How to use the cryptographic API (e.g. md5 checksum)?

Peter Teoh htmldeveloper at gmail.com
Fri May 27 22:22:52 EDT 2011


On Sat, May 28, 2011 at 6:03 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
> Peter Teoh wrote:
>> On Tue, May 24, 2011 at 6:43 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
>>> Hi,
>>>
>>> I want to perform an md5 checksum on a process' text segment (I create a file
>>> /proc/<pid>/text_checksum that, when read, should give the md5sum).
>>>
>>> The crypto api documentation (Documentation/crypto/api-intro.txt) seems to be
>>> quite lacking. The only example is:
>>>
>>>        tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
>>>        if (IS_ERR(tfm))
>>>                fail();
>>>
>>>        /* ... set up the scatterlists ... */
>>>
>>>        desc.tfm = tfm;
>>>        desc.flags = 0;
>>>
>>>        if (crypto_hash_digest(&desc, sg, 2, result))
>>>                fail();
>>>
>>>        crypto_free_hash(tfm);
>>>
>>> Looking at some existing code, I see usage of crypto_hash_init(),
>>> crypto_hash_final(), desc.flag set to CRYPTO_TFM_REQ_MAY_SLEEP,
>>> ... (e.g. in fs/ecryptfs/crypto.c). Does anybody know what they do? Do I need
>>
>> http://www.redhat.com/archives/dm-devel/2005-August/msg00058.html
>
> Thanks, that explains the CRYPTO_TFM_REQ_MAY_SLEEP flag!
>
>
>>> to, or should I, use them? The functions are are declared in include/linux/crypto.h
>>> as some kind of wrapper functions, but lack documentation. Also, Google has not
>>> been my friend here.
>>
>> http://www.linuxjournal.com/article/6451?page=0,0
>
>
> This link is one I've found before, and it really does not explain anything
> about the usage of crypto_hash_{digest,init,update,final}() as far as I can
> see. So I'm still looking for help on this!
>
>
> Thanks,
> Arvid Brodin
> Enea Services Stockholm AB
>

As these function are just wrapper over the real crypto API, they have
nothing to do with md5.

It is not explained....I guess it is because they are self-explanatory
(eg "crypto_hash_digest()" is calculating digest from the hash etc).
I guess reading more crypto concept will help.

look into the crypto/tcrypt.c:do_test() - where usage of different
crypto scheme is shown (md5, sha1 etc).

read wiki:

http://en.wikipedia.org/wiki/MD5

and u know that the input is 16 bytes, which is what the
crypto/md5.c:md5_transform() is calculating:

static void md5_transform(u32 *hash, u32 const *in)

and understanding the above will finally help u to understand
md5_update(): which is calling md5_transform() repeatedly for each
block.   This also help to explain crypto_hash_update().

In its complete usage:

        for (start = jiffies, end = start + sec * HZ, bcount = 0;
             time_before(jiffies, end); bcount++) {
                ret = crypto_hash_init(desc);
                if (ret)
                        return ret;
                for (pcount = 0; pcount < blen; pcount += plen) {
                        ret = crypto_hash_update(desc, sg, plen);
                        if (ret)
                                return ret;
                }
                /* we assume there is enough space in 'out' for the result */
                ret = crypto_hash_final(desc, out);
                if (ret)
                        return ret;
        }

plen will correspond to the page by page of your text segment. (not
including the descriptor allocation part)

and another complete example of using all the API is in
test_hash_speed(): hash is allocated, calculated and finally freed.

I think more important is the method of the idea - not all the pages
of the text segment are loaded into the memory, and if u attempt to
access it in userspace, u will trigger a pagefault to load the text
segment into memory.   but if u attempt to access it in kernel mode
while it is not available.....hmmmmm......more info will be available
after debugging....

See page 24 of the following document:

EXECUTABLE WHITELISTS AND PROCESS AUTHENTICATION FOR PROTECTION

http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.5235&rep=rep1&type=pdf

-- 
Regards,
Peter Teoh



More information about the Kernelnewbies mailing list