[swtpm.git] / src / swtpm / key.c

/*
 * key.c -- Common key handling code for swtpm and swtpm_cuse
 *
 * (c) Copyright IBM Corporation 2014, 2015.
 *
 * Author: Stefan Berger <stefanb@us.ibm.com>
 *
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are
 * met:
 *
 * Redistributions of source code must retain the above copyright notice,
 * this list of conditions and the following disclaimer.
 *
 * Redistributions in binary form must reproduce the above copyright
 * notice, this list of conditions and the following disclaimer in the
 * documentation and/or other materials provided with the distribution.
 *
 * Neither the names of the IBM Corporation nor the names of its
 * contributors may be used to endorse or promote products derived from
 * this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

#include "config.h"

#include <openssl/sha.h>
#include <openssl/evp.h>

#include <ctype.h>
#include <errno.h>
#include <fcntl.h>
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/types.h>

#include "key.h"
#include "logging.h"

/*
 * key_format_from_string:
 * Convert the string into a key format identifier
 * @format: either 'hex' or 'binary'
 *
 * Returns a key format identifier
 */
enum key_format
key_format_from_string(const char *format)
{
    if (!strcmp(format, "hex")) {
        return KEY_FORMAT_HEX;
    } else if (!strcmp(format, "binary")) {
        return KEY_FORMAT_BINARY;
    }
    logprintf(STDERR_FILENO, "Unknown key format '%s'.\n", format);

    return KEY_FORMAT_UNKNOWN;
}

/*
 * encryption_mode_from_string:
 * Convert the string into a encryption mode identifier
 * @mode: string describing encryption mode
 * @keylen: the length of the key in bytes
 *
 * Returns an encryption mode identifier
 */
enum encryption_mode
encryption_mode_from_string(const char *mode, size_t *keylen)
{
    if (!strcmp(mode, "aes-cbc") || !strcmp(mode, "aes-128-cbc")) {
        *keylen = 128/8;
        return ENCRYPTION_MODE_AES_CBC;
    } else if (!strcmp(mode, "aes-256-cbc")) {
        *keylen = 256/8;
        return ENCRYPTION_MODE_AES_CBC;
    }

    return ENCRYPTION_MODE_UNKNOWN;
}

/*
 * kdf_identifier_from_string:
 * Convert the string in a kdf identifier
 * @mode: string describing the kdf
 *
 * Return a kdf identifier
 */
enum kdf_identifier
kdf_identifier_from_string(const char *kdf)
{
    if (!strcmp(kdf, "sha512")) {
        return KDF_IDENTIFIER_SHA512;
    } else if (!strcmp(kdf, "pbkdf2")) {
        return KDF_IDENTIFIER_PBKDF2;
    }

    return KDF_IDENTIFIER_UNKNOWN;
}

/*
 * key_stream_to_bin
 * Convert a stream of ASCII hex digits into a key; convert a maximum of
 * bin_size bytes;
 *
 * @input: input data holding hex digits
 * @bin: output field of bin_size
 * @bin_size: max. number of bytes to convert
 *
 * Returns the number of digits that were converted.
 */
static ssize_t
key_stream_to_bin(const char *input, unsigned char *bin, size_t bin_size)
{
    ssize_t digits = 0;
    int n, num;

    while (input[digits] &&
           !isspace(input[digits]) &&
           bin_size > (size_t)digits / 2) {
        num = sscanf(&input[digits], "%2hhx%n", &bin[digits/2], &n);
        if (num != 1 || n != 2)
            return -1;
        digits += 2;
    }

    if (input[digits] && !isspace(input[digits]))
        return -1;

    return (digits != 0) ? digits : -1;
}

/*
 * key_parse_as_hexkey:
 * Parse the raw key data as a key in ASCII hex format; they key may
 * have a leading '0x'.
 * @rawkey: ASCII data for a hex key with possible leading '0x'
 * @key: buffer for key
 * @keylen: actual key len returned by this function
 * @maxkeylen: the max. size of the key; this is equivalent to the size of
 *             the key buffer
 * Returns 0 on success, -1 on failure
 */
static int
key_parse_as_hexkey(const char *rawkey,
                    unsigned char *key, size_t *keylen, size_t maxkeylen)
{
    ssize_t digits;
    off_t offset = 0;

    if (!strncmp(rawkey, "0x", 2))
        offset = 2;

    digits = key_stream_to_bin(&rawkey[offset], key, maxkeylen);
    if (digits < 0) {
        logprintf(STDERR_FILENO,
                  "Could not parse key hex string into %zu byte buffer.\n",
                  maxkeylen);
        return -1;
    } else if (digits == 128/4) {
        *keylen = 128/8;
    } else if (digits == 256/4) {
        *keylen = 256/8;
    } else {
        logprintf(STDERR_FILENO,
                  "Unsupported key length with %zu digits.\n",
                  digits);
        return -1;
    }
    if (*keylen < maxkeylen) {
        logprintf(STDERR_FILENO,
                  "The provided key is too short. Got %zu bytes, need %zu.\n",
                  *keylen, maxkeylen);
        return -1;
    }

    return 0;
}

/*
 * key_load_key_fd:
 * Load the raw key data from a file and convert it to a key.
 * @fd: file descriptor to read raw key data from
 * @keyformat: the format the raw key data are in; may either indicate
 *             binary data or hex string
 * @key: the buffer for holding the converted key
 * @keylen: the actual key len of the converted key returned by this
 *          function
 * @maxkeylen: the max. size of the key; corresponds to the size of the
 *             key buffer
 */
int
key_load_key_fd(int fd, enum key_format keyformat,
                unsigned char *key, size_t *keylen, size_t maxkeylen)
{
    int ret = -1;
    char filebuffer[2 + 256/4 + 1 + 1];
    ssize_t len;

    len = read(fd, filebuffer, sizeof(filebuffer) - 1);
    if (len < 0) {
        logprintf(STDERR_FILENO, "Unable to read key: %s\n",
                  strerror(errno));
        return -1;
    }
    filebuffer[len] = 0;

    switch (keyformat) {
    case KEY_FORMAT_BINARY:
        *keylen = len;
        if (maxkeylen < (size_t)len) {
            logprintf(STDERR_FILENO,
                      "Key is larger than buffer (%zu > %zu).\n",
                      len, maxkeylen);
            return -1;
        }
        memcpy(key, filebuffer, len);
        ret = 0;
        break;
    case KEY_FORMAT_HEX:
        if (key_parse_as_hexkey(filebuffer, key, keylen, maxkeylen) < 0)
            return -1;
        ret = 0;
        break;
    case KEY_FORMAT_UNKNOWN:
        break;
    }

    return ret;
}
/*
 * key_load_key:
 * Load the raw key data from a file and convert it to a key.
 * @filename: file holding the raw key data
 * @keyformat: the format the raw key data are in; may either indicate
 *             binary data or hex string
 * @key: the buffer for holding the converted key
 * @keylen: the actual key len of the converted key returned by this
 *          function
 * @maxkeylen: the max. size of the key; corresponds to the size of the
 *             key buffer
 */
int
key_load_key(const char *filename, enum key_format keyformat,
             unsigned char *key, size_t *keylen, size_t maxkeylen)
{
    int ret;
    int fd;

    fd = open(filename, O_RDONLY);
    if (fd < 0) {
        logprintf(STDERR_FILENO, "Unable to open file %s: %s\n",
                  filename, strerror(errno));
        return -1;
    }
    ret = key_load_key_fd(fd, keyformat, key, keylen, maxkeylen);

    close(fd);

    return ret;
}

/*
 * key_from_pwdfile:
 * Read the password from the given file descriptor, convert the password into
 * a key by applying a KDF on the password and use the first bytes
 * of the hash as the key.
 * @fd: file descriptor to read password from
 * @key: the buffer for holding the key
 * @keylen: the actual key len of the converted key returned by this
 *          function
 * @maxkeylen: the max. size of the key; corresponds to the size of the
 *             key buffer
 * @kdfid: the kdf to invoke to create the key
 */
int
key_from_pwdfile_fd(int fd, unsigned char *key, size_t *keylen,
                    size_t maxkeylen, enum kdf_identifier kdfid)
{
    unsigned char *filebuffer = NULL;
    size_t filelen = 1024;
    off_t offset = 0;
    ssize_t len;
    unsigned char hashbuf[SHA512_DIGEST_LENGTH];
    int ret = -1;
    const unsigned char salt[] = {'s','w','t','p','m'};

    if (maxkeylen > sizeof(hashbuf)) {
        logprintf(STDERR_FILENO,
                  "Request keylength is too big (%zu > %zu)\n",
                  maxkeylen, sizeof(hashbuf));
        return -1;
    }

    while (true) {
        filebuffer = realloc(filebuffer, filelen);
        if (!filebuffer) {
            logprintf(STDERR_FILENO,
                      "Could not allocate %zu bytes for filebuffer\n",
                      filelen);
            goto exit;
        }

        len = read(fd, &filebuffer[offset], filelen - offset);
        if (len < 0) {
            logprintf(STDERR_FILENO,
                      "Unable to read passphrase: %s\n",
                      strerror(errno));
            goto exit;
        }
        /* EOF ? */
        if ((size_t)len < filelen - offset) {
            len += offset;
            break;
        }
        /* expecting more bytes */
        offset += len;
        filelen += 1024;
    }

    *keylen = maxkeylen;

    switch (kdfid) {
    case KDF_IDENTIFIER_SHA512:
        if (sizeof(hashbuf) < *keylen) {
            logprintf(STDERR_FILENO,
                      "Requested %zu bytes for key, only got %zu.\n",
                      *keylen, sizeof(hashbuf));
            goto exit;
        }
        SHA512(filebuffer, len, hashbuf);
        memcpy(key, hashbuf, *keylen);
        break;
    case KDF_IDENTIFIER_PBKDF2:
        if (PKCS5_PBKDF2_HMAC((const char *)filebuffer, len,
                              salt, sizeof(salt), 1000,
                              EVP_sha512(), *keylen, key) != 1) {
            logprintf(STDERR_FILENO,
                      "PKCS5_PBKDF2_HMAC with SHA512 failed\n");
            goto exit;
        }
        break;
    case KDF_IDENTIFIER_UNKNOWN:
        logprintf(STDERR_FILENO,
                  "Unknown KDF\n");
        goto exit;
    }

    ret = 0;

exit:

    free(filebuffer);

    return ret;
}

/*
 * key_from_pwdfile:
 * Read the password from the given file, convert the password into
 * a key by applying a KDF on the password and use the first bytes
 * of the hash as the key.
 * @filename: name of the file holding the password
 * @key: the buffer for holding the key
 * @keylen: the actual key len of the converted key returned by this
 *          function
 * @maxkeylen: the max. size of the key; corresponds to the size of the
 *             key buffer
 * @kdfid: the kdf to invoke to create the key
 */
int
key_from_pwdfile(const char *filename, unsigned char *key, size_t *keylen,
                 size_t maxkeylen, enum kdf_identifier kdfid)
{
    int ret;
    int fd;

    fd = open(filename, O_RDONLY);
    if (fd < 0) {
        logprintf(STDERR_FILENO,
                  "Unable to open file %s : %s\n",
                  filename, strerror(errno));
        return -1;
    }

    ret = key_from_pwdfile_fd(fd, key, keylen, maxkeylen, kdfid);

    close(fd);

    return ret;
}
Commit	Line	Data
f163b202 SB	1	/*
	2	* key.c -- Common key handling code for swtpm and swtpm_cuse
	3	*
ad976d1a	4	* (c) Copyright IBM Corporation 2014, 2015.
f163b202 SB	5	*
	6	* Author: Stefan Berger <stefanb@us.ibm.com>
	7	*
	8	* All rights reserved.
	9	*
	10	* Redistribution and use in source and binary forms, with or without
	11	* modification, are permitted provided that the following conditions are
	12	* met:
	13	*
	14	* Redistributions of source code must retain the above copyright notice,
	15	* this list of conditions and the following disclaimer.
	16	*
	17	* Redistributions in binary form must reproduce the above copyright
	18	* notice, this list of conditions and the following disclaimer in the
	19	* documentation and/or other materials provided with the distribution.
	20	*
	21	* Neither the names of the IBM Corporation nor the names of its
	22	* contributors may be used to endorse or promote products derived from
	23	* this software without specific prior written permission.
	24	*
	25	* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
	26	* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
	27	* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
	28	* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
	29	* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	30	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
	31	* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
	32	* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
	33	* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
	34	* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
	35	* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
	36	*/
	37
	38	#include "config.h"
	39
7849b6c6	40	#include <openssl/sha.h>
a39f098f	41	#include <openssl/evp.h>
f163b202 SB	42
	43	#include <ctype.h>
	44	#include <errno.h>
	45	#include <fcntl.h>
	46	#include <string.h>
	47	#include <stdio.h>
a39f098f	48	#include <stdlib.h>
f163b202 SB	49	#include <unistd.h>
f163b202 SB	50	#include <sys/types.h>
f163b202 SB	51
f163b202 SB	52	#include "key.h"
cba81569	53	#include "logging.h"
f163b202	54
58548ac6 SB	55	/*
	56	* key_format_from_string:
	57	* Convert the string into a key format identifier
	58	* @format: either 'hex' or 'binary'
	59	*
	60	* Returns a key format identifier
	61	*/
f163b202 SB	62	enum key_format
	63	key_format_from_string(const char *format)
	64	{
	65	if (!strcmp(format, "hex")) {
	66	return KEY_FORMAT_HEX;
	67	} else if (!strcmp(format, "binary")) {
	68	return KEY_FORMAT_BINARY;
	69	}
cba81569	70	logprintf(STDERR_FILENO, "Unknown key format '%s'.\n", format);
f163b202 SB	71
	72	return KEY_FORMAT_UNKNOWN;
	73	}
	74
58548ac6 SB	75	/*
	76	* encryption_mode_from_string:
	77	* Convert the string into a encryption mode identifier
	78	* @mode: string describing encryption mode
68a5b241	79	* @keylen: the length of the key in bytes
58548ac6 SB	80	*
	81	* Returns an encryption mode identifier
	82	*/
f163b202	83	enum encryption_mode
68a5b241	84	encryption_mode_from_string(const char mode, size_t keylen)
f163b202	85	{
68a5b241 SB	86	if (!strcmp(mode, "aes-cbc") \|\| !strcmp(mode, "aes-128-cbc")) {
	87	*keylen = 128/8;
	88	return ENCRYPTION_MODE_AES_CBC;
	89	} else if (!strcmp(mode, "aes-256-cbc")) {
	90	*keylen = 256/8;
f163b202 SB	91	return ENCRYPTION_MODE_AES_CBC;
	92	}
	93
	94	return ENCRYPTION_MODE_UNKNOWN;
	95	}
	96
a39f098f SB	97	/*
	98	* kdf_identifier_from_string:
	99	* Convert the string in a kdf identifier
	100	* @mode: string describing the kdf
	101	*
	102	* Return a kdf identifier
	103	*/
	104	enum kdf_identifier
	105	kdf_identifier_from_string(const char *kdf)
	106	{
	107	if (!strcmp(kdf, "sha512")) {
	108	return KDF_IDENTIFIER_SHA512;
	109	} else if (!strcmp(kdf, "pbkdf2")) {
	110	return KDF_IDENTIFIER_PBKDF2;
	111	}
	112
	113	return KDF_IDENTIFIER_UNKNOWN;
	114	}
	115
58548ac6 SB	116	/*
	117	* key_stream_to_bin
	118	* Convert a stream of ASCII hex digits into a key; convert a maximum of
	119	* bin_size bytes;
	120	*
	121	* @input: input data holding hex digits
	122	* @bin: output field of bin_size
	123	* @bin_size: max. number of bytes to convert
	124	*
	125	* Returns the number of digits that were converted.
	126	*/
f163b202 SB	127	static ssize_t
	128	key_stream_to_bin(const char input, unsigned char bin, size_t bin_size)
	129	{
	130	ssize_t digits = 0;
	131	int n, num;
	132
	133	while (input[digits] &&
	134	!isspace(input[digits]) &&
	135	bin_size > (size_t)digits / 2) {
	136	num = sscanf(&input[digits], "%2hhx%n", &bin[digits/2], &n);
	137	if (num != 1 \|\| n != 2)
	138	return -1;
	139	digits += 2;
	140	}
	141
	142	if (input[digits] && !isspace(input[digits]))
	143	return -1;
	144
	145	return (digits != 0) ? digits : -1;
	146	}
	147
58548ac6 SB	148	/*
	149	* key_parse_as_hexkey:
	150	* Parse the raw key data as a key in ASCII hex format; they key may
	151	* have a leading '0x'.
	152	* @rawkey: ASCII data for a hex key with possible leading '0x'
	153	* @key: buffer for key
	154	* @keylen: actual key len returned by this function
	155	* @maxkeylen: the max. size of the key; this is equivalent to the size of
	156	* the key buffer
	157	* Returns 0 on success, -1 on failure
	158	*/
f163b202 SB	159	static int
	160	key_parse_as_hexkey(const char *rawkey,
	161	unsigned char key, size_t keylen, size_t maxkeylen)
	162	{
	163	ssize_t digits;
	164	off_t offset = 0;
	165
	166	if (!strncmp(rawkey, "0x", 2))
	167	offset = 2;
	168
	169	digits = key_stream_to_bin(&rawkey[offset], key, maxkeylen);
	170	if (digits < 0) {
cba81569 SB	171	logprintf(STDERR_FILENO,
	172	"Could not parse key hex string into %zu byte buffer.\n",
	173	maxkeylen);
f163b202 SB	174	return -1;
	175	} else if (digits == 128/4) {
	176	*keylen = 128/8;
748df6ee SB	177	} else if (digits == 256/4) {
748df6ee SB	178	*keylen = 256/8;
f163b202	179	} else {
cba81569 SB	180	logprintf(STDERR_FILENO,
	181	"Unsupported key length with %zu digits.\n",
	182	digits);
f163b202 SB	183	return -1;
f163b202 SB	184	}
748df6ee SB	185	if (*keylen < maxkeylen) {
	186	logprintf(STDERR_FILENO,
	187	"The provided key is too short. Got %zu bytes, need %zu.\n",
	188	*keylen, maxkeylen);
	189	return -1;
	190	}
f163b202 SB	191
	192	return 0;
	193	}
	194
58548ac6	195	/*
f4be1e86	196	* key_load_key_fd:
58548ac6	197	* Load the raw key data from a file and convert it to a key.
f4be1e86	198	* @fd: file descriptor to read raw key data from
58548ac6 SB	199	* @keyformat: the format the raw key data are in; may either indicate
	200	* binary data or hex string
	201	* @key: the buffer for holding the converted key
	202	* @keylen: the actual key len of the converted key returned by this
	203	* function
	204	* @maxkeylen: the max. size of the key; corresponds to the size of the
	205	* key buffer
	206	*/
f163b202	207	int
f4be1e86 SB	208	key_load_key_fd(int fd, enum key_format keyformat,
f4be1e86 SB	209	unsigned char key, size_t keylen, size_t maxkeylen)
f163b202 SB	210	{
f163b202 SB	211	int ret = -1;
748df6ee	212	char filebuffer[2 + 256/4 + 1 + 1];
da521f04	213	ssize_t len;
f163b202	214
f163b202	215	len = read(fd, filebuffer, sizeof(filebuffer) - 1);
f163b202	216	if (len < 0) {
cba81569 SB	217	logprintf(STDERR_FILENO, "Unable to read key: %s\n",
cba81569 SB	218	strerror(errno));
f163b202 SB	219	return -1;
	220	}
	221	filebuffer[len] = 0;
	222
	223	switch (keyformat) {
	224	case KEY_FORMAT_BINARY:
	225	*keylen = len;
da521f04	226	if (maxkeylen < (size_t)len) {
cba81569 SB	227	logprintf(STDERR_FILENO,
	228	"Key is larger than buffer (%zu > %zu).\n",
	229	len, maxkeylen);
f163b202 SB	230	return -1;
	231	}
	232	memcpy(key, filebuffer, len);
	233	ret = 0;
	234	break;
	235	case KEY_FORMAT_HEX:
	236	if (key_parse_as_hexkey(filebuffer, key, keylen, maxkeylen) < 0)
	237	return -1;
	238	ret = 0;
	239	break;
	240	case KEY_FORMAT_UNKNOWN:
	241	break;
	242	}
	243
	244	return ret;
	245	}
f4be1e86 SB	246	/*
	247	* key_load_key:
	248	* Load the raw key data from a file and convert it to a key.
	249	* @filename: file holding the raw key data
	250	* @keyformat: the format the raw key data are in; may either indicate
	251	* binary data or hex string
	252	* @key: the buffer for holding the converted key
	253	* @keylen: the actual key len of the converted key returned by this
	254	* function
	255	* @maxkeylen: the max. size of the key; corresponds to the size of the
	256	* key buffer
	257	*/
	258	int
	259	key_load_key(const char *filename, enum key_format keyformat,
	260	unsigned char key, size_t keylen, size_t maxkeylen)
	261	{
	262	int ret;
	263	int fd;
	264
	265	fd = open(filename, O_RDONLY);
	266	if (fd < 0) {
	267	logprintf(STDERR_FILENO, "Unable to open file %s: %s\n",
	268	filename, strerror(errno));
	269	return -1;
	270	}
	271	ret = key_load_key_fd(fd, keyformat, key, keylen, maxkeylen);
	272
	273	close(fd);
	274
	275	return ret;
	276	}
f163b202	277
58548ac6 SB	278	/*
58548ac6 SB	279	* key_from_pwdfile:
a947bebd SB	280	* Read the password from the given file descriptor, convert the password into
a947bebd SB	281	* a key by applying a KDF on the password and use the first bytes
58548ac6	282	* of the hash as the key.
a947bebd	283	* @fd: file descriptor to read password from
58548ac6	284	* @key: the buffer for holding the key
58548ac6 SB	285	* @keylen: the actual key len of the converted key returned by this
	286	* function
	287	* @maxkeylen: the max. size of the key; corresponds to the size of the
	288	* key buffer
a39f098f	289	* @kdfid: the kdf to invoke to create the key
58548ac6	290	*/
f163b202	291	int
a947bebd SB	292	key_from_pwdfile_fd(int fd, unsigned char key, size_t keylen,
a947bebd SB	293	size_t maxkeylen, enum kdf_identifier kdfid)
f163b202	294	{
a39f098f	295	unsigned char *filebuffer = NULL;
e7fb07e8 SB	296	size_t filelen = 1024;
e7fb07e8 SB	297	off_t offset = 0;
0268ef45	298	ssize_t len;
3bbdd7bc	299	unsigned char hashbuf[SHA512_DIGEST_LENGTH];
a39f098f SB	300	int ret = -1;
a39f098f SB	301	const unsigned char salt[] = {'s','w','t','p','m'};
f163b202 SB	302
f163b202 SB	303	if (maxkeylen > sizeof(hashbuf)) {
cba81569 SB	304	logprintf(STDERR_FILENO,
	305	"Request keylength is too big (%zu > %zu)\n",
	306	maxkeylen, sizeof(hashbuf));
f163b202 SB	307	return -1;
	308	}
	309
e7fb07e8 SB	310	while (true) {
	311	filebuffer = realloc(filebuffer, filelen);
	312	if (!filebuffer) {
	313	logprintf(STDERR_FILENO,
	314	"Could not allocate %zu bytes for filebuffer\n",
	315	filelen);
	316	goto exit;
	317	}
a39f098f	318
e7fb07e8 SB	319	len = read(fd, &filebuffer[offset], filelen - offset);
	320	if (len < 0) {
	321	logprintf(STDERR_FILENO,
	322	"Unable to read passphrase: %s\n",
	323	strerror(errno));
	324	goto exit;
	325	}
	326	/* EOF ? */
	327	if ((size_t)len < filelen - offset) {
	328	len += offset;
	329	break;
	330	}
	331	/* expecting more bytes */
	332	offset += len;
	333	filelen += 1024;
f163b202 SB	334	}
f163b202 SB	335
f163b202	336	*keylen = maxkeylen;
f163b202	337
a39f098f SB	338	switch (kdfid) {
a39f098f SB	339	case KDF_IDENTIFIER_SHA512:
748df6ee SB	340	if (sizeof(hashbuf) < *keylen) {
	341	logprintf(STDERR_FILENO,
	342	"Requested %zu bytes for key, only got %zu.\n",
	343	*keylen, sizeof(hashbuf));
a947bebd	344	goto exit;
748df6ee	345	}
63717f99	346	SHA512(filebuffer, len, hashbuf);
a39f098f SB	347	memcpy(key, hashbuf, *keylen);
	348	break;
	349	case KDF_IDENTIFIER_PBKDF2:
	350	if (PKCS5_PBKDF2_HMAC((const char *)filebuffer, len,
	351	salt, sizeof(salt), 1000,
	352	EVP_sha512(), *keylen, key) != 1) {
	353	logprintf(STDERR_FILENO,
	354	"PKCS5_PBKDF2_HMAC with SHA512 failed\n");
a947bebd	355	goto exit;
a39f098f SB	356	}
	357	break;
	358	case KDF_IDENTIFIER_UNKNOWN:
	359	logprintf(STDERR_FILENO,
	360	"Unknown KDF\n");
a947bebd	361	goto exit;
a39f098f SB	362	}
a39f098f SB	363
a947bebd	364	ret = 0;
a39f098f	365
a947bebd	366	exit:
a39f098f SB	367
	368	free(filebuffer);
	369
	370	return ret;
f163b202	371	}
a947bebd SB	372
	373	/*
	374	* key_from_pwdfile:
	375	* Read the password from the given file, convert the password into
	376	* a key by applying a KDF on the password and use the first bytes
	377	* of the hash as the key.
	378	* @filename: name of the file holding the password
	379	* @key: the buffer for holding the key
	380	* @keylen: the actual key len of the converted key returned by this
	381	* function
	382	* @maxkeylen: the max. size of the key; corresponds to the size of the
	383	* key buffer
	384	* @kdfid: the kdf to invoke to create the key
	385	*/
	386	int
	387	key_from_pwdfile(const char filename, unsigned char key, size_t *keylen,
	388	size_t maxkeylen, enum kdf_identifier kdfid)
	389	{
	390	int ret;
	391	int fd;
	392
	393	fd = open(filename, O_RDONLY);
	394	if (fd < 0) {
	395	logprintf(STDERR_FILENO,
	396	"Unable to open file %s : %s\n",
	397	filename, strerror(errno));
	398	return -1;
	399	}
	400
	401	ret = key_from_pwdfile_fd(fd, key, keylen, maxkeylen, kdfid);
	402
	403	close(fd);
	404
	405	return ret;
	406	}