search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge remote-tracking branch 'remotes/xtensa/tags/20200625-xtensa' into staging
[qemu/ar7.git] / crypto / afsplit.c
blobb1a5a208995a84cf43ffcc9e1514edcd5904ddd4
1 /*
2 * QEMU Crypto anti forensic information splitter
3 *
4 * Copyright (c) 2015-2016 Red Hat, Inc.
5 *
6 * Derived from cryptsetup package lib/luks1/af.c
7 *
8 * Copyright (C) 2004, Clemens Fruhwirth <clemens@endorphin.org>
9 * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved.
10 *
11 * This program is free software; you can redistribute it and/or
12 * modify it under the terms of the GNU General Public License
13 * as published by the Free Software Foundation; either version 2
14 * of the License, or (at your option) any later version.
15 *
16 * This program is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 */
24
25 #include "qemu/osdep.h"
26 #include "qemu/bswap.h"
27 #include "crypto/afsplit.h"
28 #include "crypto/random.h"
29
30
31 static void qcrypto_afsplit_xor(size_t blocklen,
32 const uint8_t *in1,
33 const uint8_t *in2,
34 uint8_t *out)
35 {
36 size_t i;
37 for (i = 0; i < blocklen; i++) {
38 out[i] = in1[i] ^ in2[i];
39 }
40 }
41
42
43 static int qcrypto_afsplit_hash(QCryptoHashAlgorithm hash,
44 size_t blocklen,
45 uint8_t *block,
46 Error **errp)
47 {
48 size_t digestlen = qcrypto_hash_digest_len(hash);
49
50 size_t hashcount = blocklen / digestlen;
51 size_t finallen = blocklen % digestlen;
52 uint32_t i;
53
54 if (finallen) {
55 hashcount++;
56 } else {
57 finallen = digestlen;
58 }
59
60 for (i = 0; i < hashcount; i++) {
61 g_autofree uint8_t *out = NULL;
62 size_t outlen = 0;
63 uint32_t iv = cpu_to_be32(i);
64 struct iovec in[] = {
65 { .iov_base = &iv,
66 .iov_len = sizeof(iv) },
67 { .iov_base = block + (i * digestlen),
68 .iov_len = (i == (hashcount - 1)) ? finallen : digestlen },
69 };
70
71 if (qcrypto_hash_bytesv(hash,
72 in,
73 G_N_ELEMENTS(in),
74 &out, &outlen,
75 errp) < 0) {
76 return -1;
77 }
78
79 assert(outlen == digestlen);
80 memcpy(block + (i * digestlen), out,
81 (i == (hashcount - 1)) ? finallen : digestlen);
82 }
83
84 return 0;
85 }
86
87
88 int qcrypto_afsplit_encode(QCryptoHashAlgorithm hash,
89 size_t blocklen,
90 uint32_t stripes,
91 const uint8_t *in,
92 uint8_t *out,
93 Error **errp)
94 {
95 g_autofree uint8_t *block = g_new0(uint8_t, blocklen);
96 size_t i;
97
98 for (i = 0; i < (stripes - 1); i++) {
99 if (qcrypto_random_bytes(out + (i * blocklen), blocklen, errp) < 0) {
100 return -1;
101 }
102
103 qcrypto_afsplit_xor(blocklen,
104 out + (i * blocklen),
105 block,
106 block);
107 if (qcrypto_afsplit_hash(hash, blocklen, block,
108 errp) < 0) {
109 return -1;
110 }
111 }
112 qcrypto_afsplit_xor(blocklen,
113 in,
114 block,
115 out + (i * blocklen));
116 return 0;
117 }
118
119
120 int qcrypto_afsplit_decode(QCryptoHashAlgorithm hash,
121 size_t blocklen,
122 uint32_t stripes,
123 const uint8_t *in,
124 uint8_t *out,
125 Error **errp)
126 {
127 g_autofree uint8_t *block = g_new0(uint8_t, blocklen);
128 size_t i;
129
130 for (i = 0; i < (stripes - 1); i++) {
131 qcrypto_afsplit_xor(blocklen,
132 in + (i * blocklen),
133 block,
134 block);
135 if (qcrypto_afsplit_hash(hash, blocklen, block,
136 errp) < 0) {
137 return -1;
138 }
139 }
140
141 qcrypto_afsplit_xor(blocklen,
142 in + (i * blocklen),
143 block,
144 out);
145 return 0;
146 }
AR7 emulation for QEMU