diff options
Diffstat (limited to 'backends/cryptodev-builtin.c')
| -rw-r--r-- | backends/cryptodev-builtin.c | 69 |
1 files changed, 54 insertions, 15 deletions
diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c index eda954b2a2..82a068e792 100644 --- a/backends/cryptodev-builtin.c +++ b/backends/cryptodev-builtin.c @@ -94,6 +94,8 @@ static void cryptodev_builtin_init( backend->conf.max_size = LONG_MAX - sizeof(CryptoDevBackendSymOpInfo); backend->conf.max_cipher_key_len = CRYPTODEV_BUITLIN_MAX_CIPHER_KEY_LEN; backend->conf.max_auth_key_len = CRYPTODEV_BUITLIN_MAX_AUTH_KEY_LEN; + + cryptodev_backend_set_ready(backend, true); } static int @@ -111,23 +113,42 @@ cryptodev_builtin_get_unused_session_index( return -1; } +#define AES_KEYSIZE_128 16 +#define AES_KEYSIZE_192 24 +#define AES_KEYSIZE_256 32 +#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256 +#define AES_KEYSIZE_256_XTS 64 + static int -cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp) +cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp) { int algo; - if (key_len == 128 / 8) { + if (key_len == AES_KEYSIZE_128) { algo = QCRYPTO_CIPHER_ALG_AES_128; - } else if (key_len == 192 / 8) { + } else if (key_len == AES_KEYSIZE_192) { algo = QCRYPTO_CIPHER_ALG_AES_192; - } else if (key_len == 256 / 8) { - algo = QCRYPTO_CIPHER_ALG_AES_256; + } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */ + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_128; + } else { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } + } else if (key_len == AES_KEYSIZE_256_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } else { + goto err; + } } else { - error_setg(errp, "Unsupported key length :%u", key_len); - return -1; + goto err; } return algo; + +err: + error_setg(errp, "Unsupported key length :%u", key_len); + return -1; } static int cryptodev_builtin_create_cipher_session( @@ -155,32 +176,48 @@ static int cryptodev_builtin_create_cipher_session( switch (sess_info->cipher_alg) { case VIRTIO_CRYPTO_CIPHER_AES_ECB: + mode = QCRYPTO_CIPHER_MODE_ECB; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_ECB; break; case VIRTIO_CRYPTO_CIPHER_AES_CBC: + mode = QCRYPTO_CIPHER_MODE_CBC; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CBC; break; case VIRTIO_CRYPTO_CIPHER_AES_CTR: + mode = QCRYPTO_CIPHER_MODE_CTR; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); + if (algo < 0) { + return -1; + } + break; + case VIRTIO_CRYPTO_CIPHER_AES_XTS: + mode = QCRYPTO_CIPHER_MODE_XTS; + algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CTR; break; - case VIRTIO_CRYPTO_CIPHER_DES_ECB: - algo = QCRYPTO_CIPHER_ALG_DES_RFB; + case VIRTIO_CRYPTO_CIPHER_3DES_ECB: mode = QCRYPTO_CIPHER_MODE_ECB; + algo = QCRYPTO_CIPHER_ALG_3DES; + break; + case VIRTIO_CRYPTO_CIPHER_3DES_CBC: + mode = QCRYPTO_CIPHER_MODE_CBC; + algo = QCRYPTO_CIPHER_ALG_3DES; + break; + case VIRTIO_CRYPTO_CIPHER_3DES_CTR: + mode = QCRYPTO_CIPHER_MODE_CTR; + algo = QCRYPTO_CIPHER_ALG_3DES; break; default: error_setg(errp, "Unsupported cipher alg :%u", @@ -331,6 +368,8 @@ static void cryptodev_builtin_cleanup( backend->conf.peers.ccs[i] = NULL; } } + + cryptodev_backend_set_ready(backend, false); } static void |