summaryrefslogtreecommitdiffstats
path: root/crypto
Commit message (Collapse)AuthorAgeFilesLines
* crypto: Make block callbacks return 0 on successAlberto Faria2022-07-122-7/+7
| | | | | | | | | | | | | They currently return the value of their headerlen/buflen parameter on success. Returning 0 instead makes it clear that short reads/writes are not possible. Signed-off-by: Alberto Faria <afaria@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com> Message-Id: <20220609152744.3891847-5-afaria@redhat.com> Reviewed-by: Hanna Reitz <hreitz@redhat.com> Signed-off-by: Hanna Reitz <hreitz@redhat.com>
* test/crypto: Add test suite for crypto akcipherLei He2022-05-261-7/+7
| | | | | | | | Add unit test and benchmark test for crypto akcipher. Signed-off-by: lei he <helei.sig11@bytedance.com> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Implement RSA algorithm by gcryptLei He2022-05-262-1/+598
| | | | | | | | | Added gcryt implementation of RSA algorithm, RSA algorithm implemented by gcrypt has a higher priority than nettle because it supports raw padding. Signed-off-by: lei he <helei.sig11@bytedance.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Implement RSA algorithm by hogweedLei He2022-05-267-0/+953
| | | | | | | | | | Implement RSA algorithm by hogweed from nettle. Thus QEMU supports a 'real' RSA backend to handle request from guest side. It's important to test RSA offload case without OS & hardware requirement. Signed-off-by: lei he <helei.sig11@bytedance.com> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: add ASN.1 DER decoderLei He2022-05-263-0/+271
| | | | | | | | | Add an ANS.1 DER decoder which is used to parse asymmetric cipher keys Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: lei he <helei.sig11@bytedance.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Introduce akcipher crypto classzhenwei pi2022-05-263-0/+158
| | | | | | | | | | | | | Introduce new akcipher crypto class 'QCryptoAkCIpher', which supports basic asymmetric operations: encrypt, decrypt, sign and verify. Suggested by Daniel P. Berrangé, also add autoptr cleanup for the new class. Thanks to Daniel! Co-developed-by: lei he <helei.sig11@bytedance.com> Signed-off-by: lei he <helei.sig11@bytedance.com> Signed-off-by: zhenwei pi <pizhenwei@bytedance.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: make loaded property read-onlyPaolo Bonzini2022-05-144-99/+49Star
| | | | | | | | | | | The ``loaded=on`` option in the command line or QMP ``object-add`` either had no effect (if ``loaded`` was the last option) or caused options to be effectively ignored as if they were not given. The property is therefore useless and was deprecated in 6.0; make it read-only now. The patch is best reviewed with "-b". Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Clean up ill-advised or unusual header guardsMarkus Armbruster2022-05-111-3/+3
| | | | | | | | | | | | | | | | | | Leading underscores are ill-advised because such identifiers are reserved. Trailing underscores are merely ugly. Strip both. Our header guards commonly end in _H. Normalize the exceptions. Macros should be ALL_CAPS. Normalize the exception. Done with scripts/clean-header-guards.pl. include/hw/xen/interface/ and tools/virtiofsd/ left alone, because these were imported from Xen and libfuse respectively. Signed-off-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20220506134911.2856099-3-armbru@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
* crypto: move sm4_sbox from target/armWeiwei Li2022-04-292-0/+50
| | | | | | | | | | | | - share it between target/arm and target/riscv Signed-off-by: Weiwei Li <liweiwei@iscas.ac.cn> Signed-off-by: Junqiang Wang <wangjunqiang@iscas.ac.cn> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Alistair Francis <alistair.francis@wdc.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Message-Id: <20220423023510.30794-6-liweiwei@iscas.ac.cn> Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
* meson, configure: move keyctl test to mesonPaolo Bonzini2022-04-281-1/+3
| | | | | Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Remove qemu-common.h include from most unitsMarc-André Lureau2022-04-062-2/+0Star
| | | | | | Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Message-Id: <20220323155743.1585078-33-marcandre.lureau@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* Drop qemu_foo() socket API wrapperMarc-André Lureau2022-03-222-4/+4
| | | | | | | | | | The socket API wrappers were initially introduced in commit 00aa0040 ("Wrap recv to avoid warnings"), but made redundant with commit a2d96af4 ("osdep: add wrappers for socket functions") which fixes the win32 declarations and thus removed the earlier warnings. Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
* crypto: mandate a hostname when checking x509 creds on a clientDaniel P. Berrangé2022-03-071-0/+6
| | | | | | | | | | | | | | | | | | Currently the TLS session object assumes that the caller will always provide a hostname when using x509 creds on a client endpoint. This relies on the caller to detect and report an error if the user has configured QEMU with x509 credentials on a UNIX socket. The migration code has such a check, but it is too broad, reporting an error when the user has configured QEMU with PSK credentials on a UNIX socket, where hostnames are irrelevant. Putting the check into the TLS session object credentials validation code ensures we report errors in only the scenario that matters. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20220304193610.3293146-2-berrange@redhat.com> Signed-off-by: Eric Blake <eblake@redhat.com>
* configure, meson: move some default-disabled options to meson_options.txtPaolo Bonzini2022-02-211-1/+1
| | | | | | | These do not depend on --with-default-features, so they become booleans in meson too. Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* configure, meson: move AF_ALG test to mesonPaolo Bonzini2022-02-211-1/+3
| | | | Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* crypto: add gnutls pbkdf providerDaniel P. Berrangé2021-07-142-1/+91
| | | | | | | | This adds support for using gnutls as a provider of the crypto pbkdf APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: add gnutls hmac providerDaniel P. Berrangé2021-07-141-0/+139
| | | | | | | | This adds support for using gnutls as a provider of the crypto hmac APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: add gnutls hash providerDaniel P. Berrangé2021-07-142-0/+106
| | | | | | | | This adds support for using gnutls as a provider of the crypto hash APIs. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: add gnutls cipher providerDaniel P. Berrangé2021-07-142-0/+337
| | | | | | | | | | Add an implementation of the QEMU cipher APIs to the gnutls crypto backend. XTS support is only available for gnutls version >= 3.6.8. Since ECB mode is not exposed by gnutls APIs, we can't use the private XTS code for compatibility. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: introduce build system for gnutls crypto backendDaniel P. Berrangé2021-07-141-0/+3
| | | | | | | | | | | This introduces the build logic needed to decide whether we can use gnutls as a crypto driver backend. The actual implementations will be introduced in following patches. We only wish to use gnutls if it has version 3.6.14 or newer, because that is what finally brings HW accelerated AES-XTS mode for x86_64. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: replace 'des-rfb' cipher with 'des'Daniel P. Berrangé2021-07-143-51/+19Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the crypto layer exposes support for a 'des-rfb' algorithm which is just normal single-DES, with the bits in each key byte reversed. This special key munging is required by the RFB protocol password authentication mechanism. Since the crypto layer is generic shared code, it makes more sense to do the key byte munging in the VNC server code, and expose normal single-DES support. Replacing cipher 'des-rfb' by 'des' looks like an incompatible interface change, but it doesn't matter. While the QMP schema allows any QCryptoCipherAlgorithm for the 'cipher-alg' field in QCryptoBlockCreateOptionsLUKS, the code restricts what can be used at runtime. Thus the only effect is a change in error message. Original behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-rfb qemu-img: demo.luks: Algorithm 'des-rfb' not supported New behaviour: $ qemu-img create -f luks --object secret,id=sec0,data=123 -o cipher-alg=des-rfb,key-secret=sec0 demo.luks 1G Formatting 'demo.luks', fmt=luks size=1073741824 key-secret=sec0 cipher-alg=des-fish qemu-img: demo.luks: Invalid parameter 'des-rfb' Reviewed-by: Markus Armbruster <armbru@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: delete built-in XTS cipher mode supportDaniel P. Berrangé2021-07-142-63/+3Star
| | | | | | | | | | | | The built-in AES+XTS implementation is used for the LUKS encryption When building system emulators it is reasonable to expect that an external crypto library is being used instead. The performance of the builtin XTS implementation is terrible as it has no CPU acceleration support. It is thus not worth keeping a home grown XTS implementation for the built-in cipher backend. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: delete built-in DES implementationDaniel P. Berrangé2021-07-143-489/+0Star
| | | | | | | | | | The built-in DES implementation is used for the VNC server password authentication scheme. When building system emulators it is reasonable to expect that an external crypto library is being used. It is thus not worth keeping a home grown DES implementation in tree. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: drop custom XTS support in gcrypt driverDaniel P. Berrangé2021-07-141-127/+0Star
| | | | | | | | The XTS cipher mode was introduced in gcrypt 1.8.0, which matches QEMU's current minimum version. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: drop gcrypt thread initialization codeDaniel P. Berrangé2021-07-141-62/+0Star
| | | | | | | | | | | | | | This is only required on gcrypt < 1.6.0, and is thus obsolete since commit b33a84632a3759c00320fd80923aa963c11207fc Author: Daniel P. Berrangé <berrange@redhat.com> Date: Fri May 14 13:04:08 2021 +0100 crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 support Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Make QCryptoTLSCreds* structures privatePhilippe Mathieu-Daudé2021-06-296-0/+58
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Code consuming the "crypto/tlscreds*.h" APIs doesn't need to access its internals. Move the structure definitions to the "tlscredspriv.h" private header (only accessible by implementations). The public headers (in include/) still forward-declare the structures typedef. Note, tlscreds.c and 3 of the 5 modified source files already include "tlscredspriv.h", so only add it to tls-cipher-suites.c and tlssession.c. Removing the internals from the public header solves a bug introduced by commit 7de2e856533 ("yank: Unregister function when using TLS migration") which made migration/qemu-file-channel.c include "io/channel-tls.h", itself sometime depends on GNUTLS, leading to a build failure on OSX: [2/35] Compiling C object libmigration.fa.p/migration_qemu-file-channel.c.o FAILED: libmigration.fa.p/migration_qemu-file-channel.c.o cc -Ilibmigration.fa.p -I. -I.. -Iqapi [ ... ] -o libmigration.fa.p/migration_qemu-file-channel.c.o -c ../migration/qemu-file-channel.c In file included from ../migration/qemu-file-channel.c:29: In file included from include/io/channel-tls.h:26: In file included from include/crypto/tlssession.h:24: include/crypto/tlscreds.h:28:10: fatal error: 'gnutls/gnutls.h' file not found #include <gnutls/gnutls.h> ^~~~~~~~~~~~~~~~~ 1 error generated. Reported-by: Stefan Weil <sw@weilnetz.de> Suggested-by: Daniel P. Berrangé <berrange@redhat.com> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/407 Fixes: 7de2e856533 ("yank: Unregister function when using TLS migration") Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/tlscreds: Introduce qcrypto_tls_creds_check_endpoint() helperPhilippe Mathieu-Daudé2021-06-291-0/+12
| | | | | | | | | Introduce the qcrypto_tls_creds_check_endpoint() helper to access QCryptoTLSCreds internal 'endpoint' field. Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* configure, meson: convert crypto detection to mesonPaolo Bonzini2021-06-251-29/+12Star
| | | | | | Reviewed-by: Richard Henderson <richard.henderson@liaro.org> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* crypto: drop used conditional checkDaniel P. Berrangé2021-06-021-2/+0Star
| | | | | | | | | | | The condition being tested has never been set since the day the code was first introduced. Reviewed-by: Willian Rampazzo <willianr@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-8-berrange@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
* crypto: bump min gcrypt to 1.8.0, dropping RHEL-7 supportDaniel P. Berrangé2021-06-021-5/+1Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | It has been over two years since RHEL-8 was released, and thus per the platform build policy, we no longer need to support RHEL-7 as a build target. This lets us increment the minimum required gcrypt version and assume that HMAC is always supported Per repology, current shipping versions are: RHEL-8: 1.8.5 Debian Buster: 1.8.4 openSUSE Leap 15.2: 1.8.2 Ubuntu LTS 18.04: 1.8.1 Ubuntu LTS 20.04: 1.8.5 FreeBSD: 1.9.2 Fedora 33: 1.8.6 Fedora 34: 1.9.3 OpenBSD: 1.9.3 macOS HomeBrew: 1.9.3 Ubuntu LTS 18.04 has the oldest version and so 1.8.0 is the new minimum. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-6-berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> [thuth: rebased to use .gitlab-ci.d/buildtest.yml] Signed-off-by: Thomas Huth <thuth@redhat.com>
* crypto: drop back compatibility typedefs for nettleDaniel P. Berrangé2021-06-023-44/+30Star
| | | | | | | | | | | | Now that we only support modern nettle, we don't need to have local typedefs to mask the real nettle types. Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-5-berrange@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
* crypto: bump min nettle to 3.4, dropping RHEL-7 supportDaniel P. Berrangé2021-06-023-39/+0Star
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | It has been over two years since RHEL-8 was released, and thus per the platform build policy, we no longer need to support RHEL-7 as a build target. This lets us increment the minimum required nettle version and drop a lot of backwards compatibility code for 2.x series of nettle. Per repology, current shipping versions are: RHEL-8: 3.4.1 Debian Buster: 3.4.1 openSUSE Leap 15.2: 3.4.1 Ubuntu LTS 18.04: 3.4 Ubuntu LTS 20.04: 3.5.1 FreeBSD: 3.7.2 Fedora 33: 3.5.1 Fedora 34: 3.7.2 OpenBSD: 3.7.2 macOS HomeBrew: 3.7.2 Ubuntu LTS 18.04 has the oldest version and so 3.4 is the new minimum. Signed-off-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210514120415.1368922-4-berrange@redhat.com> Reviewed-by: Thomas Huth <thuth@redhat.com> Reviewed-by: Willian Rampazzo <willianr@redhat.com> [thuth: rebased to use .gitlab-ci.d/buildtest.yml] Signed-off-by: Thomas Huth <thuth@redhat.com>
* docs: fix references to docs/devel/tracing.rstStefano Garzarella2021-06-021-1/+1
| | | | | | | | | | | | | | | Commit e50caf4a5c ("tracing: convert documentation to rST") converted docs/devel/tracing.txt to docs/devel/tracing.rst. We still have several references to the old file, so let's fix them with the following command: sed -i s/tracing.txt/tracing.rst/ $(git grep -l docs/devel/tracing.txt) Signed-off-by: Stefano Garzarella <sgarzare@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20210517151702.109066-2-sgarzare@redhat.com> Signed-off-by: Thomas Huth <thuth@redhat.com>
* crypto: add reload for QCryptoTLSCredsClassZihao Chang2021-03-231-0/+48
| | | | | | | | | | This patch adds reload interface for QCryptoTLSCredsClass and implements the interface for QCryptoTLSCredsX509. Signed-off-by: Zihao Chang <changzihao1@huawei.com> Acked-by: Daniel P. Berrangé <berrange@redhat.com> Message-Id: <20210316075845.1476-2-changzihao1@huawei.com> Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
* crypto: Add spaces around operatorshiliyang2021-01-292-3/+3
| | | | | | | | | I am reading crypto related code, find some code style problems while using checkpatch.pl to check crypto folder. Fix the error style problems. Signed-off-by: Liyang Shi <shiliyang@huawei.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Fix memory leaks in set_loaded for tls-*Kevin Wolf2021-01-293-6/+3Star
| | | | | | | | | | If you set the loaded property to true when it was already true, the state is overwritten without freeing the old state first. Change the set_loaded callback so that it always frees the old state (which is a no-op if nothing was loaded) and only then load if requestsd. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Forbid broken unloading of secretsKevin Wolf2021-01-291-3/+3
| | | | | | | | | | | | | | | | | | qcrypto_secret_prop_set_loaded() forgets to reset secret->rawdata after unloading a secret, which will lead to a double free at some point. Because there is no use case for unloading an already loaded secret (apart from deleting the whole secret object) and we know that nobody could use this because it would lead to crashes, let's just forbid the operation instead of fixing the unloading. Eventually, we'll want to get rid of 'loaded' in the external interface, but for the meantime this is more consistent with rng, which has a similar property 'opened' that also can't be reset to false after it became true. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Move USER_CREATABLE to secret_common base classKevin Wolf2021-01-293-28/+15Star
| | | | | | | | | Instead of duplicating the code for user creatable objects in secret and secret_keyring, move it to the common base clase secret_common. As the base class is abstract, it won't become user creatable itself. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Fix some code style problems, add spaces around operatorshiliyang2021-01-293-3/+3
| | | | | | | | | | | This patch fixes error style problems found by checkpatch.pl: ERROR: spaces required around that '*' ERROR: space required after that ',' ERROR: spaces required around that '|' Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Liyang Shi <shiliyang@huawei.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* qapi: Use QAPI_LIST_APPEND in trivial casesEric Blake2021-01-281-6/+3Star
| | | | | | | | | | | | The easiest spots to use QAPI_LIST_APPEND are where we already have an obvious pointer to the tail of a list. While at it, consistently use the variable name 'tail' for that purpose. Signed-off-by: Eric Blake <eblake@redhat.com> Reviewed-by: Vladimir Sementsov-Ogievskiy <vsementsov@virtuozzo.com> Reviewed-by: Markus Armbruster <armbru@redhat.com> Message-Id: <20210113221013.390592-5-eblake@redhat.com> Signed-off-by: Markus Armbruster <armbru@redhat.com>
* crypto: Move the creation of the library to the main meson.buildPhilippe Mathieu-Daudé2020-10-121-10/+0Star
| | | | | | | | | Be consistent creating all the libraries in the main meson.build file. Suggested-by: Paolo Bonzini <pbonzini@redhat.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20201006125602.2311423-8-philmd@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
* qom: Remove ParentClassType argument from OBJECT_DECLARE_SIMPLE_TYPEEduardo Habkost2020-09-181-1/+0Star
| | | | | | | | | | | | | | | The requirement to specify the parent class type makes the macro harder to use and easy to misuse (silent bugs can be introduced if the wrong struct type is specified). Simplify the macro by just not declaring any class struct, allowing us to remove the class_size field from the TypeInfo variables for those types. Signed-off-by: Eduardo Habkost <ehabkost@redhat.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Message-Id: <20200916182519.415636-3-ehabkost@redhat.com> Signed-off-by: Eduardo Habkost <ehabkost@redhat.com>
* crypto/gcrypt: Split QCryptoCipherGcrypt into subclassesRichard Henderson2020-09-101-255/+238Star
| | | | | | | | | | | With gcrypt, most of the dispatch happens in the library, so there aren't many classes to create. However, we can still create separate dispatch for CTR mode, and for CONFIG_QEMU_PRIVATE_XTS, which avoids needing to check for these modes at runtime. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/nettle: Split QCryptoCipherNettle into subclassesRichard Henderson2020-09-101-488/+511
| | | | | | | | | | | | Use separate classes for each cipher entry point: des_rfb, des3, aes128, aes192, aes256, cast128, serpent, and twofish. Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS. This eliminates unreachable wrappers for DES_RFB, DES3 and CAST128, which have blocksizes that do not allow XTS mode. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/builtin: Split QCryptoCipherBuiltin into subclassesRichard Henderson2020-09-101-309/+210Star
| | | | | | | | | We had a second set of function pointers in QCryptoCipherBuiltin, which are redundant with QCryptoCipherDriver. Split the AES and DES implementations to avoid one level of indirection. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/builtin: Split and simplify AES_encrypt_cbcRichard Henderson2020-09-101-56/+43Star
| | | | | | | | | | | | Split into encrypt/decrypt functions, dropping the "enc" argument. Now that the function is private to this file, we know that "len" is a multiple of AES_BLOCK_SIZE. So drop the odd block size code. Name the functions do_aes_*crypt_cbc to match the *_ecb functions. Reorder and re-type the arguments to match as well. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.cRichard Henderson2020-09-102-51/+56
| | | | | | | | | | By making the function private, we will be able to make further simplifications. Re-indent the migrated code and fix the missing braces for CODING_STYLE. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/builtin: Merge qcrypto_cipher_aes_{ecb,xts}_{en,de}cryptRichard Henderson2020-09-101-51/+22Star
| | | | | | | | | | | There's no real reason we need two separate helper functions here. Standardize on the function signature required for xts_encrypt. Rename to do_aes_{en,de}crypt_ecb, since the helper does not itself do anything with respect to xts. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto/builtin: Remove odd-sized AES block handlingRichard Henderson2020-09-101-28/+12Star
| | | | | | | | | We verified that the data block is properly sized modulo AES_BLOCK_SIZE within qcrypto_builtin_cipher_{en,de}crypt. Therefore we will never have to handle odd sized blocks. Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
* crypto: Constify cipher data tablesRichard Henderson2020-09-101-3/+3
| | | | | | Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Signed-off-by: Richard Henderson <richard.henderson@linaro.org> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>