xref: /qemu/crypto/pbkdf-gnutls.c (revision 727385c4) 
1 /*
2  * QEMU Crypto PBKDF support (Password-Based Key Derivation Function)
3  *
4  * Copyright (c) 2021 Red Hat, Inc.
5  *
6  * This library is free software; you can redistribute it and/or
7  * modify it under the terms of the GNU Lesser General Public
8  * License as published by the Free Software Foundation; either
9  * version 2.1 of the License, or (at your option) any later version.
10  *
11  * This library is distributed in the hope that it will be useful,
12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14  * Lesser General Public License for more details.
15  *
16  * You should have received a copy of the GNU Lesser General Public
17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18  *
19  */
20 
21 #include "qemu/osdep.h"
22 #include <gnutls/crypto.h>
23 #include "qapi/error.h"
24 #include "crypto/pbkdf.h"
25 
26 bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
27 {
28     switch (hash) {
29     case QCRYPTO_HASH_ALG_MD5:
30     case QCRYPTO_HASH_ALG_SHA1:
31     case QCRYPTO_HASH_ALG_SHA224:
32     case QCRYPTO_HASH_ALG_SHA256:
33     case QCRYPTO_HASH_ALG_SHA384:
34     case QCRYPTO_HASH_ALG_SHA512:
35     case QCRYPTO_HASH_ALG_RIPEMD160:
36         return true;
37     default:
38         return false;
39     }
40 }
41 
42 int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
43                    const uint8_t *key, size_t nkey,
44                    const uint8_t *salt, size_t nsalt,
45                    uint64_t iterations,
46                    uint8_t *out, size_t nout,
47                    Error **errp)
48 {
49     static const int hash_map[QCRYPTO_HASH_ALG__MAX] = {
50         [QCRYPTO_HASH_ALG_MD5] = GNUTLS_DIG_MD5,
51         [QCRYPTO_HASH_ALG_SHA1] = GNUTLS_DIG_SHA1,
52         [QCRYPTO_HASH_ALG_SHA224] = GNUTLS_DIG_SHA224,
53         [QCRYPTO_HASH_ALG_SHA256] = GNUTLS_DIG_SHA256,
54         [QCRYPTO_HASH_ALG_SHA384] = GNUTLS_DIG_SHA384,
55         [QCRYPTO_HASH_ALG_SHA512] = GNUTLS_DIG_SHA512,
56         [QCRYPTO_HASH_ALG_RIPEMD160] = GNUTLS_DIG_RMD160,
57     };
58     int ret;
59     const gnutls_datum_t gkey = { (unsigned char *)key, nkey };
60     const gnutls_datum_t gsalt = { (unsigned char *)salt, nsalt };
61 
62     if (iterations > ULONG_MAX) {
63         error_setg_errno(errp, ERANGE,
64                          "PBKDF iterations %llu must be less than %lu",
65                          (long long unsigned)iterations, ULONG_MAX);
66         return -1;
67     }
68 
69     if (hash >= G_N_ELEMENTS(hash_map) ||
70         hash_map[hash] == GNUTLS_DIG_UNKNOWN) {
71         error_setg_errno(errp, ENOSYS,
72                          "PBKDF does not support hash algorithm %s",
73                          QCryptoHashAlgorithm_str(hash));
74         return -1;
75     }
76 
77     ret = gnutls_pbkdf2(hash_map[hash],
78                         &gkey,
79                         &gsalt,
80                         iterations,
81                         out,
82                         nout);
83     if (ret != 0) {
84         error_setg(errp, "Cannot derive password: %s",
85                    gnutls_strerror(ret));
86         return -1;
87     }
88 
89     return 0;
90 }
91