diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2017-07-19 20:45:37 +0100 |
|---|---|---|
| committer | Peter Maydell <peter.maydell@linaro.org> | 2017-07-19 20:45:37 +0100 |
| commit | d4e59218ab80e86015753782fb5378767a51ccd0 (patch) | |
| tree | c68daa77cf82483496bd9f1c4c8a582fd4ed517d /crypto/cipher-gcrypt.c | |
| parent | 824dbfb45d4834c6538f6f70737014b1f19e2e55 (diff) | |
| parent | c7a9af4b450c863cd84ad245ebc52a831c661392 (diff) | |
| download | focaccia-qemu-d4e59218ab80e86015753782fb5378767a51ccd0.tar.gz focaccia-qemu-d4e59218ab80e86015753782fb5378767a51ccd0.zip | |
Merge remote-tracking branch 'remotes/berrange/tags/pull-qcrypto-2017-07-18-2' into staging
Merge qcrypto 2017/07/18 v2 # gpg: Signature made Wed 19 Jul 2017 10:11:21 BST # gpg: using RSA key 0xBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" # gpg: WARNING: This key is not certified with a trusted signature! # gpg: There is no indication that the signature belongs to the owner. # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * remotes/berrange/tags/pull-qcrypto-2017-07-18-2: tests: crypto: add hmac speed benchmark support tests: crypto: add hash speed benchmark support tests: crypto: add cipher speed benchmark support crypto: hmac: add af_alg-backend hmac support crypto: hash: add afalg-backend hash support crypto: cipher: add afalg-backend cipher support crypto: introduce some common functions for af_alg backend crypto: hmac: add hmac driver framework crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend crypto: hmac: move crypto/hmac.h into include/crypto/ crypto: hash: add hash driver framework crypto: cipher: add cipher driver framework crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend crypto: cipher: introduce context free function Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Diffstat (limited to 'crypto/cipher-gcrypt.c')
| -rw-r--r-- | crypto/cipher-gcrypt.c | 105 |
1 files changed, 57 insertions, 48 deletions
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 6487ecaf37..0489147398 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -20,6 +20,7 @@ #include "qemu/osdep.h" #include "crypto/xts.h" +#include "cipherpriv.h" #include <gcrypt.h> @@ -64,12 +65,29 @@ struct QCryptoCipherGcrypt { uint8_t *iv; }; -QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) +static void +qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, + QCryptoCipherMode mode) +{ + if (!ctx) { + return; + } + + gcry_cipher_close(ctx->handle); + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + gcry_cipher_close(ctx->tweakhandle); + } + g_free(ctx->iv); + g_free(ctx); +} + + +static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { - QCryptoCipher *cipher; QCryptoCipherGcrypt *ctx; gcry_error_t err; int gcryalg, gcrymode; @@ -146,10 +164,6 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, return NULL; } - cipher = g_new0(QCryptoCipher, 1); - cipher->alg = alg; - cipher->mode = mode; - ctx = g_new0(QCryptoCipherGcrypt, 1); err = gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0); @@ -158,7 +172,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcry_strerror(err)); goto error; } - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { err = gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0); if (err != 0) { error_setg(errp, "Cannot initialize cipher: %s", @@ -167,7 +181,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, } } - if (cipher->alg == QCRYPTO_CIPHER_ALG_DES_RFB) { + if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) { /* We're using standard DES cipher from gcrypt, so we need * to munge the key so that the results are the same as the * bizarre RFB variant of DES :-) @@ -177,7 +191,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, g_free(rfbkey); ctx->blocksize = 8; } else { - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { nkey /= 2; err = gcry_cipher_setkey(ctx->handle, key, nkey); if (err != 0) { @@ -194,7 +208,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcry_strerror(err)); goto error; } - switch (cipher->alg) { + switch (alg) { case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: @@ -214,7 +228,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, } } - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { if (ctx->blocksize != XTS_BLOCK_SIZE) { error_setg(errp, "Cipher block size %zu must equal XTS block size %d", @@ -224,34 +238,18 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, ctx->iv = g_new0(uint8_t, ctx->blocksize); } - cipher->opaque = ctx; - return cipher; + return ctx; error: - gcry_cipher_close(ctx->handle); - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx); - g_free(cipher); + qcrypto_gcrypt_cipher_free_ctx(ctx, mode); return NULL; } -void qcrypto_cipher_free(QCryptoCipher *cipher) +static void +qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherGcrypt *ctx; - if (!cipher) { - return; - } - ctx = cipher->opaque; - gcry_cipher_close(ctx->handle); - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx->iv); - g_free(ctx); - g_free(cipher); + qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode); } @@ -275,11 +273,12 @@ static void qcrypto_gcrypt_xts_decrypt(const void *ctx, g_assert(err == 0); } -int qcrypto_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int +qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, + const void *in, + void *out, + size_t len, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -310,11 +309,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, } -int qcrypto_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int +qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, + const void *in, + void *out, + size_t len, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -344,9 +344,10 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, return 0; } -int qcrypto_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) +static int +qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -380,3 +381,11 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, return 0; } + + +static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { + .cipher_encrypt = qcrypto_gcrypt_cipher_encrypt, + .cipher_decrypt = qcrypto_gcrypt_cipher_decrypt, + .cipher_setiv = qcrypto_gcrypt_cipher_setiv, + .cipher_free = qcrypto_gcrypt_cipher_ctx_free, +}; |