crypto: add CTR mode support

Introduce CTR mode support for the cipher APIs. CTR mode uses a counter rather than a traditional IV. The counter has additional properties, including a nonce and initial counter block. We reuse the ctx->iv as the counter for conveniences. Both libgcrypt and nettle are support CTR mode, the cipher-builtin doesn't support yet. Signed-off-by: Gonglei <arei.gonglei@huawei.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
author: Gonglei <arei.gonglei@huawei.com> 2016-09-26 17:23:22 +0800
committer: Daniel P. Berrange <berrange@redhat.com> 2016-10-19 10:09:24 +0100
commit: 3c28292f390f642bbb3dba0949ecf36aaf7be0d6 (patch)
tree: 21c65cff1327d46cac536b32c671b6bcdd696715 /crypto/cipher-nettle.c
parent: f844836ddccf3dbcba142128da5dd8ee618f3e91 (diff)
download: focaccia-qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.tar.gz
focaccia-qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.zip
1 files changed, 14 insertions, 1 deletions
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index 72d106922d..cd094cd6a5 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -28,6 +28,7 @@
 #include <nettle/cast128.h>
 #include <nettle/serpent.h>
 #include <nettle/twofish.h>
+#include <nettle/ctr.h>
 
 typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
                                                size_t length,
@@ -186,7 +187,7 @@ struct QCryptoCipherNettle {
     QCryptoCipherNettleFuncNative alg_decrypt_native;
     QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
     QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
-
+    /* Initialization vector or Counter */
     uint8_t *iv;
     size_t blocksize;
 };
@@ -236,6 +237,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
     case QCRYPTO_CIPHER_MODE_ECB:
     case QCRYPTO_CIPHER_MODE_CBC:
     case QCRYPTO_CIPHER_MODE_XTS:
+    case QCRYPTO_CIPHER_MODE_CTR:
         break;
     default:
         error_setg(errp, "Unsupported cipher mode %s",
@@ -441,6 +443,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
                     ctx->iv, len, out, in);
         break;
 
+    case QCRYPTO_CIPHER_MODE_CTR:
+        ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
+                    ctx->blocksize, ctx->iv,
+                    len, out, in);
+        break;
+
     default:
         error_setg(errp, "Unsupported cipher mode %s",
                    QCryptoCipherMode_lookup[cipher->mode]);
@@ -480,6 +488,11 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
                     ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
                     ctx->iv, len, out, in);
         break;
+    case QCRYPTO_CIPHER_MODE_CTR:
+        ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
+                    ctx->blocksize, ctx->iv,
+                    len, out, in);
+        break;
 
     default:
         error_setg(errp, "Unsupported cipher mode %s",
author	Gonglei <arei.gonglei@huawei.com>	2016-09-26 17:23:22 +0800
committer	Daniel P. Berrange <berrange@redhat.com>	2016-10-19 10:09:24 +0100
commit	3c28292f390f642bbb3dba0949ecf36aaf7be0d6 (patch)
tree	21c65cff1327d46cac536b32c671b6bcdd696715 /crypto/cipher-nettle.c
parent	f844836ddccf3dbcba142128da5dd8ee618f3e91 (diff)
download	focaccia-qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.tar.gz focaccia-qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.zip