From: "Longpeng(Mike)" <longpeng2@huawei.com>
To: berrange@redhat.com
Cc: arei.gonglei@huawei.com, longpeng.mike@gmail.com,
qemu-devel@nongnu.org, weidong.huang@huawei.com,
"Longpeng(Mike)" <longpeng2@huawei.com>
Subject: [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support
Date: Sat, 22 Apr 2017 15:20:24 +0800 [thread overview]
Message-ID: <1492845627-4384-16-git-send-email-longpeng2@huawei.com> (raw)
In-Reply-To: <1492845627-4384-1-git-send-email-longpeng2@huawei.com>
Adds afalg-backend hmac support: introduces some private APIs
firstly, and then intergrates them into qcrypto_hmac_afalg_driver.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hash-afalg.c | 108 +++++++++++++++++++++++++++++++++++++++++++-------
crypto/hmac.c | 27 ++++++++++++-
crypto/hmacpriv.h | 9 +++++
include/crypto/hmac.h | 8 ++++
4 files changed, 136 insertions(+), 16 deletions(-)
diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
index f577c83..0670481 100644
--- a/crypto/hash-afalg.c
+++ b/crypto/hash-afalg.c
@@ -1,5 +1,5 @@
/*
- * QEMU Crypto af_alg-backend hash support
+ * QEMU Crypto af_alg-backend hash/hmac support
*
* Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
*
@@ -16,10 +16,13 @@
#include "qemu-common.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "crypto/hmac.h"
#include "hashpriv.h"
+#include "hmacpriv.h"
static char *
qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
+ bool is_hmac,
Error **errp)
{
char *name;
@@ -55,10 +58,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
}
name = g_new0(char, SALG_NAME_LEN_MAX);
- ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
+ if (is_hmac) {
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "hmac(%s)", alg_name);
+ } else { /* hash */
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
+ }
if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
- error_setg(errp, "Build hash name(name='%s') failed",
- alg_name);
+ error_setg(errp, "Build %s name(name='%s') failed",
+ is_hmac ? "hmac" : "hash", alg_name);
g_free(name);
return NULL;
}
@@ -67,12 +74,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
}
static QCryptoAFAlg *
-qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
+qcrypto_afalg_hash_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ bool is_hmac, Error **errp)
{
QCryptoAFAlg *afalg;
char *name;
- name = qcrypto_afalg_hash_format_name(alg, errp);
+ name = qcrypto_afalg_hash_format_name(alg, is_hmac, errp);
if (!name) {
return NULL;
}
@@ -84,22 +93,49 @@ qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
}
afalg->name = name;
+ /* HMAC needs setkey */
+ if (is_hmac) {
+ if (qemu_setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY,
+ key, nkey) != 0) {
+ error_setg_errno(errp, errno, "Set hmac key failed");
+ qcrypto_afalg_comm_free(afalg);
+ return NULL;
+ }
+ }
+
/* prepare msg header */
afalg->msg = g_new0(struct msghdr, 1);
return afalg;
}
+static QCryptoAFAlg *
+qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, NULL, 0, false, errp);
+}
+
+QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, key, nkey, true, errp);
+}
+
static int
-qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov, uint8_t **result,
- size_t *resultlen,
- Error **errp)
+qcrypto_afalg_hash_hmac_bytesv(QCryptoAFAlg *hmac,
+ QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoAFAlg *afalg;
struct iovec outv;
int ret = 0;
+ bool is_hmac = (hmac != NULL) ? true : false;
const int except_len = qcrypto_hash_digest_len(alg);
if (*resultlen == 0) {
@@ -112,9 +148,13 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
return -1;
}
- afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
- if (afalg == NULL) {
- return -1;
+ if (is_hmac) {
+ afalg = hmac;
+ } else {
+ afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
+ if (afalg == NULL) {
+ return -1;
+ }
}
/* send data to kernel's crypto core */
@@ -138,10 +178,48 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
}
out:
- qcrypto_afalg_comm_free(afalg);
+ if (!is_hmac) {
+ qcrypto_afalg_comm_free(afalg);
+ }
return ret;
}
+static int
+qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(NULL, alg, iov, niov, result,
+ resultlen, errp);
+}
+
+static int
+qcrypto_afalg_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(hmac->opaque, hmac->alg,
+ iov, niov, result, resultlen,
+ errp);
+}
+
+static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac)
+{
+ QCryptoAFAlg *afalg;
+
+ afalg = hmac->opaque;
+ qcrypto_afalg_comm_free(afalg);
+}
+
QCryptoHashDriver qcrypto_hash_afalg_driver = {
.hash_bytesv = qcrypto_afalg_hash_bytesv,
};
+
+QCryptoHmacDriver qcrypto_hmac_afalg_driver = {
+ .hmac_bytesv = qcrypto_afalg_hmac_bytesv,
+ .hmac_free = qcrypto_afalg_hmac_ctx_free,
+};
diff --git a/crypto/hmac.c b/crypto/hmac.c
index d040fbb..0a1a6e7 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -90,16 +90,32 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
{
QCryptoHmac *hmac;
void *ctx;
+ Error *err2 = NULL;
+ QCryptoHmacDriver *drv;
+
+#ifdef CONFIG_AF_ALG
+ ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
+ if (ctx) {
+ drv = &qcrypto_hmac_afalg_driver;
+ goto set_hmac;
+ }
+#endif
ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
if (ctx == NULL) {
return NULL;
}
+ drv = &qcrypto_hmac_lib_driver;
+ error_free(err2);
+
+#ifdef CONFIG_AF_ALG
+set_hmac:
+#endif
hmac = g_new0(QCryptoHmac, 1);
hmac->alg = alg;
hmac->opaque = ctx;
- hmac->driver = (void *)&qcrypto_hmac_lib_driver;
+ hmac->driver = (void *)drv;
return hmac;
}
@@ -114,3 +130,12 @@ void qcrypto_hmac_free(QCryptoHmac *hmac)
g_free(hmac);
}
}
+
+bool qcrypto_hmac_using_afalg_drv(QCryptoHmac *hmac)
+{
+#ifdef CONFIG_AF_ALG
+ return hmac->driver == &qcrypto_hmac_afalg_driver;
+#else
+ return false;
+#endif
+}
diff --git a/crypto/hmacpriv.h b/crypto/hmacpriv.h
index 2be389a..2d1900f 100644
--- a/crypto/hmacpriv.h
+++ b/crypto/hmacpriv.h
@@ -15,6 +15,8 @@
#ifndef QCRYPTO_HMACPRIV_H
#define QCRYPTO_HMACPRIV_H
+#include "afalgpriv.h"
+
typedef struct QCryptoHmacDriver QCryptoHmacDriver;
struct QCryptoHmacDriver {
@@ -33,4 +35,11 @@ extern void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
Error **errp);
extern QCryptoHmacDriver qcrypto_hmac_lib_driver;
+
+extern QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp);
+extern QCryptoHmacDriver qcrypto_hmac_afalg_driver;
+
#endif
diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h
index 5e88905..450cdee 100644
--- a/include/crypto/hmac.h
+++ b/include/crypto/hmac.h
@@ -164,4 +164,12 @@ int qcrypto_hmac_digest(QCryptoHmac *hmac,
char **digest,
Error **errp);
+/**
+ * qcrypto_cipher_using_afalg_drv:
+ * @hmac: the hmac object
+ *
+ * Returns: True if @hmac using afalg driver, otherwise false.
+ */
+bool qcrypto_hmac_using_afalg_drv(QCryptoHmac *hmac);
+
#endif
--
1.8.3.1
next prev parent reply other threads:[~2017-04-22 7:21 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash " Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
2017-04-26 12:07 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
2017-04-26 12:10 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
2017-04-26 12:17 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
2017-04-26 12:20 ` Daniel P. Berrange
2017-04-22 7:20 ` Longpeng(Mike) [this message]
2017-04-26 12:23 ` [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support Daniel P. Berrange
2017-07-04 8:52 ` Longpeng (Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 16/18] tests: crypto: add cipher speed benchmark support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 17/18] tests: crypto: add hash " Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 18/18] tests: crypto: add hmac " Longpeng(Mike)
2017-04-22 7:41 ` [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support no-reply
2017-04-22 7:42 ` no-reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1492845627-4384-16-git-send-email-longpeng2@huawei.com \
--to=longpeng2@huawei.com \
--cc=arei.gonglei@huawei.com \
--cc=berrange@redhat.com \
--cc=longpeng.mike@gmail.com \
--cc=qemu-devel@nongnu.org \
--cc=weidong.huang@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.