diff options
Diffstat (limited to 'qemu/crypto/cipher.c')
-rw-r--r-- | qemu/crypto/cipher.c | 157 |
1 files changed, 0 insertions, 157 deletions
diff --git a/qemu/crypto/cipher.c b/qemu/crypto/cipher.c deleted file mode 100644 index cafb45436..000000000 --- a/qemu/crypto/cipher.c +++ /dev/null @@ -1,157 +0,0 @@ -/* - * QEMU Crypto cipher algorithms - * - * Copyright (c) 2015 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see <http://www.gnu.org/licenses/>. - * - */ - -#include "qemu/osdep.h" -#include "qapi/error.h" -#include "crypto/cipher.h" - - -static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { - [QCRYPTO_CIPHER_ALG_AES_128] = 16, - [QCRYPTO_CIPHER_ALG_AES_192] = 24, - [QCRYPTO_CIPHER_ALG_AES_256] = 32, - [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, - [QCRYPTO_CIPHER_ALG_CAST5_128] = 16, - [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, - [QCRYPTO_CIPHER_ALG_SERPENT_192] = 24, - [QCRYPTO_CIPHER_ALG_SERPENT_256] = 32, - [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16, - [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24, - [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32, -}; - -static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { - [QCRYPTO_CIPHER_ALG_AES_128] = 16, - [QCRYPTO_CIPHER_ALG_AES_192] = 16, - [QCRYPTO_CIPHER_ALG_AES_256] = 16, - [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, - [QCRYPTO_CIPHER_ALG_CAST5_128] = 8, - [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, - [QCRYPTO_CIPHER_ALG_SERPENT_192] = 16, - [QCRYPTO_CIPHER_ALG_SERPENT_256] = 16, - [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16, - [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16, - [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16, -}; - -static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { - [QCRYPTO_CIPHER_MODE_ECB] = false, - [QCRYPTO_CIPHER_MODE_CBC] = true, - [QCRYPTO_CIPHER_MODE_XTS] = true, -}; - - -size_t qcrypto_cipher_get_block_len(QCryptoCipherAlgorithm alg) -{ - if (alg >= G_N_ELEMENTS(alg_key_len)) { - return 0; - } - return alg_block_len[alg]; -} - - -size_t qcrypto_cipher_get_key_len(QCryptoCipherAlgorithm alg) -{ - if (alg >= G_N_ELEMENTS(alg_key_len)) { - return 0; - } - return alg_key_len[alg]; -} - - -size_t qcrypto_cipher_get_iv_len(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode) -{ - if (alg >= G_N_ELEMENTS(alg_block_len)) { - return 0; - } - if (mode >= G_N_ELEMENTS(mode_need_iv)) { - return 0; - } - - if (mode_need_iv[mode]) { - return alg_block_len[alg]; - } - return 0; -} - - -static bool -qcrypto_cipher_validate_key_length(QCryptoCipherAlgorithm alg, - QCryptoCipherMode mode, - size_t nkey, - Error **errp) -{ - if ((unsigned)alg >= QCRYPTO_CIPHER_ALG__MAX) { - error_setg(errp, "Cipher algorithm %d out of range", - alg); - return false; - } - - if (mode == QCRYPTO_CIPHER_MODE_XTS) { - if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) { - error_setg(errp, "XTS mode not compatible with DES-RFB"); - return false; - } - if (nkey % 2) { - error_setg(errp, "XTS cipher key length should be a multiple of 2"); - return false; - } - - if (alg_key_len[alg] != (nkey / 2)) { - error_setg(errp, "Cipher key length %zu should be %zu", - nkey, alg_key_len[alg] * 2); - return false; - } - } else { - if (alg_key_len[alg] != nkey) { - error_setg(errp, "Cipher key length %zu should be %zu", - nkey, alg_key_len[alg]); - return false; - } - } - return true; -} - -#if defined(CONFIG_GCRYPT) || defined(CONFIG_NETTLE) -static uint8_t * -qcrypto_cipher_munge_des_rfb_key(const uint8_t *key, - size_t nkey) -{ - uint8_t *ret = g_new0(uint8_t, nkey); - size_t i; - for (i = 0; i < nkey; i++) { - uint8_t r = key[i]; - r = (r & 0xf0) >> 4 | (r & 0x0f) << 4; - r = (r & 0xcc) >> 2 | (r & 0x33) << 2; - r = (r & 0xaa) >> 1 | (r & 0x55) << 1; - ret[i] = r; - } - return ret; -} -#endif /* CONFIG_GCRYPT || CONFIG_NETTLE */ - -#ifdef CONFIG_GCRYPT -#include "crypto/cipher-gcrypt.c" -#elif defined CONFIG_NETTLE -#include "crypto/cipher-nettle.c" -#else -#include "crypto/cipher-builtin.c" -#endif |