printed plugin names have a hyphen
[strongswan.git] / src / libstrongswan / plugins / af_alg / af_alg_ops.c
1 /*
2 * Copyright (C) 2010 Martin Willi
3 * Copyright (C) 2010 revosec AG
4 *
5 * This program is free software; you can redistribute it and/or modify it
6 * under the terms of the GNU General Public License as published by the
7 * Free Software Foundation; either version 2 of the License, or (at your
8 * option) any later version. See <http://www.fsf.org/copyleft/gpl.txt>.
9 *
10 * This program is distributed in the hope that it will be useful, but
11 * WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
12 * or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
13 * for more details.
14 */
15
16 #include "af_alg_ops.h"
17
18 #include <unistd.h>
19 #include <errno.h>
20 #include <linux/socket.h>
21
22 #include <debug.h>
23
24 const char *af_alg_plugin_name = "af-alg";
25
26 typedef struct private_af_alg_ops_t private_af_alg_ops_t;
27
28 /**
29 * Private data of an af_alg_ops_t object.
30 */
31 struct private_af_alg_ops_t {
32
33 /**
34 * Public af_alg_ops_t interface.
35 */
36 af_alg_ops_t public;
37
38 /**
39 * Transform FD
40 */
41 int tfm;
42
43 /**
44 * Operation FD
45 */
46 int op;
47 };
48
49 METHOD(af_alg_ops_t, reset, void,
50 private_af_alg_ops_t *this)
51 {
52 if (this->op != -1)
53 {
54 close(this->op);
55 this->op = -1;
56 }
57 }
58
59 METHOD(af_alg_ops_t, hash, void,
60 private_af_alg_ops_t *this, chunk_t data, char *out, size_t outlen)
61 {
62 ssize_t len;
63
64 while (this->op == -1)
65 {
66 this->op = accept(this->tfm, NULL, 0);
67 if (this->op == -1)
68 {
69 DBG1(DBG_LIB, "opening AF_ALG hasher failed: %s", strerror(errno));
70 sleep(1);
71 }
72 }
73 do
74 {
75 len = send(this->op, data.ptr, data.len, out ? 0 : MSG_MORE);
76 if (len == -1)
77 {
78 DBG1(DBG_LIB, "writing to AF_ALG hasher failed: %s", strerror(errno));
79 sleep(1);
80 }
81 else
82 {
83 data = chunk_skip(data, len);
84 }
85 }
86 while (data.len);
87
88 if (out)
89 {
90 while (read(this->op, out, outlen) != outlen)
91 {
92 DBG1(DBG_LIB, "reading AF_ALG hasher failed: %s", strerror(errno));
93 sleep(1);
94 }
95 reset(this);
96 }
97 }
98
99 METHOD(af_alg_ops_t, crypt, void,
100 private_af_alg_ops_t *this, u_int32_t type, chunk_t iv, chunk_t data,
101 char *out)
102 {
103 struct msghdr msg = {};
104 struct cmsghdr *cmsg;
105 struct af_alg_iv *ivm;
106 struct iovec iov;
107 char buf[CMSG_SPACE(sizeof(type)) +
108 CMSG_SPACE(offsetof(struct af_alg_iv, iv) + iv.len)];
109 ssize_t len;
110 int op;
111
112 while ((op = accept(this->tfm, NULL, 0)) == -1)
113 {
114 DBG1(DBG_LIB, "accepting AF_ALG crypter failed: %s", strerror(errno));
115 sleep(1);
116 }
117
118 memset(buf, 0, sizeof(buf));
119
120 msg.msg_control = buf;
121 msg.msg_controllen = sizeof(buf);
122
123 cmsg = CMSG_FIRSTHDR(&msg);
124 cmsg->cmsg_level = SOL_ALG;
125 cmsg->cmsg_type = ALG_SET_OP;
126 cmsg->cmsg_len = CMSG_LEN(sizeof(type));
127 *(u_int32_t*)CMSG_DATA(cmsg) = type;
128
129 cmsg = CMSG_NXTHDR(&msg, cmsg);
130 cmsg->cmsg_level = SOL_ALG;
131 cmsg->cmsg_type = ALG_SET_IV;
132 cmsg->cmsg_len = CMSG_LEN(offsetof(struct af_alg_iv, iv) + iv.len);
133 ivm = (void*)CMSG_DATA(cmsg);
134 ivm->ivlen = iv.len;
135 memcpy(ivm->iv, iv.ptr, iv.len);
136
137 msg.msg_iov = &iov;
138 msg.msg_iovlen = 1;
139
140 while (data.len)
141 {
142 iov.iov_base = data.ptr;
143 iov.iov_len = data.len;
144
145 len = sendmsg(op, &msg, 0);
146 if (len == -1)
147 {
148 DBG1(DBG_LIB, "writing to AF_ALG crypter failed: %s",
149 strerror(errno));
150 sleep(1);
151 continue;
152 }
153 if (read(op, out, len) != len)
154 {
155 DBG1(DBG_LIB, "reading from AF_ALG crypter failed: %s",
156 strerror(errno));
157 }
158 data = chunk_skip(data, len);
159 /* no IV for subsequent data chunks */
160 msg.msg_controllen = 0;
161 }
162 close(op);
163 }
164
165 METHOD(af_alg_ops_t, set_key, void,
166 private_af_alg_ops_t *this, chunk_t key)
167 {
168 if (setsockopt(this->tfm, SOL_ALG, ALG_SET_KEY, key.ptr, key.len) == -1)
169 {
170 DBG1(DBG_LIB, "setting AF_ALG key failed: %s", strerror(errno));
171 }
172 }
173
174 METHOD(af_alg_ops_t, destroy, void,
175 private_af_alg_ops_t *this)
176 {
177 close(this->tfm);
178 if (this->op != -1)
179 {
180 close(this->op);
181 }
182 free(this);
183 }
184
185 /**
186 * See header
187 */
188 af_alg_ops_t *af_alg_ops_create(char *type, char *alg)
189 {
190 private_af_alg_ops_t *this;
191 struct sockaddr_alg sa = {
192 .salg_family = AF_ALG,
193 };
194
195 strncpy(sa.salg_type, type, sizeof(sa.salg_type));
196 strncpy(sa.salg_name, alg, sizeof(sa.salg_name));
197
198 INIT(this,
199 .public = {
200 .hash = _hash,
201 .reset = _reset,
202 .crypt = _crypt,
203 .set_key = _set_key,
204 .destroy = _destroy,
205 },
206 .tfm = socket(AF_ALG, SOCK_SEQPACKET, 0),
207 .op = -1,
208 );
209 if (this->tfm == -1)
210 {
211 DBG1(DBG_LIB, "opening AF_ALG socket failed: %s", strerror(errno));
212 free(this);
213 return NULL;
214 }
215 if (bind(this->tfm, (struct sockaddr*)&sa, sizeof(sa)) == -1)
216 {
217 if (errno != ENOENT)
218 { /* fail silently if algorithm not supported */
219 DBG1(DBG_LIB, "binding AF_ALG socket for '%s' failed: %s",
220 sa.salg_name, strerror(errno));
221 }
222 destroy(this);
223 return NULL;
224 }
225 return &this->public;
226 }