112a4f216SLongpeng(Mike) /* 212a4f216SLongpeng(Mike) * QEMU Crypto hmac algorithms (based on glib) 312a4f216SLongpeng(Mike) * 412a4f216SLongpeng(Mike) * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD. 512a4f216SLongpeng(Mike) * 612a4f216SLongpeng(Mike) * Authors: 712a4f216SLongpeng(Mike) * Longpeng(Mike) <longpeng2@huawei.com> 812a4f216SLongpeng(Mike) * 912a4f216SLongpeng(Mike) * This work is licensed under the terms of the GNU GPL, version 2 or 1012a4f216SLongpeng(Mike) * (at your option) any later version. See the COPYING file in the 1112a4f216SLongpeng(Mike) * top-level directory. 1212a4f216SLongpeng(Mike) * 1312a4f216SLongpeng(Mike) */ 1412a4f216SLongpeng(Mike) 1512a4f216SLongpeng(Mike) #include "qemu/osdep.h" 1612a4f216SLongpeng(Mike) #include "qapi/error.h" 1712a4f216SLongpeng(Mike) #include "crypto/hmac.h" 1814a5a2aeSLongpeng(Mike) #include "hmacpriv.h" 1912a4f216SLongpeng(Mike) 20*ef834aa2SMarkus Armbruster static int qcrypto_hmac_alg_map[QCRYPTO_HASH_ALGO__MAX] = { 21*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_MD5] = G_CHECKSUM_MD5, 22*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_SHA1] = G_CHECKSUM_SHA1, 23*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_SHA256] = G_CHECKSUM_SHA256, 24*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_SHA512] = G_CHECKSUM_SHA512, 25*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_SHA224] = -1, 26*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_SHA384] = -1, 27*ef834aa2SMarkus Armbruster [QCRYPTO_HASH_ALGO_RIPEMD160] = -1, 28e1168052SLongpeng(Mike) }; 29e1168052SLongpeng(Mike) 30e1168052SLongpeng(Mike) typedef struct QCryptoHmacGlib QCryptoHmacGlib; 31e1168052SLongpeng(Mike) struct QCryptoHmacGlib { 32e1168052SLongpeng(Mike) GHmac *ghmac; 33e1168052SLongpeng(Mike) }; 34e1168052SLongpeng(Mike) 35*ef834aa2SMarkus Armbruster bool qcrypto_hmac_supports(QCryptoHashAlgo alg) 36e1168052SLongpeng(Mike) { 37e1168052SLongpeng(Mike) if (alg < G_N_ELEMENTS(qcrypto_hmac_alg_map) && 38e1168052SLongpeng(Mike) qcrypto_hmac_alg_map[alg] != -1) { 39e1168052SLongpeng(Mike) return true; 40e1168052SLongpeng(Mike) } 41e1168052SLongpeng(Mike) 42e1168052SLongpeng(Mike) return false; 43e1168052SLongpeng(Mike) } 44e1168052SLongpeng(Mike) 45*ef834aa2SMarkus Armbruster void *qcrypto_hmac_ctx_new(QCryptoHashAlgo alg, 46e1168052SLongpeng(Mike) const uint8_t *key, size_t nkey, 47e1168052SLongpeng(Mike) Error **errp) 48e1168052SLongpeng(Mike) { 49e1168052SLongpeng(Mike) QCryptoHmacGlib *ctx; 50e1168052SLongpeng(Mike) 51e1168052SLongpeng(Mike) if (!qcrypto_hmac_supports(alg)) { 52e1168052SLongpeng(Mike) error_setg(errp, "Unsupported hmac algorithm %s", 53*ef834aa2SMarkus Armbruster QCryptoHashAlgo_str(alg)); 54e1168052SLongpeng(Mike) return NULL; 55e1168052SLongpeng(Mike) } 56e1168052SLongpeng(Mike) 57e1168052SLongpeng(Mike) ctx = g_new0(QCryptoHmacGlib, 1); 58e1168052SLongpeng(Mike) 59e1168052SLongpeng(Mike) ctx->ghmac = g_hmac_new(qcrypto_hmac_alg_map[alg], 60e1168052SLongpeng(Mike) (const uint8_t *)key, nkey); 61e1168052SLongpeng(Mike) if (!ctx->ghmac) { 62e1168052SLongpeng(Mike) error_setg(errp, "Cannot initialize hmac and set key"); 63e1168052SLongpeng(Mike) goto error; 64e1168052SLongpeng(Mike) } 65e1168052SLongpeng(Mike) 66d73c04e3SLongpeng(Mike) return ctx; 67e1168052SLongpeng(Mike) 68e1168052SLongpeng(Mike) error: 69e1168052SLongpeng(Mike) g_free(ctx); 70e1168052SLongpeng(Mike) return NULL; 71e1168052SLongpeng(Mike) } 72e1168052SLongpeng(Mike) 7314a5a2aeSLongpeng(Mike) static void 7414a5a2aeSLongpeng(Mike) qcrypto_glib_hmac_ctx_free(QCryptoHmac *hmac) 75e1168052SLongpeng(Mike) { 76e1168052SLongpeng(Mike) QCryptoHmacGlib *ctx; 77e1168052SLongpeng(Mike) 78e1168052SLongpeng(Mike) ctx = hmac->opaque; 79e1168052SLongpeng(Mike) g_hmac_unref(ctx->ghmac); 80e1168052SLongpeng(Mike) 81e1168052SLongpeng(Mike) g_free(ctx); 82e1168052SLongpeng(Mike) } 83e1168052SLongpeng(Mike) 8414a5a2aeSLongpeng(Mike) static int 8514a5a2aeSLongpeng(Mike) qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac, 86e1168052SLongpeng(Mike) const struct iovec *iov, 87e1168052SLongpeng(Mike) size_t niov, 88e1168052SLongpeng(Mike) uint8_t **result, 89e1168052SLongpeng(Mike) size_t *resultlen, 90e1168052SLongpeng(Mike) Error **errp) 91e1168052SLongpeng(Mike) { 92e1168052SLongpeng(Mike) QCryptoHmacGlib *ctx; 93e1168052SLongpeng(Mike) int i, ret; 94e1168052SLongpeng(Mike) 95e1168052SLongpeng(Mike) ctx = hmac->opaque; 96e1168052SLongpeng(Mike) 97e1168052SLongpeng(Mike) for (i = 0; i < niov; i++) { 98e1168052SLongpeng(Mike) g_hmac_update(ctx->ghmac, iov[i].iov_base, iov[i].iov_len); 99e1168052SLongpeng(Mike) } 100e1168052SLongpeng(Mike) 101e1168052SLongpeng(Mike) ret = g_checksum_type_get_length(qcrypto_hmac_alg_map[hmac->alg]); 102e1168052SLongpeng(Mike) if (ret < 0) { 103e1168052SLongpeng(Mike) error_setg(errp, "Unable to get hmac length"); 104e1168052SLongpeng(Mike) return -1; 105e1168052SLongpeng(Mike) } 106e1168052SLongpeng(Mike) 107e1168052SLongpeng(Mike) if (*resultlen == 0) { 108e1168052SLongpeng(Mike) *resultlen = ret; 109e1168052SLongpeng(Mike) *result = g_new0(uint8_t, *resultlen); 110e1168052SLongpeng(Mike) } else if (*resultlen != ret) { 111e1168052SLongpeng(Mike) error_setg(errp, "Result buffer size %zu is smaller than hmac %d", 112e1168052SLongpeng(Mike) *resultlen, ret); 113e1168052SLongpeng(Mike) return -1; 114e1168052SLongpeng(Mike) } 115e1168052SLongpeng(Mike) 116e1168052SLongpeng(Mike) g_hmac_get_digest(ctx->ghmac, *result, resultlen); 117e1168052SLongpeng(Mike) 118e1168052SLongpeng(Mike) return 0; 119e1168052SLongpeng(Mike) } 120e1168052SLongpeng(Mike) 12114a5a2aeSLongpeng(Mike) QCryptoHmacDriver qcrypto_hmac_lib_driver = { 12214a5a2aeSLongpeng(Mike) .hmac_bytesv = qcrypto_glib_hmac_bytesv, 12314a5a2aeSLongpeng(Mike) .hmac_free = qcrypto_glib_hmac_ctx_free, 12414a5a2aeSLongpeng(Mike) }; 125