7a16948063
- ppc/xive: Fix ESB length overflow on 32-bit hosts - target/hppa: Fix PSW V-bit packaging in cpu_hppa_get for hppa64 - target/ppc: Fix migration of CPUs with TLB_EMB TLB type - target/arm: Clear high SVE elements in handle_vec_simd_wshli - module: Prevent crash by resetting local_err in module_load_qom_all() - tests/docker: update debian i686 and mipsel images to bookworm - target/arm: Fix SVE SDOT/UDOT/USDOT (4-way, indexed) - docs/sphinx/depfile.py: Handle env.doc2path() returning a Path not a str - block/blkio: use FUA flag on write zeroes only if supported - virtio-pci: Fix the use of an uninitialized irqfd - hw/cxl: Ensure there is enough data to read the input header in cmd_get_physical_port_state() - intel_iommu: Send IQE event when setting reserved bit in IQT_TAIL - virtio-net: Avoid indirection_table_mask overflow - Fix calculation of minimum in colo_compare_tcp - target/riscv/csr.c: Fix an access to VXSAT - linux-user: Clean up unused header - raw-format: Fix error message for invalid offset/size - hw/loongarch/virt: Remove unnecessary 'cpu.h' inclusion - tests: Wait for migration completion on destination QEMU to avoid failures - acpi: ged: Add macro for acpi sleep control register - hw/intc/openpic: Improve errors for out of bounds property values - hw/pci-bridge: Add a Kconfig switch for the normal PCI bridge - docs/tools/qemu-img.rst: fix typo (sumarizes) - audio/pw: Report more accurate error when connecting to PipeWire fails - audio/pw: Report more accurate error when connecting to PipeWire fails - dma: Fix function names in documentation Ensure the function names match. - edu: fix DMA range upper bound check - platform-bus: fix refcount leak - hw/net/can/sja1000: fix bug for single acceptance filter and standard frame - tests/avocado: fix typo in replay_linux - util/userfaultfd: Remove unused uffd_poll_events - Consider discard option when writing zeros - crypto: factor out conversion of QAPI to gcrypt constants - crypto: drop gnutls debug logging support - crypto: use consistent error reporting pattern for unsupported cipher modes - hw/gpio/aspeed_gpio: Avoid shift into sign bit Signed-off-by: Jiabo Feng <fengjiabo1@huawei.com> (cherry picked from commit b6e04df301d30895427ab41a1edff0f40149bdd9)
169 lines
5.1 KiB
Diff
169 lines
5.1 KiB
Diff
From e1aaa51fc2de072871cce45dd165e2cb38515978 Mon Sep 17 00:00:00 2001
|
|
From: dinglimin <dinglimin@cmss.chinamobile.com>
|
|
Date: Sat, 12 Oct 2024 14:00:08 +0800
|
|
Subject: [PATCH] crypto: factor out conversion of QAPI to gcrypt constants
|
|
MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The conversion of cipher mode will shortly be required in more
|
|
than one place.
|
|
|
|
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
|
|
Reviewed-by: Thomas Huth <thuth@redhat.com>
|
|
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
|
|
Signed-off-by: dinglimin <dinglimin@cmss.chinamobile.com>
|
|
---
|
|
crypto/cipher-gcrypt.c.inc | 116 +++++++++++++++++++------------------
|
|
1 file changed, 60 insertions(+), 56 deletions(-)
|
|
|
|
diff --git a/crypto/cipher-gcrypt.c.inc b/crypto/cipher-gcrypt.c.inc
|
|
index 1377cbaf14..6b82280f90 100644
|
|
--- a/crypto/cipher-gcrypt.c.inc
|
|
+++ b/crypto/cipher-gcrypt.c.inc
|
|
@@ -20,6 +20,56 @@
|
|
|
|
#include <gcrypt.h>
|
|
|
|
+static int qcrypto_cipher_alg_to_gcry_alg(QCryptoCipherAlgorithm alg)
|
|
+{
|
|
+ switch (alg) {
|
|
+ case QCRYPTO_CIPHER_ALG_DES:
|
|
+ return GCRY_CIPHER_DES;
|
|
+ case QCRYPTO_CIPHER_ALG_3DES:
|
|
+ return GCRY_CIPHER_3DES;
|
|
+ case QCRYPTO_CIPHER_ALG_AES_128:
|
|
+ return GCRY_CIPHER_AES128;
|
|
+ case QCRYPTO_CIPHER_ALG_AES_192:
|
|
+ return GCRY_CIPHER_AES192;
|
|
+ case QCRYPTO_CIPHER_ALG_AES_256:
|
|
+ return GCRY_CIPHER_AES256;
|
|
+ case QCRYPTO_CIPHER_ALG_CAST5_128:
|
|
+ return GCRY_CIPHER_CAST5;
|
|
+ case QCRYPTO_CIPHER_ALG_SERPENT_128:
|
|
+ return GCRY_CIPHER_SERPENT128;
|
|
+ case QCRYPTO_CIPHER_ALG_SERPENT_192:
|
|
+ return GCRY_CIPHER_SERPENT192;
|
|
+ case QCRYPTO_CIPHER_ALG_SERPENT_256:
|
|
+ return GCRY_CIPHER_SERPENT256;
|
|
+ case QCRYPTO_CIPHER_ALG_TWOFISH_128:
|
|
+ return GCRY_CIPHER_TWOFISH128;
|
|
+ case QCRYPTO_CIPHER_ALG_TWOFISH_256:
|
|
+ return GCRY_CIPHER_TWOFISH;
|
|
+#ifdef CONFIG_CRYPTO_SM4
|
|
+ case QCRYPTO_CIPHER_ALG_SM4:
|
|
+ return GCRY_CIPHER_SM4;
|
|
+#endif
|
|
+ default:
|
|
+ return GCRY_CIPHER_NONE;
|
|
+ }
|
|
+}
|
|
+
|
|
+static int qcrypto_cipher_mode_to_gcry_mode(QCryptoCipherMode mode)
|
|
+{
|
|
+ switch (mode) {
|
|
+ case QCRYPTO_CIPHER_MODE_ECB:
|
|
+ return GCRY_CIPHER_MODE_ECB;
|
|
+ case QCRYPTO_CIPHER_MODE_XTS:
|
|
+ return GCRY_CIPHER_MODE_XTS;
|
|
+ case QCRYPTO_CIPHER_MODE_CBC:
|
|
+ return GCRY_CIPHER_MODE_CBC;
|
|
+ case QCRYPTO_CIPHER_MODE_CTR:
|
|
+ return GCRY_CIPHER_MODE_CTR;
|
|
+ default:
|
|
+ return GCRY_CIPHER_MODE_NONE;
|
|
+ }
|
|
+}
|
|
+
|
|
bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
|
|
QCryptoCipherMode mode)
|
|
{
|
|
@@ -188,72 +238,26 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
|
|
return NULL;
|
|
}
|
|
|
|
- switch (alg) {
|
|
- case QCRYPTO_CIPHER_ALG_DES:
|
|
- gcryalg = GCRY_CIPHER_DES;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_3DES:
|
|
- gcryalg = GCRY_CIPHER_3DES;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_AES_128:
|
|
- gcryalg = GCRY_CIPHER_AES128;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_AES_192:
|
|
- gcryalg = GCRY_CIPHER_AES192;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_AES_256:
|
|
- gcryalg = GCRY_CIPHER_AES256;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_CAST5_128:
|
|
- gcryalg = GCRY_CIPHER_CAST5;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_SERPENT_128:
|
|
- gcryalg = GCRY_CIPHER_SERPENT128;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_SERPENT_192:
|
|
- gcryalg = GCRY_CIPHER_SERPENT192;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_SERPENT_256:
|
|
- gcryalg = GCRY_CIPHER_SERPENT256;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_TWOFISH_128:
|
|
- gcryalg = GCRY_CIPHER_TWOFISH128;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_ALG_TWOFISH_256:
|
|
- gcryalg = GCRY_CIPHER_TWOFISH;
|
|
- break;
|
|
-#ifdef CONFIG_CRYPTO_SM4
|
|
- case QCRYPTO_CIPHER_ALG_SM4:
|
|
- gcryalg = GCRY_CIPHER_SM4;
|
|
- break;
|
|
-#endif
|
|
- default:
|
|
+ gcryalg = qcrypto_cipher_alg_to_gcry_alg(alg);
|
|
+ if (gcryalg == GCRY_CIPHER_NONE) {
|
|
error_setg(errp, "Unsupported cipher algorithm %s",
|
|
QCryptoCipherAlgorithm_str(alg));
|
|
return NULL;
|
|
}
|
|
|
|
- drv = &qcrypto_gcrypt_driver;
|
|
- switch (mode) {
|
|
- case QCRYPTO_CIPHER_MODE_ECB:
|
|
- gcrymode = GCRY_CIPHER_MODE_ECB;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_MODE_XTS:
|
|
- gcrymode = GCRY_CIPHER_MODE_XTS;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_MODE_CBC:
|
|
- gcrymode = GCRY_CIPHER_MODE_CBC;
|
|
- break;
|
|
- case QCRYPTO_CIPHER_MODE_CTR:
|
|
- drv = &qcrypto_gcrypt_ctr_driver;
|
|
- gcrymode = GCRY_CIPHER_MODE_CTR;
|
|
- break;
|
|
- default:
|
|
+ gcrymode = qcrypto_cipher_mode_to_gcry_mode(mode);
|
|
+ if (gcrymode == GCRY_CIPHER_MODE_NONE) {
|
|
error_setg(errp, "Unsupported cipher mode %s",
|
|
QCryptoCipherMode_str(mode));
|
|
return NULL;
|
|
}
|
|
|
|
+ if (mode == QCRYPTO_CIPHER_MODE_CTR) {
|
|
+ drv = &qcrypto_gcrypt_ctr_driver;
|
|
+ } else {
|
|
+ drv = &qcrypto_gcrypt_driver;
|
|
+ }
|
|
+
|
|
ctx = g_new0(QCryptoCipherGcrypt, 1);
|
|
ctx->base.driver = drv;
|
|
|
|
--
|
|
2.41.0.windows.1
|
|
|