]>
Commit | Line | Data |
---|---|---|
ca38a4cc DB |
1 | /* |
2 | * QEMU Crypto cipher algorithms | |
3 | * | |
4 | * Copyright (c) 2015 Red Hat, Inc. | |
5 | * | |
6 | * This library is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU Lesser General Public | |
8 | * License as published by the Free Software Foundation; either | |
9 | * version 2 of the License, or (at your option) any later version. | |
10 | * | |
11 | * This library is distributed in the hope that it will be useful, | |
12 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
13 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU | |
14 | * Lesser General Public License for more details. | |
15 | * | |
16 | * You should have received a copy of the GNU Lesser General Public | |
17 | * License along with this library; if not, see <http://www.gnu.org/licenses/>. | |
18 | * | |
19 | */ | |
20 | ||
42f7a448 | 21 | #include "qemu/osdep.h" |
ca38a4cc DB |
22 | #include "crypto/cipher.h" |
23 | ||
62893b67 | 24 | |
d8c02bcc | 25 | static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { |
ca38a4cc DB |
26 | [QCRYPTO_CIPHER_ALG_AES_128] = 16, |
27 | [QCRYPTO_CIPHER_ALG_AES_192] = 24, | |
28 | [QCRYPTO_CIPHER_ALG_AES_256] = 32, | |
29 | [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, | |
084a85ee | 30 | [QCRYPTO_CIPHER_ALG_CAST5_128] = 16, |
94318522 DB |
31 | [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, |
32 | [QCRYPTO_CIPHER_ALG_SERPENT_192] = 24, | |
33 | [QCRYPTO_CIPHER_ALG_SERPENT_256] = 32, | |
50f6753e DB |
34 | [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16, |
35 | [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 24, | |
36 | [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 32, | |
ca38a4cc DB |
37 | }; |
38 | ||
d8c02bcc | 39 | static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { |
dd2bf9eb DB |
40 | [QCRYPTO_CIPHER_ALG_AES_128] = 16, |
41 | [QCRYPTO_CIPHER_ALG_AES_192] = 16, | |
42 | [QCRYPTO_CIPHER_ALG_AES_256] = 16, | |
43 | [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, | |
084a85ee | 44 | [QCRYPTO_CIPHER_ALG_CAST5_128] = 8, |
94318522 DB |
45 | [QCRYPTO_CIPHER_ALG_SERPENT_128] = 16, |
46 | [QCRYPTO_CIPHER_ALG_SERPENT_192] = 16, | |
47 | [QCRYPTO_CIPHER_ALG_SERPENT_256] = 16, | |
50f6753e DB |
48 | [QCRYPTO_CIPHER_ALG_TWOFISH_128] = 16, |
49 | [QCRYPTO_CIPHER_ALG_TWOFISH_192] = 16, | |
50 | [QCRYPTO_CIPHER_ALG_TWOFISH_256] = 16, | |
dd2bf9eb DB |
51 | }; |
52 | ||
d8c02bcc | 53 | static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { |
dd2bf9eb DB |
54 | [QCRYPTO_CIPHER_MODE_ECB] = false, |
55 | [QCRYPTO_CIPHER_MODE_CBC] = true, | |
56 | }; | |
57 | ||
58 | ||
59 | size_t qcrypto_cipher_get_block_len(QCryptoCipherAlgorithm alg) | |
60 | { | |
61 | if (alg >= G_N_ELEMENTS(alg_key_len)) { | |
62 | return 0; | |
63 | } | |
64 | return alg_block_len[alg]; | |
65 | } | |
66 | ||
67 | ||
68 | size_t qcrypto_cipher_get_key_len(QCryptoCipherAlgorithm alg) | |
69 | { | |
70 | if (alg >= G_N_ELEMENTS(alg_key_len)) { | |
71 | return 0; | |
72 | } | |
73 | return alg_key_len[alg]; | |
74 | } | |
75 | ||
76 | ||
77 | size_t qcrypto_cipher_get_iv_len(QCryptoCipherAlgorithm alg, | |
78 | QCryptoCipherMode mode) | |
79 | { | |
80 | if (alg >= G_N_ELEMENTS(alg_block_len)) { | |
81 | return 0; | |
82 | } | |
83 | if (mode >= G_N_ELEMENTS(mode_need_iv)) { | |
84 | return 0; | |
85 | } | |
86 | ||
87 | if (mode_need_iv[mode]) { | |
88 | return alg_block_len[alg]; | |
89 | } | |
90 | return 0; | |
91 | } | |
92 | ||
93 | ||
ca38a4cc DB |
94 | static bool |
95 | qcrypto_cipher_validate_key_length(QCryptoCipherAlgorithm alg, | |
96 | size_t nkey, | |
97 | Error **errp) | |
98 | { | |
d8c02bcc | 99 | if ((unsigned)alg >= QCRYPTO_CIPHER_ALG__MAX) { |
ca38a4cc DB |
100 | error_setg(errp, "Cipher algorithm %d out of range", |
101 | alg); | |
102 | return false; | |
103 | } | |
104 | ||
105 | if (alg_key_len[alg] != nkey) { | |
106 | error_setg(errp, "Cipher key length %zu should be %zu", | |
50de6261 | 107 | nkey, alg_key_len[alg]); |
ca38a4cc DB |
108 | return false; |
109 | } | |
110 | return true; | |
111 | } | |
112 | ||
91bfcdb0 | 113 | #if defined(CONFIG_GCRYPT) || defined(CONFIG_NETTLE) |
62893b67 DB |
114 | static uint8_t * |
115 | qcrypto_cipher_munge_des_rfb_key(const uint8_t *key, | |
116 | size_t nkey) | |
117 | { | |
118 | uint8_t *ret = g_new0(uint8_t, nkey); | |
119 | size_t i; | |
120 | for (i = 0; i < nkey; i++) { | |
121 | uint8_t r = key[i]; | |
122 | r = (r & 0xf0) >> 4 | (r & 0x0f) << 4; | |
123 | r = (r & 0xcc) >> 2 | (r & 0x33) << 2; | |
124 | r = (r & 0xaa) >> 1 | (r & 0x55) << 1; | |
125 | ret[i] = r; | |
126 | } | |
127 | return ret; | |
128 | } | |
91bfcdb0 | 129 | #endif /* CONFIG_GCRYPT || CONFIG_NETTLE */ |
62893b67 | 130 | |
91bfcdb0 | 131 | #ifdef CONFIG_GCRYPT |
62893b67 | 132 | #include "crypto/cipher-gcrypt.c" |
91bfcdb0 | 133 | #elif defined CONFIG_NETTLE |
ed754746 | 134 | #include "crypto/cipher-nettle.c" |
62893b67 | 135 | #else |
ca38a4cc | 136 | #include "crypto/cipher-builtin.c" |
62893b67 | 137 | #endif |