static int Aesdrv_ioctl( struct inode *inode, struct file *filp, unsigned long arg) #endif { int error = 0; //printk("%s: cmd=0x%x\n", __FUNCTION__, sActionData.sState); if(copy_from_user(&sActionData, (void*)arg, sizeof(_AesActionData))){ printk("\n Copy of Action Data From Userspce to Kernel Space Failed\n"); return -1; } switch (sActionData.sState){ case AES_INIT: { scpInputDataBuffer =(char*) AesInit(1,(sActionData.iBufSize+16)); if(NULL == scpInputDataBuffer){ printk("\n AesInit Failed\n"); return -1; } siIsAesRunning = 1; return 0; } break; case AES_OPEN_SESSION_AND_SET_KEY: { char *cpKeyData = malloc(sActionData.iInputDataLen+1); if(NULL == cpKeyData){ printk("\nAllocating the Memory for the Key data Failed!!\n"); return -1; } memset(cpKeyData,'\0',sActionData.iInputDataLen+1); if(copy_from_user(cpKeyData, (void*)sActionData.cpInputData, sActionData.iInputDataLen)){ printk("\n Copy of Key Data From Userspce to Kernel Space Failed\n"); return -1; } if(AES_ECB == sActionData.iMode){ error = AesOpenSessionAndSetKey(cpKeyData,sActionData.iInputDataLen,sActionData.sAction,0); } else{ error = AesOpenSessionAndSetKey(cpKeyData,sActionData.iInputDataLen,sActionData.sAction,1); } if(0 != error){ printk("\n AesOpenSessionAndSetKey Failed\n"); return -1; } if(cpKeyData) kfree(cpKeyData); return 0; } break; case AES_ACTION: { if(NULL == scpInputDataBuffer){ printk("\n Input Data Buffer is NULL\n"); return -1; } if(AES_CBC == sActionData.iMode){ memcpy(scpInputDataBuffer,sActionData.cpIV, sizeof(sActionData.cpIV)); if(copy_from_user(scpInputDataBuffer+sizeof(sActionData.cpIV),(void*)sActionData.cpInputData, sActionData.iInputDataLen)){ printk("\n Copy of Action Data From Userspce to Kernel Space Failed\n"); return -1; } error = AesAction(scpInputDataBuffer,sActionData.iInputDataLen,&scpAesOutputDataBuffer,1); } else{ if(copy_from_user(scpInputDataBuffer, (void*)sActionData.cpInputData, sActionData.iInputDataLen)){ printk("\n Copy of Action Data From Userspce to Kernel Space Failed\n"); return -1; } error = AesAction(scpInputDataBuffer,sActionData.iInputDataLen,&scpAesOutputDataBuffer,0); } // memset(scpAesOutputDataBuffer,0,sActionData.iInputDataLen); if(0 != error){ printk("\n sActionData Failed\n"); return -1; } if(AES_CBC == sActionData.iMode){ if(copy_to_user(sActionData.cpOutputData, (void*)scpAesOutputDataBuffer+sizeof(sActionData.cpIV), sActionData.iOuputDataLen)){ printk("\n Copy of Output Data to Userspce from Kernel Space Failed\n"); return -1; } } else{ if(copy_to_user(sActionData.cpOutputData, (void*)scpAesOutputDataBuffer, sActionData.iOuputDataLen)){ printk("\n Copy of Output Data to Userspce from Kernel Space Failed\n"); return -1; } } return 0; } break; case AES_CLOSE_SESSION: { AesActionCompleted(); return 0; } case AES_STOP: { AesStop(); siIsAesRunning = 0; return 0; } break; case AES_STATE: { return siIsAesRunning; } default: printk("%s (unknown ioctl 0x%x)\n", __FUNCTION__, sActionData.sState); error = EINVAL; break; } return(-error); }
/** Validate UEFI-OpenSSL Block Ciphers (Symmetric Crypto) Interfaces. @retval EFI_SUCCESS Validation succeeded. @retval EFI_ABORTED Validation failed. **/ EFI_STATUS ValidateCryptBlockCipher ( VOID ) { UINTN CtxSize; VOID *CipherCtx; UINT8 Encrypt[256]; UINT8 Decrypt[256]; BOOLEAN Status; Print (L"\nUEFI-OpenSSL Block Cipher Engine Testing: "); CtxSize = TdesGetContextSize (); CipherCtx = AllocatePool (CtxSize); Print (L"\n- TDES Validation: "); Print (L"ECB... "); // // TDES ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = TdesInit (CipherCtx, TdesEcbKey, 64); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesEcbCipher, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"EDE2 ECB... "); // // TDES EDE2 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = TdesInit (CipherCtx, TdesEcbKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbEncrypt (CipherCtx, TdesEcbData, 8, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesEcbDecrypt (CipherCtx, Encrypt, 8, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesEcb2Cipher, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesEcbData, 8) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"EDE3 CBC... "); // // TDES EDE3 CBC Validation // ZeroMem (Encrypt, 256); ZeroMem (Decrypt, 256); Status = TdesInit (CipherCtx, TdesCbcKey, 192); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesCbcEncrypt (CipherCtx, TdesCbcData, sizeof (TdesCbcData), TdesCbcIvec, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = TdesCbcDecrypt (CipherCtx, Encrypt, sizeof (TdesCbcData), TdesCbcIvec, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, TdesCbc3Cipher, sizeof (TdesCbc3Cipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, TdesCbcData, sizeof (TdesCbcData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); FreePool (CipherCtx); CtxSize = AesGetContextSize (); CipherCtx = AllocatePool (CtxSize); Print (L"\n- AES Validation: "); Print (L"ECB-128... "); // // AES-128 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes128EcbKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes128EcbData, sizeof (Aes128EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes128EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes128EcbCipher, sizeof (Aes128EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes128EcbData, sizeof (Aes128EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"ECB-192... "); // // AES-192 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes192EcbKey, 192); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes192EcbData, sizeof (Aes192EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes192EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes192EcbCipher, sizeof (Aes192EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes192EcbData, sizeof (Aes192EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"ECB-256... "); // // AES-256 ECB Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes256EcbKey, 256); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbEncrypt (CipherCtx, Aes256EcbData, sizeof (Aes256EcbData), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesEcbDecrypt (CipherCtx, Encrypt, sizeof (Aes256EcbData), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes256EcbCipher, sizeof (Aes256EcbCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes256EcbData, sizeof (Aes256EcbData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"CBC-128... "); // // AES-128 CBC Validation // ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = AesInit (CipherCtx, Aes128CbcKey, 128); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesCbcEncrypt (CipherCtx, Aes128CbcData, sizeof (Aes128CbcData), Aes128CbcIvec, Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = AesCbcDecrypt (CipherCtx, Encrypt, sizeof (Aes128CbcData), Aes128CbcIvec, Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Aes128CbcCipher, sizeof (Aes128CbcCipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Aes128CbcData, sizeof (Aes128CbcData)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); Print (L"\n- ARC4 Validation: "); // // ARC4 Validation // CtxSize = Arc4GetContextSize (); CipherCtx = AllocatePool (CtxSize); ZeroMem (Encrypt, sizeof (Encrypt)); ZeroMem (Decrypt, sizeof (Decrypt)); Status = Arc4Init (CipherCtx, Arc4Key, sizeof (Arc4Key)); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Encrypt (CipherCtx, Arc4Data, sizeof (Arc4Data), Encrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Reset (CipherCtx); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } Status = Arc4Decrypt (CipherCtx, Encrypt, sizeof (Arc4Data), Decrypt); if (!Status) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Encrypt, Arc4Cipher, sizeof (Arc4Cipher)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } if (CompareMem (Decrypt, Arc4Data, sizeof (Arc4Data)) != 0) { Print (L"[Fail]"); return EFI_ABORTED; } Print (L"[Pass]"); Print (L"\n"); return EFI_SUCCESS; }