From 06e001692caaa0dc810a72af1ed2b54aadcb4447 Mon Sep 17 00:00:00 2001 From: Mazet Laurent Date: Thu, 15 May 2025 17:27:21 +0200 Subject: [PATCH] update states --- cryptomod.h | 2 ++ function.c | 72 ++++++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 65 insertions(+), 9 deletions(-) diff --git a/cryptomod.h b/cryptomod.h index b11b6fc..852cd7f 100644 --- a/cryptomod.h +++ b/cryptomod.h @@ -113,11 +113,13 @@ typedef struct { */ typedef enum { ok_e = 0, /**< ok/idle state */ + //first_stage_e, /**< first stage booting */ booting_e, /**< booting state */ starting_e, /**< starting state */ initializing_e, /**< initializing state */ ready_e, /**< ready state */ working_e, /**< working state */ + updating_e, /**< updating key/channel state */ shutdowning_e, /**< shutdowning state */ error_e = 255 /**< error state */ } state_t; diff --git a/function.c b/function.c index bd24627..af8eff4 100644 --- a/function.c +++ b/function.c @@ -249,6 +249,10 @@ int load_key_func (KEY_t *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("load_key_func\n")); + //FIXIT: not thread safe + state_t old_state = state; + state = updating_e; + int kid = in->key_id; int klen = in->key_len; free (keys[kid]); @@ -260,6 +264,7 @@ int load_key_func (KEY_t *in, STATUS_t *out) channels[kid] = kid + 1; VERBOSE(crypto, DEBUG, PRINTF ("load key (%d) stored in channels (%d)\n", kid, channels[kid])); #endif + state = old_state; out->status = ok_e; @@ -270,12 +275,19 @@ int unload_key_func (KEY_t *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("unload_key_func\n")); + //FIXIT: not thread safe +#ifdef PROTOCOL_EXT + state_t old_state = state; +#endif + state = updating_e; + int kid = in->key_id; #ifdef PROTOCOL_EXT for (int i = 0; i < NB_CHANNELS; i++) { if (channels[i] == kid + 1) { VERBOSE (crypto, WARNING, PRINTF ("key (%d) is still associated to a channel (%d)\n", kid, i)); out->status = error_e; + state = old_state; return 0; } } @@ -293,6 +305,17 @@ int unload_key_func (KEY_t *in, STATUS_t *out) #ifndef PROTOCOL_EXT channels[kid] = 0; + + state = ready_e; +#else + state_t _state = initializing_e; + for (int i = 0; i < NB_CHANNELS; i++) { + if (channels[i]) { + _state = ready_e; + break; + } + } + state = _state; #endif return 0; @@ -302,6 +325,12 @@ int erase_key_func (KEY_t *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("erase_key_func\n")); + //FIXIT: not thread safe +#ifdef PROTOCOL_EXT + state_t old_state = state; +#endif + state = updating_e; + if (in->key_id != 255) { VERBOSE (crypto, WARNING, PRINTF ("incorrect ERRASE_KEY message\n")); } @@ -310,6 +339,7 @@ int erase_key_func (KEY_t *in, STATUS_t *out) for (int i = 0; i < NB_CHANNELS; i++) { if (channels[i]) { VERBOSE (crypto, WARNING, PRINTF ("key (%d) is still associated to a channel (%d)\n", channels[i] - 1, i)); + state = old_state; out->status = error_e; return 0; } @@ -325,6 +355,12 @@ int erase_key_func (KEY_t *in, STATUS_t *out) memset (keys, 0, NB_KEYS * sizeof (uint8_t *)); memset (key_lengths, 0, NB_KEYS * sizeof (int)); +#ifndef PROTOCOL_EXT + state = ready_e; +#else + state = initializing_e; +#endif + out->status = ok_e; return 0; @@ -334,22 +370,28 @@ int associate_channel_func (CHANNEL_t *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("associate_channel_func\n")); + //FIXIT: not thread safe +#ifdef PROTOCOL_EXT + state_t old_state = state; +#endif + state = updating_e; + int cid = in->channel_id; int kid = in->key_id; #ifdef PROTOCOL_EXT if (keys[kid] == NULL) { VERBOSE (crypto, WARNING, PRINTF ("can't associate channnel id to empty key (%d)\n", kid)); + state = old_state; out->status = error_e; } else { channels[cid] = kid + 1; - if (state == initializing_e) { - state = ready_e; - } + state = ready_e; out->status = ok_e; } #else channels[cid] = kid + 1; + state = ready_e; out->status = ok_e; #endif @@ -360,14 +402,22 @@ int dissociate_channel_func (CHANNEL_t *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("dissociate_channel_func\n")); + //FIXIT: not thread safe +#ifdef PROTOCOL_EXT + state_t old_state = state; +#endif + state = updating_e; + int cid = in->channel_id; #ifdef PROTOCOL_EXT if (channels[cid] == 0) { VERBOSE (crypto, WARNING, PRINTF ("no key associated to channnel id (%d)\n", cid)); + state = old_state; out->status = error_e; } else if (keys[channels[cid] - 1] == NULL) { VERBOSE (crypto, WARNING, PRINTF ("can't dissociate channnel id to empty key (%d)\n", cid)); + state = old_state; out->status = error_e; } else { channels[cid] = 0; @@ -377,10 +427,7 @@ int dissociate_channel_func (CHANNEL_t *in, STATUS_t *out) _state = ready_e; } } - if (_state == initializing_e) { - // FIXIT: not thread safe - state = initializing_e; - } + state = _state; out->status = ok_e; } #else @@ -391,6 +438,7 @@ int dissociate_channel_func (CHANNEL_t *in, STATUS_t *out) VERBOSE (crypto, WARNING, PRINTF ("no key associated to channnel id (%d)\n", cid)); out->status = error_e; } + state = ready_e; #endif return 0; @@ -474,6 +522,7 @@ int authentification_func (RAW_DATA_t *in, RAW_DATA_t *out) out->data_len = strlen (correct_answer); memcpy (out->data, correct_answer, out->data_len); state = initializing_e; + //state = error_e; } else { out->data_len = strlen (wrong_answer); memcpy (out->data, wrong_answer, out->data_len); @@ -499,10 +548,16 @@ int zeroize_func (void __attribute__ ((unused)) *in, STATUS_t *out) { VERBOSE (crypto, TRACE, PRINTF ("zeroize_func\n")); + // FIXIT: not thread safe + state = updating_e; + clean_crypto_memory (); - // FIXIT: not thread safe +#ifdef PROTOCOL_EXT + state = initializing_e; +#else state = ready_e; +#endif out->status = ok_e; @@ -531,7 +586,6 @@ void clean_crypto_memory (void) memset (keys, 0, NB_KEYS * sizeof (uint8_t *)); memset (key_lengths, 0, NB_KEYS * sizeof (int)); memset (channels, 0, NB_CHANNELS * sizeof (uint8_t)); - state = ready_e; } /* vim: set ts=4 sw=4 si et: */ -- 2.30.2