aboutsummaryrefslogtreecommitdiff
path: root/crypto/block-luks.c
diff options
context:
space:
mode:
authorDaniel P. Berrangé <berrange@redhat.com>2022-05-10 15:19:58 +0100
committerDaniel P. Berrangé <berrange@redhat.com>2022-10-27 12:55:27 +0100
commit36445acebdd100237551b47b4fd77f0c5403a10f (patch)
tree3690891f4417aa2137b0f90335f00c118ba8e696 /crypto/block-luks.c
parentb57151ac0366d3fb14318a55b0fc943134f7f80b (diff)
downloadqemu-36445acebdd100237551b47b4fd77f0c5403a10f.zip
qemu-36445acebdd100237551b47b4fd77f0c5403a10f.tar.gz
qemu-36445acebdd100237551b47b4fd77f0c5403a10f.tar.bz2
crypto: split LUKS header definitions off into file
This will allow unit testing code to use the structs. Reviewed-by: Richard W.M. Jones <rjones@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'crypto/block-luks.c')
-rw-r--r--crypto/block-luks.c94
1 files changed, 1 insertions, 93 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 254490c..375cce4 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -23,6 +23,7 @@
#include "qemu/bswap.h"
#include "block-luks.h"
+#include "block-luks-priv.h"
#include "crypto/hash.h"
#include "crypto/afsplit.h"
@@ -46,37 +47,6 @@
*/
typedef struct QCryptoBlockLUKS QCryptoBlockLUKS;
-typedef struct QCryptoBlockLUKSHeader QCryptoBlockLUKSHeader;
-typedef struct QCryptoBlockLUKSKeySlot QCryptoBlockLUKSKeySlot;
-
-
-/* The following constants are all defined by the LUKS spec */
-#define QCRYPTO_BLOCK_LUKS_VERSION 1
-
-#define QCRYPTO_BLOCK_LUKS_MAGIC_LEN 6
-#define QCRYPTO_BLOCK_LUKS_CIPHER_NAME_LEN 32
-#define QCRYPTO_BLOCK_LUKS_CIPHER_MODE_LEN 32
-#define QCRYPTO_BLOCK_LUKS_HASH_SPEC_LEN 32
-#define QCRYPTO_BLOCK_LUKS_DIGEST_LEN 20
-#define QCRYPTO_BLOCK_LUKS_SALT_LEN 32
-#define QCRYPTO_BLOCK_LUKS_UUID_LEN 40
-#define QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS 8
-#define QCRYPTO_BLOCK_LUKS_STRIPES 4000
-#define QCRYPTO_BLOCK_LUKS_MIN_SLOT_KEY_ITERS 1000
-#define QCRYPTO_BLOCK_LUKS_MIN_MASTER_KEY_ITERS 1000
-#define QCRYPTO_BLOCK_LUKS_KEY_SLOT_OFFSET 4096
-
-#define QCRYPTO_BLOCK_LUKS_KEY_SLOT_DISABLED 0x0000DEAD
-#define QCRYPTO_BLOCK_LUKS_KEY_SLOT_ENABLED 0x00AC71F3
-
-#define QCRYPTO_BLOCK_LUKS_SECTOR_SIZE 512LL
-
-#define QCRYPTO_BLOCK_LUKS_DEFAULT_ITER_TIME_MS 2000
-#define QCRYPTO_BLOCK_LUKS_ERASE_ITERATIONS 40
-
-static const char qcrypto_block_luks_magic[QCRYPTO_BLOCK_LUKS_MAGIC_LEN] = {
- 'L', 'U', 'K', 'S', 0xBA, 0xBE
-};
typedef struct QCryptoBlockLUKSNameMap QCryptoBlockLUKSNameMap;
struct QCryptoBlockLUKSNameMap {
@@ -134,69 +104,7 @@ qcrypto_block_luks_cipher_name_map[] = {
{ "twofish", qcrypto_block_luks_cipher_size_map_twofish },
};
-
-/*
- * This struct is written to disk in big-endian format,
- * but operated upon in native-endian format.
- */
-struct QCryptoBlockLUKSKeySlot {
- /* state of keyslot, enabled/disable */
- uint32_t active;
- /* iterations for PBKDF2 */
- uint32_t iterations;
- /* salt for PBKDF2 */
- uint8_t salt[QCRYPTO_BLOCK_LUKS_SALT_LEN];
- /* start sector of key material */
- uint32_t key_offset_sector;
- /* number of anti-forensic stripes */
- uint32_t stripes;
-};
-
QEMU_BUILD_BUG_ON(sizeof(struct QCryptoBlockLUKSKeySlot) != 48);
-
-
-/*
- * This struct is written to disk in big-endian format,
- * but operated upon in native-endian format.
- */
-struct QCryptoBlockLUKSHeader {
- /* 'L', 'U', 'K', 'S', '0xBA', '0xBE' */
- char magic[QCRYPTO_BLOCK_LUKS_MAGIC_LEN];
-
- /* LUKS version, currently 1 */
- uint16_t version;
-
- /* cipher name specification (aes, etc) */
- char cipher_name[QCRYPTO_BLOCK_LUKS_CIPHER_NAME_LEN];
-
- /* cipher mode specification (cbc-plain, xts-essiv:sha256, etc) */
- char cipher_mode[QCRYPTO_BLOCK_LUKS_CIPHER_MODE_LEN];
-
- /* hash specification (sha256, etc) */
- char hash_spec[QCRYPTO_BLOCK_LUKS_HASH_SPEC_LEN];
-
- /* start offset of the volume data (in 512 byte sectors) */
- uint32_t payload_offset_sector;
-
- /* Number of key bytes */
- uint32_t master_key_len;
-
- /* master key checksum after PBKDF2 */
- uint8_t master_key_digest[QCRYPTO_BLOCK_LUKS_DIGEST_LEN];
-
- /* salt for master key PBKDF2 */
- uint8_t master_key_salt[QCRYPTO_BLOCK_LUKS_SALT_LEN];
-
- /* iterations for master key PBKDF2 */
- uint32_t master_key_iterations;
-
- /* UUID of the partition in standard ASCII representation */
- uint8_t uuid[QCRYPTO_BLOCK_LUKS_UUID_LEN];
-
- /* key slots */
- QCryptoBlockLUKSKeySlot key_slots[QCRYPTO_BLOCK_LUKS_NUM_KEY_SLOTS];
-};
-
QEMU_BUILD_BUG_ON(sizeof(struct QCryptoBlockLUKSHeader) != 592);
generated by cgit v1.1 at 2024-11-17 03:33:03 +0000