include/grub/cryptodisk.h

2N/A/*
2N/A *  GRUB  --  GRand Unified Bootloader
2N/A *  Copyright (C) 2002,2003,2004,2005,2006,2007,2008,2009  Free Software Foundation, Inc.
2N/A *
2N/A *  GRUB is free software: you can redistribute it and/or modify
2N/A *  it under the terms of the GNU General Public License as published by
2N/A *  the Free Software Foundation, either version 3 of the License, or
2N/A *  (at your option) any later version.
2N/A *
2N/A *  GRUB is distributed in the hope that it will be useful,
2N/A *  but WITHOUT ANY WARRANTY; without even the implied warranty of
2N/A *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
2N/A *  GNU General Public License for more details.
2N/A *
2N/A *  You should have received a copy of the GNU General Public License
2N/A *  along with GRUB.  If not, see <http://www.gnu.org/licenses/>.
2N/A */
2N/A
2N/A#ifndef GRUB_CRYPTODISK_HEADER
2N/A#define GRUB_CRYPTODISK_HEADER  1
2N/A
2N/A#include <grub/disk.h>
2N/A#include <grub/crypto.h>
2N/A#include <grub/list.h>
2N/A
2N/Atypedef enum
2N/A  {
2N/A    GRUB_CRYPTODISK_MODE_ECB,
2N/A    GRUB_CRYPTODISK_MODE_CBC,
2N/A    GRUB_CRYPTODISK_MODE_PCBC,
2N/A    GRUB_CRYPTODISK_MODE_XTS,
2N/A    GRUB_CRYPTODISK_MODE_LRW
2N/A  } grub_cryptodisk_mode_t;
2N/A
2N/Atypedef enum
2N/A  {
2N/A    GRUB_CRYPTODISK_MODE_IV_NULL,
2N/A    GRUB_CRYPTODISK_MODE_IV_PLAIN,
2N/A    GRUB_CRYPTODISK_MODE_IV_PLAIN64,
2N/A    GRUB_CRYPTODISK_MODE_IV_ESSIV,
2N/A    GRUB_CRYPTODISK_MODE_IV_BENBI,
2N/A    GRUB_CRYPTODISK_MODE_IV_BYTECOUNT64,
2N/A    GRUB_CRYPTODISK_MODE_IV_BYTECOUNT64_HASH
2N/A  } grub_cryptodisk_mode_iv_t;
2N/A
2N/A#define GRUB_CRYPTODISK_MAX_UUID_LENGTH 71
2N/A
2N/A#define GRUB_CRYPTODISK_GF_LOG_SIZE 7
2N/A#define GRUB_CRYPTODISK_GF_SIZE (1U << GRUB_CRYPTODISK_GF_LOG_SIZE)
2N/A#define GRUB_CRYPTODISK_GF_LOG_BYTES (GRUB_CRYPTODISK_GF_LOG_SIZE - 3)
2N/A#define GRUB_CRYPTODISK_GF_BYTES (1U << GRUB_CRYPTODISK_GF_LOG_BYTES)
2N/A
2N/Astruct grub_cryptodisk;
2N/A
2N/Atypedef gcry_err_code_t
2N/A(*grub_cryptodisk_rekey_func_t) (struct grub_cryptodisk *dev,
2N/A                 grub_uint64_t zoneno);
2N/A
2N/Astruct grub_cryptodisk
2N/A{
2N/A  struct grub_cryptodisk *next;
2N/A
2N/A  char *source;
2N/A  grub_disk_addr_t offset;
2N/A  grub_disk_addr_t total_length;
2N/A  grub_disk_t source_disk;
2N/A  int ref;
2N/A  grub_crypto_cipher_handle_t cipher;
2N/A  grub_crypto_cipher_handle_t secondary_cipher;
2N/A  grub_crypto_cipher_handle_t essiv_cipher;
2N/A  const gcry_md_spec_t *essiv_hash, *hash, *iv_hash;
2N/A  grub_cryptodisk_mode_t mode;
2N/A  grub_cryptodisk_mode_iv_t mode_iv;
2N/A  int benbi_log;
2N/A  unsigned long id, source_id;
2N/A  enum grub_disk_dev_id source_dev_id;
2N/A  char uuid[GRUB_CRYPTODISK_MAX_UUID_LENGTH + 1];
2N/A  grub_uint8_t lrw_key[GRUB_CRYPTODISK_GF_BYTES];
2N/A  grub_uint8_t *lrw_precalc;
2N/A  grub_uint8_t iv_prefix[64];
2N/A  grub_size_t iv_prefix_len;
2N/A#ifdef GRUB_UTIL
2N/A  char *cheat;
2N/A  const char *modname;
2N/A  int cheat_fd;
2N/A#endif
2N/A  int log_sector_size;
2N/A  grub_cryptodisk_rekey_func_t rekey;
2N/A  int rekey_shift;
2N/A  grub_uint8_t rekey_key[64];
2N/A  grub_uint64_t last_rekey;
2N/A  int rekey_derived_size;
2N/A};
2N/Atypedef struct grub_cryptodisk *grub_cryptodisk_t;
2N/A
2N/Astruct grub_cryptodisk_dev
2N/A{
2N/A  struct grub_cryptodisk_dev *next;
2N/A
2N/A  grub_cryptodisk_t (*scan) (grub_disk_t disk, const char *check_uuid,
2N/A                 int boot_only);
2N/A  grub_err_t (*recover_key) (grub_disk_t disk, grub_cryptodisk_t dev);
2N/A};
2N/Atypedef struct grub_cryptodisk_dev *grub_cryptodisk_dev_t;
2N/A
2N/Aextern grub_cryptodisk_dev_t EXPORT_VAR (grub_cryptodisk_list);
2N/A
2N/A#ifndef GRUB_LST_GENERATOR
2N/Astatic inline void
2N/Agrub_cryptodisk_dev_register (grub_cryptodisk_dev_t cr)
2N/A{
2N/A  grub_list_push (GRUB_AS_LIST_P (&grub_cryptodisk_list), GRUB_AS_LIST (cr));
2N/A}
2N/A#endif
2N/A
2N/Astatic inline void
2N/Agrub_cryptodisk_dev_unregister (grub_cryptodisk_dev_t cr)
2N/A{
2N/A  grub_list_remove (GRUB_AS_LIST_P (&grub_cryptodisk_list), GRUB_AS_LIST (cr));
2N/A}
2N/A
2N/A#define FOR_CRYPTODISK_DEVS(var) FOR_LIST_ELEMENTS((var), (grub_cryptodisk_list))
2N/A
2N/Agcry_err_code_t
2N/Agrub_cryptodisk_setkey (grub_cryptodisk_t dev,
2N/A            grub_uint8_t *key, grub_size_t keysize);
2N/Agcry_err_code_t
2N/Agrub_cryptodisk_decrypt (struct grub_cryptodisk *dev,
2N/A             grub_uint8_t * data, grub_size_t len,
2N/A             grub_disk_addr_t sector);
2N/Agrub_err_t
2N/Agrub_cryptodisk_insert (grub_cryptodisk_t newdev, const char *name,
2N/A            grub_disk_t source);
2N/A#ifdef GRUB_UTIL
2N/Agrub_err_t
2N/Agrub_cryptodisk_cheat_insert (grub_cryptodisk_t newdev, const char *name,
2N/A                  grub_disk_t source, const char *cheat);
2N/Avoid
2N/Agrub_util_cryptodisk_print_abstraction (grub_disk_t disk);
2N/Achar *
2N/Agrub_util_get_geli_uuid (const char *dev);
2N/A#endif
2N/A
2N/Agrub_cryptodisk_t grub_cryptodisk_get_by_uuid (const char *uuid);
2N/Agrub_cryptodisk_t grub_cryptodisk_get_by_source_disk (grub_disk_t disk);
2N/A
2N/A#endif