mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-07 17:00:03 +01:00
Prevent to initialise backends twice.
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@414 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
@@ -19,11 +19,14 @@
|
|||||||
|
|
||||||
#include <string.h>
|
#include <string.h>
|
||||||
#include <errno.h>
|
#include <errno.h>
|
||||||
|
#include <assert.h>
|
||||||
#include <gcrypt.h>
|
#include <gcrypt.h>
|
||||||
#include "crypto_backend.h"
|
#include "crypto_backend.h"
|
||||||
|
|
||||||
#define GCRYPT_REQ_VERSION "1.1.42"
|
#define GCRYPT_REQ_VERSION "1.1.42"
|
||||||
|
|
||||||
|
static int crypto_backend_initialised = 0;
|
||||||
|
|
||||||
struct crypt_hash {
|
struct crypt_hash {
|
||||||
gcry_md_hd_t hd;
|
gcry_md_hd_t hd;
|
||||||
int hash_id;
|
int hash_id;
|
||||||
@@ -38,6 +41,9 @@ struct crypt_hmac {
|
|||||||
|
|
||||||
int crypt_backend_init(void)
|
int crypt_backend_init(void)
|
||||||
{
|
{
|
||||||
|
if (crypto_backend_initialised)
|
||||||
|
return 0;
|
||||||
|
|
||||||
log_dbg("Initialising gcrypt crypto backend.");
|
log_dbg("Initialising gcrypt crypto backend.");
|
||||||
if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
|
if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
|
||||||
if (!gcry_check_version (GCRYPT_REQ_VERSION)) {
|
if (!gcry_check_version (GCRYPT_REQ_VERSION)) {
|
||||||
@@ -62,6 +68,7 @@ int crypt_backend_init(void)
|
|||||||
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
crypto_backend_initialised = 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -73,8 +80,11 @@ uint32_t crypt_backend_flags(void)
|
|||||||
/* HASH */
|
/* HASH */
|
||||||
int crypt_hash_size(const char *name)
|
int crypt_hash_size(const char *name)
|
||||||
{
|
{
|
||||||
int hash_id = gcry_md_map_name(name);
|
int hash_id;
|
||||||
|
|
||||||
|
assert(crypto_backend_initialised);
|
||||||
|
|
||||||
|
hash_id = gcry_md_map_name(name);
|
||||||
if (!hash_id)
|
if (!hash_id)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
@@ -85,6 +95,8 @@ int crypt_hash_init(struct crypt_hash **ctx, const char *name)
|
|||||||
{
|
{
|
||||||
struct crypt_hash *h;
|
struct crypt_hash *h;
|
||||||
|
|
||||||
|
assert(crypto_backend_initialised);
|
||||||
|
|
||||||
h = malloc(sizeof(*h));
|
h = malloc(sizeof(*h));
|
||||||
if (!h)
|
if (!h)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
@@ -151,6 +163,8 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
|
|||||||
{
|
{
|
||||||
struct crypt_hmac *h;
|
struct crypt_hmac *h;
|
||||||
|
|
||||||
|
assert(crypto_backend_initialised);
|
||||||
|
|
||||||
h = malloc(sizeof(*h));
|
h = malloc(sizeof(*h));
|
||||||
if (!h)
|
if (!h)
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
|||||||
@@ -33,6 +33,8 @@
|
|||||||
#define SOL_ALG 279
|
#define SOL_ALG 279
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
static int crypto_backend_initialised = 0;
|
||||||
|
|
||||||
struct hash_alg {
|
struct hash_alg {
|
||||||
const char *name;
|
const char *name;
|
||||||
const char *kernel_name;
|
const char *kernel_name;
|
||||||
@@ -97,6 +99,9 @@ int crypt_backend_init(void)
|
|||||||
};
|
};
|
||||||
int tfmfd = -1, opfd = -1;
|
int tfmfd = -1, opfd = -1;
|
||||||
|
|
||||||
|
if (crypto_backend_initialised)
|
||||||
|
return 0;
|
||||||
|
|
||||||
log_dbg("Initialising kernel crypto API backend.");
|
log_dbg("Initialising kernel crypto API backend.");
|
||||||
|
|
||||||
if (uname(&uts) == -1 || strcmp(uts.sysname, "Linux"))
|
if (uname(&uts) == -1 || strcmp(uts.sysname, "Linux"))
|
||||||
@@ -108,6 +113,8 @@ int crypt_backend_init(void)
|
|||||||
|
|
||||||
close(tfmfd);
|
close(tfmfd);
|
||||||
close(opfd);
|
close(opfd);
|
||||||
|
|
||||||
|
crypto_backend_initialised = 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -23,6 +23,8 @@
|
|||||||
#include <nss/pk11pub.h>
|
#include <nss/pk11pub.h>
|
||||||
#include "crypto_backend.h"
|
#include "crypto_backend.h"
|
||||||
|
|
||||||
|
static int crypto_backend_initialised = 0;
|
||||||
|
|
||||||
struct hash_alg {
|
struct hash_alg {
|
||||||
const char *name;
|
const char *name;
|
||||||
SECOidTag oid;
|
SECOidTag oid;
|
||||||
@@ -65,10 +67,14 @@ static struct hash_alg *_get_alg(const char *name)
|
|||||||
|
|
||||||
int crypt_backend_init(void)
|
int crypt_backend_init(void)
|
||||||
{
|
{
|
||||||
|
if (crypto_backend_initialised)
|
||||||
|
return 0;
|
||||||
|
|
||||||
log_dbg("Initialising NSS crypto backend.");
|
log_dbg("Initialising NSS crypto backend.");
|
||||||
if (NSS_NoDB_Init(".") != SECSuccess)
|
if (NSS_NoDB_Init(".") != SECSuccess)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
|
crypto_backend_initialised = 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -23,6 +23,8 @@
|
|||||||
#include <openssl/hmac.h>
|
#include <openssl/hmac.h>
|
||||||
#include "crypto_backend.h"
|
#include "crypto_backend.h"
|
||||||
|
|
||||||
|
static int crypto_backend_initialised = 0;
|
||||||
|
|
||||||
struct crypt_hash {
|
struct crypt_hash {
|
||||||
EVP_MD_CTX md;
|
EVP_MD_CTX md;
|
||||||
const EVP_MD *hash_id;
|
const EVP_MD *hash_id;
|
||||||
@@ -37,8 +39,13 @@ struct crypt_hmac {
|
|||||||
|
|
||||||
int crypt_backend_init(void)
|
int crypt_backend_init(void)
|
||||||
{
|
{
|
||||||
|
if (crypto_backend_initialised)
|
||||||
|
return 0;
|
||||||
|
|
||||||
OpenSSL_add_all_digests();
|
OpenSSL_add_all_digests();
|
||||||
log_dbg("OpenSSL crypto backend initialized.");
|
log_dbg("OpenSSL crypto backend initialized.");
|
||||||
|
|
||||||
|
crypto_backend_initialised = 1;
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@@ -240,13 +240,14 @@ int PBKDF2_performance_check(const char *hash, uint64_t *iter)
|
|||||||
/* If crypto backend is not implemented in userspace,
|
/* If crypto backend is not implemented in userspace,
|
||||||
* but uses some kernel part, we must measure also time
|
* but uses some kernel part, we must measure also time
|
||||||
* spent in kernel. */
|
* spent in kernel. */
|
||||||
if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL)
|
if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL) {
|
||||||
timer_type = ITIMER_PROF;
|
timer_type = ITIMER_PROF;
|
||||||
else
|
signal(SIGPROF,sigvtalarm);
|
||||||
|
} else {
|
||||||
timer_type = ITIMER_VIRTUAL;
|
timer_type = ITIMER_VIRTUAL;
|
||||||
|
signal(SIGVTALRM,sigvtalarm);
|
||||||
|
}
|
||||||
|
|
||||||
signal(SIGVTALRM,sigvtalarm);
|
|
||||||
signal(SIGPROF,sigvtalarm);
|
|
||||||
it.it_interval.tv_usec = 0;
|
it.it_interval.tv_usec = 0;
|
||||||
it.it_interval.tv_sec = 0;
|
it.it_interval.tv_sec = 0;
|
||||||
it.it_value.tv_usec = 0;
|
it.it_value.tv_usec = 0;
|
||||||
|
|||||||
@@ -144,6 +144,9 @@ static int _get_random(struct crypt_device *ctx, char *buf, size_t len)
|
|||||||
/* Initialisation of both RNG file descriptors is mandatory */
|
/* Initialisation of both RNG file descriptors is mandatory */
|
||||||
int crypt_random_init(struct crypt_device *ctx)
|
int crypt_random_init(struct crypt_device *ctx)
|
||||||
{
|
{
|
||||||
|
if (random_initialised)
|
||||||
|
return 0;
|
||||||
|
|
||||||
/* Used for CRYPT_RND_NORMAL */
|
/* Used for CRYPT_RND_NORMAL */
|
||||||
if(urandom_fd == -1)
|
if(urandom_fd == -1)
|
||||||
urandom_fd = open(URANDOM_DEVICE, O_RDONLY);
|
urandom_fd = open(URANDOM_DEVICE, O_RDONLY);
|
||||||
|
|||||||
Reference in New Issue
Block a user