From: "Fabio M. Di Nitto" <fdinitto@xxxxxxxxxx> keep totem.secauth config key for compatibility if the key is NOT set, crypto will default to aes256/sha1 if the key is set to "off", crypto is disabled. this reflects pretty much old behavior keywords totem.crypto_cipher and totem.crypto_hash can override secauth individually. Signed-off-by: Fabio M. Di Nitto <fdinitto@xxxxxxxxxx> --- exec/totemconfig.c | 9 +- exec/totemcrypto.c | 506 ++++++++++++++++++++++++---------------- exec/totemcrypto.h | 1 + exec/totemudp.c | 94 ++++---- exec/totemudpu.c | 95 ++++---- include/corosync/totem/totem.h | 2 - 6 files changed, 398 insertions(+), 309 deletions(-) diff --git a/exec/totemconfig.c b/exec/totemconfig.c index 931bd7a..1138963 100644 --- a/exec/totemconfig.c +++ b/exec/totemconfig.c @@ -129,11 +129,9 @@ static void totem_get_crypto(struct totem_config *totem_config) tmp_hash = "sha1"; tmp_cipher = "aes256"; - totem_config->secauth = 1; if (icmap_get_string("totem.secauth", &str) == CS_OK) { if (strcmp (str, "off") == 0) { - totem_config->secauth = 0; tmp_hash = "none"; tmp_cipher = "none"; } @@ -160,10 +158,6 @@ static void totem_get_crypto(struct totem_config *totem_config) free(str); } - if (strcmp(tmp_hash, "none") == 0 && strcmp(tmp_cipher, "none") == 0) { - totem_config->secauth = 0; - } - free(totem_config->crypto_cipher_type); free(totem_config->crypto_hash_type); @@ -1019,7 +1013,8 @@ int totem_config_keyread ( memset (totem_config->private_key, 0, 128); totem_config->private_key_len = 128; - if (totem_config->secauth == 0) { + if (strcmp(totem_config->crypto_cipher_type, "none") == 0 && + strcmp(totem_config->crypto_hash_type, "none") == 0) { return (0); } diff --git a/exec/totemcrypto.c b/exec/totemcrypto.c index 8c0ec91..24415b5 100644 --- a/exec/totemcrypto.c +++ b/exec/totemcrypto.c @@ -77,9 +77,11 @@ #include <prerror.h> #define CRYPTO_HMAC_HASH_SIZE 20 +#define SALT_SIZE 16 + struct crypto_security_header { unsigned char hash_digest[CRYPTO_HMAC_HASH_SIZE]; /* The hash *MUST* be first in the data structure */ - unsigned char salt[16]; /* random number */ + unsigned char salt[SALT_SIZE]; /* random number */ char msg[0]; } __attribute__((packed)); @@ -111,8 +113,8 @@ struct crypto_instance { }; CK_MECHANISM_TYPE cipher_to_nss[] = { - 0, /* CRYPTO_CIPHER_TYPE_NONE */ - CKM_AES_CBC_PAD /* CRYPTO_CIPHER_TYPE_AES256 */ + 0, /* CRYPTO_CIPHER_TYPE_NONE */ + CKM_AES_CBC_PAD /* CRYPTO_CIPHER_TYPE_AES256 */ }; size_t cipher_key_len[] = { @@ -121,15 +123,15 @@ size_t cipher_key_len[] = { }; CK_MECHANISM_TYPE hash_to_nss[] = { - 0, /* CRYPTO_HASH_TYPE_NONE */ - CKM_SHA_1_HMAC /* CRYPTO_HASH_TYPE_SHA1 */ + 0, /* CRYPTO_HASH_TYPE_NONE */ + CKM_SHA_1_HMAC /* CRYPTO_HASH_TYPE_SHA1 */ }; #define log_printf(level, format, args...) \ do { \ - instance->log_printf_func ( \ - level, instance->log_subsys_id, \ - __FUNCTION__, __FILE__, __LINE__, \ + instance->log_printf_func ( \ + level, instance->log_subsys_id, \ + __FUNCTION__, __FILE__, __LINE__, \ (const char *)format, ##args); \ } while (0); @@ -137,76 +139,86 @@ do { \ do { \ char _error_str[LOGSYS_MAX_PERROR_MSG_LEN]; \ const char *_error_ptr = qb_strerror_r(err_num, _error_str, sizeof(_error_str)); \ - instance->totemudp_log_printf ( \ - level, instance->log_subsys_id, \ + instance->totemudp_log_printf ( \ + level, instance->log_subsys_id, \ __FUNCTION__, __FILE__, __LINE__, \ - fmt ": %s (%d)", ##args, _error_ptr, err_num); \ - } while(0) + fmt ": %s (%d)", ##args, _error_ptr, err_num); \ +} while(0) -static void init_nss_crypto(struct crypto_instance *instance) +static int init_nss_crypto(struct crypto_instance *instance, + const char *crypto_cipher_type, + const char *crypto_hash_type) { - PK11SlotInfo* aes_slot = NULL; - PK11SlotInfo* sha1_slot = NULL; - SECItem key_item; - SECStatus rv; + PK11SlotInfo* crypt_slot = NULL; + PK11SlotInfo* hash_slot = NULL; + SECItem crypt_param; + SECItem hash_param; + + if ((!cipher_to_nss[instance->crypto_cipher_type]) && + (!hash_to_nss[instance->crypto_hash_type])) { + log_printf(instance->log_level_notice, + "Initializing transmit/receive security: NONE"); + return 0; + } log_printf(instance->log_level_notice, - "Initializing transmit/receive security: NSS AES256CBC/SHA1HMAC (mode %u).", 0); - rv = NSS_NoDB_Init("."); - if (rv != SECSuccess) - { + "Initializing transmit/receive security: NSS crypto: %s hash: %s", + crypto_cipher_type, crypto_hash_type); + + if (NSS_NoDB_Init(".") != SECSuccess) { log_printf(instance->log_level_security, "NSS initialization failed (err %d)", - PR_GetError()); + PR_GetError()); goto out; } - /* - * TODO: use instance info! - */ - aes_slot = PK11_GetBestSlot(cipher_to_nss[instance->crypto_cipher_type], NULL); - if (aes_slot == NULL) - { - log_printf(instance->log_level_security, "Unable to find security slot (err %d)", - PR_GetError()); - goto out; + if (cipher_to_nss[instance->crypto_cipher_type]) { + crypt_param.type = siBuffer; + crypt_param.data = instance->private_key; + crypt_param.len = cipher_key_len[instance->crypto_cipher_type]; + + crypt_slot = PK11_GetBestSlot(cipher_to_nss[instance->crypto_cipher_type], NULL); + if (crypt_slot == NULL) { + log_printf(instance->log_level_security, "Unable to find security slot (err %d)", + PR_GetError()); + goto out; + } + instance->nss_sym_key = PK11_ImportSymKey(crypt_slot, + cipher_to_nss[instance->crypto_cipher_type], + PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT, + &crypt_param, NULL); + if (instance->nss_sym_key == NULL) { + log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)", + PR_GetError()); + goto out; + } } - sha1_slot = PK11_GetBestSlot(hash_to_nss[instance->crypto_hash_type], NULL); - if (sha1_slot == NULL) - { - log_printf(instance->log_level_security, "Unable to find security slot (err %d)", - PR_GetError()); - goto out; - } - /* - * Make the private key into a SymKey that we can use - */ - key_item.type = siBuffer; - key_item.data = instance->private_key; - key_item.len = cipher_key_len[instance->crypto_cipher_type]; - - instance->nss_sym_key = PK11_ImportSymKey(aes_slot, - cipher_to_nss[instance->crypto_cipher_type], - PK11_OriginUnwrap, CKA_ENCRYPT|CKA_DECRYPT, - &key_item, NULL); - if (instance->nss_sym_key == NULL) - { - log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)", - PR_GetError()); - goto out; + if (hash_to_nss[instance->crypto_hash_type]) { + hash_param.type = siBuffer; + hash_param.data = 0; + hash_param.len = 0; + + hash_slot = PK11_GetBestSlot(hash_to_nss[instance->crypto_hash_type], NULL); + if (hash_slot == NULL) { + log_printf(instance->log_level_security, "Unable to find security slot (err %d)", + PR_GetError()); + goto out; + } + + instance->nss_sym_key_sign = PK11_ImportSymKey(hash_slot, + hash_to_nss[instance->crypto_hash_type], + PK11_OriginUnwrap, CKA_SIGN, + &hash_param, NULL); + if (instance->nss_sym_key_sign == NULL) { + log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)", + PR_GetError()); + goto out; + } } - instance->nss_sym_key_sign = PK11_ImportSymKey(sha1_slot, - hash_to_nss[instance->crypto_hash_type], - PK11_OriginUnwrap, CKA_SIGN, - &key_item, NULL); - if (instance->nss_sym_key_sign == NULL) { - log_printf(instance->log_level_security, "Failure to import key into NSS (err %d)", - PR_GetError()); - goto out; - } + return 0; out: - return; + return -1; } static int encrypt_and_sign_nss ( @@ -216,226 +228,301 @@ static int encrypt_and_sign_nss ( unsigned char *buf_out, size_t *buf_out_len) { - PK11Context* enc_context = NULL; - SECStatus rv1, rv2; - int tmp1_outlen; - unsigned int tmp2_outlen; - unsigned char *outdata; - SECItem no_params; - SECItem iv_item; - struct crypto_security_header *header; - SECItem *nss_sec_param; - unsigned char nss_iv_data[16]; - SECStatus rv; - - no_params.type = siBuffer; - no_params.data = 0; - no_params.len = 0; - - tmp1_outlen = tmp2_outlen = 0; + PK11Context* enc_context = NULL; + SECItem crypt_param; + SECItem hash_param; + SECItem *nss_sec_param = NULL; + struct crypto_security_header *header; + unsigned char *outdata; + int tmp1_outlen = 0; + unsigned int tmp2_outlen = 0; outdata = buf_out + sizeof (struct crypto_security_header); header = (struct crypto_security_header *)buf_out; - rv = PK11_GenerateRandom ( - nss_iv_data, - sizeof (nss_iv_data)); - if (rv != SECSuccess) { + memset(header->salt, 0, SALT_SIZE); + + if (!cipher_to_nss[instance->crypto_cipher_type]) { + memcpy(outdata, buf_in, buf_in_len); + *buf_out_len = buf_in_len; + goto only_hash; + } + + if (PK11_GenerateRandom (header->salt, SALT_SIZE) != SECSuccess) { log_printf(instance->log_level_security, "Failure to generate a random number %d", PR_GetError()); + goto out; } - memcpy(header->salt, nss_iv_data, sizeof(nss_iv_data)); - iv_item.type = siBuffer; - iv_item.data = nss_iv_data; - iv_item.len = sizeof (nss_iv_data); + crypt_param.type = siBuffer; + crypt_param.data = header->salt; + crypt_param.len = SALT_SIZE; - nss_sec_param = PK11_ParamFromIV ( - cipher_to_nss[instance->crypto_cipher_type], - &iv_item); + nss_sec_param = PK11_ParamFromIV (cipher_to_nss[instance->crypto_cipher_type], + &crypt_param); if (nss_sec_param == NULL) { log_printf(instance->log_level_security, - "Failure to set up PKCS11 param (err %d)", - PR_GetError()); - return (-1); + "Failure to set up PKCS11 param (err %d)", + PR_GetError()); + goto out; } /* * Create cipher context for encryption */ - enc_context = PK11_CreateContextBySymKey ( - cipher_to_nss[instance->crypto_cipher_type], - CKA_ENCRYPT, - instance->nss_sym_key, - nss_sec_param); + enc_context = PK11_CreateContextBySymKey (cipher_to_nss[instance->crypto_cipher_type], + CKA_ENCRYPT, + instance->nss_sym_key, + nss_sec_param); if (!enc_context) { - char err[1024]; - PR_GetErrorText(err); - err[PR_GetErrorTextLength()] = 0; log_printf(instance->log_level_security, - "PK11_CreateContext failed (encrypt) crypt_type=%d (err %d): %s", - (int)cipher_to_nss[instance->crypto_cipher_type], - PR_GetError(), err); - return -1; - } - rv1 = PK11_CipherOp(enc_context, outdata, - &tmp1_outlen, FRAME_SIZE_MAX - sizeof(struct crypto_security_header), - (unsigned char *)buf_in, buf_in_len); - rv2 = PK11_DigestFinal(enc_context, outdata + tmp1_outlen, &tmp2_outlen, - FRAME_SIZE_MAX - tmp1_outlen); + "PK11_CreateContext failed (encrypt) crypt_type=%d (err %d)", + (int)cipher_to_nss[instance->crypto_cipher_type], + PR_GetError()); + goto out; + } + + if (PK11_CipherOp(enc_context, outdata, + &tmp1_outlen, FRAME_SIZE_MAX - sizeof(struct crypto_security_header), + (unsigned char *)buf_in, buf_in_len) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_CipherOp failed (encrypt) crypt_type=%d (err %d)", + (int)cipher_to_nss[instance->crypto_cipher_type], + PR_GetError()); + goto out; + } + if (PK11_DigestFinal(enc_context, outdata + tmp1_outlen, + &tmp2_outlen, FRAME_SIZE_MAX - tmp1_outlen) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestFinal failed (encrypt) crypt_type=%d (err %d)", + (int)cipher_to_nss[instance->crypto_cipher_type], + PR_GetError()); + goto out; + + } + PK11_DestroyContext(enc_context, PR_TRUE); *buf_out_len = tmp1_outlen + tmp2_outlen; - if (rv1 != SECSuccess || rv2 != SECSuccess) - goto out; +only_hash: + + if (!hash_to_nss[instance->crypto_hash_type]) { + goto no_hash; + } /* Now do the digest */ + hash_param.type = siBuffer; + hash_param.data = 0; + hash_param.len = 0; + enc_context = PK11_CreateContextBySymKey(hash_to_nss[instance->crypto_hash_type], - CKA_SIGN, instance->nss_sym_key_sign, &no_params); + CKA_SIGN, + instance->nss_sym_key_sign, + &hash_param); if (!enc_context) { - char err[1024]; - PR_GetErrorText(err); - err[PR_GetErrorTextLength()] = 0; - log_printf(instance->log_level_security, "encrypt: PK11_CreateContext failed (digest) err %d: %s", - PR_GetError(), err); - return -1; + log_printf(instance->log_level_security, + "PK11_CreateContext failed (hash) hash_type=%d (err %d)", + (int)hash_to_nss[instance->crypto_hash_type], + PR_GetError()); + goto out; } + if (PK11_DigestBegin(enc_context) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestBegin failed (hash) hash_type=%d (err %d)", + (int)hash_to_nss[instance->crypto_hash_type], + PR_GetError()); + goto out; + } - PK11_DigestBegin(enc_context); - - rv1 = PK11_DigestOp(enc_context, outdata - 16, *buf_out_len + 16); - rv2 = PK11_DigestFinal(enc_context, header->hash_digest, &tmp2_outlen, sizeof(header->hash_digest)); + if (PK11_DigestOp(enc_context, + outdata - SALT_SIZE, + *buf_out_len + SALT_SIZE) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestOp failed (hash) hash_type=%d (err %d)", + (int)hash_to_nss[instance->crypto_hash_type], + PR_GetError()); + goto out; + } + if (PK11_DigestFinal(enc_context, + header->hash_digest, + &tmp2_outlen, + sizeof(header->hash_digest)) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestFinale failed (hash) hash_type=%d (err %d)", + (int)hash_to_nss[instance->crypto_hash_type], + PR_GetError()); + goto out; + } PK11_DestroyContext(enc_context, PR_TRUE); - if (rv1 != SECSuccess || rv2 != SECSuccess) - goto out; +no_hash: - *buf_out_len = *buf_out_len + sizeof(struct crypto_security_header); SECITEM_FreeItem(nss_sec_param, PR_TRUE); + + *buf_out_len = *buf_out_len + sizeof(struct crypto_security_header); + return 0; out: + if (enc_context) { + PK11_DestroyContext(enc_context, PR_TRUE); + } + if (nss_sec_param) { + SECITEM_FreeItem(nss_sec_param, PR_TRUE); + } return -1; } - static int authenticate_and_decrypt_nss ( struct crypto_instance *instance, unsigned char *buf, int *buf_len) { - PK11Context* enc_context = NULL; - SECStatus rv1, rv2; - int tmp1_outlen; - unsigned int tmp2_outlen; - unsigned char outbuf[FRAME_SIZE_MAX]; - unsigned char digest[CRYPTO_HMAC_HASH_SIZE]; - unsigned char *outdata; - int result_len; - unsigned char *data; - unsigned char *inbuf; - size_t datalen; - struct crypto_security_header *header = (struct crypto_security_header *)buf; - SECItem no_params; - SECItem ivdata; - - no_params.type = siBuffer; - no_params.data = 0; - no_params.len = 0; - - tmp1_outlen = tmp2_outlen = 0; - inbuf = (unsigned char *)buf; + PK11Context* enc_context = NULL; + int tmp1_outlen = 0; + unsigned int tmp2_outlen = 0; + unsigned char outbuf[FRAME_SIZE_MAX]; + unsigned char digest[CRYPTO_HMAC_HASH_SIZE]; + unsigned char *outdata; + int result_len; + unsigned char *data; + size_t datalen; + struct crypto_security_header *header = (struct crypto_security_header *)buf; + SECItem crypt_param; + SECItem hash_param; + datalen = *buf_len; - data = inbuf + sizeof (struct crypto_security_header) - 16; - datalen = datalen - sizeof (struct crypto_security_header) + 16; + data = buf + sizeof (struct crypto_security_header) - SALT_SIZE; + datalen = datalen - sizeof (struct crypto_security_header) + SALT_SIZE; outdata = outbuf + sizeof (struct crypto_security_header); + if (!hash_to_nss[instance->crypto_hash_type]) { + goto only_decrypt; + } + + hash_param.type = siBuffer; + hash_param.data = 0; + hash_param.len = 0; + /* Check the digest */ - enc_context = PK11_CreateContextBySymKey ( - hash_to_nss[instance->crypto_hash_type], CKA_SIGN, - instance->nss_sym_key_sign, - &no_params); + enc_context = PK11_CreateContextBySymKey (hash_to_nss[instance->crypto_hash_type], + CKA_SIGN, + instance->nss_sym_key_sign, + &hash_param); if (!enc_context) { - char err[1024]; - PR_GetErrorText(err); - err[PR_GetErrorTextLength()] = 0; - log_printf(instance->log_level_security, "PK11_CreateContext failed (check digest) err %d: %s", - PR_GetError(), err); - return -1; + log_printf(instance->log_level_security, + "PK11_CreateContext failed (check digest) err %d", + PR_GetError()); + goto out; } - PK11_DigestBegin(enc_context); - - rv1 = PK11_DigestOp(enc_context, data, datalen); - rv2 = PK11_DigestFinal(enc_context, digest, &tmp2_outlen, sizeof(digest)); + if (PK11_DigestBegin(enc_context) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestBegin failed (check digest) err %d", + PR_GetError()); + goto out; + } - PK11_DestroyContext(enc_context, PR_TRUE); + if (PK11_DigestOp(enc_context, data, datalen) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestOp failed (check digest) err %d", + PR_GetError()); + goto out; + } - if (rv1 != SECSuccess || rv2 != SECSuccess) { - log_printf(instance->log_level_security, "Digest check failed"); - return -1; + if (PK11_DigestFinal(enc_context, digest, + &tmp2_outlen, sizeof(digest)) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestFinal failed (check digest) err %d", + PR_GetError()); + goto out; } + PK11_DestroyContext(enc_context, PR_TRUE); + if (memcmp(digest, header->hash_digest, tmp2_outlen) != 0) { log_printf(instance->log_level_error, "Digest does not match"); - return -1; + goto out; + } + +only_decrypt: + + if (!cipher_to_nss[instance->crypto_cipher_type]) { + memcpy(outbuf, buf + sizeof (struct crypto_security_header), *buf_len - sizeof (struct crypto_security_header)); + outdata = outbuf; + result_len = *buf_len - sizeof (struct crypto_security_header); + goto no_decrypt; } /* * Get rid of salt */ - data += 16; - datalen -= 16; + data += SALT_SIZE; + datalen -= SALT_SIZE; /* Create cipher context for decryption */ - ivdata.type = siBuffer; - ivdata.data = header->salt; - ivdata.len = sizeof(header->salt); - - enc_context = PK11_CreateContextBySymKey( - cipher_to_nss[instance->crypto_cipher_type], - CKA_DECRYPT, - instance->nss_sym_key, &ivdata); + crypt_param.type = siBuffer; + crypt_param.data = header->salt; + crypt_param.len = SALT_SIZE; + + enc_context = PK11_CreateContextBySymKey(cipher_to_nss[instance->crypto_cipher_type], + CKA_DECRYPT, + instance->nss_sym_key, &crypt_param); if (!enc_context) { log_printf(instance->log_level_security, - "PK11_CreateContext (decrypt) failed (err %d)", - PR_GetError()); - return -1; + "PK11_CreateContext (decrypt) failed (err %d)", + PR_GetError()); + goto out; } - rv1 = PK11_CipherOp(enc_context, outdata, &tmp1_outlen, - sizeof(outbuf) - sizeof (struct crypto_security_header), - data, datalen); - if (rv1 != SECSuccess) { + if (PK11_CipherOp(enc_context, outdata, &tmp1_outlen, + sizeof(outbuf) - sizeof (struct crypto_security_header), + data, datalen) != SECSuccess) { log_printf(instance->log_level_security, - "PK11_CipherOp (decrypt) failed (err %d)", - PR_GetError()); + "PK11_CipherOp (decrypt) failed (err %d)", + PR_GetError()); + goto out; + } + if (PK11_DigestFinal(enc_context, outdata + tmp1_outlen, &tmp2_outlen, + sizeof(outbuf) - tmp1_outlen) != SECSuccess) { + log_printf(instance->log_level_security, + "PK11_DigestFinal (decrypt) failed (err %d)", + PR_GetError()); + goto out; } - rv2 = PK11_DigestFinal(enc_context, outdata + tmp1_outlen, &tmp2_outlen, - sizeof(outbuf) - tmp1_outlen); + PK11_DestroyContext(enc_context, PR_TRUE); + result_len = tmp1_outlen + tmp2_outlen + sizeof (struct crypto_security_header); +no_decrypt: + memset(buf, 0, *buf_len); memcpy(buf, outdata, result_len); *buf_len = result_len; - if (rv1 != SECSuccess || rv2 != SECSuccess) - return -1; - return 0; + +out: + if (enc_context) { + PK11_DestroyContext(enc_context, PR_TRUE); + } + return -1; } -size_t crypto_sec_header_size(const char *crypto_hash_type) +size_t crypto_sec_header_size( + const char *crypto_cipher_type, + const char *crypto_hash_type) { /* - * TODO: add switch / size mapping + * TODO: crypto_cipher_type determines the crypto BLOCK size + * crypto_hash_type determines the HASH_SIZE */ return sizeof(struct crypto_security_header); } @@ -447,6 +534,16 @@ int crypto_encrypt_and_sign ( unsigned char *buf_out, size_t *buf_out_len) { + /* + * if crypto is totally disabled, let's skip complex parsing + */ + if ((!cipher_to_nss[instance->crypto_cipher_type]) && + (!hash_to_nss[instance->crypto_hash_type])) { + memcpy(buf_out, buf_in, buf_in_len); + *buf_out_len = buf_in_len; + return 0; + } + return (encrypt_and_sign_nss(instance, buf_in, buf_in_len, buf_out, buf_out_len)); } @@ -454,6 +551,14 @@ int crypto_authenticate_and_decrypt (struct crypto_instance *instance, unsigned char *buf, int *buf_len) { + /* + * if crypto is totally disabled, there is no work for us + */ + if ((!cipher_to_nss[instance->crypto_cipher_type]) && + (!hash_to_nss[instance->crypto_hash_type])) { + return 0; + } + return (authenticate_and_decrypt_nss(instance, buf, buf_len)); } @@ -503,7 +608,10 @@ struct crypto_instance *crypto_init( instance->log_level_error = log_level_error; instance->log_subsys_id = log_subsys_id; - init_nss_crypto(instance); + if (init_nss_crypto(instance, crypto_cipher_type, crypto_hash_type) < 0) { + free(instance); + return(NULL); + } return (instance); } diff --git a/exec/totemcrypto.h b/exec/totemcrypto.h index 13fd19b..14ef116 100644 --- a/exec/totemcrypto.h +++ b/exec/totemcrypto.h @@ -51,6 +51,7 @@ enum crypto_hash_t { struct crypto_instance; extern size_t crypto_sec_header_size( + const char *crypto_cipher_type, const char *crypto_hash_type); extern int crypto_authenticate_and_decrypt ( diff --git a/exec/totemudp.c b/exec/totemudp.c index 21a6122..9f3acb9 100644 --- a/exec/totemudp.c +++ b/exec/totemudp.c @@ -259,26 +259,24 @@ static inline void ucast_sendmsg ( struct iovec iovec; int addrlen; - if (instance->totem_config->secauth == 1) { + /* + * Encrypt and digest the message + */ + if (crypto_encrypt_and_sign ( + instance->crypto_inst, + (const unsigned char *)msg, + msg_len, + buf_out, + &buf_out_len) != 0) { /* - * Encrypt and digest the message + * TODO: how to handle error here */ - if (crypto_encrypt_and_sign ( - instance->crypto_inst, - (const unsigned char *)msg, - msg_len, - buf_out, - &buf_out_len) != 0) { - log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?"); - } - - iovec.iov_base = (void *)buf_out; - iovec.iov_len = buf_out_len; - } else { - iovec.iov_base = (void *)msg; - iovec.iov_len = msg_len; + log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?"); } + iovec.iov_base = (void *)buf_out; + iovec.iov_len = buf_out_len; + /* * Build unicast message */ @@ -323,26 +321,24 @@ static inline void mcast_sendmsg ( struct sockaddr_storage sockaddr; int addrlen; - if (instance->totem_config->secauth == 1) { + /* + * Encrypt and digest the message + */ + if (crypto_encrypt_and_sign ( + instance->crypto_inst, + (const unsigned char *)msg, + msg_len, + buf_out, + &buf_out_len) != 0) { /* - * Encrypt and digest the message + * TODO: how to handle error here */ - if (crypto_encrypt_and_sign ( - instance->crypto_inst, - (const unsigned char *)msg, - msg_len, - buf_out, - &buf_out_len) != 0) { - log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?"); - } - - iovec.iov_base = (void *)&buf_out; - iovec.iov_len = buf_out_len; - } else { - iovec.iov_base = (void *)msg; - iovec.iov_len = msg_len; + log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?"); } + iovec.iov_base = (void *)&buf_out; + iovec.iov_len = buf_out_len; + /* * Build multicast message */ @@ -443,18 +439,16 @@ static int net_deliver_fn ( instance->stats_recv += bytes_received; } - if (instance->totem_config->secauth == 1) { - /* - * Authenticate and if authenticated, decrypt datagram - */ - res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received); - if (res == -1) { - log_printf (instance->totemudp_log_level_security, "Received message has invalid digest... ignoring."); - log_printf (instance->totemudp_log_level_security, - "Invalid packet data"); - iovec->iov_len = FRAME_SIZE_MAX; - return 0; - } + /* + * Authenticate and if authenticated, decrypt datagram + */ + res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received); + if (res == -1) { + log_printf (instance->totemudp_log_level_security, "Received message has invalid digest... ignoring."); + log_printf (instance->totemudp_log_level_security, + "Invalid packet data"); + iovec->iov_len = FRAME_SIZE_MAX; + return 0; } iovec->iov_len = bytes_received; @@ -1031,6 +1025,9 @@ int totemudp_initialize ( instance->totemudp_log_level_notice, instance->totemudp_log_level_error, instance->totemudp_subsys_id); + if (instance->crypto_inst == NULL) { + return (-1); + } /* * Initialize local variables for totemudp */ @@ -1179,12 +1176,9 @@ extern int totemudp_iface_check (void *udp_context) extern void totemudp_net_mtu_adjust (void *udp_context, struct totem_config *totem_config) { #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */ - if (totem_config->secauth == 1) { - totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) + - UDPIP_HEADER_SIZE; - } else { - totem_config->net_mtu -= UDPIP_HEADER_SIZE; - } + totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_cipher_type, + totem_config->crypto_hash_type) + + UDPIP_HEADER_SIZE; } const char *totemudp_iface_print (void *udp_context) { diff --git a/exec/totemudpu.c b/exec/totemudpu.c index be4ca50..1b48d07 100644 --- a/exec/totemudpu.c +++ b/exec/totemudpu.c @@ -247,26 +247,24 @@ static inline void ucast_sendmsg ( struct iovec iovec; int addrlen; - if (instance->totem_config->secauth == 1) { + /* + * Encrypt and digest the message + */ + if (crypto_encrypt_and_sign ( + instance->crypto_inst, + (const unsigned char *)msg, + msg_len, + buf_out, + &buf_out_len) != 0) { /* - * Encrypt and digest the message + * TODO: how to handle error here */ - if (crypto_encrypt_and_sign ( - instance->crypto_inst, - (const unsigned char *)msg, - msg_len, - buf_out, - &buf_out_len) != 0) { - log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?"); - } - - iovec.iov_base = (void *)buf_out; - iovec.iov_len = buf_out_len; - } else { - iovec.iov_base = (void *)msg; - iovec.iov_len = msg_len; + log_printf(LOGSYS_LEVEL_CRIT, "unable to crypt? now what?"); } + iovec.iov_base = (void *)buf_out; + iovec.iov_len = buf_out_len; + /* * Build unicast message */ @@ -312,26 +310,24 @@ static inline void mcast_sendmsg ( struct list_head *list; struct totemudpu_member *member; - if (instance->totem_config->secauth == 1) { + /* + * Encrypt and digest the message + */ + if (crypto_encrypt_and_sign ( + instance->crypto_inst, + (const unsigned char *)msg, + msg_len, + buf_out, + &buf_out_len) != 0) { /* - * Encrypt and digest the message + * TODO: how to handle error here */ - if(crypto_encrypt_and_sign ( - instance->crypto_inst, - (const unsigned char *)msg, - msg_len, - buf_out, - &buf_out_len) != 0) { - log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?"); - } - - iovec.iov_base = (void *)buf_out; - iovec.iov_len = buf_out_len; - } else { - iovec.iov_base = (void *)msg; - iovec.iov_len = msg_len; + log_printf(LOGSYS_LEVEL_CRIT, "Unable to crypt? now what?"); } + iovec.iov_base = (void *)buf_out; + iovec.iov_len = buf_out_len; + /* * Build multicast message */ @@ -422,19 +418,17 @@ static int net_deliver_fn ( instance->stats_recv += bytes_received; } - if (instance->totem_config->secauth == 1) { - /* - * Authenticate and if authenticated, decrypt datagram - */ + /* + * Authenticate and if authenticated, decrypt datagram + */ - res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received); - if (res == -1) { - log_printf (instance->totemudpu_log_level_security, "Received message has invalid digest... ignoring."); - log_printf (instance->totemudpu_log_level_security, - "Invalid packet data"); - iovec->iov_len = FRAME_SIZE_MAX; - return 0; - } + res = crypto_authenticate_and_decrypt (instance->crypto_inst, iovec->iov_base, &bytes_received); + if (res == -1) { + log_printf (instance->totemudpu_log_level_security, "Received message has invalid digest... ignoring."); + log_printf (instance->totemudpu_log_level_security, + "Invalid packet data"); + iovec->iov_len = FRAME_SIZE_MAX; + return 0; } iovec->iov_len = bytes_received; @@ -751,7 +745,9 @@ int totemudpu_initialize ( instance->totemudpu_log_level_notice, instance->totemudpu_log_level_error, instance->totemudpu_subsys_id); - + if (instance->crypto_inst == NULL) { + return (-1); + } /* * Initialize local variables for totemudpu */ @@ -884,12 +880,9 @@ extern int totemudpu_iface_check (void *udpu_context) extern void totemudpu_net_mtu_adjust (void *udpu_context, struct totem_config *totem_config) { #define UDPIP_HEADER_SIZE (20 + 8) /* 20 bytes for ip 8 bytes for udp */ - if (totem_config->secauth == 1) { - totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_hash_type) + - UDPIP_HEADER_SIZE; - } else { - totem_config->net_mtu -= UDPIP_HEADER_SIZE; - } + totem_config->net_mtu -= crypto_sec_header_size(totem_config->crypto_cipher_type, + totem_config->crypto_hash_type) + + UDPIP_HEADER_SIZE; } const char *totemudpu_iface_print (void *udpu_context) { diff --git a/include/corosync/totem/totem.h b/include/corosync/totem/totem.h index eba3850..08a459e 100644 --- a/include/corosync/totem/totem.h +++ b/include/corosync/totem/totem.h @@ -151,8 +151,6 @@ struct totem_config { struct totem_logging_configuration totem_logging_configuration; - unsigned int secauth; - unsigned int net_mtu; unsigned int threads; -- 1.7.7.6 _______________________________________________ discuss mailing list discuss@xxxxxxxxxxxx http://lists.corosync.org/mailman/listinfo/discuss