has anyone used custom encryption algorithm(s) for encrypting data in ecryptfs?
Custom Algorithm means any other crypto library/algorithm than standard kernel crypto APIs used by ecryptfs?
I think I found something.
Ecryptfs uses ciphers from native kernel crypto library for encryption/decryption operations.
More specifically, it uses the generic "struct crypto_ablkcipher" (a kind of asynchronous block cipher) of crypto library. This shows strong coupling of crypto lib with ecryptfs.
So, if you want to use custom algorithm, then you may have to write one in kernel that should adapt to the interface of crypto library. If you need more information on this, please check
How can i add more algorithm in cryptoAPI in linux
The list of available algorithms is hardcoded:
static struct cipher_descriptor {
char *name;
uint32_t blocksize;
uint32_t min_keysize;
uint32_t max_keysize;
} cipher_descriptors[] = {
{"aes", 16, 16, 32},
{"blowfish", 8, 16, 56},
{"des3_ede", 8, 24, 24},
{"twofish", 16, 16, 32},
{"cast6", 16, 16, 32},
{"cast5", 8, 5, 16},
{NULL, 0, 0, 0}
};
Related
i made stm32 + rtos + lwip/mqtt solution and it works well. Now i want to use it with embed tls secure connection. I did not find any exemples.
lwip mqtt api supports tls comunication. But there are no such example, just simple mqtt client using code LWIP MQTT Client i used.
I tried to enable embedtls and some options in cubemx, LWIP_ALTCP & LWIP_ALTCP_TLS, add LWIP_ALTCP_TLS_MBEDTLS to Path. It compiled.
How to init mbedtls and add tls cert. this link takes a little info altcp tls
Has anyebody some expirience or working example with stm32 lwip/mqtt + tls (mbedtls) for stm32 lwip stack?
UPD.
Here is my code of mqtt client setup:
struct mqtt_connect_client_info_t ci;
memset(&ci, 0, sizeof(ci));
ci.client_id = "lwip_test";
ci.client_user = "";
ci.client_pass = "";
ci.keep_alive = 0;
ci.tls_config = altcp_tls_create_config_client((const u8_t*)test_cert, sizeof(test_cert));
// create client
client = mqtt_client_new();
// connect client
mqtt_client_connect(client, &resolved, port, mqtt_on_connect, (void *)0, &ci);
I give mqtt client ca certificate and length. I have an error in
altcp_tls_create_config_client_common function (altcp_tls_mbedtls.c) with code -4480 (Failed to allocate memory).
ret = mbedtls_x509_crt_parse(conf->ca, ca, ca_len);
if (ret != 0) {
LWIP_DEBUGF(ALTCP_MBEDTLS_DEBUG, ("mbedtls_x509_crt_parse ca failed: %d 0x%x", ret, -1*ret));
altcp_mbedtls_free_config(conf);
return NULL;
}
What i am doing wrong, whitch options else i should set up in mbedtls module?
I use default was generated by CubeMX
This thread helped me together with other examples in https://www.nongnu.org/lwip/2_0_x/group__mqtt.html to make the MQTT client work with MbedTLS 2 way authentication. I can now subscribe/publish to the amazon AWS cloud.
So if anybody is interested, here is what I did.
Generate code from CubeMX with LwIP and MbedTLS enabled. Important is to enable MBEDTLS_PLATFORM_MEMORY, MEMP_MEM_MALLOC and LWIP_ALTCP_TLS_MBEDTLS so the library uses alternative calloc/free functions from LwIP (they are set in the altcp_mbedtls_mem_init() function).
I also use MBEDTLS_ENTROPY_HARDWARE_ALT, MBEDTLS_NO_PLATFORM_ENTROPY and MBEDTLS_CTR_DRBG_C enabled, so the MbedTLS library can use the ctr drbg random number generator (initialized in the altcp_tls_create_config() function).
If you use FreeRTOS with your LwIP as I do, it is necessarry to enable MBEDTLS_THREADING_ALT and then in your code call the mbedtls_threading_set_alt() function to enable mutex handling in the MbedTLS library.
Here is then what I do in my code:
mqtt_client_t *client;
struct mqtt_connect_client_info_t client_info;
ip_addr_t server_ip;
/* Somewhere in the code call this to get IP address of the host */
ip_addr_t ipaddr;
err = dns_gethostbyname("host_name", &ipaddr, mqtt_resolved_cb, NULL);
/* Wait until this callback gets the IP */
static void mqtt_resolved_cb(const char *host, const ip_addr_t *ipaddr,
void *callback_arg)
{
/* If resolved IP is known -> set it */
if (ipaddr->addr != 0)
{
server_ip.addr = ipaddr->addr;
}
}
/* Then call this to start MQTT client */
void mqtt_test(const ip_addr_t *ipaddr, uint16_t port,
const uint8_t *ca_cert_str, size_t ca_cert_len,
const uint8_t *dev_cert_str, size_t dev_cert_len,
const uint8_t *dev_key_str, size_t dev_key_len,
const uint8_t *dev_key_pass_str, size_t dev_key_pass_len)
{
/* Setup an empty client info structure */
memset(&mqtt.client_info, 0, sizeof(mqtt.client_info));
/* Set client information */
mqtt.client_info.client_id = "lwip_test";
mqtt.client_info.client_user = NULL;
mqtt.client_info.client_pass = NULL;
mqtt.client_info.keep_alive = 0;
mqtt.client_info.will_topic = NULL;
mqtt.client_info.will_msg = NULL;
mqtt.client_info.will_retain = 0;
mqtt.client_info.will_qos = 0;
/* Set TLS configuration */
mqtt.client_info.tls_config = altcp_tls_create_config_client_2wayauth(
ca_cert_str, ca_cert_len,
dev_key_str, dev_key_len, dev_key_pass_str, dev_key_pass_len,
dev_cert_str, dev_cert_len);
/* Allocate memory for MQTT client */
mqtt.client = mqtt_client_new();
/* Connect to the server */
if (mqtt.client != NULL)
{
err = mqtt_client_connect(
mqtt.client, ipaddr, port,
mqtt_connection_cb, 0, &mqtt.client_info);
}
}
Then the code continues in the standard mqtt callbacks from the example link above.
Thanks and I hope this can help someone else too.
I have an identical configuration, so I can tell you that if you debug code you'll see that it will crash trying to call calloc, if your environment is equal to mine, you have not that system function.
What I did is using calloc implemented in lwip, in particular into altcp module.
I defined via cubemx MBEDTLS_PLATFORM_MEMORY, in order to activate the define ALTCP_MBEDTLS_PLATFORM_ALLOC in altcp_tls_mbedtls_mem.c, then I was able to use
altcp_mbedtls_mem_init() function that specify to mbedtls to use altcp calloc and free.
This function is called into altcp_tls_create_config_client, so if you are going to use it, you don't have to call altcp_mbedtls_mem_init() twice.
In this way you should be able to correctly allocate memory for mbedtls.
you seem to have a memory allocation problem, you can try to increase the heap memory size in lwipopts.h like the following:
#define MEM_SIZE (50 * 1024)
where can I find an almost complete implementation (float, width, etc.) suitable for embedded systems (few nested funtction call, low stack and ram usage, no heap, mo syscall)
Have you checked out ChibiOS's implementation of chvprintf? It's Apache-licensed and float-support (costly) is a compile-time option via define.
It's built with microcontrollers in mind. The macros are all pretty much only calls to a function pointer in the supplied BaseSequentialStream struct and you can replace them as you see fit. The var-args list is your regular stdarg.h implementation.
For transmitting on the serial port, the quickest thing is:
int32_t printfDebugSerial(const char *format, ...)
{
if (strlen(format) >200) return -1;
char tempBuff[256]; memset(tempBuff, 0, sizeof tempBuff);
va_list arg;
int32_t done;
va_start (arg, format);
done = (int32_t)vsprintf(tempBuff,format, arg);
va_end (arg);
pushMsgOnSerial((uint8_t*)tempBuff, done);
return done;
}
where pushMsgOnSerial() will be your board specific function for sending bytes on the serial port.
I need send package to my connected USB device. I have javascript function and even find c# function, but i didn't find any obj-c or swift analogues:
chrome.usb.controlTransfer(self.handle, {
'direction':'in',
'recipient':'device',
'requestType': 'standard',
'request': 6,
'value': 0x300 | index,
'index': 0, // specifies language
'length': 255 // max length to retreive
}, function (result) {});
I did connection, so i have var device : IOHIDDevice device. But can't find function, how to send.
Oh, sorry, i found it on apple site https://developer.apple.com/reference/iokit/iousbdevrequest?language=objc
I'm trying to specify the type of my GL.VertexAttribPointer(...) argument as GL_DOUBLE. This should be valid according to the documentation for this OpenTK function for ES20 (link).
However, the VertexAttribPointerType enum seems to be missing the Double type for OpenTK-1.0. In other words, the following line:
GL.VertexAttribPointer(ATTRIBUTE_COORD2D, 3, VertexAttribPointerType.Double, false, 0, quadVertices);
..fails to compile since the VertexAttribPointerType only provides the definitions for the following:
using System;
namespace OpenTK.Graphics.ES20
{
public enum VertexAttribPointerType
{
Byte = 5120,
UnsignedByte,
Short,
UnsignedShort,
Float = 5126,
Fixed = 5132
}
}
Is there a work around for this issue? How else are you supposed to specify a double[] of vertices for the vertex shader?
The OpenGL ES 2.0 manual page for glVertexAttribPointer says:
GL_BYTE, GL_UNSIGNED_BYTE, GL_SHORT, GL_UNSIGNED_SHORT, GL_FIXED, or
GL_FLOAT are accepted
So the reason for OpenTK not having double is that the underlying framework doesn't seem to support it either. The OpenTK documentation may be suffering from copy-paste error.
I am attempting to write an app for iOS that will take advantage of iOS 4.0 features, but also work on an earlier version of the OS (3.1.3). I have set the deployment target to 3.1.3 and the Base SDK to 4.3 (latest)
Specifically, I am trying to take advantage of the ability to intercept commands from the remote control.
The document linked below is very useful in explaining how to (at run-time) check for the presence of classes and methods, but I still get a compiler error when attempting to reference an enum from the UIEvent class which only appears in iOS 4.0 and later.
https://developer.apple.com/library/archive/documentation/DeveloperTools/Conceptual/cross_development/Using/using.html#//apple_ref/doc/uid/20002000-SW3
Here is the section of code which causes the compilation to fail:
- (void)remoteControlReceivedWithEvent:(UIEvent *)receivedEvent {
if (receivedEvent.type == UIEventTypeRemoteControl) {
switch (receivedEvent.subtype) {
case UIEventSubtypeRemoteControlTogglePlayPause:
[self playPauseAction:nil];
break;
case UIEventSubtypeRemoteControlPreviousTrack:
[self previousChapter:nil];
break;
case UIEventSubtypeRemoteControlNextTrack:
[self nextChapter:nil];
break;
default:
break;
}
}
}
The compiler complains that:
error: 'UIEventTypeRemoteControl' undeclared (first use in this function)
UIEventTypeRemoteControl is an enum that isn't defined until 4.0
(from UIEvent.h)
typedef enum {
UIEventTypeTouches,
UIEventTypeMotion,
UIEventTypeRemoteControl,
} UIEventType;
typedef enum {
// available in iPhone OS 3.0
UIEventSubtypeNone = 0,
// for UIEventTypeMotion, available in iPhone OS 3.0
UIEventSubtypeMotionShake = 1,
// for UIEventTypeRemoteControl, available in iOS 4.0
UIEventSubtypeRemoteControlPlay = 100,
UIEventSubtypeRemoteControlPause = 101,
UIEventSubtypeRemoteControlStop = 102,
UIEventSubtypeRemoteControlTogglePlayPause = 103,
UIEventSubtypeRemoteControlNextTrack = 104,
UIEventSubtypeRemoteControlPreviousTrack = 105,
UIEventSubtypeRemoteControlBeginSeekingBackward = 106,
UIEventSubtypeRemoteControlEndSeekingBackward = 107,
UIEventSubtypeRemoteControlBeginSeekingForward = 108,
UIEventSubtypeRemoteControlEndSeekingForward = 109,
} UIEventSubtype;
So how do I stop the compiler complaining about it?
Also - how do i stop the compiler warnings that someClass may not respond to someMethod (where I check at runtime if that class does actually respond to the method, before calling it.) I suppose I could turn off that warning in the compiler settings - but it's a useful warning in other cases.
OK - Here's what I have discovered:
Switching the deployment_target to 4.3 then 3.1.3 causes the compilation errors and warnings to appear.
Once they appear you can get rid of them by compiling using a simulator scheme.
Once you have done that, you can compile using a real device scheme and the errors and warnings are gone.