summary refs log tree commit diff stats
diff options
context:
space:
mode:
authorPeter Maydell <peter.maydell@linaro.org>2017-01-06 15:18:09 +0000
committerPeter Maydell <peter.maydell@linaro.org>2017-01-06 15:18:09 +0000
commitffe22bf51065dd33022cf91f77a821d1f11c250d (patch)
tree4755562a749e76664c125bad81aeb19e4cbf9a84
parenta01b1e9a005d523ec6452ec7137885d11f8a30df (diff)
parent48ae36c0ad16bb757d4f6e243b8e9072fc8e8c8e (diff)
downloadfocaccia-qemu-ffe22bf51065dd33022cf91f77a821d1f11c250d.tar.gz
focaccia-qemu-ffe22bf51065dd33022cf91f77a821d1f11c250d.zip
Merge remote-tracking branch 'remotes/gonglei/tags/cryptodev-next-20161224' into staging
cryptodev patches

- add xts mode support
- add 3DES algorithm support
- other trivial fixes

# gpg: Signature made Sat 24 Dec 2016 05:56:44 GMT
# gpg:                using RSA key 0x2ED7FDE9063C864D
# gpg: Good signature from "Gonglei <arei.gonglei@huawei.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg:          There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3EF1 8E53 3459 E6D1 963A  3C05 2ED7 FDE9 063C 864D

* remotes/gonglei/tags/cryptodev-next-20161224:
  cryptodev: add 3des-ede support
  cryptodev: remove single-DES support in cryptodev
  cryptodev: add xts(aes) support
  cryptodev: fix the check of aes algorithm

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat
-rw-r--r--backends/cryptodev-builtin.c65
1 files changed, 50 insertions, 15 deletions
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index eda954b2a2..486b4a62bc 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -111,23 +111,42 @@ cryptodev_builtin_get_unused_session_index(
     return -1;
 }
 
+#define AES_KEYSIZE_128 16
+#define AES_KEYSIZE_192 24
+#define AES_KEYSIZE_256 32
+#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
+#define AES_KEYSIZE_256_XTS 64
+
 static int
-cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
+cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
 {
     int algo;
 
-    if (key_len == 128 / 8) {
+    if (key_len == AES_KEYSIZE_128) {
         algo = QCRYPTO_CIPHER_ALG_AES_128;
-    } else if (key_len == 192 / 8) {
+    } else if (key_len == AES_KEYSIZE_192) {
         algo = QCRYPTO_CIPHER_ALG_AES_192;
-    } else if (key_len == 256 / 8) {
-        algo = QCRYPTO_CIPHER_ALG_AES_256;
+    } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            algo = QCRYPTO_CIPHER_ALG_AES_128;
+        } else {
+            algo = QCRYPTO_CIPHER_ALG_AES_256;
+        }
+    } else if (key_len == AES_KEYSIZE_256_XTS) {
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            algo = QCRYPTO_CIPHER_ALG_AES_256;
+        } else {
+            goto err;
+        }
     } else {
-        error_setg(errp, "Unsupported key length :%u", key_len);
-        return -1;
+        goto err;
     }
 
     return algo;
+
+err:
+   error_setg(errp, "Unsupported key length :%u", key_len);
+   return -1;
 }
 
 static int cryptodev_builtin_create_cipher_session(
@@ -155,32 +174,48 @@ static int cryptodev_builtin_create_cipher_session(
 
     switch (sess_info->cipher_alg) {
     case VIRTIO_CRYPTO_CIPHER_AES_ECB:
+        mode = QCRYPTO_CIPHER_MODE_ECB;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_ECB;
         break;
     case VIRTIO_CRYPTO_CIPHER_AES_CBC:
+        mode = QCRYPTO_CIPHER_MODE_CBC;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_CBC;
         break;
     case VIRTIO_CRYPTO_CIPHER_AES_CTR:
+        mode = QCRYPTO_CIPHER_MODE_CTR;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_CTR;
         break;
-    case VIRTIO_CRYPTO_CIPHER_DES_ECB:
-        algo = QCRYPTO_CIPHER_ALG_DES_RFB;
+    case VIRTIO_CRYPTO_CIPHER_AES_XTS:
+        mode = QCRYPTO_CIPHER_MODE_XTS;
+        algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
+                                                    mode, errp);
+        if (algo < 0)  {
+            return -1;
+        }
+        break;
+    case VIRTIO_CRYPTO_CIPHER_3DES_ECB:
         mode = QCRYPTO_CIPHER_MODE_ECB;
+        algo = QCRYPTO_CIPHER_ALG_3DES;
+        break;
+    case VIRTIO_CRYPTO_CIPHER_3DES_CBC:
+        mode = QCRYPTO_CIPHER_MODE_CBC;
+        algo = QCRYPTO_CIPHER_ALG_3DES;
+        break;
+    case VIRTIO_CRYPTO_CIPHER_3DES_CTR:
+        mode = QCRYPTO_CIPHER_MODE_CTR;
+        algo = QCRYPTO_CIPHER_ALG_3DES;
         break;
     default:
         error_setg(errp, "Unsupported cipher alg :%u",