21
#include "qemu/osdep.h"
22
#include "qemu/host-utils.h"
23
#include "qapi/error.h"
24
#include "crypto/cipher.h"
25
#include "cipherpriv.h"
28
static const size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = {
29
[QCRYPTO_CIPHER_ALG_AES_128] = 16,
30
[QCRYPTO_CIPHER_ALG_AES_192] = 24,
31
[QCRYPTO_CIPHER_ALG_AES_256] = 32,
32
[QCRYPTO_CIPHER_ALG_DES] = 8,
33
[QCRYPTO_CIPHER_ALG_3DES] = 24,
34
[QCRYPTO_CIPHER_ALG_CAST5_128] = 16,
35
[QCRYPTO_CIPHER_ALG_SERPENT_128] = 16,
36
[QCRYPTO_CIPHER_ALG_SERPENT_192] = 24,
37
[QCRYPTO_CIPHER_ALG_SERPENT_256] = 32,
38
[QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
39
[QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24,
40
[QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32,
41
#ifdef CONFIG_CRYPTO_SM4
42
[QCRYPTO_CIPHER_ALG_SM4] = 16,
46
static const size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = {
47
[QCRYPTO_CIPHER_ALG_AES_128] = 16,
48
[QCRYPTO_CIPHER_ALG_AES_192] = 16,
49
[QCRYPTO_CIPHER_ALG_AES_256] = 16,
50
[QCRYPTO_CIPHER_ALG_DES] = 8,
51
[QCRYPTO_CIPHER_ALG_3DES] = 8,
52
[QCRYPTO_CIPHER_ALG_CAST5_128] = 8,
53
[QCRYPTO_CIPHER_ALG_SERPENT_128] = 16,
54
[QCRYPTO_CIPHER_ALG_SERPENT_192] = 16,
55
[QCRYPTO_CIPHER_ALG_SERPENT_256] = 16,
56
[QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16,
57
[QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16,
58
[QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16,
59
#ifdef CONFIG_CRYPTO_SM4
60
[QCRYPTO_CIPHER_ALG_SM4] = 16,
64
static const bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = {
65
[QCRYPTO_CIPHER_MODE_ECB] = false,
66
[QCRYPTO_CIPHER_MODE_CBC] = true,
67
[QCRYPTO_CIPHER_MODE_XTS] = true,
68
[QCRYPTO_CIPHER_MODE_CTR] = true,
72
size_t qcrypto_cipher_get_block_len(QCryptoCipherAlgorithm alg)
74
assert(alg < G_N_ELEMENTS(alg_key_len));
75
return alg_block_len[alg];
79
size_t qcrypto_cipher_get_key_len(QCryptoCipherAlgorithm alg)
81
assert(alg < G_N_ELEMENTS(alg_key_len));
82
return alg_key_len[alg];
86
size_t qcrypto_cipher_get_iv_len(QCryptoCipherAlgorithm alg,
87
QCryptoCipherMode mode)
89
if (alg >= G_N_ELEMENTS(alg_block_len)) {
92
if (mode >= G_N_ELEMENTS(mode_need_iv)) {
96
if (mode_need_iv[mode]) {
97
return alg_block_len[alg];
104
qcrypto_cipher_validate_key_length(QCryptoCipherAlgorithm alg,
105
QCryptoCipherMode mode,
109
if ((unsigned)alg >= QCRYPTO_CIPHER_ALG__MAX) {
110
error_setg(errp, "Cipher algorithm %d out of range",
115
if (mode == QCRYPTO_CIPHER_MODE_XTS) {
116
if (alg == QCRYPTO_CIPHER_ALG_DES ||
117
alg == QCRYPTO_CIPHER_ALG_3DES) {
118
error_setg(errp, "XTS mode not compatible with DES/3DES");
122
error_setg(errp, "XTS cipher key length should be a multiple of 2");
126
if (alg_key_len[alg] != (nkey / 2)) {
127
error_setg(errp, "Cipher key length %zu should be %zu",
128
nkey, alg_key_len[alg] * 2);
132
if (alg_key_len[alg] != nkey) {
133
error_setg(errp, "Cipher key length %zu should be %zu",
134
nkey, alg_key_len[alg]);
142
#include "cipher-gcrypt.c.inc"
143
#elif defined CONFIG_NETTLE
144
#include "cipher-nettle.c.inc"
145
#elif defined CONFIG_GNUTLS_CRYPTO
146
#include "cipher-gnutls.c.inc"
148
#include "cipher-builtin.c.inc"
151
QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
152
QCryptoCipherMode mode,
153
const uint8_t *key, size_t nkey,
156
QCryptoCipher *cipher = NULL;
159
cipher = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
163
cipher = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
176
int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
182
const QCryptoCipherDriver *drv = cipher->driver;
183
return drv->cipher_encrypt(cipher, in, out, len, errp);
187
int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
193
const QCryptoCipherDriver *drv = cipher->driver;
194
return drv->cipher_decrypt(cipher, in, out, len, errp);
198
int qcrypto_cipher_setiv(QCryptoCipher *cipher,
199
const uint8_t *iv, size_t niv,
202
const QCryptoCipherDriver *drv = cipher->driver;
203
return drv->cipher_setiv(cipher, iv, niv, errp);
207
void qcrypto_cipher_free(QCryptoCipher *cipher)
210
cipher->driver->cipher_free(cipher);