From: "Daniel P. Berrangé" <berrange@redhat.com>
To: Richard Henderson <richard.henderson@linaro.org>
Cc: qemu-devel@nongnu.org
Subject: Re: [PATCH 16/17] crypto/nettle: Split QCryptoCipherNettle into subclasses
Date: Fri, 28 Aug 2020 14:46:32 +0100 [thread overview]
Message-ID: <20200828134632.GJ224144@redhat.com> (raw)
In-Reply-To: <20200813032537.2888593-17-richard.henderson@linaro.org>
On Wed, Aug 12, 2020 at 08:25:36PM -0700, Richard Henderson wrote:
> Use separate classes for each cipher entry point: des_rfb, des3,
> aes128, aes192, aes256, cast128, serpent, and twofish.
>
> Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS.
> This eliminates unreachable wrappers for DES_RFB, DES3 and
> CAST128, which have blocksizes that do not allow XTS mode.
>
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
> ---
> crypto/cipher-nettle.inc.c | 987 +++++++++++++++++++------------------
> 1 file changed, 503 insertions(+), 484 deletions(-)
>
> diff --git a/crypto/cipher-nettle.inc.c b/crypto/cipher-nettle.inc.c
> index 36d57ef430..a1f4f6eac6 100644
> --- a/crypto/cipher-nettle.inc.c
> +++ b/crypto/cipher-nettle.inc.c
> @@ -34,8 +34,6 @@
> #include <nettle/xts.h>
> #endif
>
> -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver;
> -
> typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
> size_t length,
> uint8_t *dst,
> @@ -75,62 +73,212 @@ typedef const void * cipher_ctx_t;
> typedef size_t cipher_length_t;
> #endif
>
> -typedef struct QCryptoNettleAES128 {
> - struct aes128_ctx enc;
> - struct aes128_ctx dec;
> -} QCryptoNettleAES128;
> -
> -typedef struct QCryptoNettleAES192 {
> - struct aes192_ctx enc;
> - struct aes192_ctx dec;
> -} QCryptoNettleAES192;
> -
> -typedef struct QCryptoNettleAES256 {
> - struct aes256_ctx enc;
> - struct aes256_ctx dec;
> -} QCryptoNettleAES256;
> -
> -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static inline bool qcrypto_length_check(size_t len, size_t blocksize,
> + Error **errp)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> + if (unlikely(len & (blocksize - 1))) {
> + error_setg(errp, "Length %zu must be a multiple of block size %zu",
> + len, blocksize);
> + return false;
> + }
> + return true;
> }
>
> -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +
> +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> + g_free(ctx);
> }
>
> -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher,
> + const uint8_t *iv, size_t niv,
> + Error **errp)
> {
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> + error_setg(errp, "Setting IV is not supported");
> + return -1;
> }
>
> -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> +
> +#define DEFINE_SETIV(NAME, TYPE, BLEN) \
> +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \
> + size_t niv, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (niv != BLEN) { \
> + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \
> + return -1; \
> + } \
> + memcpy(ctx->iv, iv, niv); \
> + return 0; \
> }
>
> -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
>
> -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ENCRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + DECRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ecb = { \
> + .cipher_encrypt = NAME##_encrypt_ecb, \
> + .cipher_decrypt = NAME##_decrypt_ecb, \
> + .cipher_setiv = qcrypto_cipher_no_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_cbc = { \
> + .cipher_encrypt = NAME##_encrypt_cbc, \
> + .cipher_decrypt = NAME##_decrypt_cbc, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \
> +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ctr = { \
> + .cipher_encrypt = NAME##_encrypt_ctr, \
> + .cipher_decrypt = NAME##_encrypt_ctr, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#ifdef CONFIG_QEMU_PRIVATE_XTS
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static void NAME##_xts_wrape(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + ENCRYPT(ctx, length, dst, src); \
> +} \
> +static void NAME##_xts_wrapd(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + DECRYPT(ctx, length, dst, src); \
> +} \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> }
> +#else
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +}
> +#endif
> +
> +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + QEMU_BUILD_BUG_ON(BLEN != XTS_BLOCK_SIZE); \
> + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static const struct QCryptoCipherDriver NAME##_driver_xts = { \
> + .cipher_encrypt = NAME##_encrypt_xts, \
> + .cipher_decrypt = NAME##_decrypt_xts, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_SETIV(NAME, TYPE, BLEN) \
> + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT)
> +
> +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT)
> +
> +
> +typedef struct QCryptoNettleDESRFB {
> + QCryptoCipher base;
> + struct des_ctx key;
> + uint8_t iv[DES_BLOCK_SIZE];
> +} QCryptoNettleDESRFB;
>
> static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> @@ -144,6 +292,16 @@ static void des_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> des_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB,
> + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleDES3 {
> + QCryptoCipher base;
> + struct des3_ctx key;
> + uint8_t iv[DES3_BLOCK_SIZE];
> +} QCryptoNettleDES3;
> +
> static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -156,6 +314,94 @@ static void des3_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> des3_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE,
> + des3_encrypt_native, des3_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES128 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes128_ctx key[2], key_xts[2];
> +} QCryptoNettleAES128;
> +
> +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128,
> + QCryptoNettleAES128, AES_BLOCK_SIZE,
> + aes128_encrypt_native, aes128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES192 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes192_ctx key[2], key_xts[2];
> +} QCryptoNettleAES192;
> +
> +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192,
> + QCryptoNettleAES192, AES_BLOCK_SIZE,
> + aes192_encrypt_native, aes192_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES256 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes256_ctx key[2], key_xts[2];
> +} QCryptoNettleAES256;
> +
> +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256,
> + QCryptoNettleAES256, AES_BLOCK_SIZE,
> + aes256_encrypt_native, aes256_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleCAST128 {
> + QCryptoCipher base;
> + uint8_t iv[CAST128_BLOCK_SIZE];
> + struct cast128_ctx key, key_xts;
> +} QCryptoNettleCAST128;
> +
> static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -168,6 +414,18 @@ static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> cast128_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128,
> + QCryptoNettleCAST128, CAST128_BLOCK_SIZE,
> + cast128_encrypt_native, cast128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleSerpent {
> + QCryptoCipher base;
> + uint8_t iv[SERPENT_BLOCK_SIZE];
> + struct serpent_ctx key, key_xts;
> +} QCryptoNettleSerpent;
> +
> +
> static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -180,6 +438,17 @@ static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> serpent_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent,
> + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE,
> + serpent_encrypt_native, serpent_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleTwofish {
> + QCryptoCipher base;
> + uint8_t iv[TWOFISH_BLOCK_SIZE];
> + struct twofish_ctx key, key_xts;
> +} QCryptoNettleTwofish;
> +
> static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -192,125 +461,10 @@ static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> twofish_decrypt(ctx, length, dst, src);
> }
>
> -static void aes128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> -}
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish,
> + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE,
> + twofish_encrypt_native, twofish_decrypt_native)
>
> -static void aes128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes192_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes192_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes256_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes256_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void des_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_decrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_decrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_encrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_decrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_encrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_decrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_encrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_decrypt(ctx, length, dst, src);
> -}
> -
> -typedef struct QCryptoCipherNettle QCryptoCipherNettle;
> -struct QCryptoCipherNettle {
> - QCryptoCipher base;
> -
> - /* Primary cipher context for all modes */
> - void *ctx;
> - /* Second cipher context for XTS mode only */
> - void *ctx_tweak;
> - /* Cipher callbacks for both contexts */
> - QCryptoCipherNettleFuncNative alg_encrypt_native;
> - QCryptoCipherNettleFuncNative alg_decrypt_native;
> - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
> - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
> - /* Initialization vector or Counter */
> - uint8_t *iv;
> - size_t blocksize;
> -};
>
> bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode)
> @@ -344,30 +498,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> }
> }
>
> -
> -static void
> -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
> -{
> - if (!ctx) {
> - return;
> - }
> -
> - g_free(ctx->iv);
> - g_free(ctx->ctx);
> - g_free(ctx->ctx_tweak);
> - g_free(ctx);
> -}
> -
> -
> static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode,
> const uint8_t *key,
> size_t nkey,
> Error **errp)
> {
> - QCryptoCipherNettle *ctx;
> - uint8_t *rfbkey;
> -
> switch (mode) {
> case QCRYPTO_CIPHER_MODE_ECB:
> case QCRYPTO_CIPHER_MODE_CBC:
> @@ -375,6 +511,7 @@ static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_MODE_CTR:
> break;
> default:
> + bad_cipher_mode:
> error_setg(errp, "Unsupported cipher mode %s",
> QCryptoCipherMode_str(mode));
Lets put this jump target at the end of the method, so we avoid having
to jump backwards in the code.
Aside from that
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2020-08-28 13:47 UTC|newest]
Thread overview: 52+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-08-13 3:25 [PATCH 00/17] crypto/cipher: Class hierarchy cleanups Richard Henderson
2020-08-13 3:25 ` [PATCH 01/17] crypto: Move QCryptoCipher typedef to qemu/typedefs.h Richard Henderson
2020-08-13 7:59 ` Philippe Mathieu-Daudé
2020-08-17 16:48 ` Daniel P. Berrangé
2020-08-17 20:38 ` Richard Henderson
2020-08-17 20:42 ` Richard Henderson
2020-08-17 20:50 ` Richard Henderson
2020-08-28 13:28 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 02/17] crypto: Move QCryptoCipherDriver " Richard Henderson
2020-08-13 7:59 ` Philippe Mathieu-Daudé
2020-08-13 3:25 ` [PATCH 03/17] crypto: Assume blocksize is a power of 2 Richard Henderson
2020-08-17 16:51 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 04/17] crypto: Rename cipher include files to .inc.c Richard Henderson
2020-08-13 8:00 ` Philippe Mathieu-Daudé
2020-08-17 16:52 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 05/17] crypto: Remove redundant includes Richard Henderson
2020-08-13 8:01 ` Philippe Mathieu-Daudé
2020-08-17 16:50 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 06/17] crypto/nettle: Fix xts_encrypt arguments Richard Henderson
2020-08-17 16:53 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 07/17] crypto: Use the correct const type for driver Richard Henderson
2020-08-13 8:02 ` Philippe Mathieu-Daudé
2020-08-17 16:53 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 08/17] crypto: Allocate QCryptoCipher with the subclass Richard Henderson
2020-08-17 16:55 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 09/17] crypto: Move cipher->driver init to qcrypto_*_cipher_ctx_new Richard Henderson
2020-08-17 16:56 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 10/17] crypto: Constify cipher data tables Richard Henderson
2020-08-13 8:03 ` Philippe Mathieu-Daudé
2020-08-17 16:56 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 11/17] crypto/builtin: Remove odd-sized AES block handling Richard Henderson
2020-08-17 16:57 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 12/17] crypto/builtin: Merge qcrypto_cipher_aes_{ecb, xts}_{en, de}crypt Richard Henderson
2020-08-13 8:05 ` Philippe Mathieu-Daudé
2020-08-17 17:00 ` [PATCH 12/17] crypto/builtin: Merge qcrypto_cipher_aes_{ecb,xts}_{en,de}crypt Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 13/17] crypto/builtin: Move AES_cbc_encrypt into cipher-builtin.inc.c Richard Henderson
2020-08-13 8:11 ` Philippe Mathieu-Daudé
2020-08-17 17:01 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 14/17] crypto/builtin: Split and simplify AES_encrypt_cbc Richard Henderson
2020-08-17 17:02 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 15/17] crypto/builtin: Split QCryptoCipherBuiltin into subclasses Richard Henderson
2020-08-28 13:44 ` Daniel P. Berrangé
2020-08-13 3:25 ` [PATCH 16/17] crypto/nettle: Split QCryptoCipherNettle " Richard Henderson
2020-08-28 13:46 ` Daniel P. Berrangé [this message]
2020-08-13 3:25 ` [PATCH 17/17] crypto/gcrypt: Split QCryptoCipherGcrypt " Richard Henderson
2020-08-28 13:52 ` Daniel P. Berrangé
2020-08-13 8:54 ` [PATCH 00/17] crypto/cipher: Class hierarchy cleanups Philippe Mathieu-Daudé
2020-08-13 10:48 ` no-reply
2020-08-13 11:11 ` no-reply
2020-08-17 16:45 ` Daniel P. Berrangé
2020-08-17 17:09 ` Daniel P. Berrangé
2020-08-17 20:49 ` Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20200828134632.GJ224144@redhat.com \
--to=berrange@redhat.com \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).