From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732461; cv=none; d=zohomail.com; s=zohoarc; b=Txx7RjAHxwE6H0sNYWQivonV7YdIWCEX4vAIgH5+ZG8oJW2vme8MpT10u/AknzejFhvjiSyNBmdXERyz8ecHrAxR3aZIEgzQoH3Leb9tp2SqXnuxHHjNHumQZVoIfj1BejzzJCvpnWupYdVi/MhJ3Q3zjd6sCLKz6nDPX7jU6q8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732461; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZYz9Tr2y212XkXHhsr+3qx5QuMca9yqiXm4k6okHSa4=; b=ZBwSN0qpFg/+WECgSn5fz+emZb2LN15s9x1npjEK7NXZs/UeSNbL+zl7eUGn3C8bJPyXHNA7ZiJ4tGklT/2hJpkTjx8lkqw0KcRl1MIIQyhLMR7i4KfZI6JlW7NasO5zRA1yC2jtA0X5hF36d5tMx8hXPUbwkVimURCgPL8as9I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732461235753.7501209862319; Thu, 10 Sep 2020 03:07:41 -0700 (PDT) Received: from localhost ([::1]:46028 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJUR-0001k3-Kq for importer@patchew.org; Thu, 10 Sep 2020 06:07:39 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43546) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTM-0008UC-Lu for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:32 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:44742 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTK-0007fr-B1 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:32 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-1-C36wSHbTOIq5ThHOaB1LvA-1; Thu, 10 Sep 2020 06:06:27 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A38A71074640 for ; Thu, 10 Sep 2020 10:06:26 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 675C31002D41; Thu, 10 Sep 2020 10:06:25 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732389; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ZYz9Tr2y212XkXHhsr+3qx5QuMca9yqiXm4k6okHSa4=; b=d8KZpOxGHldPWLs58UppGUSE6WZcgEVMQNfI67TBOURzvRmd4jWr+uY+YuXpDWM0X21QAE /DOzzSfuJjYA9eV08utdTXS6sXUx6KnTYGxeypFJuIR0wSi69EYqw+qXb7qypIRgSUg9Rn Efbhoz3BSprvfiYTcukV8DwU+gDAMCw= X-MC-Unique: C36wSHbTOIq5ThHOaB1LvA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 01/17] tests: fix output message formatting for crypto benchmarks Date: Thu, 10 Sep 2020 11:06:07 +0100 Message-Id: <20200910100623.1088965-2-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) The output was changed from g_print to g_test_message in commit 24441f912e67233d9c52ce6b459ed75de2484525 Author: Marc-Andr=C3=A9 Lureau Date: Fri Aug 28 15:07:30 2020 +0400 tests: do not print benchmark output to stdout As this makes the TAP output invalid. Use g_test_message(). The functions do not result in equivalent output. The g_print statements were putting all the information on a single line for ease of interpretation. The change to g_test_message split the output across many lines making it painful to read. The opportunity is used to tweak the information printed to be more consistent across tests. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Daniel P. Berrang=C3=A9 --- tests/benchmark-crypto-cipher.c | 12 ++++++++---- tests/benchmark-crypto-hash.c | 4 +++- tests/benchmark-crypto-hmac.c | 7 +++---- 3 files changed, 14 insertions(+), 9 deletions(-) diff --git a/tests/benchmark-crypto-cipher.c b/tests/benchmark-crypto-ciphe= r.c index 1936aa4ae0..c04f0a0fba 100644 --- a/tests/benchmark-crypto-cipher.c +++ b/tests/benchmark-crypto-cipher.c @@ -70,8 +70,10 @@ static void test_cipher_speed(size_t chunk_size, } g_test_timer_elapsed(); =20 - g_test_message("Enc chunk %zu bytes ", chunk_size); - g_test_message("%.2f MB/sec ", (double)total / MiB / g_test_timer_last= ()); + g_test_message("enc(%s-%s) chunk %zu bytes %.2f MB/sec ", + QCryptoCipherAlgorithm_str(alg), + QCryptoCipherMode_str(mode), + chunk_size, (double)total / MiB / g_test_timer_last()); =20 g_test_timer_start(); remain =3D total; @@ -85,8 +87,10 @@ static void test_cipher_speed(size_t chunk_size, } g_test_timer_elapsed(); =20 - g_test_message("Dec chunk %zu bytes ", chunk_size); - g_test_message("%.2f MB/sec ", (double)total / MiB / g_test_timer_last= ()); + g_test_message("dec(%s-%s) chunk %zu bytes %.2f MB/sec ", + QCryptoCipherAlgorithm_str(alg), + QCryptoCipherMode_str(mode), + chunk_size, (double)total / MiB / g_test_timer_last()); =20 qcrypto_cipher_free(cipher); g_free(plaintext); diff --git a/tests/benchmark-crypto-hash.c b/tests/benchmark-crypto-hash.c index 598111e75a..927b00bb4d 100644 --- a/tests/benchmark-crypto-hash.c +++ b/tests/benchmark-crypto-hash.c @@ -48,7 +48,9 @@ static void test_hash_speed(const void *opaque) } g_test_timer_elapsed(); =20 - g_test_message("%.2f MB/sec ", (double)total / MiB / g_test_timer_last= ()); + g_test_message("hash(%s): chunk %zu bytes %.2f MB/sec", + QCryptoHashAlgorithm_str(opts->alg), + opts->chunk_size, total / g_test_timer_last()); =20 g_free(out); g_free(in); diff --git a/tests/benchmark-crypto-hmac.c b/tests/benchmark-crypto-hmac.c index f9fa22df95..5cca636789 100644 --- a/tests/benchmark-crypto-hmac.c +++ b/tests/benchmark-crypto-hmac.c @@ -55,10 +55,9 @@ static void test_hmac_speed(const void *opaque) } while (g_test_timer_elapsed() < 5.0); =20 total /=3D MiB; - g_test_message("hmac(sha256): "); - g_test_message("Testing chunk_size %zu bytes ", chunk_size); - g_test_message("done: %.2f MB in %.2f secs: ", total, g_test_timer_las= t()); - g_test_message("%.2f MB/sec\n", total / g_test_timer_last()); + g_test_message("hmac(%s): chunk %zu bytes %.2f MB/sec", + QCryptoHashAlgorithm_str(QCRYPTO_HASH_ALG_SHA256), + chunk_size, total / g_test_timer_last()); =20 g_free(out); g_free(in); --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732461; cv=none; d=zohomail.com; s=zohoarc; b=idIGKXeO+CuKL8nxy5Qrla2o+S1HGaCP8DdflvLrMq3l5AeBM2g7/w+ImXNeBU50+xEGeBI2aku3j14kb17D/DyD+RIl6jYHkIrzN48Boeiu2uEEsVSFF92VRF8/3pr1CDhqLYElJvjsVXj4pV/ofUo6WMut6Yc9Y14uLxN5Tzs= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732461; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=WL9HiUwIz+WYhnrnfM+ZjFXjjET46LmVvkoQ4mSa12Q=; b=aRhsQtgTwC7VvlbGvvC6KZmUq0YjrssiEG601bjjLyJWfFhAobqyf/kEiyk/8t89u6XIjMMUCxKiNmQzndltECU/3LSWGZTJqMtYUuMpyikbLkkGKPJeKjPtYD8Fv9QdKqBh6Sfw/voX4SOvrYcianUsbahVUKgi2Eh3nFS9mCQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 159973246175584.46955540102692; Thu, 10 Sep 2020 03:07:41 -0700 (PDT) Received: from localhost ([::1]:46106 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJUS-0001lw-1A for importer@patchew.org; Thu, 10 Sep 2020 06:07:40 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43568) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTO-0008Vk-EB for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:34 -0400 Received: from us-smtp-delivery-124.mimecast.com ([216.205.24.124]:56689) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTM-0007fy-Ki for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:34 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-491-DhBfS2Y-MfiQ00-9ZYS6KQ-1; Thu, 10 Sep 2020 06:06:29 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2CB5E1009441; Thu, 10 Sep 2020 10:06:28 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id F34D01002D41; Thu, 10 Sep 2020 10:06:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732391; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WL9HiUwIz+WYhnrnfM+ZjFXjjET46LmVvkoQ4mSa12Q=; b=VtICTKqaDuY/eon8K2zUInVeNItabvIu6qZmvSUMyhtUO4yRxh3n/AUayOcL9LSJB0dUVD x87r1X7V3DHc2PQXqWfW2SM9XaX6C3XZ4mUqKkaGDVH2fVE6Y4n3qyxMdgLcsUw4JLoW+e Pd3g3xGB74I6VbD2Am4wt7Vrwod1xDU= X-MC-Unique: DhBfS2Y-MfiQ00-9ZYS6KQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 02/17] crypto: Assume blocksize is a power of 2 Date: Thu, 10 Sep 2020 11:06:08 +0100 Message-Id: <20200910100623.1088965-3-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=216.205.24.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson The check in the encode/decode path using full division has a noticeable amount of overhead. By asserting the blocksize is a power of 2, we can reduce this check to a mask. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c | 4 ++-- crypto/cipher-gcrypt.c | 5 +++-- crypto/cipher-nettle.c | 5 +++-- crypto/cipher.c | 1 + 4 files changed, 9 insertions(+), 6 deletions(-) diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index 35cf7820d9..6eafd39da0 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -484,7 +484,7 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt =3D cipher->opaque; =20 - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; @@ -503,7 +503,7 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt =3D cipher->opaque; =20 - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 2864099527..81e4745bff 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -245,6 +245,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, g_assert_not_reached(); } } + g_assert(is_power_of_2(ctx->blocksize)); =20 #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { @@ -305,7 +306,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx =3D cipher->opaque; gcry_error_t err; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -344,7 +345,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx =3D cipher->opaque; gcry_error_t err; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index 7e9a4cc199..0677fdfd33 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -576,6 +576,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, QCryptoCipherAlgorithm_str(alg)); goto error; } + g_assert(is_power_of_2(ctx->blocksize)); =20 if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS && ctx->blocksize !=3D XTS_BLOCK_SIZE) { @@ -613,7 +614,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx =3D cipher->opaque; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -666,7 +667,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx =3D cipher->opaque; =20 - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher.c b/crypto/cipher.c index e5adb56271..2722dc7d87 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -19,6 +19,7 @@ */ =20 #include "qemu/osdep.h" +#include "qemu/host-utils.h" #include "qapi/error.h" #include "crypto/cipher.h" #include "cipherpriv.h" --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732539; cv=none; d=zohomail.com; s=zohoarc; b=mQ24JksnZKrtyDI0RfBWqMg/Nlgr7SkVdkpEvZ6t0UUDZLBlO+TMEyUuIaiUVdKFA4J2JB+f5hYkWh8N4Rm/G7NoiBtlTnyqllroV2kWkvhBXc+DkFo1wo7E1E22pN6nvcSkqUynfz0g8HnCOihMXzWH5g8v8eZ7rO8ojdwtce4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732539; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=22/8j3nSglJouwHuKcmQ4OJ5TmHD2LDjjXggNCdZvbI=; b=DhDsOxrNY84z07okgklZpvCGkkLmHBonv6dlTMsvEmdVtZLb0+RTMFSy5tFcsyKAIVy29cMqTwl+zhoxAHvj4sxjgPZgns62LaDlvXHxRGMx0pB0YfkjkK7hRpbPCrBl975JsLSy+MLDQybBZcTPLhBkiBdIy70Ddo4EyjwnydM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 15997325396391012.1077771203802; Thu, 10 Sep 2020 03:08:59 -0700 (PDT) Received: from localhost ([::1]:54520 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJVh-0005BP-2V for importer@patchew.org; Thu, 10 Sep 2020 06:08:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43572) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTP-000050-1g for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:35 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:55513 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTN-0007gL-CP for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:34 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-543-MCA9rrJEPMKASciiV7urdA-1; Thu, 10 Sep 2020 06:06:30 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C5B9464081; Thu, 10 Sep 2020 10:06:29 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8826F1002D5C; Thu, 10 Sep 2020 10:06:28 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732392; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=22/8j3nSglJouwHuKcmQ4OJ5TmHD2LDjjXggNCdZvbI=; b=JCiZo0TI8+992qhNuDeMp+xESNdfC33bWBA7jcPmEmrn0mPCy7EOfixDizhfKVBdvhPQBS 4eBUm/EZRtSPh9ySLXULqpZG6366PBXq666/o+Fl512VhvFkdhD9ds3tksieKrwAyuCBC7 /X6q7yu3NA5uSpRBM3HW0w0xx0hOUU4= X-MC-Unique: MCA9rrJEPMKASciiV7urdA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 03/17] crypto: Rename cipher include files to .c.inc Date: Thu, 10 Sep 2020 11:06:09 +0100 Message-Id: <20200910100623.1088965-4-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson QEMU standard procedure for included c files is to use *.c.inc. E.g. there are a different set of checks that are applied. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/{cipher-builtin.c =3D> cipher-builtin.c.inc} | 0 crypto/{cipher-gcrypt.c =3D> cipher-gcrypt.c.inc} | 0 crypto/{cipher-nettle.c =3D> cipher-nettle.c.inc} | 0 crypto/cipher.c | 6 +++--- 4 files changed, 3 insertions(+), 3 deletions(-) rename crypto/{cipher-builtin.c =3D> cipher-builtin.c.inc} (100%) rename crypto/{cipher-gcrypt.c =3D> cipher-gcrypt.c.inc} (100%) rename crypto/{cipher-nettle.c =3D> cipher-nettle.c.inc} (100%) diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c.inc similarity index 100% rename from crypto/cipher-builtin.c rename to crypto/cipher-builtin.c.inc diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c.inc similarity index 100% rename from crypto/cipher-gcrypt.c rename to crypto/cipher-gcrypt.c.inc diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c.inc similarity index 100% rename from crypto/cipher-nettle.c rename to crypto/cipher-nettle.c.inc diff --git a/crypto/cipher.c b/crypto/cipher.c index 2722dc7d87..005b5da4de 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -151,11 +151,11 @@ qcrypto_cipher_munge_des_rfb_key(const uint8_t *key, #endif /* CONFIG_GCRYPT || CONFIG_NETTLE */ =20 #ifdef CONFIG_GCRYPT -#include "cipher-gcrypt.c" +#include "cipher-gcrypt.c.inc" #elif defined CONFIG_NETTLE -#include "cipher-nettle.c" +#include "cipher-nettle.c.inc" #else -#include "cipher-builtin.c" +#include "cipher-builtin.c.inc" #endif =20 QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732533; cv=none; d=zohomail.com; s=zohoarc; b=L1zOpT3Vv9uY2WExHGl+JmmyyxDBTFgyVbnmgmKTKPjQtxFo+EKYOVP7YwL8u0gXWnwP6R2mTX8sqMS6P5b78yYe/NJf7ahJ5nn6gTwlTCXl/L0YH6SUmLu38pMgQlYnqLrKLonTyhhPaXLh1HR8F0tZ/IdrJ7cFkA1yryygzcY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732533; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ePjSYCtsoDm6neGSzzJ1Nkocp6K3wm3BNYSOcxSHwwc=; b=fwYjLGRsTO2Qpey+9ao92OhOZ1GTBhlbnFh0gI1uyPPIIj9Bx4pxHNhwjkvAw34gEk2JIywnsHm+RfdWt2GjhywW5mfZj06beV1kYEG21LSoe3XpkpsJ3tfFgXwYNCvFpcqPXNwZ0BEdyyCW3Bjj/S71tkBEsTICA+6QLCjfWa4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732533299904.573007361921; Thu, 10 Sep 2020 03:08:53 -0700 (PDT) Received: from localhost ([::1]:53928 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJVb-0004wj-VB for importer@patchew.org; Thu, 10 Sep 2020 06:08:51 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43598) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTR-0000Bl-KC for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:37 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:31322 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTP-0007gp-Qq for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:37 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-414-vhXRUKP4PyWLGZ9VPL-5qw-1; Thu, 10 Sep 2020 06:06:32 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6E91E107464B; Thu, 10 Sep 2020 10:06:31 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 30AA91002D41; Thu, 10 Sep 2020 10:06:29 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732394; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=ePjSYCtsoDm6neGSzzJ1Nkocp6K3wm3BNYSOcxSHwwc=; b=IomuB4EnNHNhgV/DA4VSQmv3ixlbmQGZ3TnSVP7f8aLUl8bwJGNDnlMEaPXzV/sxYXDe/9 kcB3TC2ruFP+1bIiJTUixBU9ZcHJ3SYX2tvlMGypVdsMspCLMfWbbrkzYtH9yNUuFvzU0S zR3FOiq11menHb0hBsVniJxj89XEbrM= X-MC-Unique: vhXRUKP4PyWLGZ9VPL-5qw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 04/17] crypto: Remove redundant includes Date: Thu, 10 Sep 2020 11:06:10 +0100 Message-Id: <20200910100623.1088965-5-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 01:44:54 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Both qemu/osdep.h and cipherpriv.h have already been included by the parent cipher.c. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c.inc | 2 -- crypto/cipher-gcrypt.c.inc | 2 -- crypto/cipher-nettle.c.inc | 2 -- 3 files changed, 6 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6eafd39da0..56d45b0227 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #include "crypto/aes.h" #include "crypto/desrfb.h" #include "crypto/xts.h" -#include "cipherpriv.h" =20 typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 81e4745bff..a62839914b 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" =20 #include =20 diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0677fdfd33..256931a823 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -18,11 +18,9 @@ * */ =20 -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" =20 #include #include --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732570; cv=none; d=zohomail.com; s=zohoarc; b=AVIL1MWzD5c3bjoapoGBFk/lS6n3Pe0jyiujIifnMYFY10PCxQ8bp5JedAB6eC5Ir09BTnHF+o7G8q9mnG88D22T/HuwcYfANqodrVSKebneOa5b/5JtQmrUO4lpfVo+AWr8qSfxqyQjx+65gWXyJBlwT6vJYcicqC0tna+YpHU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732570; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=VbA/0OZZqYQXGOKSJcnbgEpaJYkroA6FF95iuoW/fyc=; b=Mpb3atDc0Z4x3Yy9NBdafh2yvIfgPDfeNDy/r90Yn0loDIUhMTiS68+QSHoB7oksApADLyABzuyhOfEjlBTwVcckYYvwvwlb/cWJdNemkZlXGifcObIa1Dznw5uNTxWF9sj2EDu4sKq/UbvnVilPS9uPauDeHwsLIMSJVat2hEo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 159973257019812.042144803002998; Thu, 10 Sep 2020 03:09:30 -0700 (PDT) Received: from localhost ([::1]:57320 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJWC-0006KK-TC for importer@patchew.org; Thu, 10 Sep 2020 06:09:28 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43608) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTS-0000DQ-AL for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:38 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:44596 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTQ-0007h0-I3 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:37 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-277-beKPAsqGMwyrFiUs6GdnWg-1; Thu, 10 Sep 2020 06:06:33 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id CC8A118BA283; Thu, 10 Sep 2020 10:06:32 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id CC33E1002D41; Thu, 10 Sep 2020 10:06:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732396; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=VbA/0OZZqYQXGOKSJcnbgEpaJYkroA6FF95iuoW/fyc=; b=aSBsCPChqyHaRG+y/bsFg8KfdmuoIv2/iX/QHv99cUt2JfEJZtVK/qzDayqPY5ZiAavuiE RouAgRJBLRxHGjlLOFKr4kn7gkt9jef8cpsD2WJbe3JUo18gPyaW3NP2ShS5Df0Dsrivb9 cqICxO0WIiF0BzCdzLeukCA9su9kYtk= X-MC-Unique: beKPAsqGMwyrFiUs6GdnWg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 05/17] crypto/nettle: Fix xts_encrypt arguments Date: Thu, 10 Sep 2020 11:06:11 +0100 Message-Id: <20200910100623.1088965-6-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 03:02:23 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson The fourth argument to xts_encrypt should be the decrypt callback; we were accidentally passing encrypt twice. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-nettle.c.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 256931a823..0404cfc6da 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -632,7 +632,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, case QCRYPTO_CIPHER_MODE_XTS: #ifdef CONFIG_QEMU_PRIVATE_XTS xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper, + ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, ctx->iv, len, out, in); #else xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732468; cv=none; d=zohomail.com; s=zohoarc; b=Bi7HPzJ33NTboMnizf84zON7iJv+22pvm2gGocol5RwwbZfFrZ4Es1h1vcfWX7wkQ/lKb8EPwZFa4x+BMiTPgmAR83rG5XFJ/7qcvevpowwx/iJ+7qnsnUgT57gjToMrUsSvaGjmxKSZvYCWZxVtaotiUIyyKDk1DIr6hRcLx9o= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732468; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=19KEz/DRMwQy3pUnVgUen5fEjahzfLsC3s499xtdYUY=; b=dsTno2GQwaFfeFQ/DIVI1Hdsvr6sEUI2qNoim0RFBMilXPq59olmZGlCUyxcn4XQI7sTkMpBvGubMvyGevbfAAc/07ved2wFXkSYdVRKZeg5hIe6GvLUPGUWA/YWSqNs9SVsxcbvm9EeIwci0jjA/fwfs+BHKEK4khccyfz+1LY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732468251832.4766710181012; Thu, 10 Sep 2020 03:07:48 -0700 (PDT) Received: from localhost ([::1]:46880 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJUY-00024n-Pr for importer@patchew.org; Thu, 10 Sep 2020 06:07:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43636) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTU-0000IG-7z for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:40 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:40793 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTS-0007hK-D0 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:39 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-577-r64GhKoJNuiCjhXsU8REIg-1; Thu, 10 Sep 2020 06:06:35 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7271B8018A1; Thu, 10 Sep 2020 10:06:34 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 23E981002D5C; Thu, 10 Sep 2020 10:06:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732397; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=19KEz/DRMwQy3pUnVgUen5fEjahzfLsC3s499xtdYUY=; b=jTNfyef5TSZ8MKLEXlMUPrHfUhs3me93aC33HYisOdhDrMVGCIEQDRN/Rp33tmlgJ5c54y e6EoFGmOhDp/g41EvuKmdu5W2dMwL7ABu0d4X1tgnUOpWIn8HKJIXC24HevgD364oblqGs QTg3qTIMLJpdy6GuCJELrhVfTBetAGg= X-MC-Unique: r64GhKoJNuiCjhXsU8REIg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 06/17] crypto: Move QCryptoCipherDriver typedef to crypto/cipher.h Date: Thu, 10 Sep 2020 11:06:12 +0100 Message-Id: <20200910100623.1088965-7-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Allow the use in QCryptoCipher to be properly typed with the opaque struct pointer. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipherpriv.h | 2 -- include/crypto/cipher.h | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 0823239f41..9228c9fc3a 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -17,8 +17,6 @@ =20 #include "qapi/qapi-types-crypto.h" =20 -typedef struct QCryptoCipherDriver QCryptoCipherDriver; - struct QCryptoCipherDriver { int (*cipher_encrypt)(QCryptoCipher *cipher, const void *in, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 5928e5ecc7..8a42a683a4 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -24,6 +24,7 @@ #include "qapi/qapi-types-crypto.h" =20 typedef struct QCryptoCipher QCryptoCipher; +typedef struct QCryptoCipherDriver QCryptoCipherDriver; =20 /* See also "QCryptoCipherAlgorithm" and "QCryptoCipherMode" * enums defined in qapi/crypto.json */ --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732685; cv=none; d=zohomail.com; s=zohoarc; b=C1I0lOA7KsfRDlVhCRKWSxgRzer3GEHbZ9635cNwwqQCduOwVBy5VbnQfQRfpdA7NV6X49abi0lLGpFQd30MtfORAABylRzxCPAe3y2iQcZbiUbx1zfqnVBrHa/klaZGSQsNsWSuIZoUOSEcKm7PSb5Ia0NK5XybdMkshkhfWw0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732685; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=EgC3toX5BHn1BmzSD7aTNv/qJ03wUJgQwo/wZpP42u0=; b=Ws9Z4RRvcGK/FPS8tI9LA3t8trb64O/wuLpLZMhXjnUqSxc5kcw8fV9BDlXUD0v5pO5uoZQvDbGpNswsxdcA8qDFiZfJO5eTBUn/UsrmuWaAyQqvMC216nU26haWIPgDio0BrrhNJYTmla3bekD/Ju+JNv2pnp71RcyGoIkteV0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732685043742.1715599928051; Thu, 10 Sep 2020 03:11:25 -0700 (PDT) Received: from localhost ([::1]:37420 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJY3-0001R9-MX for importer@patchew.org; Thu, 10 Sep 2020 06:11:23 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43658) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTW-0000MO-Gp for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:42 -0400 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:53924) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTT-0007hY-Vb for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:42 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-586-Ga2o15xON8yjSxx9ZmfHTQ-1; Thu, 10 Sep 2020 06:06:36 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 9EF9D802B6B; Thu, 10 Sep 2020 10:06:35 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id C12D41002D41; Thu, 10 Sep 2020 10:06:34 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732398; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=EgC3toX5BHn1BmzSD7aTNv/qJ03wUJgQwo/wZpP42u0=; b=XwQUWpzHFEWyGzRoI1UMiuWJeGeZlPS56C+LFnAleSCtvQ+ztA2zt36WGJZrh+rBkA/Teq gz85tMO+u+P8ApF5jUHDjnAKnAjXTkGbz6M3gUZxatzv++w2z9KQC0mCZOxCKRA7cKpxIA tlMj+NLRFmCqUJqlSmkL0ZBToV0Og6c= X-MC-Unique: Ga2o15xON8yjSxx9ZmfHTQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 07/17] crypto: Use the correct const type for driver Date: Thu, 10 Sep 2020 11:06:13 +0100 Message-Id: <20200910100623.1088965-8-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=63.128.21.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 02:38:59 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson This allows the in memory structures to be read-only. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-afalg.c | 2 +- crypto/cipher-builtin.c.inc | 2 +- crypto/cipher-gcrypt.c.inc | 2 +- crypto/cipher-nettle.c.inc | 2 +- crypto/cipher.c | 12 ++++++------ crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index cd72284690..5c7c44761b 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -218,7 +218,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *= cipher) qcrypto_afalg_comm_free(cipher->opaque); } =20 -struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { +const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { .cipher_encrypt =3D qcrypto_afalg_cipher_encrypt, .cipher_decrypt =3D qcrypto_afalg_cipher_decrypt, .cipher_setiv =3D qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 56d45b0227..156f32f1c7 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -522,7 +522,7 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_builtin_cipher_encrypt, .cipher_decrypt =3D qcrypto_builtin_cipher_decrypt, .cipher_setiv =3D qcrypto_builtin_cipher_setiv, diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index a62839914b..18850fadb9 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -413,7 +413,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_gcrypt_cipher_encrypt, .cipher_decrypt =3D qcrypto_gcrypt_cipher_decrypt, .cipher_setiv =3D qcrypto_gcrypt_cipher_setiv, diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0404cfc6da..6ecce5e8ea 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -724,7 +724,7 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, } =20 =20 -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { .cipher_encrypt =3D qcrypto_nettle_cipher_encrypt, .cipher_decrypt =3D qcrypto_nettle_cipher_decrypt, .cipher_setiv =3D qcrypto_nettle_cipher_setiv, diff --git a/crypto/cipher.c b/crypto/cipher.c index 005b5da4de..3ca4a7e662 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -165,7 +165,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorith= m alg, { QCryptoCipher *cipher; void *ctx =3D NULL; - QCryptoCipherDriver *drv =3D NULL; + const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG ctx =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); @@ -187,7 +187,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorith= m alg, cipher->alg =3D alg; cipher->mode =3D mode; cipher->opaque =3D ctx; - cipher->driver =3D (void *)drv; + cipher->driver =3D drv; =20 return cipher; } @@ -199,7 +199,7 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_encrypt(cipher, in, out, len, errp); } =20 @@ -210,7 +210,7 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_decrypt(cipher, in, out, len, errp); } =20 @@ -219,14 +219,14 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherDriver *drv =3D cipher->driver; + const QCryptoCipherDriver *drv =3D cipher->driver; return drv->cipher_setiv(cipher, iv, niv, errp); } =20 =20 void qcrypto_cipher_free(QCryptoCipher *cipher) { - QCryptoCipherDriver *drv; + const QCryptoCipherDriver *drv; if (cipher) { drv =3D cipher->driver; drv->cipher_free(cipher); diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 9228c9fc3a..b73be33bd2 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,7 +47,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); =20 -extern struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; +extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; =20 #endif =20 diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 8a42a683a4..cc57179a4d 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -81,7 +81,7 @@ struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; void *opaque; - void *driver; + const QCryptoCipherDriver *driver; }; =20 /** --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732546; cv=none; d=zohomail.com; s=zohoarc; b=ikTrLgzMZW/WAi+Ga+ZY3UL/gWh94kfpIB41Nv2eZbK/MOV8LlKV296gRrR3CKHF62T9VAVbqlDOdvY4Ez4PICfGPJK7owhQ8F0mP+dveNFzhEN5SObJBWqQ/0wg5nQVZ0StLAwyxkiOLhzkiRfz9RM6OEn0ptC98Ukzng18lkw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732546; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=bVZPMD+AIZrLMsJu3MarbFpKaLTjhfH4X3KAM0N6Wfo=; b=nPNCY62suikDqNCqRfb/J/mb3DH0tyX53EpX1ZdJhkYtYMCtu6dRnQF7rNgGDvN3wqmTYJXAhEQFnR3m2kV1dvj4TBPn7War5k/1CpICq4wc0GfzE35CJgcKlhRcXTUVTFyGa10ss9m3Hx8UHKCa17aKhxoo4ps/HESGsWEnor0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732546168916.5604428400171; Thu, 10 Sep 2020 03:09:06 -0700 (PDT) Received: from localhost ([::1]:55334 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJVo-0005Vk-Qk for importer@patchew.org; Thu, 10 Sep 2020 06:09:04 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43664) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTX-0000NX-GH for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:43 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:50460 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTU-0007hn-Qq for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:43 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-89-kwmkB3uQNVunQ4Ex9iCP9Q-1; Thu, 10 Sep 2020 06:06:38 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2D6C764081; Thu, 10 Sep 2020 10:06:37 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id EAA011002D5C; Thu, 10 Sep 2020 10:06:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732400; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=bVZPMD+AIZrLMsJu3MarbFpKaLTjhfH4X3KAM0N6Wfo=; b=MxIuC4P1//iy8OhpV6FzdFmOtnvantuvCCqwn0Pfst8BA9SWoswdMe3Y7Nvk6XfxCm824U WteWxtzb8p0W/ygxq0uTgx9g5WedAvNECz6jatOEdVHqjL1SgZyuLnTcQFCO7MpLLMJcVS sfjUD29vJkz/+9yxsXzb+RV6jLgrQNk= X-MC-Unique: kwmkB3uQNVunQ4Ex9iCP9Q-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 08/17] crypto: Allocate QCryptoCipher with the subclass Date: Thu, 10 Sep 2020 11:06:14 +0100 Message-Id: <20200910100623.1088965-9-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.003 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Merge the allocation of "opaque" into the allocation of "cipher". This is step one in reducing the indirection in these classes. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/afalgpriv.h | 3 ++ crypto/cipher-afalg.c | 20 ++++++----- crypto/cipher-builtin.c.inc | 68 +++++++++++++++++++------------------ crypto/cipher-gcrypt.c.inc | 23 +++++++------ crypto/cipher-nettle.c.inc | 24 +++++++------ crypto/cipher.c | 20 ++++------- crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 1 - 8 files changed, 84 insertions(+), 77 deletions(-) diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h index f6550b5c51..5a2393f1b7 100644 --- a/crypto/afalgpriv.h +++ b/crypto/afalgpriv.h @@ -15,6 +15,7 @@ #define QCRYPTO_AFALGPRIV_H =20 #include +#include "crypto/cipher.h" =20 #define SALG_TYPE_LEN_MAX 14 #define SALG_NAME_LEN_MAX 64 @@ -32,6 +33,8 @@ typedef struct QCryptoAFAlg QCryptoAFAlg; =20 struct QCryptoAFAlg { + QCryptoCipher base; + int tfmfd; int opfd; struct msghdr *msg; diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 5c7c44761b..86e5249bd6 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,7 +58,7 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm a= lg, return name; } =20 -QCryptoAFAlg * +QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, @@ -109,7 +109,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg =3D CMSG_FIRSTHDR(afalg->msg); =20 - return afalg; + return &afalg->base; } =20 static int @@ -117,9 +117,9 @@ qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); struct af_alg_iv *alg_iv; size_t expect_niv; - QCryptoAFAlg *afalg =3D cipher->opaque; =20 expect_niv =3D qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode); if (niv !=3D expect_niv) { @@ -200,8 +200,9 @@ qcrypto_afalg_cipher_encrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, true, errp); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, true, errp); } =20 static int @@ -209,13 +210,16 @@ qcrypto_afalg_cipher_decrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, false, errp); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, false, errp); } =20 static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher) { - qcrypto_afalg_comm_free(cipher->opaque); + QCryptoAFAlg *afalg =3D container_of(cipher, QCryptoAFAlg, base); + + qcrypto_afalg_comm_free(afalg); } =20 const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 156f32f1c7..6a03e23040 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -41,6 +41,8 @@ struct QCryptoCipherBuiltinDESRFB { =20 typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; struct QCryptoCipherBuiltin { + QCryptoCipher base; + union { QCryptoCipherBuiltinAES aes; QCryptoCipherBuiltinDESRFB desrfb; @@ -65,10 +67,7 @@ struct QCryptoCipherBuiltin { =20 static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; - - g_free(ctxt); - cipher->opaque =3D NULL; + g_free(cipher); } =20 =20 @@ -152,7 +151,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -186,7 +186,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -217,7 +218,9 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *ciph= er, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); + if (niv !=3D AES_BLOCK_SIZE) { error_setg(errp, "IV must be %d bytes not %zu", AES_BLOCK_SIZE, niv); @@ -232,7 +235,7 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *ciph= er, =20 =20 =20 -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_aes(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -289,7 +292,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; =20 - return ctxt; + return &ctxt->base; =20 error: g_free(ctxt); @@ -299,11 +302,11 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, =20 static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 g_free(ctxt->state.desrfb.key); g_free(ctxt); - cipher->opaque =3D NULL; } =20 =20 @@ -313,7 +316,8 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher= *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); size_t i; =20 if (len % 8) { @@ -338,7 +342,8 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher= *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); size_t i; =20 if (len % 8) { @@ -366,7 +371,7 @@ static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *= cipher, } =20 =20 -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -391,7 +396,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; =20 - return ctxt; + return &ctxt->base; } =20 =20 @@ -421,14 +426,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm a= lg, } =20 =20 -static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm= alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { - QCryptoCipherBuiltin *ctxt; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -446,29 +449,25 @@ static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(Q= CryptoCipherAlgorithm alg, =20 switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctxt =3D qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - ctxt =3D qcrypto_cipher_init_aes(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_aes(mode, key, nkey, errp); default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } - - return ctxt; } =20 static void qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 - ctxt =3D cipher->opaque; ctxt->free(cipher); } =20 @@ -480,7 +479,8 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -499,7 +499,8 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -516,7 +517,8 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt =3D cipher->opaque; + QCryptoCipherBuiltin *ctxt + =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 return ctxt->setiv(cipher, iv, niv, errp); } diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 18850fadb9..3b3c85e265 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -58,6 +58,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, =20 typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; struct QCryptoCipherGcrypt { + QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS @@ -86,11 +87,11 @@ qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, } =20 =20 -static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm = alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherGcrypt *ctx; gcry_error_t err; @@ -257,7 +258,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, } #endif =20 - return ctx; + return &ctx->base; =20 error: qcrypto_gcrypt_cipher_free_ctx(ctx, mode); @@ -268,7 +269,9 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, static void qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) { - qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode); + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); } =20 =20 @@ -301,7 +304,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (len & (ctx->blocksize - 1)) { @@ -340,7 +343,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (len & (ctx->blocksize - 1)) { @@ -376,7 +379,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherGcrypt *ctx =3D cipher->opaque; + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); gcry_error_t err; =20 if (niv !=3D ctx->blocksize) { diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 6ecce5e8ea..d8371d1f37 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -294,6 +294,8 @@ static void twofish_decrypt_wrapper(const void *ctx, si= ze_t length, =20 typedef struct QCryptoCipherNettle QCryptoCipherNettle; struct QCryptoCipherNettle { + QCryptoCipher base; + /* Primary cipher context for all modes */ void *ctx; /* Second cipher context for XTS mode only */ @@ -355,11 +357,11 @@ qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *c= tx) } =20 =20 -static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm = alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherNettle *ctx; uint8_t *rfbkey; @@ -585,7 +587,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, =20 ctx->iv =3D g_new0(uint8_t, ctx->blocksize); =20 - return ctx; + return &ctx->base; =20 error: qcrypto_nettle_cipher_free_ctx(ctx); @@ -596,9 +598,8 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCry= ptoCipherAlgorithm alg, static void qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherNettle *ctx; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 - ctx =3D cipher->opaque; qcrypto_nettle_cipher_free_ctx(ctx); } =20 @@ -610,7 +611,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -663,7 +664,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); =20 if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -713,7 +714,8 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherNettle *ctx =3D cipher->opaque; + QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); + if (niv !=3D ctx->blocksize) { error_setg(errp, "Expected IV size %zu not %zu", ctx->blocksize, niv); diff --git a/crypto/cipher.c b/crypto/cipher.c index 3ca4a7e662..737fc0735d 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -163,30 +163,27 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgori= thm alg, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipher *cipher; - void *ctx =3D NULL; + QCryptoCipher *cipher =3D NULL; const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG - ctx =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (ctx) { + cipher =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); + if (cipher) { drv =3D &qcrypto_cipher_afalg_driver; } #endif =20 - if (!ctx) { - ctx =3D qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); - if (!ctx) { + if (!cipher) { + cipher =3D qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); + if (!cipher) { return NULL; } =20 drv =3D &qcrypto_cipher_lib_driver; } =20 - cipher =3D g_new0(QCryptoCipher, 1); cipher->alg =3D alg; cipher->mode =3D mode; - cipher->opaque =3D ctx; cipher->driver =3D drv; =20 return cipher; @@ -226,10 +223,7 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, =20 void qcrypto_cipher_free(QCryptoCipher *cipher) { - const QCryptoCipherDriver *drv; if (cipher) { - drv =3D cipher->driver; - drv->cipher_free(cipher); - g_free(cipher); + cipher->driver->cipher_free(cipher); } } diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index b73be33bd2..437b109b5e 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -41,7 +41,7 @@ struct QCryptoCipherDriver { =20 #include "afalgpriv.h" =20 -extern QCryptoAFAlg * +extern QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index cc57179a4d..083e12a7d9 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -80,7 +80,6 @@ typedef struct QCryptoCipherDriver QCryptoCipherDriver; struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; - void *opaque; const QCryptoCipherDriver *driver; }; =20 --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732647; cv=none; d=zohomail.com; s=zohoarc; b=C/B7x8MU/V7bimX6+H5H1McqLNVxG3sEtSdjCf3sWdaEw/X0Gtq2PejTFcycHkeXeW/LhBx8CI27aoVPTMZ0660ymgCbA/Xjo7UXWvvo12TRMXNdPg4Wj3bZKpP1P5r7VUCe4PGIC5pCqZXetIJOjRX5RGuK2cmg9R6nwRKO4yc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732647; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=JOk10kb0mszjBp1j55p7ooi4MUv5zXNABmQ7poAPUnQ=; b=g5xJ2cGu4v/2Ozciiz3mmSr3UjPWSGdI0nQ27gogZzsyG1yZCkoUXfzZ1U4B7uGs0Zsk354igx5fSzj60i6Wzzgr+uduNYutqhEZLl0XvyCb0uBu6HSuICdvKhpkCJm64fzySoZ+HS2BvEC390lBQG3zi392rykPIoUhRwvNi40= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732647085313.5973856540446; Thu, 10 Sep 2020 03:10:47 -0700 (PDT) Received: from localhost ([::1]:34674 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJXR-0000Dr-NJ for importer@patchew.org; Thu, 10 Sep 2020 06:10:45 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43688) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTZ-0000QF-BH for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:46 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:44663 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTX-0007i0-4J for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:45 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-35-SoqMgi60N1WDPZXCipCFEg-1; Thu, 10 Sep 2020 06:06:39 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 969D11009443; Thu, 10 Sep 2020 10:06:38 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 8AB271002D41; Thu, 10 Sep 2020 10:06:37 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732402; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=JOk10kb0mszjBp1j55p7ooi4MUv5zXNABmQ7poAPUnQ=; b=GI4iMYKUIZrSvVA5iO75F17cTkMqT8GDZk0kS8VfEh1TvVH5IWCSPtPpCqBLDJ2MfJP9bW tLB7gKRnPp3B3Ikdykv+Vw8AGT0FxirBQ84/s1RFQYLOUsGZsknr97X8u0ZH7Jqk+YN6HW kzmZN+XJhyBAs6kexQZr58ys8dDOFS8= X-MC-Unique: SoqMgi60N1WDPZXCipCFEg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 09/17] crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_new Date: Thu, 10 Sep 2020 11:06:15 +0100 Message-Id: <20200910100623.1088965-10-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 03:02:23 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson The class vtable should be set by the class initializer. This will also allow additional subclassing, reducing the amount of indirection in the hierarchy. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-afalg.c | 5 ++++- crypto/cipher-builtin.c.inc | 4 ++++ crypto/cipher-gcrypt.c.inc | 2 ++ crypto/cipher-nettle.c.inc | 3 +++ crypto/cipher.c | 7 ------- crypto/cipherpriv.h | 2 -- 6 files changed, 13 insertions(+), 10 deletions(-) diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 86e5249bd6..052355a8a9 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,6 +58,8 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm a= lg, return name; } =20 +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; + QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -109,6 +111,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg =3D CMSG_FIRSTHDR(afalg->msg); =20 + afalg->base.driver =3D &qcrypto_cipher_afalg_driver; return &afalg->base; } =20 @@ -222,7 +225,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *= cipher) qcrypto_afalg_comm_free(afalg); } =20 -const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver =3D { .cipher_encrypt =3D qcrypto_afalg_cipher_encrypt, .cipher_decrypt =3D qcrypto_afalg_cipher_decrypt, .cipher_setiv =3D qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6a03e23040..1444139f36 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,6 +22,8 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; @@ -292,6 +294,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; =20 + ctxt->base.driver =3D &qcrypto_cipher_lib_driver; return &ctxt->base; =20 error: @@ -396,6 +399,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; =20 + ctxt->base.driver =3D &qcrypto_cipher_lib_driver; return &ctxt->base; } =20 diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 3b3c85e265..7a1fbc9745 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,6 +24,7 @@ =20 #include =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -258,6 +259,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCip= herAlgorithm alg, } #endif =20 + ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index d8371d1f37..36d57ef430 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,6 +34,8 @@ #include #endif =20 +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -587,6 +589,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCip= herAlgorithm alg, =20 ctx->iv =3D g_new0(uint8_t, ctx->blocksize); =20 + ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: diff --git a/crypto/cipher.c b/crypto/cipher.c index 737fc0735d..3711b552fa 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -164,13 +164,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorit= hm alg, Error **errp) { QCryptoCipher *cipher =3D NULL; - const QCryptoCipherDriver *drv =3D NULL; =20 #ifdef CONFIG_AF_ALG cipher =3D qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (cipher) { - drv =3D &qcrypto_cipher_afalg_driver; - } #endif =20 if (!cipher) { @@ -178,13 +174,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgori= thm alg, if (!cipher) { return NULL; } - - drv =3D &qcrypto_cipher_lib_driver; } =20 cipher->alg =3D alg; cipher->mode =3D mode; - cipher->driver =3D drv; =20 return cipher; } diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 437b109b5e..396527857d 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,8 +47,6 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); =20 -extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; - #endif =20 #endif --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732628; cv=none; d=zohomail.com; s=zohoarc; b=WR6npWUurbHnOGnCzHpjfjoq7RtGaDWRt6WmT3V26fu1MtkeuCakrn1sNdB00yStQwPZEFnHWQiftDXMOXSBiKfuIlY+NGvIHfT4V3/XGaMSRmtiIotbwAve3E7enFbwDEJSkN2L0Sp/gdW7ce2fW7t+8cvQPd4YDpN/Iqe4Bmg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732628; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=LZmUthsQHGdqq+Z0/yMwoLNJz4uIPUN1e7DgJ0tmhBk=; b=QDE4rYuy+yRVjUUq9SLdedPJLsZf4DfUuLPfH6AYqdmSVek0Jtq0bTPLrquC2OW3hUni5L4suQVOw1U947al0Pls2qFTo3ksYSIc8ZCn9e/B4Pb+EHAqqbwDFRd5saJg/dQEX3k1kyqzdiPsHX9OnhzRkHKSOKVPxDtIeYMdffI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732628827447.2108205177376; Thu, 10 Sep 2020 03:10:28 -0700 (PDT) Received: from localhost ([::1]:33986 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJX9-0008Mb-GN for importer@patchew.org; Thu, 10 Sep 2020 06:10:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43712) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTa-0000RT-Tl for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:47 -0400 Received: from us-smtp-delivery-124.mimecast.com ([63.128.21.124]:45303) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTY-0007i8-05 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:46 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-86-0FdH3YMPPhC3PI6G-mUaZg-1; Thu, 10 Sep 2020 06:06:41 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 3F372107464E; Thu, 10 Sep 2020 10:06:40 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 002131002D41; Thu, 10 Sep 2020 10:06:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732403; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=LZmUthsQHGdqq+Z0/yMwoLNJz4uIPUN1e7DgJ0tmhBk=; b=EE3YfGUMgGjDvHekgTlXBLmaSDefmdRVTr4KTPuj8E+3Qxysn9zTQxpMAPaFIpq41mEf+A /xGDI2tYycCyi7xbVCrrOKoqSp6a81cP1dWM8QxOJ0928g7ICkrKZ0dXoKBtijp66V+YUI 2W4Ra8/VYf7TLjZwxn7X6uB0j4Rx7U0= X-MC-Unique: 0FdH3YMPPhC3PI6G-mUaZg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 10/17] crypto: Constify cipher data tables Date: Thu, 10 Sep 2020 11:06:16 +0100 Message-Id: <20200910100623.1088965-11-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=63.128.21.124; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-124.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 02:38:59 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H5=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/crypto/cipher.c b/crypto/cipher.c index 3711b552fa..068b2fb867 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -25,7 +25,7 @@ #include "cipherpriv.h" =20 =20 -static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { +static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_AES_128] =3D 16, [QCRYPTO_CIPHER_ALG_AES_192] =3D 24, [QCRYPTO_CIPHER_ALG_AES_256] =3D 32, @@ -40,7 +40,7 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_TWOFISH_256] =3D 32, }; =20 -static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { +static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_AES_128] =3D 16, [QCRYPTO_CIPHER_ALG_AES_192] =3D 16, [QCRYPTO_CIPHER_ALG_AES_256] =3D 16, @@ -55,7 +55,7 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] =3D { [QCRYPTO_CIPHER_ALG_TWOFISH_256] =3D 16, }; =20 -static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] =3D { +static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] =3D { [QCRYPTO_CIPHER_MODE_ECB] =3D false, [QCRYPTO_CIPHER_MODE_CBC] =3D true, [QCRYPTO_CIPHER_MODE_XTS] =3D true, --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732802; cv=none; d=zohomail.com; s=zohoarc; b=WIr5Xc578ziiexCI+lcksBSQ/NWdOyFhcwbCIHdSsVeJLWBGmd9csoHlviBUrm4ITS0l6ktrHl1jBbPNoq+xRenFL86m94dqg7o78RgV8bh1HOOY3OlG3lHxbT1OKr25M0ZbdZQJyGDAdO9POOMoed3+N0vaoQ9UcIQSnHCymNY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732802; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Yq0dLty2zOPZXtWacMEsSs09G1z6ITTkf3f7aeY0XKI=; b=IEMPsuz/NI5I4STNjOxf4RHgxIWRmvCdXwV9uvh/V+aYKTVStFRDNgHrVfGZkHpN3zpqf8o84xxZyJ9Fg4mIyZkzHCvIvN4/s8kMEJOdoTy0tDg/4nhaK86CGvNwrnKpJV5Ll1Cssowd5gpT2SVzPoYsI7qnsEnzrnBZuX/WmmU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732802790132.79658768780712; Thu, 10 Sep 2020 03:13:22 -0700 (PDT) Received: from localhost ([::1]:45958 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJZx-0004xv-Gi for importer@patchew.org; Thu, 10 Sep 2020 06:13:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43718) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTb-0000Sh-Me for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:47 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:32364 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTZ-0007iL-8M for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:47 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-152-grfCSkOxNSeMiHmFzGDQmA-1; Thu, 10 Sep 2020 06:06:42 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id A380B1009443; Thu, 10 Sep 2020 10:06:41 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 9BEE91002D41; Thu, 10 Sep 2020 10:06:40 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732404; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Yq0dLty2zOPZXtWacMEsSs09G1z6ITTkf3f7aeY0XKI=; b=QI0w8kCOsoqTFJrh7Rwx0Y2xGs+eR/vQb6LrBgRMgyyZO+EROS7a3V61hcXVnFT/L074ym 26weHqh6yKFH7nJc9j4JpyEU/BNf6J5mwhuMiCrGrNLHHxxcBFCS4RqAqOrQOIHu/azhF2 Ba0890On0WE+obe4Zfdmig6C3IZEntA= X-MC-Unique: grfCSkOxNSeMiHmFzGDQmA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 11/17] crypto/builtin: Remove odd-sized AES block handling Date: Thu, 10 Sep 2020 11:06:17 +0100 Message-Id: <20200910100623.1088965-12-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 01:44:54 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson We verified that the data block is properly sized modulo AES_BLOCK_SIZE within qcrypto_builtin_cipher_{en,de}crypt. Therefore we will never have to handle odd sized blocks. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c.inc | 40 +++++++++++-------------------------- 1 file changed, 12 insertions(+), 28 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 1444139f36..e2ae5d090c 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -80,21 +80,13 @@ static void qcrypto_cipher_aes_ecb_encrypt(const AES_KE= Y *key, { const uint8_t *inptr =3D in; uint8_t *outptr =3D out; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_encrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; - len -=3D AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_encrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len =3D 0; - } + AES_encrypt(inptr, outptr, key); + inptr +=3D AES_BLOCK_SIZE; + outptr +=3D AES_BLOCK_SIZE; + len -=3D AES_BLOCK_SIZE; } } =20 @@ -106,21 +98,13 @@ static void qcrypto_cipher_aes_ecb_decrypt(const AES_K= EY *key, { const uint8_t *inptr =3D in; uint8_t *outptr =3D out; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_decrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; - len -=3D AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_decrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len =3D 0; - } + AES_decrypt(inptr, outptr, key); + inptr +=3D AES_BLOCK_SIZE; + outptr +=3D AES_BLOCK_SIZE; + len -=3D AES_BLOCK_SIZE; } } =20 --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732752; cv=none; d=zohomail.com; s=zohoarc; b=YFSUvYrayRVWAcL/80hz+Ukr2W+OZEPv91ptdTEsJSS25XRAyJqmC5zHUsdB2RNSWl2B4Wh25bQZcICKDCd0a934egYBfR8qgYNlcp+12a077m20xhGlZ8bh9SMi4wWYvm41tlw58aA3rClYZWJp3efg8Mz7sSpoIYnZ4168bc0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732752; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ks5DjWJdmSrk8l3V2pBehAqHtpAVlLDpFKUC7ipwfQ4=; b=d5MBe6Z/Yznn1ixiBMbmG/OkGD8KTe0P8Ra2AwTW7EBnYauLuagJ7wkeTP3W7pYIxG9QIxWKyuIdA6wcEEDiKPNfhrj8Z9ngJ6mS9VHhMbDxKPgWjtMhexiSCEVOf1aoq88kQx9i5AxgY+kUaiIBR8k2MxjIAs0kXWeqmF+VYLA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732752799510.61256263600706; Thu, 10 Sep 2020 03:12:32 -0700 (PDT) Received: from localhost ([::1]:43004 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJZ9-0003iy-Fy for importer@patchew.org; Thu, 10 Sep 2020 06:12:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43732) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTd-0000U1-Be for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:49 -0400 Received: from us-smtp-delivery-1.mimecast.com ([205.139.110.120]:54284 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTb-0007il-Az for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:49 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-182-xWiUS65bMwuoiiwoPK5N3Q-1; Thu, 10 Sep 2020 06:06:44 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1A5E2801F95; Thu, 10 Sep 2020 10:06:43 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 11FFB1002D41; Thu, 10 Sep 2020 10:06:41 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732406; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Ks5DjWJdmSrk8l3V2pBehAqHtpAVlLDpFKUC7ipwfQ4=; b=LLAwAj8KBtCTwrMnY1KVpoTd2UlPwNyfQYW9+K27G1w2HG0PhBGBlyggGf4vbuboawORqo IlnOIICqR7snqy8Qw9/zuZhlBa3Firi1xv5+GcoGvvP1lTFOSuuKe55EVhVLjKeg3NYGvq /dveAdh0OqLFmHUCfMzTx2OD0NGlyh0= X-MC-Unique: xWiUS65bMwuoiiwoPK5N3Q-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 12/17] crypto/builtin: Merge qcrypto_cipher_aes_{ecb, xts}_{en, de}crypt Date: Thu, 10 Sep 2020 11:06:18 +0100 Message-Id: <20200910100623.1088965-13-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.003 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.120; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 01:23:25 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson There's no real reason we need two separate helper functions here. Standardize on the function signature required for xts_encrypt. Rename to do_aes_{en,de}crypt_ecb, since the helper does not itself do anything with respect to xts. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c.inc | 73 +++++++++++-------------------------- 1 file changed, 22 insertions(+), 51 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index e2ae5d090c..8e21f2673f 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -72,65 +72,38 @@ static void qcrypto_cipher_free_aes(QCryptoCipher *ciph= er) g_free(cipher); } =20 - -static void qcrypto_cipher_aes_ecb_encrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_encrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr =3D in; - uint8_t *outptr =3D out; + const QCryptoCipherBuiltinAESContext *ctx =3D vctx; =20 /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - AES_encrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; + AES_encrypt(in, out, &ctx->enc); + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; len -=3D AES_BLOCK_SIZE; } } =20 - -static void qcrypto_cipher_aes_ecb_decrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_decrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr =3D in; - uint8_t *outptr =3D out; + const QCryptoCipherBuiltinAESContext *ctx =3D vctx; =20 /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ while (len) { - AES_decrypt(inptr, outptr, key); - inptr +=3D AES_BLOCK_SIZE; - outptr +=3D AES_BLOCK_SIZE; + AES_decrypt(in, out, &ctx->dec); + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; len -=3D AES_BLOCK_SIZE; } } =20 - -static void qcrypto_cipher_aes_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx =3D ctx; - - qcrypto_cipher_aes_ecb_encrypt(&aesctx->enc, src, dst, length); -} - - -static void qcrypto_cipher_aes_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx =3D ctx; - - qcrypto_cipher_aes_ecb_decrypt(&aesctx->dec, src, dst, length); -} - - static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, @@ -142,8 +115,7 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_encrypt(&ctxt->state.aes.key.enc, - in, out, len); + do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -153,8 +125,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; @@ -177,8 +149,7 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, =20 switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_decrypt(&ctxt->state.aes.key.dec, - in, out, len); + do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -188,8 +159,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732844; cv=none; d=zohomail.com; s=zohoarc; b=ZOvGWt/aqI6B+l5DTWq26rAxqHEOIBNF+n9eIhjpbhpjvqU9NxC0ZZaHzlGXw6vw5qFjsyZnWUuuZ8/k6pHCzu6VMOECYlb3795rbj7CCw8u9DYeykuISRhLPFTt1sTALZ/QaDy0EEfNp/4Hd2I2qYYl7Cz/4bHi/LBzFccwvLc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732844; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=z5kz+dl4NiZGR3DyQwvuH4nV2SaU5K6TRvwu9idGUNw=; b=e2uvwR639HML2qTCFBZSzdZxm3vAmz9XxgdvYZR3TliVbwb4wcTNtmbWN2c5gVbecKhC3VDef2wZBPZbcR39keJBotp3laVgxDok3pEiSzYKz03R67IDgqL2Rey4FPbQ9opzbhUEYjC01miivrpWWEgViis1dAzMlwqR6d7QrZ8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732844074182.7726299703504; Thu, 10 Sep 2020 03:14:04 -0700 (PDT) Received: from localhost ([::1]:49274 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJac-0006KM-Lh for importer@patchew.org; Thu, 10 Sep 2020 06:14:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43760) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTf-0000Wi-PZ for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:51 -0400 Received: from us-smtp-2.mimecast.com ([207.211.31.81]:21140 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTd-0007j0-5L for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:51 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-227-icB0_c8eMwesHJwalp4Ajg-1; Thu, 10 Sep 2020 06:06:45 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id C96E6801AB8; Thu, 10 Sep 2020 10:06:44 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7BC1F1002D5C; Thu, 10 Sep 2020 10:06:43 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732408; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=z5kz+dl4NiZGR3DyQwvuH4nV2SaU5K6TRvwu9idGUNw=; b=fd4wcEASKQ4MI22OK3oNTIrEHi2rsLYOmcOMAEA5iQZWHlr+MVRZcNsLw7hrDefttw9YfY qsDQpkeXeYUKyxFwsjiXmr+aJ8nMvxJXyvIwPJvPqjs8FeVuhl3ACCm6vrfi92B3gV6xNZ cjRwEQeIKQdUK5e2N4ddCtZBLNTjl7w= X-MC-Unique: icB0_c8eMwesHJwalp4Ajg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 13/17] crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.c Date: Thu, 10 Sep 2020 11:06:19 +0100 Message-Id: <20200910100623.1088965-14-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.81; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 00:49:43 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= , =?UTF-8?q?Philippe=20Mathieu-Daud=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson By making the function private, we will be able to make further simplifications. Re-indent the migrated code and fix the missing braces for CODING_STYLE. Reviewed-by: Philippe Mathieu-Daud=C3=A9 Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/aes.c | 51 --------------------------------- crypto/cipher-builtin.c.inc | 56 +++++++++++++++++++++++++++++++++++++ include/crypto/aes.h | 4 --- 3 files changed, 56 insertions(+), 55 deletions(-) diff --git a/crypto/aes.c b/crypto/aes.c index 0f6a195af8..159800df65 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1599,54 +1599,3 @@ void AES_decrypt(const unsigned char *in, unsigned c= har *out, } =20 #endif /* AES_ASM */ - -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) -{ - - unsigned long n; - unsigned long len =3D length; - unsigned char tmp[AES_BLOCK_SIZE]; - - assert(in && out && key && ivec); - - if (enc) { - while (len >=3D AES_BLOCK_SIZE) { - for(n=3D0; n < AES_BLOCK_SIZE; ++n) - tmp[n] =3D in[n] ^ ivec[n]; - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - for(n=3D0; n < len; ++n) - tmp[n] =3D in[n] ^ ivec[n]; - for(n=3Dlen; n < AES_BLOCK_SIZE; ++n) - tmp[n] =3D ivec[n]; - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >=3D AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for(n=3D0; n < AES_BLOCK_SIZE; ++n) - out[n] ^=3D ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for(n=3D0; n < len; ++n) - out[n] =3D tmp[n] ^ ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } -} diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 8e21f2673f..61baad265a 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,6 +104,62 @@ static void do_aes_decrypt_ecb(const void *vctx, } } =20 +static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, const int enc) +{ + unsigned long n; + unsigned long len =3D length; + unsigned char tmp[AES_BLOCK_SIZE]; + + assert(in && out && key && ivec); + + if (enc) { + while (len >=3D AES_BLOCK_SIZE) { + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; + } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } + if (len) { + for (n =3D 0; n < len; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; + } + for (n =3D len; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D ivec[n]; + } + AES_encrypt(tmp, tmp, key); + memcpy(out, tmp, AES_BLOCK_SIZE); + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } else { + while (len >=3D AES_BLOCK_SIZE) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^=3D ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } + if (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(tmp, tmp, key); + for (n =3D 0; n < len; ++n) { + out[n] =3D tmp[n] ^ ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } +} + + static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 12fb321b89..ba297d6a73 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -16,7 +16,6 @@ typedef struct aes_key_st AES_KEY; #define AES_set_decrypt_key QEMU_AES_set_decrypt_key #define AES_encrypt QEMU_AES_encrypt #define AES_decrypt QEMU_AES_decrypt -#define AES_cbc_encrypt QEMU_AES_cbc_encrypt =20 int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key); @@ -27,9 +26,6 @@ void AES_encrypt(const unsigned char *in, unsigned char *= out, const AES_KEY *key); void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc); =20 extern const uint8_t AES_sbox[256]; extern const uint8_t AES_isbox[256]; --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732916; cv=none; d=zohomail.com; s=zohoarc; b=Fjna5fciKNYNkl2+atlnA49m6ZjPbKQ6TbELBK5+Ce8wT13axZzi+oEMNs8ch7bSXxA/x/abcLyiSvy81Q+neN6YddOGotAFNKFzbgJgTZfO+fFRua83afRA5G33OPUvBM+07PLFYIGDx0MLBlLP1YgPYzIfmuDJJeqXxFwMeRw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732916; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=A2f9SYRD21RntK1btIFerAtriqCpg0ZbaBGhCatpAE8=; b=m2OtvpTI59qMJNqljB8dlV1v5ZpJz5xJbf06AbXHghbkIVOD3qszzXCkBFZHkLZ8YwQnPKzkVTe5q5XW5kvwCD0FEsQgs6algugeSicQWE4C7UR8mp7iYRn0mb2FxFBrojPh31qTGMKf7mU3Al6SeQ8qswYAVxEHGy0tzbZ2t74= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732916762976.6122811749319; Thu, 10 Sep 2020 03:15:16 -0700 (PDT) Received: from localhost ([::1]:54172 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJbn-0008Ka-Ah for importer@patchew.org; Thu, 10 Sep 2020 06:15:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43770) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTg-0000YJ-DZ for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:52 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:25962 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTe-0007jB-D3 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:52 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-490-dKfCdj3fOdWSqvA7Zy6txA-1; Thu, 10 Sep 2020 06:06:47 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4C91F64082; Thu, 10 Sep 2020 10:06:46 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 1CD6D1002D41; Thu, 10 Sep 2020 10:06:44 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732409; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=A2f9SYRD21RntK1btIFerAtriqCpg0ZbaBGhCatpAE8=; b=XXaeao1st3EqOXatkE5+9OjVuLD1rhb2UEsOaPViQyZ8HEYytOUNqLMljbAQk7AOdu0eIS v1jOL28ScOvK7DJcXjbWPorZsnz9PoRHqKMLwx/Fu8q+pUbbX6XyH1/6TnzmGuvVaWICuK NebDDDTW0P4LZl/g8BKRzjcubQ0M83U= X-MC-Unique: dKfCdj3fOdWSqvA7Zy6txA-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 14/17] crypto/builtin: Split and simplify AES_encrypt_cbc Date: Thu, 10 Sep 2020 11:06:20 +0100 Message-Id: <20200910100623.1088965-15-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.003 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 01:44:54 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Split into encrypt/decrypt functions, dropping the "enc" argument. Now that the function is private to this file, we know that "len" is a multiple of AES_BLOCK_SIZE. So drop the odd block size code. Name the functions do_aes_*crypt_cbc to match the *_ecb functions. Reorder and re-type the arguments to match as well. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c.inc | 99 ++++++++++++++++--------------------- 1 file changed, 43 insertions(+), 56 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 61baad265a..b1fe3b08c3 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,61 +104,50 @@ static void do_aes_decrypt_ecb(const void *vctx, } } =20 -static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) +static void do_aes_encrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) { - unsigned long n; - unsigned long len =3D length; - unsigned char tmp[AES_BLOCK_SIZE]; - - assert(in && out && key && ivec); - - if (enc) { - while (len >=3D AES_BLOCK_SIZE) { - for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { - tmp[n] =3D in[n] ^ ivec[n]; - } - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - for (n =3D 0; n < len; ++n) { - tmp[n] =3D in[n] ^ ivec[n]; - } - for (n =3D len; n < AES_BLOCK_SIZE; ++n) { - tmp[n] =3D ivec[n]; - } - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >=3D AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { - out[n] ^=3D ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -=3D AES_BLOCK_SIZE; - in +=3D AES_BLOCK_SIZE; - out +=3D AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for (n =3D 0; n < len; ++n) { - out[n] =3D tmp[n] ^ ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ + while (len) { + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] =3D in[n] ^ ivec[n]; } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; } } =20 +static void do_aes_decrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) +{ + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; + + /* We have already verified that len % AES_BLOCK_SIZE =3D=3D 0. */ + while (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n =3D 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^=3D ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -=3D AES_BLOCK_SIZE; + in +=3D AES_BLOCK_SIZE; + out +=3D AES_BLOCK_SIZE; + } +} =20 static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, @@ -174,9 +163,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *ci= pher, do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.enc, - ctxt->state.aes.iv, 1); + do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, @@ -208,9 +196,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *ci= pher, do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.dec, - ctxt->state.aes.iv, 0); + do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599733012; cv=none; d=zohomail.com; s=zohoarc; b=GM3on4p6dlCEBow7hvbxQ8hAE0o3nlUe2L9KF7mK5eIrtDFLe34LjqLyS4cmbwxbXd8RBAhXMrSKO79XGWcuJQxX8Rj2vmfT+QIU38wCCqUoMaHCBVhNZxqqaqMlwFP20uDsHC+SpxcrWoPM1R9i4HyVbA5ovk+qVnVZI60ZSu8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599733012; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=kQAjIvRFPGeB+uOYcrZForNu6YLc+GC6+X5PocLP3I4=; b=gD/E8OUe0czLySd4uCr2ZCLXOrRfE80HCQvxNFFX/KPfjTS1jtyp4V2IZSY/9zz0SSkFjs5G5TnP993gIiQ/xuE4IaUjJQZhx0mxi/z9xLEdajRxT+R2uSsan1KuzFhrx7/4QfbA6G7kiWPn2MG9zTz/PzGArIPwvvN+HwFjHCY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599733012167851.731937191851; Thu, 10 Sep 2020 03:16:52 -0700 (PDT) Received: from localhost ([::1]:59986 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJdK-0002PD-Rt for importer@patchew.org; Thu, 10 Sep 2020 06:16:50 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43798) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTi-0000cy-RC for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:54 -0400 Received: from us-smtp-1.mimecast.com ([205.139.110.61]:52684 helo=us-smtp-delivery-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTf-0007jK-OU for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:54 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-48-bRJSIcSuOJC56A_prj0LQg-1; Thu, 10 Sep 2020 06:06:48 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id D8F9064081; Thu, 10 Sep 2020 10:06:47 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id A69781002D41; Thu, 10 Sep 2020 10:06:46 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732411; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kQAjIvRFPGeB+uOYcrZForNu6YLc+GC6+X5PocLP3I4=; b=Exk7hNt2WIUybhID2kmdAlaWKKvmjrU8uB5WNV/BZ6TLFEb4WYqrF1vEexxmcJbZgDgwjW kbkZeXwJfX4qZUjTTP4M8qiGgOnc1mqPeK4qSI6+6we4RzbkZPoGZGOvtnigwRSDz8B/dr TpTiwml2zg1VHJ7F2nuEsM+f8j0RCP0= X-MC-Unique: bRJSIcSuOJC56A_prj0LQg-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 15/17] crypto/builtin: Split QCryptoCipherBuiltin into subclasses Date: Thu, 10 Sep 2020 11:06:21 +0100 Message-Id: <20200910100623.1088965-16-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.003 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=205.139.110.61; envelope-from=berrange@redhat.com; helo=us-smtp-delivery-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 01:44:54 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson We had a second set of function pointers in QCryptoCipherBuiltin, which are redundant with QCryptoCipherDriver. Split the AES and DES implementations to avoid one level of indirection. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-builtin.c.inc | 519 +++++++++++++++--------------------- 1 file changed, 210 insertions(+), 309 deletions(-) diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index b1fe3b08c3..7597cf4a10 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,56 +22,45 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESConte= xt; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; AES_KEY dec; }; + typedef struct QCryptoCipherBuiltinAES QCryptoCipherBuiltinAES; struct QCryptoCipherBuiltinAES { + QCryptoCipher base; QCryptoCipherBuiltinAESContext key; QCryptoCipherBuiltinAESContext key_tweak; uint8_t iv[AES_BLOCK_SIZE]; }; -typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; -struct QCryptoCipherBuiltinDESRFB { - uint8_t *key; - size_t nkey; -}; =20 -typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; -struct QCryptoCipherBuiltin { - QCryptoCipher base; - - union { - QCryptoCipherBuiltinAES aes; - QCryptoCipherBuiltinDESRFB desrfb; - } state; - size_t blocksize; - void (*free)(QCryptoCipher *cipher); - int (*setiv)(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp); - int (*encrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); - int (*decrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); -}; =20 +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) +{ + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; +} =20 -static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) +static void qcrypto_cipher_ctx_free(QCryptoCipher *cipher) { g_free(cipher); } =20 +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + error_setg(errp, "Setting IV is not supported"); + return -1; +} + static void do_aes_encrypt_ecb(const void *vctx, size_t len, uint8_t *out, @@ -149,185 +138,154 @@ static void do_aes_decrypt_cbc(const AES_KEY *key, } } =20 -static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_encrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_encrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; } - + do_aes_encrypt_ecb(&ctx->key, len, out, in); return 0; } =20 - -static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_decrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_decrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; } - + do_aes_decrypt_ecb(&ctx->key, len, out, in); return 0; } =20 -static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) +static int qcrypto_cipher_aes_encrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - if (niv !=3D AES_BLOCK_SIZE) { - error_setg(errp, "IV must be %d bytes not %zu", - AES_BLOCK_SIZE, niv); + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { return -1; } - - memcpy(ctxt->state.aes.iv, iv, AES_BLOCK_SIZE); - + do_aes_encrypt_cbc(&ctx->key.enc, len, out, in, ctx->iv); return 0; } =20 +static int qcrypto_cipher_aes_decrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_decrypt_cbc(&ctx->key.dec, len, out, in, ctx->iv); + return 0; +} =20 - -static QCryptoCipher * -qcrypto_cipher_init_aes(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) +static int qcrypto_cipher_aes_encrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt; + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - if (mode !=3D QCRYPTO_CIPHER_MODE_CBC && - mode !=3D QCRYPTO_CIPHER_MODE_ECB && - mode !=3D QCRYPTO_CIPHER_MODE_XTS) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; } + xts_encrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); + return 0; +} =20 - ctxt =3D g_new0(QCryptoCipherBuiltin, 1); +static int qcrypto_cipher_aes_decrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - if (AES_set_encrypt_key(key, nkey * 4, &ctxt->state.aes.key.enc) != =3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + xts_decrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); + return 0; +} =20 - if (AES_set_decrypt_key(key, nkey * 4, &ctxt->state.aes.key.dec) != =3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } =20 - if (AES_set_encrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.enc) !=3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.dec) !=3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - } else { - if (AES_set_encrypt_key(key, nkey * 8, &ctxt->state.aes.key.enc) != =3D 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } +static int qcrypto_cipher_aes_setiv(QCryptoCipher *cipher, const uint8_t *= iv, + size_t niv, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + =3D container_of(cipher, QCryptoCipherBuiltinAES, base); =20 - if (AES_set_decrypt_key(key, nkey * 8, &ctxt->state.aes.key.dec) != =3D 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } + if (niv !=3D AES_BLOCK_SIZE) { + error_setg(errp, "IV must be %d bytes not %zu", + AES_BLOCK_SIZE, niv); + return -1; } =20 - ctxt->blocksize =3D AES_BLOCK_SIZE; - ctxt->free =3D qcrypto_cipher_free_aes; - ctxt->setiv =3D qcrypto_cipher_setiv_aes; - ctxt->encrypt =3D qcrypto_cipher_encrypt_aes; - ctxt->decrypt =3D qcrypto_cipher_decrypt_aes; + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); + return 0; +} =20 - ctxt->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctxt->base; +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_ecb =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_ecb, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_ecb, + .cipher_setiv =3D qcrypto_cipher_no_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 - error: - g_free(ctxt); - return NULL; -} +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_cbc =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_cbc, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_cbc, + .cipher_setiv =3D qcrypto_cipher_aes_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_xts =3D { + .cipher_encrypt =3D qcrypto_cipher_aes_encrypt_xts, + .cipher_decrypt =3D qcrypto_cipher_aes_decrypt_xts, + .cipher_setiv =3D qcrypto_cipher_aes_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 -static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); =20 - g_free(ctxt->state.desrfb.key); - g_free(ctxt); -} +typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; +struct QCryptoCipherBuiltinDESRFB { + QCryptoCipher base; =20 + /* C.f. alg_key_len[QCRYPTO_CIPHER_ALG_DES_RFB] */ + uint8_t key[8]; +}; =20 static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + =3D container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; =20 - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } =20 - deskey(ctxt->state.desrfb.key, EN0); + deskey(ctx->key, EN0); =20 for (i =3D 0; i < len; i +=3D 8) { des((void *)in + i, out + i); @@ -336,24 +294,19 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCiph= er *cipher, return 0; } =20 - static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + =3D container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; =20 - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } =20 - deskey(ctxt->state.desrfb.key, DE1); + deskey(ctx->key, DE1); =20 for (i =3D 0; i < len; i +=3D 8) { des((void *)in + i, out + i); @@ -362,173 +315,121 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCi= pher *cipher, return 0; } =20 - -static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - error_setg(errp, "Setting IV is not supported"); - return -1; -} - - -static QCryptoCipher * -qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt; - - if (mode !=3D QCRYPTO_CIPHER_MODE_ECB) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - - ctxt =3D g_new0(QCryptoCipherBuiltin, 1); - - ctxt->state.desrfb.key =3D g_new0(uint8_t, nkey); - memcpy(ctxt->state.desrfb.key, key, nkey); - ctxt->state.desrfb.nkey =3D nkey; - - ctxt->blocksize =3D 8; - ctxt->free =3D qcrypto_cipher_free_des_rfb; - ctxt->setiv =3D qcrypto_cipher_setiv_des_rfb; - ctxt->encrypt =3D qcrypto_cipher_encrypt_des_rfb; - ctxt->decrypt =3D qcrypto_cipher_decrypt_des_rfb; - - ctxt->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctxt->base; -} - +static const struct QCryptoCipherDriver qcrypto_cipher_des_rfb_driver =3D { + .cipher_encrypt =3D qcrypto_cipher_encrypt_des_rfb, + .cipher_decrypt =3D qcrypto_cipher_decrypt_des_rfb, + .cipher_setiv =3D qcrypto_cipher_no_setiv, + .cipher_free =3D qcrypto_cipher_ctx_free, +}; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: + return mode =3D=3D QCRYPTO_CIPHER_MODE_ECB; case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + case QCRYPTO_CIPHER_MODE_CBC: + case QCRYPTO_CIPHER_MODE_XTS: + return true; + default: + return false; + } break; default: return false; } - - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - return true; - case QCRYPTO_CIPHER_MODE_CTR: - return false; - default: - return false; - } } =20 - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } =20 switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); + if (mode =3D=3D QCRYPTO_CIPHER_MODE_ECB) { + QCryptoCipherBuiltinDESRFB *ctx; + + ctx =3D g_new0(QCryptoCipherBuiltinDESRFB, 1); + ctx->base.driver =3D &qcrypto_cipher_des_rfb_driver; + memcpy(ctx->key, key, sizeof(ctx->key)); + + return &ctx->base; + } + goto bad_mode; + case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - return qcrypto_cipher_init_aes(mode, key, nkey, errp); + { + QCryptoCipherBuiltinAES *ctx; + const QCryptoCipherDriver *drv; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_cipher_aes_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_cipher_aes_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_XTS: + drv =3D &qcrypto_cipher_aes_driver_xts; + break; + default: + goto bad_mode; + } + + ctx =3D g_new0(QCryptoCipherBuiltinAES, 1); + ctx->base.driver =3D drv; + + if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { + nkey /=3D 2; + if (AES_set_encrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + } + if (AES_set_encrypt_key(key, nkey * 8, &ctx->key.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key, nkey * 8, &ctx->key.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + + return &ctx->base; + + error: + g_free(ctx); + return NULL; + } + default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } -} - -static void -qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - ctxt->free(cipher); -} =20 - -static int -qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->encrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->decrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - =3D container_of(cipher, QCryptoCipherBuiltin, base); - - return ctxt->setiv(cipher, iv, niv, errp); + bad_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; } - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_builtin_cipher_encrypt, - .cipher_decrypt =3D qcrypto_builtin_cipher_decrypt, - .cipher_setiv =3D qcrypto_builtin_cipher_setiv, - .cipher_free =3D qcrypto_builtin_cipher_ctx_free, -}; --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599733079; cv=none; d=zohomail.com; s=zohoarc; b=Ehc9pNFTG7VhV1Fmx88g+u9gfejKIhgznrO/Ikr4fEJ6JMh/REJLwNqhEENeYBmBEVCmULK9ULIyq7HorAdpdcYO6AvhneaatVK3gpxsA0bC6bU5j82H94U4XfXoC+uR8ZB95s9GXYgeTQ0tF57U83yQqJXDD+Iov6+gJs24w10= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599733079; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=73HHEIGlY/hZctJZLMHHG3WOSHX3jrqwZpdOvpAJYoA=; b=KULsl/2KNxBatSPMIBbyDhgzFmdXPGBGcLK+ZXotb9lbGfawQeY+18gc2lHy/748fm1jr3ABZHSih2NOsPgW4wlN1lffdIUc6hUtpMFa0CJ20dJFI0xTFwfrRI6jrXBkZb9307ABlQJKnV5U95ylp8YhTQiRc2jWCyo4FW9vSz8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599733079523485.4949951149514; Thu, 10 Sep 2020 03:17:59 -0700 (PDT) Received: from localhost ([::1]:36768 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJeP-0004SC-Ib for importer@patchew.org; Thu, 10 Sep 2020 06:17:57 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43824) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTm-0000mK-43 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:58 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:54334 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTi-0007ji-0D for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:57 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-573-kMd-53VOOuCU902WfeGRIQ-1; Thu, 10 Sep 2020 06:06:51 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F22948018A1; Thu, 10 Sep 2020 10:06:49 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 4EC101002D41; Thu, 10 Sep 2020 10:06:48 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732413; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=73HHEIGlY/hZctJZLMHHG3WOSHX3jrqwZpdOvpAJYoA=; b=IjT4U6DHRGK6MX15WIiJwCeWK4sL6PXwG6y6qoOfdEm3HfDaud5VmsvuUVuRGJnEvqcSQU 2DRUJOJUenloqYE1RS3AXjZVmxBEJiJlXYj4TgIUKRXvh2TGoNZqiXUQwsEfP7Du6DXdiD e2j375RkrP69F2eLw0HUM28Hn1lMTpk= X-MC-Unique: kMd-53VOOuCU902WfeGRIQ-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 16/17] crypto/nettle: Split QCryptoCipherNettle into subclasses Date: Thu, 10 Sep 2020 11:06:22 +0100 Message-Id: <20200910100623.1088965-17-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 03:02:23 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson Use separate classes for each cipher entry point: des_rfb, des3, aes128, aes192, aes256, cast128, serpent, and twofish. Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS. This eliminates unreachable wrappers for DES_RFB, DES3 and CAST128, which have blocksizes that do not allow XTS mode. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-nettle.c.inc | 999 +++++++++++++++++++------------------ 1 file changed, 511 insertions(+), 488 deletions(-) diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 36d57ef430..cac771e4ff 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,8 +34,6 @@ #include #endif =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -45,6 +43,7 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void= *ctx, typedef nettle_crypt_func * QCryptoCipherNettleFuncNative; typedef void * cipher_ctx_t; typedef unsigned cipher_length_t; +#define CONST_CTX =20 #define cast5_set_key cast128_set_key =20 @@ -73,64 +72,215 @@ typedef unsigned cipher_length_t; typedef nettle_cipher_func * QCryptoCipherNettleFuncNative; typedef const void * cipher_ctx_t; typedef size_t cipher_length_t; +#define CONST_CTX const #endif =20 -typedef struct QCryptoNettleAES128 { - struct aes128_ctx enc; - struct aes128_ctx dec; -} QCryptoNettleAES128; - -typedef struct QCryptoNettleAES192 { - struct aes192_ctx enc; - struct aes192_ctx dec; -} QCryptoNettleAES192; - -typedef struct QCryptoNettleAES256 { - struct aes256_ctx enc; - struct aes256_ctx dec; -} QCryptoNettleAES256; - -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) { - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; } =20 -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); -} =20 -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx) { - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); + g_free(ctx); } =20 -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); -} +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + error_setg(errp, "Setting IV is not supported"); + return -1; +} + + +#define DEFINE_SETIV(NAME, TYPE, BLEN) \ +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \ + size_t niv, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (niv !=3D BLEN) { \ + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \ + return -1; \ + } \ + memcpy(ctx->iv, iv, niv); \ + return 0; \ +} + + +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ENCRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + DECRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ecb =3D { \ + .cipher_encrypt =3D NAME##_encrypt_ecb, \ + .cipher_decrypt =3D NAME##_decrypt_ecb, \ + .cipher_setiv =3D qcrypto_cipher_no_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; =20 -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} =20 -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_cbc =3D { \ + .cipher_encrypt =3D NAME##_encrypt_cbc, \ + .cipher_decrypt =3D NAME##_decrypt_cbc, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \ +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ctr =3D { \ + .cipher_encrypt =3D NAME##_encrypt_ctr, \ + .cipher_decrypt =3D NAME##_encrypt_ctr, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#ifdef CONFIG_QEMU_PRIVATE_XTS +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static void NAME##_xts_wrape(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + ENCRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static void NAME##_xts_wrapd(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + DECRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ +} +#else +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx =3D container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ } +#endif + +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + QEMU_BUILD_BUG_ON(BLEN !=3D XTS_BLOCK_SIZE); \ + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static const struct QCryptoCipherDriver NAME##_driver_xts =3D { \ + .cipher_encrypt =3D NAME##_encrypt_xts, \ + .cipher_decrypt =3D NAME##_decrypt_xts, \ + .cipher_setiv =3D NAME##_setiv, \ + .cipher_free =3D qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_SETIV(NAME, TYPE, BLEN) \ + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) + +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) + + +typedef struct QCryptoNettleDESRFB { + QCryptoCipher base; + struct des_ctx key; + uint8_t iv[DES_BLOCK_SIZE]; +} QCryptoNettleDESRFB; =20 static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) @@ -144,6 +294,16 @@ static void des_decrypt_native(cipher_ctx_t ctx, ciphe= r_length_t length, des_decrypt(ctx, length, dst, src); } =20 +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB, + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native) + + +typedef struct QCryptoNettleDES3 { + QCryptoCipher base; + struct des3_ctx key; + uint8_t iv[DES3_BLOCK_SIZE]; +} QCryptoNettleDES3; + static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -156,161 +316,157 @@ static void des3_decrypt_native(cipher_ctx_t ctx, c= ipher_length_t length, des3_decrypt(ctx, length, dst, src); } =20 -static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) -{ - cast128_encrypt(ctx, length, dst, src); -} +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE, + des3_encrypt_native, des3_decrypt_native) =20 -static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) -{ - cast128_decrypt(ctx, length, dst, src); -} =20 -static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) -{ - serpent_encrypt(ctx, length, dst, src); -} +typedef struct QCryptoNettleAES128 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes128_ctx key[2], key_xts[2]; +} QCryptoNettleAES128; =20 -static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - serpent_decrypt(ctx, length, dst, src); + CONST_CTX struct aes128_ctx *keys =3D ctx; + aes128_encrypt(&keys[0], length, dst, src); } =20 -static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - twofish_encrypt(ctx, length, dst, src); + CONST_CTX struct aes128_ctx *keys =3D ctx; + aes128_decrypt(&keys[1], length, dst, src); } =20 -static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, - uint8_t *dst, const uint8_t *src) -{ - twofish_decrypt(ctx, length, dst, src); -} +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128, + QCryptoNettleAES128, AES_BLOCK_SIZE, + aes128_encrypt_native, aes128_decrypt_native) =20 -static void aes128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); -} =20 -static void aes128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx =3D ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); -} +typedef struct QCryptoNettleAES192 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes192_ctx key[2], key_xts[2]; +} QCryptoNettleAES192; =20 -static void aes192_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); + CONST_CTX struct aes192_ctx *keys =3D ctx; + aes192_encrypt(&keys[0], length, dst, src); } =20 -static void aes192_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - const QCryptoNettleAES192 *aesctx =3D ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); + CONST_CTX struct aes192_ctx *keys =3D ctx; + aes192_decrypt(&keys[1], length, dst, src); } =20 -static void aes256_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192, + QCryptoNettleAES192, AES_BLOCK_SIZE, + aes192_encrypt_native, aes192_decrypt_native) =20 -static void aes256_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx =3D ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); -} =20 -static void des_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des_encrypt(ctx, length, dst, src); -} +typedef struct QCryptoNettleAES256 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes256_ctx key[2], key_xts[2]; +} QCryptoNettleAES256; =20 -static void des_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - des_decrypt(ctx, length, dst, src); + CONST_CTX struct aes256_ctx *keys =3D ctx; + aes256_encrypt(&keys[0], length, dst, src); } =20 -static void des3_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) { - des3_encrypt(ctx, length, dst, src); + CONST_CTX struct aes256_ctx *keys =3D ctx; + aes256_decrypt(&keys[1], length, dst, src); } =20 -static void des3_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des3_decrypt(ctx, length, dst, src); -} +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256, + QCryptoNettleAES256, AES_BLOCK_SIZE, + aes256_encrypt_native, aes256_decrypt_native) =20 -static void cast128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) + +typedef struct QCryptoNettleCAST128 { + QCryptoCipher base; + uint8_t iv[CAST128_BLOCK_SIZE]; + struct cast128_ctx key, key_xts; +} QCryptoNettleCAST128; + +static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { cast128_encrypt(ctx, length, dst, src); } =20 -static void cast128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { cast128_decrypt(ctx, length, dst, src); } =20 -static void serpent_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128, + QCryptoNettleCAST128, CAST128_BLOCK_SIZE, + cast128_encrypt_native, cast128_decrypt_native) + + +typedef struct QCryptoNettleSerpent { + QCryptoCipher base; + uint8_t iv[SERPENT_BLOCK_SIZE]; + struct serpent_ctx key, key_xts; +} QCryptoNettleSerpent; + + +static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { serpent_encrypt(ctx, length, dst, src); } =20 -static void serpent_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { serpent_decrypt(ctx, length, dst, src); } =20 -static void twofish_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent, + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE, + serpent_encrypt_native, serpent_decrypt_native) + + +typedef struct QCryptoNettleTwofish { + QCryptoCipher base; + uint8_t iv[TWOFISH_BLOCK_SIZE]; + struct twofish_ctx key, key_xts; +} QCryptoNettleTwofish; + +static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { twofish_encrypt(ctx, length, dst, src); } =20 -static void twofish_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) +static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t lengt= h, + uint8_t *dst, const uint8_t *src) { twofish_decrypt(ctx, length, dst, src); } =20 -typedef struct QCryptoCipherNettle QCryptoCipherNettle; -struct QCryptoCipherNettle { - QCryptoCipher base; +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish, + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE, + twofish_encrypt_native, twofish_decrypt_native) =20 - /* Primary cipher context for all modes */ - void *ctx; - /* Second cipher context for XTS mode only */ - void *ctx_tweak; - /* Cipher callbacks for both contexts */ - QCryptoCipherNettleFuncNative alg_encrypt_native; - QCryptoCipherNettleFuncNative alg_decrypt_native; - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper; - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper; - /* Initialization vector or Counter */ - uint8_t *iv; - size_t blocksize; -}; =20 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -344,30 +500,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm a= lg, } } =20 - -static void -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx) -{ - if (!ctx) { - return; - } - - g_free(ctx->iv); - g_free(ctx->ctx); - g_free(ctx->ctx_tweak); - g_free(ctx); -} - - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipherNettle *ctx; - uint8_t *rfbkey; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -375,363 +513,248 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCrypt= oCipherAlgorithm alg, case QCRYPTO_CIPHER_MODE_CTR: break; default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; + goto bad_cipher_mode; } =20 if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } =20 - ctx =3D g_new0(QCryptoCipherNettle, 1); - switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctx->ctx =3D g_new0(struct des_ctx, 1); - rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); - des_set_key(ctx->ctx, rfbkey); - g_free(rfbkey); - - ctx->alg_encrypt_native =3D des_encrypt_native; - ctx->alg_decrypt_native =3D des_decrypt_native; - ctx->alg_encrypt_wrapper =3D des_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D des_decrypt_wrapper; - - ctx->blocksize =3D DES_BLOCK_SIZE; - break; + { + QCryptoNettleDESRFB *ctx; + const QCryptoCipherDriver *drv; + uint8_t *rfbkey; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_des_rfb_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_des_rfb_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_des_rfb_driver_ctr; + break; + default: + goto bad_cipher_mode; + } + + ctx =3D g_new0(QCryptoNettleDESRFB, 1); + ctx->base.driver =3D drv; + + rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); + des_set_key(&ctx->key, rfbkey); + g_free(rfbkey); + + return &ctx->base; + } =20 case QCRYPTO_CIPHER_ALG_3DES: - ctx->ctx =3D g_new0(struct des3_ctx, 1); - des3_set_key(ctx->ctx, key); - - ctx->alg_encrypt_native =3D des3_encrypt_native; - ctx->alg_decrypt_native =3D des3_decrypt_native; - ctx->alg_encrypt_wrapper =3D des3_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D des3_decrypt_wrapper; - - ctx->blocksize =3D DES3_BLOCK_SIZE; - break; + { + QCryptoNettleDES3 *ctx; + const QCryptoCipherDriver *drv; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_des3_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_des3_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_des3_driver_ctr; + break; + default: + goto bad_cipher_mode; + } + + ctx =3D g_new0(QCryptoNettleDES3, 1); + ctx->base.driver =3D drv; + des3_set_key(&ctx->key, key); + return &ctx->base; + } =20 case QCRYPTO_CIPHER_ALG_AES_128: - ctx->ctx =3D g_new0(QCryptoNettleAES128, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES128, 1); - - nkey /=3D 2; - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); - - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); + { + QCryptoNettleAES128 *ctx =3D g_new0(QCryptoNettleAES128, 1); + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes128_driver_xts; + nkey /=3D 2; + aes128_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes128_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes128_set_encrypt_key(&ctx->key[0], key); + aes128_set_decrypt_key(&ctx->key[1], key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes128_encrypt_native; - ctx->alg_decrypt_native =3D aes128_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes128_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes128_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_192: - ctx->ctx =3D g_new0(QCryptoNettleAES192, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES192, 1); - - nkey /=3D 2; - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); - - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); + { + QCryptoNettleAES192 *ctx =3D g_new0(QCryptoNettleAES192, 1); + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes192_driver_xts; + nkey /=3D 2; + aes192_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes192_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes192_set_encrypt_key(&ctx->key[0], key); + aes192_set_decrypt_key(&ctx->key[1], key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes192_encrypt_native; - ctx->alg_decrypt_native =3D aes192_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes192_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes192_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_256: - ctx->ctx =3D g_new0(QCryptoNettleAES256, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(QCryptoNettleAES256, 1); - - nkey /=3D 2; - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); - - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak= )-> - enc, key + nkey); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak= )-> - dec, key + nkey); - } else { - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); + { + QCryptoNettleAES256 *ctx =3D g_new0(QCryptoNettleAES256, 1); + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_aes256_driver_xts; + nkey /=3D 2; + aes256_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes256_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes256_set_encrypt_key(&ctx->key[0], key); + aes256_set_decrypt_key(&ctx->key[1], key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D aes256_encrypt_native; - ctx->alg_decrypt_native =3D aes256_decrypt_native; - ctx->alg_encrypt_wrapper =3D aes256_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D aes256_decrypt_wrapper; - - ctx->blocksize =3D AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->ctx =3D g_new0(struct cast128_ctx, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct cast128_ctx, 1); - - nkey /=3D 2; - cast5_set_key(ctx->ctx, nkey, key); - cast5_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - cast5_set_key(ctx->ctx, nkey, key); + { + QCryptoNettleCAST128 *ctx; + const QCryptoCipherDriver *drv; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv =3D &qcrypto_nettle_cast128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv =3D &qcrypto_nettle_cast128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_nettle_cast128_driver_ctr; + break; + default: + goto bad_cipher_mode; + } + + ctx =3D g_new0(QCryptoNettleCAST128, 1); + ctx->base.driver =3D drv; + cast5_set_key(&ctx->key, nkey, key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D cast128_encrypt_native; - ctx->alg_decrypt_native =3D cast128_decrypt_native; - ctx->alg_encrypt_wrapper =3D cast128_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D cast128_decrypt_wrapper; - - ctx->blocksize =3D CAST128_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: case QCRYPTO_CIPHER_ALG_SERPENT_192: case QCRYPTO_CIPHER_ALG_SERPENT_256: - ctx->ctx =3D g_new0(struct serpent_ctx, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct serpent_ctx, 1); - - nkey /=3D 2; - serpent_set_key(ctx->ctx, nkey, key); - serpent_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - serpent_set_key(ctx->ctx, nkey, key); + { + QCryptoNettleSerpent *ctx =3D g_new0(QCryptoNettleSerpent, 1); + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_serpent_driver_xts; + nkey /=3D 2; + serpent_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + serpent_set_key(&ctx->key, nkey, key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D serpent_encrypt_native; - ctx->alg_decrypt_native =3D serpent_decrypt_native; - ctx->alg_encrypt_wrapper =3D serpent_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D serpent_decrypt_wrapper; - - ctx->blocksize =3D SERPENT_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: case QCRYPTO_CIPHER_ALG_TWOFISH_192: case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->ctx =3D g_new0(struct twofish_ctx, 1); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak =3D g_new0(struct twofish_ctx, 1); - - nkey /=3D 2; - twofish_set_key(ctx->ctx, nkey, key); - twofish_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - twofish_set_key(ctx->ctx, nkey, key); + { + QCryptoNettleTwofish *ctx =3D g_new0(QCryptoNettleTwofish, 1); + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver =3D &qcrypto_nettle_twofish_driver_xts; + nkey /=3D 2; + twofish_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + twofish_set_key(&ctx->key, nkey, key); + + return &ctx->base; } =20 - ctx->alg_encrypt_native =3D twofish_encrypt_native; - ctx->alg_decrypt_native =3D twofish_decrypt_native; - ctx->alg_encrypt_wrapper =3D twofish_encrypt_wrapper; - ctx->alg_decrypt_wrapper =3D twofish_decrypt_wrapper; - - ctx->blocksize =3D TWOFISH_BLOCK_SIZE; - break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); - goto error; - } - g_assert(is_power_of_2(ctx->blocksize)); - - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS && - ctx->blocksize !=3D XTS_BLOCK_SIZE) { - error_setg(errp, "Cipher block size %zu must equal XTS block size = %d", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; + return NULL; } =20 - ctx->iv =3D g_new0(uint8_t, ctx->blocksize); - - ctx->base.driver =3D &qcrypto_cipher_lib_driver; - return &ctx->base; - - error: - qcrypto_nettle_cipher_free_ctx(ctx); + bad_cipher_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); return NULL; } - - -static void -qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - qcrypto_nettle_cipher_free_ctx(ctx); -} - - -static int -qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_encrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_encrypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - - -static int -qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_decrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_decrypt(ctx->ctx, ctx->alg_decrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_decrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_decrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_decrypt_native, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - -static int -qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherNettle *ctx =3D container_of(cipher, QCryptoCipherNettle,= base); - - if (niv !=3D ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - memcpy(ctx->iv, iv, niv); - return 0; -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_nettle_cipher_encrypt, - .cipher_decrypt =3D qcrypto_nettle_cipher_decrypt, - .cipher_setiv =3D qcrypto_nettle_cipher_setiv, - .cipher_free =3D qcrypto_nettle_cipher_ctx_free, -}; --=20 2.26.2 From nobody Wed May 8 12:47:39 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1599732663; cv=none; d=zohomail.com; s=zohoarc; b=k3iDJyc8dq6kN+o8oyT9HGxlcZ6c2ShjNYp7KtzJyvpbfj3/uyDCVIVsoMXvGYcn6UVCfQaFxfrxETMRo8LQzCMBSpnPs/oGzqwHYAqoMqAj6KN9FMltbZyMDNIWeS5OTQ5jdAJPN5DX9JCbIMYJ3TxY1TIcPYyxsAuTZ/y76lU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1599732663; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=7lKKRAfzAa7nguSIodEPu42yVYk+gGWaxh96Reo7ZjI=; b=jMRLSrJioazDow6Iv+8p4YO2v4fXSvFWlJ5wP0MV01AdbT+6BJSCqiLe9DYu/g2Pa51FTd1sKlFz92ApmAcw59G13vlkXVWNoMjCh5JqYre9Fmw/FPsIpdqumjuyTa/Kh8IKnMeYkvtbWxc/2Zmx3fWx92A4pV//bDiACm71Qq0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=fail; spf=pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=qemu-devel-bounces+importer=patchew.org@nongnu.org; dmarc=fail header.from= (p=none dis=none) header.from= Return-Path: Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) by mx.zohomail.com with SMTPS id 1599732663614426.3035567041285; Thu, 10 Sep 2020 03:11:03 -0700 (PDT) Received: from localhost ([::1]:35920 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kGJXi-0000of-1E for importer@patchew.org; Thu, 10 Sep 2020 06:11:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43828) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kGJTm-0000oQ-U0 for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:59 -0400 Received: from us-smtp-delivery-1.mimecast.com ([207.211.31.120]:30377 helo=us-smtp-1.mimecast.com) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_CBC_SHA1:256) (Exim 4.90_1) (envelope-from ) id 1kGJTj-0007jw-8A for qemu-devel@nongnu.org; Thu, 10 Sep 2020 06:06:58 -0400 Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-325-f3n_n02ANGmhc9JkhlIlnw-1; Thu, 10 Sep 2020 06:06:52 -0400 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 5DD7F1DE01; Thu, 10 Sep 2020 10:06:51 +0000 (UTC) Received: from localhost.localdomain.com (ovpn-112-4.ams2.redhat.com [10.36.112.4]) by smtp.corp.redhat.com (Postfix) with ESMTP id 59DCF1002D41; Thu, 10 Sep 2020 10:06:50 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1599732414; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=7lKKRAfzAa7nguSIodEPu42yVYk+gGWaxh96Reo7ZjI=; b=ESX2oHcB0n6xfCF3bDGawKPp2Kaj4xgNEnnfZ/3BB4TNzAMXS8QW9brsnrUrJN9fq1wKSb h8I4aVKZyqn1D1Y+5K6FfMEkHpd+ihFEt0sv/X//dd3OmYcekcmnseODLnYRHMQtF2X2s1 rPunBz4Ca4KIY0Q6Jco2l242cHDIXT8= X-MC-Unique: f3n_n02ANGmhc9JkhlIlnw-1 From: =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= To: qemu-devel@nongnu.org Subject: [PULL 17/17] crypto/gcrypt: Split QCryptoCipherGcrypt into subclasses Date: Thu, 10 Sep 2020 11:06:23 +0100 Message-Id: <20200910100623.1088965-18-berrange@redhat.com> In-Reply-To: <20200910100623.1088965-1-berrange@redhat.com> References: <20200910100623.1088965-1-berrange@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=berrange@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Received-SPF: pass (zohomail.com: domain of gnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; envelope-from=qemu-devel-bounces+importer=patchew.org@nongnu.org; helo=lists.gnu.org; Received-SPF: pass client-ip=207.211.31.120; envelope-from=berrange@redhat.com; helo=us-smtp-1.mimecast.com X-detected-operating-system: by eggs.gnu.org: First seen = 2020/09/10 03:02:23 X-ACL-Warn: Detected OS = Linux 2.2.x-3.x [generic] [fuzzy] X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Richard Henderson , =?UTF-8?q?Daniel=20P=2E=20Berrang=C3=A9?= Errors-To: qemu-devel-bounces+importer=patchew.org@nongnu.org Sender: "Qemu-devel" X-ZohoMail-DKIM: fail (Header signature does not verify) From: Richard Henderson With gcrypt, most of the dispatch happens in the library, so there aren't many classes to create. However, we can still create separate dispatch for CTR mode, and for CONFIG_QEMU_PRIVATE_XTS, which avoids needing to check for these modes at runtime. Signed-off-by: Richard Henderson Signed-off-by: Daniel P. Berrang=C3=A9 --- crypto/cipher-gcrypt.c.inc | 493 ++++++++++++++++++------------------- 1 file changed, 238 insertions(+), 255 deletions(-) diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 7a1fbc9745..42d4137534 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,8 +24,6 @@ =20 #include =20 -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { @@ -57,36 +55,212 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm al= g, } } =20 -typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; -struct QCryptoCipherGcrypt { +typedef struct QCryptoCipherGcrypt { QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS gcry_cipher_hd_t tweakhandle; - /* Initialization vector or Counter */ - uint8_t *iv; + uint8_t iv[XTS_BLOCK_SIZE]; #endif -}; +} QCryptoCipherGcrypt; + =20 -static void -qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, - QCryptoCipherMode mode) +static void qcrypto_gcrypt_ctx_free(QCryptoCipher *cipher) { - if (!ctx) { - return; - } + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); =20 gcry_cipher_close(ctx->handle); + g_free(ctx); +} + +static int qcrypto_gcrypt_encrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err =3D gcry_cipher_encrypt(ctx->handle, out, len, in, len); + if (err !=3D 0) { + error_setg(errp, "Cannot encrypt data: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static int qcrypto_gcrypt_decrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err =3D gcry_cipher_decrypt(ctx->handle, out, len, in, len); + if (err !=3D 0) { + error_setg(errp, "Cannot decrypt data: %s", + gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + gcry_cipher_reset(ctx->handle); + err =3D gcry_cipher_setiv(ctx->handle, iv, niv); + if (err !=3D 0) { + error_setg(errp, "Cannot set IV: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_ctr_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + gcry_error_t err; + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + err =3D gcry_cipher_setctr(ctx->handle, iv, niv); + if (err !=3D 0) { + error_setg(errp, "Cannot set Counter: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static const struct QCryptoCipherDriver qcrypto_gcrypt_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_setiv, + .cipher_free =3D qcrypto_gcrypt_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_gcrypt_ctr_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_ctr_setiv, + .cipher_free =3D qcrypto_gcrypt_ctx_free, +}; + #ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); +static void qcrypto_gcrypt_xts_ctx_free(QCryptoCipher *cipher) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + gcry_cipher_close(ctx->tweakhandle); + qcrypto_gcrypt_ctx_free(cipher); +} + +static void qcrypto_gcrypt_xts_wrape(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err =3D gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); + g_assert(err =3D=3D 0); +} + +static void qcrypto_gcrypt_xts_wrapd(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err =3D gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); + g_assert(err =3D=3D 0); +} + +static int qcrypto_gcrypt_xts_encrypt(QCryptoCipher *cipher, const void *i= n, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; } - g_free(ctx->iv); -#endif - g_free(ctx); + + xts_encrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_decrypt(QCryptoCipher *cipher, const void *i= n, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + xts_decrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); + + if (niv !=3D ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + memcpy(ctx->iv, iv, niv); + return 0; } =20 +static const struct QCryptoCipherDriver qcrypto_gcrypt_xts_driver =3D { + .cipher_encrypt =3D qcrypto_gcrypt_xts_encrypt, + .cipher_decrypt =3D qcrypto_gcrypt_xts_decrypt, + .cipher_setiv =3D qcrypto_gcrypt_xts_setiv, + .cipher_free =3D qcrypto_gcrypt_xts_ctx_free, +}; +#endif /* CONFIG_QEMU_PRIVATE_XTS */ + =20 static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -95,32 +269,10 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCi= pherAlgorithm alg, Error **errp) { QCryptoCipherGcrypt *ctx; + const QCryptoCipherDriver *drv; gcry_error_t err; int gcryalg, gcrymode; =20 - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - gcrymode =3D GCRY_CIPHER_MODE_ECB; - break; - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - gcrymode =3D GCRY_CIPHER_MODE_ECB; -#else - gcrymode =3D GCRY_CIPHER_MODE_XTS; -#endif - break; - case QCRYPTO_CIPHER_MODE_CBC: - gcrymode =3D GCRY_CIPHER_MODE_CBC; - break; - case QCRYPTO_CIPHER_MODE_CTR: - gcrymode =3D GCRY_CIPHER_MODE_CTR; - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } @@ -129,54 +281,70 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoC= ipherAlgorithm alg, case QCRYPTO_CIPHER_ALG_DES_RFB: gcryalg =3D GCRY_CIPHER_DES; break; - case QCRYPTO_CIPHER_ALG_3DES: gcryalg =3D GCRY_CIPHER_3DES; break; - case QCRYPTO_CIPHER_ALG_AES_128: gcryalg =3D GCRY_CIPHER_AES128; break; - case QCRYPTO_CIPHER_ALG_AES_192: gcryalg =3D GCRY_CIPHER_AES192; break; - case QCRYPTO_CIPHER_ALG_AES_256: gcryalg =3D GCRY_CIPHER_AES256; break; - case QCRYPTO_CIPHER_ALG_CAST5_128: gcryalg =3D GCRY_CIPHER_CAST5; break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: gcryalg =3D GCRY_CIPHER_SERPENT128; break; - case QCRYPTO_CIPHER_ALG_SERPENT_192: gcryalg =3D GCRY_CIPHER_SERPENT192; break; - case QCRYPTO_CIPHER_ALG_SERPENT_256: gcryalg =3D GCRY_CIPHER_SERPENT256; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: gcryalg =3D GCRY_CIPHER_TWOFISH128; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_256: gcryalg =3D GCRY_CIPHER_TWOFISH; break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } =20 + drv =3D &qcrypto_gcrypt_driver; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + gcrymode =3D GCRY_CIPHER_MODE_ECB; + break; + case QCRYPTO_CIPHER_MODE_XTS: +#ifdef CONFIG_QEMU_PRIVATE_XTS + drv =3D &qcrypto_gcrypt_xts_driver; + gcrymode =3D GCRY_CIPHER_MODE_ECB; +#else + gcrymode =3D GCRY_CIPHER_MODE_XTS; +#endif + break; + case QCRYPTO_CIPHER_MODE_CBC: + gcrymode =3D GCRY_CIPHER_MODE_CBC; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv =3D &qcrypto_gcrypt_ctr_driver; + gcrymode =3D GCRY_CIPHER_MODE_CTR; + break; + default: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; + } + ctx =3D g_new0(QCryptoCipherGcrypt, 1); + ctx->base.driver =3D drv; =20 err =3D gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0); if (err !=3D 0) { @@ -184,8 +352,16 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCi= pherAlgorithm alg, gcry_strerror(err)); goto error; } + ctx->blocksize =3D gcry_cipher_get_algo_blklen(gcryalg); + #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { + if (ctx->blocksize !=3D XTS_BLOCK_SIZE) { + error_setg(errp, + "Cipher block size %zu must equal XTS block size %d= ", + ctx->blocksize, XTS_BLOCK_SIZE); + goto error; + } err =3D gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0); if (err !=3D 0) { error_setg(errp, "Cannot initialize cipher: %s", @@ -203,224 +379,31 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCrypto= CipherAlgorithm alg, uint8_t *rfbkey =3D qcrypto_cipher_munge_des_rfb_key(key, nkey); err =3D gcry_cipher_setkey(ctx->handle, rfbkey, nkey); g_free(rfbkey); - ctx->blocksize =3D 8; } else { #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { nkey /=3D 2; - err =3D gcry_cipher_setkey(ctx->handle, key, nkey); + err =3D gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); if (err !=3D 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); goto error; } - err =3D gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); - } else { -#endif - err =3D gcry_cipher_setkey(ctx->handle, key, nkey); -#ifdef CONFIG_QEMU_PRIVATE_XTS } #endif - if (err !=3D 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); - goto error; - } - switch (alg) { - case QCRYPTO_CIPHER_ALG_AES_128: - case QCRYPTO_CIPHER_ALG_AES_192: - case QCRYPTO_CIPHER_ALG_AES_256: - case QCRYPTO_CIPHER_ALG_SERPENT_128: - case QCRYPTO_CIPHER_ALG_SERPENT_192: - case QCRYPTO_CIPHER_ALG_SERPENT_256: - case QCRYPTO_CIPHER_ALG_TWOFISH_128: - case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->blocksize =3D 16; - break; - case QCRYPTO_CIPHER_ALG_3DES: - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->blocksize =3D 8; - break; - default: - g_assert_not_reached(); - } + err =3D gcry_cipher_setkey(ctx->handle, key, nkey); } - g_assert(is_power_of_2(ctx->blocksize)); - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - if (ctx->blocksize !=3D XTS_BLOCK_SIZE) { - error_setg(errp, - "Cipher block size %zu must equal XTS block size %d= ", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; - } - ctx->iv =3D g_new0(uint8_t, ctx->blocksize); + if (err !=3D 0) { + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); + goto error; } -#endif =20 - ctx->base.driver =3D &qcrypto_cipher_lib_driver; return &ctx->base; =20 error: - qcrypto_gcrypt_cipher_free_ctx(ctx, mode); - return NULL; -} - - -static void -qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - - qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); -} - - -#ifdef CONFIG_QEMU_PRIVATE_XTS -static void qcrypto_gcrypt_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err =3D gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); - g_assert(err =3D=3D 0); -} - -static void qcrypto_gcrypt_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err =3D gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, l= ength); - g_assert(err =3D=3D 0); -} -#endif - -static int -qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - xts_encrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err =3D gcry_cipher_encrypt(ctx->handle, - out, len, - in, len); - if (err !=3D 0) { - error_setg(errp, "Cannot encrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - - -static int -qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_XTS) { - xts_decrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err =3D gcry_cipher_decrypt(ctx->handle, - out, len, - in, len); - if (err !=3D 0) { - error_setg(errp, "Cannot decrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - -static int -qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherGcrypt *ctx =3D container_of(cipher, QCryptoCipherGcrypt,= base); - gcry_error_t err; - - if (niv !=3D ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - #ifdef CONFIG_QEMU_PRIVATE_XTS - if (ctx->iv) { - memcpy(ctx->iv, iv, niv); - return 0; - } + gcry_cipher_close(ctx->tweakhandle); #endif - - if (cipher->mode =3D=3D QCRYPTO_CIPHER_MODE_CTR) { - err =3D gcry_cipher_setctr(ctx->handle, iv, niv); - if (err !=3D 0) { - error_setg(errp, "Cannot set Counter: %s", - gcry_strerror(err)); - return -1; - } - } else { - gcry_cipher_reset(ctx->handle); - err =3D gcry_cipher_setiv(ctx->handle, iv, niv); - if (err !=3D 0) { - error_setg(errp, "Cannot set IV: %s", - gcry_strerror(err)); - return -1; - } - } - - return 0; + gcry_cipher_close(ctx->handle); + g_free(ctx); + return NULL; } - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver =3D { - .cipher_encrypt =3D qcrypto_gcrypt_cipher_encrypt, - .cipher_decrypt =3D qcrypto_gcrypt_cipher_decrypt, - .cipher_setiv =3D qcrypto_gcrypt_cipher_setiv, - .cipher_free =3D qcrypto_gcrypt_cipher_ctx_free, -}; --=20 2.26.2