From patchwork Mon Dec 5 11:39:08 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: "Longpeng (Mike, Cloud Infrastructure Service Product Dept.)" X-Patchwork-Id: 702710 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Received: from lists.gnu.org (lists.gnu.org [IPv6:2001:4830:134:3::11]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3tXNH10rDYz9t1F for ; Mon, 5 Dec 2016 22:45:17 +1100 (AEDT) Received: from localhost ([::1]:39347 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDrhq-0001sf-B2 for incoming@patchwork.ozlabs.org; Mon, 05 Dec 2016 06:45:14 -0500 Received: from eggs.gnu.org ([2001:4830:134:3::10]:58527) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1cDrci-0005hB-5e for qemu-devel@nongnu.org; Mon, 05 Dec 2016 06:39:57 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1cDrcf-0004Lg-19 for qemu-devel@nongnu.org; Mon, 05 Dec 2016 06:39:56 -0500 Received: from szxga03-in.huawei.com ([119.145.14.66]:60501) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1cDrce-0004F8-El for qemu-devel@nongnu.org; Mon, 05 Dec 2016 06:39:52 -0500 Received: from 172.24.1.60 (EHLO SZXEML424-HUB.china.huawei.com) ([172.24.1.60]) by szxrg03-dlp.huawei.com (MOS 4.4.3-GA FastPath queued) with ESMTP id CMI25686; Mon, 05 Dec 2016 19:39:43 +0800 (CST) Received: from localhost (10.177.246.209) by SZXEML424-HUB.china.huawei.com (10.82.67.153) with Microsoft SMTP Server id 14.3.235.1; Mon, 5 Dec 2016 19:39:32 +0800 From: "Longpeng(Mike)" To: Date: Mon, 5 Dec 2016 19:39:08 +0800 Message-ID: <1480937949-173580-2-git-send-email-longpeng2@huawei.com> X-Mailer: git-send-email 1.8.4.msysgit.0 In-Reply-To: <1480937949-173580-1-git-send-email-longpeng2@huawei.com> References: <1480937949-173580-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 X-Originating-IP: [10.177.246.209] X-CFilter-Loop: Reflected X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.4.x-2.6.x [generic] [fuzzy] X-Received-From: 119.145.14.66 Subject: [Qemu-devel] [PATCH for-2.9 v2 1/2] cryptodev: fix the check of aes algorithm X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: longpeng2@huawei.com, qemu-devel@nongnu.org, wu.wubin@huawei.com, jianjay.zhou@huawei.com Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" As the key length of xts(aes) is different with other mode of aes, so we should check specially in cryptodev_builtin_get_aes_algo, if it is xts mode. Signed-off-by: Longpeng(Mike) --- backends/cryptodev-builtin.c | 47 +++++++++++++++++++++++++++++++------------- 1 file changed, 33 insertions(+), 14 deletions(-) diff --git a/backends/cryptodev-builtin.c b/backends/cryptodev-builtin.c index eda954b..57980cb 100644 --- a/backends/cryptodev-builtin.c +++ b/backends/cryptodev-builtin.c @@ -111,23 +111,42 @@ cryptodev_builtin_get_unused_session_index( return -1; } +#define AES_KEYSIZE_128 16 +#define AES_KEYSIZE_192 24 +#define AES_KEYSIZE_256 32 +#define AES_KEYSIZE_128_XTS AES_KEYSIZE_256 +#define AES_KEYSIZE_256_XTS 64 + static int -cryptodev_builtin_get_aes_algo(uint32_t key_len, Error **errp) +cryptodev_builtin_get_aes_algo(uint32_t key_len, int mode, Error **errp) { int algo; - if (key_len == 128 / 8) { + if (key_len == AES_KEYSIZE_128) { algo = QCRYPTO_CIPHER_ALG_AES_128; - } else if (key_len == 192 / 8) { + } else if (key_len == AES_KEYSIZE_192) { algo = QCRYPTO_CIPHER_ALG_AES_192; - } else if (key_len == 256 / 8) { - algo = QCRYPTO_CIPHER_ALG_AES_256; + } else if (key_len == AES_KEYSIZE_256) { /* equals AES_KEYSIZE_128_XTS */ + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_128; + } else { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } + } else if (key_len == AES_KEYSIZE_256_XTS) { + if (mode == QCRYPTO_CIPHER_MODE_XTS) { + algo = QCRYPTO_CIPHER_ALG_AES_256; + } else { + goto err; + } } else { - error_setg(errp, "Unsupported key length :%u", key_len); - return -1; + goto err; } return algo; + +err: + error_setg(errp, "Unsupported key length :%u", key_len); + return -1; } static int cryptodev_builtin_create_cipher_session( @@ -155,32 +174,32 @@ static int cryptodev_builtin_create_cipher_session( switch (sess_info->cipher_alg) { case VIRTIO_CRYPTO_CIPHER_AES_ECB: + mode = QCRYPTO_CIPHER_MODE_ECB; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_ECB; break; case VIRTIO_CRYPTO_CIPHER_AES_CBC: + mode = QCRYPTO_CIPHER_MODE_CBC; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CBC; break; case VIRTIO_CRYPTO_CIPHER_AES_CTR: + mode = QCRYPTO_CIPHER_MODE_CTR; algo = cryptodev_builtin_get_aes_algo(sess_info->key_len, - errp); + mode, errp); if (algo < 0) { return -1; } - mode = QCRYPTO_CIPHER_MODE_CTR; break; case VIRTIO_CRYPTO_CIPHER_DES_ECB: - algo = QCRYPTO_CIPHER_ALG_DES_RFB; mode = QCRYPTO_CIPHER_MODE_ECB; + algo = QCRYPTO_CIPHER_ALG_DES_RFB; break; default: error_setg(errp, "Unsupported cipher alg :%u",