diff options
Diffstat (limited to 'crypto/cipher-gcrypt.c')
| -rw-r--r-- | crypto/cipher-gcrypt.c | 105 |
1 files changed, 57 insertions, 48 deletions
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 6487ecaf37..0489147398 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -20,6 +20,7 @@ #include "qemu/osdep.h" #include "crypto/xts.h" +#include "cipherpriv.h" #include <gcrypt.h> @@ -64,12 +65,29 @@ struct QCryptoCipherGcrypt { uint8_t *iv; }; -QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) +static void +qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, + QCryptoCipherMode mode) +{ + if (!ctx) { + return; + } + + gcry_cipher_close(ctx->handle); + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + gcry_cipher_close(ctx->tweakhandle); + } + g_free(ctx->iv); + g_free(ctx); +} + + +static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { - QCryptoCipher *cipher; QCryptoCipherGcrypt *ctx; gcry_error_t err; int gcryalg, gcrymode; @@ -146,10 +164,6 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, return NULL; } - cipher = g_new0(QCryptoCipher, 1); - cipher->alg = alg; - cipher->mode = mode; - ctx = g_new0(QCryptoCipherGcrypt, 1); err = gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0); @@ -158,7 +172,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcry_strerror(err)); goto error; } - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { err = gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0); if (err != 0) { error_setg(errp, "Cannot initialize cipher: %s", @@ -167,7 +181,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, } } - if (cipher->alg == QCRYPTO_CIPHER_ALG_DES_RFB) { + if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) { /* We're using standard DES cipher from gcrypt, so we need * to munge the key so that the results are the same as the * bizarre RFB variant of DES :-) @@ -177,7 +191,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, g_free(rfbkey); ctx->blocksize = 8; } else { - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { nkey /= 2; err = gcry_cipher_setkey(ctx->handle, key, nkey); if (err != 0) { @@ -194,7 +208,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcry_strerror(err)); goto error; } - switch (cipher->alg) { + switch (alg) { case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: @@ -214,7 +228,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, } } - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { if (ctx->blocksize != XTS_BLOCK_SIZE) { error_setg(errp, "Cipher block size %zu must equal XTS block size %d", @@ -224,34 +238,18 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, ctx->iv = g_new0(uint8_t, ctx->blocksize); } - cipher->opaque = ctx; - return cipher; + return ctx; error: - gcry_cipher_close(ctx->handle); - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx); - g_free(cipher); + qcrypto_gcrypt_cipher_free_ctx(ctx, mode); return NULL; } -void qcrypto_cipher_free(QCryptoCipher *cipher) +static void +qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherGcrypt *ctx; - if (!cipher) { - return; - } - ctx = cipher->opaque; - gcry_cipher_close(ctx->handle); - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx->iv); - g_free(ctx); - g_free(cipher); + qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode); } @@ -275,11 +273,12 @@ static void qcrypto_gcrypt_xts_decrypt(const void *ctx, g_assert(err == 0); } -int qcrypto_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int +qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, + const void *in, + void *out, + size_t len, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -310,11 +309,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, } -int qcrypto_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int +qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, + const void *in, + void *out, + size_t len, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -344,9 +344,10 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, return 0; } -int qcrypto_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) +static int +qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) { QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; @@ -380,3 +381,11 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, return 0; } + + +static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { + .cipher_encrypt = qcrypto_gcrypt_cipher_encrypt, + .cipher_decrypt = qcrypto_gcrypt_cipher_decrypt, + .cipher_setiv = qcrypto_gcrypt_cipher_setiv, + .cipher_free = qcrypto_gcrypt_cipher_ctx_free, +}; |