aboutsummaryrefslogtreecommitdiff
path: root/crypto/cipher-nettle.c
diff options
context:
space:
mode:
authorDaniel P. Berrangé <berrange@redhat.com>2019-10-14 17:28:27 +0100
committerDaniel P. Berrangé <berrange@redhat.com>2019-10-28 16:45:07 +0100
commitdc2207af2de162005f7e9e534850d07232290cee (patch)
treed9c6191ac7fa37c5d22417ed0bff40b7ec927840 /crypto/cipher-nettle.c
parente0576942e005de0f9226913cb0750cf445a33565 (diff)
downloadqemu-dc2207af2de162005f7e9e534850d07232290cee.zip
qemu-dc2207af2de162005f7e9e534850d07232290cee.tar.gz
qemu-dc2207af2de162005f7e9e534850d07232290cee.tar.bz2
crypto: add support for nettle's native XTS impl
Nettle 3.5.0 will add support for the XTS mode. Use this because long term we wish to delete QEMU's XTS impl to avoid carrying private crypto algorithm impls. Unfortunately this degrades nettle performance from 612 MB/s to 568 MB/s as nettle's XTS impl isn't so well optimized yet. Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com> Reviewed-by: Stefano Garzarella <sgarzare@redhat.com> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
Diffstat (limited to 'crypto/cipher-nettle.c')
-rw-r--r--crypto/cipher-nettle.c18
1 files changed, 18 insertions, 0 deletions
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index d7411bb..7e9a4cc 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -19,7 +19,9 @@
*/
#include "qemu/osdep.h"
+#ifdef CONFIG_QEMU_PRIVATE_XTS
#include "crypto/xts.h"
+#endif
#include "cipherpriv.h"
#include <nettle/nettle-types.h>
@@ -30,6 +32,9 @@
#include <nettle/serpent.h>
#include <nettle/twofish.h>
#include <nettle/ctr.h>
+#ifndef CONFIG_QEMU_PRIVATE_XTS
+#include <nettle/xts.h>
+#endif
typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
size_t length,
@@ -626,9 +631,15 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher,
break;
case QCRYPTO_CIPHER_MODE_XTS:
+#ifdef CONFIG_QEMU_PRIVATE_XTS
xts_encrypt(ctx->ctx, ctx->ctx_tweak,
ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper,
ctx->iv, len, out, in);
+#else
+ xts_encrypt_message(ctx->ctx, ctx->ctx_tweak,
+ ctx->alg_encrypt_native,
+ ctx->iv, len, out, in);
+#endif
break;
case QCRYPTO_CIPHER_MODE_CTR:
@@ -673,9 +684,16 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher,
break;
case QCRYPTO_CIPHER_MODE_XTS:
+#ifdef CONFIG_QEMU_PRIVATE_XTS
xts_decrypt(ctx->ctx, ctx->ctx_tweak,
ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
ctx->iv, len, out, in);
+#else
+ xts_decrypt_message(ctx->ctx, ctx->ctx_tweak,
+ ctx->alg_decrypt_native,
+ ctx->alg_encrypt_native,
+ ctx->iv, len, out, in);
+#endif
break;
case QCRYPTO_CIPHER_MODE_CTR:
ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,