From: "Daniel P. Berrange" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: Peter Maydell <peter.maydell@linaro.org>,
"Daniel P. Berrange" <berrange@redhat.com>
Subject: [Qemu-devel] [PULL v2 7/8] crypto: support more hash algorithms for pbkdf
Date: Mon, 19 Sep 2016 16:33:56 +0100 [thread overview]
Message-ID: <1474299237-1054-8-git-send-email-berrange@redhat.com> (raw)
In-Reply-To: <1474299237-1054-1-git-send-email-berrange@redhat.com>
Currently pbkdf is only supported with SHA1 and SHA256. Expand
this to support all algorithms known to QEMU.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
---
crypto/pbkdf-gcrypt.c | 12 ++++++++-
crypto/pbkdf-nettle.c | 63 ++++++++++++++++++++++++++++++++++++++++-------
tests/test-crypto-pbkdf.c | 53 ++++++++++++++++++++++++++++++++++++++-
3 files changed, 117 insertions(+), 11 deletions(-)
diff --git a/crypto/pbkdf-gcrypt.c b/crypto/pbkdf-gcrypt.c
index 44cf31a..4028985 100644
--- a/crypto/pbkdf-gcrypt.c
+++ b/crypto/pbkdf-gcrypt.c
@@ -28,7 +28,11 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
switch (hash) {
case QCRYPTO_HASH_ALG_MD5:
case QCRYPTO_HASH_ALG_SHA1:
+ case QCRYPTO_HASH_ALG_SHA224:
case QCRYPTO_HASH_ALG_SHA256:
+ case QCRYPTO_HASH_ALG_SHA384:
+ case QCRYPTO_HASH_ALG_SHA512:
+ case QCRYPTO_HASH_ALG_RIPEMD160:
return true;
default:
return false;
@@ -45,7 +49,11 @@ int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
static const int hash_map[QCRYPTO_HASH_ALG__MAX] = {
[QCRYPTO_HASH_ALG_MD5] = GCRY_MD_MD5,
[QCRYPTO_HASH_ALG_SHA1] = GCRY_MD_SHA1,
+ [QCRYPTO_HASH_ALG_SHA224] = GCRY_MD_SHA224,
[QCRYPTO_HASH_ALG_SHA256] = GCRY_MD_SHA256,
+ [QCRYPTO_HASH_ALG_SHA384] = GCRY_MD_SHA384,
+ [QCRYPTO_HASH_ALG_SHA512] = GCRY_MD_SHA512,
+ [QCRYPTO_HASH_ALG_RIPEMD160] = GCRY_MD_RMD160,
};
int ret;
@@ -58,7 +66,9 @@ int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
if (hash >= G_N_ELEMENTS(hash_map) ||
hash_map[hash] == GCRY_MD_NONE) {
- error_setg(errp, "Unexpected hash algorithm %d", hash);
+ error_setg_errno(errp, ENOSYS,
+ "PBKDF does not support hash algorithm %s",
+ QCryptoHashAlgorithm_lookup[hash]);
return -1;
}
diff --git a/crypto/pbkdf-nettle.c b/crypto/pbkdf-nettle.c
index db81517..6fb2671 100644
--- a/crypto/pbkdf-nettle.c
+++ b/crypto/pbkdf-nettle.c
@@ -20,6 +20,7 @@
#include "qemu/osdep.h"
#include <nettle/pbkdf2.h>
+#include <nettle/hmac.h>
#include "qapi/error.h"
#include "crypto/pbkdf.h"
@@ -28,7 +29,11 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
{
switch (hash) {
case QCRYPTO_HASH_ALG_SHA1:
+ case QCRYPTO_HASH_ALG_SHA224:
case QCRYPTO_HASH_ALG_SHA256:
+ case QCRYPTO_HASH_ALG_SHA384:
+ case QCRYPTO_HASH_ALG_SHA512:
+ case QCRYPTO_HASH_ALG_RIPEMD160:
return true;
default:
return false;
@@ -42,30 +47,70 @@ int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
uint8_t *out, size_t nout,
Error **errp)
{
+ union {
+ struct hmac_md5_ctx md5;
+ struct hmac_sha1_ctx sha1;
+ struct hmac_sha224_ctx sha224;
+ struct hmac_sha256_ctx sha256;
+ struct hmac_sha384_ctx sha384;
+ struct hmac_sha512_ctx sha512;
+ struct hmac_ripemd160_ctx ripemd160;
+ } ctx;
+
if (iterations > UINT_MAX) {
error_setg_errno(errp, ERANGE,
"PBKDF iterations %llu must be less than %u",
(long long unsigned)iterations, UINT_MAX);
return -1;
}
+
switch (hash) {
+ case QCRYPTO_HASH_ALG_MD5:
+ hmac_md5_set_key(&ctx.md5, nkey, key);
+ PBKDF2(&ctx.md5, hmac_md5_update, hmac_md5_digest,
+ MD5_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+ break;
+
case QCRYPTO_HASH_ALG_SHA1:
- pbkdf2_hmac_sha1(nkey, key,
- iterations,
- nsalt, salt,
- nout, out);
+ hmac_sha1_set_key(&ctx.sha1, nkey, key);
+ PBKDF2(&ctx.sha1, hmac_sha1_update, hmac_sha1_digest,
+ SHA1_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+ break;
+
+ case QCRYPTO_HASH_ALG_SHA224:
+ hmac_sha224_set_key(&ctx.sha224, nkey, key);
+ PBKDF2(&ctx.sha224, hmac_sha224_update, hmac_sha224_digest,
+ SHA224_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
break;
case QCRYPTO_HASH_ALG_SHA256:
- pbkdf2_hmac_sha256(nkey, key,
- iterations,
- nsalt, salt,
- nout, out);
+ hmac_sha256_set_key(&ctx.sha256, nkey, key);
+ PBKDF2(&ctx.sha256, hmac_sha256_update, hmac_sha256_digest,
+ SHA256_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+ break;
+
+ case QCRYPTO_HASH_ALG_SHA384:
+ hmac_sha384_set_key(&ctx.sha384, nkey, key);
+ PBKDF2(&ctx.sha384, hmac_sha384_update, hmac_sha384_digest,
+ SHA384_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+ break;
+
+ case QCRYPTO_HASH_ALG_SHA512:
+ hmac_sha512_set_key(&ctx.sha512, nkey, key);
+ PBKDF2(&ctx.sha512, hmac_sha512_update, hmac_sha512_digest,
+ SHA512_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+ break;
+
+ case QCRYPTO_HASH_ALG_RIPEMD160:
+ hmac_ripemd160_set_key(&ctx.ripemd160, nkey, key);
+ PBKDF2(&ctx.ripemd160, hmac_ripemd160_update, hmac_ripemd160_digest,
+ RIPEMD160_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
break;
default:
error_setg_errno(errp, ENOSYS,
- "PBKDF does not support hash algorithm %d", hash);
+ "PBKDF does not support hash algorithm %s",
+ QCryptoHashAlgorithm_lookup[hash]);
return -1;
}
return 0;
diff --git a/tests/test-crypto-pbkdf.c b/tests/test-crypto-pbkdf.c
index a651dc5..d937aff 100644
--- a/tests/test-crypto-pbkdf.c
+++ b/tests/test-crypto-pbkdf.c
@@ -261,7 +261,6 @@ static QCryptoPbkdfTestData test_data[] = {
"\xcc\x4a\x5e\x6d\xca\x04\xec\x58",
.nout = 32
},
-#if 0
{
.path = "/crypto/pbkdf/nonrfc/sha512/iter1200",
.hash = QCRYPTO_HASH_ALG_SHA512,
@@ -280,6 +279,58 @@ static QCryptoPbkdfTestData test_data[] = {
.nout = 32
},
{
+ .path = "/crypto/pbkdf/nonrfc/sha224/iter1200",
+ .hash = QCRYPTO_HASH_ALG_SHA224,
+ .iterations = 1200,
+ .key = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ .nkey = 129,
+ .salt = "pass phrase exceeds block size",
+ .nsalt = 30,
+ .out = "\x13\x3b\x88\x0c\x0e\x52\xa2\x41"
+ "\x49\x33\x35\xa6\xc3\x83\xae\x23"
+ "\xf6\x77\x43\x9e\x5b\x30\x92\x3e"
+ "\x4a\x3a\xaa\x24\x69\x3c\xed\x20",
+ .nout = 32
+ },
+ {
+ .path = "/crypto/pbkdf/nonrfc/sha384/iter1200",
+ .hash = QCRYPTO_HASH_ALG_SHA384,
+ .iterations = 1200,
+ .key = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ .nkey = 129,
+ .salt = "pass phrase exceeds block size",
+ .nsalt = 30,
+ .out = "\xfe\xe3\xe1\x84\xc9\x25\x3e\x10"
+ "\x47\xc8\x7d\x53\xc6\xa5\xe3\x77"
+ "\x29\x41\x76\xbd\x4b\xe3\x9b\xac"
+ "\x05\x6c\x11\xdd\x17\xc5\x93\x80",
+ .nout = 32
+ },
+ {
+ .path = "/crypto/pbkdf/nonrfc/ripemd160/iter1200",
+ .hash = QCRYPTO_HASH_ALG_RIPEMD160,
+ .iterations = 1200,
+ .key = "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"
+ "XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX",
+ .nkey = 129,
+ .salt = "pass phrase exceeds block size",
+ .nsalt = 30,
+ .out = "\xd6\xcb\xd8\xa7\xdb\x0c\xa2\x2a"
+ "\x23\x5e\x47\xaf\xdb\xda\xa8\xef"
+ "\xe4\x01\x0d\x6f\xb5\x33\xc8\xbd"
+ "\xce\xbf\x91\x14\x8b\x5c\x48\x41",
+ .nout = 32
+ },
+#if 0
+ {
.path = "/crypto/pbkdf/nonrfc/whirlpool/iter1200",
.hash = QCRYPTO_HASH_ALG_WHIRLPOOL,
.iterations = 1200,
--
2.7.4
next prev parent reply other threads:[~2016-09-19 15:34 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-09-19 15:33 [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19 Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 1/8] crypto: use uint64_t for pbkdf iteration count parameters Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 2/8] crypto: make PBKDF iterations configurable for LUKS format Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 3/8] crypto: clear out buffer after timing pbkdf algorithm Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 4/8] crypto: use correct derived key size when timing pbkdf Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 5/8] crypto: remove bogus /= 2 for pbkdf iterations Daniel P. Berrange
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 6/8] crypto: increase default pbkdf2 time for luks to 2 seconds Daniel P. Berrange
2016-09-19 15:33 ` Daniel P. Berrange [this message]
2016-09-19 15:33 ` [Qemu-devel] [PULL v2 8/8] crypto: add trace points for TLS cert verification Daniel P. Berrange
2016-09-19 15:55 ` [Qemu-devel] [PULL v2 0/8] Merge qcrypto 2016/09/19 no-reply
2016-09-19 17:06 ` Peter Maydell
2016-09-19 20:16 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1474299237-1054-8-git-send-email-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.