[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH for-2.9 1/2] cryptodev: fix the check of aes alg
|
From: |
Gonglei (Arei) |
|
Subject: |
Re: [Qemu-devel] [PATCH for-2.9 1/2] cryptodev: fix the check of aes algorithm |
|
Date: |
Mon, 5 Dec 2016 09:34:12 +0000 |
> -----Original Message-----
> From: longpeng
> Sent: Monday, December 05, 2016 3:44 PM
> To: Gonglei (Arei)
> Cc: longpeng; address@hidden; Wubin (H); Zhoujian (jay, Euler)
> Subject: [PATCH for-2.9 1/2] cryptodev: fix the check of aes algorithm
>
> As the key length of xts(aes) is different with other mode of aes,
> so we should check specially in cryptodev_builtin_get_aes_algo, if
> it is xts mode.
>
> Signed-off-by: Longpeng(Mike) <address@hidden>
> ---
> backends/cryptodev-builtin.c | 47
> +++++++++++++++++++++++++++++++-------------
> 1 file changed, 33 insertions(+), 14 deletions(-)
>
> diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c
> index eda954b..9dec6b8 100644
> --- a/backends/cryptodev-builtin.c
> +++ b/backends/cryptodev-builtin.c
> @@ -111,23 +111,42 @@ cryptodev_builtin_get_unused_session_index(
> return -1;
> }
>
> +#define AES_KEYSIZE_128 16
> +#define AES_KEYSIZE_128_XTS 32
> +#define AES_KEYSIZE_192 24
> +#define AES_KEYSIZE_256 32
> +#define AES_KEYSIZE_256_XTS 64
> +
> static int
> -cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp)
> +cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp)
> {
> int algo;
>
> - if (key_len == 128 / 8) {
> + if (key_len == AES_KEYSIZE_128) {
> algo = QCRYPTO_CIPHER_ALG_AES_128;
> - } else if (key_len == 192 / 8) {
> + } else if (key_len == AES_KEYSIZE_192) {
> algo = QCRYPTO_CIPHER_ALG_AES_192;
> - } else if (key_len == 256 / 8) {
> - algo = QCRYPTO_CIPHER_ALG_AES_256;
> + } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS
> */
So I think you can:
#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256
Regards,
-Gonglei
> + if (mode == QCRYPTO_CIPHER_MODE_XTS) {
> + algo = QCRYPTO_CIPHER_ALG_AES_128;
> + } else {
> + algo = QCRYPTO_CIPHER_ALG_AES_256;
> + }
> + } else if (key_len == AES_KEYSIZE_256_XTS) {
> + if (mode == QCRYPTO_CIPHER_MODE_XTS) {
> + algo = QCRYPTO_CIPHER_ALG_AES_256;
> + } else {
> + goto err;
> + }
> } else {
> - error_setg(errp, "Unsupported key length :%u", key_len);
> - return -1;
> + goto err;
> }
>
> return algo;
> +
> +err:
> + error_setg(errp, "Unsupported key length :%u", key_len);
> + return -1;
> }
>
> static int cryptodev_builtin_create_cipher_session(
> @@ -155,32 +174,32 @@ static int cryptodev_builtin_create_cipher_session(
>
> switch (sess_info->cipher_alg) {
> case VIRTIO_CRYPTO_CIPHER_AES_ECB:
> + mode = QCRYPTO_CIPHER_MODE_ECB;
> algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
> - errp);
> + mode, errp);
> if (algo < 0) {
> return -1;
> }
> - mode = QCRYPTO_CIPHER_MODE_ECB;
> break;
> case VIRTIO_CRYPTO_CIPHER_AES_CBC:
> + mode = QCRYPTO_CIPHER_MODE_CBC;
> algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
> - errp);
> + mode, errp);
> if (algo < 0) {
> return -1;
> }
> - mode = QCRYPTO_CIPHER_MODE_CBC;
> break;
> case VIRTIO_CRYPTO_CIPHER_AES_CTR:
> + mode = QCRYPTO_CIPHER_MODE_CTR;
> algo = cryptodev_builtin_get_aes_algo(sess_info->key_len,
> - errp);
> + mode, errp);
> if (algo < 0) {
> return -1;
> }
> - mode = QCRYPTO_CIPHER_MODE_CTR;
> break;
> case VIRTIO_CRYPTO_CIPHER_DES_ECB:
> - algo = QCRYPTO_CIPHER_ALG_DES_RFB;
> mode = QCRYPTO_CIPHER_MODE_ECB;
> + algo = QCRYPTO_CIPHER_ALG_DES_RFB;
> break;
> default:
> error_setg(errp, "Unsupported cipher alg :%u",
> --
> 1.8.3.1
>