From: "Longpeng(Mike)" <longpeng2@huawei.com>
To: berrange@redhat.com
Cc: arei.gonglei@huawei.com, weidong.huang@huawei.com,
wangxinxin.wang@huawei.com, qemu-devel@nongnu.org,
longpeng.mike@gmail.com, "Longpeng(Mike)" <longpeng2@huawei.com>
Subject: [Qemu-devel] [PATCH v4 15/18] crypto: hmac: add af_alg hmac support
Date: Tue, 4 Jul 2017 16:57:07 +0800 [thread overview]
Message-ID: <1499158630-75260-16-git-send-email-longpeng2@huawei.com> (raw)
In-Reply-To: <1499158630-75260-1-git-send-email-longpeng2@huawei.com>
Adds afalg-backend hmac support: introduces some private APIs
firstly, and then intergrates them into qcrypto_hmac_afalg_driver.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hash-afalg.c | 104 +++++++++++++++++++++++++++++++++++++++++++++-------
crypto/hmac.c | 22 +++++++++--
crypto/hmacpriv.h | 12 ++++++
3 files changed, 121 insertions(+), 17 deletions(-)
diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
index a19847e..1ccb49e 100644
--- a/crypto/hash-afalg.c
+++ b/crypto/hash-afalg.c
@@ -1,5 +1,5 @@
/*
- * QEMU Crypto af_alg-backend hash support
+ * QEMU Crypto af_alg-backend hash/hmac support
*
* Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
*
@@ -16,10 +16,13 @@
#include "qemu-common.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "crypto/hmac.h"
#include "hashpriv.h"
+#include "hmacpriv.h"
static char *
qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
+ bool is_hmac,
Error **errp)
{
char *name;
@@ -53,18 +56,24 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
return NULL;
}
- name = g_strdup_printf("%s", alg_name);
+ if (is_hmac) {
+ name = g_strdup_printf("hmac(%s)", alg_name);
+ } else {
+ name = g_strdup_printf("%s", alg_name);
+ }
return name;
}
static QCryptoAFAlg *
-qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
+qcrypto_afalg_hash_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ bool is_hmac, Error **errp)
{
QCryptoAFAlg *afalg;
char *name;
- name = qcrypto_afalg_hash_format_name(alg, errp);
+ name = qcrypto_afalg_hash_format_name(alg, is_hmac, errp);
if (!name) {
return NULL;
}
@@ -76,22 +85,49 @@ qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
}
afalg->name = name;
+ /* HMAC needs setkey */
+ if (is_hmac) {
+ if (qemu_setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY,
+ key, nkey) != 0) {
+ error_setg_errno(errp, errno, "Set hmac key failed");
+ qcrypto_afalg_comm_free(afalg);
+ return NULL;
+ }
+ }
+
/* prepare msg header */
afalg->msg = g_new0(struct msghdr, 1);
return afalg;
}
+static QCryptoAFAlg *
+qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, NULL, 0, false, errp);
+}
+
+QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, key, nkey, true, errp);
+}
+
static int
-qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov, uint8_t **result,
- size_t *resultlen,
- Error **errp)
+qcrypto_afalg_hash_hmac_bytesv(QCryptoAFAlg *hmac,
+ QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoAFAlg *afalg;
struct iovec outv;
int ret = 0;
+ bool is_hmac = (hmac != NULL) ? true : false;
const int expect_len = qcrypto_hash_digest_len(alg);
if (*resultlen == 0) {
@@ -104,9 +140,13 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
return -1;
}
- afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
- if (!afalg) {
- return -1;
+ if (is_hmac) {
+ afalg = hmac;
+ } else {
+ afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
+ if (!afalg) {
+ return -1;
+ }
}
/* send data to kernel's crypto core */
@@ -130,10 +170,48 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
}
out:
- qcrypto_afalg_comm_free(afalg);
+ if (!is_hmac) {
+ qcrypto_afalg_comm_free(afalg);
+ }
return ret;
}
+static int
+qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(NULL, alg, iov, niov, result,
+ resultlen, errp);
+}
+
+static int
+qcrypto_afalg_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(hmac->opaque, hmac->alg,
+ iov, niov, result, resultlen,
+ errp);
+}
+
+static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac)
+{
+ QCryptoAFAlg *afalg;
+
+ afalg = hmac->opaque;
+ qcrypto_afalg_comm_free(afalg);
+}
+
QCryptoHashDriver qcrypto_hash_afalg_driver = {
.hash_bytesv = qcrypto_afalg_hash_bytesv,
};
+
+QCryptoHmacDriver qcrypto_hmac_afalg_driver = {
+ .hmac_bytesv = qcrypto_afalg_hmac_bytesv,
+ .hmac_free = qcrypto_afalg_hmac_ctx_free,
+};
diff --git a/crypto/hmac.c b/crypto/hmac.c
index a4690e3..37e2af2 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -89,17 +89,31 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
Error **errp)
{
QCryptoHmac *hmac;
- void *ctx;
+ void *ctx = NULL;
+ Error *err2 = NULL;
+ QCryptoHmacDriver *drv;
+
+#ifdef CONFIG_AF_ALG
+ ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
+ if (ctx) {
+ drv = &qcrypto_hmac_afalg_driver;
+ }
+#endif
- ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
if (!ctx) {
- return NULL;
+ ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
+ if (!ctx) {
+ return NULL;
+ }
+
+ drv = &qcrypto_hmac_lib_driver;
+ error_free(err2);
}
hmac = g_new0(QCryptoHmac, 1);
hmac->alg = alg;
hmac->opaque = ctx;
- hmac->driver = (void *)&qcrypto_hmac_lib_driver;
+ hmac->driver = (void *)drv;
return hmac;
}
diff --git a/crypto/hmacpriv.h b/crypto/hmacpriv.h
index 2be389a..4387ca2 100644
--- a/crypto/hmacpriv.h
+++ b/crypto/hmacpriv.h
@@ -33,4 +33,16 @@ extern void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
Error **errp);
extern QCryptoHmacDriver qcrypto_hmac_lib_driver;
+#ifdef CONFIG_AF_ALG
+
+#include "afalgpriv.h"
+
+extern QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp);
+extern QCryptoHmacDriver qcrypto_hmac_afalg_driver;
+
+#endif
+
#endif
--
1.8.3.1
next prev parent reply other threads:[~2017-07-04 8:57 UTC|newest]
Thread overview: 29+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-07-04 8:56 [Qemu-devel] [PATCH v4 00/18] crypto: add afalg-backend support Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 06/18] crypto: hash: add hash " Longpeng(Mike)
2017-07-04 8:56 ` [Qemu-devel] [PATCH v4 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
2017-07-11 12:28 ` Daniel P. Berrange
2017-07-13 3:30 ` long mike
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
2017-07-11 12:20 ` Daniel P. Berrange
2017-07-11 12:23 ` Daniel P. Berrange
2017-07-11 12:29 ` Daniel P. Berrange
2017-07-13 9:55 ` long mike
2017-07-13 10:06 ` Daniel P. Berrange
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
2017-07-11 12:32 ` Daniel P. Berrange
2017-07-04 8:57 ` Longpeng(Mike) [this message]
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 16/18] tests: crypto: add cipher speed benchmark support Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 17/18] tests: crypto: add hash " Longpeng(Mike)
2017-07-04 8:57 ` [Qemu-devel] [PATCH v4 18/18] tests: crypto: add hmac " Longpeng(Mike)
2017-07-11 12:34 ` Daniel P. Berrange
2017-07-06 14:06 ` [Qemu-devel] [PATCH v4 00/18] crypto: add afalg-backend support Daniel P. Berrange
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1499158630-75260-16-git-send-email-longpeng2@huawei.com \
--to=longpeng2@huawei.com \
--cc=arei.gonglei@huawei.com \
--cc=berrange@redhat.com \
--cc=longpeng.mike@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=wangxinxin.wang@huawei.com \
--cc=weidong.huang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).