1 /* 2 * QEMU Crypto hmac algorithms 3 * 4 * Copyright (c) 2021 Red Hat, Inc. 5 * 6 * Derived from hmac-gcrypt.c: 7 * 8 * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD. 9 * 10 * This work is licensed under the terms of the GNU GPL, version 2 or 11 * (at your option) any later version. See the COPYING file in the 12 * top-level directory. 13 * 14 */ 15 16 #include "qemu/osdep.h" 17 #include <gnutls/crypto.h> 18 19 #include "qapi/error.h" 20 #include "crypto/hmac.h" 21 #include "hmacpriv.h" 22 23 static int qcrypto_hmac_alg_map[QCRYPTO_HASH_ALGO__MAX] = { 24 [QCRYPTO_HASH_ALGO_MD5] = GNUTLS_MAC_MD5, 25 [QCRYPTO_HASH_ALGO_SHA1] = GNUTLS_MAC_SHA1, 26 [QCRYPTO_HASH_ALGO_SHA224] = GNUTLS_MAC_SHA224, 27 [QCRYPTO_HASH_ALGO_SHA256] = GNUTLS_MAC_SHA256, 28 [QCRYPTO_HASH_ALGO_SHA384] = GNUTLS_MAC_SHA384, 29 [QCRYPTO_HASH_ALGO_SHA512] = GNUTLS_MAC_SHA512, 30 [QCRYPTO_HASH_ALGO_RIPEMD160] = GNUTLS_MAC_RMD160, 31 }; 32 33 typedef struct QCryptoHmacGnutls QCryptoHmacGnutls; 34 struct QCryptoHmacGnutls { 35 gnutls_hmac_hd_t handle; 36 }; 37 38 bool qcrypto_hmac_supports(QCryptoHashAlgo alg) 39 { 40 size_t i; 41 const gnutls_digest_algorithm_t *algs; 42 if (alg >= G_N_ELEMENTS(qcrypto_hmac_alg_map) || 43 qcrypto_hmac_alg_map[alg] == GNUTLS_DIG_UNKNOWN) { 44 return false; 45 } 46 algs = gnutls_digest_list(); 47 for (i = 0; algs[i] != GNUTLS_DIG_UNKNOWN; i++) { 48 if (algs[i] == qcrypto_hmac_alg_map[alg]) { 49 return true; 50 } 51 } 52 return false; 53 } 54 55 void *qcrypto_hmac_ctx_new(QCryptoHashAlgo alg, 56 const uint8_t *key, size_t nkey, 57 Error **errp) 58 { 59 QCryptoHmacGnutls *ctx; 60 int err; 61 62 if (!qcrypto_hmac_supports(alg)) { 63 error_setg(errp, "Unsupported hmac algorithm %s", 64 QCryptoHashAlgo_str(alg)); 65 return NULL; 66 } 67 68 ctx = g_new0(QCryptoHmacGnutls, 1); 69 70 err = gnutls_hmac_init(&ctx->handle, 71 qcrypto_hmac_alg_map[alg], 72 (const void *)key, nkey); 73 if (err != 0) { 74 error_setg(errp, "Cannot initialize hmac: %s", 75 gnutls_strerror(err)); 76 goto error; 77 } 78 79 return ctx; 80 81 error: 82 g_free(ctx); 83 return NULL; 84 } 85 86 static void 87 qcrypto_gnutls_hmac_ctx_free(QCryptoHmac *hmac) 88 { 89 QCryptoHmacGnutls *ctx; 90 91 ctx = hmac->opaque; 92 gnutls_hmac_deinit(ctx->handle, NULL); 93 94 g_free(ctx); 95 } 96 97 static int 98 qcrypto_gnutls_hmac_bytesv(QCryptoHmac *hmac, 99 const struct iovec *iov, 100 size_t niov, 101 uint8_t **result, 102 size_t *resultlen, 103 Error **errp) 104 { 105 QCryptoHmacGnutls *ctx; 106 uint32_t ret; 107 int i; 108 109 ctx = hmac->opaque; 110 111 for (i = 0; i < niov; i++) { 112 gnutls_hmac(ctx->handle, iov[i].iov_base, iov[i].iov_len); 113 } 114 115 ret = gnutls_hmac_get_len(qcrypto_hmac_alg_map[hmac->alg]); 116 if (ret <= 0) { 117 error_setg(errp, "Unable to get hmac length: %s", 118 gnutls_strerror(ret)); 119 return -1; 120 } 121 122 if (*resultlen == 0) { 123 *resultlen = ret; 124 *result = g_new0(uint8_t, *resultlen); 125 } else if (*resultlen != ret) { 126 error_setg(errp, "Result buffer size %zu is smaller than hmac %d", 127 *resultlen, ret); 128 return -1; 129 } 130 131 gnutls_hmac_output(ctx->handle, *result); 132 133 return 0; 134 } 135 136 QCryptoHmacDriver qcrypto_hmac_lib_driver = { 137 .hmac_bytesv = qcrypto_gnutls_hmac_bytesv, 138 .hmac_free = qcrypto_gnutls_hmac_ctx_free, 139 }; 140