From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:41698) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aMAkN-0007MR-Si for qemu-devel@nongnu.org; Thu, 21 Jan 2016 03:37:40 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aMAkM-00060F-PQ for qemu-devel@nongnu.org; Thu, 21 Jan 2016 03:37:39 -0500 Date: Thu, 21 Jan 2016 16:37:28 +0800 From: Fam Zheng Message-ID: <20160121083728.GG31960@ad.usersys.redhat.com> References: <1453311539-1193-1-git-send-email-berrange@redhat.com> <1453311539-1193-6-git-send-email-berrange@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1453311539-1193-6-git-send-email-berrange@redhat.com> Subject: Re: [Qemu-devel] [PATCH v2 05/17] crypto: add support for anti-forensic split algorithm List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" Cc: Kevin Wolf , qemu-devel@nongnu.org, qemu-block@nongnu.org On Wed, 01/20 17:38, Daniel P. Berrange wrote: > diff --git a/crypto/afsplit.c b/crypto/afsplit.c > new file mode 100644 > index 0000000..42529e7 > --- /dev/null > +++ b/crypto/afsplit.c > @@ -0,0 +1,162 @@ > +/* > + * QEMU Crypto anti forensic information splitter > + * > + * Copyright (c) 2015-2016 Red Hat, Inc. > + * > + * Derived from cryptsetup package lib/lusk1/af.c s/lusk1/luks1/ > + * > + * Copyright (C) 2004, Clemens Fruhwirth > + * Copyright (C) 2009-2012, Red Hat, Inc. All rights reserved. > + * > + * This library is free software; you can redistribute it and/or > + * modify it under the terms of the GNU General Public License > + * as published by the Free Software Foundation; either version 2 > + * of the License, or (at your option) any later version. > + * > + * This library is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + * Lesser General Public License for more details. > + * > + * You should have received a copy of the GNU Lesser General Public > + * License along with this library; if not, see . > + * > + */ > + > + > +/** > + * qcrypto_afsplit_encode: > + * @hash: the hash algorithm to use for data expansion > + * @blocklen: the size of @in in bytes > + * @stripes: the number of times to expand @in in size > + * @in: the master key to be expanded in size > + * @out: preallocted buffer to hold the split key > + * @errp: pointer to a NULL-initialized error object > + * > + * Split the data in @in, which is @blocklen bytes in > + * size, to form a larger piece of data @out, which is > + * @blocklen * @stripes bytes in size. > + * > + * Returns: 0 on success, -1 on error; > + */ > +int qcrypto_afsplit_encode(QCryptoHashAlgorithm hash, > + size_t blocklen, > + uint32_t stripes, > + const uint8_t *in, > + uint8_t *out, > + Error **errp); > + > +/** > + * qcrypto_afsplit_decode: > + * @hash: the hash algorithm to use for data compression > + * @blocklen: the size of @out in bytes > + * @stripes: the number of times to decrease @in in size > + * @in: the master key to be expanded in size > + * @out: preallocted buffer to hold the split key I think the descriptions for @in and @out are wrong. > + * @errp: pointer to a NULL-initialized error object > + * > + * Join the data in @in, which is @blocklen * @stripes > + * bytes in size, to form the original small piece o piece of > + * data @out, which is @blocklen bytes in size. > + * > + * Returns: 0 on success, -1 on error; > + */ > +int qcrypto_afsplit_decode(QCryptoHashAlgorithm hash, > + size_t blocklen, > + uint32_t stripes, > + const uint8_t *in, > + uint8_t *out, > + Error **errp); > + > +#endif /* QCRYPTO_AFSPLIT_H__ */ Fam