diff options
| author | Gonglei <arei.gonglei@huawei.com> | 2016-09-26 17:23:22 +0800 |
|---|---|---|
| committer | Daniel P. Berrange <berrange@redhat.com> | 2016-10-19 10:09:24 +0100 |
| commit | 3c28292f390f642bbb3dba0949ecf36aaf7be0d6 (patch) | |
| tree | 21c65cff1327d46cac536b32c671b6bcdd696715 /crypto/cipher-nettle.c | |
| parent | f844836ddccf3dbcba142128da5dd8ee618f3e91 (diff) | |
| download | qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.zip qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.tar.gz qemu-3c28292f390f642bbb3dba0949ecf36aaf7be0d6.tar.bz2 | |
crypto: add CTR mode support
Introduce CTR mode support for the cipher APIs.
CTR mode uses a counter rather than a traditional IV.
The counter has additional properties, including a nonce
and initial counter block. We reuse the ctx->iv as
the counter for conveniences.
Both libgcrypt and nettle are support CTR mode, the
cipher-builtin doesn't support yet.
Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'crypto/cipher-nettle.c')
| -rw-r--r-- | crypto/cipher-nettle.c | 15 |
1 files changed, 14 insertions, 1 deletions
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index 72d1069..cd094cd 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -28,6 +28,7 @@ #include <nettle/cast128.h> #include <nettle/serpent.h> #include <nettle/twofish.h> +#include <nettle/ctr.h> typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, size_t length, @@ -186,7 +187,7 @@ struct QCryptoCipherNettle { QCryptoCipherNettleFuncNative alg_decrypt_native; QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper; QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper; - + /* Initialization vector or Counter */ uint8_t *iv; size_t blocksize; }; @@ -236,6 +237,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: case QCRYPTO_CIPHER_MODE_XTS: + case QCRYPTO_CIPHER_MODE_CTR: break; default: error_setg(errp, "Unsupported cipher mode %s", @@ -441,6 +443,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher, ctx->iv, len, out, in); break; + case QCRYPTO_CIPHER_MODE_CTR: + ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, + ctx->blocksize, ctx->iv, + len, out, in); + break; + default: error_setg(errp, "Unsupported cipher mode %s", QCryptoCipherMode_lookup[cipher->mode]); @@ -480,6 +488,11 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher, ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, ctx->iv, len, out, in); break; + case QCRYPTO_CIPHER_MODE_CTR: + ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, + ctx->blocksize, ctx->iv, + len, out, in); + break; default: error_setg(errp, "Unsupported cipher mode %s", |