qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed
From: "Longpeng(Mike)" <longpeng2@huawei.com>
To: arei.gonglei@huawei.com
Cc: longpeng2@huawei.com, qemu-devel@nongnu.org, wu.wubin@huawei.com,
	jianjay.zhou@huawei.com
Subject: [Qemu-devel] [PATCH for-2.9 1/2] cryptodev: fix the check of aes algorithm
Date: Mon, 5 Dec 2016 15:44:05 +0800	[thread overview]
Message-ID: <1480923846-166484-2-git-send-email-longpeng2@huawei.com> (raw)
In-Reply-To: <1480923846-166484-1-git-send-email-longpeng2@huawei.com>

As the key length of xts(aes) is different with other mode of aes,
so we should check specially in cryptodev_builtin_get_aes_algo, if
it is xts mode.

Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
 backends/cryptodev-builtin.c | 47 +++++++++++++++++++++++++++++++-------------
 1 file changed, 33 insertions(+), 14 deletions(-)

diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
index eda954b..9dec6b8 100644
--- a/backends/cryptodev-builtin.c
+++ b/backends/cryptodev-builtin.c
@@ -111,23 +111,42 @@ cryptodev_builtin_get_unused_session_index(
     return -1;
 }
 
+#define AES_KEYSIZE_128 16
+#define AES_KEYSIZE_128_XTS 32
+#define AES_KEYSIZE_192 24
+#define AES_KEYSIZE_256 32
+#define AES_KEYSIZE_256_XTS 64
+
 static int
-cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
+cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
 {
     int algo;
 
-    if (key_len == 128 / 8) {
+    if (key_len == AES_KEYSIZE_128) {
         algo = QCRYPTO_CIPHER_ALG_AES_128;
-    } else if (key_len == 192 / 8) {
+    } else if (key_len == AES_KEYSIZE_192) {
         algo = QCRYPTO_CIPHER_ALG_AES_192;
-    } else if (key_len == 256 / 8) {
-        algo = QCRYPTO_CIPHER_ALG_AES_256;
+    } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            algo = QCRYPTO_CIPHER_ALG_AES_128;
+        } else {
+            algo = QCRYPTO_CIPHER_ALG_AES_256;
+        }
+    } else if (key_len == AES_KEYSIZE_256_XTS) {
+        if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+            algo = QCRYPTO_CIPHER_ALG_AES_256;
+        } else {
+            goto err;
+        }
     } else {
-        error_setg(errp, "Unsupported key length :%u", key_len);
-        return -1;
+        goto err;
     }
 
     return algo;
+
+err:
+   error_setg(errp, "Unsupported key length :%u", key_len);
+   return -1;
 }
 
 static int cryptodev_builtin_create_cipher_session(
@@ -155,32 +174,32 @@ static int cryptodev_builtin_create_cipher_session(
 
     switch (sess_info->cipher_alg) {
     case VIRTIO_CRYPTO_CIPHER_AES_ECB:
+        mode = QCRYPTO_CIPHER_MODE_ECB;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_ECB;
         break;
     case VIRTIO_CRYPTO_CIPHER_AES_CBC:
+        mode = QCRYPTO_CIPHER_MODE_CBC;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_CBC;
         break;
     case VIRTIO_CRYPTO_CIPHER_AES_CTR:
+        mode = QCRYPTO_CIPHER_MODE_CTR;
         algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
-                                                          errp);
+                                                    mode, errp);
         if (algo < 0)  {
             return -1;
         }
-        mode = QCRYPTO_CIPHER_MODE_CTR;
         break;
     case VIRTIO_CRYPTO_CIPHER_DES_ECB:
-        algo = QCRYPTO_CIPHER_ALG_DES_RFB;
         mode = QCRYPTO_CIPHER_MODE_ECB;
+        algo = QCRYPTO_CIPHER_ALG_DES_RFB;
         break;
     default:
         error_setg(errp, "Unsupported cipher alg :%u",
-- 
1.8.3.1

  reply	other threads:[~2016-12-05  7:45 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-12-05  7:44 [Qemu-devel] [PATCH for-2.9 0/2] cryptodev: support xts(aes) algorithm Longpeng(Mike)
2016-12-05  7:44 ` Longpeng(Mike) [this message]
2016-12-05  9:34   ` [Qemu-devel] [PATCH for-2.9 1/2] cryptodev: fix the check of aes algorithm Gonglei (Arei)
2016-12-05  9:51     ` Longpeng (Mike)
2016-12-05  7:44 ` [Qemu-devel] [PATCH for-2.9 2/2] cryptodev: add xts(aes) support Longpeng(Mike)
2016-12-05  9:35   ` Gonglei (Arei)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1480923846-166484-2-git-send-email-longpeng2@huawei.com \
    --to=longpeng2@huawei.com \
    --cc=arei.gonglei@huawei.com \
    --cc=jianjay.zhou@huawei.com \
    --cc=qemu-devel@nongnu.org \
    --cc=wu.wubin@huawei.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).