How to use the cryptographic API (e.g. md5 checksum)?

Peter Teoh htmldeveloper at gmail.com
Fri May 27 22:42:13 EDT 2011


this opensource application (in windows) does meet your requirements:

http://www.codeproject.com/KB/cpp/VerifyIntegrity.aspx

On Sat, May 28, 2011 at 10:22 AM, Peter Teoh <htmldeveloper at gmail.com> wrote:
> On Sat, May 28, 2011 at 6:03 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
>> Peter Teoh wrote:
>>> On Tue, May 24, 2011 at 6:43 AM, Arvid Brodin <arvid.brodin at enea.com> wrote:
>>>> Hi,
>>>>
>>>> I want to perform an md5 checksum on a process' text segment (I create a file
>>>> /proc/<pid>/text_checksum that, when read, should give the md5sum).
>>>>
>>>> The crypto api documentation (Documentation/crypto/api-intro.txt) seems to be
>>>> quite lacking. The only example is:
>>>>
>>>>        tfm = crypto_alloc_hash("md5", 0, CRYPTO_ALG_ASYNC);
>>>>        if (IS_ERR(tfm))
>>>>                fail();
>>>>
>>>>        /* ... set up the scatterlists ... */
>>>>
>>>>        desc.tfm = tfm;
>>>>        desc.flags = 0;
>>>>
>>>>        if (crypto_hash_digest(&desc, sg, 2, result))
>>>>                fail();
>>>>
>>>>        crypto_free_hash(tfm);
>>>>
>>>> Looking at some existing code, I see usage of crypto_hash_init(),
>>>> crypto_hash_final(), desc.flag set to CRYPTO_TFM_REQ_MAY_SLEEP,
>>>> ... (e.g. in fs/ecryptfs/crypto.c). Does anybody know what they do? Do I need
>>>
>>> http://www.redhat.com/archives/dm-devel/2005-August/msg00058.html
>>
>> Thanks, that explains the CRYPTO_TFM_REQ_MAY_SLEEP flag!
>>
>>
>>>> to, or should I, use them? The functions are are declared in include/linux/crypto.h
>>>> as some kind of wrapper functions, but lack documentation. Also, Google has not
>>>> been my friend here.
>>>
>>> http://www.linuxjournal.com/article/6451?page=0,0
>>
>>
>> This link is one I've found before, and it really does not explain anything
>> about the usage of crypto_hash_{digest,init,update,final}() as far as I can
>> see. So I'm still looking for help on this!
>>
>>
>> Thanks,
>> Arvid Brodin
>> Enea Services Stockholm AB
>>
>
> As these function are just wrapper over the real crypto API, they have
> nothing to do with md5.
>
> It is not explained....I guess it is because they are self-explanatory
> (eg "crypto_hash_digest()" is calculating digest from the hash etc).
> I guess reading more crypto concept will help.
>
> look into the crypto/tcrypt.c:do_test() - where usage of different
> crypto scheme is shown (md5, sha1 etc).
>
> read wiki:
>
> http://en.wikipedia.org/wiki/MD5
>
> and u know that the input is 16 bytes, which is what the
> crypto/md5.c:md5_transform() is calculating:
>
> static void md5_transform(u32 *hash, u32 const *in)
>
> and understanding the above will finally help u to understand
> md5_update(): which is calling md5_transform() repeatedly for each
> block.   This also help to explain crypto_hash_update().
>
> In its complete usage:
>
>        for (start = jiffies, end = start + sec * HZ, bcount = 0;
>             time_before(jiffies, end); bcount++) {
>                ret = crypto_hash_init(desc);
>                if (ret)
>                        return ret;
>                for (pcount = 0; pcount < blen; pcount += plen) {
>                        ret = crypto_hash_update(desc, sg, plen);
>                        if (ret)
>                                return ret;
>                }
>                /* we assume there is enough space in 'out' for the result */
>                ret = crypto_hash_final(desc, out);
>                if (ret)
>                        return ret;
>        }
>
> plen will correspond to the page by page of your text segment. (not
> including the descriptor allocation part)
>
> and another complete example of using all the API is in
> test_hash_speed(): hash is allocated, calculated and finally freed.
>
> I think more important is the method of the idea - not all the pages
> of the text segment are loaded into the memory, and if u attempt to
> access it in userspace, u will trigger a pagefault to load the text
> segment into memory.   but if u attempt to access it in kernel mode
> while it is not available.....hmmmmm......more info will be available
> after debugging....
>
> See page 24 of the following document:
>
> EXECUTABLE WHITELISTS AND PROCESS AUTHENTICATION FOR PROTECTION
>
> http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.129.5235&rep=rep1&type=pdf
>
> --
> Regards,
> Peter Teoh
>



-- 
Regards,
Peter Teoh



More information about the Kernelnewbies mailing list