diff options
| -rw-r--r-- | block/crypto.c | 25 | ||||
| -rw-r--r-- | crypto/cipher-builtin.c | 10 | ||||
| -rw-r--r-- | crypto/secret.c | 5 | ||||
| -rw-r--r-- | tests/benchmark-crypto-hash.c | 73 |
4 files changed, 87 insertions, 26 deletions
diff --git a/block/crypto.c b/block/crypto.c index ca44dae4f7..6b21d6bf6c 100644 --- a/block/crypto.c +++ b/block/crypto.c @@ -104,18 +104,35 @@ static ssize_t block_crypto_init_func(QCryptoBlock *block, Error **errp) { struct BlockCryptoCreateData *data = opaque; + Error *local_error = NULL; + int ret; if (data->size > INT64_MAX || headerlen > INT64_MAX - data->size) { - error_setg(errp, "The requested file size is too large"); - return -EFBIG; + ret = -EFBIG; + goto error; } /* User provided size should reflect amount of space made * available to the guest, so we must take account of that * which will be used by the crypto header */ - return blk_truncate(data->blk, data->size + headerlen, false, - data->prealloc, 0, errp); + ret = blk_truncate(data->blk, data->size + headerlen, false, + data->prealloc, 0, &local_error); + + if (ret >= 0) { + return ret; + } + +error: + if (ret == -EFBIG) { + /* Replace the error message with a better one */ + error_free(local_error); + error_setg(errp, "The requested file size is too large"); + } else { + error_propagate(errp, local_error); + } + + return ret; } diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c index bf8413e71a..35cf7820d9 100644 --- a/crypto/cipher-builtin.c +++ b/crypto/cipher-builtin.c @@ -74,7 +74,7 @@ static void qcrypto_cipher_free_aes(QCryptoCipher *cipher) } -static void qcrypto_cipher_aes_ecb_encrypt(AES_KEY *key, +static void qcrypto_cipher_aes_ecb_encrypt(const AES_KEY *key, const void *in, void *out, size_t len) @@ -100,7 +100,7 @@ static void qcrypto_cipher_aes_ecb_encrypt(AES_KEY *key, } -static void qcrypto_cipher_aes_ecb_decrypt(AES_KEY *key, +static void qcrypto_cipher_aes_ecb_decrypt(const AES_KEY *key, const void *in, void *out, size_t len) @@ -133,8 +133,7 @@ static void qcrypto_cipher_aes_xts_encrypt(const void *ctx, { const QCryptoCipherBuiltinAESContext *aesctx = ctx; - qcrypto_cipher_aes_ecb_encrypt((AES_KEY *)&aesctx->enc, - src, dst, length); + qcrypto_cipher_aes_ecb_encrypt(&aesctx->enc, src, dst, length); } @@ -145,8 +144,7 @@ static void qcrypto_cipher_aes_xts_decrypt(const void *ctx, { const QCryptoCipherBuiltinAESContext *aesctx = ctx; - qcrypto_cipher_aes_ecb_decrypt((AES_KEY *)&aesctx->dec, - src, dst, length); + qcrypto_cipher_aes_ecb_decrypt(&aesctx->dec, src, dst, length); } diff --git a/crypto/secret.c b/crypto/secret.c index 1cf0ad0ce8..a846a3c87c 100644 --- a/crypto/secret.c +++ b/crypto/secret.c @@ -204,7 +204,7 @@ qcrypto_secret_prop_set_loaded(Object *obj, input = output; inputlen = outputlen; } else { - if (secret->format != QCRYPTO_SECRET_FORMAT_RAW) { + if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) { qcrypto_secret_decode(input, inputlen, &output, &outputlen, &local_err); g_free(input); @@ -221,6 +221,7 @@ qcrypto_secret_prop_set_loaded(Object *obj, secret->rawlen = inputlen; } else { g_free(secret->rawdata); + secret->rawdata = NULL; secret->rawlen = 0; } } @@ -231,7 +232,7 @@ qcrypto_secret_prop_get_loaded(Object *obj, Error **errp G_GNUC_UNUSED) { QCryptoSecret *secret = QCRYPTO_SECRET(obj); - return secret->data != NULL; + return secret->rawdata != NULL; } diff --git a/tests/benchmark-crypto-hash.c b/tests/benchmark-crypto-hash.c index 7f659f7323..d16837d00a 100644 --- a/tests/benchmark-crypto-hash.c +++ b/tests/benchmark-crypto-hash.c @@ -15,9 +15,14 @@ #include "crypto/init.h" #include "crypto/hash.h" +typedef struct QCryptoHashOpts { + size_t chunk_size; + QCryptoHashAlgorithm alg; +} QCryptoHashOpts; + static void test_hash_speed(const void *opaque) { - size_t chunk_size = (size_t)opaque; + const QCryptoHashOpts *opts = opaque; uint8_t *in = NULL, *out = NULL; size_t out_len = 0; const size_t total = 2 * GiB; @@ -25,26 +30,24 @@ static void test_hash_speed(const void *opaque) struct iovec iov; int ret; - in = g_new0(uint8_t, chunk_size); - memset(in, g_test_rand_int(), chunk_size); + in = g_new0(uint8_t, opts->chunk_size); + memset(in, g_test_rand_int(), opts->chunk_size); iov.iov_base = (char *)in; - iov.iov_len = chunk_size; + iov.iov_len = opts->chunk_size; g_test_timer_start(); remain = total; while (remain) { - ret = qcrypto_hash_bytesv(QCRYPTO_HASH_ALG_SHA256, + ret = qcrypto_hash_bytesv(opts->alg, &iov, 1, &out, &out_len, NULL); g_assert(ret == 0); - remain -= chunk_size; + remain -= opts->chunk_size; } g_test_timer_elapsed(); - g_print("sha256: "); - g_print("Hash %zu GB chunk size %zu bytes ", total / GiB, chunk_size); g_print("%.2f MB/sec ", (double)total / MiB / g_test_timer_last()); g_free(out); @@ -53,17 +56,59 @@ static void test_hash_speed(const void *opaque) int main(int argc, char **argv) { - size_t i; char name[64]; g_test_init(&argc, &argv, NULL); g_assert(qcrypto_init(NULL) == 0); - for (i = 512; i <= 64 * KiB; i *= 2) { - memset(name, 0 , sizeof(name)); - snprintf(name, sizeof(name), "/crypto/hash/speed-%zu", i); - g_test_add_data_func(name, (void *)i, test_hash_speed); - } +#define TEST_ONE(a, c) \ + QCryptoHashOpts opts ## a ## c = { \ + .alg = QCRYPTO_HASH_ALG_ ## a, .chunk_size = c, \ + }; \ + memset(name, 0 , sizeof(name)); \ + snprintf(name, sizeof(name), \ + "/crypto/benchmark/hash/%s/bufsize-%d", \ + QCryptoHashAlgorithm_str(QCRYPTO_HASH_ALG_ ## a), \ + c); \ + if (qcrypto_hash_supports(QCRYPTO_HASH_ALG_ ## a)) \ + g_test_add_data_func(name, \ + &opts ## a ## c, \ + test_hash_speed); + + TEST_ONE(MD5, 512); + TEST_ONE(MD5, 1024); + TEST_ONE(MD5, 4096); + TEST_ONE(MD5, 16384); + + TEST_ONE(SHA1, 512); + TEST_ONE(SHA1, 1024); + TEST_ONE(SHA1, 4096); + TEST_ONE(SHA1, 16384); + + TEST_ONE(SHA224, 512); + TEST_ONE(SHA224, 1024); + TEST_ONE(SHA224, 4096); + TEST_ONE(SHA224, 16384); + + TEST_ONE(SHA384, 512); + TEST_ONE(SHA384, 1024); + TEST_ONE(SHA384, 4096); + TEST_ONE(SHA384, 16384); + + TEST_ONE(SHA256, 512); + TEST_ONE(SHA256, 1024); + TEST_ONE(SHA256, 4096); + TEST_ONE(SHA256, 16384); + + TEST_ONE(SHA512, 512); + TEST_ONE(SHA512, 1024); + TEST_ONE(SHA512, 4096); + TEST_ONE(SHA512, 16384); + + TEST_ONE(RIPEMD160, 512); + TEST_ONE(RIPEMD160, 1024); + TEST_ONE(RIPEMD160, 4096); + TEST_ONE(RIPEMD160, 16384); return g_test_run(); } |