2
* GRUB -- GRand Unified Bootloader
3
* Copyright (C) 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2006
4
* 2007, 2008, 2009 Free Software Foundation, Inc.
6
* GRUB is free software: you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation, either version 3 of the License, or
9
* (at your option) any later version.
11
* GRUB is distributed in the hope that it will be useful,
12
* but WITHOUT ANY WARRANTY; without even the implied warranty of
13
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14
* GNU General Public License for more details.
16
* You should have received a copy of the GNU General Public License
17
* along with GRUB. If not, see <http://www.gnu.org/licenses/>.
20
/* Contains elements based on gcrypt-module.h and gcrypt.h.in.
21
If it's changed please update this file. */
23
#ifndef GRUB_CRYPTO_HEADER
24
#define GRUB_CRYPTO_HEADER 1
26
#include <grub/symbol.h>
27
#include <grub/types.h>
35
GPG_ERR_BAD_SIGNATURE,
38
GPG_ERR_DECRYPT_FAILED,
43
GPG_ERR_INV_CIPHER_MODE,
50
GPG_ERR_MISSING_VALUE,
51
GPG_ERR_NO_ENCRYPTION_SCHEME,
54
GPG_ERR_NO_SIGNATURE_SCHEME,
56
GPG_ERR_NOT_IMPLEMENTED,
57
GPG_ERR_NOT_SUPPORTED,
60
GPG_ERR_SELFTEST_FAILED,
64
GPG_ERR_WRONG_KEY_USAGE,
65
GPG_ERR_WRONG_PUBKEY_ALGO,
68
#define gpg_err_code_t gcry_err_code_t
69
#define gpg_error_t gcry_err_code_t
71
enum gcry_cipher_modes
73
GCRY_CIPHER_MODE_NONE = 0, /* Not yet specified. */
74
GCRY_CIPHER_MODE_ECB = 1, /* Electronic codebook. */
75
GCRY_CIPHER_MODE_CFB = 2, /* Cipher feedback. */
76
GCRY_CIPHER_MODE_CBC = 3, /* Cipher block chaining. */
77
GCRY_CIPHER_MODE_STREAM = 4, /* Used with stream ciphers. */
78
GCRY_CIPHER_MODE_OFB = 5, /* Outer feedback. */
79
GCRY_CIPHER_MODE_CTR = 6 /* Counter. */
82
/* Type for the cipher_setkey function. */
83
typedef gcry_err_code_t (*gcry_cipher_setkey_t) (void *c,
84
const unsigned char *key,
87
/* Type for the cipher_encrypt function. */
88
typedef void (*gcry_cipher_encrypt_t) (void *c,
89
unsigned char *outbuf,
90
const unsigned char *inbuf);
92
/* Type for the cipher_decrypt function. */
93
typedef void (*gcry_cipher_decrypt_t) (void *c,
94
unsigned char *outbuf,
95
const unsigned char *inbuf);
97
/* Type for the cipher_stencrypt function. */
98
typedef void (*gcry_cipher_stencrypt_t) (void *c,
99
unsigned char *outbuf,
100
const unsigned char *inbuf,
103
/* Type for the cipher_stdecrypt function. */
104
typedef void (*gcry_cipher_stdecrypt_t) (void *c,
105
unsigned char *outbuf,
106
const unsigned char *inbuf,
109
typedef struct gcry_cipher_oid_spec
113
} gcry_cipher_oid_spec_t;
115
/* Module specification structure for ciphers. */
116
typedef struct gcry_cipher_spec
119
const char **aliases;
120
gcry_cipher_oid_spec_t *oids;
121
grub_size_t blocksize;
123
grub_size_t contextsize;
124
gcry_cipher_setkey_t setkey;
125
gcry_cipher_encrypt_t encrypt;
126
gcry_cipher_decrypt_t decrypt;
127
gcry_cipher_stencrypt_t stencrypt;
128
gcry_cipher_stdecrypt_t stdecrypt;
129
struct gcry_cipher_spec *next;
130
} gcry_cipher_spec_t;
132
/* Type for the md_init function. */
133
typedef void (*gcry_md_init_t) (void *c);
135
/* Type for the md_write function. */
136
typedef void (*gcry_md_write_t) (void *c, const void *buf, grub_size_t nbytes);
138
/* Type for the md_final function. */
139
typedef void (*gcry_md_final_t) (void *c);
141
/* Type for the md_read function. */
142
typedef unsigned char *(*gcry_md_read_t) (void *c);
144
typedef struct gcry_md_oid_spec
146
const char *oidstring;
147
} gcry_md_oid_spec_t;
149
/* Module specification structure for message digests. */
150
typedef struct gcry_md_spec
153
unsigned char *asnoid;
155
gcry_md_oid_spec_t *oids;
158
gcry_md_write_t write;
159
gcry_md_final_t final;
161
grub_size_t contextsize; /* allocate this amount of context */
162
/* Block size, needed for HMAC. */
163
grub_size_t blocksize;
164
struct gcry_md_spec *next;
167
struct grub_crypto_cipher_handle
169
const struct gcry_cipher_spec *cipher;
173
typedef struct grub_crypto_cipher_handle *grub_crypto_cipher_handle_t;
175
struct grub_crypto_hmac_handle;
177
const gcry_cipher_spec_t *
178
grub_crypto_lookup_cipher_by_name (const char *name);
180
grub_crypto_cipher_handle_t
181
grub_crypto_cipher_open (const struct gcry_cipher_spec *cipher);
184
grub_crypto_cipher_set_key (grub_crypto_cipher_handle_t cipher,
185
const unsigned char *key,
189
grub_crypto_cipher_close (grub_crypto_cipher_handle_t cipher);
192
grub_crypto_xor (void *out, const void *in1, const void *in2, grub_size_t size);
195
grub_crypto_ecb_decrypt (grub_crypto_cipher_handle_t cipher,
196
void *out, void *in, grub_size_t size);
199
grub_crypto_ecb_encrypt (grub_crypto_cipher_handle_t cipher,
200
void *out, void *in, grub_size_t size);
202
grub_crypto_cbc_encrypt (grub_crypto_cipher_handle_t cipher,
203
void *out, void *in, grub_size_t size,
206
grub_crypto_cbc_decrypt (grub_crypto_cipher_handle_t cipher,
207
void *out, void *in, grub_size_t size,
210
grub_cipher_register (gcry_cipher_spec_t *cipher);
212
grub_cipher_unregister (gcry_cipher_spec_t *cipher);
214
grub_md_register (gcry_md_spec_t *digest);
216
grub_md_unregister (gcry_md_spec_t *cipher);
218
grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
220
const gcry_md_spec_t *
221
grub_crypto_lookup_md_by_name (const char *name);
224
grub_crypto_gcry_error (gcry_err_code_t in);
226
void grub_burn_stack (grub_size_t size);
228
struct grub_crypto_hmac_handle *
229
grub_crypto_hmac_init (const struct gcry_md_spec *md,
230
const void *key, grub_size_t keylen);
232
grub_crypto_hmac_write (struct grub_crypto_hmac_handle *hnd, void *data,
233
grub_size_t datalen);
235
grub_crypto_hmac_fini (struct grub_crypto_hmac_handle *hnd, void *out);
238
grub_crypto_hmac_buffer (const struct gcry_md_spec *md,
239
const void *key, grub_size_t keylen,
240
void *data, grub_size_t datalen, void *out);
242
extern gcry_md_spec_t _gcry_digest_spec_md5;
243
extern gcry_md_spec_t _gcry_digest_spec_sha1;
244
extern gcry_md_spec_t _gcry_digest_spec_sha256;
245
extern gcry_md_spec_t _gcry_digest_spec_sha512;
246
#define GRUB_MD_MD5 ((const gcry_md_spec_t *) &_gcry_digest_spec_md5)
247
#define GRUB_MD_SHA1 ((const gcry_md_spec_t *) &_gcry_digest_spec_sha1)
248
#define GRUB_MD_SHA256 ((const gcry_md_spec_t *) &_gcry_digest_spec_sha256)
249
#define GRUB_MD_SHA512 ((const gcry_md_spec_t *) &_gcry_digest_spec_sha512)
251
/* Implement PKCS#5 PBKDF2 as per RFC 2898. The PRF to use is HMAC variant
252
of digest supplied by MD. Inputs are the password P of length PLEN,
253
the salt S of length SLEN, the iteration counter C (> 0), and the
254
desired derived output length DKLEN. Output buffer is DK which
255
must have room for at least DKLEN octets. The output buffer will
256
be filled with the derived data. */
258
grub_crypto_pbkdf2 (const struct gcry_md_spec *md,
259
const grub_uint8_t *P, grub_size_t Plen,
260
const grub_uint8_t *S, grub_size_t Slen,
262
grub_uint8_t *DK, grub_size_t dkLen);
265
grub_crypto_memcmp (const void *a, const void *b, grub_size_t n);
268
grub_password_get (char buf[], unsigned buf_size);
270
/* For indistinguishibility. */
271
#define GRUB_ACCESS_DENIED grub_error (GRUB_ERR_ACCESS_DENIED, "Access denied.")
273
extern void (*grub_crypto_autoload_hook) (const char *name);