@@ -15,6 +15,7 @@
#define QCRYPTO_AFALGPRIV_H
#include <linux/if_alg.h>
+#include "crypto/cipher.h"
#define SALG_TYPE_LEN_MAX 14
#define SALG_NAME_LEN_MAX 64
@@ -32,6 +33,8 @@
typedef struct QCryptoAFAlg QCryptoAFAlg;
struct QCryptoAFAlg {
+ QCryptoCipher base;
+
int tfmfd;
int opfd;
struct msghdr *msg;
@@ -58,7 +58,7 @@ qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm alg,
return name;
}
-QCryptoAFAlg *
+QCryptoCipher *
qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
QCryptoCipherMode mode,
const uint8_t *key,
@@ -109,7 +109,7 @@ qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
}
afalg->cmsg = CMSG_FIRSTHDR(afalg->msg);
- return afalg;
+ return &afalg->base;
}
static int
@@ -117,9 +117,9 @@ qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher,
const uint8_t *iv,
size_t niv, Error **errp)
{
+ QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base);
struct af_alg_iv *alg_iv;
size_t expect_niv;
- QCryptoAFAlg *afalg = cipher->opaque;
expect_niv = qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode);
if (niv != expect_niv) {
@@ -200,8 +200,9 @@ qcrypto_afalg_cipher_encrypt(QCryptoCipher *cipher,
const void *in, void *out,
size_t len, Error **errp)
{
- return qcrypto_afalg_cipher_op(cipher->opaque, in, out,
- len, true, errp);
+ QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base);
+
+ return qcrypto_afalg_cipher_op(afalg, in, out, len, true, errp);
}
static int
@@ -209,13 +210,16 @@ qcrypto_afalg_cipher_decrypt(QCryptoCipher *cipher,
const void *in, void *out,
size_t len, Error **errp)
{
- return qcrypto_afalg_cipher_op(cipher->opaque, in, out,
- len, false, errp);
+ QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base);
+
+ return qcrypto_afalg_cipher_op(afalg, in, out, len, false, errp);
}
static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher)
{
- qcrypto_afalg_comm_free(cipher->opaque);
+ QCryptoAFAlg *afalg = container_of(cipher, QCryptoAFAlg, base);
+
+ qcrypto_afalg_comm_free(afalg);
}
const struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = {
@@ -41,6 +41,8 @@ struct QCryptoCipherBuiltinDESRFB {
typedef struct QCryptoCipherBuiltin QCryptoCipherBuiltin;
struct QCryptoCipherBuiltin {
+ QCryptoCipher base;
+
union {
QCryptoCipherBuiltinAES aes;
QCryptoCipherBuiltinDESRFB desrfb;
@@ -65,10 +67,7 @@ struct QCryptoCipherBuiltin {
static void qcrypto_cipher_free_aes(QCryptoCipher *cipher)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
-
- g_free(ctxt);
- cipher->opaque = NULL;
+ g_free(cipher);
}
@@ -152,7 +151,8 @@ static int qcrypto_cipher_encrypt_aes(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
switch (cipher->mode) {
case QCRYPTO_CIPHER_MODE_ECB:
@@ -186,7 +186,8 @@ static int qcrypto_cipher_decrypt_aes(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
switch (cipher->mode) {
case QCRYPTO_CIPHER_MODE_ECB:
@@ -217,7 +218,9 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher,
const uint8_t *iv, size_t niv,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
+
if (niv != AES_BLOCK_SIZE) {
error_setg(errp, "IV must be %d bytes not %zu",
AES_BLOCK_SIZE, niv);
@@ -232,7 +235,7 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher,
-static QCryptoCipherBuiltin *
+static QCryptoCipher *
qcrypto_cipher_init_aes(QCryptoCipherMode mode,
const uint8_t *key, size_t nkey,
Error **errp)
@@ -289,7 +292,7 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode,
ctxt->encrypt = qcrypto_cipher_encrypt_aes;
ctxt->decrypt = qcrypto_cipher_decrypt_aes;
- return ctxt;
+ return &ctxt->base;
error:
g_free(ctxt);
@@ -299,11 +302,11 @@ qcrypto_cipher_init_aes(QCryptoCipherMode mode,
static void qcrypto_cipher_free_des_rfb(QCryptoCipher *cipher)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
g_free(ctxt->state.desrfb.key);
g_free(ctxt);
- cipher->opaque = NULL;
}
@@ -313,7 +316,8 @@ static int qcrypto_cipher_encrypt_des_rfb(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
size_t i;
if (len % 8) {
@@ -338,7 +342,8 @@ static int qcrypto_cipher_decrypt_des_rfb(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
size_t i;
if (len % 8) {
@@ -366,7 +371,7 @@ static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher,
}
-static QCryptoCipherBuiltin *
+static QCryptoCipher *
qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode,
const uint8_t *key, size_t nkey,
Error **errp)
@@ -391,7 +396,7 @@ qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode,
ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb;
ctxt->decrypt = qcrypto_cipher_decrypt_des_rfb;
- return ctxt;
+ return &ctxt->base;
}
@@ -421,14 +426,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
}
-static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key,
- size_t nkey,
- Error **errp)
+static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
- QCryptoCipherBuiltin *ctxt;
-
switch (mode) {
case QCRYPTO_CIPHER_MODE_ECB:
case QCRYPTO_CIPHER_MODE_CBC:
@@ -446,29 +449,25 @@ static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
switch (alg) {
case QCRYPTO_CIPHER_ALG_DES_RFB:
- ctxt = qcrypto_cipher_init_des_rfb(mode, key, nkey, errp);
- break;
+ return qcrypto_cipher_init_des_rfb(mode, key, nkey, errp);
case QCRYPTO_CIPHER_ALG_AES_128:
case QCRYPTO_CIPHER_ALG_AES_192:
case QCRYPTO_CIPHER_ALG_AES_256:
- ctxt = qcrypto_cipher_init_aes(mode, key, nkey, errp);
- break;
+ return qcrypto_cipher_init_aes(mode, key, nkey, errp);
default:
error_setg(errp,
"Unsupported cipher algorithm %s",
QCryptoCipherAlgorithm_str(alg));
return NULL;
}
-
- return ctxt;
}
static void
qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher)
{
- QCryptoCipherBuiltin *ctxt;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
- ctxt = cipher->opaque;
ctxt->free(cipher);
}
@@ -480,7 +479,8 @@ qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
if (len & (ctxt->blocksize - 1)) {
error_setg(errp, "Length %zu must be a multiple of block size %zu",
@@ -499,7 +499,8 @@ qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
if (len & (ctxt->blocksize - 1)) {
error_setg(errp, "Length %zu must be a multiple of block size %zu",
@@ -516,7 +517,8 @@ qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher,
const uint8_t *iv, size_t niv,
Error **errp)
{
- QCryptoCipherBuiltin *ctxt = cipher->opaque;
+ QCryptoCipherBuiltin *ctxt
+ = container_of(cipher, QCryptoCipherBuiltin, base);
return ctxt->setiv(cipher, iv, niv, errp);
}
@@ -58,6 +58,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
typedef struct QCryptoCipherGcrypt QCryptoCipherGcrypt;
struct QCryptoCipherGcrypt {
+ QCryptoCipher base;
gcry_cipher_hd_t handle;
size_t blocksize;
#ifdef CONFIG_QEMU_PRIVATE_XTS
@@ -86,11 +87,11 @@ qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx,
}
-static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key,
- size_t nkey,
- Error **errp)
+static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
QCryptoCipherGcrypt *ctx;
gcry_error_t err;
@@ -257,7 +258,7 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
}
#endif
- return ctx;
+ return &ctx->base;
error:
qcrypto_gcrypt_cipher_free_ctx(ctx, mode);
@@ -268,7 +269,9 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
static void
qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher)
{
- qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode);
+ QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base);
+
+ qcrypto_gcrypt_cipher_free_ctx(ctx, cipher->mode);
}
@@ -301,7 +304,7 @@ qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherGcrypt *ctx = cipher->opaque;
+ QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base);
gcry_error_t err;
if (len & (ctx->blocksize - 1)) {
@@ -340,7 +343,7 @@ qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherGcrypt *ctx = cipher->opaque;
+ QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base);
gcry_error_t err;
if (len & (ctx->blocksize - 1)) {
@@ -376,7 +379,7 @@ qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher,
const uint8_t *iv, size_t niv,
Error **errp)
{
- QCryptoCipherGcrypt *ctx = cipher->opaque;
+ QCryptoCipherGcrypt *ctx = container_of(cipher, QCryptoCipherGcrypt, base);
gcry_error_t err;
if (niv != ctx->blocksize) {
@@ -294,6 +294,8 @@ static void twofish_decrypt_wrapper(const void *ctx, size_t length,
typedef struct QCryptoCipherNettle QCryptoCipherNettle;
struct QCryptoCipherNettle {
+ QCryptoCipher base;
+
/* Primary cipher context for all modes */
void *ctx;
/* Second cipher context for XTS mode only */
@@ -355,11 +357,11 @@ qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
}
-static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key,
- size_t nkey,
- Error **errp)
+static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
QCryptoCipherNettle *ctx;
uint8_t *rfbkey;
@@ -585,7 +587,7 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
ctx->iv = g_new0(uint8_t, ctx->blocksize);
- return ctx;
+ return &ctx->base;
error:
qcrypto_nettle_cipher_free_ctx(ctx);
@@ -596,9 +598,8 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
static void
qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher)
{
- QCryptoCipherNettle *ctx;
+ QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base);
- ctx = cipher->opaque;
qcrypto_nettle_cipher_free_ctx(ctx);
}
@@ -610,7 +611,7 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherNettle *ctx = cipher->opaque;
+ QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base);
if (len & (ctx->blocksize - 1)) {
error_setg(errp, "Length %zu must be a multiple of block size %zu",
@@ -663,7 +664,7 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher,
size_t len,
Error **errp)
{
- QCryptoCipherNettle *ctx = cipher->opaque;
+ QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base);
if (len & (ctx->blocksize - 1)) {
error_setg(errp, "Length %zu must be a multiple of block size %zu",
@@ -713,7 +714,8 @@ qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher,
const uint8_t *iv, size_t niv,
Error **errp)
{
- QCryptoCipherNettle *ctx = cipher->opaque;
+ QCryptoCipherNettle *ctx = container_of(cipher, QCryptoCipherNettle, base);
+
if (niv != ctx->blocksize) {
error_setg(errp, "Expected IV size %zu not %zu",
ctx->blocksize, niv);
@@ -163,30 +163,27 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
const uint8_t *key, size_t nkey,
Error **errp)
{
- QCryptoCipher *cipher;
- void *ctx = NULL;
+ QCryptoCipher *cipher = NULL;
const QCryptoCipherDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
- ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
- if (ctx) {
+ cipher = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, NULL);
+ if (cipher) {
drv = &qcrypto_cipher_afalg_driver;
}
#endif
- if (!ctx) {
- ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
- if (!ctx) {
+ if (!cipher) {
+ cipher = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
+ if (!cipher) {
return NULL;
}
drv = &qcrypto_cipher_lib_driver;
}
- cipher = g_new0(QCryptoCipher, 1);
cipher->alg = alg;
cipher->mode = mode;
- cipher->opaque = ctx;
cipher->driver = drv;
return cipher;
@@ -226,10 +223,7 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
void qcrypto_cipher_free(QCryptoCipher *cipher)
{
- const QCryptoCipherDriver *drv;
if (cipher) {
- drv = cipher->driver;
- drv->cipher_free(cipher);
- g_free(cipher);
+ cipher->driver->cipher_free(cipher);
}
}
@@ -41,7 +41,7 @@ struct QCryptoCipherDriver {
#include "afalgpriv.h"
-extern QCryptoAFAlg *
+extern QCryptoCipher *
qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
QCryptoCipherMode mode,
const uint8_t *key,
@@ -80,7 +80,6 @@ typedef struct QCryptoCipherDriver QCryptoCipherDriver;
struct QCryptoCipher {
QCryptoCipherAlgorithm alg;
QCryptoCipherMode mode;
- void *opaque;
const QCryptoCipherDriver *driver;
};