motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-12-17 21:26:13 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: add CTR mode support

Browse source 
Introduce CTR mode support for the cipher APIs.
CTR mode uses a counter rather than a traditional IV.
The counter has additional properties, including a nonce
and initial counter block. We reuse the ctx->iv as
the counter for conveniences.

Both libgcrypt and nettle are support CTR mode, the
cipher-builtin doesn't support yet.

Signed-off-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Gonglei 2016-09-26 17:23:22 +08:00 committed by Daniel P. Berrange
parent f844836ddc
commit 3c28292f39
6 changed files with 94 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

25
crypto/cipher-gcrypt.c
View file

@ -59,6 +59,7 @@ struct QCryptoCipherGcrypt {
gcry_cipher_hd_t handle;
gcry_cipher_hd_t tweakhandle;
size_t blocksize;
/* Initialization vector or Counter */
uint8_t *iv;
};
@ -80,6 +81,9 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
case QCRYPTO_CIPHER_MODE_CBC:
gcrymode = GCRY_CIPHER_MODE_CBC;
break;
case QCRYPTO_CIPHER_MODE_CTR:
gcrymode = GCRY_CIPHER_MODE_CTR;
break;
default:
error_setg(errp, "Unsupported cipher mode %s",
QCryptoCipherMode_lookup[mode]);
@ -350,12 +354,21 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
if (ctx->iv) {
memcpy(ctx->iv, iv, niv);
} else {
gcry_cipher_reset(ctx->handle);
err = gcry_cipher_setiv(ctx->handle, iv, niv);
if (err != 0) {
error_setg(errp, "Cannot set IV: %s",
gcry_strerror(err));
return -1;
if (cipher->mode == QCRYPTO_CIPHER_MODE_CTR) {
err = gcry_cipher_setctr(ctx->handle, iv, niv);
if (err != 0) {
error_setg(errp, "Cannot set Counter: %s",
gcry_strerror(err));
return -1;
}
} else {
gcry_cipher_reset(ctx->handle);
err = gcry_cipher_setiv(ctx->handle, iv, niv);
if (err != 0) {
error_setg(errp, "Cannot set IV: %s",
gcry_strerror(err));
return -1;
}
}
}