Change the data type for the size of the secure memory pool to BYTES.

2ced4724 · Geoff Simmons · 361f4fe9 · 2ced4724 · 2ced4724 · 2ced4724
Commit 2ced4724 authored Apr 18, 2017 by Geoff Simmons
7 changed files
--- a/README.rst
+++ b/README.rst
@@ -26,7 +26,7 @@ import gcrypt [from "path"] ;
 ::
-  gcrypt.init(ENUM {INIT_SECMEM, DISABLE_SECMEM} [, INT n])
+  gcrypt.init(ENUM {INIT_SECMEM, DISABLE_SECMEM} [, BYTES n])
  gcrypt.init(FINISH)
  new OBJECT = gcrypt.symmetric(ENUM cipher, ENUM mode, ENUM padding,
@@ -150,7 +150,7 @@ described below), but if it does:
 CONTENTS
 ========
-* VOID init(ENUM {INIT_SECMEM,DISABLE_SECMEM,FINISH}, INT)
+* VOID init(ENUM {INIT_SECMEM,DISABLE_SECMEM,FINISH}, BYTES)
 * symmetric(ENUM {AES,AES128,RIJNDAEL,RIJNDAEL128,AES192,RIJNDAEL192,AES256,RIJNDAEL256}, ENUM {ECB,CFB,CBC,OFB,CTR}, ENUM {PKCS7,ISO7816,X923,NONE}, BLOB, BOOL, BOOL)
 * STRING version()
 * STRING gcrypt_version()
@@ -162,7 +162,7 @@ init
 ::
-	VOID init(ENUM {INIT_SECMEM,DISABLE_SECMEM,FINISH}, INT n=1)
+	VOID init(ENUM {INIT_SECMEM,DISABLE_SECMEM,FINISH}, BYTES n=1)
 Initialize the libgcrypt library, currently to manage the use of
 secure memory. The ENUM specifies an operation for initialization.
@@ -173,11 +173,12 @@ created; details below.
 With ``INIT_SECMEM``, you can configure the size of the secure memory
 pool to ``n`` bytes (the ``n`` parameter is ignored for the other
-ENUMs). Secure memory is enabled by default and set to a default size
+ENUMs). The data type for ``n`` is BYTES, so the value must be written
-(32 KiB in libgcrypt 1.6.3), so you don't have to call ``init()`` with
+with a suffix such as B or KB. Secure memory is enabled by default and
-``INIT_SECMEM`` to use the default.
+set to a default size (32 KiB in libgcrypt 1.6.3), so you don't have
+to call ``init()`` with ``INIT_SECMEM`` to use the default.
-Setting ``n`` to 0 with ``INIT_SECMEM`` disables secure memory, and
+Setting ``n`` to 0B with ``INIT_SECMEM`` disables secure memory, and
 hence has the same effect as calling ``init(DISABLE_SECMEM)``. If
 secure memory is enabled, libgcrypt imposes a minimum size for the
 pool (16 KiB for libgcrypt 1.6.3), so any value of ``n`` that is
@@ -237,7 +238,7 @@ Examples::
  sub vcl_init {
      # Enable secure memory and allocate a 64KiB pool.
-      gcrypt.init(INIT_SECMEM, 65536);
+      gcrypt.init(INIT_SECMEM, 64KB);
      gcrypt.init(FINISH);
  }

--- a/src/tests/aes.vtc
+++ b/src/tests/aes.vtc
@@ -8,7 +8,7 @@ varnish v1 -vcl {
 	backend b { .host = "${bad_ip}"; }
 	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, 65536);
+		gcrypt.init(INIT_SECMEM, 64KB);
 		gcrypt.init(FINISH);
 	}
 } -start

--- a/src/tests/disable_secmem.vtc
+++ b/src/tests/disable_secmem.vtc
@@ -63,7 +63,7 @@ varnish v3 -vcl {
 	sub vcl_init {
 		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(INIT_SECMEM, 0);
+		gcrypt.init(INIT_SECMEM, 0B);
 		gcrypt.init(FINISH);
 		new k = blobcode.blob(HEX, "00000000000000000000000000000000");
 		new aes = gcrypt.symmetric(AES, ECB, key=k.get(), secure=false);

--- a/src/tests/init_secmem.vtc
+++ b/src/tests/init_secmem.vtc
@@ -24,7 +24,7 @@ varnish v2 -vcl {
 	sub vcl_init {
 		gcrypt.init(INIT_SECMEM);
-		gcrypt.init(INIT_SECMEM, 32768);
+		gcrypt.init(INIT_SECMEM, 32KB);
 		gcrypt.init(FINISH);
 	}
 } -start
@@ -41,7 +41,7 @@ varnish v3 -vcl {
 	backend b { .host = "${bad_ip}"; }
 	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, 0);
+		gcrypt.init(INIT_SECMEM, 0B);
 		gcrypt.init(FINISH);
 	}
 } -start
@@ -57,21 +57,9 @@ varnish v3 -errvcl {vmod gcrypt error: secure memory not enabled in aes construc
 	}
 }
-# INIT_SECMEM is illegal with bytes < 0.
-varnish v3 -stop
-varnish v4 -vcl {backend b { .host = "${bad_ip}"; } } -start
-varnish v4 -errvcl {INIT_SECMEM number of bytes -1 out of range in gcrypt.init()} {
-	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
-	backend b { .host = "${bad_ip}"; }
-	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, -1);
-	}
-}
 # Secure memory is enabled by default
-varnish v4 -stop
+varnish v3 -stop
-varnish v5 -vcl {
+varnish v4 -vcl {
 	import gcrypt from "${vmod_topbuild}/src/.libs/libvmod_gcrypt.so";
 	import blobcode;
 	backend b { .host = "${bad_ip}"; }

--- a/src/tests/init_usage.vtc
+++ b/src/tests/init_usage.vtc
@@ -62,7 +62,7 @@ varnish v1 -vcl {
 	backend b { .host = "${bad_ip}"; }
 	sub vcl_init {
-		gcrypt.init(INIT_SECMEM, 32768);
+		gcrypt.init(INIT_SECMEM, 32KB);
 		gcrypt.init(FINISH);
 	}
 }

--- a/src/vmod_gcrypt.c
+++ b/src/vmod_gcrypt.c
@@ -170,7 +170,7 @@ event(VRT_CTX, struct vmod_priv *priv, enum vcl_event_e e)
 /* Function init */
 VCL_VOID
-vmod_init(VRT_CTX, VCL_ENUM cmd, VCL_INT n)
+vmod_init(VRT_CTX, VCL_ENUM cmd, VCL_BYTES n)
 {
 	gcry_error_t err = GPG_ERR_NO_ERROR;
@@ -194,11 +194,7 @@ vmod_init(VRT_CTX, VCL_ENUM cmd, VCL_INT n)
 		return;
 	}
 	if (strcmp(cmd, "INIT_SECMEM") == 0) {
-		if (n < 0) {
+		assert(n >= 0);
-			VERR(ctx, "INIT_SECMEM number of bytes %d out of range "
-			     "in gcrypt.init()", n);
-			return;
-		}
 		if ((err = gcry_control(GCRYCTL_INIT_SECMEM, n))
 		    != GPG_ERR_NO_ERROR)
 			VERR(ctx, "Cannot initialize secure memory to %d bytes "

--- a/src/vmod_gcrypt.vcc
+++ b/src/vmod_gcrypt.vcc
@@ -9,7 +9,7 @@ $Module gcrypt 3 access the libgcrypt cryptographic library
 ::
-  gcrypt.init(ENUM {INIT_SECMEM, DISABLE_SECMEM} [, INT n])
+  gcrypt.init(ENUM {INIT_SECMEM, DISABLE_SECMEM} [, BYTES n])
  gcrypt.init(FINISH)
  new OBJECT = gcrypt.symmetric(ENUM cipher, ENUM mode, ENUM padding,
@@ -130,7 +130,7 @@ described below), but if it does:
 * A Varnish panic is invoked with the error message from libgcrypt.
-$Function VOID init(ENUM {INIT_SECMEM, DISABLE_SECMEM, FINISH}, INT n=1)
+$Function VOID init(ENUM {INIT_SECMEM, DISABLE_SECMEM, FINISH}, BYTES n=1)
 Initialize the libgcrypt library, currently to manage the use of
 secure memory. The ENUM specifies an operation for initialization.
@@ -141,11 +141,12 @@ created; details below.
 With ``INIT_SECMEM``, you can configure the size of the secure memory
 pool to ``n`` bytes (the ``n`` parameter is ignored for the other
-ENUMs). Secure memory is enabled by default and set to a default size
+ENUMs). The data type for ``n`` is BYTES, so the value must be written
-(32 KiB in libgcrypt 1.6.3), so you don't have to call ``init()`` with
+with a suffix such as B or KB. Secure memory is enabled by default and
-``INIT_SECMEM`` to use the default.
+set to a default size (32 KiB in libgcrypt 1.6.3), so you don't have
+to call ``init()`` with ``INIT_SECMEM`` to use the default.
-Setting ``n`` to 0 with ``INIT_SECMEM`` disables secure memory, and
+Setting ``n`` to 0B with ``INIT_SECMEM`` disables secure memory, and
 hence has the same effect as calling ``init(DISABLE_SECMEM)``. If
 secure memory is enabled, libgcrypt imposes a minimum size for the
 pool (16 KiB for libgcrypt 1.6.3), so any value of ``n`` that is
@@ -205,7 +206,7 @@ Examples::
  sub vcl_init {
      # Enable secure memory and allocate a 64KiB pool.
-      gcrypt.init(INIT_SECMEM, 65536);
+      gcrypt.init(INIT_SECMEM, 64KB);
      gcrypt.init(FINISH);
  }