________________________
discuss mailing list
discuss@xxxxxxxxxxxx
http://lists.corosync.org/mailman/listinfo/discuss
