diff options
author | Peter Maydell <peter.maydell@linaro.org> | 2017-01-06 15:18:09 +0000 |
---|---|---|
committer | Peter Maydell <peter.maydell@linaro.org> | 2017-01-06 15:18:09 +0000 |
commit | ffe22bf51065dd33022cf91f77a821d1f11c250d (patch) | |
tree | 4755562a749e76664c125bad81aeb19e4cbf9a84 | |
parent | a01b1e9a005d523ec6452ec7137885d11f8a30df (diff) | |
parent | 48ae36c0ad16bb757d4f6e243b8e9072fc8e8c8e (diff) |
Merge remote-tracking branch 'remotes/gonglei/tags/cryptodev-next-20161224' into staging
cryptodev patches
- add xts mode support
- add 3DES algorithm support
- other trivial fixes
# gpg: Signature made Sat 24 Dec 2016 05:56:44 GMT
# gpg: using RSA key 0x2ED7FDE9063C864D
# gpg: Good signature from "Gonglei <arei.gonglei@huawei.com>"
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: 3EF1 8E53 3459 E6D1 963A 3C05 2ED7 FDE9 063C 864D
* remotes/gonglei/tags/cryptodev-next-20161224:
cryptodev: add 3des-ede support
cryptodev: remove single-DES support in cryptodev
cryptodev: add xts(aes) support
cryptodev: fix the check of aes algorithm
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
-rw-r--r-- | backends/cryptodev-builtin.c | 65 |
1 files changed, 50 insertions, 15 deletions
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c index eda954b2a2..486b4a62bc 100644 --- a/backends/cryptodev-builtin.c +++ b/backends/cryptodev-builtin.c @@ -111,23 +111,42 @@ cryptodev_builtin_get_unused_session_index( return -1; } +#define AES_KEYSIZE_128 16 +#define AES_KEYSIZE_192 24 +#define AES_KEYSIZE_256 32 +#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256 +#define AES_KEYSIZE_256_XTS 64 + static int -cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp) +cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp) { int algo; - if (key_len == 128 / 8) { + if (key_len == AES_KEYSIZE_128) { algo = QCRYPTO_CIPHER_ALG_AES_128; - } else if (key_len == 192 / 8) { + } else if (key_len == AES_KEYSIZE_192) { algo = QCRYPTO_CIPHER_ALG_AES_192; - } else if (key_len == 256 / 8) { - algo = QCRYPTO_CIPHER_ALG_AES_256; + } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */ + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_128; + } else { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } + } else if (key_len == AES_KEYSIZE_256_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } else { + goto err; + } } else { - error_setg(errp, "Unsupported key length :%u", key_len); - return -1; + goto err; } return algo; + +err: + error_setg(errp, "Unsupported key length :%u", key_len); + return -1; } static int cryptodev_builtin_create_cipher_session( @@ -155,32 +174,48 @@ static int cryptodev_builtin_create_cipher_session( switch (sess_info->cipher_alg) { case VIRTIO_CRYPTO_CIPHER_AES_ECB: + mode = QCRYPTO_CIPHER_MODE_ECB; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_ECB; break; case VIRTIO_CRYPTO_CIPHER_AES_CBC: + mode = QCRYPTO_CIPHER_MODE_CBC; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CBC; break; case VIRTIO_CRYPTO_CIPHER_AES_CTR: + mode = QCRYPTO_CIPHER_MODE_CTR; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CTR; break; - case VIRTIO_CRYPTO_CIPHER_DES_ECB: - algo = QCRYPTO_CIPHER_ALG_DES_RFB; + case VIRTIO_CRYPTO_CIPHER_AES_XTS: + mode = QCRYPTO_CIPHER_MODE_XTS; + algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, + mode, errp); + if (algo < 0) { + return -1; + } + break; + case VIRTIO_CRYPTO_CIPHER_3DES_ECB: mode = QCRYPTO_CIPHER_MODE_ECB; + algo = QCRYPTO_CIPHER_ALG_3DES; + break; + case VIRTIO_CRYPTO_CIPHER_3DES_CBC: + mode = QCRYPTO_CIPHER_MODE_CBC; + algo = QCRYPTO_CIPHER_ALG_3DES; + break; + case VIRTIO_CRYPTO_CIPHER_3DES_CTR: + mode = QCRYPTO_CIPHER_MODE_CTR; + algo = QCRYPTO_CIPHER_ALG_3DES; break; default: error_setg(errp, "Unsupported cipher alg :%u", |