diff options
author | RajithaY <rajithax.yerrumsetty@intel.com> | 2017-04-25 03:31:15 -0700 |
---|---|---|
committer | Rajitha Yerrumchetty <rajithax.yerrumsetty@intel.com> | 2017-05-22 06:48:08 +0000 |
commit | bb756eebdac6fd24e8919e2c43f7d2c8c4091f59 (patch) | |
tree | ca11e03542edf2d8f631efeca5e1626d211107e3 /qemu/include/crypto/afsplit.h | |
parent | a14b48d18a9ed03ec191cf16b162206998a895ce (diff) |
Adding qemu as a submodule of KVMFORNFV
This Patch includes the changes to add qemu as a submodule to
kvmfornfv repo and make use of the updated latest qemu for the
execution of all testcase
Change-Id: I1280af507a857675c7f81d30c95255635667bdd7
Signed-off-by:RajithaY<rajithax.yerrumsetty@intel.com>
Diffstat (limited to 'qemu/include/crypto/afsplit.h')
-rw-r--r-- | qemu/include/crypto/afsplit.h | 135 |
1 files changed, 0 insertions, 135 deletions
diff --git a/qemu/include/crypto/afsplit.h b/qemu/include/crypto/afsplit.h deleted file mode 100644 index 4cc4ca4b3..000000000 --- a/qemu/include/crypto/afsplit.h +++ /dev/null @@ -1,135 +0,0 @@ -/* - * QEMU Crypto anti forensic information splitter - * - * Copyright (c) 2015-2016 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU General Public License - * as published by the Free Software Foundation; either version 2 - * of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/>. - * - */ - -#ifndef QCRYPTO_AFSPLIT_H__ -#define QCRYPTO_AFSPLIT_H__ - -#include "crypto/hash.h" - -/** - * This module implements the anti-forensic splitter that is specified - * as part of the LUKS format: - * - * http://clemens.endorphin.org/cryptography - * http://clemens.endorphin.org/TKS1-draft.pdf - * - * The core idea is to take a short piece of data (key material) - * and process it to expand it to a much larger piece of data. - * The expansion process is reversible, to obtain the original - * short data. The key property of the expansion is that if any - * byte in the larger data set is changed / missing, it should be - * impossible to recreate the original short data. - * - * <example> - * <title>Creating a large split key for storage</title> - * <programlisting> - * size_t nkey = 32; - * uint32_t stripes = 32768; // To produce a 1 MB split key - * uint8_t *masterkey = ....a 32-byte AES key... - * uint8_t *splitkey; - * - * splitkey = g_new0(uint8_t, nkey * stripes); - * - * if (qcrypto_afsplit_encode(QCRYPTO_HASH_ALG_SHA256, - * nkey, stripes, - * masterkey, splitkey, errp) < 0) { - * g_free(splitkey); - * g_free(masterkey); - * return -1; - * } - * - * ...store splitkey somewhere... - * - * g_free(splitkey); - * g_free(masterkey); - * </programlisting> - * </example> - * - * <example> - * <title>Retrieving a master key from storage</title> - * <programlisting> - * size_t nkey = 32; - * uint32_t stripes = 32768; // To produce a 1 MB split key - * uint8_t *masterkey; - * uint8_t *splitkey = .... read in 1 MB of data... - * - * masterkey = g_new0(uint8_t, nkey); - * - * if (qcrypto_afsplit_decode(QCRYPTO_HASH_ALG_SHA256, - * nkey, stripes, - * splitkey, masterkey, errp) < 0) { - * g_free(splitkey); - * g_free(masterkey); - * return -1; - * } - * - * ..decrypt data with masterkey... - * - * g_free(splitkey); - * g_free(masterkey); - * </programlisting> - * </example> - */ - -/** - * qcrypto_afsplit_encode: - * @hash: the hash algorithm to use for data expansion - * @blocklen: the size of @in in bytes - * @stripes: the number of times to expand @in in size - * @in: the master key to be expanded in size - * @out: preallocated buffer to hold the split key - * @errp: pointer to a NULL-initialized error object - * - * Split the data in @in, which is @blocklen bytes in - * size, to form a larger piece of data @out, which is - * @blocklen * @stripes bytes in size. - * - * Returns: 0 on success, -1 on error; - */ -int qcrypto_afsplit_encode(QCryptoHashAlgorithm hash, - size_t blocklen, - uint32_t stripes, - const uint8_t *in, - uint8_t *out, - Error **errp); - -/** - * qcrypto_afsplit_decode: - * @hash: the hash algorithm to use for data compression - * @blocklen: the size of @out in bytes - * @stripes: the number of times to decrease @in in size - * @in: the split key to be recombined - * @out: preallocated buffer to hold the master key - * @errp: pointer to a NULL-initialized error object - * - * Join the data in @in, which is @blocklen * @stripes - * bytes in size, to form the original small piece of - * data @out, which is @blocklen bytes in size. - * - * Returns: 0 on success, -1 on error; - */ -int qcrypto_afsplit_decode(QCryptoHashAlgorithm hash, - size_t blocklen, - uint32_t stripes, - const uint8_t *in, - uint8_t *out, - Error **errp); - -#endif /* QCRYPTO_AFSPLIT_H__ */ |