search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Upgraded GRUB2 to 2.00 release.
[AROS.git] / arch / all-pc / boot / grub2-aros / grub-core / lib / crypto.c
blobf4b13ed3d8418b5ed7c5bb11f3aa39b7296b3b25
1 /*
2 * GRUB -- GRand Unified Bootloader
3 * Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
4 * 2007, 2008, 2009 Free Software Foundation, Inc.
5 *
6 * GRUB is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * GRUB is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with GRUB. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 #include <grub/crypto.h>
21 #include <grub/misc.h>
22 #include <grub/mm.h>
23 #include <grub/term.h>
24 #include <grub/dl.h>
25 #include <grub/i18n.h>
26
27 #ifdef GRUB_UTIL
28 #include <termios.h>
29 #include <stdlib.h>
30 #include <string.h>
31 #include <stdio.h>
32 #endif
33
34 GRUB_MOD_LICENSE ("GPLv3+");
35
36 struct grub_crypto_hmac_handle
37 {
38 const struct gcry_md_spec *md;
39 void *ctx;
40 void *opad;
41 };
42
43 static gcry_cipher_spec_t *grub_ciphers = NULL;
44 static gcry_md_spec_t *grub_digests = NULL;
45
46 void (*grub_crypto_autoload_hook) (const char *name) = NULL;
47
48 /* Based on libgcrypt-1.4.4/src/misc.c. */
49 void
50 grub_burn_stack (grub_size_t size)
51 {
52 char buf[64];
53
54 grub_memset (buf, 0, sizeof (buf));
55 if (size > sizeof (buf))
56 grub_burn_stack (size - sizeof (buf));
57 }
58
59
60 void
61 grub_cipher_register (gcry_cipher_spec_t *cipher)
62 {
63 cipher->next = grub_ciphers;
64 grub_ciphers = cipher;
65 }
66
67 void
68 grub_cipher_unregister (gcry_cipher_spec_t *cipher)
69 {
70 gcry_cipher_spec_t **ciph;
71 for (ciph = &grub_ciphers; *ciph; ciph = &((*ciph)->next))
72 if (*ciph == cipher)
73 {
74 *ciph = (*ciph)->next;
75 break;
76 }
77 }
78
79 void
80 grub_md_register (gcry_md_spec_t *digest)
81 {
82 digest->next = grub_digests;
83 grub_digests = digest;
84 }
85
86 void
87 grub_md_unregister (gcry_md_spec_t *cipher)
88 {
89 gcry_md_spec_t **ciph;
90 for (ciph = &grub_digests; *ciph; ciph = &((*ciph)->next))
91 if (*ciph == cipher)
92 {
93 *ciph = (*ciph)->next;
94 break;
95 }
96 }
97
98 void
99 grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
100 grub_size_t inlen)
101 {
102 grub_uint8_t ctx[hash->contextsize];
103 hash->init (&ctx);
104 hash->write (&ctx, in, inlen);
105 hash->final (&ctx);
106 grub_memcpy (out, hash->read (&ctx), hash->mdlen);
107 }
108
109 const gcry_md_spec_t *
110 grub_crypto_lookup_md_by_name (const char *name)
111 {
112 const gcry_md_spec_t *md;
113 int first = 1;
114 while (1)
115 {
116 for (md = grub_digests; md; md = md->next)
117 if (grub_strcasecmp (name, md->name) == 0)
118 return md;
119 if (grub_crypto_autoload_hook && first)
120 grub_crypto_autoload_hook (name);
121 else
122 return NULL;
123 first = 0;
124 }
125 }
126
127 const gcry_cipher_spec_t *
128 grub_crypto_lookup_cipher_by_name (const char *name)
129 {
130 const gcry_cipher_spec_t *ciph;
131 int first = 1;
132 while (1)
133 {
134 for (ciph = grub_ciphers; ciph; ciph = ciph->next)
135 {
136 const char **alias;
137 if (grub_strcasecmp (name, ciph->name) == 0)
138 return ciph;
139 if (!ciph->aliases)
140 continue;
141 for (alias = ciph->aliases; *alias; alias++)
142 if (grub_strcasecmp (name, *alias) == 0)
143 return ciph;
144 }
145 if (grub_crypto_autoload_hook && first)
146 grub_crypto_autoload_hook (name);
147 else
148 return NULL;
149 first = 0;
150 }
151 }
152
153
154 grub_crypto_cipher_handle_t
155 grub_crypto_cipher_open (const struct gcry_cipher_spec *cipher)
156 {
157 grub_crypto_cipher_handle_t ret;
158 ret = grub_malloc (sizeof (*ret) + cipher->contextsize);
159 if (!ret)
160 return NULL;
161 ret->cipher = cipher;
162 return ret;
163 }
164
165 gcry_err_code_t
166 grub_crypto_cipher_set_key (grub_crypto_cipher_handle_t cipher,
167 const unsigned char *key,
168 unsigned keylen)
169 {
170 return cipher->cipher->setkey (cipher->ctx, key, keylen);
171 }
172
173 gcry_err_code_t
174 grub_crypto_ecb_decrypt (grub_crypto_cipher_handle_t cipher,
175 void *out, const void *in, grub_size_t size)
176 {
177 const grub_uint8_t *inptr;
178 grub_uint8_t *outptr, *end;
179 if (!cipher->cipher->decrypt)
180 return GPG_ERR_NOT_SUPPORTED;
181 if (size % cipher->cipher->blocksize != 0)
182 return GPG_ERR_INV_ARG;
183 end = (grub_uint8_t *) in + size;
184 for (inptr = in, outptr = out; inptr < end;
185 inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
186 cipher->cipher->decrypt (cipher->ctx, outptr, inptr);
187 return GPG_ERR_NO_ERROR;
188 }
189
190 gcry_err_code_t
191 grub_crypto_ecb_encrypt (grub_crypto_cipher_handle_t cipher,
192 void *out, const void *in, grub_size_t size)
193 {
194 const grub_uint8_t *inptr;
195 grub_uint8_t *outptr, *end;
196 if (!cipher->cipher->encrypt)
197 return GPG_ERR_NOT_SUPPORTED;
198 if (size % cipher->cipher->blocksize != 0)
199 return GPG_ERR_INV_ARG;
200 end = (grub_uint8_t *) in + size;
201 for (inptr = in, outptr = out; inptr < end;
202 inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
203 cipher->cipher->encrypt (cipher->ctx, outptr, inptr);
204 return GPG_ERR_NO_ERROR;
205 }
206
207 gcry_err_code_t
208 grub_crypto_cbc_encrypt (grub_crypto_cipher_handle_t cipher,
209 void *out, void *in, grub_size_t size,
210 void *iv_in)
211 {
212 grub_uint8_t *inptr, *outptr, *end;
213 void *iv;
214 if (!cipher->cipher->decrypt)
215 return GPG_ERR_NOT_SUPPORTED;
216 if (size % cipher->cipher->blocksize != 0)
217 return GPG_ERR_INV_ARG;
218 end = (grub_uint8_t *) in + size;
219 iv = iv_in;
220 for (inptr = in, outptr = out; inptr < end;
221 inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
222 {
223 grub_crypto_xor (outptr, inptr, iv, cipher->cipher->blocksize);
224 cipher->cipher->encrypt (cipher->ctx, outptr, outptr);
225 iv = outptr;
226 }
227 grub_memcpy (iv_in, iv, cipher->cipher->blocksize);
228 return GPG_ERR_NO_ERROR;
229 }
230
231 gcry_err_code_t
232 grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
233 void *out, const void *in, grub_size_t size,
234 void *iv)
235 {
236 const grub_uint8_t *inptr;
237 grub_uint8_t *outptr, *end;
238 grub_uint8_t ivt[cipher->cipher->blocksize];
239 if (!cipher->cipher->decrypt)
240 return GPG_ERR_NOT_SUPPORTED;
241 if (size % cipher->cipher->blocksize != 0)
242 return GPG_ERR_INV_ARG;
243 end = (grub_uint8_t *) in + size;
244 for (inptr = in, outptr = out; inptr < end;
245 inptr += cipher->cipher->blocksize, outptr += cipher->cipher->blocksize)
246 {
247 grub_memcpy (ivt, inptr, cipher->cipher->blocksize);
248 cipher->cipher->decrypt (cipher->ctx, outptr, inptr);
249 grub_crypto_xor (outptr, outptr, iv, cipher->cipher->blocksize);
250 grub_memcpy (iv, ivt, cipher->cipher->blocksize);
251 }
252 return GPG_ERR_NO_ERROR;
253 }
254
255 /* Based on gcry/cipher/md.c. */
256 struct grub_crypto_hmac_handle *
257 grub_crypto_hmac_init (const struct gcry_md_spec *md,
258 const void *key, grub_size_t keylen)
259 {
260 grub_uint8_t *helpkey = NULL;
261 grub_uint8_t *ipad = NULL, *opad = NULL;
262 void *ctx = NULL;
263 struct grub_crypto_hmac_handle *ret = NULL;
264 unsigned i;
265
266 if (md->mdlen > md->blocksize)
267 return NULL;
268
269 ctx = grub_malloc (md->contextsize);
270 if (!ctx)
271 goto err;
272
273 if ( keylen > md->blocksize )
274 {
275 helpkey = grub_malloc (md->mdlen);
276 if (!helpkey)
277 goto err;
278 grub_crypto_hash (md, helpkey, key, keylen);
279
280 key = helpkey;
281 keylen = md->mdlen;
282 }
283
284 ipad = grub_zalloc (md->blocksize);
285 if (!ipad)
286 goto err;
287
288 opad = grub_zalloc (md->blocksize);
289 if (!opad)
290 goto err;
291
292 grub_memcpy ( ipad, key, keylen );
293 grub_memcpy ( opad, key, keylen );
294 for (i=0; i < md->blocksize; i++ )
295 {
296 ipad[i] ^= 0x36;
297 opad[i] ^= 0x5c;
298 }
299 grub_free (helpkey);
300 helpkey = NULL;
301
302 md->init (ctx);
303
304 md->write (ctx, ipad, md->blocksize); /* inner pad */
305 grub_memset (ipad, 0, md->blocksize);
306 grub_free (ipad);
307 ipad = NULL;
308
309 ret = grub_malloc (sizeof (*ret));
310 if (!ret)
311 goto err;
312
313 ret->md = md;
314 ret->ctx = ctx;
315 ret->opad = opad;
316
317 return ret;
318
319 err:
320 grub_free (helpkey);
321 grub_free (ctx);
322 grub_free (ipad);
323 grub_free (opad);
324 return NULL;
325 }
326
327 void
328 grub_crypto_hmac_write (struct grub_crypto_hmac_handle *hnd,
329 const void *data,
330 grub_size_t datalen)
331 {
332 hnd->md->write (hnd->ctx, data, datalen);
333 }
334
335 gcry_err_code_t
336 grub_crypto_hmac_fini (struct grub_crypto_hmac_handle *hnd, void *out)
337 {
338 grub_uint8_t *p;
339 grub_uint8_t *ctx2;
340
341 ctx2 = grub_malloc (hnd->md->contextsize);
342 if (!ctx2)
343 return GPG_ERR_OUT_OF_MEMORY;
344
345 hnd->md->final (hnd->ctx);
346 hnd->md->read (hnd->ctx);
347 p = hnd->md->read (hnd->ctx);
348
349 hnd->md->init (ctx2);
350 hnd->md->write (ctx2, hnd->opad, hnd->md->blocksize);
351 hnd->md->write (ctx2, p, hnd->md->mdlen);
352 hnd->md->final (ctx2);
353 grub_memset (hnd->opad, 0, hnd->md->blocksize);
354 grub_free (hnd->opad);
355 grub_memset (hnd->ctx, 0, hnd->md->contextsize);
356 grub_free (hnd->ctx);
357
358 grub_memcpy (out, hnd->md->read (ctx2), hnd->md->mdlen);
359 grub_memset (ctx2, 0, hnd->md->contextsize);
360 grub_free (ctx2);
361
362 grub_memset (hnd, 0, sizeof (*hnd));
363 grub_free (hnd);
364
365 return GPG_ERR_NO_ERROR;
366 }
367
368 gcry_err_code_t
369 grub_crypto_hmac_buffer (const struct gcry_md_spec *md,
370 const void *key, grub_size_t keylen,
371 const void *data, grub_size_t datalen, void *out)
372 {
373 struct grub_crypto_hmac_handle *hnd;
374
375 hnd = grub_crypto_hmac_init (md, key, keylen);
376 if (!hnd)
377 return GPG_ERR_OUT_OF_MEMORY;
378
379 grub_crypto_hmac_write (hnd, data, datalen);
380 return grub_crypto_hmac_fini (hnd, out);
381 }
382
383
384 grub_err_t
385 grub_crypto_gcry_error (gcry_err_code_t in)
386 {
387 if (in == GPG_ERR_NO_ERROR)
388 return GRUB_ERR_NONE;
389 return GRUB_ACCESS_DENIED;
390 }
391
392 int
393 grub_crypto_memcmp (const void *a, const void *b, grub_size_t n)
394 {
395 register grub_size_t counter = 0;
396 const grub_uint8_t *pa, *pb;
397
398 for (pa = a, pb = b; n; pa++, pb++, n--)
399 {
400 if (*pa != *pb)
401 counter++;
402 }
403
404 return !!counter;
405 }
406
407 int
408 grub_password_get (char buf[], unsigned buf_size)
409 {
410 #ifdef GRUB_UTIL
411 FILE *in;
412 struct termios s, t;
413 int tty_changed = 0;
414 char *ptr;
415
416 /* Disable echoing. Based on glibc. */
417 in = fopen ("/dev/tty", "w+c");
418 if (in == NULL)
419 in = stdin;
420
421 if (tcgetattr (fileno (in), &t) == 0)
422 {
423 /* Save the old one. */
424 s = t;
425 /* Tricky, tricky. */
426 t.c_lflag &= ~(ECHO|ISIG);
427 tty_changed = (tcsetattr (fileno (in), TCSAFLUSH, &t) == 0);
428 }
429 else
430 tty_changed = 0;
431 fgets (buf, buf_size, stdin);
432 ptr = buf + strlen (buf) - 1;
433 while (buf <= ptr && (*ptr == '\n' || *ptr == '\r'))
434 *ptr-- = 0;
435 /* Restore the original setting. */
436 if (tty_changed)
437 (void) tcsetattr (fileno (in), TCSAFLUSH, &s);
438
439 grub_xputs ("\n");
440 grub_refresh ();
441
442 return 1;
443 #else
444 unsigned cur_len = 0;
445 int key;
446
447 while (1)
448 {
449 key = grub_getkey ();
450 if (key == '\n' || key == '\r')
451 break;
452
453 if (key == '\e')
454 {
455 cur_len = 0;
456 break;
457 }
458
459 if (key == '\b')
460 {
461 cur_len--;
462 continue;
463 }
464
465 if (!grub_isprint (key))
466 continue;
467
468 if (cur_len + 2 < buf_size)
469 buf[cur_len++] = key;
470 }
471
472 grub_memset (buf + cur_len, 0, buf_size - cur_len);
473
474 grub_xputs ("\n");
475 grub_refresh ();
476
477 return (key != '\e');
478 #endif
479 }
Mirror of AROS' svn.