From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634471; cv=none; d=zohomail.com; s=zohoarc; b=RZ3RB5IKhAqEQZS5nTmNCReffQoL/tck3mycHFBbx4I+VGj9yA+mYOU1oR5gTmP/3Sy+jdExlbGLkhKugEMHw2iMEcHEkDuo5k93HPCda9w42+tjJfzj5JsyxLp9yTylrCdt957HjiwzV98xYWKtE3d0K9mXSakl0AlYyrSiFWY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634471; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=hik3ZpScOuKRJPQBQJmaIySNlHBFt2/ColUOBi0AURWG6oNxWIwefUxMuQyalvPRObwcs0nHGA31HtnNRTF4q4CNZZQAt+YIIcZPB4lnU8Hy2A54erele7nWOGvkSIE8QWV9yevDEoaMvZzt0J41toq60Yi9NKOWZT/WOwPTUxs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634471539347.55694818532027; Fri, 28 Aug 2020 10:07:51 -0700 (PDT) Received: from localhost ([::1]:41820 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqw-0008Nl-NP for importer@patchew.org; Fri, 28 Aug 2020 13:07:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36610) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoh-0003YA-6A for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: from mail-pg1-x544.google.com ([2607:f8b0:4864:20::544]:38502) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoe-000309-ND for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:30 -0400 Received: by mail-pg1-x544.google.com with SMTP id l191so726244pgd.5 for ; Fri, 28 Aug 2020 10:05:28 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:26 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=clj6F+ZtuzsXuk6WQlQQZXHbFPYm6DHm9mErWBPPiMbU7zsMi0XsR24XQsFy++p6l2 SfGzrjeVZTLu3POZpVrpcE5KWf0ZTmwflD1g+hJOdGQnoSM0wK8nPQj/I3asmZa1t84o oTM8w6NtkeGhpgCq+0AWPeXzY5dhwUCEw8U7bv5/fS15jkSjWKuIdWM3H2eNEgRJZWMK acGt261dZz8+cHd+2Z3/6Jl4oueGgELulo41xrAxxE0zyc6SZQWXLBvGmymVlb+ZIP82 EXX9CDp4FLebqeAi4BmgfEf1F9i2cN6VgOPY2x/CCMHWEtj4aKKflc/2bY8Z4UvetJky i/Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=l3aD2anKOIt3WSOh6rUNK9b+FkMMYhWfl0lnkvK5NQ4Am+ZdDtjsliFC5Y4j+G4CQa LvWuZvBftYpnUtrABcI1FM3oLCNT/oe9oLTbf3Dhuygh5QZvJ0Dh99rQVkxEv//2unWv YwIjpkwbb7yYb0BZ7CE9DZnGhaKA8GFe70189GHD+h17V3dYztjOma5mydmqYWkCgJOj ElaJtCZmJNvMu0dAj1DPIsDHv1mWf1urMM36WneDSSeRejR00YIsakASNS/T3fcc5tT5 ysFYv8w2ProcIzZxmckFEOl5PAuM5Kdkq+FYprCOOfWsxeWKrGo465YoLyB3FMn/scHf kakQ== X-Gm-Message-State: AOAM533wg2h/yrx9MDHNkfLlVpRnOJJn0zbGt9LkFBTus3yXAMTREGze f/XlJFjKPyI+Eo6UV8sea1qP/xqOdsP5NA== X-Google-Smtp-Source: ABdhPJxtk3AuHy5uDI0+ZPWu+hKUY2XcOssbvB++NqsUBXe9y9hNMFyKpEb/jREgYqFXohdtVnVpmg== X-Received: by 2002:a65:6897:: with SMTP id e23mr1795129pgt.103.1598634326669; Fri, 28 Aug 2020 10:05:26 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 01/16] crypto: Assume blocksize is a power of 2 Date: Fri, 28 Aug 2020 10:05:08 -0700 Message-Id: <20200828170523.418603-2-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::544; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x544.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) The check in the encode/decode path using full division has a noticeable amount of overhead. By asserting the blocksize is a power of 2, we can reduce this check to a mask. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c | 4 ++-- crypto/cipher-gcrypt.c | 5 +++-- crypto/cipher-nettle.c | 5 +++-- crypto/cipher.c | 1 + 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index 35cf7820d9..6eafd39da0 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -484,7 +484,7 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt =3D cipher->opaque; =20 - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; @@ -503,7 +503,7 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt =3D cipher->opaque; =20 - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 2864099527..81e4745bff 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -245,6 +245,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, g_assert_not_reached(); } } + g_assert(is_power_of_2(ctx->blocksize)); =20 #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { @@ -305,7 +306,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx =3D cipher->opaque; gcry_error_t err; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -344,7 +345,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx =3D cipher->opaque; gcry_error_t err; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index 7e9a4cc199..0677fdfd33 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -576,6 +576,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, QCryptoCipherAlgorithm_str(alg)); goto error; } + g_assert(is_power_of_2(ctx->blocksize)); =20 if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS && ctx->blocksize !=3D XTS_BLOCK_SIZE) { @@ -613,7 +614,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx =3D cipher->opaque; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -666,7 +667,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx =3D cipher->opaque; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher.c b/crypto/cipher.c index e5adb56271..2722dc7d87 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -19,6 +19,7 @@ */ =20 #include "qemu/osdep.h" +#include "qemu/host-utils.h" #include "qapi/error.h" #include "crypto/cipher.h" #include "cipherpriv.h" --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634386; cv=none; d=zohomail.com; s=zohoarc; b=Swm3gMRULxilKXfIURjVinajPgOi+MOKWfBVl1G1RV6tYg2LOhfnv/CxZCbylW7KEW0xZ1pLrjfbeB/foa8CerBWlgcerp8rVl/6UMjXRY/oQbc9tpN3MJ4BXcfbACo+NRun5nUfO9VA2vsmaS+6rXkCw4+T1VGV0UD/hhXY/y4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634386; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=VMKEK1Yfl5D7wCxnzrGEVzglASc+koQSfH8SJ5s4tCZgGlJOWeUxwHc3OaBjuvNFrD3EqLPgg8XqNRFclw722Gw4ZhGx4TcL5Mm/7mc8CuY4jbZkhs2iBSxzYlB+2qivfhlVid31N8qc8CYHosH/SXKqAYY/DdC5uFqpV58Xbcs= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634386242840.4183455001556; Fri, 28 Aug 2020 10:06:26 -0700 (PDT) Received: from localhost ([::1]:33590 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhpZ-000577-9E for importer@patchew.org; Fri, 28 Aug 2020 13:06:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36612) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoh-0003YQ-Cz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]:34373) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhof-00030F-KY for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: by mail-pf1-x432.google.com with SMTP id g207so951805pfb.1 for ; Fri, 28 Aug 2020 10:05:29 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:27 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=DUe+jzOipuO3qbkJZi5PpEjNTafWjEJydGkfMN/ae0wr7hw1ogXQFTvZ+CQ4HPV7TV ZxauIaJ4Rt9SYEOLdjAFELdwbcH2LbIuREHZXP/sEKNMpvVx05i5+8roJT2mkbhYYS8V HMA1/WZxmLvez+flRqlg9XSGRyz+UTIk/0o/Pf3zop1qjXQm5oZw8MDqJY9dRU1CdNY2 S3U94NoGwFwlZD8j3Ec8IY5tfQvxbm9D9TV+nXqZ2IN/Xd4avP78GphfYgYD1685voXJ ql6rtRZw7t+Z9+iiG8tlyn3fQtqgOv0yzS+ktcuChw29c/sLLbrN3js1C0y5ENZ7YYrm 9CGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=iub4wqsMlEMTrFY+rgctuV3CBoo9GGm9Iw5qj6Yu7MOeS1Bayb1Ugwx0nqkatOZaM2 1m7SXNIVpcgJm/ZyPFi9lTUcV/dsYbtn6o5HbKARXDySCVrf91c0vvQMvgvc1Ow09byk iJ0zU9cvrqsce6xTloe+HVivGgIS4ojIA69QKF/NtMu9iNF/idHvUOatDvG/vPjaRiyt 0QoAQJ3i/Ku05sLvkSO2xObrk298DR1Kve+RNpkMrGwUlXZj2wk4BdQvVvlN3pvLAkPJ 9FzLZ3nRk9Y7TzrxC8wtj37jkJquD4SbN8kPd38+O3NBn7JVbROjjFhDy4yjS99Kc6oG ILvw== X-Gm-Message-State: AOAM533MQiWYUU5xd4Ihhl67PSarR33cySjYoUBxrJ5m1Pfdy3toboEq /JLrET1+ErZiGGovuf7zDMbfnGXbxLZxIA== X-Google-Smtp-Source: ABdhPJyzZ0WFAvuclPET/Yx5P0yA4ZgRSVRGdAQbbQhvahtnPJMxptQO+oYGPEJzCGdbRp/yaxO5Og== X-Received: by 2002:a63:1c54:: with SMTP id c20mr1794583pgm.221.1598634327920; Fri, 28 Aug 2020 10:05:27 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 02/16] crypto: Rename cipher include files to .c.inc Date: Fri, 28 Aug 2020 10:05:09 -0700 Message-Id: <20200828170523.418603-3-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::432; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x432.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) QEMU standard procedure for included c files is to use *.c.inc. E.g. there are a different set of checks that are applied. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher.c | 6 +++--- crypto/{cipher-builtin.c =3D> cipher-builtin.c.inc} | 0 crypto/{cipher-gcrypt.c =3D> cipher-gcrypt.c.inc} | 0 crypto/{cipher-nettle.c =3D> cipher-nettle.c.inc} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename crypto/{cipher-builtin.c =3D> cipher-builtin.c.inc} (100%) rename crypto/{cipher-gcrypt.c =3D> cipher-gcrypt.c.inc} (100%) rename crypto/{cipher-nettle.c =3D> cipher-nettle.c.inc} (100%) diff --git a/crypto/cipher.c b/crypto/cipher.c index 2722dc7d87..005b5da4de 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -151,11 +151,11 @@ qcrypto_cipher_munge_des_rfb_key(const uint8_t *key, #endif /* CONFIG_GCRYPT || CONFIG_NETTLE */ =20 #ifdef CONFIG_GCRYPT -#include "cipher-gcrypt.c" +#include "cipher-gcrypt.c.inc" #elif defined CONFIG_NETTLE -#include "cipher-nettle.c" +#include "cipher-nettle.c.inc" #else -#include "cipher-builtin.c" +#include "cipher-builtin.c.inc" #endif =20 QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c.inc similarity index 100% rename from crypto/cipher-builtin.c rename to crypto/cipher-builtin.c.inc diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c.inc similarity index 100% rename from crypto/cipher-gcrypt.c rename to crypto/cipher-gcrypt.c.inc diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c.inc similarity index 100% rename from crypto/cipher-nettle.c rename to crypto/cipher-nettle.c.inc --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634469; cv=none; d=zohomail.com; s=zohoarc; b=NDHL1rQG7MKO0UqwSUekHPLNl6xVwOIBsoPj6zm6LZ/vbACWrTMRKXmlhqaCVQtwHwBw0fbf9EKU6jHYpF3ep4dVP4fzrrFcJRFXTP/ZoCLfniNHTI02nnk6h66UPXeGDUFn3s0taQce1PDGCzGor4UPpDniZ5PpNMZZmXZg9nA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634469; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=fnb4zfLYcfBo7j13siceqpMBmEzJE4Hii7EKrPFkGJnZR4q5B+49eDDiv4pucLjIbv1OTwuB/D0wg4LF9kkbsif8Ep+V2s/dUZmn1F6/cEEgiTZreVMZroveOnumVnvOgIydXuVNorZQmoqW9ibj0fjw2aq+ZBLnTj9NP/Wdf/w= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634469970641.0087985088671; Fri, 28 Aug 2020 10:07:49 -0700 (PDT) Received: from localhost ([::1]:41712 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqv-0008LF-5z for importer@patchew.org; Fri, 28 Aug 2020 13:07:49 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36634) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoi-0003Zz-RO for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:32 -0400 Received: from mail-pj1-x1029.google.com ([2607:f8b0:4864:20::1029]:40574) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoh-00030S-0t for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:32 -0400 Received: by mail-pj1-x1029.google.com with SMTP id kx11so20027pjb.5 for ; Fri, 28 Aug 2020 10:05:30 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=I3KjoArDaN3KKaUhyem6JJl7pG2J3QaSVS4XAkvDmxudW1TjtVLlFZ445IxB/dLKjv aHkgtjtXLClIzESQ5AwiXcoBtzjH3rSQrSlGhRvR6/aQnq9GLR0IC98HwFEet/NctH94 gLfMA56fKrh0B9b2gGnvI2A53ZgKpOHppIcAIBnGE5UektY0mPCBAVW6XrAVVBfFIfXx saloL5z3/66JpEE4XYtkv9xjjwd7zoMiihqe7Ai/ynhrIrLjxqK0YI5yicemGWc8SWGa ceCc9bZFtW2FEec9BNdbOqIlfrK7mbajqwxSmtiUm/wZHHv2ySIUGbjdXdHasSFmRaXJ /QrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=B31xlrrqz7v8LfhFSGzvAjQXSrBIfi49ERHEiMnqZegw5LOeG12uJg+xIJmsWhqNoY poaRTXrn6seV4COYN8BwyfoxWVu/INz6lOVK5Of6gVS8luELrTKuAGNejzQYj2MsHPW/ tO6I4P3Yzt2KoTQ5VCx0i+GvNHbxX2BIzNKK/cBgZjRIagGXE7W0hnheUIwFXHvxJpd9 rK3H6ak9iM+xbgtbA9Tcw+FqYYKavi9/EihSg1LTXWSVK7ArQeZgrQahjaYbEVLTuEMR qpSAz4pgsyYIa+8KMGF6FD/orwoXBPOj2uLaWdP6WNfkqrLT1n+mFrk8ntAQR+5CN/P5 oC7g== X-Gm-Message-State: AOAM531mfaH+AelyBhaUTgi1oWLxQET1/UTJG7PRD4McJ+1X0Sv/N4iK CnvuGb14mbQ6A41HPP2drycjFTXTbpnAGA== X-Google-Smtp-Source: ABdhPJx8YHgFGbq7vU2AsduGaSbrItSojIllFiyEAtxF2M9Lgzb/zqj8VaUmr4aA2aULa9WrgkDKTA== X-Received: by 2002:a17:90a:19d1:: with SMTP id 17mr59873pjj.93.1598634329101; Fri, 28 Aug 2020 10:05:29 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 03/16] crypto: Remove redundant includes Date: Fri, 28 Aug 2020 10:05:10 -0700 Message-Id: <20200828170523.418603-4-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::1029; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1029.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Both qemu/osdep.h and cipherpriv.h have already been included by the parent cipher.c. Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 2 -- crypto/cipher-gcrypt.c.inc | 2 -- crypto/cipher-nettle.c.inc | 2 -- 3 files changed, 6 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6eafd39da0..56d45b0227 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #include "crypto/aes.h" #include "crypto/desrfb.h" #include "crypto/xts.h" -#include "cipherpriv.h" =20 typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 81e4745bff..a62839914b 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" =20 #include =20 diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0677fdfd33..256931a823 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" =20 #include #include --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634559; cv=none; d=zohomail.com; s=zohoarc; b=J5FeaqXQplPc5bWFWMbCZm4+xVho784WQdr5rYl+m3wmEBsDdzaI+uGuxzFtm1s7NRzHQ8Kjn6WxxxexYaDqNHfSg+yf0F5cJfRRM67S7dGYhP/BowhqJo5FyKCXg3JOcaUWGjB15HQydrLuUgGVXA8b7V46SpF2ZXHzleJat5Q= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634559; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=OtJOZYViQ0wh8YWvxLi8gCTfEdbmLi1qwUxj+0HdGtnh0aGzKFbCfbW5y0kdYOO7P15lGupTrBDIMSprKLWK8r7nZvoGb2ZPp+CL204eLG4kHcC7NGVjJMm7wNpEPj1iZowDHlT7RZNG16PdXC0ZIhUL8+O1NYf2UvMOmoAmklE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634559144327.9689775310934; Fri, 28 Aug 2020 10:09:19 -0700 (PDT) Received: from localhost ([::1]:49884 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhsM-0003CR-DV for importer@patchew.org; Fri, 28 Aug 2020 13:09:18 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36648) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoj-0003bS-Iu for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:33 -0400 Received: from mail-pf1-x443.google.com ([2607:f8b0:4864:20::443]:33688) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoh-00030b-Vr for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:33 -0400 Received: by mail-pf1-x443.google.com with SMTP id u20so954807pfn.0 for ; Fri, 28 Aug 2020 10:05:31 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=JoSAFj7h/TcBC+QPk7eGl93Qqn79bJodTyFVU8QyWiKEeEiTkR6Zuwor5kqF7Pvqpt jEUFLyHIQwEFUSj6aOQi0QLeoDIYhlPAj9H/qfCt0Dw17iJwQDC4//VWZPtZJIHeihzz emLNPzforafvinCVoxfpq3qDrbpaXzEhzR6DrYupBk+v815j07a8RluYi1UjJ/Xrcev4 gU5/CJUIbTg2HYHBAu7hvKq2uw40+hjBWGqzrSxVl/Y34xdEGUNpagqPS6Q42ZcZvJQe NMKX/LNKiHpuLxJBmONit+5q7vfwpotyhWlsrg61nUsfIQJa0lxVXbrXWN/xu8pJo6jp TE2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=KiMwoEskkwvzXhBfCuGw0OJnnXJQZ5YE61s2aG2IPhKfJTxXqK5JopHEzYd3Qm73VD 7H+O88+GK9g2JbGbJhlfXnOD6T5Fhz5JGxc4ho6XsaCt7IwQN/3B46XDCamfFU1Jyz42 MwD/TNJwpBXi/Ko3pS2MysstzrvNteeF1asa1cD1kkLbPToM+me4Hey9D1V9BHWQooh8 QmkQDjaUO/O1vf9o0cDYeghzUIWw68WukWJG3r6W+HJWDq+Ar04lfp+rGHBQUvy4aekl +hGi4abUz8YSJoPZF+iDrzrvvPSPmHZHuEcTHFE/50OL6YgzvGMi8OOT97/OIpQVFv/J H2Zg== X-Gm-Message-State: AOAM533EaR5T45O6IkCBaiudjDeZDnwYstjEv2ODk+XAyBaSsJvJKKck ATbvZGHpdxL9CLV+VzPMOr21KZGJYhUXBw== X-Google-Smtp-Source: ABdhPJygVTUTpTseFw/AC/EruBh/kS2xgy+nku7TwS9KS+PIJE6CsAeqE3V6fvypHEVZEpCb4eOokA== X-Received: by 2002:a63:516:: with SMTP id 22mr1812863pgf.316.1598634330292; Fri, 28 Aug 2020 10:05:30 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 04/16] crypto/nettle: Fix xts_encrypt arguments Date: Fri, 28 Aug 2020 10:05:11 -0700 Message-Id: <20200828170523.418603-5-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::443; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x443.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) The fourth argument to xts_encrypt should be the decrypt callback; we were accidentally passing encrypt twice. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-nettle.c.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 256931a823..0404cfc6da 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -632,7 +632,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, case QCRYPTO_CIPHER_MODE_XTS: #ifdef CONFIG_QEMU_PRIVATE_XTS xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper, + ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, ctx->iv, len, out, in); #else xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634390; cv=none; d=zohomail.com; s=zohoarc; b=bAnJ8q/b0czs/37NKbfGJMp5VC4FzkDbj6Lw06G65G9ZGBEoIGfUFHbUK0yVrEqiBMKxmrAvHla8J0AUHlR4uMixdZFSbS4dLT203MME45xiSNY7/jfXITDnFyarl+ITz0BZThsnJyYCY9SHpuDunTlJZELLub2tgD/SHBdwuZ0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634390; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=lX4u7yTwj48Hd8ESx2qUKmPyTJSlNuRkTaYhdIRRNybfcVv+5JYL3yneZU+5GUkCg31OkvOmjmUGkgptKJ+Mn+K8huHju0fTdkiITeoi36OUBu1q6k64Ik8Ix8RcqWfZJcx76ca1r7K6TM/OqXOw29/EB3YbxKMvYSP5aCzjNdk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634390810906.8837392643736; Fri, 28 Aug 2020 10:06:30 -0700 (PDT) Received: from localhost ([::1]:34008 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhpd-0005HK-TO for importer@patchew.org; Fri, 28 Aug 2020 13:06:29 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36670) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhol-0003eW-5x for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:35 -0400 Received: from mail-pl1-x629.google.com ([2607:f8b0:4864:20::629]:37992) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoj-00030v-Kz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:34 -0400 Received: by mail-pl1-x629.google.com with SMTP id t11so788419plr.5 for ; Fri, 28 Aug 2020 10:05:33 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=Lsha6aDUfzLNjD6nDAtn0kKeiG8ihysx7VKq/F+7pnd7fwIOX+Hg2BgfhfWwdlgNd+ JQF5wMrFLn1H7YmKVB0oElmFu0NxJNtoQEb5o5lUb9ZyiPfTylzgjGvt4bAmlWagR/5K KvbOMRJmApVSc+y1ulb6dSgVHNonMlqn44GMxThrfrNgMMkw/NPIMMob9VveHJOjlV5q tVVwnUpHWjG5Iw47MGVeyd5URq/l2TWXtaueFf3boPj+S0ZDk4OydNWhzSNML1q7gYmS sdK/ojYWRgL6OutRtlNrb3h23Q0KtpZ7JKlFIc3nq9+pbOk0A3iyDjmb5Ei+7hleS2H6 Bbnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=W2wkUQYjrF+BeDBjOLLBRf60PGwn7mQ4lU2z1fsamUi8+a+TSRSujvsZKQqm1ykxrR s3cH+yMCRPRabq5Qsd5xYUDWPo1ZtYVp8H23OdHp8RaCvuPnkGUyzwqUND2EVDrHaRUt apu+kttmMI0b//YU8ThbMdWSTLhSMOOY7wvd7XtNa8KwH5VQYgX8tOq2tpA/J09y1kzn N3zrMgNd2wwby3pOf01unRJDtN4aYpcxNiZBjzsqekosCW/CUpV6vCNeg9jz6kZXhRQG M/2M8/Zsn4czNcxvTxQ511U46K7toEem7vkVhXgxOg58aYeTqqRV48UTXju6kpGOQjmA wKlA== X-Gm-Message-State: AOAM532+BB0vB42nHftFOEJaa6T9zF3ZyIV7dOiuWjn5DsW2P/5W5uVn xz1JD9QgdsxHCihNpSpuiXXVnjW3b+GF2A== X-Google-Smtp-Source: ABdhPJx8vnsWWJp1TrVQjBsgtRPpRk+aLSGBVKBztDI5PSmA7u3BF3FOLsFIYxGVTvTy8gMQayGo9Q== X-Received: by 2002:a17:90a:24f:: with SMTP id t15mr46207pje.227.1598634331759; Fri, 28 Aug 2020 10:05:31 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 05/16] crypto: Move QCryptoCipherDriver typedef to crypto/cipher.h Date: Fri, 28 Aug 2020 10:05:12 -0700 Message-Id: <20200828170523.418603-6-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::629; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x629.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Content-Type: text/plain; charset="utf-8" Allow the use in QCryptoCipher to be properly typed with the opaque struct pointer. Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 -- include/crypto/cipher.h | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 0823239f41..9228c9fc3a 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -17,8 +17,6 @@ =20 #include "qapi/qapi-types-crypto.h" =20 -typedef struct QCryptoCipherDriver QCryptoCipherDriver; - struct QCryptoCipherDriver { int (*cipher_encrypt)(QCryptoCipher *cipher, const void *in, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 5928e5ecc7..8a42a683a4 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -24,6 +24,7 @@ #include "qapi/qapi-types-crypto.h" =20 typedef struct QCryptoCipher QCryptoCipher; +typedef struct QCryptoCipherDriver QCryptoCipherDriver; =20 /* See also "QCryptoCipherAlgorithm" and "QCryptoCipherMode" * enums defined in qapi/crypto.json */ --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634661; cv=none; d=zohomail.com; s=zohoarc; b=lYCmywL7Cvji0XhUtRywTdTJ3N5dvq5bOpdWYBz1r/LXvomSRXnTHBY2dTtRFkaLzyf0h54Fx6twFA5TYrj9z0xNVt5PfRmMwdeqmCwoMF2he3Ja5nZIxCiyaRKIthb15+UEKDFYP+LwpIfEi8Bz8RiabnqIuy114aMtrMgWD9E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634661; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=iNsFcwKoOvqGHCCbGnEYu+Gy78/PdNjUsvipq5roPFky1K/BEqpqJAPamD4doGE+0WFL02qk/VM5JA6p8zW6T47PLmZ6l4T2k1LoP5DKfofxa438KUd6is+u4JM/3JGRdVlbT/b4ZbYijN5AbuLkh3ujUvLVpAd809BlZwmz+sg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634661013737.3877794573956; Fri, 28 Aug 2020 10:11:01 -0700 (PDT) Received: from localhost ([::1]:57062 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhu0-00068U-8R for importer@patchew.org; Fri, 28 Aug 2020 13:11:00 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36686) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhom-0003hk-Qd for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:36 -0400 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]:50418) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhok-00031B-Rb for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:36 -0400 Received: by mail-pj1-x1041.google.com with SMTP id i13so29592pjv.0 for ; Fri, 28 Aug 2020 10:05:34 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=G6PerQXWstwmdCPXnwBaX11sraa0ig2nAFNHo2l2N0UkGdzTzFPrgpk4y2bcj4I5y/ PvfA1Z02eCoYWuxZZboVWxk6SiHgO5DXrGTJLleGklN/BvW4a4gXx8ghkca2CXwqU2l1 3QW1we7H/XOj7t2d8lu3MH3OtTqEyROjj6vWUNButuoq4YvPZvNevNvTPV8WDc42A/kq kk1pYg06iCporVjyHAVE2VYb2t5K4lN1vjNOEQgjWviV3shMCwH1JYmzByrR0l+GYERo 4A6h2ue5kQMkE087vzWxJfq26jtSw7ucMQvJkkULzuY+fMCIsUaB2R+g5my2HUnzH3AK dJoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=bpZBfisIxLzdvbr0T0e57S+EHdVsfP+adBe9b0NvkKqMQ+0QCLbxvkj2VIcxgtsz5t GHT6WJWxLOw5Vrh6bJmhuzsPto0/arZ3unT6XN2v82U166p6yEyLJOR2/zte44SqGiM1 BA5zS39y7auP66brprVL3UHZS6CST0W17AEF30KKEHTJygzgNNbBDkpsSdTf/7+bVEpX gslefyAws8DJVS4Z9bCe8kB0zZnODA/mSs99uDCd1ehvZREB43Q5zJe5js47aoxU+Zxa rqfHZa8GqEMYQsm/F8VZri/9H7rQhAmt5jzH2DSkMilLj9ZdrAEbeInx4GZFn6gvjMR1 uSuw== X-Gm-Message-State: AOAM531nHgTgjmU0LwJPg5cGlTkmt1qFEejrNIpVzHgZKHY60R07D1iV klE3jsrNATH59MI+pbww335d+ZCKvjLkIQ== X-Google-Smtp-Source: ABdhPJyCjTgj5QF2SYXA9NAO7ptpdCIkPjfUVXa3ZnIcr2xekVv/Fn1YgGE4h/p3XlHordmticFAGg== X-Received: by 2002:a17:90a:f416:: with SMTP id ch22mr11829pjb.232.1598634332949; Fri, 28 Aug 2020 10:05:32 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 06/16] crypto: Use the correct const type for driver Date: Fri, 28 Aug 2020 10:05:13 -0700 Message-Id: <20200828170523.418603-7-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::1041; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1041.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Content-Type: text/plain; charset="utf-8" This allows the in memory structures to be read-only. Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 2 +- crypto/cipher-afalg.c | 2 +- crypto/cipher.c | 12 ++++++------ crypto/cipher-builtin.c.inc | 2 +- crypto/cipher-gcrypt.c.inc | 2 +- crypto/cipher-nettle.c.inc | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 9228c9fc3a..b73be33bd2 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,7 +47,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); =20 -extern struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; +extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; =20 #endif =20 diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 8a42a683a4..cc57179a4d 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -81,7 +81,7 @@ struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; void *opaque; - void *driver; + const QCryptoCipherDriver *driver; }; =20 /** diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index cd72284690..5c7c44761b 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -218,7 +218,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *= cipher) qcrypto_afalg_comm_free(cipher->opaque); } =20 -struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { +const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { .cipher_encrypt =3D qcrypto_afalg_cipher_encrypt, .cipher_decrypt =3D qcrypto_afalg_cipher_decrypt, .cipher_setiv =3D qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher.c b/crypto/cipher.c index 005b5da4de..3ca4a7e662 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -165,7 +165,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorith= m alg, { QCryptoCipher *cipher; void *ctx =3D NULL; - QCryptoCipherDriver *drv =3D NULL; + const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG ctx =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); @@ -187,7 +187,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorith= m alg, cipher->alg =3D alg; cipher->mode =3D mode; cipher->opaque =3D ctx; - cipher->driver =3D (void *)drv; + cipher->driver =3D drv; =20 return cipher; } @@ -199,7 +199,7 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_encrypt(cipher, in, out, len, errp); } =20 @@ -210,7 +210,7 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_decrypt(cipher, in, out, len, errp); } =20 @@ -219,14 +219,14 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_setiv(cipher, iv, niv, errp); } =20 =20 void qcrypto_cipher_free(QCryptoCipher *cipher) { - QCryptoCipherDriver *drv; + const QCryptoCipherDriver *drv; if (cipher) { drv =3D cipher->driver; drv->cipher_free(cipher); diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 56d45b0227..156f32f1c7 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -522,7 +522,7 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_builtin_cipher_encrypt, .cipher_decrypt =3D qcrypto_builtin_cipher_decrypt, .cipher_setiv =3D qcrypto_builtin_cipher_setiv, diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index a62839914b..18850fadb9 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -413,7 +413,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_gcrypt_cipher_encrypt, .cipher_decrypt =3D qcrypto_gcrypt_cipher_decrypt, .cipher_setiv =3D qcrypto_gcrypt_cipher_setiv, diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0404cfc6da..6ecce5e8ea 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -724,7 +724,7 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_nettle_cipher_encrypt, .cipher_decrypt =3D qcrypto_nettle_cipher_decrypt, .cipher_setiv =3D qcrypto_nettle_cipher_setiv, --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634397; cv=none; d=zohomail.com; s=zohoarc; b=e80+HXUvs2SW3ms44gV3++PDQdMLLnjVCMULHM4OnPMZwp4GfPW9mblSUC1UVceJ4FLGFChNeSTnOjUz+wR7/oH5ASYPRMAVY7KBf6uIfdig/tM9mWGM5q/Mm2aiQcSS6fgwxMpe19riM0LJJpc7Cv95SgAJh2Mu4n9EAKRyFgY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634397; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=cvk43mWZYe9KZtuazWtXCqRk0vlqHIhwr8PGLd0ZD2iT7t37C+WuBnhUC3MVcZVS1QihfoSwMGOWsKTCcXEEEcrEqWb5ijWffCLHPLw4sMTCc9IgxUTIreT4/FnVMKedIkjqGHnsvoDmmyvo+xdLjdbm7ox74PHEeqt257vUq2g= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 159863439761088.66480085589342; Fri, 28 Aug 2020 10:06:37 -0700 (PDT) Received: from localhost ([::1]:34642 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhpk-0005WX-Ny for importer@patchew.org; Fri, 28 Aug 2020 13:06:36 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36718) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoo-0003mP-PK for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:43339) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhom-00031Q-2z for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: by mail-pl1-x642.google.com with SMTP id y6so776681plk.10 for ; Fri, 28 Aug 2020 10:05:35 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=bB4tVYBX/pcxfZKriFcWvZ6hdwTG5IlzUdESogO9CBJDoVk6IqEsDIocogHcL9hImW sugc+sqbnlAHbOC+B1DuLxqQXK0Js2Zx85H7/Xs80DJWtfJ6JmF7LjcQ7XLDpgfCMTjI q0Sz592CKnsPuMuI8HgYc7HeMNo8S+5FLbuhn6F9RKZfoSrvcuNMcjuFWYgAwUOahDjG cylRPgxJ6sl9/hL/yZ9B6gW+2L2GKXt/WwwakBJeED442F2jXi3uwhyXm0/J7/3A7JGz VbGUYmmUiAsw2W7oBxWQypw5TXX+qnZCT//309BYc5TOPl5iIgmUHqOyk+ssrBuD+j9/ BL7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=A7o1ijD52thqDGpvkmbQYqNI48pxCBspzE+lUNtT+VnBhL71knOPr+MyxuIzH0FwCm IKjr5Hf/nK8HAL6zERnMihZGsPpelIjQGA6f9hJ5MyMs/nBEkZgzLqDgoujfbsJl8LBK G7yWKnhoEHusk1dGLx4QsbT6JKTuad/d0Qj3P/H/oqnWD398fA7jRHhB9yEF2QNMbGGB DuviWjwJbjvSXQb+KwHnx8VqkKcTSNRDolqGn0v2OXM3wdxuTIK7lVDzTEEjbdyMvjFb eoMG/g2lt3KdtCLrJCNoRy8eia5v/vV+APLrXaTZJGbxxUznWLG2AbLkkLvvy9f4ORvu m9ag== X-Gm-Message-State: AOAM5331vZAnRLsMiN5vz+7A2U2iItqxtNuYBkWYO8w6cEFzZwRXvgqx +hIjOSyLrpGYqGPp01gCANDO2ufne1BV6A== X-Google-Smtp-Source: ABdhPJx5OLNOruE9DzafOqmtxO6rpgwDGsn9JdkeAs9mBcsx7+U2CYjKEn15qmRKnp8cPzAHgM1uSg== X-Received: by 2002:a17:90a:f417:: with SMTP id ch23mr24246pjb.146.1598634334150; Fri, 28 Aug 2020 10:05:34 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 07/16] crypto: Allocate QCryptoCipher with the subclass Date: Fri, 28 Aug 2020 10:05:14 -0700 Message-Id: <20200828170523.418603-8-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::642; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x642.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Merge the allocation of "opaque" into the allocation of "cipher". This is step one in reducing the indirection in these classes. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/afalgpriv.h | 3 ++ crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 1 - crypto/cipher-afalg.c | 20 ++++++----- crypto/cipher.c | 20 ++++------- crypto/cipher-builtin.c.inc | 68 +++++++++++++++++++------------------ crypto/cipher-gcrypt.c.inc | 23 +++++++------ crypto/cipher-nettle.c.inc | 24 +++++++------ 8 files changed, 84 insertions(+), 77 deletions(-) diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h index f6550b5c51..5a2393f1b7 100644 --- a/crypto/afalgpriv.h +++ b/crypto/afalgpriv.h @@ -15,6 +15,7 @@ #define QCRYPTO_AFALGPRIV_H =20 #include +#include "crypto/cipher.h" =20 #define SALG_TYPE_LEN_MAX 14 #define SALG_NAME_LEN_MAX 64 @@ -32,6 +33,8 @@ typedef struct QCryptoAFAlg QCryptoAFAlg; =20 struct QCryptoAFAlg { + QCryptoCipher base; + int tfmfd; int opfd; struct msghdr *msg; diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index b73be33bd2..437b109b5e 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -41,7 +41,7 @@ struct QCryptoCipherDriver { =20 #include "afalgpriv.h" =20 -extern QCryptoAFAlg * +extern QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index cc57179a4d..083e12a7d9 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -80,7 +80,6 @@ typedef struct QCryptoCipherDriver QCryptoCipherDriver; struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; - void *opaque; const QCryptoCipherDriver *driver; }; =20 diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 5c7c44761b..86e5249bd6 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,7 +58,7 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm a= lg, return name; } =20 -QCryptoAFAlg * +QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, @@ -109,7 +109,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg =3D CMSG_FIRSTHDR(afalg->msg); =20 - return afalg; + return &afalg->base; } =20 static int @@ -117,9 +117,9 @@ qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); struct af_alg_iv *alg_iv; size_t expect_niv; - QCryptoAFAlg *afalg =3D cipher->opaque; =20 expect_niv =3D qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode); if (niv !=3D expect_niv) { @@ -200,8 +200,9 @@ qcrypto_afalg_cipher_encrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, true, errp); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, true, errp); } =20 static int @@ -209,13 +210,16 @@ qcrypto_afalg_cipher_decrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, false, errp); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, false, errp); } =20 static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher) { - qcrypto_afalg_comm_free(cipher->opaque); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + qcrypto_afalg_comm_free(afalg); } =20 const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { diff --git a/crypto/cipher.c b/crypto/cipher.c index 3ca4a7e662..737fc0735d 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -163,30 +163,27 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgori= thm alg, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipher *cipher; - void *ctx =3D NULL; + QCryptoCipher *cipher =3D NULL; const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG - ctx =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (ctx) { + cipher =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); + if (cipher) { drv =3D &qcrypto_cipher_afalg_driver; } #endif =20 - if (!ctx) { - ctx =3D qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); - if (!ctx) { + if (!cipher) { + cipher =3D qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); + if (!cipher) { return NULL; } =20 drv =3D &qcrypto_cipher_lib_driver; } =20 - cipher =3D g_new0(QCryptoCipher, 1); cipher->alg =3D alg; cipher->mode =3D mode; - cipher->opaque =3D ctx; cipher->driver =3D drv; =20 return cipher; @@ -226,10 +223,7 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, =20 void qcrypto_cipher_free(QCryptoCipher *cipher) { - const QCryptoCipherDriver *drv; if (cipher) { - drv =3D cipher->driver; - drv->cipher_free(cipher); - g_free(cipher); + cipher->driver->cipher_free(cipher); } } diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 156f32f1c7..6a03e23040 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -41,6 +41,8 @@ struct QCryptoCipherBuiltinDESRFB { =20 typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; struct QCryptoCipherBuiltin { + QCryptoCipher base; + union { QCryptoCipherBuiltinAES aes; QCryptoCipherBuiltinDESRFB desrfb; @@ -65,10 +67,7 @@ struct QCryptoCipherBuiltin { =20 static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; - - g_free(ctxt); - cipher->opaque =3D NULL; + g_free(cipher); } =20 =20 @@ -152,7 +151,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -186,7 +186,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -217,7 +218,9 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *ciph= er, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); + if (niv !=3D AES_BLOCK_SIZE) { error_setg(errp, "IV must be %d bytes not %zu", AES_BLOCK_SIZE, niv); @@ -232,7 +235,7 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *ciph= er, =20 =20 =20 -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_aes(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -289,7 +292,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; =20 - return ctxt; + return &ctxt->base; =20 error: g_free(ctxt); @@ -299,11 +302,11 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, =20 static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 g_free(ctxt->state.desrfb.key); g_free(ctxt); - cipher->opaque =3D NULL; } =20 =20 @@ -313,7 +316,8 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher= *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); size_t i; =20 if (len % 8) { @@ -338,7 +342,8 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher= *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); size_t i; =20 if (len % 8) { @@ -366,7 +371,7 @@ static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *= cipher, } =20 =20 -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -391,7 +396,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; =20 - return ctxt; + return &ctxt->base; } =20 =20 @@ -421,14 +426,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm a= lg, } =20 =20 -static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm= alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { - QCryptoCipherBuiltin *ctxt; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -446,29 +449,25 @@ static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(Q= CryptoCipherAlgorithm alg, =20 switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctxt =3D qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - ctxt =3D qcrypto_cipher_init_aes(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_aes(mode, key, nkey, errp); default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } - - return ctxt; } =20 static void qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 - ctxt =3D cipher->opaque; ctxt->free(cipher); } =20 @@ -480,7 +479,8 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -499,7 +499,8 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -516,7 +517,8 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 return ctxt->setiv(cipher, iv, niv, errp); } diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 18850fadb9..3b3c85e265 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -58,6 +58,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, =20 typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; struct QCryptoCipherGcrypt { + QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS @@ -86,11 +87,11 @@ qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, } =20 =20 -static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm = alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherGcrypt *ctx; gcry_error_t err; @@ -257,7 +258,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, } #endif =20 - return ctx; + return &ctx->base; =20 error: qcrypto_gcrypt_cipher_free_ctx(ctx, mode); @@ -268,7 +269,9 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, static void qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) { - qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode); + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); } =20 =20 @@ -301,7 +304,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (len & (ctx->blocksize - 1)) { @@ -340,7 +343,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (len & (ctx->blocksize - 1)) { @@ -376,7 +379,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (niv !=3D ctx->blocksize) { diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 6ecce5e8ea..d8371d1f37 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -294,6 +294,8 @@ static void twofish_decrypt_wrapper(const void *ctx, si= ze_t length, =20 typedef struct QCryptoCipherNettle QCryptoCipherNettle; struct QCryptoCipherNettle { + QCryptoCipher base; + /* Primary cipher context for all modes */ void *ctx; /* Second cipher context for XTS mode only */ @@ -355,11 +357,11 @@ qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *c= tx) } =20 =20 -static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm = alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherNettle *ctx; uint8_t *rfbkey; @@ -585,7 +587,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, =20 ctx->iv =3D g_new0(uint8_t, ctx->blocksize); =20 - return ctx; + return &ctx->base; =20 error: qcrypto_nettle_cipher_free_ctx(ctx); @@ -596,9 +598,8 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, static void qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherNettle *ctx; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 - ctx =3D cipher->opaque; qcrypto_nettle_cipher_free_ctx(ctx); } =20 @@ -610,7 +611,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -663,7 +664,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -713,7 +714,8 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); + if (niv !=3D ctx->blocksize) { error_setg(errp, "Expected IV size %zu not %zu", ctx->blocksize, niv); --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634475; cv=none; d=zohomail.com; s=zohoarc; b=AmyCVwDLwcWJ/BYkZm2EdCol9H9X3LWH5v9Cq7+KA0QL3deRoE0X1aSDdwawAD0DOxCLJ0+IyvEOF8JTSO0b/e+hUHDeAuL8Jii6l1wa1cJ4V5omUbeKFrcodEa5yWHmZZ8+J5eS3WIwfV1YnPmIysos9XFvWik/MpPMNTaCg4M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634475; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=LKCWmydtd11r4WUpLaO9Hxn6AR3beDLKQzlmSjiSJcADAeGewoIxhYR3uYapG67FbuGFvkJyireFFOz4RqhtJK5aaqujtmN3Oe45LT9xfT9TuqoOuMVJSU3Sx7mvn0Q5YBBN3X6nBA5qs9qHYXrgKSiK2v/6Xdo3hu5RPBWjD3c= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634475577777.7469360488593; Fri, 28 Aug 2020 10:07:55 -0700 (PDT) Received: from localhost ([::1]:42274 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhr0-000075-OY for importer@patchew.org; Fri, 28 Aug 2020 13:07:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36726) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhop-0003nO-52 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: from mail-pf1-x431.google.com ([2607:f8b0:4864:20::431]:35339) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhon-00031j-9X for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: by mail-pf1-x431.google.com with SMTP id o68so954231pfg.2 for ; Fri, 28 Aug 2020 10:05:36 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=DfX+UpRuPgzZzEI+ypg6EHr6Ta3dP4juFUvEgDsY1xLS1HCF0Kxeam9Bgxy1rbkGDO LIO/i2nd4D/WopXTp5CCNfSTuIzzgL702owFH3FKbYRjQ5Y4gWnp5/wR/sC7uq9KQGGs 21fGA8P23CDSypaOdMCJmpRFWjs0Nzg7+BaISO0QgrZQoYljP9xbATIJbjA4Sw7pbMQw S6n7yumIYw6+aaWgVHjW4gPFsBukChnZQ4Wm2WcKsNzROUlOH/Kjj44OylOaTocr6rb6 PgcV5hW88Ri3rIWitgDYStNbZ66SlzxiDh1pwji9Sl1Olqb/MkRVc3WfJUETNYIdXcE3 DZiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=sjaW61f/5H3UGbeBfd5I2gWKvbObm+45wc0gp5qKP3f18nU1KHvXP0Owd4tV6D2L8w Y2JgcHry6TIu4dK2uxCCHU1O1T8f/l7F7t5rw4GKBxh/kGpP3Cn6Eov3nPn1486Rw08l SxG1HwAZXotsTCoZMQ0DTzk0gi7KYOPKsD4pL1AVk3SDKmPmgc8IIYdhqM/7XVAhbobL UEfjUIMLw73BRvkTME4hhEVeOwlGNKp4qzfVtbi1jby0zzpWt+1YitF970xEDFq609IZ tAmoTtvKmedHmSpVlfjIEEFGzh3fdWwTrE0A9MOf9Ui5S7MN3vVNwCbeE7BF8lRY0RlB twdA== X-Gm-Message-State: AOAM533Z/nU7ERPmexKmbdEXvZ0jgZmheZLYOIcweMr6HZVM97S0T1jr zrzHpQR07RGrsbwHUzVHKIYtQW+Xmxjx0Q== X-Google-Smtp-Source: ABdhPJz+AELX29YEAbykZYDMIPmSKRcYfaShMbgXHoXAXaKzZx14It7xpZNMIfDAY9eht9xwQOlHWQ== X-Received: by 2002:a63:5f8b:: with SMTP id t133mr1825708pgb.238.1598634335505; Fri, 28 Aug 2020 10:05:35 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 08/16] crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_new Date: Fri, 28 Aug 2020 10:05:15 -0700 Message-Id: <20200828170523.418603-9-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::431; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x431.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) The class vtable should be set by the class initializer. This will also allow additional subclassing, reducing the amount of indirection in the hierarchy. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 -- crypto/cipher-afalg.c | 5 ++++- crypto/cipher.c | 7 ------- crypto/cipher-builtin.c.inc | 4 ++++ crypto/cipher-gcrypt.c.inc | 2 ++ crypto/cipher-nettle.c.inc | 3 +++ 6 files changed, 13 insertions(+), 10 deletions(-) diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 437b109b5e..396527857d 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,8 +47,6 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); =20 -extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; - #endif =20 #endif diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 86e5249bd6..052355a8a9 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,6 +58,8 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm a= lg, return name; } =20 +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; + QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -109,6 +111,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg =3D CMSG_FIRSTHDR(afalg->msg); =20 + afalg->base.driver =3D &qcrypto_cipher_afalg_driver; return &afalg->base; } =20 @@ -222,7 +225,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *= cipher) qcrypto_afalg_comm_free(afalg); } =20 -const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { .cipher_encrypt =3D qcrypto_afalg_cipher_encrypt, .cipher_decrypt =3D qcrypto_afalg_cipher_decrypt, .cipher_setiv =3D qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher.c b/crypto/cipher.c index 737fc0735d..3711b552fa 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -164,13 +164,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorit= hm alg, Error **errp) { QCryptoCipher *cipher =3D NULL; - const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG cipher =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (cipher) { - drv =3D &qcrypto_cipher_afalg_driver; - } #endif =20 if (!cipher) { @@ -178,13 +174,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgori= thm alg, if (!cipher) { return NULL; } - - drv =3D &qcrypto_cipher_lib_driver; } =20 cipher->alg =3D alg; cipher->mode =3D mode; - cipher->driver =3D drv; =20 return cipher; } diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6a03e23040..1444139f36 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,6 +22,8 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; @@ -292,6 +294,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; =20 + ctxt->base.driver =3D &qcrypto_cipher_lib_driver; return &ctxt->base; =20 error: @@ -396,6 +399,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; =20 + ctxt->base.driver =3D &qcrypto_cipher_lib_driver; return &ctxt->base; } =20 diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 3b3c85e265..7a1fbc9745 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,6 +24,7 @@ =20 #include =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -258,6 +259,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCip= herAlgorithm alg, } #endif =20 + ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index d8371d1f37..36d57ef430 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,6 +34,8 @@ #include #endif =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -587,6 +589,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCip= herAlgorithm alg, =20 ctx->iv =3D g_new0(uint8_t, ctx->blocksize); =20 + ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634762; cv=none; d=zohomail.com; s=zohoarc; b=K3sjBHKKuZXu/ZrdwWNp8wMsB5TV9q+rmaX0C1LJjGzKVEYCXDv2AqdxTOpOIjFncScbt1KXwTOXmwkLfucJWSBeiZ+BejOeC3co/+EMtk9M9MGz8ZoHZ/5hir2mk55dkr/kewNbIaNxhGCsqW4WQPZtdDlnfnW7QDOQjBvRWtU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634762; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=njkAVBL9Enh24ZOlNkWdyxCEZMsJTlsARqhS/qX8uE+21O96gbE3OA4iZJqO1owE9Ki9nRaCt43Ils6UKx2QPt6VxLx27cxdEvjinT/HSZmY50gY3+YO4oeqfx6KBuHXiv98fCqTUKfPIbHD6oTjDjANpuYgnqOdYU3DfuikPWw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634762763825.1376347831448; Fri, 28 Aug 2020 10:12:42 -0700 (PDT) Received: from localhost ([::1]:35706 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhve-0000TH-2i for importer@patchew.org; Fri, 28 Aug 2020 13:12:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36730) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhop-0003oy-Ul for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: from mail-pg1-x52d.google.com ([2607:f8b0:4864:20::52d]:36319) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoo-00032w-DP for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: by mail-pg1-x52d.google.com with SMTP id p37so731293pgl.3 for ; Fri, 28 Aug 2020 10:05:37 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=yK79qwzfaH40Z1JVCkGqopZ7hJptf/Ot/frQc/0ErjJMAd6FpCqW99D10qMvAs9wej eAbAuBkEJINReChClbJtpxIsLo6ytnNkxoEPkANaVL+VhOTVejR8lgdv/2HByPoovTZG aQDGy+27Ul6RklJNRada767cTVJTBFPrxNNJtCGHDFWm6pJccWGEaI18msdkq3cocX/f x8FZV5BPBPTuFWVsofd9o71keMOy08pWjd5tgTpafy68CrzPfAuRG92aT/gMbn/AxNCy E1jEdrpOi2YhV8kgRNQ6+aTqdjoTCmou03L2b854hqTYshKGlcRMW/mTYEkUjtuTX5N2 BIow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=dSarxfu/iNsWMdM7IMdR/gO0uU4JIWWnxNY9fUVvc5Pteds7Xz9DESpEEzHClBXRV7 XITpFxZt1DEsTmujifisgTyNCjJzj1kJFQv7h1EpOxr9fSB0Th4dnJVZDRFiJJcjZl3Y H8/0DHg6QrVQHd1wZMK5OSwrNScMUCKW2z7h/ITrbjk75Jn/WGJof99AtYmEFLJSVcHv QiXGGhRS07hYLyCqXyPkQ4ieuk5kmKAmw6R0F/mWln83RZ7JjkU8U4M4A4E/nz5egshP CqUZtMM3xci0b5WL29QlSJj/S4JHkhSxQbGWVLixmFcan0sFZ8/rTqkr/NSrf4AOxMGq JQ1Q== X-Gm-Message-State: AOAM531ZzXI/gE+9YgRJqvH0UmJgXfacsj+pulscnk2medWMFsfSkruB Hr9s6f0koxqk9RXfrgAY8UaPdNtu1aZpSA== X-Google-Smtp-Source: ABdhPJw7Csw6kXNFcNj+Y+cCIgPZQaEOamW8n++pGMvmnpYGjRHIgL9QqdDly6+q8wTRP0xqfcLLdA== X-Received: by 2002:a63:7056:: with SMTP id a22mr1809199pgn.12.1598634336675; Fri, 28 Aug 2020 10:05:36 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 09/16] crypto: Constify cipher data tables Date: Fri, 28 Aug 2020 10:05:16 -0700 Message-Id: <20200828170523.418603-10-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::52d; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x52d.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/cipher.c b/crypto/cipher.c index 3711b552fa..068b2fb867 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -25,7 +25,7 @@ #include "cipherpriv.h" =20 =20 -static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { +static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_AES_128] =3D 16, [QCRYPTO_CIPHER_ALG_AES_192] =3D 24, [QCRYPTO_CIPHER_ALG_AES_256] =3D 32, @@ -40,7 +40,7 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_TWOFISH_256] =3D 32, }; =20 -static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { +static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_AES_128] =3D 16, [QCRYPTO_CIPHER_ALG_AES_192] =3D 16, [QCRYPTO_CIPHER_ALG_AES_256] =3D 16, @@ -55,7 +55,7 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_TWOFISH_256] =3D 16, }; =20 -static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] =3D { +static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] =3D { [QCRYPTO_CIPHER_MODE_ECB] =3D false, [QCRYPTO_CIPHER_MODE_CBC] =3D true, [QCRYPTO_CIPHER_MODE_XTS] =3D true, --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634560; cv=none; d=zohomail.com; s=zohoarc; b=nGnd0cdu9XpoxbVr0M4XtFs7kEtPwwiJho7l4KWhPGgnQDHbwcSle62zfe9p+eK6m7cQZ/Zv/MCXoLZREuesBu6OSdLVf/iVSc/JVgkHsxSeGyaZMFu7y32iY1bxvhhVwd8uyqNpzSDk/9ow96HdisvPtKpSgziliQpQItyaSA8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634560; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=UbePxTQk5Hm+83EAsbwbr30q07dRyZgNfp8FTsBq1dLTV7ytK5swgApFcqXmXdO67Y1txAbS4CDx8etPPT69uF7MxFNfql966oankflts7MIYDlDjIjQ7CdktbCPQkLNR+/ceo3QpkCWemM2KsUGiPCigTxUqI9F+jqKcbFCxTg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634560561132.95061371000975; Fri, 28 Aug 2020 10:09:20 -0700 (PDT) Received: from localhost ([::1]:50066 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhsN-0003Gx-KO for importer@patchew.org; Fri, 28 Aug 2020 13:09:19 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36748) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhor-0003tC-LR for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:41 -0400 Received: from mail-pl1-x641.google.com ([2607:f8b0:4864:20::641]:42911) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhop-000352-S7 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:41 -0400 Received: by mail-pl1-x641.google.com with SMTP id j11so777767plk.9 for ; Fri, 28 Aug 2020 10:05:39 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=XGB1X0i4my0zdUr1MHPPBWyF2ZTOZnn4l3AVeNVWvJtE+U5PCV0agP/aAFq1devQg/ clDiH/N4yVYZJ5w62/z/QtZF01caGviCKeyVJkLYEmrqcKyD56R77e7IhxgZuFj8xJr/ TSw3d/XPCZUimt90B8aajrTR+GX/NRMV4m1Wb5+4ADcep8boy7XAE+/FNMREdp2CLJpA aGRL8Z4U0EhGB29p38YHfyKAYj2mUAoAFgNmmudM9E4yEtg3IqH0ws0LQnaJovvYUZfG jLNek2vUtXt9j/TNeJdvR+jfdlXmp2BL1+bhKIZ5TsUCPejLAFiBCd3N4DWvcQ/Oi0Mz jBRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=qJTmCDN7sWhpl7iQEn6ocftnB576UyOcstEyMgr9lnM9JWqRVHK5Ly01jxDwjRN9iD ZBE67iRq7jLi4DTDXIghAOaE1kn+cPu1FfwKQOR1GFDoV3eCOP/8qMWuG6FgwqRChqA3 eQz2prySfG9dThzVfoyK3zGQBJeSOOiG8OUjFq235pSXOmaq3JqttHWv38MDdKDP9Sb3 zWi6+Srk44iZjoroXkq/qow1T80oTb+KVuzKi7NAXu/cPjhHUb2huSRZyXH/XSl7ff8e UaXBwUdygmdwrv5nsY8VJrIY2PFryvOb85jB4LQaA7WHMIMEtlVsHMlc84G9wtAnT4vV assQ== X-Gm-Message-State: AOAM5316qLItp5HG4hqG551hyzsWrudomr3Aod7nwx883bVAd7m95of6 hREzEGIIHKpRCK47A3mZfX5651XbygMmGA== X-Google-Smtp-Source: ABdhPJzjxMIxor5Gg9pbplDdi9RDj3cCJUeat7Obyr+MgtO0HSZu02n8RdCw6FddbqLoGAjBWMyB9w== X-Received: by 2002:a17:902:7582:: with SMTP id j2mr2203287pll.322.1598634338106; Fri, 28 Aug 2020 10:05:38 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 10/16] crypto/builtin: Remove odd-sized AES block handling Date: Fri, 28 Aug 2020 10:05:17 -0700 Message-Id: <20200828170523.418603-11-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::641; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x641.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) We verified that the data block is properly sized modulo AES_BLOCK_SIZE within qcrypto_builtin_cipher_{en,de}crypt. Therefore we will never have to handle odd sized blocks. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 40 +++++++++++-------------------------- 1 file changed, 12 insertions(+), 28 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 1444139f36..e2ae5d090c 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -80,21 +80,13 @@ static void qcrypto_cipher_aes_ecb_encrypt(const AES_KE= Y *key, { const uint8_t *inptr =3D in; uint8_t *outptr =3D out; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_encrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; - len -=3D AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_encrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len =3D 0; - } + AES_encrypt(inptr, outptr, key); + inptr +=3D AES_BLOCK_SIZE; + outptr +=3D AES_BLOCK_SIZE; + len -=3D AES_BLOCK_SIZE; } } =20 @@ -106,21 +98,13 @@ static void qcrypto_cipher_aes_ecb_decrypt(const AES_K= EY *key, { const uint8_t *inptr =3D in; uint8_t *outptr =3D out; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_decrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; - len -=3D AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_decrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len =3D 0; - } + AES_decrypt(inptr, outptr, key); + inptr +=3D AES_BLOCK_SIZE; + outptr +=3D AES_BLOCK_SIZE; + len -=3D AES_BLOCK_SIZE; } } =20 --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634662; cv=none; d=zohomail.com; s=zohoarc; b=nJ3z0SkeUCwJu8sYkSW8RhVDx+HKsoV2gqSuaFkHrlTeA9mZ6QVQ+eAIe/dk0DvJXwLlLht7cGbxhaYdbFgJwZBxUtuD/8HQA4nP89/KHiQCrski5et3fNzpocxPV4NRh25M9XDqCG0p1YThaQDvgK8y0Oangjf3kMNGqSulSLA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634662; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=LnfKX/oOsjP6VY/6jOHqOij+pjevCjHJDmGeENuJWxIBAud5L0WS9erQErB2WD0moRm/ukZRX8EzZRf7q2Rsj1/4GkE0wXfJOj+lkJnm5gzIQWLLe7VY1R7sCFdbIhJHA73aznQS8eYVjCeXnrDa1s4o7Wq0lGEbO9tkDysi1Z4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634662345250.51363022457508; Fri, 28 Aug 2020 10:11:02 -0700 (PDT) Received: from localhost ([::1]:57200 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhu1-0006CZ-JD for importer@patchew.org; Fri, 28 Aug 2020 13:11:01 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36770) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhot-0003xN-4X for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:43 -0400 Received: from mail-pj1-x1042.google.com ([2607:f8b0:4864:20::1042]:53854) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhor-00036E-96 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:42 -0400 Received: by mail-pj1-x1042.google.com with SMTP id nv17so23386pjb.3 for ; Fri, 28 Aug 2020 10:05:40 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=roMHS2o+qL8y8fbaQz7gA08dLUtzfxbTpBShd8UzaAfxUM5gRXDrYd/FVT68VjffzY XE9t5PHoHhdoKUBitXa5NNiIaTHqn0sbObZ+8jKtakPXq2Ijj/+1dnZgATZ/8hjW7o/6 5uGa1wG23vHd32mgJNvkrz5TpxP14QSxixP5t700uK8XOUjOYk07oXvHQpk875E9nzxS hC6TYckscanY3NiLIQmMKJPy0CjziMuQQRavjGcQMUOf8Ro6o2g8oEVeiR5NQ1nrbwzy LmyTUvFZRy+7wOoPeopoN2aKVIDJkppffdLAxm718Nq9S2ExgfUPZJoa2ig4StaVyWgK qhMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=lqe/R3JwdNQnedav1BUy0y6p37Sw+iIl4Jf/UysSME3r8nB55PC9lbApJnrA27HhKS cmRPWGtSSIeKID9IoJW1lLLBl9/i+xVeQ/gDCLPaxNlZBw/NT7WEIkuuYQ2SdiJ4vhVd P6pTR0nCjGBjdO0TMOgFNrMCpCCvJKUCsIjPfIVInYWSKi0PolnAwb7k6SGVbS6ktzWs GsYh0QNHaeJ4U3Qr2iPv+7aIGEKDkvQXUFtvs/pHYE7TxyhHIaew1s4rNzjBacdHODx7 nHmFa2Q6cPac8U7q/l+Hm/MChcNOly5juE+bmGcoUlSyhSrOZd9L0kbTRfmTQeesU4pi XCIQ== X-Gm-Message-State: AOAM531eOHqTTHeLSWiw8TrcmpYZdJNppwYPI07Hyh9t0vszt+LT4+mQ mM4jPuzSAv/zN1cBYdmxsyj5gIc9rv2ECw== X-Google-Smtp-Source: ABdhPJyOHoXvKXqmutVfzAD9XANsDGVJl6rC0cN+ieYdHx1QJ1U2uHqt3cnn0bLGWPqFFqZfVCr0Og== X-Received: by 2002:a17:90a:858a:: with SMTP id m10mr47912pjn.185.1598634339389; Fri, 28 Aug 2020 10:05:39 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 11/16] crypto/builtin: Merge qcrypto_cipher_aes_{ecb, xts}_{en, de}crypt Date: Fri, 28 Aug 2020 10:05:18 -0700 Message-Id: <20200828170523.418603-12-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::1042; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1042.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) There's no real reason we need two separate helper functions here. Standardize on the function signature required for xts_encrypt. Rename to do_aes_{en,de}crypt_ecb, since the helper does not itself do anything with respect to xts. Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 73 +++++++++++-------------------------- 1 file changed, 22 insertions(+), 51 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index e2ae5d090c..8e21f2673f 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -72,65 +72,38 @@ static void qcrypto_cipher_free_aes(QCryptoCipher *ciph= er) g_free(cipher); } =20 - -static void qcrypto_cipher_aes_ecb_encrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_encrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr =3D in; - uint8_t *outptr =3D out; + const QCryptoCipherBuiltinAESContext *ctx =3D vctx; =20 /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - AES_encrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; + AES_encrypt(in, out, &ctx->enc); + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; len -=3D AES_BLOCK_SIZE; } } =20 - -static void qcrypto_cipher_aes_ecb_decrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_decrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr =3D in; - uint8_t *outptr =3D out; + const QCryptoCipherBuiltinAESContext *ctx =3D vctx; =20 /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - AES_decrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; + AES_decrypt(in, out, &ctx->dec); + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; len -=3D AES_BLOCK_SIZE; } } =20 - -static void qcrypto_cipher_aes_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx =3D ctx; - - qcrypto_cipher_aes_ecb_encrypt(&aesctx->enc, src, dst, length); -} - - -static void qcrypto_cipher_aes_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx =3D ctx; - - qcrypto_cipher_aes_ecb_decrypt(&aesctx->dec, src, dst, length); -} - - static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, @@ -142,8 +115,7 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_encrypt(&ctxt->state.aes.key.enc, - in, out, len); + do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -153,8 +125,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; @@ -177,8 +149,7 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_decrypt(&ctxt->state.aes.key.dec, - in, out, len); + do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -188,8 +159,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634830; cv=none; d=zohomail.com; s=zohoarc; b=RRrWdlliQnJZQ6mT3aBAZIXbC0ve8+bAHZZ/8NenDv746z7pSVI8OFQEPiB2ePByPlEZzs0RX4PbD2YNhtftOR40iWJXn9ddEoP0YSo6NwNkWk8FUDoL1DtvX913seHTIDJSAPM85AD2Wf79GHK6U4DAyW+JAoq7sj9j7xUtKOk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634830; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=eclfnSEOCHy8ZU3ibT9DnuSgoyLdo+lB3CXOqta3rKY7Z3dAucpFnL+go/mcpCWS5tB76n1hiewcCwcyLLgnmkj0fYX1F6zKS063WA+Z9AypXoKSv2TBN/QyxTBdqLlMP0fLpbeEsIknT5AQS3WN3YQG0N56Gi4aunj6oPsHSG4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634830936516.1733610881679; Fri, 28 Aug 2020 10:13:50 -0700 (PDT) Received: from localhost ([::1]:38310 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhwk-0001Xa-6p for importer@patchew.org; Fri, 28 Aug 2020 13:13:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36790) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhou-00041Z-O4 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:44 -0400 Received: from mail-pf1-x42d.google.com ([2607:f8b0:4864:20::42d]:40480) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhos-000370-Gz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:44 -0400 Received: by mail-pf1-x42d.google.com with SMTP id c142so873777pfb.7 for ; Fri, 28 Aug 2020 10:05:42 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=Amz+3ytMmbpQhWupxfLouxMaZDgJQDIS6kmT8arZH33roOHAHvFzmpunSQiHXyipbr q9hTxtpM89RMO7CLm0a5c03RZpQhaoGI7hpdRfXTQSFk34r9QD6mGO+oIa4F4JcJkQge AyrAYniTVAjMhKTffJAnw33mZTsFERaxkRcVwR+Ttm2nEtKR9TLpp/PbLjaD63isONDY nyiJWGqWlLSuuQ4xBeVaHDMDG7UDfr/eq4LIGt9wnVAEjKD+dCcUrKdXY7VvjbR6XSBE VeB5sQtwJejV7zN4PyksWPN9KnP+DuSv1vHKcSwHtOY2l5FuOPiP2clBGz7wjhlW8sSh Ataw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=ARIO0a6EwDcBTkne7Jmflsd3+Cpfn7t2tmBVShR1oDZxxRoH0vCT8oO3h6uysO7F+j EO1PGMjom+qDWS1NACkEJ6MyIROFyRwWPQ3RaRW4QpVLL7y1+tiuD/mjhZaCFbqEVDA0 IzR7nUeJeWsxdwv2PmIx2NGtDe6oM083Px5omADrOXEY6cOw1YwTTOvuQbxVPF1kvatX 3Q4b+vynfUM15ssGjVjxe5H3EVA0yoY71YzdXwHFBtp5gM5NrOUb+1XIX49bssbF84W+ Lrijtpt+z2K+yUX+mCLJTTkk9+XjWdv0hsCVQaKxvAVuImcuIRcYjThjdG8k1ZTHHmNa Q1HA== X-Gm-Message-State: AOAM5309gB5Z5+RlTJwkkbY0Ay7A2fgqtnBgcNEzt5dHuafAVoeKzvSs YpleQ+z8LRM2YBmOSUSDvH1zXYF+pqwasQ== X-Google-Smtp-Source: ABdhPJx+cjnxMxZ4fhI6q7kld+nPK1EajGBvHGWWOPY7F+SygbhvrGPnOiCqI4iVFTulEK7UWksQVw== X-Received: by 2002:a63:d918:: with SMTP id r24mr1736363pgg.158.1598634340748; Fri, 28 Aug 2020 10:05:40 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 12/16] crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.c Date: Fri, 28 Aug 2020 10:05:19 -0700 Message-Id: <20200828170523.418603-13-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::42d; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x42d.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) By making the function private, we will be able to make further simplifications. Re-indent the migrated code and fix the missing braces for CODING_STYLE. Reviewed-by: Daniel P. Berrang=C3=A9 Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson --- include/crypto/aes.h | 4 --- crypto/aes.c | 51 --------------------------------- crypto/cipher-builtin.c.inc | 56 +++++++++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 55 deletions(-) diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 12fb321b89..ba297d6a73 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -16,7 +16,6 @@ typedef struct aes_key_st AES_KEY; #define AES_set_decrypt_key QEMU_AES_set_decrypt_key #define AES_encrypt QEMU_AES_encrypt #define AES_decrypt QEMU_AES_decrypt -#define AES_cbc_encrypt QEMU_AES_cbc_encrypt =20 int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key); @@ -27,9 +26,6 @@ void AES_encrypt(const unsigned char *in, unsigned char *= out, const AES_KEY *key); void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc); =20 extern const uint8_t AES_sbox[256]; extern const uint8_t AES_isbox[256]; diff --git a/crypto/aes.c b/crypto/aes.c index 0f6a195af8..159800df65 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1599,54 +1599,3 @@ void AES_decrypt(const unsigned char *in, unsigned c= har *out, } =20 #endif /* AES_ASM */ - -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) -{ - - unsigned long n; - unsigned long len =3D length; - unsigned char tmp[AES_BLOCK_SIZE]; - - assert(in && out && key && ivec); - - if (enc) { - while (len >=3D AES_BLOCK_SIZE) { - for(n=3D0; n < AES_BLOCK_SIZE; ++n) - tmp[n] =3D in[n] ^ ivec[n]; - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - for(n=3D0; n < len; ++n) - tmp[n] =3D in[n] ^ ivec[n]; - for(n=3Dlen; n < AES_BLOCK_SIZE; ++n) - tmp[n] =3D ivec[n]; - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >=3D AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for(n=3D0; n < AES_BLOCK_SIZE; ++n) - out[n] ^=3D ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for(n=3D0; n < len; ++n) - out[n] =3D tmp[n] ^ ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } -} diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 8e21f2673f..61baad265a 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,6 +104,62 @@ static void do_aes_decrypt_ecb(const void *vctx, } } =20 +static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, const int enc) +{ + unsigned long n; + unsigned long len =3D length; + unsigned char tmp[AES_BLOCK_SIZE]; + + assert(in && out && key && ivec); + + if (enc) { + while (len >=3D AES_BLOCK_SIZE) { + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; + } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } + if (len) { + for (n =3D 0; n < len; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; + } + for (n =3D len; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D ivec[n]; + } + AES_encrypt(tmp, tmp, key); + memcpy(out, tmp, AES_BLOCK_SIZE); + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } else { + while (len >=3D AES_BLOCK_SIZE) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^=3D ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } + if (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(tmp, tmp, key); + for (n =3D 0; n < len; ++n) { + out[n] =3D tmp[n] ^ ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } +} + + static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634603; cv=none; d=zohomail.com; s=zohoarc; b=cTsSZkYgyHP8BGKUH2nr+PWbGX/HVpNAS9SAnkhFq9HjoPIGRQK0srdedM41VoyTQFK2SGPv8LBjn/3Ilt+uPkrowY63okj92LV0ukmnbzJUig7Au+94EYdyC1ao95r84FAzy66QDofguIvcQjX1xt5CGcop1TcPmuk5RrWf1+M= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634603; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=DzE5aSxZNYS+RCrWaloKmpsIOWPucVMMmbgOTg61krSRtbsr73EaEVUAKHTJWY3yv53JSKWay69YjaWW2Ep7RevXUWCO3SLiP0U7QVHzgrEm9yeYK36kl6QkYQcLRRCRgDZQyjANeoK2nkgqa1h+WTm/0scdWx8GdKiWoXbzzzQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634603193184.56151857577072; Fri, 28 Aug 2020 10:10:03 -0700 (PDT) Received: from localhost ([::1]:53626 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBht4-0004gr-D0 for importer@patchew.org; Fri, 28 Aug 2020 13:10:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36798) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhov-000446-Kv for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:45 -0400 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]:35125) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhot-00037K-NB for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:45 -0400 Received: by mail-pj1-x1041.google.com with SMTP id g6so31868pjl.0 for ; Fri, 28 Aug 2020 10:05:43 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=s8U035LOyXRw5MhJdmmyVpJUu5OJ6CULXwcL6utmvGyD2v3+TJ3m4LzOthcQPqBKV6 uV4rD08GqEZGISDJ3kD+4pgCYgLsEEGDcLq9lA77GGjxc0QnH3v4a2QcmObP3ab6EboH NvA4n5YOgtzNZfGvNrkrKWqTO28CAbcoJ3tlu7GlfgLvxYlZjqRsWAjubjTwxQuUr9v9 frRpJaWXIByrBQyup4RM3ic/0Y+aXcOJTRzm+I7mFI9sDm5Iz0pWWhnJvQkKTf1Ny4BM GZUxRe2vJ/j6JJ7WDE0+PesI3Z8mx3N6AujoF8zqw395cNVZTtjrWJ4ptiemRgcmwSq+ e9Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=QNNRJ4CQMo85T9jsnRHCUkbVI0C77ft+AWZiURf/s2yLJyGQiyxohRWO2m6HatM/W0 X3yAqevC0iVxhP/j+GRk+ftXh/t0drLrBOWV/S85OvX0wsVfEVKkm11ZnkkUIQlsaxQr sTCAuhRQufRTc8986vzOseHznmN+79e4aNxg1acWZxrcj5dnbSUVacoQhQu4cEaWX/4i yoYtIb/Jg3FCThtfNvMCn80NoHbxcy4IfgUEJGhAPgWAUoMJLTy/jhC7QXu7vGqVrhAz SwKxH2eiNWdMV76pDSIrPsMBF78xqVDlTuBDp5vIz7hkvEfudEsphGyFOmFR3tp8403J YheA== X-Gm-Message-State: AOAM531swGGAshhYEsUyMlNdQc2Ug3pY+GejiXuQpkoV+nucIARqdpqN CX+6/5ZuvrSVKNuPKMadx4Z2jPWuSFuq4g== X-Google-Smtp-Source: ABdhPJxH2zQ4HZ5BUmCI0im7DYVaHXSw0N/gFECusuuG1dG7uZWnTy9Jn3kqoCGBU9SEkJG5L3QxeQ== X-Received: by 2002:a17:90a:9915:: with SMTP id b21mr58544pjp.109.1598634341917; Fri, 28 Aug 2020 10:05:41 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 13/16] crypto/builtin: Split and simplify AES_encrypt_cbc Date: Fri, 28 Aug 2020 10:05:20 -0700 Message-Id: <20200828170523.418603-14-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::1041; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1041.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Split into encrypt/decrypt functions, dropping the "enc" argument. Now that the function is private to this file, we know that "len" is a multiple of AES_BLOCK_SIZE. So drop the odd block size code. Name the functions do_aes_*crypt_cbc to match the *_ecb functions. Reorder and re-type the arguments to match as well. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 97 ++++++++++++++++--------------------- 1 file changed, 42 insertions(+), 55 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 61baad265a..b1fe3b08c3 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,61 +104,50 @@ static void do_aes_decrypt_ecb(const void *vctx, } } =20 -static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) +static void do_aes_encrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) { - unsigned long n; - unsigned long len =3D length; - unsigned char tmp[AES_BLOCK_SIZE]; + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; =20 - assert(in && out && key && ivec); - - if (enc) { - while (len >=3D AES_BLOCK_SIZE) { - for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { - tmp[n] =3D in[n] ^ ivec[n]; - } - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - for (n =3D 0; n < len; ++n) { - tmp[n] =3D in[n] ^ ivec[n]; - } - for (n =3D len; n < AES_BLOCK_SIZE; ++n) { - tmp[n] =3D ivec[n]; - } - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >=3D AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { - out[n] ^=3D ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for (n =3D 0; n < len; ++n) { - out[n] =3D tmp[n] ^ ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ + while (len) { + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; } } =20 +static void do_aes_decrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) +{ + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ + while (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^=3D ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } +} =20 static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, @@ -174,9 +163,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.enc, - ctxt->state.aes.iv, 1); + do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, @@ -208,9 +196,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.dec, - ctxt->state.aes.iv, 0); + do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634888; cv=none; d=zohomail.com; s=zohoarc; b=kmnFqb5Y/NSIAzgyAX67LrB3rjUo3c2iWEhA0GvCllsNAlS8L3pBES7QOY8EzgE9TTccNgGte55VzMgM6BEwe66N8ZHef/QJj7RXGZyPrypV1vyL+nOimQYPMGRxmm4D1uBM8Zr3me6Y3pAr+CqNR1BkZ18qOLR1dfkz7XOP8/o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634888; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=Xq0xG36PVKRNshZ5gXFobt0TlqFJ/4Em1Cg6oZ+mbyjVosO2+wexEvdJHRvDkGUce6aEjyDQ23+Nr9J9Z+yuanzWa5SaO48F9lM3DRP8PDBVf9yb6ECw0Md2pntFPBTPiJli0OYgw0Xt9stAf/u/DV3yzcPsMreja2Aql4tGU3I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634888315912.8041426051599; Fri, 28 Aug 2020 10:14:48 -0700 (PDT) Received: from localhost ([::1]:40408 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhxf-0002Or-Dh for importer@patchew.org; Fri, 28 Aug 2020 13:14:47 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36812) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoy-0004BE-86 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:48 -0400 Received: from mail-pg1-x541.google.com ([2607:f8b0:4864:20::541]:38507) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhov-00037h-Am for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:47 -0400 Received: by mail-pg1-x541.google.com with SMTP id l191so726671pgd.5 for ; Fri, 28 Aug 2020 10:05:44 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=YFmJ9d3OgroK6Ny6cfaLP8wiyoth7bqdAsSzLV3XkCu2YyENWfkucoQ0eF2MP1Cty7 1M433djHO9LIZ02eqkLDc3Ds/i9VFKFc6HGU/Zoa2VYe3lHCzzTYlMs3+jIyNKThKZI0 VimkgGxchCT7uhp/sYmEzTxiWz736ZsuTLVSGUXnEVHG6nb7BsXQPwbuRangmGXvla/F pAhud6mpKpD78JLXOlI+GKcXVMTgZabxBIgfVJ+62Sbo28ii9+T4oPECBoT5ti6kYXRW ReEqJ9d2ypE8z3nLUuXWISy7d1SGTfSvyM2+PoF+puc9h0y+xms2mdfx1niyvTRnK+I7 alCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=F6sDZ1s5quxOvZk+myRZ9I1JHfD1ALo/fBFZ1NvjkVdN5g+BISbl+iLVj5FiAWYj6s DPpp5IFtoMUhjsF+V9qc7KYSvyXWHAJeG6VXtF1RCqN+TMqQRuMKkDc5LVVkTVAF+sFb /ImI0dHRjsSoYQaADA7jH7qzyqPB/JVg4g/csoggyILwjGOUqo2QiyCi8WAn/9IEFmuZ iTqv4PW+slnr65YqCaWxiPw+jea3JJ20XDF/9golIK+Xx6VTxa2XDhhO/AKKoDKQTG+V tdyHW5vy5a2HbpSeUguo771RdTteHxcRhlheL7u83fskQyi1lxLLXT4edbhVWhkipFY3 T7OA== X-Gm-Message-State: AOAM530MveeM5MAzP7+bSBqWt/eveonxn271oXRCqAdXo6sPC7QS+sqo i0CpY4nSnR6YXM6MYcvDauI+2+evl8tsUQ== X-Google-Smtp-Source: ABdhPJzqC5gdl4LuSQmM4BXepKJbZWueJgqIlowfDJT3ow7rCEYUFmDLsrKS+k5s/xvbJ0HCtFUQYg== X-Received: by 2002:a63:c904:: with SMTP id o4mr1623914pgg.99.1598634343255; Fri, 28 Aug 2020 10:05:43 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 14/16] crypto/builtin: Split QCryptoCipherBuiltin into subclasses Date: Fri, 28 Aug 2020 10:05:21 -0700 Message-Id: <20200828170523.418603-15-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::541; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x541.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) We had a second set of function pointers in QCryptoCipherBuiltin, which are redundant with QCryptoCipherDriver. Split the AES and DES implementations to avoid one level of indirection. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 553 +++++++++++++++--------------------- 1 file changed, 227 insertions(+), 326 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index b1fe3b08c3..7597cf4a10 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,56 +22,45 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; AES_KEY dec; }; + typedef struct QCryptoCipherBuiltinAES QCryptoCipherBuiltinAES; struct QCryptoCipherBuiltinAES { + QCryptoCipher base; QCryptoCipherBuiltinAESContext key; QCryptoCipherBuiltinAESContext key_tweak; uint8_t iv[AES_BLOCK_SIZE]; }; -typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; -struct QCryptoCipherBuiltinDESRFB { - uint8_t *key; - size_t nkey; -}; - -typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; -struct QCryptoCipherBuiltin { - QCryptoCipher base; - - union { - QCryptoCipherBuiltinAES aes; - QCryptoCipherBuiltinDESRFB desrfb; - } state; - size_t blocksize; - void (*free)(QCryptoCipher *cipher); - int (*setiv)(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp); - int (*encrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); - int (*decrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); -}; =20 =20 -static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) +{ + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; +} + +static void qcrypto_cipher_ctx_free(QCryptoCipher *cipher) { g_free(cipher); } =20 +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + error_setg(errp, "Setting IV is not supported"); + return -1; +} + static void do_aes_encrypt_ecb(const void *vctx, size_t len, uint8_t *out, @@ -149,77 +138,100 @@ static void do_aes_decrypt_cbc(const AES_KEY *key, } } =20 -static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_encrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_encrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; } + do_aes_encrypt_ecb(&ctx->key, len, out, in); + return 0; +} =20 +static int qcrypto_cipher_aes_decrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_decrypt_ecb(&ctx->key, len, out, in); + return 0; +} + +static int qcrypto_cipher_aes_encrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_encrypt_cbc(&ctx->key.enc, len, out, in, ctx->iv); + return 0; +} + +static int qcrypto_cipher_aes_decrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_decrypt_cbc(&ctx->key.dec, len, out, in, ctx->iv); + return 0; +} + +static int qcrypto_cipher_aes_encrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + xts_encrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_cipher_aes_decrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + xts_decrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); return 0; } =20 =20 -static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_setiv(QCryptoCipher *cipher, const uint8_t *= iv, + size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_decrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); - } - - return 0; -} - -static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 if (niv !=3D AES_BLOCK_SIZE) { error_setg(errp, "IV must be %d bytes not %zu", @@ -227,107 +239,53 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *c= ipher, return -1; } =20 - memcpy(ctxt->state.aes.iv, iv, AES_BLOCK_SIZE); - + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); return 0; } =20 +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_ecb =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_ecb, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_ecb, + .cipher_setiv =3D qcrypto_cipher_no_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_cbc =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_cbc, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_cbc, + .cipher_setiv =3D qcrypto_cipher_aes_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_xts =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_xts, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_xts, + .cipher_setiv =3D qcrypto_cipher_aes_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 =20 +typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; +struct QCryptoCipherBuiltinDESRFB { + QCryptoCipher base; =20 -static QCryptoCipher * -qcrypto_cipher_init_aes(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt; - - if (mode !=3D QCRYPTO_CIPHER_MODE_CBC && - mode !=3D QCRYPTO_CIPHER_MODE_ECB && - mode !=3D QCRYPTO_CIPHER_MODE_XTS) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - - ctxt =3D g_new0(QCryptoCipherBuiltin, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - if (AES_set_encrypt_key(key, nkey * 4, &ctxt->state.aes.key.enc) != =3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key, nkey * 4, &ctxt->state.aes.key.dec) != =3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - - if (AES_set_encrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.enc) !=3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.dec) !=3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - } else { - if (AES_set_encrypt_key(key, nkey * 8, &ctxt->state.aes.key.enc) != =3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key, nkey * 8, &ctxt->state.aes.key.dec) != =3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - } - - ctxt->blocksize =3D AES_BLOCK_SIZE; - ctxt->free =3D qcrypto_cipher_free_aes; - ctxt->setiv =3D qcrypto_cipher_setiv_aes; - ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; - ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; - - ctxt->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctxt->base; - - error: - g_free(ctxt); - return NULL; -} - - -static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - g_free(ctxt->state.desrfb.key); - g_free(ctxt); -} - + /* C.f. alg_key_len[QCRYPTO_CIPHER_ALG_DES_RFB] */ + uint8_t key[8]; +}; =20 static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + =3D container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; =20 - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } =20 - deskey(ctxt->state.desrfb.key, EN0); + deskey(ctx->key, EN0); =20 for (i =3D 0; i < len; i +=3D 8) { des((void *)in + i, out + i); @@ -336,24 +294,19 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCiph= er *cipher, return 0; } =20 - static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + =3D container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; =20 - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } =20 - deskey(ctxt->state.desrfb.key, DE1); + deskey(ctx->key, DE1); =20 for (i =3D 0; i < len; i +=3D 8) { des((void *)in + i, out + i); @@ -362,173 +315,121 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCi= pher *cipher, return 0; } =20 - -static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - error_setg(errp, "Setting IV is not supported"); - return -1; -} - - -static QCryptoCipher * -qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt; - - if (mode !=3D QCRYPTO_CIPHER_MODE_ECB) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - - ctxt =3D g_new0(QCryptoCipherBuiltin, 1); - - ctxt->state.desrfb.key =3D g_new0(uint8_t, nkey); - memcpy(ctxt->state.desrfb.key, key, nkey); - ctxt->state.desrfb.nkey =3D nkey; - - ctxt->blocksize =3D 8; - ctxt->free =3D qcrypto_cipher_free_des_rfb; - ctxt->setiv =3D qcrypto_cipher_setiv_des_rfb; - ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; - ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; - - ctxt->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctxt->base; -} - +static const struct QCryptoCipherDriver qcrypto_cipher_des_rfb_driver =3D { + .cipher_encrypt =3D qcrypto_cipher_encrypt_des_rfb, + .cipher_decrypt =3D qcrypto_cipher_decrypt_des_rfb, + .cipher_setiv =3D qcrypto_cipher_no_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: + return mode =3D=3D QCRYPTO_CIPHER_MODE_ECB; case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + case QCRYPTO_CIPHER_MODE_CBC: + case QCRYPTO_CIPHER_MODE_XTS: + return true; + default: + return false; + } break; default: return false; } - - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - return true; - case QCRYPTO_CIPHER_MODE_CTR: - return false; - default: - return false; - } } =20 - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } =20 switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); + if (mode =3D=3D QCRYPTO_CIPHER_MODE_ECB) { + QCryptoCipherBuiltinDESRFB *ctx; + + ctx =3D g_new0(QCryptoCipherBuiltinDESRFB, 1); + ctx->base.driver =3D &qcrypto_cipher_des_rfb_driver; + memcpy(ctx->key, key, sizeof(ctx->key)); + + return &ctx->base; + } + goto bad_mode; + case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - return qcrypto_cipher_init_aes(mode, key, nkey, errp); + { + QCryptoCipherBuiltinAES *ctx; + const QCryptoCipherDriver *drv; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_cipher_aes_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_cipher_aes_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_XTS: + drv =3D &qcrypto_cipher_aes_driver_xts; + break; + default: + goto bad_mode; + } + + ctx =3D g_new0(QCryptoCipherBuiltinAES, 1); + ctx->base.driver =3D drv; + + if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { + nkey /=3D 2; + if (AES_set_encrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + } + if (AES_set_encrypt_key(key, nkey * 8, &ctx->key.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key, nkey * 8, &ctx->key.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + + return &ctx->base; + + error: + g_free(ctx); + return NULL; + } + default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } + + bad_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; } - -static void -qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - ctxt->free(cipher); -} - - -static int -qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->encrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->decrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - return ctxt->setiv(cipher, iv, niv, errp); -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_builtin_cipher_encrypt, - .cipher_decrypt =3D qcrypto_builtin_cipher_decrypt, - .cipher_setiv =3D qcrypto_builtin_cipher_setiv, - .cipher_free =3D qcrypto_builtin_cipher_ctx_free, -}; --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634708; cv=none; d=zohomail.com; s=zohoarc; b=VM+yciv4zgDykWoKhQnV/9kBzW2mGheRh7/BTlwNdLcXH0+NkfXzf3nygLpkh+G8x6o1RPlbEkOixer+4hjJbqO5RpbYuRyydZ83VcXVGh5MCuc0EtoTf2yFpuYHghO3Eadq/Nty+SzyKkZYXV/TZOS1i25SNptFO7OKm+dFpzw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634708; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=CkLseB3d70j/Rm9g5jek26/dyZjLfSinhv0LP+sj1H1OHvA9Aqzd2NwZ0eTt9U0cALhawdmzJhgtp7ruKkAH2pxom8xwDFhTMxDuzxOQDD4P3Cfx+xJ85sDo7ievYNYdC1vBIxLsUXvlGWn3ITm2jMY1jMLfWM8jxNVK8umev8s= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634708208297.21091760760964; Fri, 28 Aug 2020 10:11:48 -0700 (PDT) Received: from localhost ([::1]:60194 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhuk-0007P6-Q2 for importer@patchew.org; Fri, 28 Aug 2020 13:11:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36852) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhp2-0004OU-NH for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:52 -0400 Received: from mail-pg1-x532.google.com ([2607:f8b0:4864:20::532]:35370) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoy-00037u-19 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:52 -0400 Received: by mail-pg1-x532.google.com with SMTP id g29so733645pgl.2 for ; Fri, 28 Aug 2020 10:05:47 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=RjfWO9ty3XE62f7nFHgLRJ8ft8Hrf8LoapgMwFEkzEiZ7I0hQ/V/1EHtnFs4szsjf6 MpYSlBhyYCoREPqzUAWc2yt+jq1imwUOMxrXfeCehZ1BV5MQfYbV0NiS1+04LXkD4OVl fPjaRET9SGnUCSeXr9j7m+C2mIuOzQBZvC4mZJKiwGilLoh1d/8voyrsAV9TQh88fR6H T2UvdlYIkWZNzBmjajdc0Yz72z8MtqfW2ajBRLIWmP77NfkSxYwdsIJP9LoLjNO5d/VA +J1vJLach3MRxi3usakX0RVOWLkVlkj9wPhapcs/hlpRkXlKHED8Tx6koNBtrfRUS6/N MPCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=WVvswYimtlNRJ7qY5YwivbE2VAz2xF0n8PrifVPQyt3MEMLV7blwJpfhwPqHbDY5qS nywsrZwOy00lPoUvo5PSGxQ8qb1F+rVNkTYsZgg6nE7sU3Lrqs3d5Oa6hadShdn9JG4m 9Gwz7FMfxMolyuFjh6HMt4E2fNEtk4UvNEI/HKemBKFjYZ9+hZpjFbjWqiDAgztMUUzY QaZ8QWY9n45FBxyMdc+9tznMPSM8cDp9Pak8wLaPlPy22UxYCDCmezOGEpyFB8KOupDG 5I04kuIphP2R4ZvDevSsl4EJNdXhfRTA2SaepjkZNkAheSHTOGR1GsSoRKe7yx+QzHEM H3qg== X-Gm-Message-State: AOAM533W6gvrNaGzznKUu16Z0dnRZu+P2VwLFudb7xqu4GWV3t6dkjdg MtSwmOnIeknjEihBwmLo8iAlVP4DkoJ3jQ== X-Google-Smtp-Source: ABdhPJyyBrha3cGi8oLqOhEWJVhWvxIp2Qcg6U7Sc0Q++48d7uJ0nBojFOg5gx4ZVwUDBhq7nn1GYQ== X-Received: by 2002:aa7:96cf:: with SMTP id h15mr2087694pfq.294.1598634345521; Fri, 28 Aug 2020 10:05:45 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 15/16] crypto/nettle: Split QCryptoCipherNettle into subclasses Date: Fri, 28 Aug 2020 10:05:22 -0700 Message-Id: <20200828170523.418603-16-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::532; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x532.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Use separate classes for each cipher entry point: des_rfb, des3, aes128, aes192, aes256, cast128, serpent, and twofish. Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS. This eliminates unreachable wrappers for DES_RFB, DES3 and CAST128, which have blocksizes that do not allow XTS mode. Reviewed-by: Daniel P. Berrang=C3=A9 Signed-off-by: Richard Henderson --- crypto/cipher-nettle.c.inc | 993 +++++++++++++++++++------------------ 1 file changed, 508 insertions(+), 485 deletions(-) diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 36d57ef430..cac771e4ff 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,8 +34,6 @@ #include #endif =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -45,6 +43,7 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void= *ctx, typedef nettle_crypt_func * QCryptoCipherNettleFuncNative; typedef void * cipher_ctx_t; typedef unsigned cipher_length_t; +#define CONST_CTX =20 #define cast5_set_key cast128_set_key =20 @@ -73,64 +72,215 @@ typedef unsigned cipher_length_t; typedef nettle_cipher_func * QCryptoCipherNettleFuncNative; typedef const void * cipher_ctx_t; typedef size_t cipher_length_t; +#define CONST_CTX const #endif =20 -typedef struct QCryptoNettleAES128 { - struct aes128_ctx enc; - struct aes128_ctx dec; -} QCryptoNettleAES128; - -typedef struct QCryptoNettleAES192 { - struct aes192_ctx enc; - struct aes192_ctx dec; -} QCryptoNettleAES192; - -typedef struct QCryptoNettleAES256 { - struct aes256_ctx enc; - struct aes256_ctx dec; -} QCryptoNettleAES256; - -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) { - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; } =20 -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) + +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx) { - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); + g_free(ctx); } =20 -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) { - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); + error_setg(errp, "Setting IV is not supported"); + return -1; } =20 -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); + +#define DEFINE_SETIV(NAME, TYPE, BLEN) \ +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \ + size_t niv, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (niv !=3D BLEN) { \ + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \ + return -1; \ + } \ + memcpy(ctx->iv, iv, niv); \ + return 0; \ } =20 -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} =20 -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ENCRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + DECRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ecb =3D { \ + .cipher_encrypt =3D NAME##_encrypt_ecb, \ + .cipher_decrypt =3D NAME##_decrypt_ecb, \ + .cipher_setiv =3D qcrypto_cipher_no_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_cbc =3D { \ + .cipher_encrypt =3D NAME##_encrypt_cbc, \ + .cipher_decrypt =3D NAME##_decrypt_cbc, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \ +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ctr =3D { \ + .cipher_encrypt =3D NAME##_encrypt_ctr, \ + .cipher_decrypt =3D NAME##_encrypt_ctr, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#ifdef CONFIG_QEMU_PRIVATE_XTS +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static void NAME##_xts_wrape(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + ENCRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static void NAME##_xts_wrapd(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + DECRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ } +#else +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ +} +#endif + +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + QEMU_BUILD_BUG_ON(BLEN !=3D XTS_BLOCK_SIZE); \ + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static const struct QCryptoCipherDriver NAME##_driver_xts =3D { \ + .cipher_encrypt =3D NAME##_encrypt_xts, \ + .cipher_decrypt =3D NAME##_decrypt_xts, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_SETIV(NAME, TYPE, BLEN) \ + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) + +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) + + +typedef struct QCryptoNettleDESRFB { + QCryptoCipher base; + struct des_ctx key; + uint8_t iv[DES_BLOCK_SIZE]; +} QCryptoNettleDESRFB; =20 static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) @@ -144,6 +294,16 @@ static void des_decrypt_native(cipher_ctx_t ctx, ciphe= r_length_t length, des_decrypt(ctx, length, dst, src); } =20 +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB, + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native) + + +typedef struct QCryptoNettleDES3 { + QCryptoCipher base; + struct des3_ctx key; + uint8_t iv[DES3_BLOCK_SIZE]; +} QCryptoNettleDES3; + static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -156,6 +316,94 @@ static void des3_decrypt_native(cipher_ctx_t ctx, ciph= er_length_t length, des3_decrypt(ctx, length, dst, src); } =20 +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE, + des3_encrypt_native, des3_decrypt_native) + + +typedef struct QCryptoNettleAES128 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes128_ctx key[2], key_xts[2]; +} QCryptoNettleAES128; + +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes128_ctx *keys =3D ctx; + aes128_encrypt(&keys[0], length, dst, src); +} + +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes128_ctx *keys =3D ctx; + aes128_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128, + QCryptoNettleAES128, AES_BLOCK_SIZE, + aes128_encrypt_native, aes128_decrypt_native) + + +typedef struct QCryptoNettleAES192 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes192_ctx key[2], key_xts[2]; +} QCryptoNettleAES192; + +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes192_ctx *keys =3D ctx; + aes192_encrypt(&keys[0], length, dst, src); +} + +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes192_ctx *keys =3D ctx; + aes192_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192, + QCryptoNettleAES192, AES_BLOCK_SIZE, + aes192_encrypt_native, aes192_decrypt_native) + + +typedef struct QCryptoNettleAES256 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes256_ctx key[2], key_xts[2]; +} QCryptoNettleAES256; + +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes256_ctx *keys =3D ctx; + aes256_encrypt(&keys[0], length, dst, src); +} + +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes256_ctx *keys =3D ctx; + aes256_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256, + QCryptoNettleAES256, AES_BLOCK_SIZE, + aes256_encrypt_native, aes256_decrypt_native) + + +typedef struct QCryptoNettleCAST128 { + QCryptoCipher base; + uint8_t iv[CAST128_BLOCK_SIZE]; + struct cast128_ctx key, key_xts; +} QCryptoNettleCAST128; + static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, uint8_t *dst, const uint8_t *src) { @@ -168,6 +416,18 @@ static void cast128_decrypt_native(cipher_ctx_t ctx, c= ipher_length_t length, cast128_decrypt(ctx, length, dst, src); } =20 +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128, + QCryptoNettleCAST128, CAST128_BLOCK_SIZE, + cast128_encrypt_native, cast128_decrypt_native) + + +typedef struct QCryptoNettleSerpent { + QCryptoCipher base; + uint8_t iv[SERPENT_BLOCK_SIZE]; + struct serpent_ctx key, key_xts; +} QCryptoNettleSerpent; + + static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, uint8_t *dst, const uint8_t *src) { @@ -180,6 +440,17 @@ static void serpent_decrypt_native(cipher_ctx_t ctx, c= ipher_length_t length, serpent_decrypt(ctx, length, dst, src); } =20 +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent, + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE, + serpent_encrypt_native, serpent_decrypt_native) + + +typedef struct QCryptoNettleTwofish { + QCryptoCipher base; + uint8_t iv[TWOFISH_BLOCK_SIZE]; + struct twofish_ctx key, key_xts; +} QCryptoNettleTwofish; + static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, uint8_t *dst, const uint8_t *src) { @@ -192,125 +463,10 @@ static void twofish_decrypt_native(cipher_ctx_t ctx,= cipher_length_t length, twofish_decrypt(ctx, length, dst, src); } =20 -static void aes128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); -} +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish, + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE, + twofish_encrypt_native, twofish_decrypt_native) =20 -static void aes128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); -} - -static void aes192_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); -} - -static void aes192_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); -} - -static void aes256_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} - -static void aes256_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); -} - -static void des_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des_encrypt(ctx, length, dst, src); -} - -static void des_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des_decrypt(ctx, length, dst, src); -} - -static void des3_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des3_encrypt(ctx, length, dst, src); -} - -static void des3_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des3_decrypt(ctx, length, dst, src); -} - -static void cast128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - cast128_encrypt(ctx, length, dst, src); -} - -static void cast128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - cast128_decrypt(ctx, length, dst, src); -} - -static void serpent_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - serpent_encrypt(ctx, length, dst, src); -} - -static void serpent_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - serpent_decrypt(ctx, length, dst, src); -} - -static void twofish_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - twofish_encrypt(ctx, length, dst, src); -} - -static void twofish_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - twofish_decrypt(ctx, length, dst, src); -} - -typedef struct QCryptoCipherNettle QCryptoCipherNettle; -struct QCryptoCipherNettle { - QCryptoCipher base; - - /* Primary cipher context for all modes */ - void *ctx; - /* Second cipher context for XTS mode only */ - void *ctx_tweak; - /* Cipher callbacks for both contexts */ - QCryptoCipherNettleFuncNative alg_encrypt_native; - QCryptoCipherNettleFuncNative alg_decrypt_native; - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper; - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper; - /* Initialization vector or Counter */ - uint8_t *iv; - size_t blocksize; -}; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -344,30 +500,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm a= lg, } } =20 - -static void -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx) -{ - if (!ctx) { - return; - } - - g_free(ctx->iv); - g_free(ctx->ctx); - g_free(ctx->ctx_tweak); - g_free(ctx); -} - - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipherNettle *ctx; - uint8_t *rfbkey; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -375,363 +513,248 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCrypt= oCipherAlgorithm alg, case QCRYPTO_CIPHER_MODE_CTR: break; default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; + goto bad_cipher_mode; } =20 if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } =20 - ctx =3D g_new0(QCryptoCipherNettle, 1); - switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctx->ctx =3D g_new0(struct des_ctx, 1); - rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); - des_set_key(ctx->ctx, rfbkey); - g_free(rfbkey); + { + QCryptoNettleDESRFB *ctx; + const QCryptoCipherDriver *drv; + uint8_t *rfbkey; =20 - ctx->alg_encrypt_native =3D des_encrypt_native; - ctx->alg_decrypt_native =3D des_decrypt_native; - ctx->alg_encrypt_wrapper =3D des_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D des_decrypt_wrapper; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_des_rfb_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_des_rfb_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_des_rfb_driver_ctr; + break; + default: + goto bad_cipher_mode; + } =20 - ctx->blocksize =3D DES_BLOCK_SIZE; - break; + ctx =3D g_new0(QCryptoNettleDESRFB, 1); + ctx->base.driver =3D drv; + + rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); + des_set_key(&ctx->key, rfbkey); + g_free(rfbkey); + + return &ctx->base; + } =20 case QCRYPTO_CIPHER_ALG_3DES: - ctx->ctx =3D g_new0(struct des3_ctx, 1); - des3_set_key(ctx->ctx, key); + { + QCryptoNettleDES3 *ctx; + const QCryptoCipherDriver *drv; =20 - ctx->alg_encrypt_native =3D des3_encrypt_native; - ctx->alg_decrypt_native =3D des3_decrypt_native; - ctx->alg_encrypt_wrapper =3D des3_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D des3_decrypt_wrapper; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_des3_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_des3_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_des3_driver_ctr; + break; + default: + goto bad_cipher_mode; + } =20 - ctx->blocksize =3D DES3_BLOCK_SIZE; - break; + ctx =3D g_new0(QCryptoNettleDES3, 1); + ctx->base.driver =3D drv; + des3_set_key(&ctx->key, key); + return &ctx->base; + } =20 case QCRYPTO_CIPHER_ALG_AES_128: - ctx->ctx =3D g_new0(QCryptoNettleAES128, 1); + { + QCryptoNettleAES128 *ctx =3D g_new0(QCryptoNettleAES128, 1); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES128, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_xts; + nkey /=3D 2; + aes128_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes128_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes128_set_encrypt_key(&ctx->key[0], key); + aes128_set_decrypt_key(&ctx->key[1], key); =20 - nkey /=3D 2; - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); - - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes128_encrypt_native; - ctx->alg_decrypt_native =3D aes128_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes128_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes128_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_192: - ctx->ctx =3D g_new0(QCryptoNettleAES192, 1); + { + QCryptoNettleAES192 *ctx =3D g_new0(QCryptoNettleAES192, 1); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES192, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_xts; + nkey /=3D 2; + aes192_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes192_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes192_set_encrypt_key(&ctx->key[0], key); + aes192_set_decrypt_key(&ctx->key[1], key); =20 - nkey /=3D 2; - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); - - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes192_encrypt_native; - ctx->alg_decrypt_native =3D aes192_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes192_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes192_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_256: - ctx->ctx =3D g_new0(QCryptoNettleAES256, 1); + { + QCryptoNettleAES256 *ctx =3D g_new0(QCryptoNettleAES256, 1); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES256, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_xts; + nkey /=3D 2; + aes256_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes256_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes256_set_encrypt_key(&ctx->key[0], key); + aes256_set_decrypt_key(&ctx->key[1], key); =20 - nkey /=3D 2; - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); - - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes256_encrypt_native; - ctx->alg_decrypt_native =3D aes256_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes256_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes256_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->ctx =3D g_new0(struct cast128_ctx, 1); + { + QCryptoNettleCAST128 *ctx; + const QCryptoCipherDriver *drv; =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct cast128_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_cast128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_cast128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_cast128_driver_ctr; + break; + default: + goto bad_cipher_mode; + } =20 - nkey /=3D 2; - cast5_set_key(ctx->ctx, nkey, key); - cast5_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - cast5_set_key(ctx->ctx, nkey, key); + ctx =3D g_new0(QCryptoNettleCAST128, 1); + ctx->base.driver =3D drv; + cast5_set_key(&ctx->key, nkey, key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D cast128_encrypt_native; - ctx->alg_decrypt_native =3D cast128_decrypt_native; - ctx->alg_encrypt_wrapper =3D cast128_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D cast128_decrypt_wrapper; - - ctx->blocksize =3D CAST128_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: case QCRYPTO_CIPHER_ALG_SERPENT_192: case QCRYPTO_CIPHER_ALG_SERPENT_256: - ctx->ctx =3D g_new0(struct serpent_ctx, 1); + { + QCryptoNettleSerpent *ctx =3D g_new0(QCryptoNettleSerpent, 1); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct serpent_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_xts; + nkey /=3D 2; + serpent_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + serpent_set_key(&ctx->key, nkey, key); =20 - nkey /=3D 2; - serpent_set_key(ctx->ctx, nkey, key); - serpent_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - serpent_set_key(ctx->ctx, nkey, key); + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D serpent_encrypt_native; - ctx->alg_decrypt_native =3D serpent_decrypt_native; - ctx->alg_encrypt_wrapper =3D serpent_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D serpent_decrypt_wrapper; - - ctx->blocksize =3D SERPENT_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: case QCRYPTO_CIPHER_ALG_TWOFISH_192: case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->ctx =3D g_new0(struct twofish_ctx, 1); + { + QCryptoNettleTwofish *ctx =3D g_new0(QCryptoNettleTwofish, 1); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct twofish_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_xts; + nkey /=3D 2; + twofish_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + twofish_set_key(&ctx->key, nkey, key); =20 - nkey /=3D 2; - twofish_set_key(ctx->ctx, nkey, key); - twofish_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - twofish_set_key(ctx->ctx, nkey, key); + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D twofish_encrypt_native; - ctx->alg_decrypt_native =3D twofish_decrypt_native; - ctx->alg_encrypt_wrapper =3D twofish_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D twofish_decrypt_wrapper; - - ctx->blocksize =3D TWOFISH_BLOCK_SIZE; - break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); - goto error; - } - g_assert(is_power_of_2(ctx->blocksize)); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS && - ctx->blocksize !=3D XTS_BLOCK_SIZE) { - error_setg(errp, "Cipher block size %zu must equal XTS block size = %d", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; + return NULL; } =20 - ctx->iv =3D g_new0(uint8_t, ctx->blocksize); - - ctx->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctx->base; - - error: - qcrypto_nettle_cipher_free_ctx(ctx); + bad_cipher_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); return NULL; } - - -static void -qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - qcrypto_nettle_cipher_free_ctx(ctx); -} - - -static int -qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_encrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_encrypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - - -static int -qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_decrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_decrypt(ctx->ctx, ctx->alg_decrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_decrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_decrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_decrypt_native, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - -static int -qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (niv !=3D ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - memcpy(ctx->iv, iv, niv); - return 0; -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_nettle_cipher_encrypt, - .cipher_decrypt =3D qcrypto_nettle_cipher_decrypt, - .cipher_setiv =3D qcrypto_nettle_cipher_setiv, - .cipher_free =3D qcrypto_nettle_cipher_ctx_free, -}; --=20 2.25.1 From nobody Fri May 17 07:47:07 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass(p=none dis=none) header.from=linaro.org ARC-Seal: i=1; a=rsa-sha256; t=1598634488; cv=none; d=zohomail.com; s=zohoarc; b=ARiERhWwIc02DxM0mNMfE/O4qv2+rn2tTDeMrb1keYZE86xYsuDpQBPpBs4KLh4cSbFj/Dr8ILMGINEo82wQeWTelGWZ8KH06sMKO+3ATH66yKjGjj7EM2Rr24lgAPF2jafQPc2xmO/jUWLL9Ptb2mMzW6y3ji5xvNmEWDSsQsA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1598634488; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=ZV2soZQm3qaAx2blWD7mM2Pse4FZ60WzQXTOvgLcZBxijUwu0/eVSsgGooZUuQmYYUv0XwykVaiEnCsPRAAzgYMObRK8boyYCE5kVc9BnZGDCUFd/S34Jf+kBnTkT0HWshTrE561gt2b3hs4tTtdODeRFlNwTM3xHyM+iuqNix0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1598634488220907.40351655993; Fri, 28 Aug 2020 10:08:08 -0700 (PDT) Received: from localhost ([::1]:43324 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhrD-0000Xy-Cc for importer@patchew.org; Fri, 28 Aug 2020 13:08:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36840) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhp1-0004Kh-96 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:51 -0400 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:37671) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoy-000381-Na for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:50 -0400 Received: by mail-pl1-x643.google.com with SMTP id c15so787918plq.4 for ; Fri, 28 Aug 2020 10:05:48 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:46 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=aZDhrPedvmbMt4La7SABNowNFitHiAKxBVa/W0nKiodr6ADYUz/2pk/DBnszvAxnQ0 a793gQPcgBTaYe4ZSRy+rly5vRnCPy4XH+KIj3lenGZwZ8J0FijPiWXlFesv2U0JUC3Q gipm9XJNH3zjjSB1VaOFM+IF845iuruNB5xVvqVqKib3mstZfskW3dK7nTVHB34Okt/f tGb4BWINkJBNd5wsSgZJFC9K4jbgVVr/55svNr66C/g8qUwzP0PPJuviBNSFEyoYUsUf hv2hI7PuKvds6tvF7aAg1bM2yWc2XGt3kytno58pgOefQUqoNp71pSHvB/rrzla49MM1 Be2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=KtdLlLIGLxYep0Fn9huYZ+YjIL7Rt4SoUmTOhSK7ZB8XkB7l/smYZxxg1woiqSNHfg 2ca+88l+XxziZZQk0fBT22F7sfS2DEb6j11BijVvm3R9XYcz/8JnUpoteuMXUBZ7U0T4 daIl+AkQZ1S8rWx3OFbAfjPFL8Xs/gSIGxFAQPAuGq8V2r7JnSTLv+nVZ8rbDvI2w6F1 uAnW14+3HEBL/TKWqk1duaRvfX7hIdfqXIJ4cBx/fiZzTTVfBiAsDa6LwUnBBaK9DGGN yJnQsJTdV6z2LF6+wufyRegFbYVPRI9vMbqQs1E+0Rz6+VAiw5c0Yz6XiEvDT306tI7K J+hQ== X-Gm-Message-State: AOAM530EaLxEC1bI4YFU3jmf65lCKVYKC3baLRBl6JCvg76bUbFrq0iP HZTY40GrSChlnzqvk8yTMcRMU6sEMiAuCw== X-Google-Smtp-Source: ABdhPJzlAiJUnzfzT1GTSZZQ4a+ZiA74TeFxShmtkSgCknuR/CSKaxkdR3Iu31AAAz4zPIfL3h73sQ== X-Received: by 2002:a17:90a:f691:: with SMTP id cl17mr40474pjb.8.1598634346720; Fri, 28 Aug 2020 10:05:46 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 16/16] crypto/gcrypt: Split QCryptoCipherGcrypt into subclasses Date: Fri, 28 Aug 2020 10:05:23 -0700 Message-Id: <20200828170523.418603-17-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=2607:f8b0:4864:20::643; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x643.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: pass (identity @linaro.org) Content-Type: text/plain; charset="utf-8" With gcrypt, most of the dispatch happens in the library, so there aren't many classes to create. However, we can still create separate dispatch for CTR mode, and for CONFIG_QEMU_PRIVATE_XTS, which avoids needing to check for these modes at runtime. Signed-off-by: Richard Henderson --- crypto/cipher-gcrypt.c.inc | 497 ++++++++++++++++++------------------- 1 file changed, 240 insertions(+), 257 deletions(-) diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 7a1fbc9745..42d4137534 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,8 +24,6 @@ =20 #include =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { @@ -57,36 +55,212 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm al= g, } } =20 -typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; -struct QCryptoCipherGcrypt { +typedef struct QCryptoCipherGcrypt { QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS gcry_cipher_hd_t tweakhandle; - /* Initialization vector or Counter */ - uint8_t *iv; + uint8_t iv[XTS_BLOCK_SIZE]; #endif -}; +} QCryptoCipherGcrypt; =20 -static void -qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, - QCryptoCipherMode mode) + +static void qcrypto_gcrypt_ctx_free(QCryptoCipher *cipher) { - if (!ctx) { - return; - } + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); =20 gcry_cipher_close(ctx->handle); -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx->iv); -#endif g_free(ctx); } =20 +static int qcrypto_gcrypt_encrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err =3D gcry_cipher_encrypt(ctx->handle, out, len, in, len); + if (err !=3D 0) { + error_setg(errp, "Cannot encrypt data: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static int qcrypto_gcrypt_decrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err =3D gcry_cipher_decrypt(ctx->handle, out, len, in, len); + if (err !=3D 0) { + error_setg(errp, "Cannot decrypt data: %s", + gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + gcry_cipher_reset(ctx->handle); + err =3D gcry_cipher_setiv(ctx->handle, iv, niv); + if (err !=3D 0) { + error_setg(errp, "Cannot set IV: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_ctr_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + err =3D gcry_cipher_setctr(ctx->handle, iv, niv); + if (err !=3D 0) { + error_setg(errp, "Cannot set Counter: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static const struct QCryptoCipherDriver qcrypto_gcrypt_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_setiv, + .cipher_free =3D qcrypto_gcrypt_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_gcrypt_ctr_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_ctr_setiv, + .cipher_free =3D qcrypto_gcrypt_ctx_free, +}; + +#ifdef CONFIG_QEMU_PRIVATE_XTS +static void qcrypto_gcrypt_xts_ctx_free(QCryptoCipher *cipher) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + gcry_cipher_close(ctx->tweakhandle); + qcrypto_gcrypt_ctx_free(cipher); +} + +static void qcrypto_gcrypt_xts_wrape(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err =3D gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); + g_assert(err =3D=3D 0); +} + +static void qcrypto_gcrypt_xts_wrapd(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err =3D gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); + g_assert(err =3D=3D 0); +} + +static int qcrypto_gcrypt_xts_encrypt(QCryptoCipher *cipher, const void *i= n, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + xts_encrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_decrypt(QCryptoCipher *cipher, const void *i= n, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + xts_decrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + memcpy(ctx->iv, iv, niv); + return 0; +} + +static const struct QCryptoCipherDriver qcrypto_gcrypt_xts_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_xts_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_xts_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_xts_setiv, + .cipher_free =3D qcrypto_gcrypt_xts_ctx_free, +}; +#endif /* CONFIG_QEMU_PRIVATE_XTS */ + =20 static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -95,32 +269,10 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCi= pherAlgorithm alg, Error **errp) { QCryptoCipherGcrypt *ctx; + const QCryptoCipherDriver *drv; gcry_error_t err; int gcryalg, gcrymode; =20 - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - gcrymode =3D GCRY_CIPHER_MODE_ECB; - break; - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - gcrymode =3D GCRY_CIPHER_MODE_ECB; -#else - gcrymode =3D GCRY_CIPHER_MODE_XTS; -#endif - break; - case QCRYPTO_CIPHER_MODE_CBC: - gcrymode =3D GCRY_CIPHER_MODE_CBC; - break; - case QCRYPTO_CIPHER_MODE_CTR: - gcrymode =3D GCRY_CIPHER_MODE_CTR; - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } @@ -129,54 +281,70 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoC= ipherAlgorithm alg, case QCRYPTO_CIPHER_ALG_DES_RFB: gcryalg =3D GCRY_CIPHER_DES; break; - case QCRYPTO_CIPHER_ALG_3DES: gcryalg =3D GCRY_CIPHER_3DES; break; - case QCRYPTO_CIPHER_ALG_AES_128: gcryalg =3D GCRY_CIPHER_AES128; break; - case QCRYPTO_CIPHER_ALG_AES_192: gcryalg =3D GCRY_CIPHER_AES192; break; - case QCRYPTO_CIPHER_ALG_AES_256: gcryalg =3D GCRY_CIPHER_AES256; break; - case QCRYPTO_CIPHER_ALG_CAST5_128: gcryalg =3D GCRY_CIPHER_CAST5; break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: gcryalg =3D GCRY_CIPHER_SERPENT128; break; - case QCRYPTO_CIPHER_ALG_SERPENT_192: gcryalg =3D GCRY_CIPHER_SERPENT192; break; - case QCRYPTO_CIPHER_ALG_SERPENT_256: gcryalg =3D GCRY_CIPHER_SERPENT256; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: gcryalg =3D GCRY_CIPHER_TWOFISH128; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_256: gcryalg =3D GCRY_CIPHER_TWOFISH; break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } =20 + drv =3D &qcrypto_gcrypt_driver; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + gcrymode =3D GCRY_CIPHER_MODE_ECB; + break; + case QCRYPTO_CIPHER_MODE_XTS: +#ifdef CONFIG_QEMU_PRIVATE_XTS + drv =3D &qcrypto_gcrypt_xts_driver; + gcrymode =3D GCRY_CIPHER_MODE_ECB; +#else + gcrymode =3D GCRY_CIPHER_MODE_XTS; +#endif + break; + case QCRYPTO_CIPHER_MODE_CBC: + gcrymode =3D GCRY_CIPHER_MODE_CBC; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_gcrypt_ctr_driver; + gcrymode =3D GCRY_CIPHER_MODE_CTR; + break; + default: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; + } + ctx =3D g_new0(QCryptoCipherGcrypt, 1); + ctx->base.driver =3D drv; =20 err =3D gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0); if (err !=3D 0) { @@ -184,8 +352,16 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCi= pherAlgorithm alg, gcry_strerror(err)); goto error; } + ctx->blocksize =3D gcry_cipher_get_algo_blklen(gcryalg); + #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { + if (ctx->blocksize !=3D XTS_BLOCK_SIZE) { + error_setg(errp, + "Cipher block size %zu must equal XTS block size %d= ", + ctx->blocksize, XTS_BLOCK_SIZE); + goto error; + } err =3D gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0); if (err !=3D 0) { error_setg(errp, "Cannot initialize cipher: %s", @@ -203,224 +379,31 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCrypto= CipherAlgorithm alg, uint8_t *rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); err =3D gcry_cipher_setkey(ctx->handle, rfbkey, nkey); g_free(rfbkey); - ctx->blocksize =3D 8; } else { #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { nkey /=3D 2; - err =3D gcry_cipher_setkey(ctx->handle, key, nkey); + err =3D gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); if (err !=3D 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); goto error; } - err =3D gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); - } else { -#endif - err =3D gcry_cipher_setkey(ctx->handle, key, nkey); -#ifdef CONFIG_QEMU_PRIVATE_XTS } #endif - if (err !=3D 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); - goto error; - } - switch (alg) { - case QCRYPTO_CIPHER_ALG_AES_128: - case QCRYPTO_CIPHER_ALG_AES_192: - case QCRYPTO_CIPHER_ALG_AES_256: - case QCRYPTO_CIPHER_ALG_SERPENT_128: - case QCRYPTO_CIPHER_ALG_SERPENT_192: - case QCRYPTO_CIPHER_ALG_SERPENT_256: - case QCRYPTO_CIPHER_ALG_TWOFISH_128: - case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->blocksize =3D 16; - break; - case QCRYPTO_CIPHER_ALG_3DES: - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->blocksize =3D 8; - break; - default: - g_assert_not_reached(); - } + err =3D gcry_cipher_setkey(ctx->handle, key, nkey); } - g_assert(is_power_of_2(ctx->blocksize)); - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - if (ctx->blocksize !=3D XTS_BLOCK_SIZE) { - error_setg(errp, - "Cipher block size %zu must equal XTS block size %d= ", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; - } - ctx->iv =3D g_new0(uint8_t, ctx->blocksize); + if (err !=3D 0) { + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); + goto error; } -#endif =20 - ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: - qcrypto_gcrypt_cipher_free_ctx(ctx, mode); +#ifdef CONFIG_QEMU_PRIVATE_XTS + gcry_cipher_close(ctx->tweakhandle); +#endif + gcry_cipher_close(ctx->handle); + g_free(ctx); return NULL; } - - -static void -qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - - qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); -} - - -#ifdef CONFIG_QEMU_PRIVATE_XTS -static void qcrypto_gcrypt_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err =3D gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); - g_assert(err =3D=3D 0); -} - -static void qcrypto_gcrypt_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err =3D gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); - g_assert(err =3D=3D 0); -} -#endif - -static int -qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - xts_encrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err =3D gcry_cipher_encrypt(ctx->handle, - out, len, - in, len); - if (err !=3D 0) { - error_setg(errp, "Cannot encrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - - -static int -qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - xts_decrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err =3D gcry_cipher_decrypt(ctx->handle, - out, len, - in, len); - if (err !=3D 0) { - error_setg(errp, "Cannot decrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - -static int -qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (niv !=3D ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (ctx->iv) { - memcpy(ctx->iv, iv, niv); - return 0; - } -#endif - - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_CTR) { - err =3D gcry_cipher_setctr(ctx->handle, iv, niv); - if (err !=3D 0) { - error_setg(errp, "Cannot set Counter: %s", - gcry_strerror(err)); - return -1; - } - } else { - gcry_cipher_reset(ctx->handle); - err =3D gcry_cipher_setiv(ctx->handle, iv, niv); - if (err !=3D 0) { - error_setg(errp, "Cannot set IV: %s", - gcry_strerror(err)); - return -1; - } - } - - return 0; -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_gcrypt_cipher_encrypt, - .cipher_decrypt =3D qcrypto_gcrypt_cipher_decrypt, - .cipher_setiv =3D qcrypto_gcrypt_cipher_setiv, - .cipher_free =3D qcrypto_gcrypt_cipher_ctx_free, -}; --=20 2.25.1