From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:57105) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDpQD-0004HJ-QB for qemu-devel@nongnu.org; Mon, 05 Dec 2016 04:18:55 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cDpQA-0003z9-Lf for qemu-devel@nongnu.org; Mon, 05 Dec 2016 04:18:53 -0500 Received: from mx1.redhat.com ([209.132.183.28]:43872) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.71) (envelope-from ) id 1cDpQA-0003yv-DD for qemu-devel@nongnu.org; Mon, 05 Dec 2016 04:18:50 -0500 Date: Mon, 5 Dec 2016 09:18:42 +0000 From: "Daniel P. Berrange" Message-ID: <20161205091842.GA2498@redhat.com> Reply-To: "Daniel P. Berrange" References: <1480928380-161760-1-git-send-email-longpeng2@huawei.com> <1480928380-161760-2-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: <1480928380-161760-2-git-send-email-longpeng2@huawei.com> Subject: Re: [Qemu-devel] [PATCH for-2.9 1/3] crypto: add standard des support List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Longpeng(Mike)" Cc: eblake@redhat.com, armbru@redhat.com, arei.gonglei@huawei.com, qemu-devel@nongnu.org, wu.wubin@huawei.com, jianjay.zhou@huawei.com On Mon, Dec 05, 2016 at 04:59:38PM +0800, Longpeng(Mike) wrote: > This patch add standart DES support. > > Signed-off-by: Longpeng(Mike) > --- > crypto/cipher-gcrypt.c | 3 +++ > crypto/cipher-nettle.c | 13 ++++++++++--- > crypto/cipher.c | 5 ++++- > qapi/crypto.json | 2 +- > 4 files changed, 18 insertions(+), 5 deletions(-) > > diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c > index c550db9..7ca049c 100644 > --- a/crypto/cipher-gcrypt.c > +++ b/crypto/cipher-gcrypt.c > @@ -28,6 +28,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, > QCryptoCipherMode mode) > { > switch (alg) { > + case QCRYPTO_CIPHER_ALG_DES: > case QCRYPTO_CIPHER_ALG_DES_RFB: > case QCRYPTO_CIPHER_ALG_AES_128: > case QCRYPTO_CIPHER_ALG_AES_192: > @@ -95,6 +96,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, > } > > switch (alg) { > + case QCRYPTO_CIPHER_ALG_DES: > case QCRYPTO_CIPHER_ALG_DES_RFB: > gcryalg = GCRY_CIPHER_DES; > break; > @@ -200,6 +202,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, > case QCRYPTO_CIPHER_ALG_TWOFISH_256: > ctx->blocksize = 16; > break; > + case QCRYPTO_CIPHER_ALG_DES: > case QCRYPTO_CIPHER_ALG_CAST5_128: > ctx->blocksize = 8; > break; > diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c > index cd094cd..81cc634 100644 > --- a/crypto/cipher-nettle.c > +++ b/crypto/cipher-nettle.c > @@ -196,6 +196,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg, > QCryptoCipherMode mode) > { > switch (alg) { > + case QCRYPTO_CIPHER_ALG_DES: > case QCRYPTO_CIPHER_ALG_DES_RFB: > case QCRYPTO_CIPHER_ALG_AES_128: > case QCRYPTO_CIPHER_ALG_AES_192: > @@ -256,11 +257,17 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, > ctx = g_new0(QCryptoCipherNettle, 1); > > switch (alg) { > + case QCRYPTO_CIPHER_ALG_DES: > case QCRYPTO_CIPHER_ALG_DES_RFB: > ctx->ctx = g_new0(struct des_ctx, 1); > - rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); > - des_set_key(ctx->ctx, rfbkey); > - g_free(rfbkey); > + > + if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) { > + rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); > + des_set_key(ctx->ctx, rfbkey); > + g_free(rfbkey); > + } else { > + des_set_key(ctx->ctx, key); > + } > > ctx->alg_encrypt_native = des_encrypt_native; > ctx->alg_decrypt_native = des_decrypt_native; > diff --git a/crypto/cipher.c b/crypto/cipher.c > index a9bca41..00d9682 100644 > --- a/crypto/cipher.c > +++ b/crypto/cipher.c > @@ -27,6 +27,7 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { > [QCRYPTO_CIPHER_ALG_AES_128] = 16, > [QCRYPTO_CIPHER_ALG_AES_192] = 24, > [QCRYPTO_CIPHER_ALG_AES_256] = 32, > + [QCRYPTO_CIPHER_ALG_DES] = 8, > [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, > [QCRYPTO_CIPHER_ALG_CAST5_128] = 16, > [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, > @@ -41,6 +42,7 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { > [QCRYPTO_CIPHER_ALG_AES_128] = 16, > [QCRYPTO_CIPHER_ALG_AES_192] = 16, > [QCRYPTO_CIPHER_ALG_AES_256] = 16, > + [QCRYPTO_CIPHER_ALG_DES] = 8, > [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, > [QCRYPTO_CIPHER_ALG_CAST5_128] = 8, > [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, > @@ -107,7 +109,8 @@ qcrypto_cipher_validate_key_length(QCryptoCipherAlgorithm alg, > } > > if (mode == QCRYPTO_CIPHER_MODE_XTS) { > - if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) { > + if (alg == QCRYPTO_CIPHER_ALG_DES_RFB > + || alg == QCRYPTO_CIPHER_ALG_DES) { > error_setg(errp, "XTS mode not compatible with DES-RFB"); > return false; > } > diff --git a/qapi/crypto.json b/qapi/crypto.json > index 5c9d7d4..d403ab9 100644 > --- a/qapi/crypto.json > +++ b/qapi/crypto.json > @@ -75,7 +75,7 @@ > { 'enum': 'QCryptoCipherAlgorithm', > 'prefix': 'QCRYPTO_CIPHER_ALG', > 'data': ['aes-128', 'aes-192', 'aes-256', > - 'des-rfb', > + 'des-rfb', 'des', Can we call this '3des' to make it clear that this is Triple-DES and not the single-DES (which des-rfb is) > 'cast5-128', > 'serpent-128', 'serpent-192', 'serpent-256', > 'twofish-128', 'twofish-192', 'twofish-256']} Regards, Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://entangle-photo.org -o- http://search.cpan.org/~danberr/ :|