[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH] crypto: add CTR mode support
|
From: |
Gonglei |
|
Subject: |
[Qemu-devel] [PATCH] crypto: add CTR mode support |
|
Date: |
Thu, 22 Sep 2016 14:33:17 +0800 |
Introduce CTR mode support for the cipher APIs.
CTR mode uses a counter rather than a traditional IV.
The counter has additional properties, including a nonce
and initial counter block. We reuse the ctx->iv as
the counter for conveniences.
Both libgcrypt and nettle support CTR mode, the
cipher-builtin doesn't support yet.
Signed-off-by: Gonglei <address@hidden>
---
crypto/cipher-gcrypt.c | 25 ++++++++++++++++-----
crypto/cipher-nettle.c | 15 ++++++++++++-
crypto/cipher.c | 1 +
include/crypto/cipher.h | 6 ++---
qapi/crypto.json | 3 ++-
tests/test-crypto-cipher.c | 55 ++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 94 insertions(+), 11 deletions(-)
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c
index da3f4c7..97b015a 100644
--- a/crypto/cipher-gcrypt.c
+++ b/crypto/cipher-gcrypt.c
@@ -48,6 +48,7 @@ struct QCryptoCipherGcrypt {
gcry_cipher_hd_t handle;
gcry_cipher_hd_t tweakhandle;
size_t blocksize;
+ /* Initialization vector or Counter */
uint8_t *iv;
};
@@ -69,6 +70,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
case QCRYPTO_CIPHER_MODE_CBC:
gcrymode = GCRY_CIPHER_MODE_CBC;
break;
+ case QCRYPTO_CIPHER_MODE_CTR:
+ gcrymode = GCRY_CIPHER_MODE_CTR;
+ break;
default:
error_setg(errp, "Unsupported cipher mode %s",
QCryptoCipherMode_lookup[mode]);
@@ -339,12 +343,21 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
if (ctx->iv) {
memcpy(ctx->iv, iv, niv);
} else {
- gcry_cipher_reset(ctx->handle);
- err = gcry_cipher_setiv(ctx->handle, iv, niv);
- if (err != 0) {
- error_setg(errp, "Cannot set IV: %s",
- gcry_strerror(err));
- return -1;
+ if (cipher->mode == QCRYPTO_CIPHER_MODE_CTR) {
+ err = gcry_cipher_setctr(ctx->handle, iv, niv);
+ if (err != 0) {
+ error_setg(errp, "Cannot set Counter: %s",
+ gcry_strerror(err));
+ return -1;
+ }
+ } else {
+ gcry_cipher_reset(ctx->handle);
+ err = gcry_cipher_setiv(ctx->handle, iv, niv);
+ if (err != 0) {
+ error_setg(errp, "Cannot set IV: %s",
+ gcry_strerror(err));
+ return -1;
+ }
}
}
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index 879d831..4b673aa 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -28,6 +28,7 @@
#include <nettle/cast128.h>
#include <nettle/serpent.h>
#include <nettle/twofish.h>
+#include <nettle/ctr.h>
typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
size_t length,
@@ -186,7 +187,7 @@ struct QCryptoCipherNettle {
QCryptoCipherNettleFuncNative alg_decrypt_native;
QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
-
+ /* Initialization vector or Counter */
uint8_t *iv;
size_t blocksize;
};
@@ -225,6 +226,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm
alg,
case QCRYPTO_CIPHER_MODE_ECB:
case QCRYPTO_CIPHER_MODE_CBC:
case QCRYPTO_CIPHER_MODE_XTS:
+ case QCRYPTO_CIPHER_MODE_CTR:
break;
default:
error_setg(errp, "Unsupported cipher mode %s",
@@ -430,6 +432,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
ctx->iv, len, out, in);
break;
+ case QCRYPTO_CIPHER_MODE_CTR:
+ ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
+ ctx->blocksize, ctx->iv,
+ len, out, in);
+ break;
+
default:
error_setg(errp, "Unsupported cipher mode %s",
QCryptoCipherMode_lookup[cipher->mode]);
@@ -469,6 +477,11 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
ctx->iv, len, out, in);
break;
+ case QCRYPTO_CIPHER_MODE_CTR:
+ ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
+ ctx->blocksize, ctx->iv,
+ len, out, in);
+ break;
default:
error_setg(errp, "Unsupported cipher mode %s",
diff --git a/crypto/cipher.c b/crypto/cipher.c
index cafb454..a9bca41 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -55,6 +55,7 @@ static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = {
[QCRYPTO_CIPHER_MODE_ECB] = false,
[QCRYPTO_CIPHER_MODE_CBC] = true,
[QCRYPTO_CIPHER_MODE_XTS] = true,
+ [QCRYPTO_CIPHER_MODE_CTR] = true,
};
diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h
index 376654d..f9015e1 100644
--- a/include/crypto/cipher.h
+++ b/include/crypto/cipher.h
@@ -213,16 +213,16 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
/**
* qcrypto_cipher_setiv:
* @cipher: the cipher object
- * @iv: the initialization vector bytes
+ * @iv: the initialization vector or counter (CTR mode) bytes
* @niv: the length of @iv
* @errpr: pointer to a NULL-initialized error object
*
* If the @cipher object is setup to use a mode that requires
- * initialization vectors, this sets the initialization vector
+ * initialization vectors or counter, this sets the @niv
* bytes. The @iv data should have the same length as the
* cipher key used when originally constructing the cipher
* object. It is an error to set an initialization vector
- * if the cipher mode does not require one.
+ * or counter if the cipher mode does not require one.
*
* Returns: 0 on success, -1 on error
*/
diff --git a/qapi/crypto.json b/qapi/crypto.json
index 34d2583..ca2b217 100644
--- a/qapi/crypto.json
+++ b/qapi/crypto.json
@@ -89,11 +89,12 @@
# @ecb: Electronic Code Book
# @cbc: Cipher Block Chaining
# @xts: XEX with tweaked code book and ciphertext stealing
+# @ctr: Counter (Since 2.8)
# Since: 2.6
##
{ 'enum': 'QCryptoCipherMode',
'prefix': 'QCRYPTO_CIPHER_MODE',
- 'data': ['ecb', 'cbc', 'xts']}
+ 'data': ['ecb', 'cbc', 'xts', 'ctr']}
##
diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c
index b89dfa2..49f8e9d 100644
--- a/tests/test-crypto-cipher.c
+++ b/tests/test-crypto-cipher.c
@@ -380,6 +380,61 @@ static QCryptoCipherTestData test_data[] = {
.key =
"27182818284590452353602874713526"
"31415926535897932384626433832795",
+ },
+ {
+ /* NIST F.5.1 CTR-AES128.Encrypt */
+ .path = "/crypto/cipher/aes-ctr-128",
+ .alg = QCRYPTO_CIPHER_ALG_AES_128,
+ .mode = QCRYPTO_CIPHER_MODE_CTR,
+ .key = "2b7e151628aed2a6abf7158809cf4f3c",
+ .iv = "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
+ .plaintext =
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710",
+ .ciphertext =
+ "874d6191b620e3261bef6864990db6ce"
+ "9806f66b7970fdff8617187bb9fffdff"
+ "5ae4df3edbd5d35e5b4f09020db03eab"
+ "1e031dda2fbe03d1792170a0f3009cee",
+ },
+ {
+ /* NIST F.5.3 CTR-AES192.Encrypt */
+ .path = "/crypto/cipher/aes-ctr-192",
+ .alg = QCRYPTO_CIPHER_ALG_AES_192,
+ .mode = QCRYPTO_CIPHER_MODE_CTR,
+ .key = "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b",
+ .iv = "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
+ .plaintext =
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710",
+ .ciphertext =
+ "1abc932417521ca24f2b0459fe7e6e0b"
+ "090339ec0aa6faefd5ccc2c6f4ce8e94"
+ "1e36b26bd1ebc670d1bd1d665620abf7"
+ "4f78a7f6d29809585a97daec58c6b050",
+ },
+ {
+ /* NIST F.5.5 CTR-AES256.Encrypt */
+ .path = "/crypto/cipher/aes-ctr-256",
+ .alg = QCRYPTO_CIPHER_ALG_AES_256,
+ .mode = QCRYPTO_CIPHER_MODE_CTR,
+ .key = "603deb1015ca71be2b73aef0857d7781"
+ "1f352c073b6108d72d9810a30914dff4",
+ .iv = "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff",
+ .plaintext =
+ "6bc1bee22e409f96e93d7e117393172a"
+ "ae2d8a571e03ac9c9eb76fac45af8e51"
+ "30c81c46a35ce411e5fbc1191a0a52ef"
+ "f69f2445df4f9b17ad2b417be66c3710",
+ .ciphertext =
+ "601ec313775789a5b7a7f504bbf3d228"
+ "f443e3ca4d62b59aca84e990cacaf5c5"
+ "2b0930daa23de94ce87017ba2d84988d"
+ "dfc9c58db67aada613c2dd08457941a6",
}
};
--
1.7.12.4
- [Qemu-devel] [PATCH] crypto: add CTR mode support,
Gonglei <=