From patchwork Fri Aug 28 17:05:08 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248598 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1258063ilg; Fri, 28 Aug 2020 10:07:32 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy15uKTPRZwHeMlHYJcOSLpOghH0Z72Gx50te/M+Wr7ix0sF4f98uxaOqEp+mAbYw6yPMay X-Received: by 2002:ac5:cce9:: with SMTP id k9mr1880353vkn.17.1598634451965; Fri, 28 Aug 2020 10:07:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634451; cv=none; d=google.com; s=arc-20160816; b=Hhh8/617/y+vujG9R9uNmTXtMsfkl3VAvZ7eHY19f2+Sbk5SVGa5e+6d5ACZnAd65A rAIpT71SYUFlve+aNs7TfDL8JuKTaEeTwLLW8tZakoWgD5l8h5icd46CHs8WG7hxjeUd mtf6fwK3/ASvVbsgU5Mt/2qQIJimynH1ObhnlqWUvDkBEWsgUCWljcOY5K9ORBjFAiC8 v2Vd/ZlUNGJBUUJZt1I/pjZUigQVeZ5vyQs/8M8YrpVPpc6GVK5a/qbbgfHQfXQEGh95 vTqk82kU4u8v1vQQCjADeBnWfE2k6OpK4w09OJ4bYWYBvYli+H8V9Oy6bSIaKb59rg+M Mw8Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=inYhldCZA/iD4zIvZ006LK73asoAP2+etDByiUz1N4OftIZgO2TZjYiYrDoz6uEKid KCH3Ty2HYcVyjkB6JTDH9rywR1pCYjFJ1B+qczsVEZgLzaCQZXKKJXDpYUVDWMjMkc4j +TkVvGvdxS9amv1KH+ySwpQey0gS5o5BzCXyvBKCAgnkWUNDxoJU8ZI3udjYoUqOoSAO PbrpBFNvzlHbc85DKxDaAGljQH6h9LGNIybrsbUkJF+RE5XAScT1vW90NwPgg84g81Lv cppsprdyuGwWlT2QQEZU/Ao0DIA/5pX403tejaAzzzY5LQLtsIdIzsKtqQZ8S1emh/ql ng0g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=clj6F+Zt; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id j8si421819vkj.59.2020.08.28.10.07.31 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:07:31 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=clj6F+Zt; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:37834 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqd-0006oz-B1 for patch@linaro.org; Fri, 28 Aug 2020 13:07:31 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36610) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoh-0003YA-6A for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: from mail-pg1-x544.google.com ([2607:f8b0:4864:20::544]:38502) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoe-000309-ND for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:30 -0400 Received: by mail-pg1-x544.google.com with SMTP id l191so726244pgd.5 for ; Fri, 28 Aug 2020 10:05:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=clj6F+ZtuzsXuk6WQlQQZXHbFPYm6DHm9mErWBPPiMbU7zsMi0XsR24XQsFy++p6l2 SfGzrjeVZTLu3POZpVrpcE5KWf0ZTmwflD1g+hJOdGQnoSM0wK8nPQj/I3asmZa1t84o oTM8w6NtkeGhpgCq+0AWPeXzY5dhwUCEw8U7bv5/fS15jkSjWKuIdWM3H2eNEgRJZWMK acGt261dZz8+cHd+2Z3/6Jl4oueGgELulo41xrAxxE0zyc6SZQWXLBvGmymVlb+ZIP82 EXX9CDp4FLebqeAi4BmgfEf1F9i2cN6VgOPY2x/CCMHWEtj4aKKflc/2bY8Z4UvetJky i/Ug== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FatlbZdYeHqsze9yHJGjnClTveY0gIW8RCgkQaKgScQ=; b=l3aD2anKOIt3WSOh6rUNK9b+FkMMYhWfl0lnkvK5NQ4Am+ZdDtjsliFC5Y4j+G4CQa LvWuZvBftYpnUtrABcI1FM3oLCNT/oe9oLTbf3Dhuygh5QZvJ0Dh99rQVkxEv//2unWv YwIjpkwbb7yYb0BZ7CE9DZnGhaKA8GFe70189GHD+h17V3dYztjOma5mydmqYWkCgJOj ElaJtCZmJNvMu0dAj1DPIsDHv1mWf1urMM36WneDSSeRejR00YIsakASNS/T3fcc5tT5 ysFYv8w2ProcIzZxmckFEOl5PAuM5Kdkq+FYprCOOfWsxeWKrGo465YoLyB3FMn/scHf kakQ== X-Gm-Message-State: AOAM533wg2h/yrx9MDHNkfLlVpRnOJJn0zbGt9LkFBTus3yXAMTREGze f/XlJFjKPyI+Eo6UV8sea1qP/xqOdsP5NA== X-Received: by 2002:a65:6897:: with SMTP id e23mr1795129pgt.103.1598634326669; Fri, 28 Aug 2020 10:05:26 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:26 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 01/16] crypto: Assume blocksize is a power of 2 Date: Fri, 28 Aug 2020 10:05:08 -0700 Message-Id: <20200828170523.418603-2-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::544; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x544.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" The check in the encode/decode path using full division has a noticeable amount of overhead. By asserting the blocksize is a power of 2, we can reduce this check to a mask. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c | 4 ++-- crypto/cipher-gcrypt.c | 5 +++-- crypto/cipher-nettle.c | 5 +++-- crypto/cipher.c | 1 + 4 files changed, 9 insertions(+), 6 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index 35cf7820d9..6eafd39da0 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -484,7 +484,7 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt = cipher->opaque; - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; @@ -503,7 +503,7 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherBuiltin *ctxt = cipher->opaque; - if (len % ctxt->blocksize) { + if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctxt->blocksize); return -1; diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 2864099527..81e4745bff 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -245,6 +245,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, g_assert_not_reached(); } } + g_assert(is_power_of_2(ctx->blocksize)); #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode == QCRYPTO_CIPHER_MODE_XTS) { @@ -305,7 +306,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -344,7 +345,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, QCryptoCipherGcrypt *ctx = cipher->opaque; gcry_error_t err; - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index 7e9a4cc199..0677fdfd33 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -576,6 +576,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherAlgorithm_str(alg)); goto error; } + g_assert(is_power_of_2(ctx->blocksize)); if (mode == QCRYPTO_CIPHER_MODE_XTS && ctx->blocksize != XTS_BLOCK_SIZE) { @@ -613,7 +614,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx = cipher->opaque; - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; @@ -666,7 +667,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, { QCryptoCipherNettle *ctx = cipher->opaque; - if (len % ctx->blocksize) { + if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", len, ctx->blocksize); return -1; diff --git a/crypto/cipher.c b/crypto/cipher.c index e5adb56271..2722dc7d87 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -19,6 +19,7 @@ */ #include "qemu/osdep.h" +#include "qemu/host-utils.h" #include "qapi/error.h" #include "crypto/cipher.h" #include "cipherpriv.h" From patchwork Fri Aug 28 17:05:09 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248592 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1256360ilg; Fri, 28 Aug 2020 10:05:43 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyYS/zVY3lnSkD3pRTV21Hqb+uwWvpYb1YUepZ923soC/lBAO4x7KedsiKfHYij5FA3ptx5 X-Received: by 2002:a25:870a:: with SMTP id a10mr4086828ybl.257.1598634342938; Fri, 28 Aug 2020 10:05:42 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634342; cv=none; d=google.com; s=arc-20160816; b=hij3OrY18EI+CGVdfEW1BY5WMs6kZyMCLJsqU+xUiU8SWZBWv3mcpMpZ0kR1NdKqRc 2AlLfBYQ169xYys+6+EtnDQXrgtxYuFmYQDecjZbvrf+KF/ISBZUxP7zGNujUOasFSAa hL/jgE8OlM/PG0jRl/5X0YSrGpBAI2jCdaYuJAOeS6CCD6f3hxYZPCWe6RHOr5+KCwbm 72KhYwhOZOVzxzDfwDOW6p5QwmlaEQizAB7PUIXXU8sybBXx8mpi0MpDlhWkTpWdExKH HU86dqoYhTMUwYxDMVoXc2v4WyNcmPHJCGIY5vZXXaWmP4A7gY7zRZ37XTGzTZ3NAHZz cuUg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=vO0J+/KGS9QCESJYynQRW7i/QfbxCra5HaflSX7/eb2cIbKVEsCyLGTrojqvA6CRvn 2/TMuLgopL0/MfP/T/7b1tDtONgib+xjk4Aeebq5LFNheaNIYfBP58j3Fv+4r0IjukZn 7/ASmklvoLHcnK36D0WKFKboS864efAfURBRdvPx3ysPET8Qcip/Wo0Wafxm+AzAyye3 0KJAWaovdNdyEGwKn6F1ysmHeUbfeCK7psDPRYk1b29+HO0rqYJjzgqI97CXJqe/x/iC qNCES8xb5v86eEUt6N7A70Qv2nmbgOKUgjl+J8CgtfxUP9h/YdmiXbKoD6y8TdTDFf5T SR3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=DUe+jzOi; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id l193si1518045ybl.141.2020.08.28.10.05.42 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:05:42 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=DUe+jzOi; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:58152 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhos-0003Zj-83 for patch@linaro.org; Fri, 28 Aug 2020 13:05:42 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36612) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoh-0003YQ-Cz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: from mail-pf1-x432.google.com ([2607:f8b0:4864:20::432]:34373) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhof-00030F-KY for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:31 -0400 Received: by mail-pf1-x432.google.com with SMTP id g207so951805pfb.1 for ; Fri, 28 Aug 2020 10:05:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=DUe+jzOipuO3qbkJZi5PpEjNTafWjEJydGkfMN/ae0wr7hw1ogXQFTvZ+CQ4HPV7TV ZxauIaJ4Rt9SYEOLdjAFELdwbcH2LbIuREHZXP/sEKNMpvVx05i5+8roJT2mkbhYYS8V HMA1/WZxmLvez+flRqlg9XSGRyz+UTIk/0o/Pf3zop1qjXQm5oZw8MDqJY9dRU1CdNY2 S3U94NoGwFwlZD8j3Ec8IY5tfQvxbm9D9TV+nXqZ2IN/Xd4avP78GphfYgYD1685voXJ ql6rtRZw7t+Z9+iiG8tlyn3fQtqgOv0yzS+ktcuChw29c/sLLbrN3js1C0y5ENZ7YYrm 9CGA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Lqd5yDGxy4AV2MKebioMxfVu3v0WB2bLQ9Bs5O+/Sj8=; b=iub4wqsMlEMTrFY+rgctuV3CBoo9GGm9Iw5qj6Yu7MOeS1Bayb1Ugwx0nqkatOZaM2 1m7SXNIVpcgJm/ZyPFi9lTUcV/dsYbtn6o5HbKARXDySCVrf91c0vvQMvgvc1Ow09byk iJ0zU9cvrqsce6xTloe+HVivGgIS4ojIA69QKF/NtMu9iNF/idHvUOatDvG/vPjaRiyt 0QoAQJ3i/Ku05sLvkSO2xObrk298DR1Kve+RNpkMrGwUlXZj2wk4BdQvVvlN3pvLAkPJ 9FzLZ3nRk9Y7TzrxC8wtj37jkJquD4SbN8kPd38+O3NBn7JVbROjjFhDy4yjS99Kc6oG ILvw== X-Gm-Message-State: AOAM533MQiWYUU5xd4Ihhl67PSarR33cySjYoUBxrJ5m1Pfdy3toboEq /JLrET1+ErZiGGovuf7zDMbfnGXbxLZxIA== X-Received: by 2002:a63:1c54:: with SMTP id c20mr1794583pgm.221.1598634327920; Fri, 28 Aug 2020 10:05:27 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:27 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 02/16] crypto: Rename cipher include files to .c.inc Date: Fri, 28 Aug 2020 10:05:09 -0700 Message-Id: <20200828170523.418603-3-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::432; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x432.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" QEMU standard procedure for included c files is to use *.c.inc. E.g. there are a different set of checks that are applied. Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- crypto/cipher.c | 6 +++--- crypto/{cipher-builtin.c => cipher-builtin.c.inc} | 0 crypto/{cipher-gcrypt.c => cipher-gcrypt.c.inc} | 0 crypto/{cipher-nettle.c => cipher-nettle.c.inc} | 0 4 files changed, 3 insertions(+), 3 deletions(-) rename crypto/{cipher-builtin.c => cipher-builtin.c.inc} (100%) rename crypto/{cipher-gcrypt.c => cipher-gcrypt.c.inc} (100%) rename crypto/{cipher-nettle.c => cipher-nettle.c.inc} (100%) -- 2.25.1 diff --git a/crypto/cipher.c b/crypto/cipher.c index 2722dc7d87..005b5da4de 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -151,11 +151,11 @@ qcrypto_cipher_munge_des_rfb_key(const uint8_t *key, #endif /* CONFIG_GCRYPT || CONFIG_NETTLE */ #ifdef CONFIG_GCRYPT -#include "cipher-gcrypt.c" +#include "cipher-gcrypt.c.inc" #elif defined CONFIG_NETTLE -#include "cipher-nettle.c" +#include "cipher-nettle.c.inc" #else -#include "cipher-builtin.c" +#include "cipher-builtin.c.inc" #endif QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c.inc similarity index 100% rename from crypto/cipher-builtin.c rename to crypto/cipher-builtin.c.inc diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c.inc similarity index 100% rename from crypto/cipher-gcrypt.c rename to crypto/cipher-gcrypt.c.inc diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c.inc similarity index 100% rename from crypto/cipher-nettle.c rename to crypto/cipher-nettle.c.inc From patchwork Fri Aug 28 17:05:10 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248595 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1257700ilg; Fri, 28 Aug 2020 10:07:08 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzgmICuBdSdPdjgUA5Nv/Yo3qNO5Tj4sDTpofpQbbwN9tM9s9wxk5qjxqufTevBsQj18pz8 X-Received: by 2002:a5b:411:: with SMTP id m17mr3934391ybp.176.1598634428239; Fri, 28 Aug 2020 10:07:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634428; cv=none; d=google.com; s=arc-20160816; b=UaPqsTugEaGKV9SY7ryN29XW62dGcPnnPBXiDy8+0V0FliByuSBh3895pAvS9UnhmT 7CpS6W6ZSladvWV6P6YrqSwvHAdcvhtiCiKNGiPBTAQdSFCgOkUtqz+VEcDaI5qt7VYs 2iDivs/N+x2BvSR5UhW4EISgTgqStlkjeeWqPcGVyK1rb0Bn3Z7RYkQyrkb+k99rk0h8 zHql6bf9OokafQ2ephYqSvPW/ggGb9e/FzO5aWZMGjuPTfMcnBVTlp+8VuJpZ5Df78qm YpGX8VKCxLjuTwyWdW6SBbzVCKx6NGN0mWiNbTONZw6iHWL0DB5o6GFuq7TTUKm7nL7r PVtw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=nA8sOGwp4muNfzFnK5OqU0Yy/1iMfyGCO/RUYuZl4X1J+ehcN+z6l46Y8zZHwQQPHy xGPwGyQzOdMPPnDON3Qr8jG28492Kb0VoFzaVuKPdMOOcxzC5CNU8QjzotolYrmonGv9 f032vI3xpOY8oGUT0gBYEbEQlTh+rOmJDNVCTxQ7KPf1k4Mq8C1UVg7MRb9FkPJrMl4P xEIMvapdyj7ujmAepaJS1apT35KTtO/O33jFegIPbj826S2pNnIWsMzfYYqpGtWNiTuO WMoiILxET8vlSynh2tzU5qN02Q8lDTMFn6rDegz0UraVztvWBiHDLMyhqz37GyWQRInF 8iyQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=I3KjoArD; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 79si1377693ybl.479.2020.08.28.10.07.08 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:07:08 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=I3KjoArD; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:37738 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqF-0006ma-KW for patch@linaro.org; Fri, 28 Aug 2020 13:07:07 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36634) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoi-0003Zz-RO for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:32 -0400 Received: from mail-pj1-x1029.google.com ([2607:f8b0:4864:20::1029]:40574) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoh-00030S-0t for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:32 -0400 Received: by mail-pj1-x1029.google.com with SMTP id kx11so20027pjb.5 for ; Fri, 28 Aug 2020 10:05:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=I3KjoArDaN3KKaUhyem6JJl7pG2J3QaSVS4XAkvDmxudW1TjtVLlFZ445IxB/dLKjv aHkgtjtXLClIzESQ5AwiXcoBtzjH3rSQrSlGhRvR6/aQnq9GLR0IC98HwFEet/NctH94 gLfMA56fKrh0B9b2gGnvI2A53ZgKpOHppIcAIBnGE5UektY0mPCBAVW6XrAVVBfFIfXx saloL5z3/66JpEE4XYtkv9xjjwd7zoMiihqe7Ai/ynhrIrLjxqK0YI5yicemGWc8SWGa ceCc9bZFtW2FEec9BNdbOqIlfrK7mbajqwxSmtiUm/wZHHv2ySIUGbjdXdHasSFmRaXJ /QrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=G4aBqze3dMxYJ4S0H3/4ztu6UBprrxcKGaJBxwSWoZI=; b=B31xlrrqz7v8LfhFSGzvAjQXSrBIfi49ERHEiMnqZegw5LOeG12uJg+xIJmsWhqNoY poaRTXrn6seV4COYN8BwyfoxWVu/INz6lOVK5Of6gVS8luELrTKuAGNejzQYj2MsHPW/ tO6I4P3Yzt2KoTQ5VCx0i+GvNHbxX2BIzNKK/cBgZjRIagGXE7W0hnheUIwFXHvxJpd9 rK3H6ak9iM+xbgtbA9Tcw+FqYYKavi9/EihSg1LTXWSVK7ArQeZgrQahjaYbEVLTuEMR qpSAz4pgsyYIa+8KMGF6FD/orwoXBPOj2uLaWdP6WNfkqrLT1n+mFrk8ntAQR+5CN/P5 oC7g== X-Gm-Message-State: AOAM531mfaH+AelyBhaUTgi1oWLxQET1/UTJG7PRD4McJ+1X0Sv/N4iK CnvuGb14mbQ6A41HPP2drycjFTXTbpnAGA== X-Received: by 2002:a17:90a:19d1:: with SMTP id 17mr59873pjj.93.1598634329101; Fri, 28 Aug 2020 10:05:29 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:28 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 03/16] crypto: Remove redundant includes Date: Fri, 28 Aug 2020 10:05:10 -0700 Message-Id: <20200828170523.418603-4-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1029; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1029.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Both qemu/osdep.h and cipherpriv.h have already been included by the parent cipher.c. Reviewed-by: Daniel P. Berrangé Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 2 -- crypto/cipher-gcrypt.c.inc | 2 -- crypto/cipher-nettle.c.inc | 2 -- 3 files changed, 6 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6eafd39da0..56d45b0227 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -18,11 +18,9 @@ * */ -#include "qemu/osdep.h" #include "crypto/aes.h" #include "crypto/desrfb.h" #include "crypto/xts.h" -#include "cipherpriv.h" typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESContext; struct QCryptoCipherBuiltinAESContext { diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 81e4745bff..a62839914b 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -18,11 +18,9 @@ * */ -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" #include diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0677fdfd33..256931a823 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -18,11 +18,9 @@ * */ -#include "qemu/osdep.h" #ifdef CONFIG_QEMU_PRIVATE_XTS #include "crypto/xts.h" #endif -#include "cipherpriv.h" #include #include From patchwork Fri Aug 28 17:05:11 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248599 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1258904ilg; Fri, 28 Aug 2020 10:08:26 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzgQAK7OuMsKsPCio/VEm1LE5Lzz8x+VSg6eB1RQ2O2FbRqN/kN3chJyozJrj5V96zHaUi4 X-Received: by 2002:a25:aca5:: with SMTP id x37mr3902102ybi.417.1598634506693; Fri, 28 Aug 2020 10:08:26 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634506; cv=none; d=google.com; s=arc-20160816; b=dcxjM3csuCbU9+fD1YH/1mE+9QTmEUhpRxn8lAkxzebZu+bjxPiytkAPRIG4wlDuw+ ZqMILNJaYhQ3Shk7p0RPG1epYz8bHJ45pH6rmhkICBlaJKpNaLpzB0GNza0oDV3vlX36 nHR9me5OVDleIEES9+UK8GuedSMbR4p/2KHmM4gtoX+V0oUeH9ZxsSxHtSGjW/hu/ecR VNRiypWbUuDPhF8w4fdBCcEtAf2cfaZ21Uh+ZpVxoAlD8FnUtqoLQJlNZjzFwsyTibyM VQKxwDzimPaUrlnWOMNnm7TaYDXs6ZfL6hmiJSly+XKYf+RMvLAIcW+YVM1oNa+/LXa5 Id+w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=XPAy/dcALwStXykM/HRLZM5IqgHDNrlDGqUh3DoOztypJ45JIec24p9MWZQEjmknhd 6S4V3wyj1vf4fLkwFzjLAKtgZINqEa06SZY2uY95R79+sg8bC6Jj40N3XOxIgn7M20oo aQ2JvZO+ghHzpW8gbjcm4vHt3I+8ZcRl3oiowdDSJB2qIF55q+Xx83cYo9HB4CNPouIt MfuW9u0HEKY+b5WYJgbWSlGSzxXf0SKXTQvpAzMywfb4eLtVijcb7HzdowSrZiOzQZ5g P6b6/XvQU4/2DnFbHTN1wGS1K9wuFboPt5y3hkza1yEOb8UMiWO8ZuvsPJ3CEtD5nozk T1YQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JoSAFj7h; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id g20si1502871ybh.158.2020.08.28.10.08.26 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:08:26 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=JoSAFj7h; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:45924 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhrW-0001bb-3y for patch@linaro.org; Fri, 28 Aug 2020 13:08:26 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36648) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoj-0003bS-Iu for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:33 -0400 Received: from mail-pf1-x443.google.com ([2607:f8b0:4864:20::443]:33688) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoh-00030b-Vr for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:33 -0400 Received: by mail-pf1-x443.google.com with SMTP id u20so954807pfn.0 for ; Fri, 28 Aug 2020 10:05:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=JoSAFj7h/TcBC+QPk7eGl93Qqn79bJodTyFVU8QyWiKEeEiTkR6Zuwor5kqF7Pvqpt jEUFLyHIQwEFUSj6aOQi0QLeoDIYhlPAj9H/qfCt0Dw17iJwQDC4//VWZPtZJIHeihzz emLNPzforafvinCVoxfpq3qDrbpaXzEhzR6DrYupBk+v815j07a8RluYi1UjJ/Xrcev4 gU5/CJUIbTg2HYHBAu7hvKq2uw40+hjBWGqzrSxVl/Y34xdEGUNpagqPS6Q42ZcZvJQe NMKX/LNKiHpuLxJBmONit+5q7vfwpotyhWlsrg61nUsfIQJa0lxVXbrXWN/xu8pJo6jp TE2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=vkqjR+0dFjJx/RqSJg4ZuU6Fj06xiA2ZZSaXxPiNFoU=; b=KiMwoEskkwvzXhBfCuGw0OJnnXJQZ5YE61s2aG2IPhKfJTxXqK5JopHEzYd3Qm73VD 7H+O88+GK9g2JbGbJhlfXnOD6T5Fhz5JGxc4ho6XsaCt7IwQN/3B46XDCamfFU1Jyz42 MwD/TNJwpBXi/Ko3pS2MysstzrvNteeF1asa1cD1kkLbPToM+me4Hey9D1V9BHWQooh8 QmkQDjaUO/O1vf9o0cDYeghzUIWw68WukWJG3r6W+HJWDq+Ar04lfp+rGHBQUvy4aekl +hGi4abUz8YSJoPZF+iDrzrvvPSPmHZHuEcTHFE/50OL6YgzvGMi8OOT97/OIpQVFv/J H2Zg== X-Gm-Message-State: AOAM533EaR5T45O6IkCBaiudjDeZDnwYstjEv2ODk+XAyBaSsJvJKKck ATbvZGHpdxL9CLV+VzPMOr21KZGJYhUXBw== X-Received: by 2002:a63:516:: with SMTP id 22mr1812863pgf.316.1598634330292; Fri, 28 Aug 2020 10:05:30 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:29 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 04/16] crypto/nettle: Fix xts_encrypt arguments Date: Fri, 28 Aug 2020 10:05:11 -0700 Message-Id: <20200828170523.418603-5-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::443; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x443.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" The fourth argument to xts_encrypt should be the decrypt callback; we were accidentally passing encrypt twice. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-nettle.c.inc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) -- 2.25.1 diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 256931a823..0404cfc6da 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -632,7 +632,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, case QCRYPTO_CIPHER_MODE_XTS: #ifdef CONFIG_QEMU_PRIVATE_XTS xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper, + ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, ctx->iv, len, out, in); #else xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, From patchwork Fri Aug 28 17:05:12 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248593 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1256434ilg; Fri, 28 Aug 2020 10:05:47 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxXlTvz/HUPG4TEFzII8ZDFpS9QGV1kAu+Rt1SUeixAf4Av/x2S2SHmhKm54pHGHK5AHDcL X-Received: by 2002:a25:a441:: with SMTP id f59mr3714931ybi.42.1598634347590; Fri, 28 Aug 2020 10:05:47 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634347; cv=none; d=google.com; s=arc-20160816; b=UvHD+axHrtmnbkpgK0L9AQ5eNWxmLFw9PdT15xlsatt1jj4pJJn/B4CRDmeIhVS0iI MsTf0eFQb1BT70Xp88KnCQdjFXTYPo/1CUZsevdRP6BVdlBgLlPdWcqR65x7y4/abgW7 Mow6+GemZLQOu5HVLBr+uX2CaM5dqFpBC1XbTunj2nqi5iyz2gYjlCmQVicv5BfnFjJX oXHp7UitclIJ+GR6oU7Fg6PYdGvAEBBzD6Miiuc9CDmk+OxQu2D8T0a5eq3neDolf5i3 y2xyqqy6y5myNpqg8WEJHVua5S0NGfctoKvCrgPDH8uQg9xXMNFNlDMttaI8djC4xEjc +7dA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=UJv4XDoEofGUAjvIvjJJwVq1tXxYwkQkILbyGlz+ZHvTGZ1W3t8EBOyIfQAjRuhqNy a0mDIF6yuxXYjazqDqg63w/KReiZj2M7oij/nl4O29J6IKELmZkK3im2qthnYmCfPjEW gpEKZgiPBH+7+9X9abUXOyCKSYhUcvzXsMEp/LbtOkKxEgfg0sd23kLhEs8ctxpYmjMM HHc4sr2pLgXcMEb/cDruc3JUFeAnz87Oy0II9OVb7OSJw7Es5XJVu38Ah2CDd/fWVN4r 59SGu4VBVXi/DSsWiotGpuKK6XokJbK0oVpa0M804L4dgKtSDRNy/gUBkMn+Sytuh3Bl hLmA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Lsha6aDU; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id l83si1412552ybf.113.2020.08.28.10.05.47 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:05:47 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=Lsha6aDU; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:58376 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhow-0003gF-MR for patch@linaro.org; Fri, 28 Aug 2020 13:05:46 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36670) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhol-0003eW-5x for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:35 -0400 Received: from mail-pl1-x629.google.com ([2607:f8b0:4864:20::629]:37992) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoj-00030v-Kz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:34 -0400 Received: by mail-pl1-x629.google.com with SMTP id t11so788419plr.5 for ; Fri, 28 Aug 2020 10:05:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=Lsha6aDUfzLNjD6nDAtn0kKeiG8ihysx7VKq/F+7pnd7fwIOX+Hg2BgfhfWwdlgNd+ JQF5wMrFLn1H7YmKVB0oElmFu0NxJNtoQEb5o5lUb9ZyiPfTylzgjGvt4bAmlWagR/5K KvbOMRJmApVSc+y1ulb6dSgVHNonMlqn44GMxThrfrNgMMkw/NPIMMob9VveHJOjlV5q tVVwnUpHWjG5Iw47MGVeyd5URq/l2TWXtaueFf3boPj+S0ZDk4OydNWhzSNML1q7gYmS sdK/ojYWRgL6OutRtlNrb3h23Q0KtpZ7JKlFIc3nq9+pbOk0A3iyDjmb5Ei+7hleS2H6 Bbnw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ITUpbwpJpl5kwHPYTXnaY0I0dsp5Ua5j8HECaAQoi50=; b=W2wkUQYjrF+BeDBjOLLBRf60PGwn7mQ4lU2z1fsamUi8+a+TSRSujvsZKQqm1ykxrR s3cH+yMCRPRabq5Qsd5xYUDWPo1ZtYVp8H23OdHp8RaCvuPnkGUyzwqUND2EVDrHaRUt apu+kttmMI0b//YU8ThbMdWSTLhSMOOY7wvd7XtNa8KwH5VQYgX8tOq2tpA/J09y1kzn N3zrMgNd2wwby3pOf01unRJDtN4aYpcxNiZBjzsqekosCW/CUpV6vCNeg9jz6kZXhRQG M/2M8/Zsn4czNcxvTxQ511U46K7toEem7vkVhXgxOg58aYeTqqRV48UTXju6kpGOQjmA wKlA== X-Gm-Message-State: AOAM532+BB0vB42nHftFOEJaa6T9zF3ZyIV7dOiuWjn5DsW2P/5W5uVn xz1JD9QgdsxHCihNpSpuiXXVnjW3b+GF2A== X-Received: by 2002:a17:90a:24f:: with SMTP id t15mr46207pje.227.1598634331759; Fri, 28 Aug 2020 10:05:31 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:30 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 05/16] crypto: Move QCryptoCipherDriver typedef to crypto/cipher.h Date: Fri, 28 Aug 2020 10:05:12 -0700 Message-Id: <20200828170523.418603-6-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::629; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x629.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Allow the use in QCryptoCipher to be properly typed with the opaque struct pointer. Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 -- include/crypto/cipher.h | 1 + 2 files changed, 1 insertion(+), 2 deletions(-) -- 2.25.1 diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 0823239f41..9228c9fc3a 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -17,8 +17,6 @@ #include "qapi/qapi-types-crypto.h" -typedef struct QCryptoCipherDriver QCryptoCipherDriver; - struct QCryptoCipherDriver { int (*cipher_encrypt)(QCryptoCipher *cipher, const void *in, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 5928e5ecc7..8a42a683a4 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -24,6 +24,7 @@ #include "qapi/qapi-types-crypto.h" typedef struct QCryptoCipher QCryptoCipher; +typedef struct QCryptoCipherDriver QCryptoCipherDriver; /* See also "QCryptoCipherAlgorithm" and "QCryptoCipherMode" * enums defined in qapi/crypto.json */ From patchwork Fri Aug 28 17:05:13 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248602 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1260324ilg; Fri, 28 Aug 2020 10:10:03 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwxh74PAA/fWV/uy8F5YkvfgRRimtHSSLYdjCE2QnBnqlOzkswKdQxuJXSoFjQ6/UENmiF7 X-Received: by 2002:a25:40c1:: with SMTP id n184mr3992201yba.193.1598634602953; Fri, 28 Aug 2020 10:10:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634602; cv=none; d=google.com; s=arc-20160816; b=MBtrb2D/UrP4ox23wg6749ZphieNzYT2iY8CuJAM867Cs1chLwZV5rtHgUXYihuR0Z 8QLSnvj3Ar5v0YjnStlNojoOeND+KcybAijxcNoFIKHk3at8L89UoUCGAEkqZYFD7ldd V/tbpYUHaQLG7uGlrA6Yu/1GoanQ84GiUDzLUSWHXRGxTp7QyvNkbeDb6cOd8zaQedOK a1i9sMAjVJplN4uRbc9gpCT3BM+D+26QnS4KUXgAgpvBvWyzwccgwvEMpLYTed6Gwx93 MbM691QSpsrU0TU1zW8Fb7ONFB5LjE+gqD2c333AFTv5bv+wdds2MHok8AVA0T/AUTTo D+pQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=zi5V+hazPd58uul6zleQKKZHud0AEL4LXvh0laEuFuQDwqo1dsRCqqJ8FpR8yY4lPK a9Qxlp08HOqi+UPlOkD4ruZKaEzED9pZ/y/+hm1QZ8GqSN1xg0uS7AvJUBOT4tvcu/Gu BC8HZ46973F3IYFKYadQytO17d2OpyurRL5QYhlsyo7GxfJSqZ2V+zBaYe7N/GuTf5uS I6AcZtvLyBujJygBJdCYh+ma4qTvlxVpqoGI312PmwA90kberLqgXqdonfu4dWVwYd3J w2HIFGeSC3SaRvgy/i0I/R7GbTlKAbz5klvebtupa7M5JWstIPSe64zw4Xx5YYFMIOwn IvcA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=G6PerQXW; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id o11si1523354ybm.201.2020.08.28.10.10.02 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:10:02 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=G6PerQXW; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54070 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBht4-0004t5-DT for patch@linaro.org; Fri, 28 Aug 2020 13:10:02 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36686) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhom-0003hk-Qd for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:36 -0400 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]:50418) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhok-00031B-Rb for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:36 -0400 Received: by mail-pj1-x1041.google.com with SMTP id i13so29592pjv.0 for ; Fri, 28 Aug 2020 10:05:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=G6PerQXWstwmdCPXnwBaX11sraa0ig2nAFNHo2l2N0UkGdzTzFPrgpk4y2bcj4I5y/ PvfA1Z02eCoYWuxZZboVWxk6SiHgO5DXrGTJLleGklN/BvW4a4gXx8ghkca2CXwqU2l1 3QW1we7H/XOj7t2d8lu3MH3OtTqEyROjj6vWUNButuoq4YvPZvNevNvTPV8WDc42A/kq kk1pYg06iCporVjyHAVE2VYb2t5K4lN1vjNOEQgjWviV3shMCwH1JYmzByrR0l+GYERo 4A6h2ue5kQMkE087vzWxJfq26jtSw7ucMQvJkkULzuY+fMCIsUaB2R+g5my2HUnzH3AK dJoA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=HhAhMooMYX4G7bojWisen5XGZe2hgpNyMX5WGu2HwOc=; b=bpZBfisIxLzdvbr0T0e57S+EHdVsfP+adBe9b0NvkKqMQ+0QCLbxvkj2VIcxgtsz5t GHT6WJWxLOw5Vrh6bJmhuzsPto0/arZ3unT6XN2v82U166p6yEyLJOR2/zte44SqGiM1 BA5zS39y7auP66brprVL3UHZS6CST0W17AEF30KKEHTJygzgNNbBDkpsSdTf/7+bVEpX gslefyAws8DJVS4Z9bCe8kB0zZnODA/mSs99uDCd1ehvZREB43Q5zJe5js47aoxU+Zxa rqfHZa8GqEMYQsm/F8VZri/9H7rQhAmt5jzH2DSkMilLj9ZdrAEbeInx4GZFn6gvjMR1 uSuw== X-Gm-Message-State: AOAM531nHgTgjmU0LwJPg5cGlTkmt1qFEejrNIpVzHgZKHY60R07D1iV klE3jsrNATH59MI+pbww335d+ZCKvjLkIQ== X-Received: by 2002:a17:90a:f416:: with SMTP id ch22mr11829pjb.232.1598634332949; Fri, 28 Aug 2020 10:05:32 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:32 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 06/16] crypto: Use the correct const type for driver Date: Fri, 28 Aug 2020 10:05:13 -0700 Message-Id: <20200828170523.418603-7-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1041; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1041.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" This allows the in memory structures to be read-only. Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 2 +- crypto/cipher-afalg.c | 2 +- crypto/cipher.c | 12 ++++++------ crypto/cipher-builtin.c.inc | 2 +- crypto/cipher-gcrypt.c.inc | 2 +- crypto/cipher-nettle.c.inc | 2 +- 7 files changed, 12 insertions(+), 12 deletions(-) -- 2.25.1 diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 9228c9fc3a..b73be33bd2 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,7 +47,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); -extern struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; +extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; #endif diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index 8a42a683a4..cc57179a4d 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -81,7 +81,7 @@ struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; void *opaque; - void *driver; + const QCryptoCipherDriver *driver; }; /** diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index cd72284690..5c7c44761b 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -218,7 +218,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher) qcrypto_afalg_comm_free(cipher->opaque); } -struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = { +const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = { .cipher_encrypt = qcrypto_afalg_cipher_encrypt, .cipher_decrypt = qcrypto_afalg_cipher_decrypt, .cipher_setiv = qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher.c b/crypto/cipher.c index 005b5da4de..3ca4a7e662 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -165,7 +165,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, { QCryptoCipher *cipher; void *ctx = NULL; - QCryptoCipherDriver *drv = NULL; + const QCryptoCipherDriver *drv = NULL; #ifdef CONFIG_AF_ALG ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); @@ -187,7 +187,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, cipher->alg = alg; cipher->mode = mode; cipher->opaque = ctx; - cipher->driver = (void *)drv; + cipher->driver = drv; return cipher; } @@ -199,7 +199,7 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv = cipher->driver; + const QCryptoCipherDriver *drv = cipher->driver; return drv->cipher_encrypt(cipher, in, out, len, errp); } @@ -210,7 +210,7 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherDriver *drv = cipher->driver; + const QCryptoCipherDriver *drv = cipher->driver; return drv->cipher_decrypt(cipher, in, out, len, errp); } @@ -219,14 +219,14 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherDriver *drv = cipher->driver; + const QCryptoCipherDriver *drv = cipher->driver; return drv->cipher_setiv(cipher, iv, niv, errp); } void qcrypto_cipher_free(QCryptoCipher *cipher) { - QCryptoCipherDriver *drv; + const QCryptoCipherDriver *drv; if (cipher) { drv = cipher->driver; drv->cipher_free(cipher); diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 56d45b0227..156f32f1c7 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -522,7 +522,7 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, } -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { .cipher_encrypt = qcrypto_builtin_cipher_encrypt, .cipher_decrypt = qcrypto_builtin_cipher_decrypt, .cipher_setiv = qcrypto_builtin_cipher_setiv, diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index a62839914b..18850fadb9 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -413,7 +413,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, } -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { .cipher_encrypt = qcrypto_gcrypt_cipher_encrypt, .cipher_decrypt = qcrypto_gcrypt_cipher_decrypt, .cipher_setiv = qcrypto_gcrypt_cipher_setiv, diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 0404cfc6da..6ecce5e8ea 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -724,7 +724,7 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, } -static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { .cipher_encrypt = qcrypto_nettle_cipher_encrypt, .cipher_decrypt = qcrypto_nettle_cipher_decrypt, .cipher_setiv = qcrypto_nettle_cipher_setiv, From patchwork Fri Aug 28 17:05:14 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248594 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1256882ilg; Fri, 28 Aug 2020 10:06:16 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzZaScXIHmBSyCzGN/e/fgR+pEg4W0oAKwJLHyHe8hy91Om5HsvhXHcEvAoAKbSqkF04KGv X-Received: by 2002:a67:8a89:: with SMTP id m131mr1701721vsd.123.1598634375898; Fri, 28 Aug 2020 10:06:15 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634375; cv=none; d=google.com; s=arc-20160816; b=qbJQbOhYilGATUfl5MdyyyRfp81GuvJqLYZPnrzOmwMbGir1dE1pYHMJU2sBlItWdl 4KR75puGg40Bos2iJWdSkqsCxv7AEO6ZLnjPRsGe/SivdtA9awR1lbILR4uBEdGbrtC0 /qhOhnHw1XfY/vPZo5rIUzURR2HSvaFpyK5sg58PzXX0z6mNNFBjeTKOstWAea0Vi7Qq 6/JUb4CvB8S9gH4kMb64XqJxdy8j58lUAbZ1mrgdQOANjxx5PFWBtWvLpbbIZj72FcOR pyhVh6InPWVCuZ+h8HsHJ/yioAhhztvwESLTCp53rioRyzMrhCcaEOLLjOtB3jPi70Bu ctrQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=fZQiqzLOvJlz0/6zEE6Oomu8ik5/StUOvNhkpWbnRUEfjKZyuudrpQ8a9JXsk8wxwY zQrojfbwXrUPNUgSqbHfYJI7MLHBIlh/GpPZo82G07ITM+cwkVCKKV485fOLSyC07P3n dji1iJWuuhSogiY8oSt37pHyt+q1m7HaAxIwxgCWSruR0sH3uYZlIHhn2+/BVRena5TT m17DoojhAs1RcRqntf1CzgkIaPocctqoAGt2cw1u0WpqVIOqEesmrMWOPj2VUTusANi9 IJXNhIlYFmM6TKUHZ8aiP3JO0Ur6+4gP1uiUx2ayTNfG82tPIzsxbAXUOtAbcNVeKxGR lp7w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bB4tVYBX; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id z4si427900uad.188.2020.08.28.10.06.15 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:06:15 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=bB4tVYBX; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:58778 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhpP-0003qY-5G for patch@linaro.org; Fri, 28 Aug 2020 13:06:15 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36718) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoo-0003mP-PK for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: from mail-pl1-x642.google.com ([2607:f8b0:4864:20::642]:43339) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhom-00031Q-2z for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: by mail-pl1-x642.google.com with SMTP id y6so776681plk.10 for ; Fri, 28 Aug 2020 10:05:35 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=bB4tVYBX/pcxfZKriFcWvZ6hdwTG5IlzUdESogO9CBJDoVk6IqEsDIocogHcL9hImW sugc+sqbnlAHbOC+B1DuLxqQXK0Js2Zx85H7/Xs80DJWtfJ6JmF7LjcQ7XLDpgfCMTjI q0Sz592CKnsPuMuI8HgYc7HeMNo8S+5FLbuhn6F9RKZfoSrvcuNMcjuFWYgAwUOahDjG cylRPgxJ6sl9/hL/yZ9B6gW+2L2GKXt/WwwakBJeED442F2jXi3uwhyXm0/J7/3A7JGz VbGUYmmUiAsw2W7oBxWQypw5TXX+qnZCT//309BYc5TOPl5iIgmUHqOyk+ssrBuD+j9/ BL7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=JREoOBZDsfvT9iPa1cHUlefwF8fK1wVDvI3iB6VgIe8=; b=A7o1ijD52thqDGpvkmbQYqNI48pxCBspzE+lUNtT+VnBhL71knOPr+MyxuIzH0FwCm IKjr5Hf/nK8HAL6zERnMihZGsPpelIjQGA6f9hJ5MyMs/nBEkZgzLqDgoujfbsJl8LBK G7yWKnhoEHusk1dGLx4QsbT6JKTuad/d0Qj3P/H/oqnWD398fA7jRHhB9yEF2QNMbGGB DuviWjwJbjvSXQb+KwHnx8VqkKcTSNRDolqGn0v2OXM3wdxuTIK7lVDzTEEjbdyMvjFb eoMG/g2lt3KdtCLrJCNoRy8eia5v/vV+APLrXaTZJGbxxUznWLG2AbLkkLvvy9f4ORvu m9ag== X-Gm-Message-State: AOAM5331vZAnRLsMiN5vz+7A2U2iItqxtNuYBkWYO8w6cEFzZwRXvgqx +hIjOSyLrpGYqGPp01gCANDO2ufne1BV6A== X-Received: by 2002:a17:90a:f417:: with SMTP id ch23mr24246pjb.146.1598634334150; Fri, 28 Aug 2020 10:05:34 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:33 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 07/16] crypto: Allocate QCryptoCipher with the subclass Date: Fri, 28 Aug 2020 10:05:14 -0700 Message-Id: <20200828170523.418603-8-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::642; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x642.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Merge the allocation of "opaque" into the allocation of "cipher". This is step one in reducing the indirection in these classes. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/afalgpriv.h | 3 ++ crypto/cipherpriv.h | 2 +- include/crypto/cipher.h | 1 - crypto/cipher-afalg.c | 20 ++++++----- crypto/cipher.c | 20 ++++------- crypto/cipher-builtin.c.inc | 68 +++++++++++++++++++------------------ crypto/cipher-gcrypt.c.inc | 23 +++++++------ crypto/cipher-nettle.c.inc | 24 +++++++------ 8 files changed, 84 insertions(+), 77 deletions(-) -- 2.25.1 diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h index f6550b5c51..5a2393f1b7 100644 --- a/crypto/afalgpriv.h +++ b/crypto/afalgpriv.h @@ -15,6 +15,7 @@ #define QCRYPTO_AFALGPRIV_H #include +#include "crypto/cipher.h" #define SALG_TYPE_LEN_MAX 14 #define SALG_NAME_LEN_MAX 64 @@ -32,6 +33,8 @@ typedef struct QCryptoAFAlg QCryptoAFAlg; struct QCryptoAFAlg { + QCryptoCipher base; + int tfmfd; int opfd; struct msghdr *msg; diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index b73be33bd2..437b109b5e 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -41,7 +41,7 @@ struct QCryptoCipherDriver { #include "afalgpriv.h" -extern QCryptoAFAlg * +extern QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h index cc57179a4d..083e12a7d9 100644 --- a/include/crypto/cipher.h +++ b/include/crypto/cipher.h @@ -80,7 +80,6 @@ typedef struct QCryptoCipherDriver QCryptoCipherDriver; struct QCryptoCipher { QCryptoCipherAlgorithm alg; QCryptoCipherMode mode; - void *opaque; const QCryptoCipherDriver *driver; }; diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 5c7c44761b..86e5249bd6 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,7 +58,7 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm alg, return name; } -QCryptoAFAlg * +QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, @@ -109,7 +109,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg = CMSG_FIRSTHDR(afalg->msg); - return afalg; + return &afalg->base; } static int @@ -117,9 +117,9 @@ qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { + QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base); struct af_alg_iv *alg_iv; size_t expect_niv; - QCryptoAFAlg *afalg = cipher->opaque; expect_niv = qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode); if (niv != expect_niv) { @@ -200,8 +200,9 @@ qcrypto_afalg_cipher_encrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, true, errp); + QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, true, errp); } static int @@ -209,13 +210,16 @@ qcrypto_afalg_cipher_decrypt(QCryptoCipher *cipher, const void *in, void *out, size_t len, Error **errp) { - return qcrypto_afalg_cipher_op(cipher->opaque, in, out, - len, false, errp); + QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base); + + return qcrypto_afalg_cipher_op(afalg, in, out, len, false, errp); } static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher) { - qcrypto_afalg_comm_free(cipher->opaque); + QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base); + + qcrypto_afalg_comm_free(afalg); } const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = { diff --git a/crypto/cipher.c b/crypto/cipher.c index 3ca4a7e662..737fc0735d 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -163,30 +163,27 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipher *cipher; - void *ctx = NULL; + QCryptoCipher *cipher = NULL; const QCryptoCipherDriver *drv = NULL; #ifdef CONFIG_AF_ALG - ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (ctx) { + cipher = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); + if (cipher) { drv = &qcrypto_cipher_afalg_driver; } #endif - if (!ctx) { - ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); - if (!ctx) { + if (!cipher) { + cipher = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp); + if (!cipher) { return NULL; } drv = &qcrypto_cipher_lib_driver; } - cipher = g_new0(QCryptoCipher, 1); cipher->alg = alg; cipher->mode = mode; - cipher->opaque = ctx; cipher->driver = drv; return cipher; @@ -226,10 +223,7 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher, void qcrypto_cipher_free(QCryptoCipher *cipher) { - const QCryptoCipherDriver *drv; if (cipher) { - drv = cipher->driver; - drv->cipher_free(cipher); - g_free(cipher); + cipher->driver->cipher_free(cipher); } } diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 156f32f1c7..6a03e23040 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -41,6 +41,8 @@ struct QCryptoCipherBuiltinDESRFB { typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; struct QCryptoCipherBuiltin { + QCryptoCipher base; + union { QCryptoCipherBuiltinAES aes; QCryptoCipherBuiltinDESRFB desrfb; @@ -65,10 +67,7 @@ struct QCryptoCipherBuiltin { static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; - - g_free(ctxt); - cipher->opaque = NULL; + g_free(cipher); } @@ -152,7 +151,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -186,7 +186,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: @@ -217,7 +218,9 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); + if (niv != AES_BLOCK_SIZE) { error_setg(errp, "IV must be %d bytes not %zu", AES_BLOCK_SIZE, niv); @@ -232,7 +235,7 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_aes(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -289,7 +292,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt = qcrypto_cipher_encrypt_aes; ctxt->decrypt = qcrypto_cipher_decrypt_aes; - return ctxt; + return &ctxt->base; error: g_free(ctxt); @@ -299,11 +302,11 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); g_free(ctxt->state.desrfb.key); g_free(ctxt); - cipher->opaque = NULL; } @@ -313,7 +316,8 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); size_t i; if (len % 8) { @@ -338,7 +342,8 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); size_t i; if (len % 8) { @@ -366,7 +371,7 @@ static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher, } -static QCryptoCipherBuiltin * +static QCryptoCipher * qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) @@ -391,7 +396,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt = qcrypto_cipher_decrypt_des_rfb; - return ctxt; + return &ctxt->base; } @@ -421,14 +426,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, } -static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { - QCryptoCipherBuiltin *ctxt; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -446,29 +449,25 @@ static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctxt = qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - ctxt = qcrypto_cipher_init_aes(mode, key, nkey, errp); - break; + return qcrypto_cipher_init_aes(mode, key, nkey, errp); default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } - - return ctxt; } static void qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherBuiltin *ctxt; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); - ctxt = cipher->opaque; ctxt->free(cipher); } @@ -480,7 +479,8 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -499,7 +499,8 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); if (len & (ctxt->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -516,7 +517,8 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt = cipher->opaque; + QCryptoCipherBuiltin *ctxt + = container_of(cipher, QCryptoCipherBuiltin, base); return ctxt->setiv(cipher, iv, niv, errp); } diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 18850fadb9..3b3c85e265 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -58,6 +58,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; struct QCryptoCipherGcrypt { + QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS @@ -86,11 +87,11 @@ qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, } -static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherGcrypt *ctx; gcry_error_t err; @@ -257,7 +258,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, } #endif - return ctx; + return &ctx->base; error: qcrypto_gcrypt_cipher_free_ctx(ctx, mode); @@ -268,7 +269,9 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, static void qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) { - qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode); + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + + qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); } @@ -301,7 +304,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx = cipher->opaque; + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); gcry_error_t err; if (len & (ctx->blocksize - 1)) { @@ -340,7 +343,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherGcrypt *ctx = cipher->opaque; + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); gcry_error_t err; if (len & (ctx->blocksize - 1)) { @@ -376,7 +379,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherGcrypt *ctx = cipher->opaque; + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); gcry_error_t err; if (niv != ctx->blocksize) { diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 6ecce5e8ea..d8371d1f37 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -294,6 +294,8 @@ static void twofish_decrypt_wrapper(const void *ctx, size_t length, typedef struct QCryptoCipherNettle QCryptoCipherNettle; struct QCryptoCipherNettle { + QCryptoCipher base; + /* Primary cipher context for all modes */ void *ctx; /* Second cipher context for XTS mode only */ @@ -355,11 +357,11 @@ qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx) } -static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - const uint8_t *key, - size_t nkey, - Error **errp) +static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, + QCryptoCipherMode mode, + const uint8_t *key, + size_t nkey, + Error **errp) { QCryptoCipherNettle *ctx; uint8_t *rfbkey; @@ -585,7 +587,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, ctx->iv = g_new0(uint8_t, ctx->blocksize); - return ctx; + return &ctx->base; error: qcrypto_nettle_cipher_free_ctx(ctx); @@ -596,9 +598,8 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, static void qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) { - QCryptoCipherNettle *ctx; + QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); - ctx = cipher->opaque; qcrypto_nettle_cipher_free_ctx(ctx); } @@ -610,7 +611,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx = cipher->opaque; + QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -663,7 +664,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, size_t len, Error **errp) { - QCryptoCipherNettle *ctx = cipher->opaque; + QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); if (len & (ctx->blocksize - 1)) { error_setg(errp, "Length %zu must be a multiple of block size %zu", @@ -713,7 +714,8 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, const uint8_t *iv, size_t niv, Error **errp) { - QCryptoCipherNettle *ctx = cipher->opaque; + QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); + if (niv != ctx->blocksize) { error_setg(errp, "Expected IV size %zu not %zu", ctx->blocksize, niv); From patchwork Fri Aug 28 17:05:15 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248596 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1257773ilg; Fri, 28 Aug 2020 10:07:13 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwxcFL+jPHncYa/Dit2FDuHo++moSycDmSVmSRYR3OMLjIsYvDNukJOygpXZemCIOKMAD0F X-Received: by 2002:a25:328e:: with SMTP id y136mr3611544yby.281.1598634433368; Fri, 28 Aug 2020 10:07:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634433; cv=none; d=google.com; s=arc-20160816; b=GDoX8TJOTygserlt28tvyFXtROWUyGRHQHvb4zzi9nSR6OPYYgIazfMC/rvAAolo4w cJcy93mzkIWwaSJyQPtf/vSJcp3rCuJSxtEnF8iABecn6wgTdWEcrQPOPSbT1Gfplh0U Iv7sL5fqA087RK9LpkFvW9pOLzbY7OzzD1o9Ux6ELRLn/4s2N5VlUhO3qpAqHgeRkZEb ImD8g+zaHiPg/glDK2fldrStuOqNbjldkrvr9zMgcZ+mRBKU45iWhB5r+fvp0k05Cf1J HXF489JnZPvt2a0N/Ep5XUu4XEkTvngo/TWBmujnWh7sRR0VaTEj3tHCUf/IMVbCC6ji 2N3Q== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=oqdPaYEA9oL9f0m6isPlv1g/0YcfDpEisI4FUHkZDPgTlAUixR2d3BdYn4ml5x7JtR rWlIcRaVuCGdVDhvGBeOxPuoAUKQVXUQAB3qdRoEUqG7vm6j4/mRiyKV3gUxhQV3O803 HaYdvUwgkVA2Zjjvt2SYKpa70astm8CDXpBUvvHq9CojnI5MHNpRYsKrJYPf5iL/5b4L B5MHL2MPDY+17vOIUNZrDyqNm/d69NfFDC4KwWwMdOuvoN+MHloulGmziS1jbenVvBW5 i/ZeuLqiT0Mjkcn/Q0ddlPhjsQS0a5sUgi1iNQ/c1Gii05JEd1ata7kj+pAL3yk56BjA 79Lg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DfX+UpRu; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id p188si1305334yba.481.2020.08.28.10.07.13 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:07:13 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=DfX+UpRu; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:38296 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqK-00070H-PA for patch@linaro.org; Fri, 28 Aug 2020 13:07:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36726) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhop-0003nO-52 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: from mail-pf1-x431.google.com ([2607:f8b0:4864:20::431]:35339) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhon-00031j-9X for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:38 -0400 Received: by mail-pf1-x431.google.com with SMTP id o68so954231pfg.2 for ; Fri, 28 Aug 2020 10:05:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=DfX+UpRuPgzZzEI+ypg6EHr6Ta3dP4juFUvEgDsY1xLS1HCF0Kxeam9Bgxy1rbkGDO LIO/i2nd4D/WopXTp5CCNfSTuIzzgL702owFH3FKbYRjQ5Y4gWnp5/wR/sC7uq9KQGGs 21fGA8P23CDSypaOdMCJmpRFWjs0Nzg7+BaISO0QgrZQoYljP9xbATIJbjA4Sw7pbMQw S6n7yumIYw6+aaWgVHjW4gPFsBukChnZQ4Wm2WcKsNzROUlOH/Kjj44OylOaTocr6rb6 PgcV5hW88Ri3rIWitgDYStNbZ66SlzxiDh1pwji9Sl1Olqb/MkRVc3WfJUETNYIdXcE3 DZiQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=eBk+GrbH5UnrDm8FHWFaBbZjN/qoNANGe98dIeav8qI=; b=sjaW61f/5H3UGbeBfd5I2gWKvbObm+45wc0gp5qKP3f18nU1KHvXP0Owd4tV6D2L8w Y2JgcHry6TIu4dK2uxCCHU1O1T8f/l7F7t5rw4GKBxh/kGpP3Cn6Eov3nPn1486Rw08l SxG1HwAZXotsTCoZMQ0DTzk0gi7KYOPKsD4pL1AVk3SDKmPmgc8IIYdhqM/7XVAhbobL UEfjUIMLw73BRvkTME4hhEVeOwlGNKp4qzfVtbi1jby0zzpWt+1YitF970xEDFq609IZ tAmoTtvKmedHmSpVlfjIEEFGzh3fdWwTrE0A9MOf9Ui5S7MN3vVNwCbeE7BF8lRY0RlB twdA== X-Gm-Message-State: AOAM533Z/nU7ERPmexKmbdEXvZ0jgZmheZLYOIcweMr6HZVM97S0T1jr zrzHpQR07RGrsbwHUzVHKIYtQW+Xmxjx0Q== X-Received: by 2002:a63:5f8b:: with SMTP id t133mr1825708pgb.238.1598634335505; Fri, 28 Aug 2020 10:05:35 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:34 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 08/16] crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_new Date: Fri, 28 Aug 2020 10:05:15 -0700 Message-Id: <20200828170523.418603-9-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::431; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x431.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" The class vtable should be set by the class initializer. This will also allow additional subclassing, reducing the amount of indirection in the hierarchy. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipherpriv.h | 2 -- crypto/cipher-afalg.c | 5 ++++- crypto/cipher.c | 7 ------- crypto/cipher-builtin.c.inc | 4 ++++ crypto/cipher-gcrypt.c.inc | 2 ++ crypto/cipher-nettle.c.inc | 3 +++ 6 files changed, 13 insertions(+), 10 deletions(-) -- 2.25.1 diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h index 437b109b5e..396527857d 100644 --- a/crypto/cipherpriv.h +++ b/crypto/cipherpriv.h @@ -47,8 +47,6 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, const uint8_t *key, size_t nkey, Error **errp); -extern const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; - #endif #endif diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c index 86e5249bd6..052355a8a9 100644 --- a/crypto/cipher-afalg.c +++ b/crypto/cipher-afalg.c @@ -58,6 +58,8 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm alg, return name; } +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver; + QCryptoCipher * qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -109,6 +111,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg, } afalg->cmsg = CMSG_FIRSTHDR(afalg->msg); + afalg->base.driver = &qcrypto_cipher_afalg_driver; return &afalg->base; } @@ -222,7 +225,7 @@ static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher) qcrypto_afalg_comm_free(afalg); } -const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = { +static const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = { .cipher_encrypt = qcrypto_afalg_cipher_encrypt, .cipher_decrypt = qcrypto_afalg_cipher_decrypt, .cipher_setiv = qcrypto_afalg_cipher_setiv, diff --git a/crypto/cipher.c b/crypto/cipher.c index 737fc0735d..3711b552fa 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -164,13 +164,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, Error **errp) { QCryptoCipher *cipher = NULL; - const QCryptoCipherDriver *drv = NULL; #ifdef CONFIG_AF_ALG cipher = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL); - if (cipher) { - drv = &qcrypto_cipher_afalg_driver; - } #endif if (!cipher) { @@ -178,13 +174,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, if (!cipher) { return NULL; } - - drv = &qcrypto_cipher_lib_driver; } cipher->alg = alg; cipher->mode = mode; - cipher->driver = drv; return cipher; } diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 6a03e23040..1444139f36 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,6 +22,8 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESContext; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; @@ -292,6 +294,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode, ctxt->encrypt = qcrypto_cipher_encrypt_aes; ctxt->decrypt = qcrypto_cipher_decrypt_aes; + ctxt->base.driver = &qcrypto_cipher_lib_driver; return &ctxt->base; error: @@ -396,6 +399,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb; ctxt->decrypt = qcrypto_cipher_decrypt_des_rfb; + ctxt->base.driver = &qcrypto_cipher_lib_driver; return &ctxt->base; } diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 3b3c85e265..7a1fbc9745 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,6 +24,7 @@ #include +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -258,6 +259,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, } #endif + ctx->base.driver = &qcrypto_cipher_lib_driver; return &ctx->base; error: diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index d8371d1f37..36d57ef430 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,6 +34,8 @@ #include #endif +static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; + typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -587,6 +589,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, ctx->iv = g_new0(uint8_t, ctx->blocksize); + ctx->base.driver = &qcrypto_cipher_lib_driver; return &ctx->base; error: From patchwork Fri Aug 28 17:05:16 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248605 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1262102ilg; Fri, 28 Aug 2020 10:12:10 -0700 (PDT) X-Google-Smtp-Source: ABdhPJzj8nwp4z396MrCb1fDMue8wP1/914pTr9ntKyeeAfjac8ciKnNjlPaaCbBJKJRJYLAnzLN X-Received: by 2002:a25:2644:: with SMTP id m65mr3941454ybm.94.1598634729984; Fri, 28 Aug 2020 10:12:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634729; cv=none; d=google.com; s=arc-20160816; b=HEONF/AI8le3pTVkVgy4tllkNtDpNd5KOTCjJexU2Xp3K5nYUXMWfwCvH+otyc3dsW xAQ0GvFyzHB813UmnLT8rFNnB8PyDqMf2qr0tdI7GQvYIDOyjbUDtb+/pk/q+rQRDTcw VTYz7cyCPguuGD2mRdksVP1bJCqfw9WX4ziu1oQV7O0/+sHUFWza/U8Nq2z/aB5V2PHB axt1fuS6e/BA879u5oXp8HihRfuoAPd2QZJpPda6VEE40Wbwpp752H9AZlZoTgz/OXFz t9S5B3syTKLfoEOIQ2Fq/ybOtPHFksVLEqz/EZHW36YBPQ1VzFIrGze8S2mvXH4wGeZY Co6w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=oBGfeQeM/buC8zxFxU1Fh3MwqsYv1jjEDQu31SxL1BbRxbdxPWtzVt3i2jHnnuXfU+ 4JHNJtn9iFBoDxgbZG0g1qnqwNnlrhkDIbr6fZbzyyd+OmBFrPP2jJ7kJTtzReTvROUu joGfA4MUfRH4H04ksYhBpyjxaNUe6Rp9qr+stOfJBrBtfFNRR4l/vrGaoJfBx41/O/dx aHGKXUvpcfnK+lCEWhzWlEzA4DWauoxNzkwkxKeCyjuh8ZHpvX3XhslBTPvtZTijOqzS tcIgPUuDexcpa11nCxlk0eFgfUrHBN/eprxLGsrmqBGNtr+K6WvIzwAd9QKyWN6YDm2l zSsg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=yK79qwzf; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id y6si1467140ybk.277.2020.08.28.10.12.09 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:12:09 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=yK79qwzf; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:60426 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhv7-0007V5-9l for patch@linaro.org; Fri, 28 Aug 2020 13:12:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36730) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhop-0003oy-Ul for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: from mail-pg1-x52d.google.com ([2607:f8b0:4864:20::52d]:36319) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoo-00032w-DP for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:39 -0400 Received: by mail-pg1-x52d.google.com with SMTP id p37so731293pgl.3 for ; Fri, 28 Aug 2020 10:05:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=yK79qwzfaH40Z1JVCkGqopZ7hJptf/Ot/frQc/0ErjJMAd6FpCqW99D10qMvAs9wej eAbAuBkEJINReChClbJtpxIsLo6ytnNkxoEPkANaVL+VhOTVejR8lgdv/2HByPoovTZG aQDGy+27Ul6RklJNRada767cTVJTBFPrxNNJtCGHDFWm6pJccWGEaI18msdkq3cocX/f x8FZV5BPBPTuFWVsofd9o71keMOy08pWjd5tgTpafy68CrzPfAuRG92aT/gMbn/AxNCy E1jEdrpOi2YhV8kgRNQ6+aTqdjoTCmou03L2b854hqTYshKGlcRMW/mTYEkUjtuTX5N2 BIow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=uHfxrHQWg2O+r2PVrn88/8hdFFb+717npid0qZec8zg=; b=dSarxfu/iNsWMdM7IMdR/gO0uU4JIWWnxNY9fUVvc5Pteds7Xz9DESpEEzHClBXRV7 XITpFxZt1DEsTmujifisgTyNCjJzj1kJFQv7h1EpOxr9fSB0Th4dnJVZDRFiJJcjZl3Y H8/0DHg6QrVQHd1wZMK5OSwrNScMUCKW2z7h/ITrbjk75Jn/WGJof99AtYmEFLJSVcHv QiXGGhRS07hYLyCqXyPkQ4ieuk5kmKAmw6R0F/mWln83RZ7JjkU8U4M4A4E/nz5egshP CqUZtMM3xci0b5WL29QlSJj/S4JHkhSxQbGWVLixmFcan0sFZ8/rTqkr/NSrf4AOxMGq JQ1Q== X-Gm-Message-State: AOAM531ZzXI/gE+9YgRJqvH0UmJgXfacsj+pulscnk2medWMFsfSkruB Hr9s6f0koxqk9RXfrgAY8UaPdNtu1aZpSA== X-Received: by 2002:a63:7056:: with SMTP id a22mr1809199pgn.12.1598634336675; Fri, 28 Aug 2020 10:05:36 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:35 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 09/16] crypto: Constify cipher data tables Date: Fri, 28 Aug 2020 10:05:16 -0700 Message-Id: <20200828170523.418603-10-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::52d; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x52d.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Reviewed-by: Daniel P. Berrangé Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- crypto/cipher.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) -- 2.25.1 diff --git a/crypto/cipher.c b/crypto/cipher.c index 3711b552fa..068b2fb867 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -25,7 +25,7 @@ #include "cipherpriv.h" -static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { +static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_128] = 16, [QCRYPTO_CIPHER_ALG_AES_192] = 24, [QCRYPTO_CIPHER_ALG_AES_256] = 32, @@ -40,7 +40,7 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32, }; -static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { +static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_128] = 16, [QCRYPTO_CIPHER_ALG_AES_192] = 16, [QCRYPTO_CIPHER_ALG_AES_256] = 16, @@ -55,7 +55,7 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16, }; -static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { +static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { [QCRYPTO_CIPHER_MODE_ECB] = false, [QCRYPTO_CIPHER_MODE_CBC] = true, [QCRYPTO_CIPHER_MODE_XTS] = true, From patchwork Fri Aug 28 17:05:17 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248600 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1258936ilg; Fri, 28 Aug 2020 10:08:28 -0700 (PDT) X-Google-Smtp-Source: ABdhPJy8zCuElAyAUJw4JW5TOsfK9Kknz/1X9yYjPJdVrKj1QvnupJcMLVSeCooM6S6tn8CQg/S4 X-Received: by 2002:a05:6902:706:: with SMTP id k6mr3866742ybt.416.1598634508455; Fri, 28 Aug 2020 10:08:28 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634508; cv=none; d=google.com; s=arc-20160816; b=PLjW18XeF4aX0IUMrlihYXoyyNsw/Q9Pw4aV8SCEd6NEURtxFdmdA4mPvOFSip01P/ 2EZIYb3FNFWuRis4467d+BwsKNvPpQzm2ouqPTccsNAxx5aGk37TO867MNTipmUWZx5Y DJmHVracZxdC1heE17ecY3lOcSl3UzLRmxFnajBQgXAAcxq6vOU4BTiXHjeB4zVSBOm/ aLcUeyHYaUOb56qmdUqjWieIeK+R5dm6pmqDmso18qn75YySFCcUzx4p8n7anYerX+Bp /+Qz5E2wB8nq356tvpdoDL4LvvIwHoDHEvbUj4Zg2RYDh0q4AegRgkPAVKcun9b3xatc D5Uw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=wEV17rZmMR8y2jWB0P03z7kRKY9rZOV1AhqaaonsRM4qBUtmCBtUBmzMu22WGhmbPq Rhgmmqwm3eDgX+O2ByxlFNX3ZM1u3LOwkdYwbJjbwtOXCfOB/JEbqfZ8Ao68cKmLUmtk XuUQ/qzAaU24Kb8jagxBbdBHoLML/lwUE0IDfltANRlLN1rN+QVBcUhPiAbfsWxEsulM Qe4BLAr1hLY3E98TIy0NSmggn4/qMMvvsgIjaibWdH2WispWmyMqF7KuHZxNFdR+EQxl ciI6l/6KZEt8jBg55bQG3jJyYOdpKMRAf/DLl5ERFHg4MXHmQT4yWUGchSTGIHIWKLMf ed/g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XGB1X0i4; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id o187si1533604ybb.475.2020.08.28.10.08.28 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:08:28 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=XGB1X0i4; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:46136 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhrX-0001gf-Sp for patch@linaro.org; Fri, 28 Aug 2020 13:08:27 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36748) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhor-0003tC-LR for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:41 -0400 Received: from mail-pl1-x641.google.com ([2607:f8b0:4864:20::641]:42911) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhop-000352-S7 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:41 -0400 Received: by mail-pl1-x641.google.com with SMTP id j11so777767plk.9 for ; Fri, 28 Aug 2020 10:05:39 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=XGB1X0i4my0zdUr1MHPPBWyF2ZTOZnn4l3AVeNVWvJtE+U5PCV0agP/aAFq1devQg/ clDiH/N4yVYZJ5w62/z/QtZF01caGviCKeyVJkLYEmrqcKyD56R77e7IhxgZuFj8xJr/ TSw3d/XPCZUimt90B8aajrTR+GX/NRMV4m1Wb5+4ADcep8boy7XAE+/FNMREdp2CLJpA aGRL8Z4U0EhGB29p38YHfyKAYj2mUAoAFgNmmudM9E4yEtg3IqH0ws0LQnaJovvYUZfG jLNek2vUtXt9j/TNeJdvR+jfdlXmp2BL1+bhKIZ5TsUCPejLAFiBCd3N4DWvcQ/Oi0Mz jBRw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=TqzPE+AsczeJFR52P3swxprxnAZO/kZ1snURQdlagJA=; b=qJTmCDN7sWhpl7iQEn6ocftnB576UyOcstEyMgr9lnM9JWqRVHK5Ly01jxDwjRN9iD ZBE67iRq7jLi4DTDXIghAOaE1kn+cPu1FfwKQOR1GFDoV3eCOP/8qMWuG6FgwqRChqA3 eQz2prySfG9dThzVfoyK3zGQBJeSOOiG8OUjFq235pSXOmaq3JqttHWv38MDdKDP9Sb3 zWi6+Srk44iZjoroXkq/qow1T80oTb+KVuzKi7NAXu/cPjhHUb2huSRZyXH/XSl7ff8e UaXBwUdygmdwrv5nsY8VJrIY2PFryvOb85jB4LQaA7WHMIMEtlVsHMlc84G9wtAnT4vV assQ== X-Gm-Message-State: AOAM5316qLItp5HG4hqG551hyzsWrudomr3Aod7nwx883bVAd7m95of6 hREzEGIIHKpRCK47A3mZfX5651XbygMmGA== X-Received: by 2002:a17:902:7582:: with SMTP id j2mr2203287pll.322.1598634338106; Fri, 28 Aug 2020 10:05:38 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:37 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 10/16] crypto/builtin: Remove odd-sized AES block handling Date: Fri, 28 Aug 2020 10:05:17 -0700 Message-Id: <20200828170523.418603-11-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::641; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x641.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" We verified that the data block is properly sized modulo AES_BLOCK_SIZE within qcrypto_builtin_cipher_{en,de}crypt. Therefore we will never have to handle odd sized blocks. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 40 +++++++++++-------------------------- 1 file changed, 12 insertions(+), 28 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 1444139f36..e2ae5d090c 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -80,21 +80,13 @@ static void qcrypto_cipher_aes_ecb_encrypt(const AES_KEY *key, { const uint8_t *inptr = in; uint8_t *outptr = out; + + /* We have already verified that len % AES_BLOCK_SIZE == 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_encrypt(inptr, outptr, key); - inptr += AES_BLOCK_SIZE; - outptr += AES_BLOCK_SIZE; - len -= AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_encrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len = 0; - } + AES_encrypt(inptr, outptr, key); + inptr += AES_BLOCK_SIZE; + outptr += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; } } @@ -106,21 +98,13 @@ static void qcrypto_cipher_aes_ecb_decrypt(const AES_KEY *key, { const uint8_t *inptr = in; uint8_t *outptr = out; + + /* We have already verified that len % AES_BLOCK_SIZE == 0. */ while (len) { - if (len > AES_BLOCK_SIZE) { - AES_decrypt(inptr, outptr, key); - inptr += AES_BLOCK_SIZE; - outptr += AES_BLOCK_SIZE; - len -= AES_BLOCK_SIZE; - } else { - uint8_t tmp1[AES_BLOCK_SIZE], tmp2[AES_BLOCK_SIZE]; - memcpy(tmp1, inptr, len); - /* Fill with 0 to avoid valgrind uninitialized reads */ - memset(tmp1 + len, 0, sizeof(tmp1) - len); - AES_decrypt(tmp1, tmp2, key); - memcpy(outptr, tmp2, len); - len = 0; - } + AES_decrypt(inptr, outptr, key); + inptr += AES_BLOCK_SIZE; + outptr += AES_BLOCK_SIZE; + len -= AES_BLOCK_SIZE; } } From patchwork Fri Aug 28 17:05:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248603 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1260340ilg; Fri, 28 Aug 2020 10:10:04 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxFrEg1QeyasqzhA/jrZ7b1UJEMDJPJby79+QohUYdGB8QuILrNfLRINUZvQgcWBpEidO0C X-Received: by 2002:a25:a363:: with SMTP id d90mr3817272ybi.23.1598634604243; Fri, 28 Aug 2020 10:10:04 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634604; cv=none; d=google.com; s=arc-20160816; b=Udxs+jTjIk3xEZfBld9dZDjPUtVHfGv31eL3kuRN+Kg6kHrOmQTDcnfqtEpI+P4Fx7 BQNv7AWBknK7Vq1hbvlGGuoHPEqjv2K6Hr172La1MG0leuBJ8b0V6n8QihqP7JttkpVM coUsPrLiv+1Qed5o7mUvMAqu27MHGw7x4cq02h+epfrE+VEZC23m7JkfXJ3dtvJIOci6 0nP9HOwq1p/qK99qK0RlSkoi77r+FfYiYwGJHDI0pvU8rGf5IspQMEIp4LOxwl66pks3 9FbTW52oVA6NCEdkdmN7Zpk0dUF9MM2jSTslk9RWx3XIW/BzqV4Mp9nj2KWkMKHAS4DV O5EA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=wGYV9m89NsHpH5/7oLEkGIKERDb92oLazNt87EmkTXwddOOveA79YOyqMrllKNEFbc jqUPHc3QSIBof+7v8gsR3EwFCGSDOkF8LwfCzw59KQPxLkRwnKWrgHHyeugNuiYgFcr8 qGgySQoL+2x8mG+OXRoJBXnVpDVDvNYIp9RDINOnv0Gn62bw5jT+Bwdr3AjQS6z1VrP2 vfta4Vp6hi9NVhVzdmx9z5m3n8QdlGpd6ZFedcyk1+PAF41720nihqBxQ/fJTxcYyYtC vvuHvyORag4pvVrRNZ8ZQsKq2osjs6oBQh40ci3f2DrC6mY8rY51Y027RjVQuHrWWwV/ efxQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=roMHS2o+; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id j142si1493844ybj.379.2020.08.28.10.10.04 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:10:04 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=roMHS2o+; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:54166 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBht5-0004vI-Mv for patch@linaro.org; Fri, 28 Aug 2020 13:10:03 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36770) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhot-0003xN-4X for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:43 -0400 Received: from mail-pj1-x1042.google.com ([2607:f8b0:4864:20::1042]:53854) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhor-00036E-96 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:42 -0400 Received: by mail-pj1-x1042.google.com with SMTP id nv17so23386pjb.3 for ; Fri, 28 Aug 2020 10:05:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=roMHS2o+qL8y8fbaQz7gA08dLUtzfxbTpBShd8UzaAfxUM5gRXDrYd/FVT68VjffzY XE9t5PHoHhdoKUBitXa5NNiIaTHqn0sbObZ+8jKtakPXq2Ijj/+1dnZgATZ/8hjW7o/6 5uGa1wG23vHd32mgJNvkrz5TpxP14QSxixP5t700uK8XOUjOYk07oXvHQpk875E9nzxS hC6TYckscanY3NiLIQmMKJPy0CjziMuQQRavjGcQMUOf8Ro6o2g8oEVeiR5NQ1nrbwzy LmyTUvFZRy+7wOoPeopoN2aKVIDJkppffdLAxm718Nq9S2ExgfUPZJoa2ig4StaVyWgK qhMg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Z0jSasqYMa/kYWQRBUn0M5RkDRX5OspYiVQvjoGRm10=; b=lqe/R3JwdNQnedav1BUy0y6p37Sw+iIl4Jf/UysSME3r8nB55PC9lbApJnrA27HhKS cmRPWGtSSIeKID9IoJW1lLLBl9/i+xVeQ/gDCLPaxNlZBw/NT7WEIkuuYQ2SdiJ4vhVd P6pTR0nCjGBjdO0TMOgFNrMCpCCvJKUCsIjPfIVInYWSKi0PolnAwb7k6SGVbS6ktzWs GsYh0QNHaeJ4U3Qr2iPv+7aIGEKDkvQXUFtvs/pHYE7TxyhHIaew1s4rNzjBacdHODx7 nHmFa2Q6cPac8U7q/l+Hm/MChcNOly5juE+bmGcoUlSyhSrOZd9L0kbTRfmTQeesU4pi XCIQ== X-Gm-Message-State: AOAM531eOHqTTHeLSWiw8TrcmpYZdJNppwYPI07Hyh9t0vszt+LT4+mQ mM4jPuzSAv/zN1cBYdmxsyj5gIc9rv2ECw== X-Received: by 2002:a17:90a:858a:: with SMTP id m10mr47912pjn.185.1598634339389; Fri, 28 Aug 2020 10:05:39 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.38 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:38 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 11/16] crypto/builtin: Merge qcrypto_cipher_aes_{ecb, xts}_{en, de}crypt Date: Fri, 28 Aug 2020 10:05:18 -0700 Message-Id: <20200828170523.418603-12-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1042; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1042.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" There's no real reason we need two separate helper functions here. Standardize on the function signature required for xts_encrypt. Rename to do_aes_{en,de}crypt_ecb, since the helper does not itself do anything with respect to xts. Reviewed-by: Daniel P. Berrangé Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 73 +++++++++++-------------------------- 1 file changed, 22 insertions(+), 51 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index e2ae5d090c..8e21f2673f 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -72,65 +72,38 @@ static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) g_free(cipher); } - -static void qcrypto_cipher_aes_ecb_encrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_encrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr = in; - uint8_t *outptr = out; + const QCryptoCipherBuiltinAESContext *ctx = vctx; /* We have already verified that len % AES_BLOCK_SIZE == 0. */ while (len) { - AES_encrypt(inptr, outptr, key); - inptr += AES_BLOCK_SIZE; - outptr += AES_BLOCK_SIZE; + AES_encrypt(in, out, &ctx->enc); + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; len -= AES_BLOCK_SIZE; } } - -static void qcrypto_cipher_aes_ecb_decrypt(const AES_KEY *key, - const void *in, - void *out, - size_t len) +static void do_aes_decrypt_ecb(const void *vctx, + size_t len, + uint8_t *out, + const uint8_t *in) { - const uint8_t *inptr = in; - uint8_t *outptr = out; + const QCryptoCipherBuiltinAESContext *ctx = vctx; /* We have already verified that len % AES_BLOCK_SIZE == 0. */ while (len) { - AES_decrypt(inptr, outptr, key); - inptr += AES_BLOCK_SIZE; - outptr += AES_BLOCK_SIZE; + AES_decrypt(in, out, &ctx->dec); + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; len -= AES_BLOCK_SIZE; } } - -static void qcrypto_cipher_aes_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx = ctx; - - qcrypto_cipher_aes_ecb_encrypt(&aesctx->enc, src, dst, length); -} - - -static void qcrypto_cipher_aes_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - const QCryptoCipherBuiltinAESContext *aesctx = ctx; - - qcrypto_cipher_aes_ecb_decrypt(&aesctx->dec, src, dst, length); -} - - static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, @@ -142,8 +115,7 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_encrypt(&ctxt->state.aes.key.enc, - in, out, len); + do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -153,8 +125,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; @@ -177,8 +149,7 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, switch (cipher->mode) { case QCRYPTO_CIPHER_MODE_ECB: - qcrypto_cipher_aes_ecb_decrypt(&ctxt->state.aes.key.dec, - in, out, len); + do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: AES_cbc_encrypt(in, out, len, @@ -188,8 +159,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, &ctxt->state.aes.key_tweak, - qcrypto_cipher_aes_xts_encrypt, - qcrypto_cipher_aes_xts_decrypt, + do_aes_encrypt_ecb, + do_aes_decrypt_ecb, ctxt->state.aes.iv, len, out, in); break; From patchwork Fri Aug 28 17:05:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248606 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1262997ilg; Fri, 28 Aug 2020 10:13:14 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyuRoGUT1b4P0caObpHnX+Uu4c5ajNuNEJrnGhn0pLyiumNTbVa+52IkRjeQN8pC4MV2/sH X-Received: by 2002:a25:8491:: with SMTP id v17mr3930204ybk.227.1598634794429; Fri, 28 Aug 2020 10:13:14 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634794; cv=none; d=google.com; s=arc-20160816; b=MZnfaDHzSNzSg7c+vVBBJ/k7szngDZ1nfYu4UGYwX9AcRKVUaF6p+yBPjnuLhtJ2Is N3iAMCBsO/gtT4YwFIHI4N/jgCGx7FGquuvtkaSvt8dYgKOtq3SaURk+uSxJb4Vs3jKE 7e1u+lLjvZaPvLd9LAek8qH+5s5/RnL6a0rebi2y9QhO/+uUfA8Wso1heQdW3492DnAc Dr3jh7Z0VAsXXuH4Z5yu8v6A3hjLKUkn31S5xqlsmg4XPDb3LbcgiHT+/pFTP/hgUaTE KFP4zI2oQOa47bn8+jIcFnTXtVLVwzpqTeKJAb5E1hqd0d2+Y8dAanlquiinz0ibLmXW Jg7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=T6cE9hsTQOQxECsSXNhHcwC5SQVDrbrZ/h1SsNo2LfyX9clPDyP/MZfVyIQom5Ri1Q dJOaN38KlDMHvOoUBC2AkHWRMA6Hvr/wkLPbyY5cFn73tbOwsW6jMRePp8kxKX5S3gSw ZV66qfVr9DlVAYYeVRgEmRKpPEpJIj3HHGXA+tLaeaCgNRtVtPxmEp7Ib2LP7OG+7yFp LIeDVU/ojrWs5cUvWmxZxBOtIRacWYa6bMgS8i5y4+Ad4bRmd0/rzd9riDVA81bGRrz/ LIkXBcEgCS9U+Z5zM9XVrxh5GIrNZ9cgQ3GodhRsFknnLEPKPZ/1wn/eapdSoHzrJOF9 06jg== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Amz+3ytM; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id 5si1536486ybu.1.2020.08.28.10.13.14 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:13:14 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=Amz+3ytM; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:37310 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhw9-00018s-UI for patch@linaro.org; Fri, 28 Aug 2020 13:13:13 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36790) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhou-00041Z-O4 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:44 -0400 Received: from mail-pf1-x42d.google.com ([2607:f8b0:4864:20::42d]:40480) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhos-000370-Gz for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:44 -0400 Received: by mail-pf1-x42d.google.com with SMTP id c142so873777pfb.7 for ; Fri, 28 Aug 2020 10:05:42 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=Amz+3ytMmbpQhWupxfLouxMaZDgJQDIS6kmT8arZH33roOHAHvFzmpunSQiHXyipbr q9hTxtpM89RMO7CLm0a5c03RZpQhaoGI7hpdRfXTQSFk34r9QD6mGO+oIa4F4JcJkQge AyrAYniTVAjMhKTffJAnw33mZTsFERaxkRcVwR+Ttm2nEtKR9TLpp/PbLjaD63isONDY nyiJWGqWlLSuuQ4xBeVaHDMDG7UDfr/eq4LIGt9wnVAEjKD+dCcUrKdXY7VvjbR6XSBE VeB5sQtwJejV7zN4PyksWPN9KnP+DuSv1vHKcSwHtOY2l5FuOPiP2clBGz7wjhlW8sSh Ataw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=9pef8gAf1wsVL1CMsBcENDnjN1Fz2AwxX3zrLli9AqA=; b=ARIO0a6EwDcBTkne7Jmflsd3+Cpfn7t2tmBVShR1oDZxxRoH0vCT8oO3h6uysO7F+j EO1PGMjom+qDWS1NACkEJ6MyIROFyRwWPQ3RaRW4QpVLL7y1+tiuD/mjhZaCFbqEVDA0 IzR7nUeJeWsxdwv2PmIx2NGtDe6oM083Px5omADrOXEY6cOw1YwTTOvuQbxVPF1kvatX 3Q4b+vynfUM15ssGjVjxe5H3EVA0yoY71YzdXwHFBtp5gM5NrOUb+1XIX49bssbF84W+ Lrijtpt+z2K+yUX+mCLJTTkk9+XjWdv0hsCVQaKxvAVuImcuIRcYjThjdG8k1ZTHHmNa Q1HA== X-Gm-Message-State: AOAM5309gB5Z5+RlTJwkkbY0Ay7A2fgqtnBgcNEzt5dHuafAVoeKzvSs YpleQ+z8LRM2YBmOSUSDvH1zXYF+pqwasQ== X-Received: by 2002:a63:d918:: with SMTP id r24mr1736363pgg.158.1598634340748; Fri, 28 Aug 2020 10:05:40 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:39 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 12/16] crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.c Date: Fri, 28 Aug 2020 10:05:19 -0700 Message-Id: <20200828170523.418603-13-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::42d; envelope-from=richard.henderson@linaro.org; helo=mail-pf1-x42d.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" By making the function private, we will be able to make further simplifications. Re-indent the migrated code and fix the missing braces for CODING_STYLE. Reviewed-by: Daniel P. Berrangé Reviewed-by: Philippe Mathieu-Daudé Signed-off-by: Richard Henderson --- include/crypto/aes.h | 4 --- crypto/aes.c | 51 --------------------------------- crypto/cipher-builtin.c.inc | 56 +++++++++++++++++++++++++++++++++++++ 3 files changed, 56 insertions(+), 55 deletions(-) -- 2.25.1 diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 12fb321b89..ba297d6a73 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -16,7 +16,6 @@ typedef struct aes_key_st AES_KEY; #define AES_set_decrypt_key QEMU_AES_set_decrypt_key #define AES_encrypt QEMU_AES_encrypt #define AES_decrypt QEMU_AES_decrypt -#define AES_cbc_encrypt QEMU_AES_cbc_encrypt int AES_set_encrypt_key(const unsigned char *userKey, const int bits, AES_KEY *key); @@ -27,9 +26,6 @@ void AES_encrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); void AES_decrypt(const unsigned char *in, unsigned char *out, const AES_KEY *key); -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc); extern const uint8_t AES_sbox[256]; extern const uint8_t AES_isbox[256]; diff --git a/crypto/aes.c b/crypto/aes.c index 0f6a195af8..159800df65 100644 --- a/crypto/aes.c +++ b/crypto/aes.c @@ -1599,54 +1599,3 @@ void AES_decrypt(const unsigned char *in, unsigned char *out, } #endif /* AES_ASM */ - -void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) -{ - - unsigned long n; - unsigned long len = length; - unsigned char tmp[AES_BLOCK_SIZE]; - - assert(in && out && key && ivec); - - if (enc) { - while (len >= AES_BLOCK_SIZE) { - for(n=0; n < AES_BLOCK_SIZE; ++n) - tmp[n] = in[n] ^ ivec[n]; - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - for(n=0; n < len; ++n) - tmp[n] = in[n] ^ ivec[n]; - for(n=len; n < AES_BLOCK_SIZE; ++n) - tmp[n] = ivec[n]; - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >= AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for(n=0; n < AES_BLOCK_SIZE; ++n) - out[n] ^= ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for(n=0; n < len; ++n) - out[n] = tmp[n] ^ ivec[n]; - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } -} diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 8e21f2673f..61baad265a 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,6 +104,62 @@ static void do_aes_decrypt_ecb(const void *vctx, } } +static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, + const unsigned long length, const AES_KEY *key, + unsigned char *ivec, const int enc) +{ + unsigned long n; + unsigned long len = length; + unsigned char tmp[AES_BLOCK_SIZE]; + + assert(in && out && key && ivec); + + if (enc) { + while (len >= AES_BLOCK_SIZE) { + for (n = 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] = in[n] ^ ivec[n]; + } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + if (len) { + for (n = 0; n < len; ++n) { + tmp[n] = in[n] ^ ivec[n]; + } + for (n = len; n < AES_BLOCK_SIZE; ++n) { + tmp[n] = ivec[n]; + } + AES_encrypt(tmp, tmp, key); + memcpy(out, tmp, AES_BLOCK_SIZE); + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } else { + while (len >= AES_BLOCK_SIZE) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n = 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^= ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + if (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(tmp, tmp, key); + for (n = 0; n < len; ++n) { + out[n] = tmp[n] ^ ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + } + } +} + + static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, void *out, From patchwork Fri Aug 28 17:05:20 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248601 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1259931ilg; Fri, 28 Aug 2020 10:09:35 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwyMIVt4qD6Oba5LN67PMSq0oxXfvF2I8B2StLlpgnOv/8TSB9SpBGE1K14l2DPaqap2Zzg X-Received: by 2002:a25:843:: with SMTP id 64mr3613948ybi.311.1598634575106; Fri, 28 Aug 2020 10:09:35 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634575; cv=none; d=google.com; s=arc-20160816; b=rocD+lG02zm7mFb/4AiTGBN8GjbMBKFmQOgEhtc1nf76pTYUIgG4JMB3H5hNLOIJ7n vKV+r7TAApHtUmvqQUmkjrcn/2nKzKCJmfT5hwG2bukmTcjzNDxigD9XXnOrngyKU1fA w4HpgWnQDjH495fraWi76WMnbajWjb1CeBHqVVQ/uALM+DzdEDQYpw8+UtjiJg8a0Fc1 izHKrT4I1vN21TluYqQ8VInH4UZ+hXHM/3IvAPJROpul875VvdIdo/4vp2o+Aif/Tj8l kpSrmP90DBA5+NhEynTMp1vQ9c6bon4U0BWMyYtz3nJZ4ZoJwvi3XKK/DZZhZ3QB4HpF huBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=R4j5eYLrBvpwE8HvTtG9qLUUSCqLl1fWBckoBJEKGgc3/o3kJU9aPPRmADrH1M82le j+WYRhBLhiCvncJ+x9jY7bbyJmSLyHAgoaVbgsnyMdylsKtiUDwfbyfisVs9TxDKUEGp iNz4Aw2ryJSt3pSETlYIflYiAKJaNSkkUjUNACi3AyisaolV+/N67Zht38pCjoI5Zmhk Eu4NNCB7lRRzKPWVtgh5yOLETOG4DlzHndp8Y2OccPraktiIIumMxKSWGx/ZrObGrD9Q ET/kb/+oOIbUcdWAjBjbIR5VWHEQE9n8HxvPvQIgEo/lk1t/jEDG7vB8mC8xjPPnMxTZ vYwg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=s8U035LO; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id w2si1611585ybe.261.2020.08.28.10.09.35 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:09:35 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=s8U035LO; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:49646 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhsc-00036i-JJ for patch@linaro.org; Fri, 28 Aug 2020 13:09:34 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36798) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhov-000446-Kv for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:45 -0400 Received: from mail-pj1-x1041.google.com ([2607:f8b0:4864:20::1041]:35125) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhot-00037K-NB for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:45 -0400 Received: by mail-pj1-x1041.google.com with SMTP id g6so31868pjl.0 for ; Fri, 28 Aug 2020 10:05:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=s8U035LOyXRw5MhJdmmyVpJUu5OJ6CULXwcL6utmvGyD2v3+TJ3m4LzOthcQPqBKV6 uV4rD08GqEZGISDJ3kD+4pgCYgLsEEGDcLq9lA77GGjxc0QnH3v4a2QcmObP3ab6EboH NvA4n5YOgtzNZfGvNrkrKWqTO28CAbcoJ3tlu7GlfgLvxYlZjqRsWAjubjTwxQuUr9v9 frRpJaWXIByrBQyup4RM3ic/0Y+aXcOJTRzm+I7mFI9sDm5Iz0pWWhnJvQkKTf1Ny4BM GZUxRe2vJ/j6JJ7WDE0+PesI3Z8mx3N6AujoF8zqw395cNVZTtjrWJ4ptiemRgcmwSq+ e9Og== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=R08qzgHyL/bf1N6eFfMci3b2adBB+mTS2SLfm7s3DVE=; b=QNNRJ4CQMo85T9jsnRHCUkbVI0C77ft+AWZiURf/s2yLJyGQiyxohRWO2m6HatM/W0 X3yAqevC0iVxhP/j+GRk+ftXh/t0drLrBOWV/S85OvX0wsVfEVKkm11ZnkkUIQlsaxQr sTCAuhRQufRTc8986vzOseHznmN+79e4aNxg1acWZxrcj5dnbSUVacoQhQu4cEaWX/4i yoYtIb/Jg3FCThtfNvMCn80NoHbxcy4IfgUEJGhAPgWAUoMJLTy/jhC7QXu7vGqVrhAz SwKxH2eiNWdMV76pDSIrPsMBF78xqVDlTuBDp5vIz7hkvEfudEsphGyFOmFR3tp8403J YheA== X-Gm-Message-State: AOAM531swGGAshhYEsUyMlNdQc2Ug3pY+GejiXuQpkoV+nucIARqdpqN CX+6/5ZuvrSVKNuPKMadx4Z2jPWuSFuq4g== X-Received: by 2002:a17:90a:9915:: with SMTP id b21mr58544pjp.109.1598634341917; Fri, 28 Aug 2020 10:05:41 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:41 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 13/16] crypto/builtin: Split and simplify AES_encrypt_cbc Date: Fri, 28 Aug 2020 10:05:20 -0700 Message-Id: <20200828170523.418603-14-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::1041; envelope-from=richard.henderson@linaro.org; helo=mail-pj1-x1041.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Split into encrypt/decrypt functions, dropping the "enc" argument. Now that the function is private to this file, we know that "len" is a multiple of AES_BLOCK_SIZE. So drop the odd block size code. Name the functions do_aes_*crypt_cbc to match the *_ecb functions. Reorder and re-type the arguments to match as well. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 97 ++++++++++++++++--------------------- 1 file changed, 42 insertions(+), 55 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index 61baad265a..b1fe3b08c3 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -104,61 +104,50 @@ static void do_aes_decrypt_ecb(const void *vctx, } } -static void AES_cbc_encrypt(const unsigned char *in, unsigned char *out, - const unsigned long length, const AES_KEY *key, - unsigned char *ivec, const int enc) +static void do_aes_encrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) { - unsigned long n; - unsigned long len = length; - unsigned char tmp[AES_BLOCK_SIZE]; + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; - assert(in && out && key && ivec); - - if (enc) { - while (len >= AES_BLOCK_SIZE) { - for (n = 0; n < AES_BLOCK_SIZE; ++n) { - tmp[n] = in[n] ^ ivec[n]; - } - AES_encrypt(tmp, out, key); - memcpy(ivec, out, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - for (n = 0; n < len; ++n) { - tmp[n] = in[n] ^ ivec[n]; - } - for (n = len; n < AES_BLOCK_SIZE; ++n) { - tmp[n] = ivec[n]; - } - AES_encrypt(tmp, tmp, key); - memcpy(out, tmp, AES_BLOCK_SIZE); - memcpy(ivec, tmp, AES_BLOCK_SIZE); - } - } else { - while (len >= AES_BLOCK_SIZE) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(in, out, key); - for (n = 0; n < AES_BLOCK_SIZE; ++n) { - out[n] ^= ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); - len -= AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; - out += AES_BLOCK_SIZE; - } - if (len) { - memcpy(tmp, in, AES_BLOCK_SIZE); - AES_decrypt(tmp, tmp, key); - for (n = 0; n < len; ++n) { - out[n] = tmp[n] ^ ivec[n]; - } - memcpy(ivec, tmp, AES_BLOCK_SIZE); + /* We have already verified that len % AES_BLOCK_SIZE == 0. */ + while (len) { + for (n = 0; n < AES_BLOCK_SIZE; ++n) { + tmp[n] = in[n] ^ ivec[n]; } + AES_encrypt(tmp, out, key); + memcpy(ivec, out, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; } } +static void do_aes_decrypt_cbc(const AES_KEY *key, + size_t len, + uint8_t *out, + const uint8_t *in, + uint8_t *ivec) +{ + uint8_t tmp[AES_BLOCK_SIZE]; + size_t n; + + /* We have already verified that len % AES_BLOCK_SIZE == 0. */ + while (len) { + memcpy(tmp, in, AES_BLOCK_SIZE); + AES_decrypt(in, out, key); + for (n = 0; n < AES_BLOCK_SIZE; ++n) { + out[n] ^= ivec[n]; + } + memcpy(ivec, tmp, AES_BLOCK_SIZE); + len -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } +} static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, const void *in, @@ -174,9 +163,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.enc, - ctxt->state.aes.iv, 1); + do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_encrypt(&ctxt->state.aes.key, @@ -208,9 +196,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); break; case QCRYPTO_CIPHER_MODE_CBC: - AES_cbc_encrypt(in, out, len, - &ctxt->state.aes.key.dec, - ctxt->state.aes.iv, 0); + do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, + ctxt->state.aes.iv); break; case QCRYPTO_CIPHER_MODE_XTS: xts_decrypt(&ctxt->state.aes.key, From patchwork Fri Aug 28 17:05:21 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248607 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1263815ilg; Fri, 28 Aug 2020 10:14:17 -0700 (PDT) X-Google-Smtp-Source: ABdhPJziWqn9gdi7arSZ8DdFFW1Emub7MUdQxQj5x/jRRgRjAaEmBJ36/tWSZYXqBf9yddUjE40r X-Received: by 2002:a25:e80e:: with SMTP id k14mr4289158ybd.16.1598634857768; Fri, 28 Aug 2020 10:14:17 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634857; cv=none; d=google.com; s=arc-20160816; b=WSChcJRN1gyS+AFvyXKlv8Vp7ZBh/1uxHw/dvo0uF0/K5cbiCRhotb72XSKFNT7RAL 46Qmzr3AvxHk4lBmeRpHiJMVHYB8DIKoan9aZdu5duCYhI2v8D/etCnJ3t7X00t1ISvT pJtfew1I5EzjCDfN51JrImoZZajw+URLh++np70XhFHtdSJ084RSHzXL+A/O3jv+8RtA wwmbQNMTarLIYzcLRGw+hQS3M0uyoc+pD5WCIDxpp1oZ3vNmyNoXN4bpsmZp2jdHM6Dx qrDzhWKE2WraRT49vcc49O0mpSmydVjPHbIoa+UOTKWPWIkLdKtQNKhDm1v6cPo5Im0H B2RA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=Dtwv1QbLs27grntmTqQxl1g2skw0rJEXCORWYfrkvP36fCRn0cJ+JTb8OS5gjOPxn1 xfOvE1JO+TldgNqRbnCcPzJhD/4HZEPEwN4Vl4dJmH01vOD7m7znBe4fcB/NcNttJcjX 9QbcoKBsJbaNqoZ5XZ2e55SyEyUXF1STWI74faGHjF3PcxjgibZBHX46Dk6assfRtAcJ cwXUHW3mwXExOsq+ZLs8nG9ltJFhF5+gn0tkZxGGfgQ1kFV96wOGXal4HByekewGGMy5 GcW6EFyjB4iZN9eosmM48X7k0K8NggxYAv6oHL8ozqxTZZEvk2XyD4KRujapRDwzCMjZ rp+g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YFmJ9d3O; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id y184si1519182ybe.462.2020.08.28.10.14.17 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:14:17 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=YFmJ9d3O; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:39400 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhxB-0001zf-7X for patch@linaro.org; Fri, 28 Aug 2020 13:14:17 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36812) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhoy-0004BE-86 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:48 -0400 Received: from mail-pg1-x541.google.com ([2607:f8b0:4864:20::541]:38507) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhov-00037h-Am for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:47 -0400 Received: by mail-pg1-x541.google.com with SMTP id l191so726671pgd.5 for ; Fri, 28 Aug 2020 10:05:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=YFmJ9d3OgroK6Ny6cfaLP8wiyoth7bqdAsSzLV3XkCu2YyENWfkucoQ0eF2MP1Cty7 1M433djHO9LIZ02eqkLDc3Ds/i9VFKFc6HGU/Zoa2VYe3lHCzzTYlMs3+jIyNKThKZI0 VimkgGxchCT7uhp/sYmEzTxiWz736ZsuTLVSGUXnEVHG6nb7BsXQPwbuRangmGXvla/F pAhud6mpKpD78JLXOlI+GKcXVMTgZabxBIgfVJ+62Sbo28ii9+T4oPECBoT5ti6kYXRW ReEqJ9d2ypE8z3nLUuXWISy7d1SGTfSvyM2+PoF+puc9h0y+xms2mdfx1niyvTRnK+I7 alCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=FR45Jmu7pDl6+w746CfwtO3ng3AYVxpqMSpdoIpEjXY=; b=F6sDZ1s5quxOvZk+myRZ9I1JHfD1ALo/fBFZ1NvjkVdN5g+BISbl+iLVj5FiAWYj6s DPpp5IFtoMUhjsF+V9qc7KYSvyXWHAJeG6VXtF1RCqN+TMqQRuMKkDc5LVVkTVAF+sFb /ImI0dHRjsSoYQaADA7jH7qzyqPB/JVg4g/csoggyILwjGOUqo2QiyCi8WAn/9IEFmuZ iTqv4PW+slnr65YqCaWxiPw+jea3JJ20XDF/9golIK+Xx6VTxa2XDhhO/AKKoDKQTG+V tdyHW5vy5a2HbpSeUguo771RdTteHxcRhlheL7u83fskQyi1lxLLXT4edbhVWhkipFY3 T7OA== X-Gm-Message-State: AOAM530MveeM5MAzP7+bSBqWt/eveonxn271oXRCqAdXo6sPC7QS+sqo i0CpY4nSnR6YXM6MYcvDauI+2+evl8tsUQ== X-Received: by 2002:a63:c904:: with SMTP id o4mr1623914pgg.99.1598634343255; Fri, 28 Aug 2020 10:05:43 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.42 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:42 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 14/16] crypto/builtin: Split QCryptoCipherBuiltin into subclasses Date: Fri, 28 Aug 2020 10:05:21 -0700 Message-Id: <20200828170523.418603-15-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::541; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x541.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" We had a second set of function pointers in QCryptoCipherBuiltin, which are redundant with QCryptoCipherDriver. Split the AES and DES implementations to avoid one level of indirection. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-builtin.c.inc | 553 +++++++++++++++--------------------- 1 file changed, 227 insertions(+), 326 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-builtin.c.inc b/crypto/cipher-builtin.c.inc index b1fe3b08c3..7597cf4a10 100644 --- a/crypto/cipher-builtin.c.inc +++ b/crypto/cipher-builtin.c.inc @@ -22,56 +22,45 @@ #include "crypto/desrfb.h" #include "crypto/xts.h" -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESContext; struct QCryptoCipherBuiltinAESContext { AES_KEY enc; AES_KEY dec; }; + typedef struct QCryptoCipherBuiltinAES QCryptoCipherBuiltinAES; struct QCryptoCipherBuiltinAES { + QCryptoCipher base; QCryptoCipherBuiltinAESContext key; QCryptoCipherBuiltinAESContext key_tweak; uint8_t iv[AES_BLOCK_SIZE]; }; -typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; -struct QCryptoCipherBuiltinDESRFB { - uint8_t *key; - size_t nkey; -}; - -typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin; -struct QCryptoCipherBuiltin { - QCryptoCipher base; - - union { - QCryptoCipherBuiltinAES aes; - QCryptoCipherBuiltinDESRFB desrfb; - } state; - size_t blocksize; - void (*free)(QCryptoCipher *cipher); - int (*setiv)(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp); - int (*encrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); - int (*decrypt)(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp); -}; -static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) +{ + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; +} + +static void qcrypto_cipher_ctx_free(QCryptoCipher *cipher) { g_free(cipher); } +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + error_setg(errp, "Setting IV is not supported"); + return -1; +} + static void do_aes_encrypt_ecb(const void *vctx, size_t len, uint8_t *out, @@ -149,77 +138,100 @@ static void do_aes_decrypt_cbc(const AES_KEY *key, } } -static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_encrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_encrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_encrypt_cbc(&ctxt->state.aes.key.enc, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_encrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; } + do_aes_encrypt_ecb(&ctx->key, len, out, in); + return 0; +} +static int qcrypto_cipher_aes_decrypt_ecb(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_decrypt_ecb(&ctx->key, len, out, in); + return 0; +} + +static int qcrypto_cipher_aes_encrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_encrypt_cbc(&ctx->key.enc, len, out, in, ctx->iv); + return 0; +} + +static int qcrypto_cipher_aes_decrypt_cbc(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + do_aes_decrypt_cbc(&ctx->key.dec, len, out, in, ctx->iv); + return 0; +} + +static int qcrypto_cipher_aes_encrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + xts_encrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_cipher_aes_decrypt_xts(QCryptoCipher *cipher, + const void *in, void *out, + size_t len, Error **errp) +{ + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); + + if (!qcrypto_length_check(len, AES_BLOCK_SIZE, errp)) { + return -1; + } + xts_decrypt(&ctx->key, &ctx->key_tweak, + do_aes_encrypt_ecb, do_aes_decrypt_ecb, + ctx->iv, len, out, in); return 0; } -static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) +static int qcrypto_cipher_aes_setiv(QCryptoCipher *cipher, const uint8_t *iv, + size_t niv, Error **errp) { - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - do_aes_decrypt_ecb(&ctxt->state.aes.key, len, out, in); - break; - case QCRYPTO_CIPHER_MODE_CBC: - do_aes_decrypt_cbc(&ctxt->state.aes.key.dec, len, out, in, - ctxt->state.aes.iv); - break; - case QCRYPTO_CIPHER_MODE_XTS: - xts_decrypt(&ctxt->state.aes.key, - &ctxt->state.aes.key_tweak, - do_aes_encrypt_ecb, - do_aes_decrypt_ecb, - ctxt->state.aes.iv, - len, out, in); - break; - default: - g_assert_not_reached(); - } - - return 0; -} - -static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinAES *ctx + = container_of(cipher, QCryptoCipherBuiltinAES, base); if (niv != AES_BLOCK_SIZE) { error_setg(errp, "IV must be %d bytes not %zu", @@ -227,107 +239,53 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher, return -1; } - memcpy(ctxt->state.aes.iv, iv, AES_BLOCK_SIZE); - + memcpy(ctx->iv, iv, AES_BLOCK_SIZE); return 0; } +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_ecb = { + .cipher_encrypt = qcrypto_cipher_aes_encrypt_ecb, + .cipher_decrypt = qcrypto_cipher_aes_decrypt_ecb, + .cipher_setiv = qcrypto_cipher_no_setiv, + .cipher_free = qcrypto_cipher_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_cbc = { + .cipher_encrypt = qcrypto_cipher_aes_encrypt_cbc, + .cipher_decrypt = qcrypto_cipher_aes_decrypt_cbc, + .cipher_setiv = qcrypto_cipher_aes_setiv, + .cipher_free = qcrypto_cipher_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_cipher_aes_driver_xts = { + .cipher_encrypt = qcrypto_cipher_aes_encrypt_xts, + .cipher_decrypt = qcrypto_cipher_aes_decrypt_xts, + .cipher_setiv = qcrypto_cipher_aes_setiv, + .cipher_free = qcrypto_cipher_ctx_free, +}; +typedef struct QCryptoCipherBuiltinDESRFB QCryptoCipherBuiltinDESRFB; +struct QCryptoCipherBuiltinDESRFB { + QCryptoCipher base; -static QCryptoCipher * -qcrypto_cipher_init_aes(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt; - - if (mode != QCRYPTO_CIPHER_MODE_CBC && - mode != QCRYPTO_CIPHER_MODE_ECB && - mode != QCRYPTO_CIPHER_MODE_XTS) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - - ctxt = g_new0(QCryptoCipherBuiltin, 1); - - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - if (AES_set_encrypt_key(key, nkey * 4, &ctxt->state.aes.key.enc) != 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key, nkey * 4, &ctxt->state.aes.key.dec) != 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - - if (AES_set_encrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.enc) != 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key + (nkey / 2), nkey * 4, - &ctxt->state.aes.key_tweak.dec) != 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - } else { - if (AES_set_encrypt_key(key, nkey * 8, &ctxt->state.aes.key.enc) != 0) { - error_setg(errp, "Failed to set encryption key"); - goto error; - } - - if (AES_set_decrypt_key(key, nkey * 8, &ctxt->state.aes.key.dec) != 0) { - error_setg(errp, "Failed to set decryption key"); - goto error; - } - } - - ctxt->blocksize = AES_BLOCK_SIZE; - ctxt->free = qcrypto_cipher_free_aes; - ctxt->setiv = qcrypto_cipher_setiv_aes; - ctxt->encrypt = qcrypto_cipher_encrypt_aes; - ctxt->decrypt = qcrypto_cipher_decrypt_aes; - - ctxt->base.driver = &qcrypto_cipher_lib_driver; - return &ctxt->base; - - error: - g_free(ctxt); - return NULL; -} - - -static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - g_free(ctxt->state.desrfb.key); - g_free(ctxt); -} - + /* C.f. alg_key_len[QCRYPTO_CIPHER_ALG_DES_RFB] */ + uint8_t key[8]; +}; static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + = container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } - deskey(ctxt->state.desrfb.key, EN0); + deskey(ctx->key, EN0); for (i = 0; i < len; i += 8) { des((void *)in + i, out + i); @@ -336,24 +294,19 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher, return 0; } - static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) + const void *in, void *out, + size_t len, Error **errp) { - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); + QCryptoCipherBuiltinDESRFB *ctx + = container_of(cipher, QCryptoCipherBuiltinDESRFB, base); size_t i; - if (len % 8) { - error_setg(errp, "Buffer size must be multiple of 8 not %zu", - len); + if (!qcrypto_length_check(len, 8, errp)) { return -1; } - deskey(ctxt->state.desrfb.key, DE1); + deskey(ctx->key, DE1); for (i = 0; i < len; i += 8) { des((void *)in + i, out + i); @@ -362,173 +315,121 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher, return 0; } - -static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - error_setg(errp, "Setting IV is not supported"); - return -1; -} - - -static QCryptoCipher * -qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode, - const uint8_t *key, size_t nkey, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt; - - if (mode != QCRYPTO_CIPHER_MODE_ECB) { - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - - ctxt = g_new0(QCryptoCipherBuiltin, 1); - - ctxt->state.desrfb.key = g_new0(uint8_t, nkey); - memcpy(ctxt->state.desrfb.key, key, nkey); - ctxt->state.desrfb.nkey = nkey; - - ctxt->blocksize = 8; - ctxt->free = qcrypto_cipher_free_des_rfb; - ctxt->setiv = qcrypto_cipher_setiv_des_rfb; - ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb; - ctxt->decrypt = qcrypto_cipher_decrypt_des_rfb; - - ctxt->base.driver = &qcrypto_cipher_lib_driver; - return &ctxt->base; -} - +static const struct QCryptoCipherDriver qcrypto_cipher_des_rfb_driver = { + .cipher_encrypt = qcrypto_cipher_encrypt_des_rfb, + .cipher_decrypt = qcrypto_cipher_decrypt_des_rfb, + .cipher_setiv = qcrypto_cipher_no_setiv, + .cipher_free = qcrypto_cipher_ctx_free, +}; bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: + return mode == QCRYPTO_CIPHER_MODE_ECB; case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + case QCRYPTO_CIPHER_MODE_CBC: + case QCRYPTO_CIPHER_MODE_XTS: + return true; + default: + return false; + } break; default: return false; } - - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - return true; - case QCRYPTO_CIPHER_MODE_CTR: - return false; - default: - return false; - } } - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - case QCRYPTO_CIPHER_MODE_CBC: - case QCRYPTO_CIPHER_MODE_XTS: - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp); + if (mode == QCRYPTO_CIPHER_MODE_ECB) { + QCryptoCipherBuiltinDESRFB *ctx; + + ctx = g_new0(QCryptoCipherBuiltinDESRFB, 1); + ctx->base.driver = &qcrypto_cipher_des_rfb_driver; + memcpy(ctx->key, key, sizeof(ctx->key)); + + return &ctx->base; + } + goto bad_mode; + case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: - return qcrypto_cipher_init_aes(mode, key, nkey, errp); + { + QCryptoCipherBuiltinAES *ctx; + const QCryptoCipherDriver *drv; + + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv = &qcrypto_cipher_aes_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv = &qcrypto_cipher_aes_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_XTS: + drv = &qcrypto_cipher_aes_driver_xts; + break; + default: + goto bad_mode; + } + + ctx = g_new0(QCryptoCipherBuiltinAES, 1); + ctx->base.driver = drv; + + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + nkey /= 2; + if (AES_set_encrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key + nkey, nkey * 8, + &ctx->key_tweak.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + } + if (AES_set_encrypt_key(key, nkey * 8, &ctx->key.enc)) { + error_setg(errp, "Failed to set encryption key"); + goto error; + } + if (AES_set_decrypt_key(key, nkey * 8, &ctx->key.dec)) { + error_setg(errp, "Failed to set decryption key"); + goto error; + } + + return &ctx->base; + + error: + g_free(ctx); + return NULL; + } + default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } + + bad_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; } - -static void -qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - ctxt->free(cipher); -} - - -static int -qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->encrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - if (len & (ctxt->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctxt->blocksize); - return -1; - } - - return ctxt->decrypt(cipher, in, out, len, errp); -} - - -static int -qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherBuiltin *ctxt - = container_of(cipher, QCryptoCipherBuiltin, base); - - return ctxt->setiv(cipher, iv, niv, errp); -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { - .cipher_encrypt = qcrypto_builtin_cipher_encrypt, - .cipher_decrypt = qcrypto_builtin_cipher_decrypt, - .cipher_setiv = qcrypto_builtin_cipher_setiv, - .cipher_free = qcrypto_builtin_cipher_ctx_free, -}; From patchwork Fri Aug 28 17:05:22 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248604 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1261013ilg; Fri, 28 Aug 2020 10:10:53 -0700 (PDT) X-Google-Smtp-Source: ABdhPJyyCaDhvNnJT1T2AHBwa9KLzBtpSRUZPmZKRJLHhupxlGG3xUf1waI/+Soc17g0BRByRQfG X-Received: by 2002:a25:ab34:: with SMTP id u49mr3719032ybi.516.1598634653419; Fri, 28 Aug 2020 10:10:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634653; cv=none; d=google.com; s=arc-20160816; b=q0cdY5vXXP7TVX3C9RXsOeYLqof09gG2odVx3n6iHknCrLVZqS9DGjenrrlaExE892 4o+X2JGAxZDaEy7qMxkXe7zhqDd+SAajYAcwP7BLokgcv18VKXVPdCYIcQq14f8HRWOr Q31wkJEQb1nbxvS4kcq1D1IphoZNFp6KiLd9Naodc9du3uPzHfCOFCA+BbdxaUivSTRR 5VBlaHwPrAPHPJDZBfN3mbsULAAu5EiBArSdQ/D2grJpbaCJdppfutYJLTMVtz+HdYfY tcIkHoCqvCCnhiTAAUmu0iHaLHjfNkdWw62TGgYjI0NNVLD3EN8XAuX6BQ0b8cX55+m+ D3Sg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=kPS3plWOXwkwHbRs1evP6m2p3xMzhV6sAsBPxbi5Qkhpg0jymT6hF2x24STgtj5pFc 5g3BcItP4qpRG84g/N3tGrjrdwZqcaWxV4bslm9I51SKhIxPrzee5ctqLWek5Sy99Zjf dVGfQ7kustMFJVo6ySlDGNzLsR8ycGP8yM9fsOtu+8seGAIBigI2VMpz9Ofu7URxILLq oC9KvSEmjAmDnuwqkDMX+I/aD+OTxjdDZQTbMsSB4I3UlK+JScykRM7XbXXT0Gt115+J 74w2h2X3INS/bRkrDxfHk0YvVb3SwZJV8jUYgY6Yg5zZlIg0dYIuDColQldoLIYgj0nA FZGQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RjfWO9ty; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id y62si1518430ybc.179.2020.08.28.10.10.53 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:10:53 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=RjfWO9ty; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:56884 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhts-00063G-PR for patch@linaro.org; Fri, 28 Aug 2020 13:10:52 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36852) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhp2-0004OU-NH for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:52 -0400 Received: from mail-pg1-x532.google.com ([2607:f8b0:4864:20::532]:35370) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoy-00037u-19 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:52 -0400 Received: by mail-pg1-x532.google.com with SMTP id g29so733645pgl.2 for ; Fri, 28 Aug 2020 10:05:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=RjfWO9ty3XE62f7nFHgLRJ8ft8Hrf8LoapgMwFEkzEiZ7I0hQ/V/1EHtnFs4szsjf6 MpYSlBhyYCoREPqzUAWc2yt+jq1imwUOMxrXfeCehZ1BV5MQfYbV0NiS1+04LXkD4OVl fPjaRET9SGnUCSeXr9j7m+C2mIuOzQBZvC4mZJKiwGilLoh1d/8voyrsAV9TQh88fR6H T2UvdlYIkWZNzBmjajdc0Yz72z8MtqfW2ajBRLIWmP77NfkSxYwdsIJP9LoLjNO5d/VA +J1vJLach3MRxi3usakX0RVOWLkVlkj9wPhapcs/hlpRkXlKHED8Tx6koNBtrfRUS6/N MPCw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=xjAvkiOCc/NtSfmsWN0x73KFFAEhwgsUyYE/lGgma1M=; b=WVvswYimtlNRJ7qY5YwivbE2VAz2xF0n8PrifVPQyt3MEMLV7blwJpfhwPqHbDY5qS nywsrZwOy00lPoUvo5PSGxQ8qb1F+rVNkTYsZgg6nE7sU3Lrqs3d5Oa6hadShdn9JG4m 9Gwz7FMfxMolyuFjh6HMt4E2fNEtk4UvNEI/HKemBKFjYZ9+hZpjFbjWqiDAgztMUUzY QaZ8QWY9n45FBxyMdc+9tznMPSM8cDp9Pak8wLaPlPy22UxYCDCmezOGEpyFB8KOupDG 5I04kuIphP2R4ZvDevSsl4EJNdXhfRTA2SaepjkZNkAheSHTOGR1GsSoRKe7yx+QzHEM H3qg== X-Gm-Message-State: AOAM533W6gvrNaGzznKUu16Z0dnRZu+P2VwLFudb7xqu4GWV3t6dkjdg MtSwmOnIeknjEihBwmLo8iAlVP4DkoJ3jQ== X-Received: by 2002:aa7:96cf:: with SMTP id h15mr2087694pfq.294.1598634345521; Fri, 28 Aug 2020 10:05:45 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.43 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:44 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 15/16] crypto/nettle: Split QCryptoCipherNettle into subclasses Date: Fri, 28 Aug 2020 10:05:22 -0700 Message-Id: <20200828170523.418603-16-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::532; envelope-from=richard.henderson@linaro.org; helo=mail-pg1-x532.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" Use separate classes for each cipher entry point: des_rfb, des3, aes128, aes192, aes256, cast128, serpent, and twofish. Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS. This eliminates unreachable wrappers for DES_RFB, DES3 and CAST128, which have blocksizes that do not allow XTS mode. Reviewed-by: Daniel P. Berrangé Signed-off-by: Richard Henderson --- crypto/cipher-nettle.c.inc | 993 +++++++++++++++++++------------------ 1 file changed, 508 insertions(+), 485 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-nettle.c.inc b/crypto/cipher-nettle.c.inc index 36d57ef430..cac771e4ff 100644 --- a/crypto/cipher-nettle.c.inc +++ b/crypto/cipher-nettle.c.inc @@ -34,8 +34,6 @@ #include #endif -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, uint8_t *dst, @@ -45,6 +43,7 @@ typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, typedef nettle_crypt_func * QCryptoCipherNettleFuncNative; typedef void * cipher_ctx_t; typedef unsigned cipher_length_t; +#define CONST_CTX #define cast5_set_key cast128_set_key @@ -73,64 +72,215 @@ typedef unsigned cipher_length_t; typedef nettle_cipher_func * QCryptoCipherNettleFuncNative; typedef const void * cipher_ctx_t; typedef size_t cipher_length_t; +#define CONST_CTX const #endif -typedef struct QCryptoNettleAES128 { - struct aes128_ctx enc; - struct aes128_ctx dec; -} QCryptoNettleAES128; - -typedef struct QCryptoNettleAES192 { - struct aes192_ctx enc; - struct aes192_ctx dec; -} QCryptoNettleAES192; - -typedef struct QCryptoNettleAES256 { - struct aes256_ctx enc; - struct aes256_ctx dec; -} QCryptoNettleAES256; - -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static inline bool qcrypto_length_check(size_t len, size_t blocksize, + Error **errp) { - const QCryptoNettleAES128 *aesctx = ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); + if (unlikely(len & (blocksize - 1))) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, blocksize); + return false; + } + return true; } -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) + +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx) { - const QCryptoNettleAES128 *aesctx = ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); + g_free(ctx); } -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) { - const QCryptoNettleAES192 *aesctx = ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); + error_setg(errp, "Setting IV is not supported"); + return -1; } -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx = ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); + +#define DEFINE_SETIV(NAME, TYPE, BLEN) \ +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \ + size_t niv, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (niv != BLEN) { \ + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \ + return -1; \ + } \ + memcpy(ctx->iv, iv, niv); \ + return 0; \ } -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx = ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx = ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ENCRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + DECRYPT(&ctx->key, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ecb = { \ + .cipher_encrypt = NAME##_encrypt_ecb, \ + .cipher_decrypt = NAME##_decrypt_ecb, \ + .cipher_setiv = qcrypto_cipher_no_setiv, \ + .cipher_free = qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_cbc = { \ + .cipher_encrypt = NAME##_encrypt_cbc, \ + .cipher_decrypt = NAME##_decrypt_cbc, \ + .cipher_setiv = NAME##_setiv, \ + .cipher_free = qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \ +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \ + return 0; \ +} \ +static const struct QCryptoCipherDriver NAME##_driver_ctr = { \ + .cipher_encrypt = NAME##_encrypt_ctr, \ + .cipher_decrypt = NAME##_encrypt_ctr, \ + .cipher_setiv = NAME##_setiv, \ + .cipher_free = qcrypto_cipher_ctx_free, \ +}; + + +#ifdef CONFIG_QEMU_PRIVATE_XTS +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static void NAME##_xts_wrape(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + ENCRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static void NAME##_xts_wrapd(const void *ctx, size_t length, \ + uint8_t *dst, const uint8_t *src) \ +{ \ + DECRYPT((cipher_ctx_t)ctx, length, dst, src); \ +} \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt(&ctx->key, &ctx->key_xts, \ + NAME##_xts_wrape, NAME##_xts_wrapd, \ + ctx->iv, len, out, in); \ + return 0; \ } +#else +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ +} \ +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \ + void *out, size_t len, Error **errp) \ +{ \ + TYPE *ctx = container_of(cipher, TYPE, base); \ + if (!qcrypto_length_check(len, BLEN, errp)) { \ + return -1; \ + } \ + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \ + ctx->iv, len, out, in); \ + return 0; \ +} +#endif + +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + QEMU_BUILD_BUG_ON(BLEN != XTS_BLOCK_SIZE); \ + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ +static const struct QCryptoCipherDriver NAME##_driver_xts = { \ + .cipher_encrypt = NAME##_encrypt_xts, \ + .cipher_decrypt = NAME##_decrypt_xts, \ + .cipher_setiv = NAME##_setiv, \ + .cipher_free = qcrypto_cipher_ctx_free, \ +}; + + +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_SETIV(NAME, TYPE, BLEN) \ + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) + +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \ + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) + + +typedef struct QCryptoNettleDESRFB { + QCryptoCipher base; + struct des_ctx key; + uint8_t iv[DES_BLOCK_SIZE]; +} QCryptoNettleDESRFB; static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) @@ -144,6 +294,16 @@ static void des_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, des_decrypt(ctx, length, dst, src); } +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB, + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native) + + +typedef struct QCryptoNettleDES3 { + QCryptoCipher base; + struct des3_ctx key; + uint8_t iv[DES3_BLOCK_SIZE]; +} QCryptoNettleDES3; + static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -156,6 +316,94 @@ static void des3_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, des3_decrypt(ctx, length, dst, src); } +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE, + des3_encrypt_native, des3_decrypt_native) + + +typedef struct QCryptoNettleAES128 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes128_ctx key[2], key_xts[2]; +} QCryptoNettleAES128; + +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes128_ctx *keys = ctx; + aes128_encrypt(&keys[0], length, dst, src); +} + +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes128_ctx *keys = ctx; + aes128_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128, + QCryptoNettleAES128, AES_BLOCK_SIZE, + aes128_encrypt_native, aes128_decrypt_native) + + +typedef struct QCryptoNettleAES192 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes192_ctx key[2], key_xts[2]; +} QCryptoNettleAES192; + +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes192_ctx *keys = ctx; + aes192_encrypt(&keys[0], length, dst, src); +} + +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes192_ctx *keys = ctx; + aes192_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192, + QCryptoNettleAES192, AES_BLOCK_SIZE, + aes192_encrypt_native, aes192_decrypt_native) + + +typedef struct QCryptoNettleAES256 { + QCryptoCipher base; + uint8_t iv[AES_BLOCK_SIZE]; + /* First key from pair is encode, second key is decode. */ + struct aes256_ctx key[2], key_xts[2]; +} QCryptoNettleAES256; + +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes256_ctx *keys = ctx; + aes256_encrypt(&keys[0], length, dst, src); +} + +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + CONST_CTX struct aes256_ctx *keys = ctx; + aes256_decrypt(&keys[1], length, dst, src); +} + +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256, + QCryptoNettleAES256, AES_BLOCK_SIZE, + aes256_encrypt_native, aes256_decrypt_native) + + +typedef struct QCryptoNettleCAST128 { + QCryptoCipher base; + uint8_t iv[CAST128_BLOCK_SIZE]; + struct cast128_ctx key, key_xts; +} QCryptoNettleCAST128; + static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -168,6 +416,18 @@ static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, cast128_decrypt(ctx, length, dst, src); } +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128, + QCryptoNettleCAST128, CAST128_BLOCK_SIZE, + cast128_encrypt_native, cast128_decrypt_native) + + +typedef struct QCryptoNettleSerpent { + QCryptoCipher base; + uint8_t iv[SERPENT_BLOCK_SIZE]; + struct serpent_ctx key, key_xts; +} QCryptoNettleSerpent; + + static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -180,6 +440,17 @@ static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, serpent_decrypt(ctx, length, dst, src); } +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent, + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE, + serpent_encrypt_native, serpent_decrypt_native) + + +typedef struct QCryptoNettleTwofish { + QCryptoCipher base; + uint8_t iv[TWOFISH_BLOCK_SIZE]; + struct twofish_ctx key, key_xts; +} QCryptoNettleTwofish; + static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t length, uint8_t *dst, const uint8_t *src) { @@ -192,125 +463,10 @@ static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t length, twofish_decrypt(ctx, length, dst, src); } -static void aes128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx = ctx; - aes128_encrypt(&aesctx->enc, length, dst, src); -} +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish, + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE, + twofish_encrypt_native, twofish_decrypt_native) -static void aes128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES128 *aesctx = ctx; - aes128_decrypt(&aesctx->dec, length, dst, src); -} - -static void aes192_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx = ctx; - aes192_encrypt(&aesctx->enc, length, dst, src); -} - -static void aes192_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES192 *aesctx = ctx; - aes192_decrypt(&aesctx->dec, length, dst, src); -} - -static void aes256_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx = ctx; - aes256_encrypt(&aesctx->enc, length, dst, src); -} - -static void aes256_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - const QCryptoNettleAES256 *aesctx = ctx; - aes256_decrypt(&aesctx->dec, length, dst, src); -} - -static void des_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des_encrypt(ctx, length, dst, src); -} - -static void des_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des_decrypt(ctx, length, dst, src); -} - -static void des3_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des3_encrypt(ctx, length, dst, src); -} - -static void des3_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - des3_decrypt(ctx, length, dst, src); -} - -static void cast128_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - cast128_encrypt(ctx, length, dst, src); -} - -static void cast128_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - cast128_decrypt(ctx, length, dst, src); -} - -static void serpent_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - serpent_encrypt(ctx, length, dst, src); -} - -static void serpent_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - serpent_decrypt(ctx, length, dst, src); -} - -static void twofish_encrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - twofish_encrypt(ctx, length, dst, src); -} - -static void twofish_decrypt_wrapper(const void *ctx, size_t length, - uint8_t *dst, const uint8_t *src) -{ - twofish_decrypt(ctx, length, dst, src); -} - -typedef struct QCryptoCipherNettle QCryptoCipherNettle; -struct QCryptoCipherNettle { - QCryptoCipher base; - - /* Primary cipher context for all modes */ - void *ctx; - /* Second cipher context for XTS mode only */ - void *ctx_tweak; - /* Cipher callbacks for both contexts */ - QCryptoCipherNettleFuncNative alg_encrypt_native; - QCryptoCipherNettleFuncNative alg_decrypt_native; - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper; - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper; - /* Initialization vector or Counter */ - uint8_t *iv; - size_t blocksize; -}; bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) @@ -344,30 +500,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, } } - -static void -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx) -{ - if (!ctx) { - return; - } - - g_free(ctx->iv); - g_free(ctx->ctx); - g_free(ctx->ctx_tweak); - g_free(ctx); -} - - static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { - QCryptoCipherNettle *ctx; - uint8_t *rfbkey; - switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: @@ -375,363 +513,248 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, case QCRYPTO_CIPHER_MODE_CTR: break; default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; + goto bad_cipher_mode; } if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } - ctx = g_new0(QCryptoCipherNettle, 1); - switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: - ctx->ctx = g_new0(struct des_ctx, 1); - rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); - des_set_key(ctx->ctx, rfbkey); - g_free(rfbkey); + { + QCryptoNettleDESRFB *ctx; + const QCryptoCipherDriver *drv; + uint8_t *rfbkey; - ctx->alg_encrypt_native = des_encrypt_native; - ctx->alg_decrypt_native = des_decrypt_native; - ctx->alg_encrypt_wrapper = des_encrypt_wrapper; - ctx->alg_decrypt_wrapper = des_decrypt_wrapper; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv = &qcrypto_nettle_des_rfb_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv = &qcrypto_nettle_des_rfb_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv = &qcrypto_nettle_des_rfb_driver_ctr; + break; + default: + goto bad_cipher_mode; + } - ctx->blocksize = DES_BLOCK_SIZE; - break; + ctx = g_new0(QCryptoNettleDESRFB, 1); + ctx->base.driver = drv; + + rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); + des_set_key(&ctx->key, rfbkey); + g_free(rfbkey); + + return &ctx->base; + } case QCRYPTO_CIPHER_ALG_3DES: - ctx->ctx = g_new0(struct des3_ctx, 1); - des3_set_key(ctx->ctx, key); + { + QCryptoNettleDES3 *ctx; + const QCryptoCipherDriver *drv; - ctx->alg_encrypt_native = des3_encrypt_native; - ctx->alg_decrypt_native = des3_decrypt_native; - ctx->alg_encrypt_wrapper = des3_encrypt_wrapper; - ctx->alg_decrypt_wrapper = des3_decrypt_wrapper; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv = &qcrypto_nettle_des3_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv = &qcrypto_nettle_des3_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv = &qcrypto_nettle_des3_driver_ctr; + break; + default: + goto bad_cipher_mode; + } - ctx->blocksize = DES3_BLOCK_SIZE; - break; + ctx = g_new0(QCryptoNettleDES3, 1); + ctx->base.driver = drv; + des3_set_key(&ctx->key, key); + return &ctx->base; + } case QCRYPTO_CIPHER_ALG_AES_128: - ctx->ctx = g_new0(QCryptoNettleAES128, 1); + { + QCryptoNettleAES128 *ctx = g_new0(QCryptoNettleAES128, 1); - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(QCryptoNettleAES128, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver = &qcrypto_nettle_aes128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver = &qcrypto_nettle_aes128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver = &qcrypto_nettle_aes128_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver = &qcrypto_nettle_aes128_driver_xts; + nkey /= 2; + aes128_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes128_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes128_set_encrypt_key(&ctx->key[0], key); + aes128_set_decrypt_key(&ctx->key[1], key); - nkey /= 2; - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); - - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)-> - enc, key + nkey); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)-> - dec, key + nkey); - } else { - aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc, - key); - aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec, - key); + return &ctx->base; } - ctx->alg_encrypt_native = aes128_encrypt_native; - ctx->alg_decrypt_native = aes128_decrypt_native; - ctx->alg_encrypt_wrapper = aes128_encrypt_wrapper; - ctx->alg_decrypt_wrapper = aes128_decrypt_wrapper; - - ctx->blocksize = AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_192: - ctx->ctx = g_new0(QCryptoNettleAES192, 1); + { + QCryptoNettleAES192 *ctx = g_new0(QCryptoNettleAES192, 1); - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(QCryptoNettleAES192, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver = &qcrypto_nettle_aes192_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver = &qcrypto_nettle_aes192_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver = &qcrypto_nettle_aes192_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver = &qcrypto_nettle_aes192_driver_xts; + nkey /= 2; + aes192_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes192_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes192_set_encrypt_key(&ctx->key[0], key); + aes192_set_decrypt_key(&ctx->key[1], key); - nkey /= 2; - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); - - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)-> - enc, key + nkey); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)-> - dec, key + nkey); - } else { - aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc, - key); - aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec, - key); + return &ctx->base; } - ctx->alg_encrypt_native = aes192_encrypt_native; - ctx->alg_decrypt_native = aes192_decrypt_native; - ctx->alg_encrypt_wrapper = aes192_encrypt_wrapper; - ctx->alg_decrypt_wrapper = aes192_decrypt_wrapper; - - ctx->blocksize = AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_AES_256: - ctx->ctx = g_new0(QCryptoNettleAES256, 1); + { + QCryptoNettleAES256 *ctx = g_new0(QCryptoNettleAES256, 1); - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(QCryptoNettleAES256, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver = &qcrypto_nettle_aes256_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver = &qcrypto_nettle_aes256_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver = &qcrypto_nettle_aes256_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver = &qcrypto_nettle_aes256_driver_xts; + nkey /= 2; + aes256_set_encrypt_key(&ctx->key_xts[0], key + nkey); + aes256_set_decrypt_key(&ctx->key_xts[1], key + nkey); + break; + default: + g_assert_not_reached(); + } + aes256_set_encrypt_key(&ctx->key[0], key); + aes256_set_decrypt_key(&ctx->key[1], key); - nkey /= 2; - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); - - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)-> - enc, key + nkey); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)-> - dec, key + nkey); - } else { - aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc, - key); - aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec, - key); + return &ctx->base; } - ctx->alg_encrypt_native = aes256_encrypt_native; - ctx->alg_decrypt_native = aes256_decrypt_native; - ctx->alg_encrypt_wrapper = aes256_encrypt_wrapper; - ctx->alg_decrypt_wrapper = aes256_decrypt_wrapper; - - ctx->blocksize = AES_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->ctx = g_new0(struct cast128_ctx, 1); + { + QCryptoNettleCAST128 *ctx; + const QCryptoCipherDriver *drv; - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(struct cast128_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + drv = &qcrypto_nettle_cast128_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + drv = &qcrypto_nettle_cast128_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv = &qcrypto_nettle_cast128_driver_ctr; + break; + default: + goto bad_cipher_mode; + } - nkey /= 2; - cast5_set_key(ctx->ctx, nkey, key); - cast5_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - cast5_set_key(ctx->ctx, nkey, key); + ctx = g_new0(QCryptoNettleCAST128, 1); + ctx->base.driver = drv; + cast5_set_key(&ctx->key, nkey, key); + + return &ctx->base; } - ctx->alg_encrypt_native = cast128_encrypt_native; - ctx->alg_decrypt_native = cast128_decrypt_native; - ctx->alg_encrypt_wrapper = cast128_encrypt_wrapper; - ctx->alg_decrypt_wrapper = cast128_decrypt_wrapper; - - ctx->blocksize = CAST128_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: case QCRYPTO_CIPHER_ALG_SERPENT_192: case QCRYPTO_CIPHER_ALG_SERPENT_256: - ctx->ctx = g_new0(struct serpent_ctx, 1); + { + QCryptoNettleSerpent *ctx = g_new0(QCryptoNettleSerpent, 1); - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(struct serpent_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver = &qcrypto_nettle_serpent_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver = &qcrypto_nettle_serpent_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver = &qcrypto_nettle_serpent_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver = &qcrypto_nettle_serpent_driver_xts; + nkey /= 2; + serpent_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + serpent_set_key(&ctx->key, nkey, key); - nkey /= 2; - serpent_set_key(ctx->ctx, nkey, key); - serpent_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - serpent_set_key(ctx->ctx, nkey, key); + return &ctx->base; } - ctx->alg_encrypt_native = serpent_encrypt_native; - ctx->alg_decrypt_native = serpent_decrypt_native; - ctx->alg_encrypt_wrapper = serpent_encrypt_wrapper; - ctx->alg_decrypt_wrapper = serpent_decrypt_wrapper; - - ctx->blocksize = SERPENT_BLOCK_SIZE; - break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: case QCRYPTO_CIPHER_ALG_TWOFISH_192: case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->ctx = g_new0(struct twofish_ctx, 1); + { + QCryptoNettleTwofish *ctx = g_new0(QCryptoNettleTwofish, 1); - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - ctx->ctx_tweak = g_new0(struct twofish_ctx, 1); + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + ctx->base.driver = &qcrypto_nettle_twofish_driver_ecb; + break; + case QCRYPTO_CIPHER_MODE_CBC: + ctx->base.driver = &qcrypto_nettle_twofish_driver_cbc; + break; + case QCRYPTO_CIPHER_MODE_CTR: + ctx->base.driver = &qcrypto_nettle_twofish_driver_ctr; + break; + case QCRYPTO_CIPHER_MODE_XTS: + ctx->base.driver = &qcrypto_nettle_twofish_driver_xts; + nkey /= 2; + twofish_set_key(&ctx->key_xts, nkey, key + nkey); + break; + default: + g_assert_not_reached(); + } + twofish_set_key(&ctx->key, nkey, key); - nkey /= 2; - twofish_set_key(ctx->ctx, nkey, key); - twofish_set_key(ctx->ctx_tweak, nkey, key + nkey); - } else { - twofish_set_key(ctx->ctx, nkey, key); + return &ctx->base; } - ctx->alg_encrypt_native = twofish_encrypt_native; - ctx->alg_decrypt_native = twofish_decrypt_native; - ctx->alg_encrypt_wrapper = twofish_encrypt_wrapper; - ctx->alg_decrypt_wrapper = twofish_decrypt_wrapper; - - ctx->blocksize = TWOFISH_BLOCK_SIZE; - break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); - goto error; - } - g_assert(is_power_of_2(ctx->blocksize)); - - if (mode == QCRYPTO_CIPHER_MODE_XTS && - ctx->blocksize != XTS_BLOCK_SIZE) { - error_setg(errp, "Cipher block size %zu must equal XTS block size %d", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; + return NULL; } - ctx->iv = g_new0(uint8_t, ctx->blocksize); - - ctx->base.driver = &qcrypto_cipher_lib_driver; - return &ctx->base; - - error: - qcrypto_nettle_cipher_free_ctx(ctx); + bad_cipher_mode: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); return NULL; } - - -static void -qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); - - qcrypto_nettle_cipher_free_ctx(ctx); -} - - -static int -qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_encrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_encrypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_encrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_encrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - - -static int -qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - - switch (cipher->mode) { - case QCRYPTO_CIPHER_MODE_ECB: - ctx->alg_decrypt_wrapper(ctx->ctx, len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_CBC: - cbc_decrypt(ctx->ctx, ctx->alg_decrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - xts_decrypt(ctx->ctx, ctx->ctx_tweak, - ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, - ctx->iv, len, out, in); -#else - xts_decrypt_message(ctx->ctx, ctx->ctx_tweak, - ctx->alg_decrypt_native, - ctx->alg_encrypt_native, - ctx->iv, len, out, in); -#endif - break; - case QCRYPTO_CIPHER_MODE_CTR: - ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, - ctx->blocksize, ctx->iv, - len, out, in); - break; - - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(cipher->mode)); - return -1; - } - return 0; -} - -static int -qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base); - - if (niv != ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - memcpy(ctx->iv, iv, niv); - return 0; -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { - .cipher_encrypt = qcrypto_nettle_cipher_encrypt, - .cipher_decrypt = qcrypto_nettle_cipher_decrypt, - .cipher_setiv = qcrypto_nettle_cipher_setiv, - .cipher_free = qcrypto_nettle_cipher_ctx_free, -}; From patchwork Fri Aug 28 17:05:23 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Richard Henderson X-Patchwork-Id: 248597 Delivered-To: patch@linaro.org Received: by 2002:a92:5b9c:0:0:0:0:0 with SMTP id c28csp1257927ilg; Fri, 28 Aug 2020 10:07:22 -0700 (PDT) X-Google-Smtp-Source: ABdhPJxu6DHdoDf2U81CTp2DzZNXGb+3QOAChksS/ARRFXNfo66U+AGBLiTk5hEb0/EW6p9CVOxN X-Received: by 2002:a5b:60e:: with SMTP id d14mr3624391ybq.210.1598634442585; Fri, 28 Aug 2020 10:07:22 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1598634442; cv=none; d=google.com; s=arc-20160816; b=ITWSKm3A2cWEIPkQcxkY4lJCPXhSE1Mm1y4As+B5i5PB4gIUc2GG2WL5q9JFJDKF1o HDfZumxjb1TwSevVKdDuhPdjqpw0CMWzHMy1DXMGd6nCjVyTljTCdqm9xqkzc/40wfoK hIM6WYniNkzgEAovOf46yFFaHw33bEsoaKrYe5hMJE79DmOIS7DA4rJm8sMR8uaEqmD0 EJgwOjzRd9lmiq/1yf0noeEstv2jlKhZxkAoYGIP58wLQDgHJ2EkZt6BYewUSnD3XFXX oLwJL1yQyNkvdPnPNxduXZWc9WaWD8JsKwF6WKb9Y+77oq7MScKo0mtzwqmWa4bc194g WoaA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=oaXHB5HR7ZpPwfJhozrkDul92cQhTVQyFHH/jbBfy8ZSUMskNCejwTZRpl69TkuHBr McRev6c7KPJ+bGpgJ8nJ2vMOnwumU6pr6FtuD5z9S0+AZdpzmrwpukyvBUtLQZ5ZbMD2 yM/LTDBBWJece159nuOWvjO+DJOXG55s8pbqsNvgqsStNtfJvfehUyOIn26pBVCdJafE jGMCuXPSy0CGEeVUDg4OR5eq/KgtbZaf8JwJsd+PGDZ+W8lsuudlwE01PWKCTsPr69kr qOj11U1w8E4RzARLd7d1CpiPK6okISuB+3feRWNVWfhqEKytKk0D3OsoH46zVqSZ553J eFKg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aZDhrPed; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id r5si1269032ybs.360.2020.08.28.10.07.22 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Fri, 28 Aug 2020 10:07:22 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=aZDhrPed; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:39238 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1kBhqT-0007N2-SO for patch@linaro.org; Fri, 28 Aug 2020 13:07:21 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:36840) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1kBhp1-0004Kh-96 for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:51 -0400 Received: from mail-pl1-x643.google.com ([2607:f8b0:4864:20::643]:37671) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1kBhoy-000381-Na for qemu-devel@nongnu.org; Fri, 28 Aug 2020 13:05:50 -0400 Received: by mail-pl1-x643.google.com with SMTP id c15so787918plq.4 for ; Fri, 28 Aug 2020 10:05:48 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=aZDhrPedvmbMt4La7SABNowNFitHiAKxBVa/W0nKiodr6ADYUz/2pk/DBnszvAxnQ0 a793gQPcgBTaYe4ZSRy+rly5vRnCPy4XH+KIj3lenGZwZ8J0FijPiWXlFesv2U0JUC3Q gipm9XJNH3zjjSB1VaOFM+IF845iuruNB5xVvqVqKib3mstZfskW3dK7nTVHB34Okt/f tGb4BWINkJBNd5wsSgZJFC9K4jbgVVr/55svNr66C/g8qUwzP0PPJuviBNSFEyoYUsUf hv2hI7PuKvds6tvF7aAg1bM2yWc2XGt3kytno58pgOefQUqoNp71pSHvB/rrzla49MM1 Be2g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=6oAAd13GwF/3Te3K0+i8T99RpHAlTgI/+rDnUt7DA9A=; b=KtdLlLIGLxYep0Fn9huYZ+YjIL7Rt4SoUmTOhSK7ZB8XkB7l/smYZxxg1woiqSNHfg 2ca+88l+XxziZZQk0fBT22F7sfS2DEb6j11BijVvm3R9XYcz/8JnUpoteuMXUBZ7U0T4 daIl+AkQZ1S8rWx3OFbAfjPFL8Xs/gSIGxFAQPAuGq8V2r7JnSTLv+nVZ8rbDvI2w6F1 uAnW14+3HEBL/TKWqk1duaRvfX7hIdfqXIJ4cBx/fiZzTTVfBiAsDa6LwUnBBaK9DGGN yJnQsJTdV6z2LF6+wufyRegFbYVPRI9vMbqQs1E+0Rz6+VAiw5c0Yz6XiEvDT306tI7K J+hQ== X-Gm-Message-State: AOAM530EaLxEC1bI4YFU3jmf65lCKVYKC3baLRBl6JCvg76bUbFrq0iP HZTY40GrSChlnzqvk8yTMcRMU6sEMiAuCw== X-Received: by 2002:a17:90a:f691:: with SMTP id cl17mr40474pjb.8.1598634346720; Fri, 28 Aug 2020 10:05:46 -0700 (PDT) Received: from localhost.localdomain ([71.212.141.89]) by smtp.gmail.com with ESMTPSA id q12sm2277495pff.196.2020.08.28.10.05.45 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 28 Aug 2020 10:05:46 -0700 (PDT) From: Richard Henderson To: qemu-devel@nongnu.org Subject: [PATCH v2 16/16] crypto/gcrypt: Split QCryptoCipherGcrypt into subclasses Date: Fri, 28 Aug 2020 10:05:23 -0700 Message-Id: <20200828170523.418603-17-richard.henderson@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20200828170523.418603-1-richard.henderson@linaro.org> References: <20200828170523.418603-1-richard.henderson@linaro.org> MIME-Version: 1.0 Received-SPF: pass client-ip=2607:f8b0:4864:20::643; envelope-from=richard.henderson@linaro.org; helo=mail-pl1-x643.google.com X-detected-operating-system: by eggs.gnu.org: No matching host in p0f cache. That's all we know. X-Spam_score_int: -20 X-Spam_score: -2.1 X-Spam_bar: -- X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001 autolearn=ham autolearn_force=no X-Spam_action: no action X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: berrange@redhat.com Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" With gcrypt, most of the dispatch happens in the library, so there aren't many classes to create. However, we can still create separate dispatch for CTR mode, and for CONFIG_QEMU_PRIVATE_XTS, which avoids needing to check for these modes at runtime. Signed-off-by: Richard Henderson --- crypto/cipher-gcrypt.c.inc | 497 ++++++++++++++++++------------------- 1 file changed, 240 insertions(+), 257 deletions(-) -- 2.25.1 diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc index 7a1fbc9745..42d4137534 100644 --- a/crypto/cipher-gcrypt.c.inc +++ b/crypto/cipher-gcrypt.c.inc @@ -24,8 +24,6 @@ #include -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver; - bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode) { @@ -57,36 +55,212 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, } } -typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt; -struct QCryptoCipherGcrypt { +typedef struct QCryptoCipherGcrypt { QCryptoCipher base; gcry_cipher_hd_t handle; size_t blocksize; #ifdef CONFIG_QEMU_PRIVATE_XTS gcry_cipher_hd_t tweakhandle; - /* Initialization vector or Counter */ - uint8_t *iv; + uint8_t iv[XTS_BLOCK_SIZE]; #endif -}; +} QCryptoCipherGcrypt; -static void -qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx, - QCryptoCipherMode mode) + +static void qcrypto_gcrypt_ctx_free(QCryptoCipher *cipher) { - if (!ctx) { - return; - } + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); gcry_cipher_close(ctx->handle); -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - gcry_cipher_close(ctx->tweakhandle); - } - g_free(ctx->iv); -#endif g_free(ctx); } +static int qcrypto_gcrypt_encrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err = gcry_cipher_encrypt(ctx->handle, out, len, in, len); + if (err != 0) { + error_setg(errp, "Cannot encrypt data: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static int qcrypto_gcrypt_decrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + gcry_error_t err; + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + err = gcry_cipher_decrypt(ctx->handle, out, len, in, len); + if (err != 0) { + error_setg(errp, "Cannot decrypt data: %s", + gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + gcry_error_t err; + + if (niv != ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + gcry_cipher_reset(ctx->handle); + err = gcry_cipher_setiv(ctx->handle, iv, niv); + if (err != 0) { + error_setg(errp, "Cannot set IV: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + +static int qcrypto_gcrypt_ctr_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + gcry_error_t err; + + if (niv != ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + err = gcry_cipher_setctr(ctx->handle, iv, niv); + if (err != 0) { + error_setg(errp, "Cannot set Counter: %s", gcry_strerror(err)); + return -1; + } + + return 0; +} + + +static const struct QCryptoCipherDriver qcrypto_gcrypt_driver = { + .cipher_encrypt = qcrypto_gcrypt_encrypt, + .cipher_decrypt = qcrypto_gcrypt_decrypt, + .cipher_setiv = qcrypto_gcrypt_setiv, + .cipher_free = qcrypto_gcrypt_ctx_free, +}; + +static const struct QCryptoCipherDriver qcrypto_gcrypt_ctr_driver = { + .cipher_encrypt = qcrypto_gcrypt_encrypt, + .cipher_decrypt = qcrypto_gcrypt_decrypt, + .cipher_setiv = qcrypto_gcrypt_ctr_setiv, + .cipher_free = qcrypto_gcrypt_ctx_free, +}; + +#ifdef CONFIG_QEMU_PRIVATE_XTS +static void qcrypto_gcrypt_xts_ctx_free(QCryptoCipher *cipher) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + + gcry_cipher_close(ctx->tweakhandle); + qcrypto_gcrypt_ctx_free(cipher); +} + +static void qcrypto_gcrypt_xts_wrape(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); + g_assert(err == 0); +} + +static void qcrypto_gcrypt_xts_wrapd(const void *ctx, size_t length, + uint8_t *dst, const uint8_t *src) +{ + gcry_error_t err; + err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); + g_assert(err == 0); +} + +static int qcrypto_gcrypt_xts_encrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + xts_encrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_decrypt(QCryptoCipher *cipher, const void *in, + void *out, size_t len, Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + + if (len & (ctx->blocksize - 1)) { + error_setg(errp, "Length %zu must be a multiple of block size %zu", + len, ctx->blocksize); + return -1; + } + + xts_decrypt(ctx->handle, ctx->tweakhandle, + qcrypto_gcrypt_xts_wrape, qcrypto_gcrypt_xts_wrapd, + ctx->iv, len, out, in); + return 0; +} + +static int qcrypto_gcrypt_xts_setiv(QCryptoCipher *cipher, + const uint8_t *iv, size_t niv, + Error **errp) +{ + QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); + + if (niv != ctx->blocksize) { + error_setg(errp, "Expected IV size %zu not %zu", + ctx->blocksize, niv); + return -1; + } + + memcpy(ctx->iv, iv, niv); + return 0; +} + +static const struct QCryptoCipherDriver qcrypto_gcrypt_xts_driver = { + .cipher_encrypt = qcrypto_gcrypt_xts_encrypt, + .cipher_decrypt = qcrypto_gcrypt_xts_decrypt, + .cipher_setiv = qcrypto_gcrypt_xts_setiv, + .cipher_free = qcrypto_gcrypt_xts_ctx_free, +}; +#endif /* CONFIG_QEMU_PRIVATE_XTS */ + static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, @@ -95,32 +269,10 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, Error **errp) { QCryptoCipherGcrypt *ctx; + const QCryptoCipherDriver *drv; gcry_error_t err; int gcryalg, gcrymode; - switch (mode) { - case QCRYPTO_CIPHER_MODE_ECB: - gcrymode = GCRY_CIPHER_MODE_ECB; - break; - case QCRYPTO_CIPHER_MODE_XTS: -#ifdef CONFIG_QEMU_PRIVATE_XTS - gcrymode = GCRY_CIPHER_MODE_ECB; -#else - gcrymode = GCRY_CIPHER_MODE_XTS; -#endif - break; - case QCRYPTO_CIPHER_MODE_CBC: - gcrymode = GCRY_CIPHER_MODE_CBC; - break; - case QCRYPTO_CIPHER_MODE_CTR: - gcrymode = GCRY_CIPHER_MODE_CTR; - break; - default: - error_setg(errp, "Unsupported cipher mode %s", - QCryptoCipherMode_str(mode)); - return NULL; - } - if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) { return NULL; } @@ -129,54 +281,70 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, case QCRYPTO_CIPHER_ALG_DES_RFB: gcryalg = GCRY_CIPHER_DES; break; - case QCRYPTO_CIPHER_ALG_3DES: gcryalg = GCRY_CIPHER_3DES; break; - case QCRYPTO_CIPHER_ALG_AES_128: gcryalg = GCRY_CIPHER_AES128; break; - case QCRYPTO_CIPHER_ALG_AES_192: gcryalg = GCRY_CIPHER_AES192; break; - case QCRYPTO_CIPHER_ALG_AES_256: gcryalg = GCRY_CIPHER_AES256; break; - case QCRYPTO_CIPHER_ALG_CAST5_128: gcryalg = GCRY_CIPHER_CAST5; break; - case QCRYPTO_CIPHER_ALG_SERPENT_128: gcryalg = GCRY_CIPHER_SERPENT128; break; - case QCRYPTO_CIPHER_ALG_SERPENT_192: gcryalg = GCRY_CIPHER_SERPENT192; break; - case QCRYPTO_CIPHER_ALG_SERPENT_256: gcryalg = GCRY_CIPHER_SERPENT256; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_128: gcryalg = GCRY_CIPHER_TWOFISH128; break; - case QCRYPTO_CIPHER_ALG_TWOFISH_256: gcryalg = GCRY_CIPHER_TWOFISH; break; - default: error_setg(errp, "Unsupported cipher algorithm %s", QCryptoCipherAlgorithm_str(alg)); return NULL; } + drv = &qcrypto_gcrypt_driver; + switch (mode) { + case QCRYPTO_CIPHER_MODE_ECB: + gcrymode = GCRY_CIPHER_MODE_ECB; + break; + case QCRYPTO_CIPHER_MODE_XTS: +#ifdef CONFIG_QEMU_PRIVATE_XTS + drv = &qcrypto_gcrypt_xts_driver; + gcrymode = GCRY_CIPHER_MODE_ECB; +#else + gcrymode = GCRY_CIPHER_MODE_XTS; +#endif + break; + case QCRYPTO_CIPHER_MODE_CBC: + gcrymode = GCRY_CIPHER_MODE_CBC; + break; + case QCRYPTO_CIPHER_MODE_CTR: + drv = &qcrypto_gcrypt_ctr_driver; + gcrymode = GCRY_CIPHER_MODE_CTR; + break; + default: + error_setg(errp, "Unsupported cipher mode %s", + QCryptoCipherMode_str(mode)); + return NULL; + } + ctx = g_new0(QCryptoCipherGcrypt, 1); + ctx->base.driver = drv; err = gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0); if (err != 0) { @@ -184,8 +352,16 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, gcry_strerror(err)); goto error; } + ctx->blocksize = gcry_cipher_get_algo_blklen(gcryalg); + #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode == QCRYPTO_CIPHER_MODE_XTS) { + if (ctx->blocksize != XTS_BLOCK_SIZE) { + error_setg(errp, + "Cipher block size %zu must equal XTS block size %d", + ctx->blocksize, XTS_BLOCK_SIZE); + goto error; + } err = gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0); if (err != 0) { error_setg(errp, "Cannot initialize cipher: %s", @@ -203,224 +379,31 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg, uint8_t *rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); err = gcry_cipher_setkey(ctx->handle, rfbkey, nkey); g_free(rfbkey); - ctx->blocksize = 8; } else { #ifdef CONFIG_QEMU_PRIVATE_XTS if (mode == QCRYPTO_CIPHER_MODE_XTS) { nkey /= 2; - err = gcry_cipher_setkey(ctx->handle, key, nkey); + err = gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); if (err != 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); goto error; } - err = gcry_cipher_setkey(ctx->tweakhandle, key + nkey, nkey); - } else { -#endif - err = gcry_cipher_setkey(ctx->handle, key, nkey); -#ifdef CONFIG_QEMU_PRIVATE_XTS } #endif - if (err != 0) { - error_setg(errp, "Cannot set key: %s", - gcry_strerror(err)); - goto error; - } - switch (alg) { - case QCRYPTO_CIPHER_ALG_AES_128: - case QCRYPTO_CIPHER_ALG_AES_192: - case QCRYPTO_CIPHER_ALG_AES_256: - case QCRYPTO_CIPHER_ALG_SERPENT_128: - case QCRYPTO_CIPHER_ALG_SERPENT_192: - case QCRYPTO_CIPHER_ALG_SERPENT_256: - case QCRYPTO_CIPHER_ALG_TWOFISH_128: - case QCRYPTO_CIPHER_ALG_TWOFISH_256: - ctx->blocksize = 16; - break; - case QCRYPTO_CIPHER_ALG_3DES: - case QCRYPTO_CIPHER_ALG_CAST5_128: - ctx->blocksize = 8; - break; - default: - g_assert_not_reached(); - } + err = gcry_cipher_setkey(ctx->handle, key, nkey); } - g_assert(is_power_of_2(ctx->blocksize)); - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - if (ctx->blocksize != XTS_BLOCK_SIZE) { - error_setg(errp, - "Cipher block size %zu must equal XTS block size %d", - ctx->blocksize, XTS_BLOCK_SIZE); - goto error; - } - ctx->iv = g_new0(uint8_t, ctx->blocksize); + if (err != 0) { + error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); + goto error; } -#endif - ctx->base.driver = &qcrypto_cipher_lib_driver; return &ctx->base; error: - qcrypto_gcrypt_cipher_free_ctx(ctx, mode); +#ifdef CONFIG_QEMU_PRIVATE_XTS + gcry_cipher_close(ctx->tweakhandle); +#endif + gcry_cipher_close(ctx->handle); + g_free(ctx); return NULL; } - - -static void -qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher) -{ - QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); - - qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode); -} - - -#ifdef CONFIG_QEMU_PRIVATE_XTS -static void qcrypto_gcrypt_xts_encrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err = gcry_cipher_encrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); - g_assert(err == 0); -} - -static void qcrypto_gcrypt_xts_decrypt(const void *ctx, - size_t length, - uint8_t *dst, - const uint8_t *src) -{ - gcry_error_t err; - err = gcry_cipher_decrypt((gcry_cipher_hd_t)ctx, dst, length, src, length); - g_assert(err == 0); -} -#endif - -static int -qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - xts_encrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err = gcry_cipher_encrypt(ctx->handle, - out, len, - in, len); - if (err != 0) { - error_setg(errp, "Cannot encrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - - -static int -qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher, - const void *in, - void *out, - size_t len, - Error **errp) -{ - QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); - gcry_error_t err; - - if (len & (ctx->blocksize - 1)) { - error_setg(errp, "Length %zu must be a multiple of block size %zu", - len, ctx->blocksize); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) { - xts_decrypt(ctx->handle, ctx->tweakhandle, - qcrypto_gcrypt_xts_encrypt, - qcrypto_gcrypt_xts_decrypt, - ctx->iv, len, out, in); - return 0; - } -#endif - - err = gcry_cipher_decrypt(ctx->handle, - out, len, - in, len); - if (err != 0) { - error_setg(errp, "Cannot decrypt data: %s", - gcry_strerror(err)); - return -1; - } - - return 0; -} - -static int -qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher, - const uint8_t *iv, size_t niv, - Error **errp) -{ - QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base); - gcry_error_t err; - - if (niv != ctx->blocksize) { - error_setg(errp, "Expected IV size %zu not %zu", - ctx->blocksize, niv); - return -1; - } - -#ifdef CONFIG_QEMU_PRIVATE_XTS - if (ctx->iv) { - memcpy(ctx->iv, iv, niv); - return 0; - } -#endif - - if (cipher->mode == QCRYPTO_CIPHER_MODE_CTR) { - err = gcry_cipher_setctr(ctx->handle, iv, niv); - if (err != 0) { - error_setg(errp, "Cannot set Counter: %s", - gcry_strerror(err)); - return -1; - } - } else { - gcry_cipher_reset(ctx->handle); - err = gcry_cipher_setiv(ctx->handle, iv, niv); - if (err != 0) { - error_setg(errp, "Cannot set IV: %s", - gcry_strerror(err)); - return -1; - } - } - - return 0; -} - - -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = { - .cipher_encrypt = qcrypto_gcrypt_cipher_encrypt, - .cipher_decrypt = qcrypto_gcrypt_cipher_decrypt, - .cipher_setiv = qcrypto_gcrypt_cipher_setiv, - .cipher_free = qcrypto_gcrypt_cipher_ctx_free, -};