Introduce Virtio-loopback epsilon release:

Epsilon release introduces a new compatibility layer which make virtio-loopback design to work with QEMU and rust-vmm vhost-user backend without require any changes. Signed-off-by: Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com> Change-Id: I52e57563e08a7d0bdc002f8e928ee61ba0c53dd9
author: Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com> 2023-10-10 11:40:56 +0000
committer: Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com> 2023-10-10 11:40:56 +0000
commit: e02cda008591317b1625707ff8e115a4841aa889 (patch)
tree: aee302e3cf8b59ec2d32ec481be3d1afddfc8968 /crypto/pbkdf-nettle.c
parent: cc668e6b7e0ffd8c9d130513d12053cf5eda1d3b (diff)
1 files changed, 117 insertions, 0 deletions
diff --git a/crypto/pbkdf-nettle.c b/crypto/pbkdf-nettle.c
new file mode 100644
index 000000000..d6293c25a
--- /dev/null
+++ b/crypto/pbkdf-nettle.c
@@ -0,0 +1,117 @@
+/*
+ * QEMU Crypto PBKDF support (Password-Based Key Derivation Function)
+ *
+ * Copyright (c) 2015-2016 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2.1 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#include "qemu/osdep.h"
+#include <nettle/pbkdf2.h>
+#include <nettle/hmac.h>
+#include "qapi/error.h"
+#include "crypto/pbkdf.h"
+
+
+bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
+{
+    switch (hash) {
+    case QCRYPTO_HASH_ALG_SHA1:
+    case QCRYPTO_HASH_ALG_SHA224:
+    case QCRYPTO_HASH_ALG_SHA256:
+    case QCRYPTO_HASH_ALG_SHA384:
+    case QCRYPTO_HASH_ALG_SHA512:
+    case QCRYPTO_HASH_ALG_RIPEMD160:
+        return true;
+    default:
+        return false;
+    }
+}
+
+int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
+                   const uint8_t *key, size_t nkey,
+                   const uint8_t *salt, size_t nsalt,
+                   uint64_t iterations,
+                   uint8_t *out, size_t nout,
+                   Error **errp)
+{
+    union {
+        struct hmac_md5_ctx md5;
+        struct hmac_sha1_ctx sha1;
+        struct hmac_sha224_ctx sha224;
+        struct hmac_sha256_ctx sha256;
+        struct hmac_sha384_ctx sha384;
+        struct hmac_sha512_ctx sha512;
+        struct hmac_ripemd160_ctx ripemd160;
+    } ctx;
+
+    if (iterations > UINT_MAX) {
+        error_setg_errno(errp, ERANGE,
+                         "PBKDF iterations %llu must be less than %u",
+                         (long long unsigned)iterations, UINT_MAX);
+        return -1;
+    }
+
+    switch (hash) {
+    case QCRYPTO_HASH_ALG_MD5:
+        hmac_md5_set_key(&ctx.md5, nkey, key);
+        PBKDF2(&ctx.md5, hmac_md5_update, hmac_md5_digest,
+               MD5_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_SHA1:
+        hmac_sha1_set_key(&ctx.sha1, nkey, key);
+        PBKDF2(&ctx.sha1, hmac_sha1_update, hmac_sha1_digest,
+               SHA1_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_SHA224:
+        hmac_sha224_set_key(&ctx.sha224, nkey, key);
+        PBKDF2(&ctx.sha224, hmac_sha224_update, hmac_sha224_digest,
+               SHA224_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_SHA256:
+        hmac_sha256_set_key(&ctx.sha256, nkey, key);
+        PBKDF2(&ctx.sha256, hmac_sha256_update, hmac_sha256_digest,
+               SHA256_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_SHA384:
+        hmac_sha384_set_key(&ctx.sha384, nkey, key);
+        PBKDF2(&ctx.sha384, hmac_sha384_update, hmac_sha384_digest,
+               SHA384_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_SHA512:
+        hmac_sha512_set_key(&ctx.sha512, nkey, key);
+        PBKDF2(&ctx.sha512, hmac_sha512_update, hmac_sha512_digest,
+               SHA512_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    case QCRYPTO_HASH_ALG_RIPEMD160:
+        hmac_ripemd160_set_key(&ctx.ripemd160, nkey, key);
+        PBKDF2(&ctx.ripemd160, hmac_ripemd160_update, hmac_ripemd160_digest,
+               RIPEMD160_DIGEST_SIZE, iterations, nsalt, salt, nout, out);
+        break;
+
+    default:
+        error_setg_errno(errp, ENOSYS,
+                         "PBKDF does not support hash algorithm %s",
+                         QCryptoHashAlgorithm_str(hash));
+        return -1;
+    }
+    return 0;
+}
author	Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>	2023-10-10 11:40:56 +0000
committer	Timos Ampelikiotis <t.ampelikiotis@virtualopensystems.com>	2023-10-10 11:40:56 +0000
commit	e02cda008591317b1625707ff8e115a4841aa889 (patch)
tree	aee302e3cf8b59ec2d32ec481be3d1afddfc8968 /crypto/pbkdf-nettle.c
parent	cc668e6b7e0ffd8c9d130513d12053cf5eda1d3b (diff)