]>
Commit | Line | Data |
---|---|---|
cb730894 DB |
1 | /* |
2 | * QEMU Crypto block IV generator - essiv | |
3 | * | |
4 | * Copyright (c) 2015-2016 Red Hat, Inc. | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU Lesser General Public | |
17 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
18 | * | |
19 | */ | |
20 | ||
21 | #include "qemu/osdep.h" | |
da34e65c | 22 | #include "qapi/error.h" |
cb730894 DB |
23 | #include "crypto/ivgen-essiv.h" |
24 | ||
25 | typedef struct QCryptoIVGenESSIV QCryptoIVGenESSIV; | |
26 | struct QCryptoIVGenESSIV { | |
27 | QCryptoCipher *cipher; | |
28 | }; | |
29 | ||
30 | static int qcrypto_ivgen_essiv_init(QCryptoIVGen *ivgen, | |
31 | const uint8_t *key, size_t nkey, | |
32 | Error **errp) | |
33 | { | |
34 | uint8_t *salt; | |
35 | size_t nhash; | |
36 | size_t nsalt; | |
37 | QCryptoIVGenESSIV *essiv = g_new0(QCryptoIVGenESSIV, 1); | |
38 | ||
39 | /* Not necessarily the same as nkey */ | |
40 | nsalt = qcrypto_cipher_get_key_len(ivgen->cipher); | |
41 | ||
42 | nhash = qcrypto_hash_digest_len(ivgen->hash); | |
43 | /* Salt must be larger of hash size or key size */ | |
44 | salt = g_new0(uint8_t, MAX(nhash, nsalt)); | |
45 | ||
46 | if (qcrypto_hash_bytes(ivgen->hash, (const gchar *)key, nkey, | |
47 | &salt, &nhash, | |
48 | errp) < 0) { | |
49 | g_free(essiv); | |
50 | return -1; | |
51 | } | |
52 | ||
53 | /* Now potentially truncate salt to match cipher key len */ | |
54 | essiv->cipher = qcrypto_cipher_new(ivgen->cipher, | |
55 | QCRYPTO_CIPHER_MODE_ECB, | |
56 | salt, MIN(nhash, nsalt), | |
57 | errp); | |
58 | if (!essiv->cipher) { | |
59 | g_free(essiv); | |
60 | g_free(salt); | |
61 | return -1; | |
62 | } | |
63 | ||
64 | g_free(salt); | |
65 | ivgen->private = essiv; | |
66 | ||
67 | return 0; | |
68 | } | |
69 | ||
70 | static int qcrypto_ivgen_essiv_calculate(QCryptoIVGen *ivgen, | |
71 | uint64_t sector, | |
72 | uint8_t *iv, size_t niv, | |
73 | Error **errp) | |
74 | { | |
75 | QCryptoIVGenESSIV *essiv = ivgen->private; | |
76 | size_t ndata = qcrypto_cipher_get_block_len(ivgen->cipher); | |
77 | uint8_t *data = g_new(uint8_t, ndata); | |
78 | ||
79 | sector = cpu_to_le64(sector); | |
80 | memcpy(data, (uint8_t *)§or, ndata); | |
81 | if (sizeof(sector) < ndata) { | |
82 | memset(data + sizeof(sector), 0, ndata - sizeof(sector)); | |
83 | } | |
84 | ||
85 | if (qcrypto_cipher_encrypt(essiv->cipher, | |
86 | data, | |
87 | data, | |
88 | ndata, | |
89 | errp) < 0) { | |
90 | g_free(data); | |
91 | return -1; | |
92 | } | |
93 | ||
94 | if (ndata > niv) { | |
95 | ndata = niv; | |
96 | } | |
97 | memcpy(iv, data, ndata); | |
98 | if (ndata < niv) { | |
99 | memset(iv + ndata, 0, niv - ndata); | |
100 | } | |
101 | g_free(data); | |
102 | return 0; | |
103 | } | |
104 | ||
105 | static void qcrypto_ivgen_essiv_cleanup(QCryptoIVGen *ivgen) | |
106 | { | |
107 | QCryptoIVGenESSIV *essiv = ivgen->private; | |
108 | ||
109 | qcrypto_cipher_free(essiv->cipher); | |
110 | g_free(essiv); | |
111 | } | |
112 | ||
113 | ||
114 | struct QCryptoIVGenDriver qcrypto_ivgen_essiv = { | |
115 | .init = qcrypto_ivgen_essiv_init, | |
116 | .calculate = qcrypto_ivgen_essiv_calculate, | |
117 | .cleanup = qcrypto_ivgen_essiv_cleanup, | |
118 | }; | |
119 |