2 * GCRYPT crypto backend implementation
4 * Copyright (C) 2010-2012, Red Hat, Inc. All rights reserved.
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * version 2 as published by the Free Software Foundation.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
25 #include "crypto_backend.h"
27 static int crypto_backend_initialised = 0;
28 static int crypto_backend_secmem = 1;
29 static char version[64];
43 int crypt_backend_init(struct crypt_device *ctx)
45 if (crypto_backend_initialised)
48 if (!gcry_control (GCRYCTL_INITIALIZATION_FINISHED_P)) {
49 if (!gcry_check_version (GCRYPT_REQ_VERSION)) {
53 /* FIXME: If gcrypt compiled to support POSIX 1003.1e capabilities,
54 * it drops all privileges during secure memory initialisation.
55 * For now, the only workaround is to disable secure memory in gcrypt.
56 * cryptsetup always need at least cap_sys_admin privilege for dm-ioctl
57 * and it locks its memory space anyway.
60 gcry_control (GCRYCTL_DISABLE_SECMEM);
61 crypto_backend_secmem = 0;
64 gcry_control (GCRYCTL_SUSPEND_SECMEM_WARN);
65 gcry_control (GCRYCTL_INIT_SECMEM, 16384, 0);
66 gcry_control (GCRYCTL_RESUME_SECMEM_WARN);
68 gcry_control (GCRYCTL_INITIALIZATION_FINISHED, 0);
71 snprintf(version, 64, "gcrypt %s%s",
72 gcry_check_version(NULL),
73 crypto_backend_secmem ? "" : ", secmem disabled");
74 crypto_backend_initialised = 1;
78 const char *crypt_backend_version(void)
80 return crypto_backend_initialised ? version : "";
83 uint32_t crypt_backend_flags(void)
89 int crypt_hash_size(const char *name)
93 assert(crypto_backend_initialised);
95 hash_id = gcry_md_map_name(name);
99 return gcry_md_get_algo_dlen(hash_id);
102 int crypt_hash_init(struct crypt_hash **ctx, const char *name)
104 struct crypt_hash *h;
106 assert(crypto_backend_initialised);
108 h = malloc(sizeof(*h));
112 h->hash_id = gcry_md_map_name(name);
118 if (gcry_md_open(&h->hd, h->hash_id, 0)) {
123 h->hash_len = gcry_md_get_algo_dlen(h->hash_id);
128 static void crypt_hash_restart(struct crypt_hash *ctx)
130 gcry_md_reset(ctx->hd);
133 int crypt_hash_write(struct crypt_hash *ctx, const char *buffer, size_t length)
135 gcry_md_write(ctx->hd, buffer, length);
139 int crypt_hash_final(struct crypt_hash *ctx, char *buffer, size_t length)
143 if (length > (size_t)ctx->hash_len)
146 hash = gcry_md_read(ctx->hd, ctx->hash_id);
150 memcpy(buffer, hash, length);
151 crypt_hash_restart(ctx);
156 int crypt_hash_destroy(struct crypt_hash *ctx)
158 gcry_md_close(ctx->hd);
159 memset(ctx, 0, sizeof(*ctx));
165 int crypt_hmac_size(const char *name)
167 return crypt_hash_size(name);
170 int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
171 const void *buffer, size_t length)
173 struct crypt_hmac *h;
175 assert(crypto_backend_initialised);
177 h = malloc(sizeof(*h));
181 h->hash_id = gcry_md_map_name(name);
187 if (gcry_md_open(&h->hd, h->hash_id, GCRY_MD_FLAG_HMAC)) {
192 if (gcry_md_setkey(h->hd, buffer, length)) {
193 gcry_md_close(h->hd);
198 h->hash_len = gcry_md_get_algo_dlen(h->hash_id);
203 static void crypt_hmac_restart(struct crypt_hmac *ctx)
205 gcry_md_reset(ctx->hd);
208 int crypt_hmac_write(struct crypt_hmac *ctx, const char *buffer, size_t length)
210 gcry_md_write(ctx->hd, buffer, length);
214 int crypt_hmac_final(struct crypt_hmac *ctx, char *buffer, size_t length)
218 if (length > (size_t)ctx->hash_len)
221 hash = gcry_md_read(ctx->hd, ctx->hash_id);
225 memcpy(buffer, hash, length);
226 crypt_hmac_restart(ctx);
231 int crypt_hmac_destroy(struct crypt_hmac *ctx)
233 gcry_md_close(ctx->hd);
234 memset(ctx, 0, sizeof(*ctx));
240 int crypt_backend_rng(char *buffer, size_t length, int quality, int fips)
243 case CRYPT_RND_NORMAL:
244 gcry_randomize(buffer, length, GCRY_STRONG_RANDOM);
249 gcry_randomize(buffer, length, GCRY_VERY_STRONG_RANDOM);