* [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support
@ 2017-04-22 7:20 Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
` (19 more replies)
0 siblings, 20 replies; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
The AF_ALG socket family is the userspace interface for linux
crypto API, users can use it to access hardware accelerators.
This patchset adds a afalg-backend for qemu crypto subsystem. Currently
when performs encrypt/decrypt, we'll try afalg-backend first and will
back to libiary-backend if it failed.
In the next step, It would support a command parameter to specifies
which backends prefer to and some other improvements.
I measured the performance about the afalg-backend impls, I tested
how many data could be encrypted in 5 seconds.
NOTE: If we use specific hardware crypto cards, I think afalg-backend
would even faster.
test-environment: Intel(R) Core(TM) i5-6500 CPU @ 3.20GHz
*sha256*
chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
512 93.03 185.87
1024 146.32 201.78
2048 213.32 210.93
4096 275.48 215.26
8192 321.77 217.49
16384 349.60 219.26
32768 363.59 219.73
65536 375.79 219.99
*hmac(sha256)*
chunk_size(bytes) MB/sec(afalg:sha256-ssse3) MB/sec(nettle)
512 71.26 165.55
1024 117.43 189.15
2048 180.96 203.24
4096 247.60 211.38
8192 301.99 215.65
16384 340.79 218.22
32768 365.51 219.49
65536 377.92 220.24
*cbc(aes128)*
chunk_size(bytes) MB/sec(afalg:cbc-aes-aesni) MB/sec(nettle)
512 371.76 188.41
1024 559.86 189.64
2048 768.66 192.11
4096 939.15 192.40
8192 1029.48 192.49
16384 1072.79 190.52
32768 1109.38 190.41
65536 1102.38 190.40
---
Changes since v1:
- init sockaddr_alg object when it's defined. [Gonglei]
- fix some superfluous initialization. [Gonglei]
- s/opeartion/operation/g in crypto/afalgpriv.h. [Gonglei]
- check 'niv' in qcrypto_afalg_cipher_setiv. [Gonglei]
Changes since v1:
- use "make check-speed" to testing the performance. [Daniel]
- put private definations into crypto/***priv.h. [Daniel]
- remove afalg socket from qapi-schema, put them into crypto/. [Daniel]
- some Error report change. [Daniel]
- s/QCryptoAfalg/QCryptoAFAlg. [Daniel]
- use snprintf with bounds checking instead of sprintf. [Daniel]
- use "qcrypto_afalg_" prefix and "qcrypto_nettle(gcrypt,glib,builtin)_" prefix. [Daniel]
- add testing results in cover-letter. [Gonglei]
---
Longpeng(Mike) (18):
crypto: cipher: introduce context free function
crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
crypto: cipher: add cipher driver framework
crypto: hash: add hash driver framework
crypto: hmac: move crypto/hmac.h into include/crypto/
crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
crypto: hmac: add hmac driver framework
crypto: introduce some common functions for af_alg backend
crypto: cipher: add afalg-backend cipher support
crypto: hash: add afalg-backend hash support
crypto: hmac: add af_alg hmac support
tests: crypto: add cipher speed benchmark support
tests: crypto: add hash speed benchmark support
tests: crypto: add hmac speed benchmark support
configure | 21 ++++
crypto/Makefile.objs | 3 +
crypto/afalg.c | 118 +++++++++++++++++++++
crypto/afalgpriv.h | 69 ++++++++++++
crypto/cipher-afalg.c | 229 ++++++++++++++++++++++++++++++++++++++++
crypto/cipher-builtin.c | 125 +++++++++++-----------
crypto/cipher-gcrypt.c | 105 +++++++++---------
crypto/cipher-nettle.c | 84 +++++++++------
crypto/cipher.c | 91 ++++++++++++++++
crypto/cipherpriv.h | 51 +++++++++
crypto/hash-afalg.c | 225 +++++++++++++++++++++++++++++++++++++++
crypto/hash-gcrypt.c | 19 ++--
crypto/hash-glib.c | 19 ++--
crypto/hash-nettle.c | 19 ++--
crypto/hash.c | 24 +++++
crypto/hashpriv.h | 35 ++++++
crypto/hmac-gcrypt.c | 42 ++++----
crypto/hmac-glib.c | 63 ++++++-----
crypto/hmac-nettle.c | 42 ++++----
crypto/hmac.c | 69 ++++++++++++
crypto/hmac.h | 166 -----------------------------
crypto/hmacpriv.h | 45 ++++++++
include/crypto/cipher.h | 9 ++
include/crypto/hmac.h | 175 ++++++++++++++++++++++++++++++
tests/Makefile.include | 13 ++-
tests/benchmark-crypto-cipher.c | 90 ++++++++++++++++
tests/benchmark-crypto-hash.c | 67 ++++++++++++
tests/benchmark-crypto-hmac.c | 96 +++++++++++++++++
tests/test-crypto-cipher.c | 10 +-
29 files changed, 1712 insertions(+), 412 deletions(-)
create mode 100644 crypto/afalg.c
create mode 100644 crypto/afalgpriv.h
create mode 100644 crypto/cipher-afalg.c
create mode 100644 crypto/cipherpriv.h
create mode 100644 crypto/hash-afalg.c
create mode 100644 crypto/hashpriv.h
delete mode 100644 crypto/hmac.h
create mode 100644 crypto/hmacpriv.h
create mode 100644 include/crypto/hmac.h
create mode 100644 tests/benchmark-crypto-cipher.c
create mode 100644 tests/benchmark-crypto-hash.c
create mode 100644 tests/benchmark-crypto-hmac.c
--
1.8.3.1
^ permalink raw reply [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
` (18 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Refactors the qcrypto_cipher_free(), splits it into two parts. One
is gcrypt/nettle__cipher_free_ctx() to free the special context.
This makes code more clear, what's more, it would be used by the
later patch.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/cipher-gcrypt.c | 31 ++++++++++++++++++-------------
crypto/cipher-nettle.c | 18 ++++++++++++++----
2 files changed, 32 insertions(+), 17 deletions(-)
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c
index 6487eca..0ecffa2 100644
--- a/crypto/cipher-gcrypt.c
+++ b/crypto/cipher-gcrypt.c
@@ -64,6 +64,22 @@ struct QCryptoCipherGcrypt {
uint8_t *iv;
};
+static void gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx,
+ QCryptoCipherMode mode)
+{
+ if (!ctx) {
+ return;
+ }
+
+ gcry_cipher_close(ctx->handle);
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
+ gcry_cipher_close(ctx->tweakhandle);
+ }
+ g_free(ctx->iv);
+ g_free(ctx);
+}
+
+
QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
QCryptoCipherMode mode,
const uint8_t *key, size_t nkey,
@@ -228,11 +244,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
return cipher;
error:
- gcry_cipher_close(ctx->handle);
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
- gcry_cipher_close(ctx->tweakhandle);
- }
- g_free(ctx);
+ gcrypt_cipher_free_ctx(ctx, mode);
g_free(cipher);
return NULL;
}
@@ -240,17 +252,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
void qcrypto_cipher_free(QCryptoCipher *cipher)
{
- QCryptoCipherGcrypt *ctx;
if (!cipher) {
return;
}
- ctx = cipher->opaque;
- gcry_cipher_close(ctx->handle);
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
- gcry_cipher_close(ctx->tweakhandle);
- }
- g_free(ctx->iv);
- g_free(ctx);
+ gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode);
g_free(cipher);
}
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index dfc9030..e04e3a1 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -249,6 +249,19 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
}
+static void nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
+{
+ if (!ctx) {
+ return;
+ }
+
+ g_free(ctx->iv);
+ g_free(ctx->ctx);
+ g_free(ctx->ctx_tweak);
+ g_free(ctx);
+}
+
+
QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
QCryptoCipherMode mode,
const uint8_t *key, size_t nkey,
@@ -440,10 +453,7 @@ void qcrypto_cipher_free(QCryptoCipher *cipher)
}
ctx = cipher->opaque;
- g_free(ctx->iv);
- g_free(ctx->ctx);
- g_free(ctx->ctx_tweak);
- g_free(ctx);
+ nettle_cipher_free_ctx(ctx);
g_free(cipher);
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
` (17 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
gcrypt-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/cipher-gcrypt.c | 50 +++++++++++++++++++++++++++++++++-----------------
1 file changed, 33 insertions(+), 17 deletions(-)
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c
index 0ecffa2..871730b 100644
--- a/crypto/cipher-gcrypt.c
+++ b/crypto/cipher-gcrypt.c
@@ -80,12 +80,12 @@ static void gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx,
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
- QCryptoCipher *cipher;
QCryptoCipherGcrypt *ctx;
gcry_error_t err;
int gcryalg, gcrymode;
@@ -162,10 +162,6 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
return NULL;
}
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
-
ctx = g_new0(QCryptoCipherGcrypt, 1);
err = gcry_cipher_open(&ctx->handle, gcryalg, gcrymode, 0);
@@ -174,7 +170,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
gcry_strerror(err));
goto error;
}
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
err = gcry_cipher_open(&ctx->tweakhandle, gcryalg, gcrymode, 0);
if (err != 0) {
error_setg(errp, "Cannot initialize cipher: %s",
@@ -183,7 +179,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
}
}
- if (cipher->alg == QCRYPTO_CIPHER_ALG_DES_RFB) {
+ if (alg == QCRYPTO_CIPHER_ALG_DES_RFB) {
/* We're using standard DES cipher from gcrypt, so we need
* to munge the key so that the results are the same as the
* bizarre RFB variant of DES :-)
@@ -193,7 +189,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
g_free(rfbkey);
ctx->blocksize = 8;
} else {
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
nkey /= 2;
err = gcry_cipher_setkey(ctx->handle, key, nkey);
if (err != 0) {
@@ -210,7 +206,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
gcry_strerror(err));
goto error;
}
- switch (cipher->alg) {
+ switch (alg) {
case QCRYPTO_CIPHER_ALG_AES_128:
case QCRYPTO_CIPHER_ALG_AES_192:
case QCRYPTO_CIPHER_ALG_AES_256:
@@ -230,7 +226,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
}
}
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
if (ctx->blocksize != XTS_BLOCK_SIZE) {
error_setg(errp,
"Cipher block size %zu must equal XTS block size %d",
@@ -240,12 +236,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
ctx->iv = g_new0(uint8_t, ctx->blocksize);
}
- cipher->opaque = ctx;
- return cipher;
+ return ctx;
error:
gcrypt_cipher_free_ctx(ctx, mode);
- g_free(cipher);
return NULL;
}
@@ -385,3 +379,25 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
return 0;
}
+
+
+QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoCipher *cipher;
+ QCryptoCipherGcrypt *ctx;
+
+ ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ cipher = g_new0(QCryptoCipher, 1);
+ cipher->alg = alg;
+ cipher->mode = mode;
+ cipher->opaque = ctx;
+
+ return cipher;
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
` (16 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
nettle-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/cipher-nettle.c | 41 +++++++++++++++++++++++++++++------------
1 file changed, 29 insertions(+), 12 deletions(-)
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index e04e3a1..e6d6e6c 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -262,12 +262,12 @@ static void nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
- QCryptoCipher *cipher;
QCryptoCipherNettle *ctx;
uint8_t *rfbkey;
@@ -287,12 +287,7 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
return NULL;
}
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
-
ctx = g_new0(QCryptoCipherNettle, 1);
- cipher->opaque = ctx;
switch (alg) {
case QCRYPTO_CIPHER_ALG_DES_RFB:
@@ -436,10 +431,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
ctx->iv = g_new0(uint8_t, ctx->blocksize);
- return cipher;
+ return ctx;
error:
- qcrypto_cipher_free(cipher);
+ nettle_cipher_free_ctx(ctx);
return NULL;
}
@@ -561,3 +556,25 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
memcpy(ctx->iv, iv, niv);
return 0;
}
+
+
+QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoCipher *cipher;
+ QCryptoCipherNettle *ctx;
+
+ ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
+ if (!ctx) {
+ return NULL;
+ }
+
+ cipher = g_new0(QCryptoCipher, 1);
+ cipher->alg = alg;
+ cipher->mode = mode;
+ cipher->opaque = ctx;
+
+ return cipher;
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (2 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
` (15 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
builtin-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/cipher-builtin.c | 101 ++++++++++++++++++++++++++----------------------
1 file changed, 55 insertions(+), 46 deletions(-)
diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c
index b4bc2b9..8cf47d1 100644
--- a/crypto/cipher-builtin.c
+++ b/crypto/cipher-builtin.c
@@ -235,23 +235,24 @@ static int qcrypto_cipher_setiv_aes(QCryptoCipher *cipher,
-static int qcrypto_cipher_init_aes(QCryptoCipher *cipher,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoCipherBuiltin *
+qcrypto_cipher_init_aes(QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
QCryptoCipherBuiltin *ctxt;
- if (cipher->mode != QCRYPTO_CIPHER_MODE_CBC &&
- cipher->mode != QCRYPTO_CIPHER_MODE_ECB &&
- cipher->mode != QCRYPTO_CIPHER_MODE_XTS) {
+ if (mode != QCRYPTO_CIPHER_MODE_CBC &&
+ mode != QCRYPTO_CIPHER_MODE_ECB &&
+ mode != QCRYPTO_CIPHER_MODE_XTS) {
error_setg(errp, "Unsupported cipher mode %s",
- QCryptoCipherMode_lookup[cipher->mode]);
- return -1;
+ QCryptoCipherMode_lookup[mode]);
+ return NULL;
}
ctxt = g_new0(QCryptoCipherBuiltin, 1);
- if (cipher->mode == QCRYPTO_CIPHER_MODE_XTS) {
+ if (mode == QCRYPTO_CIPHER_MODE_XTS) {
if (AES_set_encrypt_key(key, nkey * 4, &ctxt->state.aes.key.enc) != 0) {
error_setg(errp, "Failed to set encryption key");
goto error;
@@ -291,13 +292,11 @@ static int qcrypto_cipher_init_aes(QCryptoCipher *cipher,
ctxt->encrypt = qcrypto_cipher_encrypt_aes;
ctxt->decrypt = qcrypto_cipher_decrypt_aes;
- cipher->opaque = ctxt;
-
- return 0;
+ return ctxt;
error:
g_free(ctxt);
- return -1;
+ return NULL;
}
@@ -370,16 +369,17 @@ static int qcrypto_cipher_setiv_des_rfb(QCryptoCipher *cipher,
}
-static int qcrypto_cipher_init_des_rfb(QCryptoCipher *cipher,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoCipherBuiltin *
+qcrypto_cipher_init_des_rfb(QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
QCryptoCipherBuiltin *ctxt;
- if (cipher->mode != QCRYPTO_CIPHER_MODE_ECB) {
+ if (mode != QCRYPTO_CIPHER_MODE_ECB) {
error_setg(errp, "Unsupported cipher mode %s",
- QCryptoCipherMode_lookup[cipher->mode]);
- return -1;
+ QCryptoCipherMode_lookup[mode]);
+ return NULL;
}
ctxt = g_new0(QCryptoCipherBuiltin, 1);
@@ -394,9 +394,7 @@ static int qcrypto_cipher_init_des_rfb(QCryptoCipher *cipher,
ctxt->encrypt = qcrypto_cipher_encrypt_des_rfb;
ctxt->decrypt = qcrypto_cipher_decrypt_des_rfb;
- cipher->opaque = ctxt;
-
- return 0;
+ return ctxt;
}
@@ -426,12 +424,13 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey,
+ Error **errp)
{
- QCryptoCipher *cipher;
+ QCryptoCipherBuiltin *ctxt;
switch (mode) {
case QCRYPTO_CIPHER_MODE_ECB:
@@ -444,39 +443,27 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
return NULL;
}
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
-
if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) {
- goto error;
+ return NULL;
}
- switch (cipher->alg) {
+ switch (alg) {
case QCRYPTO_CIPHER_ALG_DES_RFB:
- if (qcrypto_cipher_init_des_rfb(cipher, key, nkey, errp) < 0) {
- goto error;
- }
+ ctxt = qcrypto_cipher_init_des_rfb(mode, key, nkey, errp);
break;
case QCRYPTO_CIPHER_ALG_AES_128:
case QCRYPTO_CIPHER_ALG_AES_192:
case QCRYPTO_CIPHER_ALG_AES_256:
- if (qcrypto_cipher_init_aes(cipher, key, nkey, errp) < 0) {
- goto error;
- }
+ ctxt = qcrypto_cipher_init_aes(mode, key, nkey, errp);
break;
default:
error_setg(errp,
"Unsupported cipher algorithm %s",
- QCryptoCipherAlgorithm_lookup[cipher->alg]);
- goto error;
+ QCryptoCipherAlgorithm_lookup[alg]);
+ return NULL;
}
- return cipher;
-
- error:
- g_free(cipher);
- return NULL;
+ return ctxt;
}
void qcrypto_cipher_free(QCryptoCipher *cipher)
@@ -537,3 +524,25 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
return ctxt->setiv(cipher, iv, niv, errp);
}
+
+
+QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoCipher *cipher;
+ QCryptoCipherBuiltin *ctxt;
+
+ ctxt = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
+ if (ctxt == NULL) {
+ return NULL;
+ }
+
+ cipher = g_new0(QCryptoCipher, 1);
+ cipher->alg = alg;
+ cipher->mode = mode;
+ cipher->opaque = ctxt;
+
+ return cipher;
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (3 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash " Longpeng(Mike)
` (14 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
1) makes the public APIs in cipher-nettle/gcrypt/builtin static,
and rename them with "nettle/gcrypt/builtin" prefix.
2) introduces cipher framework, including QCryptoCipherDriver
and new public APIs.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/cipher-builtin.c | 64 +++++++++++++++++--------------------------
crypto/cipher-gcrypt.c | 72 +++++++++++++++++++++----------------------------
crypto/cipher-nettle.c | 71 ++++++++++++++++++++----------------------------
crypto/cipher.c | 65 ++++++++++++++++++++++++++++++++++++++++++++
crypto/cipherpriv.h | 40 +++++++++++++++++++++++++++
include/crypto/cipher.h | 1 +
6 files changed, 190 insertions(+), 123 deletions(-)
create mode 100644 crypto/cipherpriv.h
diff --git a/crypto/cipher-builtin.c b/crypto/cipher-builtin.c
index 8cf47d1..16a36d4 100644
--- a/crypto/cipher-builtin.c
+++ b/crypto/cipher-builtin.c
@@ -22,6 +22,7 @@
#include "crypto/aes.h"
#include "crypto/desrfb.h"
#include "crypto/xts.h"
+#include "cipherpriv.h"
typedef struct QCryptoCipherBuiltinAESContext QCryptoCipherBuiltinAESContext;
struct QCryptoCipherBuiltinAESContext {
@@ -466,25 +467,22 @@ static QCryptoCipherBuiltin *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
return ctxt;
}
-void qcrypto_cipher_free(QCryptoCipher *cipher)
+static void
+qcrypto_builtin_cipher_ctx_free(QCryptoCipher *cipher)
{
QCryptoCipherBuiltin *ctxt;
- if (!cipher) {
- return;
- }
-
ctxt = cipher->opaque;
ctxt->free(cipher);
- g_free(cipher);
}
-int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_builtin_cipher_encrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherBuiltin *ctxt = cipher->opaque;
@@ -498,11 +496,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
}
-int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_builtin_cipher_decrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherBuiltin *ctxt = cipher->opaque;
@@ -516,9 +515,10 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
}
-int qcrypto_cipher_setiv(QCryptoCipher *cipher,
- const uint8_t *iv, size_t niv,
- Error **errp)
+static int
+qcrypto_builtin_cipher_setiv(QCryptoCipher *cipher,
+ const uint8_t *iv, size_t niv,
+ Error **errp)
{
QCryptoCipherBuiltin *ctxt = cipher->opaque;
@@ -526,23 +526,9 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoCipher *cipher;
- QCryptoCipherBuiltin *ctxt;
-
- ctxt = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
- if (ctxt == NULL) {
- return NULL;
- }
-
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
- cipher->opaque = ctxt;
-
- return cipher;
-}
+static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = {
+ .cipher_encrypt = qcrypto_builtin_cipher_encrypt,
+ .cipher_decrypt = qcrypto_builtin_cipher_decrypt,
+ .cipher_setiv = qcrypto_builtin_cipher_setiv,
+ .cipher_free = qcrypto_builtin_cipher_ctx_free,
+};
diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c
index 871730b..0489147 100644
--- a/crypto/cipher-gcrypt.c
+++ b/crypto/cipher-gcrypt.c
@@ -20,6 +20,7 @@
#include "qemu/osdep.h"
#include "crypto/xts.h"
+#include "cipherpriv.h"
#include <gcrypt.h>
@@ -64,8 +65,9 @@ struct QCryptoCipherGcrypt {
uint8_t *iv;
};
-static void gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx,
- QCryptoCipherMode mode)
+static void
+qcrypto_gcrypt_cipher_free_ctx(QCryptoCipherGcrypt *ctx,
+ QCryptoCipherMode mode)
{
if (!ctx) {
return;
@@ -239,18 +241,15 @@ static QCryptoCipherGcrypt *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
return ctx;
error:
- gcrypt_cipher_free_ctx(ctx, mode);
+ qcrypto_gcrypt_cipher_free_ctx(ctx, mode);
return NULL;
}
-void qcrypto_cipher_free(QCryptoCipher *cipher)
+static void
+qcrypto_gcrypt_cipher_ctx_free(QCryptoCipher *cipher)
{
- if (!cipher) {
- return;
- }
- gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode);
- g_free(cipher);
+ qcrypto_gcrypt_cipher_free_ctx(cipher->opaque, cipher->mode);
}
@@ -274,11 +273,12 @@ static void qcrypto_gcrypt_xts_decrypt(const void *ctx,
g_assert(err == 0);
}
-int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_gcrypt_cipher_encrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherGcrypt *ctx = cipher->opaque;
gcry_error_t err;
@@ -309,11 +309,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
}
-int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_gcrypt_cipher_decrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherGcrypt *ctx = cipher->opaque;
gcry_error_t err;
@@ -343,9 +344,10 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
return 0;
}
-int qcrypto_cipher_setiv(QCryptoCipher *cipher,
- const uint8_t *iv, size_t niv,
- Error **errp)
+static int
+qcrypto_gcrypt_cipher_setiv(QCryptoCipher *cipher,
+ const uint8_t *iv, size_t niv,
+ Error **errp)
{
QCryptoCipherGcrypt *ctx = cipher->opaque;
gcry_error_t err;
@@ -381,23 +383,9 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoCipher *cipher;
- QCryptoCipherGcrypt *ctx;
-
- ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
- if (ctx == NULL) {
- return NULL;
- }
-
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
- cipher->opaque = ctx;
-
- return cipher;
-}
+static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = {
+ .cipher_encrypt = qcrypto_gcrypt_cipher_encrypt,
+ .cipher_decrypt = qcrypto_gcrypt_cipher_decrypt,
+ .cipher_setiv = qcrypto_gcrypt_cipher_setiv,
+ .cipher_free = qcrypto_gcrypt_cipher_ctx_free,
+};
diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c
index e6d6e6c..c51f119 100644
--- a/crypto/cipher-nettle.c
+++ b/crypto/cipher-nettle.c
@@ -20,6 +20,7 @@
#include "qemu/osdep.h"
#include "crypto/xts.h"
+#include "cipherpriv.h"
#include <nettle/nettle-types.h>
#include <nettle/aes.h>
@@ -249,7 +250,8 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
}
-static void nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
+static void
+qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
{
if (!ctx) {
return;
@@ -434,30 +436,27 @@ static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
return ctx;
error:
- nettle_cipher_free_ctx(ctx);
+ qcrypto_nettle_cipher_free_ctx(ctx);
return NULL;
}
-void qcrypto_cipher_free(QCryptoCipher *cipher)
+static void
+qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher)
{
QCryptoCipherNettle *ctx;
- if (!cipher) {
- return;
- }
-
ctx = cipher->opaque;
- nettle_cipher_free_ctx(ctx);
- g_free(cipher);
+ qcrypto_nettle_cipher_free_ctx(ctx);
}
-int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherNettle *ctx = cipher->opaque;
@@ -499,11 +498,12 @@ int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
}
-int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
- const void *in,
- void *out,
- size_t len,
- Error **errp)
+static int
+qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
{
QCryptoCipherNettle *ctx = cipher->opaque;
@@ -543,9 +543,10 @@ int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
return 0;
}
-int qcrypto_cipher_setiv(QCryptoCipher *cipher,
- const uint8_t *iv, size_t niv,
- Error **errp)
+static int
+qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher,
+ const uint8_t *iv, size_t niv,
+ Error **errp)
{
QCryptoCipherNettle *ctx = cipher->opaque;
if (niv != ctx->blocksize) {
@@ -558,23 +559,9 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
}
-QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
- QCryptoCipherMode mode,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoCipher *cipher;
- QCryptoCipherNettle *ctx;
-
- ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
- if (!ctx) {
- return NULL;
- }
-
- cipher = g_new0(QCryptoCipher, 1);
- cipher->alg = alg;
- cipher->mode = mode;
- cipher->opaque = ctx;
-
- return cipher;
-}
+static struct QCryptoCipherDriver qcrypto_cipher_lib_driver = {
+ .cipher_encrypt = qcrypto_nettle_cipher_encrypt,
+ .cipher_decrypt = qcrypto_nettle_cipher_decrypt,
+ .cipher_setiv = qcrypto_nettle_cipher_setiv,
+ .cipher_free = qcrypto_nettle_cipher_ctx_free,
+};
diff --git a/crypto/cipher.c b/crypto/cipher.c
index 5a96489..a6e052c 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -21,6 +21,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/cipher.h"
+#include "cipherpriv.h"
static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = {
@@ -155,3 +156,67 @@ qcrypto_cipher_munge_des_rfb_key(const uint8_t *key,
#else
#include "crypto/cipher-builtin.c"
#endif
+
+QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoCipher *cipher;
+ void *ctx;
+
+ ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ cipher = g_new0(QCryptoCipher, 1);
+ cipher->alg = alg;
+ cipher->mode = mode;
+ cipher->opaque = ctx;
+ cipher->driver = (void *)&qcrypto_cipher_lib_driver;
+
+ return cipher;
+}
+
+
+int qcrypto_cipher_encrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
+{
+ QCryptoCipherDriver *drv = cipher->driver;
+ return drv->cipher_encrypt(cipher, in, out, len, errp);
+}
+
+
+int qcrypto_cipher_decrypt(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp)
+{
+ QCryptoCipherDriver *drv = cipher->driver;
+ return drv->cipher_decrypt(cipher, in, out, len, errp);
+}
+
+
+int qcrypto_cipher_setiv(QCryptoCipher *cipher,
+ const uint8_t *iv, size_t niv,
+ Error **errp)
+{
+ QCryptoCipherDriver *drv = cipher->driver;
+ return drv->cipher_setiv(cipher, iv, niv, errp);
+}
+
+
+void qcrypto_cipher_free(QCryptoCipher *cipher)
+{
+ QCryptoCipherDriver *drv;
+ if (cipher) {
+ drv = cipher->driver;
+ drv->cipher_free(cipher);
+ g_free(cipher);
+ }
+}
diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h
new file mode 100644
index 0000000..4af5e85
--- /dev/null
+++ b/crypto/cipherpriv.h
@@ -0,0 +1,40 @@
+/*
+ * QEMU Crypto cipher driver supports
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+
+#ifndef QCRYPTO_CIPHERPRIV_H
+#define QCRYPTO_CIPHERPRIV_H
+
+typedef struct QCryptoCipherDriver QCryptoCipherDriver;
+
+struct QCryptoCipherDriver {
+ int (*cipher_encrypt)(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp);
+
+ int (*cipher_decrypt)(QCryptoCipher *cipher,
+ const void *in,
+ void *out,
+ size_t len,
+ Error **errp);
+
+ int (*cipher_setiv)(QCryptoCipher *cipher,
+ const uint8_t *iv, size_t niv,
+ Error **errp);
+
+ void (*cipher_free)(QCryptoCipher *cipher);
+};
+
+#endif
diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h
index bec9f41..984fb82 100644
--- a/include/crypto/cipher.h
+++ b/include/crypto/cipher.h
@@ -80,6 +80,7 @@ struct QCryptoCipher {
QCryptoCipherAlgorithm alg;
QCryptoCipherMode mode;
void *opaque;
+ void *driver;
};
/**
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash driver framework
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (4 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
` (13 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
1) makes the public APIs in hash-nettle/gcrypt/glib static,
and rename them with "nettle/gcrypt/glib" prefix.
2) introduces hash framework, including QCryptoHashDriver
and new public APIs.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hash-gcrypt.c | 19 +++++++++++++------
crypto/hash-glib.c | 19 +++++++++++++------
crypto/hash-nettle.c | 19 +++++++++++++------
crypto/hash.c | 13 +++++++++++++
crypto/hashpriv.h | 31 +++++++++++++++++++++++++++++++
5 files changed, 83 insertions(+), 18 deletions(-)
create mode 100644 crypto/hashpriv.h
diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c
index 7690690..972beaa 100644
--- a/crypto/hash-gcrypt.c
+++ b/crypto/hash-gcrypt.c
@@ -22,6 +22,7 @@
#include <gcrypt.h>
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "hashpriv.h"
static int qcrypto_hash_alg_map[QCRYPTO_HASH_ALG__MAX] = {
@@ -44,12 +45,13 @@ gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg)
}
-int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_gcrypt_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
int i, ret;
gcry_md_hd_t md;
@@ -107,3 +109,8 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
gcry_md_close(md);
return -1;
}
+
+
+QCryptoHashDriver qcrypto_hash_lib_driver = {
+ .hash_bytesv = qcrypto_gcrypt_hash_bytesv,
+};
diff --git a/crypto/hash-glib.c b/crypto/hash-glib.c
index ec99ac9..fb16ac0 100644
--- a/crypto/hash-glib.c
+++ b/crypto/hash-glib.c
@@ -21,6 +21,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "hashpriv.h"
static int qcrypto_hash_alg_map[QCRYPTO_HASH_ALG__MAX] = {
@@ -47,12 +48,13 @@ gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg)
}
-int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_glib_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
int i, ret;
GChecksum *cs;
@@ -95,3 +97,8 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
g_checksum_free(cs);
return -1;
}
+
+
+QCryptoHashDriver qcrypto_hash_lib_driver = {
+ .hash_bytesv = qcrypto_glib_hash_bytesv,
+};
diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c
index 6a206dc..96f186f 100644
--- a/crypto/hash-nettle.c
+++ b/crypto/hash-nettle.c
@@ -21,6 +21,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "hashpriv.h"
#include <nettle/md5.h>
#include <nettle/sha.h>
#include <nettle/ripemd160.h>
@@ -103,12 +104,13 @@ gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg)
}
-int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_nettle_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
int i;
union qcrypto_hash_ctx ctx;
@@ -152,3 +154,8 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
return 0;
}
+
+
+QCryptoHashDriver qcrypto_hash_lib_driver = {
+ .hash_bytesv = qcrypto_nettle_hash_bytesv,
+};
diff --git a/crypto/hash.c b/crypto/hash.c
index 0f1ceac..c43fd87 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -21,6 +21,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "hashpriv.h"
static size_t qcrypto_hash_alg_size[QCRYPTO_HASH_ALG__MAX] = {
[QCRYPTO_HASH_ALG_MD5] = 16,
@@ -38,6 +39,18 @@ size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg)
return qcrypto_hash_alg_size[alg];
}
+int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
+ result, resultlen,
+ errp);
+}
+
int qcrypto_hash_bytes(QCryptoHashAlgorithm alg,
const char *buf,
diff --git a/crypto/hashpriv.h b/crypto/hashpriv.h
new file mode 100644
index 0000000..5e505e0
--- /dev/null
+++ b/crypto/hashpriv.h
@@ -0,0 +1,31 @@
+/*
+ * QEMU Crypto hash driver supports
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+
+#ifndef QCRYPTO_HASHPRIV_H
+#define QCRYPTO_HASHPRIV_H
+
+typedef struct QCryptoHashDriver QCryptoHashDriver;
+
+struct QCryptoHashDriver {
+ int (*hash_bytesv)(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp);
+};
+
+extern QCryptoHashDriver qcrypto_hash_lib_driver;
+
+#endif
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (5 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash " Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
` (12 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Moves crypto/hmac.h into include/crypto/, likes cipher.h and hash.h
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hmac.h | 166 --------------------------------------------------
include/crypto/hmac.h | 166 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 166 insertions(+), 166 deletions(-)
delete mode 100644 crypto/hmac.h
create mode 100644 include/crypto/hmac.h
diff --git a/crypto/hmac.h b/crypto/hmac.h
deleted file mode 100644
index 0d3acd7..0000000
--- a/crypto/hmac.h
+++ /dev/null
@@ -1,166 +0,0 @@
-/*
- * QEMU Crypto hmac algorithms
- *
- * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
- *
- * This work is licensed under the terms of the GNU GPL, version 2 or
- * (at your option) any later version. See the COPYING file in the
- * top-level directory.
- *
- */
-
-#ifndef QCRYPTO_HMAC_H
-#define QCRYPTO_HMAC_H
-
-#include "qapi-types.h"
-
-typedef struct QCryptoHmac QCryptoHmac;
-struct QCryptoHmac {
- QCryptoHashAlgorithm alg;
- void *opaque;
-};
-
-/**
- * qcrypto_hmac_supports:
- * @alg: the hmac algorithm
- *
- * Determine if @alg hmac algorithm is supported by
- * the current configured build
- *
- * Returns:
- * true if the algorithm is supported, false otherwise
- */
-bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg);
-
-/**
- * qcrypto_hmac_new:
- * @alg: the hmac algorithm
- * @key: the key bytes
- * @nkey: the length of @key
- * @errp: pointer to a NULL-initialized error object
- *
- * Creates a new hmac object with the algorithm @alg
- *
- * The @key parameter provides the bytes representing
- * the secret key to use. The @nkey parameter specifies
- * the length of @key in bytes
- *
- * Note: must use qcrypto_hmac_free() to release the
- * returned hmac object when no longer required
- *
- * Returns:
- * a new hmac object, or NULL on error
- */
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp);
-
-/**
- * qcrypto_hmac_free:
- * @hmac: the hmac object
- *
- * Release the memory associated with @hmac that was
- * previously allocated by qcrypto_hmac_new()
- */
-void qcrypto_hmac_free(QCryptoHmac *hmac);
-
-/**
- * qcrypto_hmac_bytesv:
- * @hmac: the hmac object
- * @iov: the array of memory regions to hmac
- * @niov: the length of @iov
- * @result: pointer to hold output hmac
- * @resultlen: pointer to hold length of @result
- * @errp: pointer to a NULL-initialized error object
- *
- * Computes the hmac across all the memory regions
- * present in @iov. The @result pointer will be
- * filled with raw bytes representing the computed
- * hmac, which will have length @resultlen. The
- * memory pointer in @result must be released
- * with a call to g_free() when no longer required.
- *
- * Returns:
- * 0 on success, -1 on error
- */
-int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp);
-
-/**
- * qcrypto_hmac_bytes:
- * @hmac: the hmac object
- * @buf: the memory region to hmac
- * @len: the length of @buf
- * @result: pointer to hold output hmac
- * @resultlen: pointer to hold length of @result
- * @errp: pointer to a NULL-initialized error object
- *
- * Computes the hmac across all the memory region
- * @buf of length @len. The @result pointer will be
- * filled with raw bytes representing the computed
- * hmac, which will have length @resultlen. The
- * memory pointer in @result must be released
- * with a call to g_free() when no longer required.
- *
- * Returns:
- * 0 on success, -1 on error
- */
-int qcrypto_hmac_bytes(QCryptoHmac *hmac,
- const char *buf,
- size_t len,
- uint8_t **result,
- size_t *resultlen,
- Error **errp);
-
-/**
- * qcrypto_hmac_digestv:
- * @hmac: the hmac object
- * @iov: the array of memory regions to hmac
- * @niov: the length of @iov
- * @digest: pointer to hold output hmac
- * @errp: pointer to a NULL-initialized error object
- *
- * Computes the hmac across all the memory regions
- * present in @iov. The @digest pointer will be
- * filled with the printable hex digest of the computed
- * hmac, which will be terminated by '\0'. The
- * memory pointer in @digest must be released
- * with a call to g_free() when no longer required.
- *
- * Returns:
- * 0 on success, -1 on error
- */
-int qcrypto_hmac_digestv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- char **digest,
- Error **errp);
-
-/**
- * qcrypto_hmac_digest:
- * @hmac: the hmac object
- * @buf: the memory region to hmac
- * @len: the length of @buf
- * @digest: pointer to hold output hmac
- * @errp: pointer to a NULL-initialized error object
- *
- * Computes the hmac across all the memory region
- * @buf of length @len. The @digest pointer will be
- * filled with the printable hex digest of the computed
- * hmac, which will be terminated by '\0'. The
- * memory pointer in @digest must be released
- * with a call to g_free() when no longer required.
- *
- * Returns: 0 on success, -1 on error
- */
-int qcrypto_hmac_digest(QCryptoHmac *hmac,
- const char *buf,
- size_t len,
- char **digest,
- Error **errp);
-
-#endif
diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h
new file mode 100644
index 0000000..0d3acd7
--- /dev/null
+++ b/include/crypto/hmac.h
@@ -0,0 +1,166 @@
+/*
+ * QEMU Crypto hmac algorithms
+ *
+ * Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+
+#ifndef QCRYPTO_HMAC_H
+#define QCRYPTO_HMAC_H
+
+#include "qapi-types.h"
+
+typedef struct QCryptoHmac QCryptoHmac;
+struct QCryptoHmac {
+ QCryptoHashAlgorithm alg;
+ void *opaque;
+};
+
+/**
+ * qcrypto_hmac_supports:
+ * @alg: the hmac algorithm
+ *
+ * Determine if @alg hmac algorithm is supported by
+ * the current configured build
+ *
+ * Returns:
+ * true if the algorithm is supported, false otherwise
+ */
+bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg);
+
+/**
+ * qcrypto_hmac_new:
+ * @alg: the hmac algorithm
+ * @key: the key bytes
+ * @nkey: the length of @key
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Creates a new hmac object with the algorithm @alg
+ *
+ * The @key parameter provides the bytes representing
+ * the secret key to use. The @nkey parameter specifies
+ * the length of @key in bytes
+ *
+ * Note: must use qcrypto_hmac_free() to release the
+ * returned hmac object when no longer required
+ *
+ * Returns:
+ * a new hmac object, or NULL on error
+ */
+QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp);
+
+/**
+ * qcrypto_hmac_free:
+ * @hmac: the hmac object
+ *
+ * Release the memory associated with @hmac that was
+ * previously allocated by qcrypto_hmac_new()
+ */
+void qcrypto_hmac_free(QCryptoHmac *hmac);
+
+/**
+ * qcrypto_hmac_bytesv:
+ * @hmac: the hmac object
+ * @iov: the array of memory regions to hmac
+ * @niov: the length of @iov
+ * @result: pointer to hold output hmac
+ * @resultlen: pointer to hold length of @result
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Computes the hmac across all the memory regions
+ * present in @iov. The @result pointer will be
+ * filled with raw bytes representing the computed
+ * hmac, which will have length @resultlen. The
+ * memory pointer in @result must be released
+ * with a call to g_free() when no longer required.
+ *
+ * Returns:
+ * 0 on success, -1 on error
+ */
+int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp);
+
+/**
+ * qcrypto_hmac_bytes:
+ * @hmac: the hmac object
+ * @buf: the memory region to hmac
+ * @len: the length of @buf
+ * @result: pointer to hold output hmac
+ * @resultlen: pointer to hold length of @result
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Computes the hmac across all the memory region
+ * @buf of length @len. The @result pointer will be
+ * filled with raw bytes representing the computed
+ * hmac, which will have length @resultlen. The
+ * memory pointer in @result must be released
+ * with a call to g_free() when no longer required.
+ *
+ * Returns:
+ * 0 on success, -1 on error
+ */
+int qcrypto_hmac_bytes(QCryptoHmac *hmac,
+ const char *buf,
+ size_t len,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp);
+
+/**
+ * qcrypto_hmac_digestv:
+ * @hmac: the hmac object
+ * @iov: the array of memory regions to hmac
+ * @niov: the length of @iov
+ * @digest: pointer to hold output hmac
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Computes the hmac across all the memory regions
+ * present in @iov. The @digest pointer will be
+ * filled with the printable hex digest of the computed
+ * hmac, which will be terminated by '\0'. The
+ * memory pointer in @digest must be released
+ * with a call to g_free() when no longer required.
+ *
+ * Returns:
+ * 0 on success, -1 on error
+ */
+int qcrypto_hmac_digestv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ char **digest,
+ Error **errp);
+
+/**
+ * qcrypto_hmac_digest:
+ * @hmac: the hmac object
+ * @buf: the memory region to hmac
+ * @len: the length of @buf
+ * @digest: pointer to hold output hmac
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Computes the hmac across all the memory region
+ * @buf of length @len. The @digest pointer will be
+ * filled with the printable hex digest of the computed
+ * hmac, which will be terminated by '\0'. The
+ * memory pointer in @digest must be released
+ * with a call to g_free() when no longer required.
+ *
+ * Returns: 0 on success, -1 on error
+ */
+int qcrypto_hmac_digest(QCryptoHmac *hmac,
+ const char *buf,
+ size_t len,
+ char **digest,
+ Error **errp);
+
+#endif
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (6 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
` (11 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
1) Fix a handle-leak problem in qcrypto_hmac_new(), doesn't free
ctx->handle if gcry_mac_setkey fails.
2) Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
gcrypt-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hmac-gcrypt.c | 35 +++++++++++++++++++++++++----------
1 file changed, 25 insertions(+), 10 deletions(-)
diff --git a/crypto/hmac-gcrypt.c b/crypto/hmac-gcrypt.c
index 21189e6..42489f3 100644
--- a/crypto/hmac-gcrypt.c
+++ b/crypto/hmac-gcrypt.c
@@ -42,11 +42,11 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoHmacGcrypt *
+qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
- QCryptoHmac *hmac;
QCryptoHmacGcrypt *ctx;
gcry_error_t err;
@@ -56,9 +56,6 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
return NULL;
}
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
-
ctx = g_new0(QCryptoHmacGcrypt, 1);
err = gcry_mac_open(&ctx->handle, qcrypto_hmac_alg_map[alg],
@@ -73,15 +70,14 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
if (err != 0) {
error_setg(errp, "Cannot set key: %s",
gcry_strerror(err));
+ gcry_mac_close(ctx->handle);
goto error;
}
- hmac->opaque = ctx;
- return hmac;
+ return ctx;
error:
g_free(ctx);
- g_free(hmac);
return NULL;
}
@@ -150,3 +146,22 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
+
+QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoHmac *hmac;
+ QCryptoHmacGcrypt *ctx;
+
+ ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ hmac = g_new0(QCryptoHmac, 1);
+ hmac->alg = alg;
+ hmac->opaque = ctx;
+
+ return hmac;
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (7 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
` (10 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
nettle-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hmac-nettle.c | 34 ++++++++++++++++++++++++----------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index 4a9e6b2..19fbb4f 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -97,11 +97,11 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoHmacNettle *
+qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
- QCryptoHmac *hmac;
QCryptoHmacNettle *ctx;
if (!qcrypto_hmac_supports(alg)) {
@@ -110,16 +110,11 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
return NULL;
}
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
-
ctx = g_new0(QCryptoHmacNettle, 1);
qcrypto_hmac_alg_map[alg].setkey(&ctx->u, nkey, key);
- hmac->opaque = ctx;
-
- return hmac;
+ return ctx;
}
void qcrypto_hmac_free(QCryptoHmac *hmac)
@@ -173,3 +168,22 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
+
+QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoHmac *hmac;
+ QCryptoHmacNettle *ctx;
+
+ ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ hmac = g_new0(QCryptoHmac, 1);
+ hmac->alg = alg;
+ hmac->opaque = ctx;
+
+ return hmac;
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (8 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
` (9 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
glib-backend impls.
Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hmac-glib.c | 34 ++++++++++++++++++++++++----------
1 file changed, 24 insertions(+), 10 deletions(-)
diff --git a/crypto/hmac-glib.c b/crypto/hmac-glib.c
index 08a1fdd..d9f88d8 100644
--- a/crypto/hmac-glib.c
+++ b/crypto/hmac-glib.c
@@ -49,11 +49,11 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+static QCryptoHmacGlib *
+qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
- QCryptoHmac *hmac;
QCryptoHmacGlib *ctx;
if (!qcrypto_hmac_supports(alg)) {
@@ -62,9 +62,6 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
return NULL;
}
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
-
ctx = g_new0(QCryptoHmacGlib, 1);
ctx->ghmac = g_hmac_new(qcrypto_hmac_alg_map[alg],
@@ -74,12 +71,10 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
goto error;
}
- hmac->opaque = ctx;
- return hmac;
+ return ctx;
error:
g_free(ctx);
- g_free(hmac);
return NULL;
}
@@ -134,6 +129,25 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
+QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoHmac *hmac;
+ QCryptoHmacGlib *ctx;
+
+ ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ hmac = g_new0(QCryptoHmac, 1);
+ hmac->alg = alg;
+ hmac->opaque = ctx;
+
+ return hmac;
+}
+
#else
bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (9 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:07 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
` (8 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
1) makes the public APIs in hmac-nettle/gcrypt/glib static,
and rename them with "nettle/gcrypt/glib" prefix.
2) introduces hmac framework, including QCryptoHmacDriver
and new public APIs.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hmac-gcrypt.c | 51 ++++++++++++-----------------------
crypto/hmac-glib.c | 75 +++++++++++++++++++++------------------------------
crypto/hmac-nettle.c | 52 ++++++++++++-----------------------
crypto/hmac.c | 44 ++++++++++++++++++++++++++++++
crypto/hmacpriv.h | 36 +++++++++++++++++++++++++
include/crypto/hmac.h | 1 +
6 files changed, 145 insertions(+), 114 deletions(-)
create mode 100644 crypto/hmacpriv.h
diff --git a/crypto/hmac-gcrypt.c b/crypto/hmac-gcrypt.c
index 42489f3..76ca61b 100644
--- a/crypto/hmac-gcrypt.c
+++ b/crypto/hmac-gcrypt.c
@@ -15,6 +15,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hmac.h"
+#include "hmacpriv.h"
#include <gcrypt.h>
static int qcrypto_hmac_alg_map[QCRYPTO_HASH_ALG__MAX] = {
@@ -42,10 +43,9 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-static QCryptoHmacGcrypt *
-qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
QCryptoHmacGcrypt *ctx;
gcry_error_t err;
@@ -81,27 +81,24 @@ error:
return NULL;
}
-void qcrypto_hmac_free(QCryptoHmac *hmac)
+static void
+qcrypto_gcrypt_hmac_ctx_free(QCryptoHmac *hmac)
{
QCryptoHmacGcrypt *ctx;
- if (!hmac) {
- return;
- }
-
ctx = hmac->opaque;
gcry_mac_close(ctx->handle);
g_free(ctx);
- g_free(hmac);
}
-int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_gcrypt_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoHmacGcrypt *ctx;
gcry_error_t err;
@@ -147,21 +144,7 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoHmac *hmac;
- QCryptoHmacGcrypt *ctx;
-
- ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
- if (ctx == NULL) {
- return NULL;
- }
-
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
- hmac->opaque = ctx;
-
- return hmac;
-}
+QCryptoHmacDriver qcrypto_hmac_lib_driver = {
+ .hmac_bytesv = qcrypto_gcrypt_hmac_bytesv,
+ .hmac_free = qcrypto_gcrypt_hmac_ctx_free,
+};
diff --git a/crypto/hmac-glib.c b/crypto/hmac-glib.c
index d9f88d8..8cf6b22 100644
--- a/crypto/hmac-glib.c
+++ b/crypto/hmac-glib.c
@@ -15,6 +15,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hmac.h"
+#include "hmacpriv.h"
/* Support for HMAC Algos has been added in GLib 2.30 */
#if GLIB_CHECK_VERSION(2, 30, 0)
@@ -49,10 +50,9 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-static QCryptoHmacGlib *
-qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
QCryptoHmacGlib *ctx;
@@ -78,27 +78,24 @@ error:
return NULL;
}
-void qcrypto_hmac_free(QCryptoHmac *hmac)
+static void
+qcrypto_glib_hmac_ctx_free(QCryptoHmac *hmac)
{
QCryptoHmacGlib *ctx;
- if (!hmac) {
- return;
- }
-
ctx = hmac->opaque;
g_hmac_unref(ctx->ghmac);
g_free(ctx);
- g_free(hmac);
}
-int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoHmacGlib *ctx;
int i, ret;
@@ -129,25 +126,6 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoHmac *hmac;
- QCryptoHmacGlib *ctx;
-
- ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
- if (ctx == NULL) {
- return NULL;
- }
-
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
- hmac->opaque = ctx;
-
- return hmac;
-}
-
#else
bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
@@ -155,26 +133,33 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
return NULL;
}
-void qcrypto_hmac_free(QCryptoHmac *hmac)
+static void
+qcrypto_glib_hmac_ctx_free(QCryptoHmac *hmac)
{
return;
}
-int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
return -1;
}
#endif
+
+QCryptoHmacDriver qcrypto_hmac_lib_driver = {
+ .hmac_bytesv = qcrypto_glib_hmac_bytesv,
+ .hmac_free = qcrypto_glib_hmac_ctx_free,
+};
diff --git a/crypto/hmac-nettle.c b/crypto/hmac-nettle.c
index 19fbb4f..1d5a915 100644
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@@ -15,6 +15,7 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hmac.h"
+#include "hmacpriv.h"
#include <nettle/hmac.h>
typedef void (*qcrypto_nettle_hmac_setkey)(void *ctx,
@@ -97,10 +98,9 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
return false;
}
-static QCryptoHmacNettle *
-qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
+void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
{
QCryptoHmacNettle *ctx;
@@ -117,26 +117,22 @@ qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
return ctx;
}
-void qcrypto_hmac_free(QCryptoHmac *hmac)
+static void
+qcrypto_nettle_hmac_ctx_free(QCryptoHmac *hmac)
{
QCryptoHmacNettle *ctx;
- if (!hmac) {
- return;
- }
-
ctx = hmac->opaque;
-
g_free(ctx);
- g_free(hmac);
}
-int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
- const struct iovec *iov,
- size_t niov,
- uint8_t **result,
- size_t *resultlen,
- Error **errp)
+static int
+qcrypto_nettle_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoHmacNettle *ctx;
int i;
@@ -169,21 +165,7 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
return 0;
}
-QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
- const uint8_t *key, size_t nkey,
- Error **errp)
-{
- QCryptoHmac *hmac;
- QCryptoHmacNettle *ctx;
-
- ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
- if (ctx == NULL) {
- return NULL;
- }
-
- hmac = g_new0(QCryptoHmac, 1);
- hmac->alg = alg;
- hmac->opaque = ctx;
-
- return hmac;
-}
+QCryptoHmacDriver qcrypto_hmac_lib_driver = {
+ .hmac_bytesv = qcrypto_nettle_hmac_bytesv,
+ .hmac_free = qcrypto_nettle_hmac_ctx_free,
+};
diff --git a/crypto/hmac.c b/crypto/hmac.c
index 5750405..d040fbb 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -12,9 +12,22 @@
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hmac.h"
+#include "hmacpriv.h"
static const char hex[] = "0123456789abcdef";
+int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ QCryptoHmacDriver *drv = hmac->driver;
+
+ return drv->hmac_bytesv(hmac, iov, niov, result, resultlen, errp);
+}
+
int qcrypto_hmac_bytes(QCryptoHmac *hmac,
const char *buf,
size_t len,
@@ -70,3 +83,34 @@ int qcrypto_hmac_digest(QCryptoHmac *hmac,
return qcrypto_hmac_digestv(hmac, &iov, 1, digest, errp);
}
+
+QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ QCryptoHmac *hmac;
+ void *ctx;
+
+ ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
+ if (ctx == NULL) {
+ return NULL;
+ }
+
+ hmac = g_new0(QCryptoHmac, 1);
+ hmac->alg = alg;
+ hmac->opaque = ctx;
+ hmac->driver = (void *)&qcrypto_hmac_lib_driver;
+
+ return hmac;
+}
+
+void qcrypto_hmac_free(QCryptoHmac *hmac)
+{
+ QCryptoHmacDriver *drv;
+
+ if (hmac) {
+ drv = hmac->driver;
+ drv->hmac_free(hmac);
+ g_free(hmac);
+ }
+}
diff --git a/crypto/hmacpriv.h b/crypto/hmacpriv.h
new file mode 100644
index 0000000..2be389a
--- /dev/null
+++ b/crypto/hmacpriv.h
@@ -0,0 +1,36 @@
+/*
+ * QEMU Crypto hmac driver supports
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ *
+ */
+
+#ifndef QCRYPTO_HMACPRIV_H
+#define QCRYPTO_HMACPRIV_H
+
+typedef struct QCryptoHmacDriver QCryptoHmacDriver;
+
+struct QCryptoHmacDriver {
+ int (*hmac_bytesv)(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov,
+ uint8_t **result,
+ size_t *resultlen,
+ Error **errp);
+
+ void (*hmac_free)(QCryptoHmac *hmac);
+};
+
+extern void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp);
+extern QCryptoHmacDriver qcrypto_hmac_lib_driver;
+
+#endif
diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h
index 0d3acd7..5e88905 100644
--- a/include/crypto/hmac.h
+++ b/include/crypto/hmac.h
@@ -18,6 +18,7 @@ typedef struct QCryptoHmac QCryptoHmac;
struct QCryptoHmac {
QCryptoHashAlgorithm alg;
void *opaque;
+ void *driver;
};
/**
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (10 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:10 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
` (7 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
The AF_ALG socket family is the userspace interface for linux
crypto API, this patch adds af_alg family support and some common
functions for af_alg backend. It'll be used by afalg-backend crypto
latter.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
configure | 21 +++++++++
crypto/Makefile.objs | 1 +
crypto/afalg.c | 118 +++++++++++++++++++++++++++++++++++++++++++++++++++
crypto/afalgpriv.h | 59 ++++++++++++++++++++++++++
4 files changed, 199 insertions(+)
create mode 100644 crypto/afalg.c
create mode 100644 crypto/afalgpriv.h
diff --git a/configure b/configure
index 6db3044..db0e183 100755
--- a/configure
+++ b/configure
@@ -4744,6 +4744,23 @@ if compile_prog "" "" ; then
have_af_vsock=yes
fi
+##########################################
+# check for usable AF_ALG environment
+hava_af_alg=no
+cat > $TMPC << EOF
+#include <errno.h>
+#include <sys/types.h>
+#include <sys/socket.h>
+int main(void) {
+ int sock;
+ sock = socket(AF_ALG, SOCK_SEQPACKET, 0);
+ return sock;
+}
+EOF
+if compile_prog "" "" ; then
+ have_af_alg=yes
+fi
+
#################################################
# Sparc implicitly links with --relax, which is
# incompatible with -r, so --no-relax should be
@@ -5774,6 +5791,10 @@ if test "$have_af_vsock" = "yes" ; then
echo "CONFIG_AF_VSOCK=y" >> $config_host_mak
fi
+if test "$have_af_alg" = "yes" ; then
+ echo "CONFIG_AF_ALG=y" >> $config_host_mak
+fi
+
if test "$have_sysmacros" = "yes" ; then
echo "CONFIG_SYSMACROS=y" >> $config_host_mak
fi
diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs
index 1f749f2..2be5a3a 100644
--- a/crypto/Makefile.objs
+++ b/crypto/Makefile.objs
@@ -10,6 +10,7 @@ crypto-obj-$(if $(CONFIG_NETTLE),n,$(if $(CONFIG_GCRYPT_HMAC),n,y)) += hmac-glib
crypto-obj-y += aes.o
crypto-obj-y += desrfb.o
crypto-obj-y += cipher.o
+crypto-obj-$(CONFIG_AF_ALG) += afalg.o
crypto-obj-y += tlscreds.o
crypto-obj-y += tlscredsanon.o
crypto-obj-y += tlscredsx509.o
diff --git a/crypto/afalg.c b/crypto/afalg.c
new file mode 100644
index 0000000..80c5cfd
--- /dev/null
+++ b/crypto/afalg.c
@@ -0,0 +1,118 @@
+/*
+ * QEMU Crypto af_alg support
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/cutils.h"
+#include "qemu/sockets.h"
+#include "qapi/error.h"
+#include "afalgpriv.h"
+
+static bool
+qcrypto_afalg_build_saddr(const char *type, const char *name,
+ struct sockaddr_alg *salg, Error **errp)
+{
+ salg->salg_family = AF_ALG;
+
+ if (qemu_strnlen(type, SALG_TYPE_LEN_MAX) == SALG_TYPE_LEN_MAX) {
+ error_setg(errp, "Afalg type(%s) is larger than %d bytes",
+ type, SALG_TYPE_LEN_MAX);
+ return false;
+ }
+
+ if (qemu_strnlen(name, SALG_NAME_LEN_MAX) == SALG_NAME_LEN_MAX) {
+ error_setg(errp, "Afalg name(%s) is larger than %d bytes",
+ name, SALG_NAME_LEN_MAX);
+ return false;
+ }
+
+ pstrcpy((char *)salg->salg_type, SALG_TYPE_LEN_MAX, type);
+ pstrcpy((char *)salg->salg_name, SALG_NAME_LEN_MAX, name);
+
+ return true;
+}
+
+static int
+qcrypto_afalg_socket_bind(const char *type, const char *name,
+ Error **errp)
+{
+ int sbind;
+ struct sockaddr_alg salg = {0};
+
+ if (!qcrypto_afalg_build_saddr(type, name, &salg, errp)) {
+ return -1;
+ }
+
+ sbind = qemu_socket(AF_ALG, SOCK_SEQPACKET, 0);
+ if (sbind < 0) {
+ error_setg_errno(errp, errno, "Failed to create socket");
+ return -1;
+ }
+
+ if (bind(sbind, (const struct sockaddr *)&salg, sizeof(salg)) != 0) {
+ error_setg_errno(errp, errno, "Failed to bind socket");
+ closesocket(sbind);
+ return -1;
+ }
+
+ return sbind;
+}
+
+QCryptoAFAlg *
+qcrypto_afalg_comm_alloc(const char *type, const char *name,
+ Error **errp)
+{
+ QCryptoAFAlg *afalg;
+
+ afalg = g_new0(QCryptoAFAlg, 1);
+ /* initilize crypto API socket */
+ afalg->opfd = -1;
+ afalg->tfmfd = qcrypto_afalg_socket_bind(type, name, errp);
+ if (afalg->tfmfd == -1) {
+ goto error;
+ }
+
+ afalg->opfd = qemu_accept(afalg->tfmfd, NULL, 0);
+ if (afalg->opfd == -1) {
+ error_setg_errno(errp, errno, "Failed to accept socket");
+ goto error;
+ }
+
+ return afalg;
+
+error:
+ qcrypto_afalg_comm_free(afalg);
+ return NULL;
+}
+
+void qcrypto_afalg_comm_free(QCryptoAFAlg *afalg)
+{
+ if (afalg) {
+ if (afalg->msg) {
+ g_free(afalg->msg->msg_control);
+ g_free(afalg->msg);
+ }
+
+ if (afalg->name) {
+ g_free(afalg->name);
+ }
+
+ if (afalg->tfmfd != -1) {
+ closesocket(afalg->tfmfd);
+ }
+
+ if (afalg->opfd != -1) {
+ closesocket(afalg->opfd);
+ }
+
+ g_free(afalg);
+ }
+}
diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h
new file mode 100644
index 0000000..f1b0ae5
--- /dev/null
+++ b/crypto/afalgpriv.h
@@ -0,0 +1,59 @@
+/*
+ * QEMU Crypto af_alg support
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+
+#ifndef QCRYPTO_AFALGPRIV_H
+#define QCRYPTO_AFALGPRIV_H
+
+#ifdef CONFIG_AF_ALG
+
+#include <linux/if_alg.h>
+
+#define SALG_TYPE_LEN_MAX 14
+#define SALG_NAME_LEN_MAX 64
+
+typedef struct QCryptoAFAlg QCryptoAFAlg;
+
+struct QCryptoAFAlg {
+ int tfmfd;
+ int opfd;
+ char *name;
+ struct msghdr *msg;
+ struct cmsghdr *cmsg;
+};
+
+/**
+ * qcrypto_afalg_comm_alloc:
+ * @type: the type of crypto operation
+ * @name: the name of crypto operation
+ *
+ * Allocate a QCryptoAFAlg object and bind itself to
+ * a AF_ALG socket.
+ *
+ * Returns:
+ * a new QCryptoAFAlg object, or NULL in error.
+ */
+QCryptoAFAlg *
+qcrypto_afalg_comm_alloc(const char *type, const char *name,
+ Error **errp);
+
+/**
+ * afalg_comm_free:
+ * @afalg: the QCryptoAFAlg object
+ *
+ * Free the @afalg.
+ */
+void qcrypto_afalg_comm_free(QCryptoAFAlg *afalg);
+
+#endif
+
+#endif
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (11 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:17 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
` (6 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Adds afalg-backend cipher support: introduces some private APIs
firstly, and then intergrates them into qcrypto_cipher_afalg_driver.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/Makefile.objs | 1 +
crypto/afalgpriv.h | 9 ++
crypto/cipher-afalg.c | 229 +++++++++++++++++++++++++++++++++++++++++++++
crypto/cipher.c | 28 +++++-
crypto/cipherpriv.h | 11 +++
include/crypto/cipher.h | 8 ++
tests/test-crypto-cipher.c | 10 +-
7 files changed, 294 insertions(+), 2 deletions(-)
create mode 100644 crypto/cipher-afalg.c
diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs
index 2be5a3a..d2e8fa8 100644
--- a/crypto/Makefile.objs
+++ b/crypto/Makefile.objs
@@ -11,6 +11,7 @@ crypto-obj-y += aes.o
crypto-obj-y += desrfb.o
crypto-obj-y += cipher.o
crypto-obj-$(CONFIG_AF_ALG) += afalg.o
+crypto-obj-$(CONFIG_AF_ALG) += cipher-afalg.o
crypto-obj-y += tlscreds.o
crypto-obj-y += tlscredsanon.o
crypto-obj-y += tlscredsx509.o
diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h
index f1b0ae5..e384b15 100644
--- a/crypto/afalgpriv.h
+++ b/crypto/afalgpriv.h
@@ -21,6 +21,15 @@
#define SALG_TYPE_LEN_MAX 14
#define SALG_NAME_LEN_MAX 64
+#ifndef SOL_ALG
+#define SOL_ALG 279
+#endif
+
+#define AFALG_TYPE_CIPHER "skcipher"
+
+#define ALG_OPTYPE_LEN 4
+#define ALG_MSGIV_LEN(len) (sizeof(struct af_alg_iv) + (len))
+
typedef struct QCryptoAFAlg QCryptoAFAlg;
struct QCryptoAFAlg {
diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c
new file mode 100644
index 0000000..cce8e6b
--- /dev/null
+++ b/crypto/cipher-afalg.c
@@ -0,0 +1,229 @@
+/*
+ * QEMU Crypto af_alg-backend cipher support
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/sockets.h"
+#include "qemu-common.h"
+#include "qapi/error.h"
+#include "crypto/cipher.h"
+#include "cipherpriv.h"
+
+
+static char *
+qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ Error **errp)
+{
+ char *name;
+ const char *alg_name;
+ const char *mode_name;
+ int ret;
+
+ switch (alg) {
+ case QCRYPTO_CIPHER_ALG_AES_128:
+ case QCRYPTO_CIPHER_ALG_AES_192:
+ case QCRYPTO_CIPHER_ALG_AES_256:
+ alg_name = "aes";
+ break;
+ case QCRYPTO_CIPHER_ALG_CAST5_128:
+ alg_name = "cast5";
+ break;
+ case QCRYPTO_CIPHER_ALG_SERPENT_128:
+ case QCRYPTO_CIPHER_ALG_SERPENT_192:
+ case QCRYPTO_CIPHER_ALG_SERPENT_256:
+ alg_name = "serpent";
+ break;
+ case QCRYPTO_CIPHER_ALG_TWOFISH_128:
+ case QCRYPTO_CIPHER_ALG_TWOFISH_192:
+ case QCRYPTO_CIPHER_ALG_TWOFISH_256:
+ alg_name = "twofish";
+ break;
+
+ default:
+ error_setg(errp, "Unsupported cipher algorithm %d", alg);
+ return NULL;
+ }
+
+ mode_name = QCryptoCipherMode_lookup[mode];
+
+ name = g_new0(char, SALG_NAME_LEN_MAX);
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "%s(%s)", mode_name,
+ alg_name);
+ if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
+ error_setg(errp, "Build ciphername(name='%s',mode='%s') failed",
+ alg_name, mode_name);
+ g_free(name);
+ return NULL;
+ }
+
+ return name;
+}
+
+QCryptoAFAlg *
+qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey, Error **errp)
+{
+ QCryptoAFAlg *afalg;
+ size_t except_niv;
+ char *name;
+
+ name = qcrypto_afalg_cipher_format_name(alg, mode, errp);
+ if (!name) {
+ return NULL;
+ }
+
+ afalg = qcrypto_afalg_comm_alloc(AFALG_TYPE_CIPHER, name, errp);
+ if (!afalg) {
+ g_free(name);
+ return NULL;
+ }
+ afalg->name = name;
+
+ /* setkey */
+ if (qemu_setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY, key,
+ nkey) != 0) {
+ error_setg_errno(errp, errno, "Set key failed");
+ qcrypto_afalg_comm_free(afalg);
+ return NULL;
+ }
+
+ /* prepare msg header */
+ afalg->msg = g_new0(struct msghdr, 1);
+ afalg->msg->msg_controllen += CMSG_SPACE(ALG_OPTYPE_LEN);
+ except_niv = qcrypto_cipher_get_iv_len(alg, mode);
+ if (except_niv) {
+ afalg->msg->msg_controllen += CMSG_SPACE(ALG_MSGIV_LEN(except_niv));
+ }
+ afalg->msg->msg_control = g_new0(uint8_t, afalg->msg->msg_controllen);
+
+ /* We use 1st msghdr for crypto-info and 2nd msghdr for IV-info */
+ afalg->cmsg = CMSG_FIRSTHDR(afalg->msg);
+ afalg->cmsg->cmsg_level = SOL_ALG;
+ afalg->cmsg->cmsg_type = ALG_SET_OP;
+ afalg->cmsg->cmsg_len = CMSG_SPACE(ALG_OPTYPE_LEN);
+
+ return afalg;
+}
+
+static int
+qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher,
+ const uint8_t *iv,
+ size_t niv, Error **errp)
+{
+ struct af_alg_iv *alg_iv;
+ size_t except_niv;
+ QCryptoAFAlg *afalg = cipher->opaque;
+
+ except_niv = qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode);
+ if (niv != except_niv) {
+ error_setg(errp, "Set IV len(%lu) not match excepted(%lu)",
+ niv, except_niv);
+ return -1;
+ }
+
+ /* move ->cmsg to next msghdr, for IV-info */
+ afalg->cmsg = CMSG_NXTHDR(afalg->msg, afalg->cmsg);
+
+ /* build setiv msg */
+ afalg->cmsg->cmsg_level = SOL_ALG;
+ afalg->cmsg->cmsg_type = ALG_SET_IV;
+ afalg->cmsg->cmsg_len = CMSG_SPACE(ALG_MSGIV_LEN(niv));
+ alg_iv = (struct af_alg_iv *)CMSG_DATA(afalg->cmsg);
+ alg_iv->ivlen = niv;
+ memcpy(alg_iv->iv, iv, niv);
+
+ return 0;
+}
+
+static int
+qcrypto_afalg_cipher_op(QCryptoAFAlg *afalg,
+ const void *in, void *out,
+ size_t len, bool do_encrypt,
+ Error **errp)
+{
+ uint32_t *type = NULL;
+ struct iovec iov;
+ size_t ret, done = 0;
+ uint32_t origin_contorllen;
+
+ origin_contorllen = afalg->msg->msg_controllen;
+ /* movev ->cmsg to first header, for crypto-info */
+ afalg->cmsg = CMSG_FIRSTHDR(afalg->msg);
+
+ /* build encrypt msg */
+ afalg->msg->msg_iov = &iov;
+ afalg->msg->msg_iovlen = 1;
+ type = (uint32_t *)CMSG_DATA(afalg->cmsg);
+ if (do_encrypt) {
+ *type = ALG_OP_ENCRYPT;
+ } else {
+ *type = ALG_OP_DECRYPT;
+ }
+
+ do {
+ iov.iov_base = (void *)in + done;
+ iov.iov_len = len - done;
+
+ /* send info to AF_ALG core */
+ ret = sendmsg(afalg->opfd, afalg->msg, 0);
+ if (ret == -1) {
+ error_setg_errno(errp, errno, "Send data to AF_ALG core failed");
+ return -1;
+ }
+
+ /* encrypto && get result */
+ if (ret != read(afalg->opfd, out, ret)) {
+ error_setg_errno(errp, errno, "Get result from AF_ALG core failed");
+ return -1;
+ }
+
+ /* do not update IV for following chunks */
+ afalg->msg->msg_controllen = 0;
+ done += ret;
+ } while (done < len);
+
+ afalg->msg->msg_controllen = origin_contorllen;
+
+ return 0;
+}
+
+static int
+qcrypto_afalg_cipher_encrypt(QCryptoCipher *cipher,
+ const void *in, void *out,
+ size_t len, Error **errp)
+{
+ return qcrypto_afalg_cipher_op(cipher->opaque, in, out,
+ len, true, errp);
+}
+
+static int
+qcrypto_afalg_cipher_decrypt(QCryptoCipher *cipher,
+ const void *in, void *out,
+ size_t len, Error **errp)
+{
+ return qcrypto_afalg_cipher_op(cipher->opaque, in, out,
+ len, false, errp);
+}
+
+static void qcrypto_afalg_comm_ctx_free(QCryptoCipher *cipher)
+{
+ qcrypto_afalg_comm_free(cipher->opaque);
+}
+
+struct QCryptoCipherDriver qcrypto_cipher_afalg_driver = {
+ .cipher_encrypt = qcrypto_afalg_cipher_encrypt,
+ .cipher_decrypt = qcrypto_afalg_cipher_decrypt,
+ .cipher_setiv = qcrypto_afalg_cipher_setiv,
+ .cipher_free = qcrypto_afalg_comm_ctx_free,
+};
diff --git a/crypto/cipher.c b/crypto/cipher.c
index a6e052c..4a6f548 100644
--- a/crypto/cipher.c
+++ b/crypto/cipher.c
@@ -164,17 +164,34 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
{
QCryptoCipher *cipher;
void *ctx;
+ Error *err2 = NULL;
+ QCryptoCipherDriver *drv;
+
+#ifdef CONFIG_AF_ALG
+ ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2);
+ if (ctx) {
+ drv = &qcrypto_cipher_afalg_driver;
+ goto set_cipher;
+ }
+#endif
ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
if (ctx == NULL) {
+ error_free(err2);
return NULL;
}
+ drv = &qcrypto_cipher_lib_driver;
+ error_free(err2);
+
+#ifdef CONFIG_AF_ALG
+set_cipher:
+#endif
cipher = g_new0(QCryptoCipher, 1);
cipher->alg = alg;
cipher->mode = mode;
cipher->opaque = ctx;
- cipher->driver = (void *)&qcrypto_cipher_lib_driver;
+ cipher->driver = (void *)drv;
return cipher;
}
@@ -220,3 +237,12 @@ void qcrypto_cipher_free(QCryptoCipher *cipher)
g_free(cipher);
}
}
+
+bool qcrypto_cipher_using_afalg_drv(QCryptoCipher *cipher)
+{
+#ifdef CONFIG_AF_ALG
+ return cipher->driver == (void *)&qcrypto_cipher_afalg_driver;
+#else
+ return false;
+#endif
+}
diff --git a/crypto/cipherpriv.h b/crypto/cipherpriv.h
index 4af5e85..91c6a7e 100644
--- a/crypto/cipherpriv.h
+++ b/crypto/cipherpriv.h
@@ -15,6 +15,9 @@
#ifndef QCRYPTO_CIPHERPRIV_H
#define QCRYPTO_CIPHERPRIV_H
+#include "qapi-types.h"
+#include "afalgpriv.h"
+
typedef struct QCryptoCipherDriver QCryptoCipherDriver;
struct QCryptoCipherDriver {
@@ -37,4 +40,12 @@ struct QCryptoCipherDriver {
void (*cipher_free)(QCryptoCipher *cipher);
};
+extern QCryptoAFAlg *
+qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
+ QCryptoCipherMode mode,
+ const uint8_t *key,
+ size_t nkey, Error **errp);
+
+extern struct QCryptoCipherDriver qcrypto_cipher_afalg_driver;
+
#endif
diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h
index 984fb82..037f602 100644
--- a/include/crypto/cipher.h
+++ b/include/crypto/cipher.h
@@ -233,4 +233,12 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
const uint8_t *iv, size_t niv,
Error **errp);
+/**
+ * qcrypto_cipher_using_afalg_drv:
+ * @ the cipher object
+ *
+ * Returns: true if @cipher is using afalg driver, otherwise false.
+ */
+bool qcrypto_cipher_using_afalg_drv(QCryptoCipher *cipher);
+
#endif /* QCRYPTO_CIPHER_H */
diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c
index 07fa2fa..8bb3308 100644
--- a/tests/test-crypto-cipher.c
+++ b/tests/test-crypto-cipher.c
@@ -715,6 +715,7 @@ static void test_cipher_null_iv(void)
uint8_t key[32] = { 0 };
uint8_t plaintext[32] = { 0 };
uint8_t ciphertext[32] = { 0 };
+ Error *err = NULL;
cipher = qcrypto_cipher_new(
QCRYPTO_CIPHER_ALG_AES_256,
@@ -729,7 +730,14 @@ static void test_cipher_null_iv(void)
plaintext,
ciphertext,
sizeof(plaintext),
- &error_abort);
+ &err);
+
+ if (qcrypto_cipher_using_afalg_drv(cipher)) {
+ g_assert(err != NULL);
+ error_free_or_abort(&err);
+ } else {
+ g_assert(err == NULL);
+ }
qcrypto_cipher_free(cipher);
}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (12 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:20 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support Longpeng(Mike)
` (5 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Adds afalg-backend hash support: introduces some private APIs
firstly, and then intergrates them into qcrypto_hash_afalg_driver.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/Makefile.objs | 1 +
crypto/afalgpriv.h | 1 +
crypto/hash-afalg.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++
crypto/hash.c | 11 ++++
crypto/hashpriv.h | 4 ++
5 files changed, 164 insertions(+)
create mode 100644 crypto/hash-afalg.c
diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs
index d2e8fa8..2b99e08 100644
--- a/crypto/Makefile.objs
+++ b/crypto/Makefile.objs
@@ -12,6 +12,7 @@ crypto-obj-y += desrfb.o
crypto-obj-y += cipher.o
crypto-obj-$(CONFIG_AF_ALG) += afalg.o
crypto-obj-$(CONFIG_AF_ALG) += cipher-afalg.o
+crypto-obj-$(CONFIG_AF_ALG) += hash-afalg.o
crypto-obj-y += tlscreds.o
crypto-obj-y += tlscredsanon.o
crypto-obj-y += tlscredsx509.o
diff --git a/crypto/afalgpriv.h b/crypto/afalgpriv.h
index e384b15..a0950db 100644
--- a/crypto/afalgpriv.h
+++ b/crypto/afalgpriv.h
@@ -26,6 +26,7 @@
#endif
#define AFALG_TYPE_CIPHER "skcipher"
+#define AFALG_TYPE_HASH "hash"
#define ALG_OPTYPE_LEN 4
#define ALG_MSGIV_LEN(len) (sizeof(struct af_alg_iv) + (len))
diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
new file mode 100644
index 0000000..f577c83
--- /dev/null
+++ b/crypto/hash-afalg.c
@@ -0,0 +1,147 @@
+/*
+ * QEMU Crypto af_alg-backend hash support
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "qemu/iov.h"
+#include "qemu/sockets.h"
+#include "qemu-common.h"
+#include "qapi/error.h"
+#include "crypto/hash.h"
+#include "hashpriv.h"
+
+static char *
+qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
+ Error **errp)
+{
+ char *name;
+ const char *alg_name;
+ int ret;
+
+ switch (alg) {
+ case QCRYPTO_HASH_ALG_MD5:
+ alg_name = "md5";
+ break;
+ case QCRYPTO_HASH_ALG_SHA1:
+ alg_name = "sha1";
+ break;
+ case QCRYPTO_HASH_ALG_SHA224:
+ alg_name = "sha224";
+ break;
+ case QCRYPTO_HASH_ALG_SHA256:
+ alg_name = "sha256";
+ break;
+ case QCRYPTO_HASH_ALG_SHA384:
+ alg_name = "sha384";
+ break;
+ case QCRYPTO_HASH_ALG_SHA512:
+ alg_name = "sha512";
+ break;
+ case QCRYPTO_HASH_ALG_RIPEMD160:
+ alg_name = "rmd160";
+ break;
+
+ default:
+ error_setg(errp, "Unsupported hash algorithm %d", alg);
+ return NULL;
+ }
+
+ name = g_new0(char, SALG_NAME_LEN_MAX);
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
+ if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
+ error_setg(errp, "Build hash name(name='%s') failed",
+ alg_name);
+ g_free(name);
+ return NULL;
+ }
+
+ return name;
+}
+
+static QCryptoAFAlg *
+qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
+{
+ QCryptoAFAlg *afalg;
+ char *name;
+
+ name = qcrypto_afalg_hash_format_name(alg, errp);
+ if (!name) {
+ return NULL;
+ }
+
+ afalg = qcrypto_afalg_comm_alloc(AFALG_TYPE_HASH, name, errp);
+ if (!afalg) {
+ g_free(name);
+ return NULL;
+ }
+ afalg->name = name;
+
+ /* prepare msg header */
+ afalg->msg = g_new0(struct msghdr, 1);
+
+ return afalg;
+}
+
+static int
+qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ QCryptoAFAlg *afalg;
+ struct iovec outv;
+ int ret = 0;
+ const int except_len = qcrypto_hash_digest_len(alg);
+
+ if (*resultlen == 0) {
+ *resultlen = except_len;
+ *result = g_new0(uint8_t, *resultlen);
+ } else if (*resultlen != except_len) {
+ error_setg(errp,
+ "Result buffer size %zu is not match hash %d",
+ *resultlen, except_len);
+ return -1;
+ }
+
+ afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
+ if (afalg == NULL) {
+ return -1;
+ }
+
+ /* send data to kernel's crypto core */
+ ret = iov_send_recv(afalg->opfd, iov, niov,
+ 0, iov_size(iov, niov), true);
+ if (ret < 0) {
+ error_setg_errno(errp, errno, "Send data to afalg-core failed");
+ goto out;
+ }
+
+ /* hash && get result */
+ outv.iov_base = *result;
+ outv.iov_len = *resultlen;
+ afalg->msg->msg_iov = &outv;
+ afalg->msg->msg_iovlen = 1;
+ ret = recvmsg(afalg->opfd, afalg->msg, 0);
+ if (ret != -1) {
+ ret = 0;
+ } else {
+ error_setg_errno(errp, errno, "Recv result from afalg-core failed");
+ }
+
+out:
+ qcrypto_afalg_comm_free(afalg);
+ return ret;
+}
+
+QCryptoHashDriver qcrypto_hash_afalg_driver = {
+ .hash_bytesv = qcrypto_afalg_hash_bytesv,
+};
diff --git a/crypto/hash.c b/crypto/hash.c
index c43fd87..ba30c9b 100644
--- a/crypto/hash.c
+++ b/crypto/hash.c
@@ -46,6 +46,17 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
size_t *resultlen,
Error **errp)
{
+#ifdef CONFIG_AF_ALG
+ int ret;
+
+ ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
+ result, resultlen,
+ errp);
+ if (ret == 0) {
+ return ret;
+ }
+#endif
+
return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
result, resultlen,
errp);
diff --git a/crypto/hashpriv.h b/crypto/hashpriv.h
index 5e505e0..d23662f 100644
--- a/crypto/hashpriv.h
+++ b/crypto/hashpriv.h
@@ -15,6 +15,8 @@
#ifndef QCRYPTO_HASHPRIV_H
#define QCRYPTO_HASHPRIV_H
+#include "afalgpriv.h"
+
typedef struct QCryptoHashDriver QCryptoHashDriver;
struct QCryptoHashDriver {
@@ -28,4 +30,6 @@ struct QCryptoHashDriver {
extern QCryptoHashDriver qcrypto_hash_lib_driver;
+extern QCryptoHashDriver qcrypto_hash_afalg_driver;
+
#endif
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (13 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-26 12:23 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 16/18] tests: crypto: add cipher speed benchmark support Longpeng(Mike)
` (4 subsequent siblings)
19 siblings, 1 reply; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Adds afalg-backend hmac support: introduces some private APIs
firstly, and then intergrates them into qcrypto_hmac_afalg_driver.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
crypto/hash-afalg.c | 108 +++++++++++++++++++++++++++++++++++++++++++-------
crypto/hmac.c | 27 ++++++++++++-
crypto/hmacpriv.h | 9 +++++
include/crypto/hmac.h | 8 ++++
4 files changed, 136 insertions(+), 16 deletions(-)
diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
index f577c83..0670481 100644
--- a/crypto/hash-afalg.c
+++ b/crypto/hash-afalg.c
@@ -1,5 +1,5 @@
/*
- * QEMU Crypto af_alg-backend hash support
+ * QEMU Crypto af_alg-backend hash/hmac support
*
* Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
*
@@ -16,10 +16,13 @@
#include "qemu-common.h"
#include "qapi/error.h"
#include "crypto/hash.h"
+#include "crypto/hmac.h"
#include "hashpriv.h"
+#include "hmacpriv.h"
static char *
qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
+ bool is_hmac,
Error **errp)
{
char *name;
@@ -55,10 +58,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
}
name = g_new0(char, SALG_NAME_LEN_MAX);
- ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
+ if (is_hmac) {
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "hmac(%s)", alg_name);
+ } else { /* hash */
+ ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
+ }
if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
- error_setg(errp, "Build hash name(name='%s') failed",
- alg_name);
+ error_setg(errp, "Build %s name(name='%s') failed",
+ is_hmac ? "hmac" : "hash", alg_name);
g_free(name);
return NULL;
}
@@ -67,12 +74,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
}
static QCryptoAFAlg *
-qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
+qcrypto_afalg_hash_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ bool is_hmac, Error **errp)
{
QCryptoAFAlg *afalg;
char *name;
- name = qcrypto_afalg_hash_format_name(alg, errp);
+ name = qcrypto_afalg_hash_format_name(alg, is_hmac, errp);
if (!name) {
return NULL;
}
@@ -84,22 +93,49 @@ qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
}
afalg->name = name;
+ /* HMAC needs setkey */
+ if (is_hmac) {
+ if (qemu_setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY,
+ key, nkey) != 0) {
+ error_setg_errno(errp, errno, "Set hmac key failed");
+ qcrypto_afalg_comm_free(afalg);
+ return NULL;
+ }
+ }
+
/* prepare msg header */
afalg->msg = g_new0(struct msghdr, 1);
return afalg;
}
+static QCryptoAFAlg *
+qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, NULL, 0, false, errp);
+}
+
+QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_ctx_new(alg, key, nkey, true, errp);
+}
+
static int
-qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
- const struct iovec *iov,
- size_t niov, uint8_t **result,
- size_t *resultlen,
- Error **errp)
+qcrypto_afalg_hash_hmac_bytesv(QCryptoAFAlg *hmac,
+ QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
{
QCryptoAFAlg *afalg;
struct iovec outv;
int ret = 0;
+ bool is_hmac = (hmac != NULL) ? true : false;
const int except_len = qcrypto_hash_digest_len(alg);
if (*resultlen == 0) {
@@ -112,9 +148,13 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
return -1;
}
- afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
- if (afalg == NULL) {
- return -1;
+ if (is_hmac) {
+ afalg = hmac;
+ } else {
+ afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
+ if (afalg == NULL) {
+ return -1;
+ }
}
/* send data to kernel's crypto core */
@@ -138,10 +178,48 @@ qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
}
out:
- qcrypto_afalg_comm_free(afalg);
+ if (!is_hmac) {
+ qcrypto_afalg_comm_free(afalg);
+ }
return ret;
}
+static int
+qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(NULL, alg, iov, niov, result,
+ resultlen, errp);
+}
+
+static int
+qcrypto_afalg_hmac_bytesv(QCryptoHmac *hmac,
+ const struct iovec *iov,
+ size_t niov, uint8_t **result,
+ size_t *resultlen,
+ Error **errp)
+{
+ return qcrypto_afalg_hash_hmac_bytesv(hmac->opaque, hmac->alg,
+ iov, niov, result, resultlen,
+ errp);
+}
+
+static void qcrypto_afalg_hmac_ctx_free(QCryptoHmac *hmac)
+{
+ QCryptoAFAlg *afalg;
+
+ afalg = hmac->opaque;
+ qcrypto_afalg_comm_free(afalg);
+}
+
QCryptoHashDriver qcrypto_hash_afalg_driver = {
.hash_bytesv = qcrypto_afalg_hash_bytesv,
};
+
+QCryptoHmacDriver qcrypto_hmac_afalg_driver = {
+ .hmac_bytesv = qcrypto_afalg_hmac_bytesv,
+ .hmac_free = qcrypto_afalg_hmac_ctx_free,
+};
diff --git a/crypto/hmac.c b/crypto/hmac.c
index d040fbb..0a1a6e7 100644
--- a/crypto/hmac.c
+++ b/crypto/hmac.c
@@ -90,16 +90,32 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
{
QCryptoHmac *hmac;
void *ctx;
+ Error *err2 = NULL;
+ QCryptoHmacDriver *drv;
+
+#ifdef CONFIG_AF_ALG
+ ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
+ if (ctx) {
+ drv = &qcrypto_hmac_afalg_driver;
+ goto set_hmac;
+ }
+#endif
ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
if (ctx == NULL) {
return NULL;
}
+ drv = &qcrypto_hmac_lib_driver;
+ error_free(err2);
+
+#ifdef CONFIG_AF_ALG
+set_hmac:
+#endif
hmac = g_new0(QCryptoHmac, 1);
hmac->alg = alg;
hmac->opaque = ctx;
- hmac->driver = (void *)&qcrypto_hmac_lib_driver;
+ hmac->driver = (void *)drv;
return hmac;
}
@@ -114,3 +130,12 @@ void qcrypto_hmac_free(QCryptoHmac *hmac)
g_free(hmac);
}
}
+
+bool qcrypto_hmac_using_afalg_drv(QCryptoHmac *hmac)
+{
+#ifdef CONFIG_AF_ALG
+ return hmac->driver == &qcrypto_hmac_afalg_driver;
+#else
+ return false;
+#endif
+}
diff --git a/crypto/hmacpriv.h b/crypto/hmacpriv.h
index 2be389a..2d1900f 100644
--- a/crypto/hmacpriv.h
+++ b/crypto/hmacpriv.h
@@ -15,6 +15,8 @@
#ifndef QCRYPTO_HMACPRIV_H
#define QCRYPTO_HMACPRIV_H
+#include "afalgpriv.h"
+
typedef struct QCryptoHmacDriver QCryptoHmacDriver;
struct QCryptoHmacDriver {
@@ -33,4 +35,11 @@ extern void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
Error **errp);
extern QCryptoHmacDriver qcrypto_hmac_lib_driver;
+
+extern QCryptoAFAlg *
+qcrypto_afalg_hmac_ctx_new(QCryptoHashAlgorithm alg,
+ const uint8_t *key, size_t nkey,
+ Error **errp);
+extern QCryptoHmacDriver qcrypto_hmac_afalg_driver;
+
#endif
diff --git a/include/crypto/hmac.h b/include/crypto/hmac.h
index 5e88905..450cdee 100644
--- a/include/crypto/hmac.h
+++ b/include/crypto/hmac.h
@@ -164,4 +164,12 @@ int qcrypto_hmac_digest(QCryptoHmac *hmac,
char **digest,
Error **errp);
+/**
+ * qcrypto_cipher_using_afalg_drv:
+ * @hmac: the hmac object
+ *
+ * Returns: True if @hmac using afalg driver, otherwise false.
+ */
+bool qcrypto_hmac_using_afalg_drv(QCryptoHmac *hmac);
+
#endif
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 16/18] tests: crypto: add cipher speed benchmark support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (14 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 17/18] tests: crypto: add hash " Longpeng(Mike)
` (3 subsequent siblings)
19 siblings, 0 replies; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
Now we have two qcrypto backends, libiary-backend and afalg-backend,
but which one is faster? This patch add a cipher speed benchmark, it
helps us to measure the performance by using "make check-speed" or
using "./tests/benchmark-crypto-cipher" directly.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
tests/Makefile.include | 9 ++++-
tests/benchmark-crypto-cipher.c | 90 +++++++++++++++++++++++++++++++++++++++++
2 files changed, 97 insertions(+), 2 deletions(-)
create mode 100644 tests/benchmark-crypto-cipher.c
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 579ec07..3a01523 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -101,6 +101,7 @@ gcov-files-test-write-threshold-y = block/write-threshold.c
check-unit-y += tests/test-crypto-hash$(EXESUF)
check-unit-y += tests/test-crypto-hmac$(EXESUF)
check-unit-y += tests/test-crypto-cipher$(EXESUF)
+check-speed-y += tests/benchmark-crypto-cipher$(EXESUF)
check-unit-y += tests/test-crypto-secret$(EXESUF)
check-unit-$(CONFIG_GNUTLS) += tests/test-crypto-tlscredsx509$(EXESUF)
check-unit-$(CONFIG_GNUTLS) += tests/test-crypto-tlssession$(EXESUF)
@@ -524,6 +525,7 @@ test-qom-obj-y = $(qom-obj-y) $(test-util-obj-y)
test-qapi-obj-y = tests/test-qapi-visit.o tests/test-qapi-types.o \
tests/test-qapi-event.o tests/test-qmp-introspect.o \
$(test-qom-obj-y)
+benchmark-crypto-obj-y = $(crypto-obj-y) $(test-qom-obj-y)
test-crypto-obj-y = $(crypto-obj-y) $(test-qom-obj-y)
test-io-obj-y = $(io-obj-y) $(test-crypto-obj-y)
test-block-obj-y = $(block-obj-y) $(test-io-obj-y) tests/iothread.o
@@ -628,6 +630,7 @@ tests/test-bitcnt$(EXESUF): tests/test-bitcnt.o $(test-util-obj-y)
tests/test-crypto-hash$(EXESUF): tests/test-crypto-hash.o $(test-crypto-obj-y)
tests/test-crypto-hmac$(EXESUF): tests/test-crypto-hmac.o $(test-crypto-obj-y)
tests/test-crypto-cipher$(EXESUF): tests/test-crypto-cipher.o $(test-crypto-obj-y)
+tests/benchmark-crypto-cipher$(EXESUF): tests/benchmark-crypto-cipher.o $(test-crypto-obj-y)
tests/test-crypto-secret$(EXESUF): tests/test-crypto-secret.o $(test-crypto-obj-y)
tests/test-crypto-xts$(EXESUF): tests/test-crypto-xts.o $(test-crypto-obj-y)
@@ -792,6 +795,7 @@ check-help:
@echo " make check-qtest-TARGET Run qtest tests for given target"
@echo " make check-qtest Run qtest tests"
@echo " make check-unit Run qobject tests"
+ @echo " make check-speed Run qobject speed tests"
@echo " make check-qapi-schema Run QAPI schema tests"
@echo " make check-block Run block tests"
@echo " make check-report.html Generates an HTML test report"
@@ -822,8 +826,8 @@ $(patsubst %, check-qtest-%, $(QTEST_TARGETS)): check-qtest-%: $(check-qtest-y)
$(GCOV) $(GCOV_OPTIONS) $$f -o `dirname $$f`; \
done,)
-.PHONY: $(patsubst %, check-%, $(check-unit-y))
-$(patsubst %, check-%, $(check-unit-y)): check-%: %
+.PHONY: $(patsubst %, check-%, $(check-unit-y) $(check-speed-y))
+$(patsubst %, check-%, $(check-unit-y) $(check-speed-y)): check-%: %
$(if $(CONFIG_GCOV),@rm -f *.gcda */*.gcda */*/*.gcda */*/*/*.gcda,)
$(call quiet-command, \
MALLOC_PERTURB_=$${MALLOC_PERTURB_:-$$((RANDOM % 255 + 1))} \
@@ -882,6 +886,7 @@ check-tests/qapi-schema/doc-good.texi: tests/qapi-schema/doc-good.test.texi
check-qapi-schema: $(patsubst %,check-%, $(check-qapi-schema-y)) check-tests/qapi-schema/doc-good.texi
check-qtest: $(patsubst %,check-qtest-%, $(QTEST_TARGETS))
check-unit: $(patsubst %,check-%, $(check-unit-y))
+check-speed: $(patsubst %,check-%, $(check-speed-y))
check-block: $(patsubst %,check-%, $(check-block-y))
check: check-qapi-schema check-unit check-qtest
check-clean:
diff --git a/tests/benchmark-crypto-cipher.c b/tests/benchmark-crypto-cipher.c
new file mode 100644
index 0000000..40594e3
--- /dev/null
+++ b/tests/benchmark-crypto-cipher.c
@@ -0,0 +1,90 @@
+/*
+ * QEMU Crypto cipher speed benchmark
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "crypto/init.h"
+#include "crypto/cipher.h"
+
+static void test_cipher_speed(const void *opaque)
+{
+ QCryptoCipher *cipher;
+ Error *err = NULL;
+ double total = 0.0;
+ size_t chunk_size = (size_t)opaque;
+ uint8_t *key = NULL, *iv = NULL;
+ uint8_t *plaintext = NULL, *ciphertext = NULL;
+ size_t nkey = qcrypto_cipher_get_key_len(QCRYPTO_CIPHER_ALG_AES_128);
+ size_t niv = qcrypto_cipher_get_iv_len(QCRYPTO_CIPHER_ALG_AES_128,
+ QCRYPTO_CIPHER_MODE_CBC);
+
+ key = g_new0(uint8_t, nkey);
+ memset(key, g_test_rand_int(), nkey);
+
+ iv = g_new0(uint8_t, niv);
+ memset(iv, g_test_rand_int(), niv);
+
+ ciphertext = g_new0(uint8_t, chunk_size);
+
+ plaintext = g_new0(uint8_t, chunk_size);
+ memset(plaintext, g_test_rand_int(), chunk_size);
+
+ cipher = qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_128,
+ QCRYPTO_CIPHER_MODE_CBC,
+ key, nkey, &err);
+ g_assert(cipher != NULL);
+
+ g_assert(qcrypto_cipher_setiv(cipher,
+ iv, niv,
+ &err) == 0);
+
+ g_test_timer_start();
+ do {
+ g_assert(qcrypto_cipher_encrypt(cipher,
+ plaintext,
+ ciphertext,
+ chunk_size,
+ &err) == 0);
+ total += chunk_size;
+ } while (g_test_timer_elapsed() < 5.0);
+
+ total /= 1024 * 1024; /* to MB */
+
+ g_print("[drv:%s]", qcrypto_cipher_using_afalg_drv(cipher) ?
+ "afalg" : "libs");
+ g_print("cbc(aes128): ");
+ g_print("Testing chunk_size %ld bytes ", chunk_size);
+ g_print("done: %.2f MB in %.2f secs: ", total, g_test_timer_last());
+ g_print("%.2f MB/sec\n", total / g_test_timer_last());
+
+ qcrypto_cipher_free(cipher);
+ g_free(plaintext);
+ g_free(ciphertext);
+ g_free(iv);
+ g_free(key);
+}
+
+int main(int argc, char **argv)
+{
+ size_t i;
+ char name[64];
+
+ g_test_init(&argc, &argv, NULL);
+ g_assert(qcrypto_init(NULL) == 0);
+
+ for (i = 512; i <= (64 * 1204); i *= 2) {
+ memset(name, 0 , sizeof(name));
+ snprintf(name, sizeof(name), "/crypto/cipher/speed-%lu", i);
+ g_test_add_data_func(name, (void *)i, test_cipher_speed);
+ }
+
+ return g_test_run();
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 17/18] tests: crypto: add hash speed benchmark support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (15 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 16/18] tests: crypto: add cipher speed benchmark support Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 18/18] tests: crypto: add hmac " Longpeng(Mike)
` (2 subsequent siblings)
19 siblings, 0 replies; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
This patch add a hash speed benchmark, it helps us to
measure the performance by using "make check-speed" or
using "./tests/benchmark-crypto-cipher" directly.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
tests/Makefile.include | 2 ++
tests/benchmark-crypto-hash.c | 67 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 69 insertions(+)
create mode 100644 tests/benchmark-crypto-hash.c
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 3a01523..045d16f 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -99,6 +99,7 @@ gcov-files-test-keyval-y = util/keyval.c
check-unit-y += tests/test-write-threshold$(EXESUF)
gcov-files-test-write-threshold-y = block/write-threshold.c
check-unit-y += tests/test-crypto-hash$(EXESUF)
+check-speed-y += tests/benchmark-crypto-hash$(EXESUF)
check-unit-y += tests/test-crypto-hmac$(EXESUF)
check-unit-y += tests/test-crypto-cipher$(EXESUF)
check-speed-y += tests/benchmark-crypto-cipher$(EXESUF)
@@ -628,6 +629,7 @@ tests/test-mul64$(EXESUF): tests/test-mul64.o $(test-util-obj-y)
tests/test-bitops$(EXESUF): tests/test-bitops.o $(test-util-obj-y)
tests/test-bitcnt$(EXESUF): tests/test-bitcnt.o $(test-util-obj-y)
tests/test-crypto-hash$(EXESUF): tests/test-crypto-hash.o $(test-crypto-obj-y)
+tests/benchmark-crypto-hash$(EXESUF): tests/benchmark-crypto-hash.o $(test-crypto-obj-y)
tests/test-crypto-hmac$(EXESUF): tests/test-crypto-hmac.o $(test-crypto-obj-y)
tests/test-crypto-cipher$(EXESUF): tests/test-crypto-cipher.o $(test-crypto-obj-y)
tests/benchmark-crypto-cipher$(EXESUF): tests/benchmark-crypto-cipher.o $(test-crypto-obj-y)
diff --git a/tests/benchmark-crypto-hash.c b/tests/benchmark-crypto-hash.c
new file mode 100644
index 0000000..6769d2a
--- /dev/null
+++ b/tests/benchmark-crypto-hash.c
@@ -0,0 +1,67 @@
+/*
+ * QEMU Crypto hash speed benchmark
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "crypto/init.h"
+#include "crypto/hash.h"
+
+static void test_hash_speed(const void *opaque)
+{
+ size_t chunk_size = (size_t)opaque;
+ uint8_t *in = NULL, *out = NULL;
+ size_t out_len = 0;
+ double total = 0.0;
+ struct iovec iov;
+ int ret;
+
+ in = g_new0(uint8_t, chunk_size);
+ memset(in, g_test_rand_int(), chunk_size);
+
+ iov.iov_base = (char *)in;
+ iov.iov_len = chunk_size;
+
+ g_test_timer_start();
+ do {
+ ret = qcrypto_hash_bytesv(QCRYPTO_HASH_ALG_SHA256,
+ &iov, 1, &out, &out_len,
+ NULL);
+ g_assert(ret == 0);
+
+ total += chunk_size;
+ } while (g_test_timer_elapsed() < 5.0);
+
+ total /= 1024 * 1024; /* to MB */
+ g_print("sha256: ");
+ g_print("Testing chunk_size %ld bytes ", chunk_size);
+ g_print("done: %.2f MB in %.2f secs: ", total, g_test_timer_last());
+ g_print("%.2f MB/sec\n", total / g_test_timer_last());
+
+ g_free(out);
+ g_free(in);
+}
+
+int main(int argc, char **argv)
+{
+ size_t i;
+ char name[64];
+
+ g_test_init(&argc, &argv, NULL);
+ g_assert(qcrypto_init(NULL) == 0);
+
+ for (i = 512; i <= (64 * 1204); i *= 2) {
+ memset(name, 0 , sizeof(name));
+ snprintf(name, sizeof(name), "/crypto/hash/speed-%lu", i);
+ g_test_add_data_func(name, (void *)i, test_hash_speed);
+ }
+
+ return g_test_run();
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* [Qemu-devel] [PATCH v3 18/18] tests: crypto: add hmac speed benchmark support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (16 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 17/18] tests: crypto: add hash " Longpeng(Mike)
@ 2017-04-22 7:20 ` Longpeng(Mike)
2017-04-22 7:41 ` [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support no-reply
2017-04-22 7:42 ` no-reply
19 siblings, 0 replies; 37+ messages in thread
From: Longpeng(Mike) @ 2017-04-22 7:20 UTC (permalink / raw)
To: berrange
Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang, Longpeng(Mike)
This patch add a hmac speed benchmark, it helps us to
measure the performance by using "make check-speed" or
using "./tests/benchmark-crypto-hmac" directly.
Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
---
tests/Makefile.include | 2 +
tests/benchmark-crypto-hmac.c | 96 +++++++++++++++++++++++++++++++++++++++++++
2 files changed, 98 insertions(+)
create mode 100644 tests/benchmark-crypto-hmac.c
diff --git a/tests/Makefile.include b/tests/Makefile.include
index 045d16f..7b170be 100644
--- a/tests/Makefile.include
+++ b/tests/Makefile.include
@@ -101,6 +101,7 @@ gcov-files-test-write-threshold-y = block/write-threshold.c
check-unit-y += tests/test-crypto-hash$(EXESUF)
check-speed-y += tests/benchmark-crypto-hash$(EXESUF)
check-unit-y += tests/test-crypto-hmac$(EXESUF)
+check-speed-y += tests/benchmark-crypto-hmac$(EXESUF)
check-unit-y += tests/test-crypto-cipher$(EXESUF)
check-speed-y += tests/benchmark-crypto-cipher$(EXESUF)
check-unit-y += tests/test-crypto-secret$(EXESUF)
@@ -631,6 +632,7 @@ tests/test-bitcnt$(EXESUF): tests/test-bitcnt.o $(test-util-obj-y)
tests/test-crypto-hash$(EXESUF): tests/test-crypto-hash.o $(test-crypto-obj-y)
tests/benchmark-crypto-hash$(EXESUF): tests/benchmark-crypto-hash.o $(test-crypto-obj-y)
tests/test-crypto-hmac$(EXESUF): tests/test-crypto-hmac.o $(test-crypto-obj-y)
+tests/benchmark-crypto-hmac$(EXESUF): tests/benchmark-crypto-hmac.o $(test-crypto-obj-y)
tests/test-crypto-cipher$(EXESUF): tests/test-crypto-cipher.o $(test-crypto-obj-y)
tests/benchmark-crypto-cipher$(EXESUF): tests/benchmark-crypto-cipher.o $(test-crypto-obj-y)
tests/test-crypto-secret$(EXESUF): tests/test-crypto-secret.o $(test-crypto-obj-y)
diff --git a/tests/benchmark-crypto-hmac.c b/tests/benchmark-crypto-hmac.c
new file mode 100644
index 0000000..be2f2a5
--- /dev/null
+++ b/tests/benchmark-crypto-hmac.c
@@ -0,0 +1,96 @@
+/*
+ * QEMU Crypto hmac speed benchmark
+ *
+ * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
+ *
+ * Authors:
+ * Longpeng(Mike) <longpeng2@huawei.com>
+ *
+ * This work is licensed under the terms of the GNU GPL, version 2 or
+ * (at your option) any later version. See the COPYING file in the
+ * top-level directory.
+ */
+#include "qemu/osdep.h"
+#include "crypto/init.h"
+#include "crypto/hmac.h"
+
+#define KEY "monkey monkey monkey monkey"
+
+static void test_hmac_speed(const void *opaque)
+{
+ size_t chunk_size = (size_t)opaque;
+ QCryptoHmac *hmac = NULL;
+ uint8_t *in = NULL, *out = NULL;
+ size_t out_len = 0;
+ double total = 0.0;
+ struct iovec iov;
+ Error *err = NULL;
+ int ret;
+
+ if (!qcrypto_hmac_supports(QCRYPTO_HASH_ALG_SHA256)) {
+ return;
+ }
+
+ hmac = qcrypto_hmac_new(QCRYPTO_HASH_ALG_SHA256, (const uint8_t *)KEY,
+ strlen(KEY), &err);
+ g_assert(err == NULL);
+ g_assert(hmac != NULL);
+
+ in = g_new0(uint8_t, chunk_size);
+ memset(in, g_test_rand_int(), chunk_size);
+
+ iov.iov_base = (char *)in;
+ iov.iov_len = chunk_size;
+
+ g_test_timer_start();
+ do {
+ ret = qcrypto_hmac_bytesv(hmac, &iov, 1, &out, &out_len, &err);
+ g_assert(ret == 0);
+ g_assert(err == NULL);
+
+#if !defined(CONFIG_NETTLE) && !defined(CONFIG_GCRYPT)
+ /*
+ * qcrypto_hmac_bytesv() uses g_checksum_get_digest() to get the
+ * digest. Once this function has been called, the #GChecksum is
+ * closed and can no longer be updated with g_checksum_update().
+ * So...we must free glib-backend hmac object and renew one here.
+ */
+ qcrypto_hmac_free(hmac);
+ hmac = qcrypto_hmac_new(QCRYPTO_HASH_ALG_SHA256, (const uint8_t *)KEY,
+ strlen(KEY), &err);
+ g_assert(err == NULL);
+ g_assert(hmac != NULL);
+#endif
+ total += chunk_size;
+ } while (g_test_timer_elapsed() < 5.0);
+
+ total /= 1024 * 1024; /* to MB */
+
+ g_print("[drv:%s]", qcrypto_hmac_using_afalg_drv(hmac) ?
+ "afalg" : "libs");
+ g_print("hmac(sha256): ");
+ g_print("Testing chunk_size %ld bytes ", chunk_size);
+ g_print("done: %.2f MB in %.2f secs: ", total, g_test_timer_last());
+ g_print("%.2f MB/sec\n", total / g_test_timer_last());
+
+ qcrypto_hmac_free(hmac);
+ g_free(out);
+ g_free(in);
+}
+
+int main(int argc, char **argv)
+{
+ size_t i;
+ char name[64];
+
+ g_test_init(&argc, &argv, NULL);
+ g_assert(qcrypto_init(NULL) == 0);
+
+ for (i = 512; i <= (64 * 1204); i *= 2) {
+ memset(name, 0 , sizeof(name));
+ snprintf(name, sizeof(name), "/crypto/hmac/speed-%lu", i);
+ g_test_add_data_func(name, (void *)i, test_hmac_speed);
+ }
+
+ return g_test_run();
+}
--
1.8.3.1
^ permalink raw reply related [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (17 preceding siblings ...)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 18/18] tests: crypto: add hmac " Longpeng(Mike)
@ 2017-04-22 7:41 ` no-reply
2017-04-22 7:42 ` no-reply
19 siblings, 0 replies; 37+ messages in thread
From: no-reply @ 2017-04-22 7:41 UTC (permalink / raw)
To: longpeng2
Cc: famz, berrange, arei.gonglei, weidong.huang, qemu-devel, longpeng.mike
Hi,
This series failed automatic build test. Please find the testing commands and
their output below. If you have docker installed, you can probably reproduce it
locally.
Message-id: 1492845627-4384-1-git-send-email-longpeng2@huawei.com
Type: series
Subject: [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support
=== TEST SCRIPT BEGIN ===
#!/bin/bash
set -e
git submodule update --init dtc
# Let docker tests dump environment info
export SHOW_ENV=1
export J=8
make docker-test-quick@centos6
make docker-test-mingw@fedora
make docker-test-build@min-glib
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
From https://github.com/patchew-project/qemu
* [new tag] patchew/1492845627-4384-1-git-send-email-longpeng2@huawei.com -> patchew/1492845627-4384-1-git-send-email-longpeng2@huawei.com
Switched to a new branch 'test'
661f423 tests: crypto: add hmac speed benchmark support
5171494 tests: crypto: add hash speed benchmark support
13c3e03 tests: crypto: add cipher speed benchmark support
961a401 crypto: hmac: add af_alg hmac support
063286b crypto: hash: add afalg-backend hash support
b5355c4 crypto: cipher: add afalg-backend cipher support
2d2350b crypto: introduce some common functions for af_alg backend
cd954fa crypto: hmac: add hmac driver framework
a1fd00b crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
9db6301 crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
f1ed9b7 crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
c024c50 crypto: hmac: move crypto/hmac.h into include/crypto/
6c9afb6 crypto: hash: add hash driver framework
e3e9bc0 crypto: cipher: add cipher driver framework
df0cae3 crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
44bbb18 crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
8089468 crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
7b46541 crypto: cipher: introduce context free function
=== OUTPUT BEGIN ===
Submodule 'dtc' (git://git.qemu-project.org/dtc.git) registered for path 'dtc'
Cloning into '/var/tmp/patchew-tester-tmp-3q7t_6bj/src/dtc'...
Submodule path 'dtc': checked out '558cd81bdd432769b59bff01240c44f82cfb1a9d'
BUILD centos6
make[1]: Entering directory '/var/tmp/patchew-tester-tmp-3q7t_6bj/src'
ARCHIVE qemu.tgz
ARCHIVE dtc.tgz
COPY RUNNER
RUN test-quick in qemu:centos6
Packages installed:
SDL-devel-1.2.14-7.el6_7.1.x86_64
ccache-3.1.6-2.el6.x86_64
epel-release-6-8.noarch
gcc-4.4.7-17.el6.x86_64
git-1.7.1-4.el6_7.1.x86_64
glib2-devel-2.28.8-5.el6.x86_64
libfdt-devel-1.4.0-1.el6.x86_64
make-3.81-23.el6.x86_64
package g++ is not installed
pixman-devel-0.32.8-1.el6.x86_64
tar-1.23-15.el6_8.x86_64
zlib-devel-1.2.3-29.el6.x86_64
Environment variables:
PACKAGES=libfdt-devel ccache tar git make gcc g++ zlib-devel glib2-devel SDL-devel pixman-devel epel-release
HOSTNAME=02a3bb3b76a2
TERM=xterm
MAKEFLAGS= -j8
HISTSIZE=1000
J=8
USER=root
CCACHE_DIR=/var/tmp/ccache
EXTRA_CONFIGURE_OPTS=
V=
SHOW_ENV=1
MAIL=/var/spool/mail/root
PATH=/usr/lib/ccache:/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
PWD=/
LANG=en_US.UTF-8
TARGET_LIST=
HISTCONTROL=ignoredups
SHLVL=1
HOME=/root
TEST_DIR=/tmp/qemu-test
LOGNAME=root
LESSOPEN=||/usr/bin/lesspipe.sh %s
FEATURES= dtc
DEBUG=
G_BROKEN_FILENAMES=1
CCACHE_HASHDIR=
_=/usr/bin/env
Configure options:
--enable-werror --target-list=x86_64-softmmu,aarch64-softmmu --prefix=/var/tmp/qemu-build/install
grep: scripts/tracetool/backend/*.py: No such file or directory
No C++ compiler available; disabling C++ specific optional code
Install prefix /var/tmp/qemu-build/install
BIOS directory /var/tmp/qemu-build/install/share/qemu
binary directory /var/tmp/qemu-build/install/bin
library directory /var/tmp/qemu-build/install/lib
module directory /var/tmp/qemu-build/install/lib/qemu
libexec directory /var/tmp/qemu-build/install/libexec
include directory /var/tmp/qemu-build/install/include
config directory /var/tmp/qemu-build/install/etc
local state directory /var/tmp/qemu-build/install/var
Manual directory /var/tmp/qemu-build/install/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path /tmp/qemu-test/src
C compiler cc
Host C compiler cc
C++ compiler
Objective-C compiler cc
ARFLAGS rv
CFLAGS -O2 -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -g
QEMU_CFLAGS -I/usr/include/pixman-1 -I$(SRC_PATH)/dtc/libfdt -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -fPIE -DPIE -m64 -mcx16 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common -fwrapv -Wendif-labels -Wno-missing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-all
LDFLAGS -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -g
make make
install install
python python -B
smbd /usr/sbin/smbd
module support no
host CPU x86_64
host big endian no
target list x86_64-softmmu aarch64-softmmu
tcg debug enabled no
gprof enabled no
sparse enabled no
strip binaries yes
profiler no
static build no
pixman system
SDL support yes (1.2.14)
GTK support no
GTK GL support no
VTE support no
TLS priority NORMAL
GNUTLS support no
GNUTLS rnd no
libgcrypt no
libgcrypt kdf no
nettle no
nettle kdf no
libtasn1 no
curses support no
virgl support no
curl support no
mingw32 support no
Audio drivers oss
Block whitelist (rw)
Block whitelist (ro)
VirtFS support no
VNC support yes
VNC SASL support no
VNC JPEG support no
VNC PNG support no
xen support no
brlapi support no
bluez support no
Documentation no
PIE yes
vde support no
netmap support no
Linux AIO support no
ATTR/XATTR support yes
Install blobs yes
KVM support yes
HAX support no
RDMA support no
TCG interpreter no
fdt support yes
preadv support yes
fdatasync yes
madvise yes
posix_madvise yes
libcap-ng support no
vhost-net support yes
vhost-scsi support yes
vhost-vsock support yes
Trace backends log
spice support no
rbd support no
xfsctl support no
smartcard support no
libusb no
usb net redir no
OpenGL support no
OpenGL dmabufs no
libiscsi support no
libnfs support no
build guest agent yes
QGA VSS support no
QGA w32 disk info no
QGA MSI support no
seccomp support no
coroutine backend ucontext
coroutine pool yes
debug stack usage no
GlusterFS support no
gcov gcov
gcov enabled no
TPM support yes
libssh2 support no
TPM passthrough yes
QOM debugging yes
lzo support no
snappy support no
bzip2 support no
NUMA host support no
tcmalloc support no
jemalloc support no
avx2 optimization no
replication support yes
GEN x86_64-softmmu/config-devices.mak.tmp
mkdir -p dtc/libfdt
GEN aarch64-softmmu/config-devices.mak.tmp
mkdir -p dtc/tests
GEN config-host.h
GEN qemu-options.def
GEN qmp-commands.h
GEN qapi-types.h
GEN qapi-visit.h
GEN qapi-event.h
GEN x86_64-softmmu/config-devices.mak
GEN qmp-marshal.c
GEN aarch64-softmmu/config-devices.mak
GEN qapi-types.c
GEN qapi-visit.c
GEN qapi-event.c
GEN qmp-introspect.h
GEN qmp-introspect.c
GEN trace/generated-tcg-tracers.h
GEN trace/generated-helpers-wrappers.h
GEN trace/generated-helpers.h
GEN trace/generated-helpers.c
GEN module_block.h
GEN tests/test-qapi-types.h
GEN tests/test-qapi-visit.h
GEN tests/test-qmp-commands.h
GEN tests/test-qapi-event.h
GEN tests/test-qmp-introspect.h
GEN trace-root.h
GEN util/trace.h
GEN crypto/trace.h
GEN io/trace.h
GEN migration/trace.h
GEN block/trace.h
GEN backends/trace.h
GEN hw/block/trace.h
GEN hw/block/dataplane/trace.h
GEN hw/char/trace.h
GEN hw/intc/trace.h
GEN hw/net/trace.h
GEN hw/virtio/trace.h
GEN hw/audio/trace.h
GEN hw/misc/trace.h
GEN hw/usb/trace.h
GEN hw/scsi/trace.h
GEN hw/nvram/trace.h
GEN hw/display/trace.h
GEN hw/input/trace.h
GEN hw/timer/trace.h
GEN hw/dma/trace.h
GEN hw/sparc/trace.h
GEN hw/sd/trace.h
GEN hw/isa/trace.h
GEN hw/mem/trace.h
GEN hw/i386/trace.h
GEN hw/i386/xen/trace.h
GEN hw/9pfs/trace.h
GEN hw/ppc/trace.h
GEN hw/pci/trace.h
GEN hw/s390x/trace.h
GEN hw/vfio/trace.h
GEN hw/acpi/trace.h
GEN hw/arm/trace.h
GEN hw/alpha/trace.h
GEN hw/xen/trace.h
GEN ui/trace.h
GEN audio/trace.h
GEN net/trace.h
GEN target/arm/trace.h
GEN target/i386/trace.h
GEN target/mips/trace.h
GEN target/sparc/trace.h
GEN target/s390x/trace.h
GEN target/ppc/trace.h
GEN qom/trace.h
GEN linux-user/trace.h
GEN trace-root.c
GEN qapi/trace.h
GEN util/trace.c
GEN crypto/trace.c
GEN io/trace.c
GEN migration/trace.c
GEN block/trace.c
GEN backends/trace.c
GEN hw/block/trace.c
GEN hw/block/dataplane/trace.c
GEN hw/char/trace.c
GEN hw/intc/trace.c
GEN hw/net/trace.c
GEN hw/virtio/trace.c
GEN hw/audio/trace.c
GEN hw/misc/trace.c
GEN hw/usb/trace.c
GEN hw/scsi/trace.c
GEN hw/nvram/trace.c
GEN hw/display/trace.c
GEN hw/input/trace.c
GEN hw/timer/trace.c
GEN hw/dma/trace.c
GEN hw/sparc/trace.c
GEN hw/sd/trace.c
GEN hw/isa/trace.c
GEN hw/mem/trace.c
GEN hw/i386/trace.c
GEN hw/i386/xen/trace.c
GEN hw/9pfs/trace.c
GEN hw/ppc/trace.c
GEN hw/pci/trace.c
GEN hw/s390x/trace.c
GEN hw/vfio/trace.c
GEN hw/acpi/trace.c
GEN hw/arm/trace.c
GEN hw/alpha/trace.c
GEN hw/xen/trace.c
GEN ui/trace.c
GEN audio/trace.c
GEN net/trace.c
GEN target/arm/trace.c
GEN target/i386/trace.c
GEN target/mips/trace.c
GEN target/sparc/trace.c
GEN target/s390x/trace.c
GEN target/ppc/trace.c
GEN qom/trace.c
GEN linux-user/trace.c
GEN qapi/trace.c
GEN config-all-devices.mak
DEP /tmp/qemu-test/src/dtc/tests/dumptrees.c
DEP /tmp/qemu-test/src/dtc/tests/trees.S
DEP /tmp/qemu-test/src/dtc/tests/testutils.c
DEP /tmp/qemu-test/src/dtc/tests/value-labels.c
DEP /tmp/qemu-test/src/dtc/tests/asm_tree_dump.c
DEP /tmp/qemu-test/src/dtc/tests/truncated_property.c
DEP /tmp/qemu-test/src/dtc/tests/check_path.c
DEP /tmp/qemu-test/src/dtc/tests/overlay_bad_fixup.c
DEP /tmp/qemu-test/src/dtc/tests/overlay.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/property_iterate.c
DEP /tmp/qemu-test/src/dtc/tests/integer-expressions.c
DEP /tmp/qemu-test/src/dtc/tests/utilfdt_test.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset_aliases.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_unordered.c
DEP /tmp/qemu-test/src/dtc/tests/add_subnode_with_nops.c
DEP /tmp/qemu-test/src/dtc/tests/dtbs_equal_ordered.c
DEP /tmp/qemu-test/src/dtc/tests/extra-terminating-null.c
DEP /tmp/qemu-test/src/dtc/tests/incbin.c
DEP /tmp/qemu-test/src/dtc/tests/dtb_reverse.c
DEP /tmp/qemu-test/src/dtc/tests/boot-cpuid.c
DEP /tmp/qemu-test/src/dtc/tests/phandle_format.c
DEP /tmp/qemu-test/src/dtc/tests/string_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/references.c
DEP /tmp/qemu-test/src/dtc/tests/path-references.c
DEP /tmp/qemu-test/src/dtc/tests/propname_escapes.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop2.c
DEP /tmp/qemu-test/src/dtc/tests/appendprop1.c
DEP /tmp/qemu-test/src/dtc/tests/del_node.c
DEP /tmp/qemu-test/src/dtc/tests/del_property.c
DEP /tmp/qemu-test/src/dtc/tests/setprop.c
DEP /tmp/qemu-test/src/dtc/tests/set_name.c
DEP /tmp/qemu-test/src/dtc/tests/rw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/open_pack.c
DEP /tmp/qemu-test/src/dtc/tests/nopulate.c
DEP /tmp/qemu-test/src/dtc/tests/mangle-layout.c
DEP /tmp/qemu-test/src/dtc/tests/move_and_save.c
DEP /tmp/qemu-test/src/dtc/tests/sw_tree1.c
DEP /tmp/qemu-test/src/dtc/tests/nop_node.c
DEP /tmp/qemu-test/src/dtc/tests/nop_property.c
DEP /tmp/qemu-test/src/dtc/tests/stringlist.c
DEP /tmp/qemu-test/src/dtc/tests/setprop_inplace.c
DEP /tmp/qemu-test/src/dtc/tests/addr_size_cells.c
DEP /tmp/qemu-test/src/dtc/tests/notfound.c
DEP /tmp/qemu-test/src/dtc/tests/sized_cells.c
DEP /tmp/qemu-test/src/dtc/tests/char_literal.c
DEP /tmp/qemu-test/src/dtc/tests/get_alias.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_check_compatible.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/node_offset_by_prop_value.c
DEP /tmp/qemu-test/src/dtc/tests/parent_offset.c
DEP /tmp/qemu-test/src/dtc/tests/supernode_atdepth_offset.c
DEP /tmp/qemu-test/src/dtc/tests/get_path.c
DEP /tmp/qemu-test/src/dtc/tests/get_phandle.c
DEP /tmp/qemu-test/src/dtc/tests/getprop.c
DEP /tmp/qemu-test/src/dtc/tests/get_name.c
DEP /tmp/qemu-test/src/dtc/tests/path_offset.c
DEP /tmp/qemu-test/src/dtc/tests/subnode_offset.c
DEP /tmp/qemu-test/src/dtc/tests/find_property.c
DEP /tmp/qemu-test/src/dtc/tests/root_node.c
DEP /tmp/qemu-test/src/dtc/tests/get_mem_rsv.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_overlay.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_empty_tree.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_addresses.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_strerror.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_rw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_sw.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_wip.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt_ro.c
DEP /tmp/qemu-test/src/dtc/libfdt/fdt.c
DEP /tmp/qemu-test/src/dtc/util.c
DEP /tmp/qemu-test/src/dtc/fdtput.c
DEP /tmp/qemu-test/src/dtc/fdtget.c
DEP /tmp/qemu-test/src/dtc/fdtdump.c
LEX convert-dtsv0-lexer.lex.c
make[1]: flex: Command not found
BISON dtc-parser.tab.c
make[1]: bison: Command not found
LEX dtc-lexer.lex.c
make[1]: flex: Command not found
DEP /tmp/qemu-test/src/dtc/srcpos.c
DEP /tmp/qemu-test/src/dtc/livetree.c
DEP /tmp/qemu-test/src/dtc/treesource.c
DEP /tmp/qemu-test/src/dtc/fstree.c
DEP /tmp/qemu-test/src/dtc/flattree.c
DEP /tmp/qemu-test/src/dtc/dtc.c
DEP /tmp/qemu-test/src/dtc/data.c
DEP /tmp/qemu-test/src/dtc/checks.c
CHK version_gen.h
LEX convert-dtsv0-lexer.lex.c
BISON dtc-parser.tab.c
make[1]: flex: Command not found
LEX dtc-lexer.lex.c
make[1]: bison: Command not found
make[1]: flex: Command not found
UPD version_gen.h
DEP /tmp/qemu-test/src/dtc/util.c
LEX convert-dtsv0-lexer.lex.c
make[1]: flex: Command not found
BISON dtc-parser.tab.c
make[1]: bison: Command not found
LEX dtc-lexer.lex.c
make[1]: flex: Command not found
CC libfdt/fdt.o
CC libfdt/fdt_ro.o
CC libfdt/fdt_sw.o
CC libfdt/fdt_wip.o
CC libfdt/fdt_rw.o
CC libfdt/fdt_strerror.o
CC libfdt/fdt_empty_tree.o
CC libfdt/fdt_addresses.o
CC libfdt/fdt_overlay.o
AR libfdt/libfdt.a
ar: creating libfdt/libfdt.a
a - libfdt/fdt.o
a - libfdt/fdt_ro.o
a - libfdt/fdt_wip.o
a - libfdt/fdt_sw.o
a - libfdt/fdt_rw.o
a - libfdt/fdt_strerror.o
a - libfdt/fdt_empty_tree.o
a - libfdt/fdt_addresses.o
a - libfdt/fdt_overlay.o
LEX convert-dtsv0-lexer.lex.c
BISON dtc-parser.tab.c
make[1]: flex: Command not found
make[1]: bison: Command not found
LEX dtc-lexer.lex.c
make[1]: flex: Command not found
CC tests/qemu-iotests/socket_scm_helper.o
GEN qga/qapi-generated/qga-qmp-commands.h
GEN qga/qapi-generated/qga-qapi-visit.h
GEN qga/qapi-generated/qga-qmp-marshal.c
GEN qga/qapi-generated/qga-qapi-types.c
GEN qga/qapi-generated/qga-qapi-types.h
CC qmp-introspect.o
GEN qga/qapi-generated/qga-qapi-visit.c
CC qapi-types.o
CC qapi-event.o
CC qapi/qapi-visit-core.o
CC qapi-visit.o
CC qapi/qapi-dealloc-visitor.o
CC qapi/qobject-input-visitor.o
CC qapi/qobject-output-visitor.o
CC qapi/qmp-dispatch.o
CC qapi/qmp-registry.o
CC qapi/string-input-visitor.o
CC qapi/string-output-visitor.o
CC qapi/opts-visitor.o
CC qapi/qapi-clone-visitor.o
CC qapi/qmp-event.o
CC qapi/qapi-util.o
CC qobject/qnull.o
CC qobject/qint.o
CC qobject/qstring.o
CC qobject/qdict.o
CC qobject/qlist.o
CC qobject/qfloat.o
CC qobject/qbool.o
CC qobject/qjson.o
CC qobject/qobject.o
CC qobject/json-lexer.o
CC qobject/json-streamer.o
CC qobject/json-parser.o
CC trace/control.o
CC trace/qmp.o
CC util/osdep.o
CC util/cutils.o
CC util/unicode.o
CC util/qemu-timer-common.o
CC util/bufferiszero.o
CC util/lockcnt.o
CC util/aiocb.o
CC util/async.o
CC util/thread-pool.o
CC util/main-loop.o
CC util/qemu-timer.o
CC util/iohandler.o
CC util/aio-posix.o
CC util/compatfd.o
CC util/event_notifier-posix.o
CC util/mmap-alloc.o
CC util/oslib-posix.o
CC util/qemu-openpty.o
CC util/memfd.o
CC util/qemu-thread-posix.o
CC util/envlist.o
CC util/path.o
CC util/module.o
CC util/host-utils.o
CC util/bitmap.o
CC util/bitops.o
CC util/hbitmap.o
CC util/fifo8.o
CC util/acl.o
CC util/error.o
CC util/qemu-error.o
CC util/iov.o
CC util/id.o
CC util/qemu-config.o
CC util/qemu-sockets.o
CC util/uri.o
CC util/notify.o
CC util/qemu-option.o
CC util/qemu-progress.o
CC util/keyval.o
CC util/hexdump.o
CC util/crc32c.o
CC util/uuid.o
CC util/throttle.o
CC util/getauxval.o
CC util/readline.o
CC util/rcu.o
CC util/qemu-coroutine.o
CC util/qemu-coroutine-lock.o
CC util/qemu-coroutine-io.o
CC util/qemu-coroutine-sleep.o
CC util/coroutine-ucontext.o
CC util/buffer.o
CC util/timed-average.o
CC util/base64.o
CC util/log.o
CC util/qdist.o
CC util/qht.o
CC util/range.o
CC util/systemd.o
CC trace-root.o
CC util/trace.o
CC crypto/trace.o
CC io/trace.o
CC migration/trace.o
CC block/trace.o
CC backends/trace.o
CC hw/block/trace.o
CC hw/block/dataplane/trace.o
CC hw/char/trace.o
CC hw/intc/trace.o
CC hw/net/trace.o
CC hw/virtio/trace.o
CC hw/audio/trace.o
CC hw/misc/trace.o
CC hw/usb/trace.o
CC hw/scsi/trace.o
CC hw/nvram/trace.o
CC hw/display/trace.o
CC hw/input/trace.o
CC hw/timer/trace.o
CC hw/dma/trace.o
CC hw/sparc/trace.o
CC hw/sd/trace.o
CC hw/isa/trace.o
CC hw/mem/trace.o
CC hw/i386/trace.o
CC hw/i386/xen/trace.o
CC hw/9pfs/trace.o
CC hw/ppc/trace.o
CC hw/pci/trace.o
CC hw/s390x/trace.o
CC hw/vfio/trace.o
CC hw/acpi/trace.o
CC hw/arm/trace.o
CC hw/alpha/trace.o
CC hw/xen/trace.o
CC ui/trace.o
CC audio/trace.o
CC net/trace.o
CC target/arm/trace.o
CC target/i386/trace.o
CC target/mips/trace.o
CC target/sparc/trace.o
CC target/s390x/trace.o
CC target/ppc/trace.o
CC qom/trace.o
CC linux-user/trace.o
CC qapi/trace.o
CC crypto/pbkdf-stub.o
CC stubs/arch-query-cpu-def.o
CC stubs/arch-query-cpu-model-expansion.o
CC stubs/arch-query-cpu-model-comparison.o
CC stubs/arch-query-cpu-model-baseline.o
CC stubs/bdrv-next-monitor-owned.o
CC stubs/blk-commit-all.o
CC stubs/blockdev-close-all-bdrv-states.o
CC stubs/clock-warp.o
CC stubs/cpu-get-clock.o
CC stubs/cpu-get-icount.o
CC stubs/dump.o
CC stubs/error-printf.o
CC stubs/fdset.o
CC stubs/gdbstub.o
CC stubs/get-vm-name.o
CC stubs/iothread.o
CC stubs/iothread-lock.o
CC stubs/is-daemonized.o
CC stubs/machine-init-done.o
CC stubs/migr-blocker.o
CC stubs/monitor.o
CC stubs/notify-event.o
CC stubs/qtest.o
CC stubs/replay.o
CC stubs/runstate-check.o
CC stubs/slirp.o
CC stubs/sysbus.o
CC stubs/set-fd-handler.o
CC stubs/trace-control.o
CC stubs/uuid.o
CC stubs/vm-stop.o
CC stubs/vmstate.o
CC stubs/qmp_pc_dimm_device_list.o
CC stubs/target-monitor-defs.o
CC stubs/target-get-monitor-def.o
CC stubs/pc_madt_cpu_entry.o
CC stubs/vmgenid.o
CC contrib/ivshmem-client/ivshmem-client.o
CC contrib/ivshmem-client/main.o
CC contrib/ivshmem-server/ivshmem-server.o
CC contrib/ivshmem-server/main.o
CC qemu-nbd.o
CC block.o
CC blockjob.o
CC qemu-io-cmds.o
CC replication.o
CC block/raw-format.o
CC block/qcow.o
CC block/vdi.o
CC block/vmdk.o
CC block/cloop.o
CC block/bochs.o
CC block/vvfat.o
CC block/vpc.o
CC block/dmg.o
CC block/qcow2.o
CC block/qcow2-refcount.o
CC block/qcow2-cluster.o
CC block/qcow2-snapshot.o
CC block/qcow2-cache.o
CC block/qed.o
CC block/qed-gencb.o
CC block/qed-l2-cache.o
CC block/qed-table.o
CC block/qed-cluster.o
CC block/qed-check.o
CC block/vhdx.o
CC block/vhdx-endian.o
CC block/vhdx-log.o
CC block/quorum.o
CC block/parallels.o
CC block/blkdebug.o
CC block/blkverify.o
CC block/blkreplay.o
CC block/block-backend.o
CC block/snapshot.o
CC block/qapi.o
CC block/file-posix.o
CC block/null.o
CC block/mirror.o
CC block/commit.o
CC block/io.o
CC block/throttle-groups.o
CC block/nbd.o
CC block/nbd-client.o
CC block/sheepdog.o
CC block/accounting.o
CC block/dirty-bitmap.o
CC block/write-threshold.o
CC block/backup.o
CC block/replication.o
CC block/crypto.o
CC nbd/server.o
CC nbd/client.o
CC nbd/common.o
CC crypto/init.o
CC crypto/hash.o
CC crypto/hash-glib.o
CC crypto/hmac.o
CC crypto/hmac-glib.o
CC crypto/aes.o
CC crypto/desrfb.o
CC crypto/cipher.o
CC crypto/tlscreds.o
CC crypto/tlscredsanon.o
In file included from /tmp/qemu-test/src/crypto/hmac.c:16:
/tmp/qemu-test/src/crypto/hmacpriv.h:39: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
make: *** [crypto/hmac.o] Error 1
make: *** Waiting for unfinished jobs....
In file included from /tmp/qemu-test/src/crypto/hmac-glib.c:19:
/tmp/qemu-test/src/crypto/hmacpriv.h:39: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
make: *** [crypto/hmac-glib.o] Error 1
In file included from /tmp/qemu-test/src/crypto/cipher.c:25:
/tmp/qemu-test/src/crypto/cipherpriv.h:43: error: expected ‘=’, ‘,’, ‘;’, ‘asm’ or ‘__attribute__’ before ‘*’ token
make: *** [crypto/cipher.o] Error 1
tests/docker/Makefile.include:118: recipe for target 'docker-run' failed
make[1]: *** [docker-run] Error 2
make[1]: Leaving directory '/var/tmp/patchew-tester-tmp-3q7t_6bj/src'
tests/docker/Makefile.include:149: recipe for target 'docker-run-test-quick@centos6' failed
make: *** [docker-run-test-quick@centos6] Error 2
=== OUTPUT END ===
Test command exited with code: 2
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
` (18 preceding siblings ...)
2017-04-22 7:41 ` [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support no-reply
@ 2017-04-22 7:42 ` no-reply
19 siblings, 0 replies; 37+ messages in thread
From: no-reply @ 2017-04-22 7:42 UTC (permalink / raw)
To: longpeng2
Cc: famz, berrange, arei.gonglei, weidong.huang, qemu-devel, longpeng.mike
Hi,
This series seems to have some coding style problems. See output below for
more information:
Message-id: 1492845627-4384-1-git-send-email-longpeng2@huawei.com
Type: series
Subject: [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support
=== TEST SCRIPT BEGIN ===
#!/bin/bash
BASE=base
n=1
total=$(git log --oneline $BASE.. | wc -l)
failed=0
# Useful git options
git config --local diff.renamelimit 0
git config --local diff.renames True
commits="$(git log --format=%H --reverse $BASE..)"
for c in $commits; do
echo "Checking PATCH $n/$total: $(git log -n 1 --format=%s $c)..."
if ! git show $c --format=email | ./scripts/checkpatch.pl --mailback -; then
failed=1
echo
fi
n=$((n+1))
done
exit $failed
=== TEST SCRIPT END ===
Updating 3c8cf5a9c21ff8782164d1def7f44bd888713384
Switched to a new branch 'test'
661f423 tests: crypto: add hmac speed benchmark support
5171494 tests: crypto: add hash speed benchmark support
13c3e03 tests: crypto: add cipher speed benchmark support
961a401 crypto: hmac: add af_alg hmac support
063286b crypto: hash: add afalg-backend hash support
b5355c4 crypto: cipher: add afalg-backend cipher support
2d2350b crypto: introduce some common functions for af_alg backend
cd954fa crypto: hmac: add hmac driver framework
a1fd00b crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
9db6301 crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
f1ed9b7 crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
c024c50 crypto: hmac: move crypto/hmac.h into include/crypto/
6c9afb6 crypto: hash: add hash driver framework
e3e9bc0 crypto: cipher: add cipher driver framework
df0cae3 crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
44bbb18 crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
8089468 crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
7b46541 crypto: cipher: introduce context free function
=== OUTPUT BEGIN ===
Checking PATCH 1/18: crypto: cipher: introduce context free function...
Checking PATCH 2/18: crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend...
Checking PATCH 3/18: crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend...
Checking PATCH 4/18: crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend...
Checking PATCH 5/18: crypto: cipher: add cipher driver framework...
Checking PATCH 6/18: crypto: hash: add hash driver framework...
Checking PATCH 7/18: crypto: hmac: move crypto/hmac.h into include/crypto/...
Checking PATCH 8/18: crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend...
Checking PATCH 9/18: crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend...
Checking PATCH 10/18: crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend...
Checking PATCH 11/18: crypto: hmac: add hmac driver framework...
Checking PATCH 12/18: crypto: introduce some common functions for af_alg backend...
ERROR: g_free(NULL) is safe this check is probably not required
#175: FILE: crypto/afalg.c:105:
+ if (afalg->name) {
+ g_free(afalg->name);
total: 1 errors, 0 warnings, 217 lines checked
Your patch has style problems, please review. If any of these errors
are false positives report them to the maintainer, see
CHECKPATCH in MAINTAINERS.
Checking PATCH 13/18: crypto: cipher: add afalg-backend cipher support...
Checking PATCH 14/18: crypto: hash: add afalg-backend hash support...
Checking PATCH 15/18: crypto: hmac: add af_alg hmac support...
Checking PATCH 16/18: tests: crypto: add cipher speed benchmark support...
Checking PATCH 17/18: tests: crypto: add hash speed benchmark support...
Checking PATCH 18/18: tests: crypto: add hmac speed benchmark support...
=== OUTPUT END ===
Test command exited with code: 1
---
Email generated automatically by Patchew [http://patchew.org/].
Please send your feedback to patchew-devel@freelists.org
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
@ 2017-04-26 12:02 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:02 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:10PM +0800, Longpeng(Mike) wrote:
> Refactors the qcrypto_cipher_free(), splits it into two parts. One
> is gcrypt/nettle__cipher_free_ctx() to free the special context.
>
> This makes code more clear, what's more, it would be used by the
> later patch.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
@ 2017-04-26 12:02 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:02 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:11PM +0800, Longpeng(Mike) wrote:
> Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
> gcrypt-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/cipher-gcrypt.c | 50 +++++++++++++++++++++++++++++++++-----------------
> 1 file changed, 33 insertions(+), 17 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
@ 2017-04-26 12:03 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:03 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:12PM +0800, Longpeng(Mike) wrote:
> Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
> nettle-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/cipher-nettle.c | 41 +++++++++++++++++++++++++++++------------
> 1 file changed, 29 insertions(+), 12 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
@ 2017-04-26 12:03 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:03 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:13PM +0800, Longpeng(Mike) wrote:
> Extracts qcrypto_cipher_ctx_new() from qcrypto_cipher_new() for
> builtin-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/cipher-builtin.c | 101 ++++++++++++++++++++++++++----------------------
> 1 file changed, 55 insertions(+), 46 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
@ 2017-04-26 12:04 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:04 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:14PM +0800, Longpeng(Mike) wrote:
> 1) makes the public APIs in cipher-nettle/gcrypt/builtin static,
> and rename them with "nettle/gcrypt/builtin" prefix.
>
> 2) introduces cipher framework, including QCryptoCipherDriver
> and new public APIs.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/cipher-builtin.c | 64 +++++++++++++++++--------------------------
> crypto/cipher-gcrypt.c | 72 +++++++++++++++++++++----------------------------
> crypto/cipher-nettle.c | 71 ++++++++++++++++++++----------------------------
> crypto/cipher.c | 65 ++++++++++++++++++++++++++++++++++++++++++++
> crypto/cipherpriv.h | 40 +++++++++++++++++++++++++++
> include/crypto/cipher.h | 1 +
> 6 files changed, 190 insertions(+), 123 deletions(-)
> create mode 100644 crypto/cipherpriv.h
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash driver framework
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash " Longpeng(Mike)
@ 2017-04-26 12:04 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:04 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:15PM +0800, Longpeng(Mike) wrote:
> 1) makes the public APIs in hash-nettle/gcrypt/glib static,
> and rename them with "nettle/gcrypt/glib" prefix.
>
> 2) introduces hash framework, including QCryptoHashDriver
> and new public APIs.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hash-gcrypt.c | 19 +++++++++++++------
> crypto/hash-glib.c | 19 +++++++++++++------
> crypto/hash-nettle.c | 19 +++++++++++++------
> crypto/hash.c | 13 +++++++++++++
> crypto/hashpriv.h | 31 +++++++++++++++++++++++++++++++
> 5 files changed, 83 insertions(+), 18 deletions(-)
> create mode 100644 crypto/hashpriv.h
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
@ 2017-04-26 12:05 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:05 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:16PM +0800, Longpeng(Mike) wrote:
> Moves crypto/hmac.h into include/crypto/, likes cipher.h and hash.h
>
> Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hmac.h | 166 --------------------------------------------------
> include/crypto/hmac.h | 166 ++++++++++++++++++++++++++++++++++++++++++++++++++
> 2 files changed, 166 insertions(+), 166 deletions(-)
> delete mode 100644 crypto/hmac.h
> create mode 100644 include/crypto/hmac.h
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
@ 2017-04-26 12:05 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:05 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:17PM +0800, Longpeng(Mike) wrote:
> 1) Fix a handle-leak problem in qcrypto_hmac_new(), doesn't free
> ctx->handle if gcry_mac_setkey fails.
>
> 2) Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
> gcrypt-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hmac-gcrypt.c | 35 +++++++++++++++++++++++++----------
> 1 file changed, 25 insertions(+), 10 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
@ 2017-04-26 12:06 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:06 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:18PM +0800, Longpeng(Mike) wrote:
> Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
> nettle-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hmac-nettle.c | 34 ++++++++++++++++++++++++----------
> 1 file changed, 24 insertions(+), 10 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
@ 2017-04-26 12:06 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:06 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:19PM +0800, Longpeng(Mike) wrote:
> Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for
> glib-backend impls.
>
> Reviewed-by: Gonglei <arei.gonglei@huawei.com>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hmac-glib.c | 34 ++++++++++++++++++++++++----------
> 1 file changed, 24 insertions(+), 10 deletions(-)
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
@ 2017-04-26 12:07 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:07 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:20PM +0800, Longpeng(Mike) wrote:
> 1) makes the public APIs in hmac-nettle/gcrypt/glib static,
> and rename them with "nettle/gcrypt/glib" prefix.
>
> 2) introduces hmac framework, including QCryptoHmacDriver
> and new public APIs.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hmac-gcrypt.c | 51 ++++++++++++-----------------------
> crypto/hmac-glib.c | 75 +++++++++++++++++++++------------------------------
> crypto/hmac-nettle.c | 52 ++++++++++++-----------------------
> crypto/hmac.c | 44 ++++++++++++++++++++++++++++++
> crypto/hmacpriv.h | 36 +++++++++++++++++++++++++
> include/crypto/hmac.h | 1 +
> 6 files changed, 145 insertions(+), 114 deletions(-)
> create mode 100644 crypto/hmacpriv.h
Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
@ 2017-04-26 12:10 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:10 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:21PM +0800, Longpeng(Mike) wrote:
> The AF_ALG socket family is the userspace interface for linux
> crypto API, this patch adds af_alg family support and some common
> functions for af_alg backend. It'll be used by afalg-backend crypto
> latter.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> configure | 21 +++++++++
> crypto/Makefile.objs | 1 +
> crypto/afalg.c | 118 +++++++++++++++++++++++++++++++++++++++++++++++++++
> crypto/afalgpriv.h | 59 ++++++++++++++++++++++++++
> 4 files changed, 199 insertions(+)
> create mode 100644 crypto/afalg.c
> create mode 100644 crypto/afalgpriv.h
> +static bool
> +qcrypto_afalg_build_saddr(const char *type, const char *name,
> + struct sockaddr_alg *salg, Error **errp)
> +{
> + salg->salg_family = AF_ALG;
> +
> + if (qemu_strnlen(type, SALG_TYPE_LEN_MAX) == SALG_TYPE_LEN_MAX) {
> + error_setg(errp, "Afalg type(%s) is larger than %d bytes",
> + type, SALG_TYPE_LEN_MAX);
> + return false;
> + }
> +
> + if (qemu_strnlen(name, SALG_NAME_LEN_MAX) == SALG_NAME_LEN_MAX) {
> + error_setg(errp, "Afalg name(%s) is larger than %d bytes",
> + name, SALG_NAME_LEN_MAX);
> + return false;
> + }
This is uneccessarily complicated - we can just use
if (strlen(name) >= SALG_NAME_LEN_MAX) {
....
}
> + pstrcpy((char *)salg->salg_type, SALG_TYPE_LEN_MAX, type);
> + pstrcpy((char *)salg->salg_name, SALG_NAME_LEN_MAX, name);
> +
> + return true;
> +}
> +void qcrypto_afalg_comm_free(QCryptoAFAlg *afalg)
> +{
> + if (afalg) {
Rather than indenting the entire method it is preferrable to
invert the condition and return immediately, eg
if (!afalg) {
return;
}
> + if (afalg->msg) {
> + g_free(afalg->msg->msg_control);
> + g_free(afalg->msg);
> + }
> +
> + if (afalg->name) {
> + g_free(afalg->name);
> + }
> +
> + if (afalg->tfmfd != -1) {
> + closesocket(afalg->tfmfd);
> + }
> +
> + if (afalg->opfd != -1) {
> + closesocket(afalg->opfd);
> + }
> +
> + g_free(afalg);
> + }
> +}
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
@ 2017-04-26 12:17 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:17 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:22PM +0800, Longpeng(Mike) wrote:
> Adds afalg-backend cipher support: introduces some private APIs
> firstly, and then intergrates them into qcrypto_cipher_afalg_driver.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/Makefile.objs | 1 +
> crypto/afalgpriv.h | 9 ++
> crypto/cipher-afalg.c | 229 +++++++++++++++++++++++++++++++++++++++++++++
> crypto/cipher.c | 28 +++++-
> crypto/cipherpriv.h | 11 +++
> include/crypto/cipher.h | 8 ++
> tests/test-crypto-cipher.c | 10 +-
> 7 files changed, 294 insertions(+), 2 deletions(-)
> create mode 100644 crypto/cipher-afalg.c
>
> diff --git a/crypto/cipher-afalg.c b/crypto/cipher-afalg.c
> new file mode 100644
> index 0000000..cce8e6b
> --- /dev/null
> +++ b/crypto/cipher-afalg.c
> +static char *
> +qcrypto_afalg_cipher_format_name(QCryptoCipherAlgorithm alg,
> + QCryptoCipherMode mode,
> + Error **errp)
> +{
> + char *name;
> + const char *alg_name;
> + const char *mode_name;
> + int ret;
> +
> + switch (alg) {
> + case QCRYPTO_CIPHER_ALG_AES_128:
> + case QCRYPTO_CIPHER_ALG_AES_192:
> + case QCRYPTO_CIPHER_ALG_AES_256:
> + alg_name = "aes";
> + break;
> + case QCRYPTO_CIPHER_ALG_CAST5_128:
> + alg_name = "cast5";
> + break;
> + case QCRYPTO_CIPHER_ALG_SERPENT_128:
> + case QCRYPTO_CIPHER_ALG_SERPENT_192:
> + case QCRYPTO_CIPHER_ALG_SERPENT_256:
> + alg_name = "serpent";
> + break;
> + case QCRYPTO_CIPHER_ALG_TWOFISH_128:
> + case QCRYPTO_CIPHER_ALG_TWOFISH_192:
> + case QCRYPTO_CIPHER_ALG_TWOFISH_256:
> + alg_name = "twofish";
> + break;
> +
> + default:
> + error_setg(errp, "Unsupported cipher algorithm %d", alg);
> + return NULL;
> + }
> +
> + mode_name = QCryptoCipherMode_lookup[mode];
> +
> + name = g_new0(char, SALG_NAME_LEN_MAX);
> + ret = snprintf(name, SALG_NAME_LEN_MAX, "%s(%s)", mode_name,
> + alg_name);
> + if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
> + error_setg(errp, "Build ciphername(name='%s',mode='%s') failed",
> + alg_name, mode_name);
> + g_free(name);
> + return NULL;
> + }
Using g_new0+snprintf() is never a good idea. Instead use g_strdup_printf().
There is no need for the length check here either, since
qcrypto_afalg_comm_alloc() is already going to bounds check
it
> +
> + return name;
> +}
> +
> +QCryptoAFAlg *
> +qcrypto_afalg_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> + QCryptoCipherMode mode,
> + const uint8_t *key,
> + size_t nkey, Error **errp)
> +{
> + QCryptoAFAlg *afalg;
> + size_t except_niv;
Typo - I think you meant 'expect_niv' instead - same typo in other
methods below too
> + char *name;
> +
> + name = qcrypto_afalg_cipher_format_name(alg, mode, errp);
> + if (!name) {
> + return NULL;
> + }
> +
> + afalg = qcrypto_afalg_comm_alloc(AFALG_TYPE_CIPHER, name, errp);
> + if (!afalg) {
> + g_free(name);
> + return NULL;
> + }
> + afalg->name = name;
> +
> + /* setkey */
> + if (qemu_setsockopt(afalg->tfmfd, SOL_ALG, ALG_SET_KEY, key,
> + nkey) != 0) {
> + error_setg_errno(errp, errno, "Set key failed");
> + qcrypto_afalg_comm_free(afalg);
> + return NULL;
> + }
> +
> + /* prepare msg header */
> + afalg->msg = g_new0(struct msghdr, 1);
> + afalg->msg->msg_controllen += CMSG_SPACE(ALG_OPTYPE_LEN);
> + except_niv = qcrypto_cipher_get_iv_len(alg, mode);
> + if (except_niv) {
> + afalg->msg->msg_controllen += CMSG_SPACE(ALG_MSGIV_LEN(except_niv));
> + }
> + afalg->msg->msg_control = g_new0(uint8_t, afalg->msg->msg_controllen);
> +
> + /* We use 1st msghdr for crypto-info and 2nd msghdr for IV-info */
> + afalg->cmsg = CMSG_FIRSTHDR(afalg->msg);
> + afalg->cmsg->cmsg_level = SOL_ALG;
> + afalg->cmsg->cmsg_type = ALG_SET_OP;
> + afalg->cmsg->cmsg_len = CMSG_SPACE(ALG_OPTYPE_LEN);
> +
> + return afalg;
> +}
> +
> +static int
> +qcrypto_afalg_cipher_setiv(QCryptoCipher *cipher,
> + const uint8_t *iv,
> + size_t niv, Error **errp)
> +{
> + struct af_alg_iv *alg_iv;
> + size_t except_niv;
> + QCryptoAFAlg *afalg = cipher->opaque;
> +
> + except_niv = qcrypto_cipher_get_iv_len(cipher->alg, cipher->mode);
> + if (niv != except_niv) {
> + error_setg(errp, "Set IV len(%lu) not match excepted(%lu)",
> + niv, except_niv);
When printing variables that are 'size_t', you need '%zu' rather
than '%lu'
> + return -1;
> + }
> +
> + /* move ->cmsg to next msghdr, for IV-info */
> + afalg->cmsg = CMSG_NXTHDR(afalg->msg, afalg->cmsg);
> +
> + /* build setiv msg */
> + afalg->cmsg->cmsg_level = SOL_ALG;
> + afalg->cmsg->cmsg_type = ALG_SET_IV;
> + afalg->cmsg->cmsg_len = CMSG_SPACE(ALG_MSGIV_LEN(niv));
> + alg_iv = (struct af_alg_iv *)CMSG_DATA(afalg->cmsg);
> + alg_iv->ivlen = niv;
> + memcpy(alg_iv->iv, iv, niv);
> +
> + return 0;
> +}
> +
> +static int
> +qcrypto_afalg_cipher_op(QCryptoAFAlg *afalg,
> + const void *in, void *out,
> + size_t len, bool do_encrypt,
> + Error **errp)
> +{
> + uint32_t *type = NULL;
> + struct iovec iov;
> + size_t ret, done = 0;
> + uint32_t origin_contorllen;
Typo - you mean 'origin_controllen'
> +
> + origin_contorllen = afalg->msg->msg_controllen;
> + /* movev ->cmsg to first header, for crypto-info */
> + afalg->cmsg = CMSG_FIRSTHDR(afalg->msg);
> +
> + /* build encrypt msg */
> + afalg->msg->msg_iov = &iov;
> + afalg->msg->msg_iovlen = 1;
> + type = (uint32_t *)CMSG_DATA(afalg->cmsg);
> + if (do_encrypt) {
> + *type = ALG_OP_ENCRYPT;
> + } else {
> + *type = ALG_OP_DECRYPT;
> + }
> +
> + do {
> + iov.iov_base = (void *)in + done;
> + iov.iov_len = len - done;
> +
> + /* send info to AF_ALG core */
> + ret = sendmsg(afalg->opfd, afalg->msg, 0);
> + if (ret == -1) {
> + error_setg_errno(errp, errno, "Send data to AF_ALG core failed");
> + return -1;
> + }
> +
> + /* encrypto && get result */
> + if (ret != read(afalg->opfd, out, ret)) {
> + error_setg_errno(errp, errno, "Get result from AF_ALG core failed");
> + return -1;
> + }
> +
> + /* do not update IV for following chunks */
> + afalg->msg->msg_controllen = 0;
> + done += ret;
> + } while (done < len);
> +
> + afalg->msg->msg_controllen = origin_contorllen;
> +
> + return 0;
> +}
> diff --git a/crypto/cipher.c b/crypto/cipher.c
> index a6e052c..4a6f548 100644
> --- a/crypto/cipher.c
> +++ b/crypto/cipher.c
> @@ -164,17 +164,34 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg,
> {
> QCryptoCipher *cipher;
> void *ctx;
Initialize this to NULL;
> + Error *err2 = NULL;
> + QCryptoCipherDriver *drv;
> +
> +#ifdef CONFIG_AF_ALG
> + ctx = qcrypto_afalg_cipher_ctx_new(alg, mode, key, nkey, &err2);
> + if (ctx) {
> + drv = &qcrypto_cipher_afalg_driver;
> + goto set_cipher;
And drop the goto here.
> + }
> +#endif
>
And add 'if (!ctx)' before this next block:
> ctx = qcrypto_cipher_ctx_new(alg, mode, key, nkey, errp);
> if (ctx == NULL) {
> + error_free(err2);
> return NULL;
> }
>
> + drv = &qcrypto_cipher_lib_driver;
> + error_free(err2);
> +
> +#ifdef CONFIG_AF_ALG
> +set_cipher:
> +#endif
> cipher = g_new0(QCryptoCipher, 1);
> cipher->alg = alg;
> cipher->mode = mode;
> cipher->opaque = ctx;
> - cipher->driver = (void *)&qcrypto_cipher_lib_driver;
> + cipher->driver = (void *)drv;
>
> return cipher;
> }
> @@ -220,3 +237,12 @@ void qcrypto_cipher_free(QCryptoCipher *cipher)
> g_free(cipher);
> }
> }
> +
> +bool qcrypto_cipher_using_afalg_drv(QCryptoCipher *cipher)
> +{
> +#ifdef CONFIG_AF_ALG
> + return cipher->driver == (void *)&qcrypto_cipher_afalg_driver;
> +#else
> + return false;
> +#endif
> +}
> diff --git a/include/crypto/cipher.h b/include/crypto/cipher.h
> index 984fb82..037f602 100644
> --- a/include/crypto/cipher.h
> +++ b/include/crypto/cipher.h
> @@ -233,4 +233,12 @@ int qcrypto_cipher_setiv(QCryptoCipher *cipher,
> const uint8_t *iv, size_t niv,
> Error **errp);
>
> +/**
> + * qcrypto_cipher_using_afalg_drv:
> + * @ the cipher object
> + *
> + * Returns: true if @cipher is using afalg driver, otherwise false.
> + */
> +bool qcrypto_cipher_using_afalg_drv(QCryptoCipher *cipher);
IMHO whether we use afalg or not should be hidden from users of the
crypto API, so I'd prefer we didn't add this method
> diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c
> index 07fa2fa..8bb3308 100644
> --- a/tests/test-crypto-cipher.c
> +++ b/tests/test-crypto-cipher.c
> @@ -715,6 +715,7 @@ static void test_cipher_null_iv(void)
> uint8_t key[32] = { 0 };
> uint8_t plaintext[32] = { 0 };
> uint8_t ciphertext[32] = { 0 };
> + Error *err = NULL;
>
> cipher = qcrypto_cipher_new(
> QCRYPTO_CIPHER_ALG_AES_256,
> @@ -729,7 +730,14 @@ static void test_cipher_null_iv(void)
> plaintext,
> ciphertext,
> sizeof(plaintext),
> - &error_abort);
> + &err);
> +
> + if (qcrypto_cipher_using_afalg_drv(cipher)) {
> + g_assert(err != NULL);
> + error_free_or_abort(&err);
> + } else {
> + g_assert(err == NULL);
> + }
This looks wierd - we should not have different behaviour here when
using afalg
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
@ 2017-04-26 12:20 ` Daniel P. Berrange
0 siblings, 0 replies; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:20 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:23PM +0800, Longpeng(Mike) wrote:
> Adds afalg-backend hash support: introduces some private APIs
> firstly, and then intergrates them into qcrypto_hash_afalg_driver.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/Makefile.objs | 1 +
> crypto/afalgpriv.h | 1 +
> crypto/hash-afalg.c | 147 +++++++++++++++++++++++++++++++++++++++++++++++++++
> crypto/hash.c | 11 ++++
> crypto/hashpriv.h | 4 ++
> 5 files changed, 164 insertions(+)
> create mode 100644 crypto/hash-afalg.c
>
> diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
> new file mode 100644
> index 0000000..f577c83
> --- /dev/null
> +++ b/crypto/hash-afalg.c
> @@ -0,0 +1,147 @@
> +/*
> + * QEMU Crypto af_alg-backend hash support
> + *
> + * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
> + *
> + * Authors:
> + * Longpeng(Mike) <longpeng2@huawei.com>
> + *
> + * This work is licensed under the terms of the GNU GPL, version 2 or
> + * (at your option) any later version. See the COPYING file in the
> + * top-level directory.
> + */
> +#include "qemu/osdep.h"
> +#include "qemu/iov.h"
> +#include "qemu/sockets.h"
> +#include "qemu-common.h"
> +#include "qapi/error.h"
> +#include "crypto/hash.h"
> +#include "hashpriv.h"
> +
> +static char *
> +qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
> + Error **errp)
> +{
> + char *name;
> + const char *alg_name;
> + int ret;
> +
> + switch (alg) {
> + case QCRYPTO_HASH_ALG_MD5:
> + alg_name = "md5";
> + break;
> + case QCRYPTO_HASH_ALG_SHA1:
> + alg_name = "sha1";
> + break;
> + case QCRYPTO_HASH_ALG_SHA224:
> + alg_name = "sha224";
> + break;
> + case QCRYPTO_HASH_ALG_SHA256:
> + alg_name = "sha256";
> + break;
> + case QCRYPTO_HASH_ALG_SHA384:
> + alg_name = "sha384";
> + break;
> + case QCRYPTO_HASH_ALG_SHA512:
> + alg_name = "sha512";
> + break;
> + case QCRYPTO_HASH_ALG_RIPEMD160:
> + alg_name = "rmd160";
> + break;
> +
> + default:
> + error_setg(errp, "Unsupported hash algorithm %d", alg);
> + return NULL;
> + }
> +
> + name = g_new0(char, SALG_NAME_LEN_MAX);
> + ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
> + if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
> + error_setg(errp, "Build hash name(name='%s') failed",
> + alg_name);
> + g_free(name);
> + return NULL;
> + }
Again use g_strdup_printf() and don't check length here.
> +
> + return name;
> +}
> +
> +static QCryptoAFAlg *
> +qcrypto_afalg_hash_ctx_new(QCryptoHashAlgorithm alg, Error **errp)
> +{
> + QCryptoAFAlg *afalg;
> + char *name;
> +
> + name = qcrypto_afalg_hash_format_name(alg, errp);
> + if (!name) {
> + return NULL;
> + }
> +
> + afalg = qcrypto_afalg_comm_alloc(AFALG_TYPE_HASH, name, errp);
> + if (!afalg) {
> + g_free(name);
> + return NULL;
> + }
> + afalg->name = name;
> +
> + /* prepare msg header */
> + afalg->msg = g_new0(struct msghdr, 1);
> +
> + return afalg;
> +}
> +
> +static int
> +qcrypto_afalg_hash_bytesv(QCryptoHashAlgorithm alg,
> + const struct iovec *iov,
> + size_t niov, uint8_t **result,
> + size_t *resultlen,
> + Error **errp)
> +{
> + QCryptoAFAlg *afalg;
> + struct iovec outv;
> + int ret = 0;
> + const int except_len = qcrypto_hash_digest_len(alg);
Should be 'expect_len'
> +
> + if (*resultlen == 0) {
> + *resultlen = except_len;
> + *result = g_new0(uint8_t, *resultlen);
> + } else if (*resultlen != except_len) {
> + error_setg(errp,
> + "Result buffer size %zu is not match hash %d",
> + *resultlen, except_len);
> + return -1;
> + }
> +
> + afalg = qcrypto_afalg_hash_ctx_new(alg, errp);
> + if (afalg == NULL) {
> + return -1;
> + }
> +
> + /* send data to kernel's crypto core */
> + ret = iov_send_recv(afalg->opfd, iov, niov,
> + 0, iov_size(iov, niov), true);
> + if (ret < 0) {
> + error_setg_errno(errp, errno, "Send data to afalg-core failed");
> + goto out;
> + }
> +
> + /* hash && get result */
> + outv.iov_base = *result;
> + outv.iov_len = *resultlen;
> + afalg->msg->msg_iov = &outv;
> + afalg->msg->msg_iovlen = 1;
> + ret = recvmsg(afalg->opfd, afalg->msg, 0);
> + if (ret != -1) {
> + ret = 0;
> + } else {
> + error_setg_errno(errp, errno, "Recv result from afalg-core failed");
> + }
> +
> +out:
> + qcrypto_afalg_comm_free(afalg);
> + return ret;
> +}
> +
> +QCryptoHashDriver qcrypto_hash_afalg_driver = {
> + .hash_bytesv = qcrypto_afalg_hash_bytesv,
> +};
> diff --git a/crypto/hash.c b/crypto/hash.c
> index c43fd87..ba30c9b 100644
> --- a/crypto/hash.c
> +++ b/crypto/hash.c
> @@ -46,6 +46,17 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
> size_t *resultlen,
> Error **errp)
> {
> +#ifdef CONFIG_AF_ALG
> + int ret;
> +
> + ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
> + result, resultlen,
> + errp);
> + if (ret == 0) {
> + return ret;
> + }
If ret != 0, then 'errp' would have been set to an error. At
least we needs to be free'd before we call into the next driver.
I also wonder if we should treat some afalg errors as fatal
> +#endif
> +
> return qcrypto_hash_lib_driver.hash_bytesv(alg, iov, niov,
> result, resultlen,
> errp);
> diff --git a/crypto/hashpriv.h b/crypto/hashpriv.h
> index 5e505e0..d23662f 100644
> --- a/crypto/hashpriv.h
> +++ b/crypto/hashpriv.h
> @@ -15,6 +15,8 @@
> #ifndef QCRYPTO_HASHPRIV_H
> #define QCRYPTO_HASHPRIV_H
>
> +#include "afalgpriv.h"
> +
> typedef struct QCryptoHashDriver QCryptoHashDriver;
>
> struct QCryptoHashDriver {
> @@ -28,4 +30,6 @@ struct QCryptoHashDriver {
>
> extern QCryptoHashDriver qcrypto_hash_lib_driver;
>
> +extern QCryptoHashDriver qcrypto_hash_afalg_driver;
> +
> #endif
> --
> 1.8.3.1
>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support Longpeng(Mike)
@ 2017-04-26 12:23 ` Daniel P. Berrange
2017-07-04 8:52 ` Longpeng (Mike)
0 siblings, 1 reply; 37+ messages in thread
From: Daniel P. Berrange @ 2017-04-26 12:23 UTC (permalink / raw)
To: Longpeng(Mike); +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
On Sat, Apr 22, 2017 at 03:20:24PM +0800, Longpeng(Mike) wrote:
> Adds afalg-backend hmac support: introduces some private APIs
> firstly, and then intergrates them into qcrypto_hmac_afalg_driver.
>
> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
> ---
> crypto/hash-afalg.c | 108 +++++++++++++++++++++++++++++++++++++++++++-------
> crypto/hmac.c | 27 ++++++++++++-
> crypto/hmacpriv.h | 9 +++++
> include/crypto/hmac.h | 8 ++++
> 4 files changed, 136 insertions(+), 16 deletions(-)
>
> diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
> index f577c83..0670481 100644
> --- a/crypto/hash-afalg.c
> +++ b/crypto/hash-afalg.c
> @@ -1,5 +1,5 @@
> /*
> - * QEMU Crypto af_alg-backend hash support
> + * QEMU Crypto af_alg-backend hash/hmac support
> *
> * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
> *
> @@ -16,10 +16,13 @@
> #include "qemu-common.h"
> #include "qapi/error.h"
> #include "crypto/hash.h"
> +#include "crypto/hmac.h"
> #include "hashpriv.h"
> +#include "hmacpriv.h"
>
> static char *
> qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
> + bool is_hmac,
> Error **errp)
> {
> char *name;
> @@ -55,10 +58,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
> }
>
> name = g_new0(char, SALG_NAME_LEN_MAX);
> - ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
> + if (is_hmac) {
> + ret = snprintf(name, SALG_NAME_LEN_MAX, "hmac(%s)", alg_name);
> + } else { /* hash */
> + ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
> + }
> if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
> - error_setg(errp, "Build hash name(name='%s') failed",
> - alg_name);
> + error_setg(errp, "Build %s name(name='%s') failed",
> + is_hmac ? "hmac" : "hash", alg_name);
> g_free(name);
> return NULL;
> }
Same comments as before about using g_strdup_printf
> diff --git a/crypto/hmac.c b/crypto/hmac.c
> index d040fbb..0a1a6e7 100644
> --- a/crypto/hmac.c
> +++ b/crypto/hmac.c
> @@ -90,16 +90,32 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
> {
> QCryptoHmac *hmac;
> void *ctx;
Initialize to NULL
> + Error *err2 = NULL;
> + QCryptoHmacDriver *drv;
> +
> +#ifdef CONFIG_AF_ALG
> + ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
> + if (ctx) {
> + drv = &qcrypto_hmac_afalg_driver;
> + goto set_hmac;
Drop the goto
> + }
> +#endif
>
And we can just add 'if (!ctx)' here
> ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
> if (ctx == NULL) {
> return NULL;
> }
>
> + drv = &qcrypto_hmac_lib_driver;
> + error_free(err2);
> +
> +#ifdef CONFIG_AF_ALG
> +set_hmac:
> +#endif
> hmac = g_new0(QCryptoHmac, 1);
> hmac->alg = alg;
> hmac->opaque = ctx;
> - hmac->driver = (void *)&qcrypto_hmac_lib_driver;
> + hmac->driver = (void *)drv;
>
> return hmac;
> }
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
^ permalink raw reply [flat|nested] 37+ messages in thread
* Re: [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support
2017-04-26 12:23 ` Daniel P. Berrange
@ 2017-07-04 8:52 ` Longpeng (Mike)
0 siblings, 0 replies; 37+ messages in thread
From: Longpeng (Mike) @ 2017-07-04 8:52 UTC (permalink / raw)
To: Daniel P. Berrange; +Cc: arei.gonglei, longpeng.mike, qemu-devel, weidong.huang
Hi Daniel,
First, sorry for the long delay...
I have modified the code as your suggestion, and I'll send V4 soon.
On 2017/4/26 20:23, Daniel P. Berrange wrote:
> On Sat, Apr 22, 2017 at 03:20:24PM +0800, Longpeng(Mike) wrote:
>> Adds afalg-backend hmac support: introduces some private APIs
>> firstly, and then intergrates them into qcrypto_hmac_afalg_driver.
>>
>> Signed-off-by: Longpeng(Mike) <longpeng2@huawei.com>
>> ---
>> crypto/hash-afalg.c | 108 +++++++++++++++++++++++++++++++++++++++++++-------
>> crypto/hmac.c | 27 ++++++++++++-
>> crypto/hmacpriv.h | 9 +++++
>> include/crypto/hmac.h | 8 ++++
>> 4 files changed, 136 insertions(+), 16 deletions(-)
>>
>> diff --git a/crypto/hash-afalg.c b/crypto/hash-afalg.c
>> index f577c83..0670481 100644
>> --- a/crypto/hash-afalg.c
>> +++ b/crypto/hash-afalg.c
>> @@ -1,5 +1,5 @@
>> /*
>> - * QEMU Crypto af_alg-backend hash support
>> + * QEMU Crypto af_alg-backend hash/hmac support
>> *
>> * Copyright (c) 2017 HUAWEI TECHNOLOGIES CO., LTD.
>> *
>> @@ -16,10 +16,13 @@
>> #include "qemu-common.h"
>> #include "qapi/error.h"
>> #include "crypto/hash.h"
>> +#include "crypto/hmac.h"
>> #include "hashpriv.h"
>> +#include "hmacpriv.h"
>>
>> static char *
>> qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
>> + bool is_hmac,
>> Error **errp)
>> {
>> char *name;
>> @@ -55,10 +58,14 @@ qcrypto_afalg_hash_format_name(QCryptoHashAlgorithm alg,
>> }
>>
>> name = g_new0(char, SALG_NAME_LEN_MAX);
>> - ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
>> + if (is_hmac) {
>> + ret = snprintf(name, SALG_NAME_LEN_MAX, "hmac(%s)", alg_name);
>> + } else { /* hash */
>> + ret = snprintf(name, SALG_NAME_LEN_MAX, "%s", alg_name);
>> + }
>> if (ret < 0 || ret >= SALG_NAME_LEN_MAX) {
>> - error_setg(errp, "Build hash name(name='%s') failed",
>> - alg_name);
>> + error_setg(errp, "Build %s name(name='%s') failed",
>> + is_hmac ? "hmac" : "hash", alg_name);
>> g_free(name);
>> return NULL;
>> }
>
> Same comments as before about using g_strdup_printf
>
>> diff --git a/crypto/hmac.c b/crypto/hmac.c
>> index d040fbb..0a1a6e7 100644
>> --- a/crypto/hmac.c
>> +++ b/crypto/hmac.c
>> @@ -90,16 +90,32 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
>> {
>> QCryptoHmac *hmac;
>> void *ctx;
>
> Initialize to NULL
>
>> + Error *err2 = NULL;
>> + QCryptoHmacDriver *drv;
>> +
>> +#ifdef CONFIG_AF_ALG
>> + ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, &err2);
>> + if (ctx) {
>> + drv = &qcrypto_hmac_afalg_driver;
>> + goto set_hmac;
>
> Drop the goto
>
>> + }
>> +#endif
>>
>
> And we can just add 'if (!ctx)' here
>
>> ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
>> if (ctx == NULL) {
>> return NULL;
>> }
>>
>> + drv = &qcrypto_hmac_lib_driver;
>> + error_free(err2);
>> +
>> +#ifdef CONFIG_AF_ALG
>> +set_hmac:
>> +#endif
>> hmac = g_new0(QCryptoHmac, 1);
>> hmac->alg = alg;
>> hmac->opaque = ctx;
>> - hmac->driver = (void *)&qcrypto_hmac_lib_driver;
>> + hmac->driver = (void *)drv;
>>
>> return hmac;
>> }
>
> Regards,
> Daniel
--
Regards,
Longpeng(Mike)
^ permalink raw reply [flat|nested] 37+ messages in thread
end of thread, other threads:[~2017-07-04 8:53 UTC | newest]
Thread overview: 37+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-04-22 7:20 [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 01/18] crypto: cipher: introduce context free function Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 02/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for gcrypt-backend Longpeng(Mike)
2017-04-26 12:02 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 03/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for nettle-backend Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 04/18] crypto: cipher: introduce qcrypto_cipher_ctx_new for builtin-backend Longpeng(Mike)
2017-04-26 12:03 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 05/18] crypto: cipher: add cipher driver framework Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 06/18] crypto: hash: add hash " Longpeng(Mike)
2017-04-26 12:04 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 07/18] crypto: hmac: move crypto/hmac.h into include/crypto/ Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend Longpeng(Mike)
2017-04-26 12:05 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 09/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for nettle-backend Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 10/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for glib-backend Longpeng(Mike)
2017-04-26 12:06 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 11/18] crypto: hmac: add hmac driver framework Longpeng(Mike)
2017-04-26 12:07 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 12/18] crypto: introduce some common functions for af_alg backend Longpeng(Mike)
2017-04-26 12:10 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 13/18] crypto: cipher: add afalg-backend cipher support Longpeng(Mike)
2017-04-26 12:17 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 14/18] crypto: hash: add afalg-backend hash support Longpeng(Mike)
2017-04-26 12:20 ` Daniel P. Berrange
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 15/18] crypto: hmac: add af_alg hmac support Longpeng(Mike)
2017-04-26 12:23 ` Daniel P. Berrange
2017-07-04 8:52 ` Longpeng (Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 16/18] tests: crypto: add cipher speed benchmark support Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 17/18] tests: crypto: add hash " Longpeng(Mike)
2017-04-22 7:20 ` [Qemu-devel] [PATCH v3 18/18] tests: crypto: add hmac " Longpeng(Mike)
2017-04-22 7:41 ` [Qemu-devel] [PATCH v3 00/18] crypto: add afalg-backend support no-reply
2017-04-22 7:42 ` no-reply
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.