mirror of
https://gitlab.com/cryptsetup/cryptsetup.git
synced 2025-12-06 00:10:04 +01:00
Prevent to initialise backends twice.
git-svn-id: https://cryptsetup.googlecode.com/svn/trunk@414 36d66b0a-2a48-0410-832c-cd162a569da5
This commit is contained in:
Milan Broz
@@ -19,11 +19,14 @@
|
||||
|
||||
#include <string.h>
|
||||
#include <errno.h>
|
||||
#include <assert.h>
|
||||
#include <gcrypt.h>
|
||||
#include "crypto_backend.h"
|
||||
|
||||
#define GCRYPT_REQ_VERSION "1.1.42"
|
||||
|
||||
static int crypto_backend_initialised = 0;
|
||||
|
||||
struct crypt_hash {
|
||||
gcry_md_hd_t hd;
|
||||
int hash_id;
|
||||
@@ -38,6 +41,9 @@ struct crypt_hmac {
|
||||
|
||||
int crypt_backend_init(void)
|
||||
{
|
||||
if (crypto_backend_initialised)
|
||||
return 0;
|
||||
|
||||
log_dbg("Initialising gcrypt crypto backend.");
|
||||
if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
|
||||
if (!gcry_check_version (GCRYPT_REQ_VERSION)) {
|
||||
@@ -62,6 +68,7 @@ int crypt_backend_init(void)
|
||||
gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
|
||||
}
|
||||
|
||||
crypto_backend_initialised = 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -73,8 +80,11 @@ uint32_t crypt_backend_flags(void)
|
||||
/* HASH */
|
||||
int crypt_hash_size(const char *name)
|
||||
{
|
||||
int hash_id = gcry_md_map_name(name);
|
||||
int hash_id;
|
||||
|
||||
assert(crypto_backend_initialised);
|
||||
|
||||
hash_id = gcry_md_map_name(name);
|
||||
if (!hash_id)
|
||||
return -EINVAL;
|
||||
|
||||
@@ -85,6 +95,8 @@ int crypt_hash_init(struct crypt_hash **ctx, const char *name)
|
||||
{
|
||||
struct crypt_hash *h;
|
||||
|
||||
assert(crypto_backend_initialised);
|
||||
|
||||
h = malloc(sizeof(*h));
|
||||
if (!h)
|
||||
return -ENOMEM;
|
||||
@@ -151,6 +163,8 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
|
||||
{
|
||||
struct crypt_hmac *h;
|
||||
|
||||
assert(crypto_backend_initialised);
|
||||
|
||||
h = malloc(sizeof(*h));
|
||||
if (!h)
|
||||
return -ENOMEM;
|
||||
|
||||
@@ -33,6 +33,8 @@
|
||||
#define SOL_ALG 279
|
||||
#endif
|
||||
|
||||
static int crypto_backend_initialised = 0;
|
||||
|
||||
struct hash_alg {
|
||||
const char *name;
|
||||
const char *kernel_name;
|
||||
@@ -97,6 +99,9 @@ int crypt_backend_init(void)
|
||||
};
|
||||
int tfmfd = -1, opfd = -1;
|
||||
|
||||
if (crypto_backend_initialised)
|
||||
return 0;
|
||||
|
||||
log_dbg("Initialising kernel crypto API backend.");
|
||||
|
||||
if (uname(&uts) == -1 || strcmp(uts.sysname, "Linux"))
|
||||
@@ -108,6 +113,8 @@ int crypt_backend_init(void)
|
||||
|
||||
close(tfmfd);
|
||||
close(opfd);
|
||||
|
||||
crypto_backend_initialised = 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -23,6 +23,8 @@
|
||||
#include <nss/pk11pub.h>
|
||||
#include "crypto_backend.h"
|
||||
|
||||
static int crypto_backend_initialised = 0;
|
||||
|
||||
struct hash_alg {
|
||||
const char *name;
|
||||
SECOidTag oid;
|
||||
@@ -65,10 +67,14 @@ static struct hash_alg *_get_alg(const char *name)
|
||||
|
||||
int crypt_backend_init(void)
|
||||
{
|
||||
if (crypto_backend_initialised)
|
||||
return 0;
|
||||
|
||||
log_dbg("Initialising NSS crypto backend.");
|
||||
if (NSS_NoDB_Init(".") != SECSuccess)
|
||||
return -EINVAL;
|
||||
|
||||
crypto_backend_initialised = 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -23,6 +23,8 @@
|
||||
#include <openssl/hmac.h>
|
||||
#include "crypto_backend.h"
|
||||
|
||||
static int crypto_backend_initialised = 0;
|
||||
|
||||
struct crypt_hash {
|
||||
EVP_MD_CTX md;
|
||||
const EVP_MD *hash_id;
|
||||
@@ -37,8 +39,13 @@ struct crypt_hmac {
|
||||
|
||||
int crypt_backend_init(void)
|
||||
{
|
||||
if (crypto_backend_initialised)
|
||||
return 0;
|
||||
|
||||
OpenSSL_add_all_digests();
|
||||
log_dbg("OpenSSL crypto backend initialized.");
|
||||
|
||||
crypto_backend_initialised = 1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@@ -240,13 +240,14 @@ int PBKDF2_performance_check(const char *hash, uint64_t *iter)
|
||||
/* If crypto backend is not implemented in userspace,
|
||||
* but uses some kernel part, we must measure also time
|
||||
* spent in kernel. */
|
||||
if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL)
|
||||
if (crypt_backend_flags() & CRYPT_BACKEND_KERNEL) {
|
||||
timer_type = ITIMER_PROF;
|
||||
else
|
||||
signal(SIGPROF,sigvtalarm);
|
||||
} else {
|
||||
timer_type = ITIMER_VIRTUAL;
|
||||
signal(SIGVTALRM,sigvtalarm);
|
||||
}
|
||||
|
||||
signal(SIGVTALRM,sigvtalarm);
|
||||
signal(SIGPROF,sigvtalarm);
|
||||
it.it_interval.tv_usec = 0;
|
||||
it.it_interval.tv_sec = 0;
|
||||
it.it_value.tv_usec = 0;
|
||||
|
||||
@@ -144,6 +144,9 @@ static int _get_random(struct crypt_device *ctx, char *buf, size_t len)
|
||||
/* Initialisation of both RNG file descriptors is mandatory */
|
||||
int crypt_random_init(struct crypt_device *ctx)
|
||||
{
|
||||
if (random_initialised)
|
||||
return 0;
|
||||
|
||||
/* Used for CRYPT_RND_NORMAL */
|
||||
if(urandom_fd == -1)
|
||||
urandom_fd = open(URANDOM_DEVICE, O_RDONLY);
|
||||
|
||||
Reference in New Issue
Block a user