How to use the cryptographic API (e.g. md5 checksum)?
Peter Teoh
htmldeveloper at gmail.com
Fri May 27 22:22:52 EDT 2011
On Sat, May 28, 2011 at 6:03 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
> Peter Teoh wrote:
>> On Tue, May 24, 2011 at 6:43 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
>>> Hi,
>>>
>>> I want to perform an md5 checksum on a process' text segment (I create a file
>>> /proc/<pid>/text_checksum that, when read, should give the md5sum).
>>>
>>> The crypto api documentation (Documentation/crypto/api-intro.txt) seems to be
>>> quite lacking. The only example is:
>>>
>>> tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
>>> if (IS_ERR(tfm))
>>> fail();
>>>
>>> /* ... set up the scatterlists ... */
>>>
>>> desc.tfm = tfm;
>>> desc.flags = 0;
>>>
>>> if (crypto_hash_digest(&desc, sg, 2, result))
>>> fail();
>>>
>>> crypto_free_hash(tfm);
>>>
>>> Looking at some existing code, I see usage of crypto_hash_init(),
>>> crypto_hash_final(), desc.flag set to CRYPTO_TFM_REQ_MAY_SLEEP,
>>> ... (e.g. in fs/ecryptfs/crypto.c). Does anybody know what they do? Do I need
>>
>> http://www.redhat.com/archives/dm-devel/2005-August/msg00058.html
>
> Thanks, that explains the CRYPTO_TFM_REQ_MAY_SLEEP flag!
>
>
>>> to, or should I, use them? The functions are are declared in include/linux/crypto.h
>>> as some kind of wrapper functions, but lack documentation. Also, Google has not
>>> been my friend here.
>>
>> http://www.linuxjournal.com/article/6451?page=0,0
>
>
> This link is one I've found before, and it really does not explain anything
> about the usage of crypto_hash_{digest,init,update,final}() as far as I can
> see. So I'm still looking for help on this!
>
>
> Thanks,
> Arvid Brodin
> Enea Services Stockholm AB
>
As these function are just wrapper over the real crypto API, they have
nothing to do with md5.
It is not explained....I guess it is because they are self-explanatory
(eg "crypto_hash_digest()" is calculating digest from the hash etc).
I guess reading more crypto concept will help.
look into the crypto/tcrypt.c:do_test() - where usage of different
crypto scheme is shown (md5, sha1 etc).
read wiki:
http://en.wikipedia.org/wiki/MD5
and u know that the input is 16 bytes, which is what the
crypto/md5.c:md5_transform() is calculating:
static void md5_transform(u32 *hash, u32 const *in)
and understanding the above will finally help u to understand
md5_update(): which is calling md5_transform() repeatedly for each
block. This also help to explain crypto_hash_update().
In its complete usage:
for (start = jiffies, end = start + sec * HZ, bcount = 0;
time_before(jiffies, end); bcount++) {
ret = crypto_hash_init(desc);
if (ret)
return ret;
for (pcount = 0; pcount < blen; pcount += plen) {
ret = crypto_hash_update(desc, sg, plen);
if (ret)
return ret;
}
/* we assume there is enough space in 'out' for the result */
ret = crypto_hash_final(desc, out);
if (ret)
return ret;
}
plen will correspond to the page by page of your text segment. (not
including the descriptor allocation part)
and another complete example of using all the API is in
test_hash_speed(): hash is allocated, calculated and finally freed.
I think more important is the method of the idea - not all the pages
of the text segment are loaded into the memory, and if u attempt to
access it in userspace, u will trigger a pagefault to load the text
segment into memory. but if u attempt to access it in kernel mode
while it is not available.....hmmmmm......more info will be available
after debugging....
See page 24 of the following document:
EXECUTABLE WHITELISTS AND PROCESS AUTHENTICATION FOR PROTECTION
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.5235&rep=rep1&type=pdf
--
Regards,
Peter Teoh
More information about the Kernelnewbies
mailing list