fips_crypto_utils.c 5.7 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262
  1. /*
  2. * Utility functions called from fips_crypto_hmac.sh.
  3. *
  4. * executed during Kernel build
  5. *
  6. *
  7. * Author : Rohit Kothari (r.kothari@samsung.com)
  8. * Date : 11 Feb 2014
  9. *
  10. * Copyright (c) 2014 Samsung Electronics
  11. *
  12. */
  13. #include <stdio.h>
  14. #include <stdlib.h>
  15. #include <string.h>
  16. int collect_crypto_bytes(const char *in_file, const char *section_name,
  17. unsigned long offset, unsigned long size, const char *out_file);
  18. int update_crypto_hmac(const char *vmlinux_path, const char *hmac_path,
  19. unsigned long offset);
  20. int main (int argc, char **argv)
  21. {
  22. if (argc < 2)
  23. {
  24. printf ("\nUsage : \n");
  25. printf ("fips_crypto_utils -u vmlinux_file hmac_file offset");
  26. printf ("fips_crypto_utils -g vmlinux_file section_name offset size out_file");
  27. printf ("\n");
  28. return -1;
  29. }
  30. if (!strcmp ("-u", argv[1]))
  31. {
  32. unsigned long offset = 0;
  33. unsigned char * vmlinux_file = NULL;
  34. unsigned char * hmac_file = NULL;
  35. if (argc != 5)
  36. {
  37. printf ("\nUsage : \n");
  38. printf ("fips_crypto_utils -u vmlinux_file hmac_file offset");
  39. printf ("\n");
  40. return -1;
  41. }
  42. vmlinux_file = argv[2];
  43. hmac_file = argv[3];
  44. offset = atol(argv[4]);
  45. if (!vmlinux_file || !hmac_file || !offset)
  46. {
  47. printf ("./fips_crypto_utils -u vmlinux_file hmac_file offset");
  48. return -1;
  49. }
  50. return update_crypto_hmac (vmlinux_file, hmac_file, offset);
  51. }
  52. else if (!strcmp ("-g", argv[1]))
  53. {
  54. const char * in_file = NULL;
  55. const char * section_name = NULL;
  56. unsigned long offset = 0;
  57. unsigned long size = 0;
  58. const char * out_file = NULL;
  59. if (argc != 7)
  60. {
  61. printf ("\nUsage : \n");
  62. printf ("./fips_crypto_utils -g vmlinux_file section_name offset size out_file");
  63. printf ("\n");
  64. return -1;
  65. }
  66. in_file = argv[2];
  67. section_name = argv[3];
  68. offset = atol(argv[4]);
  69. size = atol(argv[5]);
  70. out_file = argv[6];
  71. if (!in_file || !section_name || !offset || !size || !out_file)
  72. {
  73. printf ("./fips_crypto_utils -g vmlinux_file section_name offset size out_file");
  74. return -1;
  75. }
  76. return collect_crypto_bytes (in_file, section_name, offset, size, out_file);
  77. }
  78. else
  79. {
  80. printf ("\nUsage : \n");
  81. printf ("fips_crypto_utils -u vmlinux_file hmac_file offset");
  82. printf ("fips_crypto_utils -g vmlinux_file section_name offset size out_file");
  83. printf ("\n");
  84. }
  85. return -1;
  86. }
  87. /*
  88. * Given a vmlinux file, dumps "size" bytes from given "offset" to output file
  89. * in_file : absolute path to vmlinux file
  90. * section_name : Used only for printing / debugging
  91. * offset : offset in file from where to dump bytes
  92. * size : how many bytes to dump
  93. * out_file : Output file, where to dump bytes.
  94. * Open in append mode, to keep previous bytes, if present
  95. * Caller need to clean up before 1st call
  96. *
  97. * Returns 0, if success
  98. * -1, if error
  99. */
  100. int
  101. collect_crypto_bytes (const char * in_file, const char * section_name, unsigned long offset,
  102. unsigned long size, const char * out_file)
  103. {
  104. FILE * in_fp = NULL;
  105. FILE * out_fp = NULL;
  106. unsigned int i = 0;
  107. unsigned char data = 0;
  108. if (!in_file || !section_name || !offset || !size || !out_file)
  109. {
  110. printf ("collect_crypto_bytes : Invalid arguments");
  111. return -1;
  112. }
  113. printf ("Section : %s\n", section_name);
  114. in_fp = fopen (in_file, "r");
  115. if (!in_fp)
  116. {
  117. printf ("Unable to open file : %s", in_file);
  118. return -1;
  119. }
  120. if (fseek (in_fp, offset, SEEK_SET) != 0 )
  121. {
  122. printf ("Unable to seek file : %s", in_file);
  123. fclose (in_fp);
  124. return -1;
  125. }
  126. out_fp = fopen (out_file, "ab");
  127. if (!out_fp)
  128. {
  129. printf ("Unable to open file : %s", out_file);
  130. fclose(in_fp);
  131. return -1;
  132. }
  133. for (i = 1; i <= size; i++)
  134. {
  135. if ( 1 != fread (&data, sizeof(unsigned char), 1, in_fp))
  136. {
  137. printf ("Unable to read 1 byte from file : %s", in_file);
  138. fclose (in_fp);
  139. fclose (out_fp);
  140. return -1;
  141. }
  142. printf ("%02x ", data);
  143. if (1 != fwrite (&data, 1, 1, out_fp))
  144. {
  145. printf ("Unable to write 1 byte to file : %s", out_file);
  146. fclose (in_fp);
  147. fclose (out_fp);
  148. return -1;
  149. }
  150. if ( !(i % 16))
  151. printf ("\n");
  152. }
  153. fclose (in_fp);
  154. fclose (out_fp);
  155. return 0;
  156. }
  157. #define SHA256_DIGEST_SIZE 32
  158. /*
  159. * Given a vmlinux file, overwrites bytes at given offset with hmac bytes, available in
  160. * hmac file.
  161. * Return 0, if Success
  162. * -1, if Error
  163. */
  164. int
  165. update_crypto_hmac (const char * vmlinux_path, const char * hmac_path, unsigned long offset)
  166. {
  167. FILE * vmlinux_fp = NULL;
  168. FILE * hmac_fp = NULL;
  169. int i = 0, j = 0;
  170. unsigned char hmac[SHA256_DIGEST_SIZE];
  171. if (!vmlinux_path || !hmac_path || !offset)
  172. {
  173. printf ("FIPS update_crypto_hmac : Invalid Params");
  174. return -1;
  175. }
  176. vmlinux_fp = fopen (vmlinux_path, "r+b");
  177. if (!vmlinux_fp)
  178. {
  179. printf ("Unable to open vmlinux file ");
  180. return -1;
  181. }
  182. hmac_fp = fopen (hmac_path, "rb");
  183. if (!hmac_fp)
  184. {
  185. printf ("Unable to open hmac file ");
  186. fclose (vmlinux_fp);
  187. return -1;
  188. }
  189. if (SHA256_DIGEST_SIZE != fread (&hmac, sizeof(unsigned char), SHA256_DIGEST_SIZE, hmac_fp))
  190. {
  191. printf ("Unable to read %d bytes from hmac file", SHA256_DIGEST_SIZE);
  192. fclose (hmac_fp);
  193. fclose (vmlinux_fp);
  194. return -1;
  195. }
  196. #if 0
  197. printf ("Hash : ");
  198. for (i = 0; i < sizeof(hmac); i++)
  199. printf ("%02x ", hmac[i]);
  200. printf ("\n");
  201. printf ("Offset : %ld", offset);
  202. #endif
  203. if (fseek (vmlinux_fp, offset, SEEK_SET) != 0 )
  204. {
  205. printf ("Unable to seek into vmlinux file.");
  206. fclose (hmac_fp);
  207. fclose (vmlinux_fp);
  208. return -1;
  209. }
  210. if (SHA256_DIGEST_SIZE != fwrite (hmac, sizeof(unsigned char), SHA256_DIGEST_SIZE, vmlinux_fp))
  211. {
  212. printf ("Unable to write %d byte into vmlinux", SHA256_DIGEST_SIZE);
  213. fclose (hmac_fp);
  214. fclose (vmlinux_fp);
  215. return -1;
  216. }
  217. fclose (vmlinux_fp);
  218. fclose (hmac_fp);
  219. return 0;
  220. }