test-string-input-visitor: Add range overflow tests
[qemu/ar7.git] / crypto / afsplit.c
blob825e2cff26ecc60c841395d350c92ee389fe8630
1 /*
2 * QEMU Crypto anti forensic information splitter
4 * Copyright (c) 2015-2016 Red Hat, Inc.
6 * Derived from cryptsetup package lib/luks1/af.c
8 * Copyright (C) 2004, Clemens Fruhwirth <clemens@endorphin.org>
9 * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved.
11 * This library is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
16 * This library is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * Lesser General Public License for more details.
21 * You should have received a copy of the GNU Lesser General Public
22 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
26 #include "qemu/osdep.h"
27 #include "qemu/bswap.h"
28 #include "crypto/afsplit.h"
29 #include "crypto/random.h"
32 static void qcrypto_afsplit_xor(size_t blocklen,
33 const uint8_t *in1,
34 const uint8_t *in2,
35 uint8_t *out)
37 size_t i;
38 for (i = 0; i < blocklen; i++) {
39 out[i] = in1[i] ^ in2[i];
44 static int qcrypto_afsplit_hash(QCryptoHashAlgorithm hash,
45 size_t blocklen,
46 uint8_t *block,
47 Error **errp)
49 size_t digestlen = qcrypto_hash_digest_len(hash);
51 size_t hashcount = blocklen / digestlen;
52 size_t finallen = blocklen % digestlen;
53 uint32_t i;
55 if (finallen) {
56 hashcount++;
57 } else {
58 finallen = digestlen;
61 for (i = 0; i < hashcount; i++) {
62 uint8_t *out = NULL;
63 size_t outlen = 0;
64 uint32_t iv = cpu_to_be32(i);
65 struct iovec in[] = {
66 { .iov_base = &iv,
67 .iov_len = sizeof(iv) },
68 { .iov_base = block + (i * digestlen),
69 .iov_len = (i == (hashcount - 1)) ? finallen : digestlen },
72 if (qcrypto_hash_bytesv(hash,
73 in,
74 G_N_ELEMENTS(in),
75 &out, &outlen,
76 errp) < 0) {
77 return -1;
80 assert(outlen == digestlen);
81 memcpy(block + (i * digestlen), out,
82 (i == (hashcount - 1)) ? finallen : digestlen);
83 g_free(out);
86 return 0;
90 int qcrypto_afsplit_encode(QCryptoHashAlgorithm hash,
91 size_t blocklen,
92 uint32_t stripes,
93 const uint8_t *in,
94 uint8_t *out,
95 Error **errp)
97 uint8_t *block = g_new0(uint8_t, blocklen);
98 size_t i;
99 int ret = -1;
101 for (i = 0; i < (stripes - 1); i++) {
102 if (qcrypto_random_bytes(out + (i * blocklen), blocklen, errp) < 0) {
103 goto cleanup;
106 qcrypto_afsplit_xor(blocklen,
107 out + (i * blocklen),
108 block,
109 block);
110 if (qcrypto_afsplit_hash(hash, blocklen, block,
111 errp) < 0) {
112 goto cleanup;
115 qcrypto_afsplit_xor(blocklen,
117 block,
118 out + (i * blocklen));
119 ret = 0;
121 cleanup:
122 g_free(block);
123 return ret;
127 int qcrypto_afsplit_decode(QCryptoHashAlgorithm hash,
128 size_t blocklen,
129 uint32_t stripes,
130 const uint8_t *in,
131 uint8_t *out,
132 Error **errp)
134 uint8_t *block = g_new0(uint8_t, blocklen);
135 size_t i;
136 int ret = -1;
138 for (i = 0; i < (stripes - 1); i++) {
139 qcrypto_afsplit_xor(blocklen,
140 in + (i * blocklen),
141 block,
142 block);
143 if (qcrypto_afsplit_hash(hash, blocklen, block,
144 errp) < 0) {
145 goto cleanup;
149 qcrypto_afsplit_xor(blocklen,
150 in + (i * blocklen),
151 block,
152 out);
154 ret = 0;
156 cleanup:
157 g_free(block);
158 return ret;