int
main (int argc, char *argv[]) {
extern char *optarg;
int q;
int do_validation = 0;
err_status_t status;
if (argc == 1)
usage(argv[0]);
/* initialize kernel - we need to do this before anything else */
status = crypto_kernel_init();
if (status) {
printf("error: crypto_kernel init failed\n");
exit(1);
}
printf("crypto_kernel successfully initalized\n");
/* process input arguments */
while (1) {
q = getopt(argc, argv, "vd:");
if (q == -1)
break;
switch (q) {
case 'v':
do_validation = 1;
break;
case 'd':
status = crypto_kernel_set_debug_module(optarg, 1);
if (status) {
printf("error: set debug module (%s) failed\n", optarg);
exit(1);
}
break;
default:
usage(argv[0]);
}
}
if (do_validation) {
printf("checking crypto_kernel status...\n");
status = crypto_kernel_status();
if (status) {
printf("failed\n");
exit(1);
}
printf("crypto_kernel passed self-tests\n");
}
status = crypto_kernel_shutdown();
if (status) {
printf("error: crypto_kernel shutdown failed\n");
exit(1);
}
printf("crypto_kernel successfully shut down\n");
return 0;
}
// int main(int argc, char *argv[]) {
int kernel_driver(unsigned do_validation, unsigned do_debug) {
extern char *optarg;
err_status_t status;
/* initialize kernel - we need to do this before anything else */
status = crypto_kernel_init(0);
if (status) {
printf("error: crypto_kernel init failed\n");
return(1);
}
printf("crypto_kernel successfully initalized\n");
if (do_debug) {
status = crypto_kernel_set_debug_module(optarg, 1);
if (status) {
printf("error: set debug module (%s) failed\n", optarg);
return(1);
}
}
if (do_validation) {
printf("checking crypto_kernel status...\n");
status = crypto_kernel_status();
if (status) {
printf("failed\n");
return(1);
}
printf("crypto_kernel passed self-tests\n");
}
status = crypto_kernel_shutdown();
if (status) {
printf("error: crypto_kernel shutdown failed\n");
return(1);
}
printf("crypto_kernel successfully shut down\n");
return 0;
}
err_status_t
crypto_kernel_init() {
err_status_t status;
/* check the security state */
if (crypto_kernel.state == crypto_kernel_state_secure) {
/*
* we're already in the secure state, but we've been asked to
* re-initialize, so we just re-run the self-tests and then return
*/
return crypto_kernel_status();
}
/* initialize error reporting system */
status = err_reporting_init("crypto");
if (status)
return status;
/* load debug modules */
status = crypto_kernel_load_debug_module(&mod_crypto_kernel);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_auth);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_cipher);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_stat);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_alloc);
if (status)
return status;
/* initialize random number generator */
status = rand_source_init();
if (status)
return status;
/* run FIPS-140 statistical tests on rand_source */
status = stat_test_rand_source_with_repetition(rand_source_get_octet_string, MAX_RNG_TRIALS);
if (status)
return status;
/* initialize pseudorandom number generator */
status = ctr_prng_init(rand_source_get_octet_string);
if (status)
return status;
/* run FIPS-140 statistical tests on ctr_prng */
status = stat_test_rand_source_with_repetition(ctr_prng_get_octet_string, MAX_RNG_TRIALS);
if (status)
return status;
/* load cipher types */
status = crypto_kernel_load_cipher_type(&null_cipher, NULL_CIPHER);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_icm, AES_128_ICM);
if (status)
return status;
status = crypto_kernel_load_cipher_type(&aes_cbc_cipher, AES_128_CBC);
if (status)
return status;
/* load auth func types */
status = crypto_kernel_load_auth_type(&null_auth, NULL_AUTH);
if (status)
return status;
status = crypto_kernel_load_auth_type(&hmac, HMAC_SHA1);
if (status)
return status;
/* change state to secure */
crypto_kernel.state = crypto_kernel_state_secure;
return err_status_ok;
}
