From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH 16/17] crypto/nettle: Split QCryptoCipherNettle into subclasses
Date: Fri, 28 Aug 2020 14:46:32 +0100 [thread overview]
Message-ID: <20200828134632.GJ224144@redhat.com> (raw)
In-Reply-To: <20200813032537.2888593-17-richard.henderson@linaro.org>
On Wed, Aug 12, 2020 at 08:25:36PM -0700, Richard Henderson wrote:
> Use separate classes for each cipher entry point: des_rfb, des3,
> aes128, aes192, aes256, cast128, serpent, and twofish.
>
> Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS.
> This eliminates unreachable wrappers for DES_RFB, DES3 and
> CAST128, which have blocksizes that do not allow XTS mode.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> crypto/cipher-nettle.inc.c | 987 +++++++++++++++++++------------------
> 1 file changed, 503 insertions(+), 484 deletions(-)
>
> diff --git a/crypto/cipher-nettle.inc.c b/crypto/cipher-nettle.inc.c
> index 36d57ef430..a1f4f6eac6 100644
> --- a/crypto/cipher-nettle.inc.c
> +++ b/crypto/cipher-nettle.inc.c
> @@ -34,8 +34,6 @@
> #include <nettle/xts.h>
> #endif
>
> -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver;
> -
> typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
> size_t length,
> uint8_t *dst,
> @@ -75,62 +73,212 @@ typedef const void * cipher_ctx_t;
> typedef size_t cipher_length_t;
> #endif
>
> -typedef struct QCryptoNettleAES128 {
> - struct aes128_ctx enc;
> - struct aes128_ctx dec;
> -} QCryptoNettleAES128;
> -
> -typedef struct QCryptoNettleAES192 {
> - struct aes192_ctx enc;
> - struct aes192_ctx dec;
> -} QCryptoNettleAES192;
> -
> -typedef struct QCryptoNettleAES256 {
> - struct aes256_ctx enc;
> - struct aes256_ctx dec;
> -} QCryptoNettleAES256;
> -
> -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static inline bool qcrypto_length_check(size_t len, size_t blocksize,
> + Error **errp)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> + if (unlikely(len & (blocksize - 1))) {
> + error_setg(errp, "Length %zu must be a multiple of block size %zu",
> + len, blocksize);
> + return false;
> + }
> + return true;
> }
>
> -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +
> +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> + g_free(ctx);
> }
>
> -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher,
> + const uint8_t *iv, size_t niv,
> + Error **errp)
> {
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> + error_setg(errp, "Setting IV is not supported");
> + return -1;
> }
>
> -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> +
> +#define DEFINE_SETIV(NAME, TYPE, BLEN) \
> +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \
> + size_t niv, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (niv != BLEN) { \
> + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \
> + return -1; \
> + } \
> + memcpy(ctx->iv, iv, niv); \
> + return 0; \
> }
>
> -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
>
> -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ENCRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + DECRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ecb = { \
> + .cipher_encrypt = NAME##_encrypt_ecb, \
> + .cipher_decrypt = NAME##_decrypt_ecb, \
> + .cipher_setiv = qcrypto_cipher_no_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_cbc = { \
> + .cipher_encrypt = NAME##_encrypt_cbc, \
> + .cipher_decrypt = NAME##_decrypt_cbc, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \
> +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ctr = { \
> + .cipher_encrypt = NAME##_encrypt_ctr, \
> + .cipher_decrypt = NAME##_encrypt_ctr, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#ifdef CONFIG_QEMU_PRIVATE_XTS
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static void NAME##_xts_wrape(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + ENCRYPT(ctx, length, dst, src); \
> +} \
> +static void NAME##_xts_wrapd(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + DECRYPT(ctx, length, dst, src); \
> +} \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> }
> +#else
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +}
> +#endif
> +
> +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + QEMU_BUILD_BUG_ON(BLEN != XTS_BLOCK_SIZE); \
> + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static const struct QCryptoCipherDriver NAME##_driver_xts = { \
> + .cipher_encrypt = NAME##_encrypt_xts, \
> + .cipher_decrypt = NAME##_decrypt_xts, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_SETIV(NAME, TYPE, BLEN) \
> + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT)
> +
> +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT)
> +
> +
> +typedef struct QCryptoNettleDESRFB {
> + QCryptoCipher base;
> + struct des_ctx key;
> + uint8_t iv[DES_BLOCK_SIZE];
> +} QCryptoNettleDESRFB;
>
> static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> @@ -144,6 +292,16 @@ static void des_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> des_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB,
> + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleDES3 {
> + QCryptoCipher base;
> + struct des3_ctx key;
> + uint8_t iv[DES3_BLOCK_SIZE];
> +} QCryptoNettleDES3;
> +
> static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -156,6 +314,94 @@ static void des3_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> des3_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE,
> + des3_encrypt_native, des3_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES128 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes128_ctx key[2], key_xts[2];
> +} QCryptoNettleAES128;
> +
> +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128,
> + QCryptoNettleAES128, AES_BLOCK_SIZE,
> + aes128_encrypt_native, aes128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES192 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes192_ctx key[2], key_xts[2];
> +} QCryptoNettleAES192;
> +
> +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192,
> + QCryptoNettleAES192, AES_BLOCK_SIZE,
> + aes192_encrypt_native, aes192_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES256 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes256_ctx key[2], key_xts[2];
> +} QCryptoNettleAES256;
> +
> +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256,
> + QCryptoNettleAES256, AES_BLOCK_SIZE,
> + aes256_encrypt_native, aes256_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleCAST128 {
> + QCryptoCipher base;
> + uint8_t iv[CAST128_BLOCK_SIZE];
> + struct cast128_ctx key, key_xts;
> +} QCryptoNettleCAST128;
> +
> static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -168,6 +414,18 @@ static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> cast128_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128,
> + QCryptoNettleCAST128, CAST128_BLOCK_SIZE,
> + cast128_encrypt_native, cast128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleSerpent {
> + QCryptoCipher base;
> + uint8_t iv[SERPENT_BLOCK_SIZE];
> + struct serpent_ctx key, key_xts;
> +} QCryptoNettleSerpent;
> +
> +
> static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -180,6 +438,17 @@ static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> serpent_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent,
> + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE,
> + serpent_encrypt_native, serpent_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleTwofish {
> + QCryptoCipher base;
> + uint8_t iv[TWOFISH_BLOCK_SIZE];
> + struct twofish_ctx key, key_xts;
> +} QCryptoNettleTwofish;
> +
> static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -192,125 +461,10 @@ static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> twofish_decrypt(ctx, length, dst, src);
> }
>
> -static void aes128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> -}
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish,
> + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE,
> + twofish_encrypt_native, twofish_decrypt_native)
>
> -static void aes128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes192_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes192_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes256_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes256_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void des_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_decrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_decrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_encrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_decrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_encrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_decrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_encrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_decrypt(ctx, length, dst, src);
> -}
> -
> -typedef struct QCryptoCipherNettle QCryptoCipherNettle;
> -struct QCryptoCipherNettle {
> - QCryptoCipher base;
> -
> - /* Primary cipher context for all modes */
> - void *ctx;
> - /* Second cipher context for XTS mode only */
> - void *ctx_tweak;
> - /* Cipher callbacks for both contexts */
> - QCryptoCipherNettleFuncNative alg_encrypt_native;
> - QCryptoCipherNettleFuncNative alg_decrypt_native;
> - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
> - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
> - /* Initialization vector or Counter */
> - uint8_t *iv;
> - size_t blocksize;
> -};
>
> bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode)
> @@ -344,30 +498,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> }
> }
>
> -
> -static void
> -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
> -{
> - if (!ctx) {
> - return;
> - }
> -
> - g_free(ctx->iv);
> - g_free(ctx->ctx);
> - g_free(ctx->ctx_tweak);
> - g_free(ctx);
> -}
> -
> -
> static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode,
> const uint8_t *key,
> size_t nkey,
> Error **errp)
> {
> - QCryptoCipherNettle *ctx;
> - uint8_t *rfbkey;
> -
> switch (mode) {
> case QCRYPTO_CIPHER_MODE_ECB:
> case QCRYPTO_CIPHER_MODE_CBC:
> @@ -375,6 +511,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_MODE_CTR:
> break;
> default:
> + bad_cipher_mode:
> error_setg(errp, "Unsupported cipher mode %s",
> QCryptoCipherMode_str(mode));
Lets put this jump target at the end of the method, so we avoid having
to jump backwards in the code.
Aside from that
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2020-08-28 13:47 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-13 3:25 [PATCH 00/17] crypto/cipher: Class hierarchy cleanups Richard Henderson
2020-08-13 3:25 ` [PATCH 01/17] crypto: Move QCryptoCipher typedef to qemu/typedefs.h Richard Henderson
2020-08-13 7:59 ` Philippe Mathieu-Daudé
2020-08-17 16:48 ` Daniel P. Berrangé
2020-08-17 20:38 ` Richard Henderson
2020-08-17 20:42 ` Richard Henderson
2020-08-17 20:50 ` Richard Henderson
2020-08-28 13:28 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 02/17] crypto: Move QCryptoCipherDriver " Richard Henderson
2020-08-13 7:59 ` Philippe Mathieu-Daudé
2020-08-13 3:25 ` [PATCH 03/17] crypto: Assume blocksize is a power of 2 Richard Henderson
2020-08-17 16:51 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 04/17] crypto: Rename cipher include files to .inc.c Richard Henderson
2020-08-13 8:00 ` Philippe Mathieu-Daudé
2020-08-17 16:52 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 05/17] crypto: Remove redundant includes Richard Henderson
2020-08-13 8:01 ` Philippe Mathieu-Daudé
2020-08-17 16:50 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 06/17] crypto/nettle: Fix xts_encrypt arguments Richard Henderson
2020-08-17 16:53 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 07/17] crypto: Use the correct const type for driver Richard Henderson
2020-08-13 8:02 ` Philippe Mathieu-Daudé
2020-08-17 16:53 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 08/17] crypto: Allocate QCryptoCipher with the subclass Richard Henderson
2020-08-17 16:55 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 09/17] crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_new Richard Henderson
2020-08-17 16:56 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 10/17] crypto: Constify cipher data tables Richard Henderson
2020-08-13 8:03 ` Philippe Mathieu-Daudé
2020-08-17 16:56 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 11/17] crypto/builtin: Remove odd-sized AES block handling Richard Henderson
2020-08-17 16:57 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 12/17] crypto/builtin: Merge qcrypto_cipher_aes_{ecb, xts}_{en, de}crypt Richard Henderson
2020-08-13 8:05 ` Philippe Mathieu-Daudé
2020-08-17 17:00 ` [PATCH 12/17] crypto/builtin: Merge qcrypto_cipher_aes_{ecb,xts}_{en,de}crypt Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 13/17] crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.c Richard Henderson
2020-08-13 8:11 ` Philippe Mathieu-Daudé
2020-08-17 17:01 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 14/17] crypto/builtin: Split and simplify AES_encrypt_cbc Richard Henderson
2020-08-17 17:02 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 15/17] crypto/builtin: Split QCryptoCipherBuiltin into subclasses Richard Henderson
2020-08-28 13:44 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 16/17] crypto/nettle: Split QCryptoCipherNettle " Richard Henderson
2020-08-28 13:46 ` Daniel P. Berrangé [this message]
2020-08-13 3:25 ` [PATCH 17/17] crypto/gcrypt: Split QCryptoCipherGcrypt " Richard Henderson
2020-08-28 13:52 ` Daniel P. Berrangé
2020-08-13 8:54 ` [PATCH 00/17] crypto/cipher: Class hierarchy cleanups Philippe Mathieu-Daudé
2020-08-13 10:48 ` no-reply
2020-08-13 11:11 ` no-reply
2020-08-17 16:45 ` Daniel P. Berrangé
2020-08-17 17:09 ` Daniel P. Berrangé
2020-08-17 20:49 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200828134632.GJ224144@redhat.com \
--to=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.