| /* |
| * QEMU Crypto af_alg-backend hash/hmac support |
| * |
| * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD. |
| * |
| * Authors: |
| * Longpeng(Mike) <longpeng2@huawei.com> |
| * |
| * This work is licensed under the terms of the GNU GPL, version 2 or |
| * (at your option) any later version. See the COPYING file in the |
| * top-level directory. |
| */ |
| #include "qemu/osdep.h" |
| #include "qemu/iov.h" |
| #include "qemu/sockets.h" |
| #include "qapi/error.h" |
| #include "crypto/hash.h" |
| #include "crypto/hmac.h" |
| #include "hashpriv.h" |
| #include "hmacpriv.h" |
| |
| static char * |
| qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg, |
| bool is_hmac, |
| Error **errp) |
| { |
| char *name; |
| const char *alg_name; |
| |
| switch (alg) { |
| case QCRYPTO_HASH_ALG_MD5: |
| alg_name = "md5"; |
| break; |
| case QCRYPTO_HASH_ALG_SHA1: |
| alg_name = "sha1"; |
| break; |
| case QCRYPTO_HASH_ALG_SHA224: |
| alg_name = "sha224"; |
| break; |
| case QCRYPTO_HASH_ALG_SHA256: |
| alg_name = "sha256"; |
| break; |
| case QCRYPTO_HASH_ALG_SHA384: |
| alg_name = "sha384"; |
| break; |
| case QCRYPTO_HASH_ALG_SHA512: |
| alg_name = "sha512"; |
| break; |
| case QCRYPTO_HASH_ALG_RIPEMD160: |
| alg_name = "rmd160"; |
| break; |
| |
| default: |
| error_setg(errp, "Unsupported hash algorithm %d", alg); |
| return NULL; |
| } |
| |
| if (is_hmac) { |
| name = g_strdup_printf("hmac(%s)", alg_name); |
| } else { |
| name = g_strdup_printf("%s", alg_name); |
| } |
| |
| return name; |
| } |
| |
| static QCryptoAFAlg * |
| qcrypto_afalg_hash_hmac_ctx_new(QCryptoHashAlgorithm alg, |
| const uint8_t *key, size_t nkey, |
| bool is_hmac, Error **errp) |
| { |
| QCryptoAFAlg *afalg; |
| char *name; |
| |
| name = qcrypto_afalg_hash_format_name(alg, is_hmac, errp); |
| if (!name) { |
| return NULL; |
| } |
| |
| afalg = qcrypto_afalg_comm_alloc(AFALG_TYPE_HASH, name, errp); |
| if (!afalg) { |
| g_free(name); |
| return NULL; |
| } |
| |
| g_free(name); |
| |
| /* HMAC needs setkey */ |
| if (is_hmac) { |
| if (setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY, |
| key, nkey) != 0) { |
| error_setg_errno(errp, errno, "Set hmac key failed"); |
| qcrypto_afalg_comm_free(afalg); |
| return NULL; |
| } |
| } |
| |
| return afalg; |
| } |
| |
| static QCryptoAFAlg * |
| qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, |
| Error **errp) |
| { |
| return qcrypto_afalg_hash_hmac_ctx_new(alg, NULL, 0, false, errp); |
| } |
| |
| QCryptoAFAlg * |
| qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg, |
| const uint8_t *key, size_t nkey, |
| Error **errp) |
| { |
| return qcrypto_afalg_hash_hmac_ctx_new(alg, key, nkey, true, errp); |
| } |
| |
| static int |
| qcrypto_afalg_hash_hmac_bytesv(QCryptoAFAlg *hmac, |
| QCryptoHashAlgorithm alg, |
| const struct iovec *iov, |
| size_t niov, uint8_t **result, |
| size_t *resultlen, |
| Error **errp) |
| { |
| QCryptoAFAlg *afalg; |
| struct iovec outv; |
| int ret = 0; |
| bool is_hmac = (hmac != NULL) ? true : false; |
| const int expect_len = qcrypto_hash_digest_len(alg); |
| |
| if (*resultlen == 0) { |
| *resultlen = expect_len; |
| *result = g_new0(uint8_t, *resultlen); |
| } else if (*resultlen != expect_len) { |
| error_setg(errp, |
| "Result buffer size %zu is not match hash %d", |
| *resultlen, expect_len); |
| return -1; |
| } |
| |
| if (is_hmac) { |
| afalg = hmac; |
| } else { |
| afalg = qcrypto_afalg_hash_ctx_new(alg, errp); |
| if (!afalg) { |
| return -1; |
| } |
| } |
| |
| /* send data to kernel's crypto core */ |
| ret = iov_send_recv(afalg->opfd, iov, niov, |
| 0, iov_size(iov, niov), true); |
| if (ret < 0) { |
| error_setg_errno(errp, errno, "Send data to afalg-core failed"); |
| goto out; |
| } |
| |
| /* hash && get result */ |
| outv.iov_base = *result; |
| outv.iov_len = *resultlen; |
| ret = iov_send_recv(afalg->opfd, &outv, 1, |
| 0, iov_size(&outv, 1), false); |
| if (ret < 0) { |
| error_setg_errno(errp, errno, "Recv result from afalg-core failed"); |
| } else { |
| ret = 0; |
| } |
| |
| out: |
| if (!is_hmac) { |
| qcrypto_afalg_comm_free(afalg); |
| } |
| return ret; |
| } |
| |
| static int |
| qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg, |
| const struct iovec *iov, |
| size_t niov, uint8_t **result, |
| size_t *resultlen, |
| Error **errp) |
| { |
| return qcrypto_afalg_hash_hmac_bytesv(NULL, alg, iov, niov, result, |
| resultlen, errp); |
| } |
| |
| static int |
| qcrypto_afalg_hmac_bytesv(QCryptoHmac *hmac, |
| const struct iovec *iov, |
| size_t niov, uint8_t **result, |
| size_t *resultlen, |
| Error **errp) |
| { |
| return qcrypto_afalg_hash_hmac_bytesv(hmac->opaque, hmac->alg, |
| iov, niov, result, resultlen, |
| errp); |
| } |
| |
| static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac) |
| { |
| QCryptoAFAlg *afalg; |
| |
| afalg = hmac->opaque; |
| qcrypto_afalg_comm_free(afalg); |
| } |
| |
| QCryptoHashDriver qcrypto_hash_afalg_driver = { |
| .hash_bytesv = qcrypto_afalg_hash_bytesv, |
| }; |
| |
| QCryptoHmacDriver qcrypto_hmac_afalg_driver = { |
| .hmac_bytesv = qcrypto_afalg_hmac_bytesv, |
| .hmac_free = qcrypto_afalg_hmac_ctx_free, |
| }; |
