2 * QEMU Crypto PBKDF support (Password-Based Key Derivation Function)
4 * Copyright (c) 2015-2016 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
22 #include "qapi/error.h"
23 #include "crypto/pbkdf.h"
26 bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
29 case QCRYPTO_HASH_ALG_MD5:
30 case QCRYPTO_HASH_ALG_SHA1:
31 case QCRYPTO_HASH_ALG_SHA256:
38 int qcrypto_pbkdf2(QCryptoHashAlgorithm hash,
39 const uint8_t *key, size_t nkey,
40 const uint8_t *salt, size_t nsalt,
41 unsigned int iterations,
42 uint8_t *out, size_t nout,
45 static const int hash_map[QCRYPTO_HASH_ALG__MAX] = {
46 [QCRYPTO_HASH_ALG_MD5] = GCRY_MD_MD5,
47 [QCRYPTO_HASH_ALG_SHA1] = GCRY_MD_SHA1,
48 [QCRYPTO_HASH_ALG_SHA256] = GCRY_MD_SHA256,
52 if (hash >= G_N_ELEMENTS(hash_map) ||
53 hash_map[hash] == GCRY_MD_NONE) {
54 error_setg(errp, "Unexpected hash algorithm %d", hash);
58 ret = gcry_kdf_derive(key, nkey, GCRY_KDF_PBKDF2,
60 salt, nsalt, iterations,
63 error_setg(errp, "Cannot derive password: %s",
Code Review / kvmfornfv.git / blob