From patchwork Thu Mar 17 16:53:47 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: =?utf-8?q?Daniel_P=2E_Berrang=C3=A9?= X-Patchwork-Id: 8613291 Return-Path: X-Original-To: patchwork-qemu-devel@patchwork.kernel.org Delivered-To: patchwork-parsemail@patchwork1.web.kernel.org Received: from mail.kernel.org (mail.kernel.org [198.145.29.136]) by patchwork1.web.kernel.org (Postfix) with ESMTP id 7E1149F6E1 for ; Thu, 17 Mar 2016 16:54:33 +0000 (UTC) Received: from mail.kernel.org (localhost [127.0.0.1]) by mail.kernel.org (Postfix) with ESMTP id B4C2620218 for ; Thu, 17 Mar 2016 16:54:32 +0000 (UTC) Received: from lists.gnu.org (lists.gnu.org [208.118.235.17]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPS id A228620204 for ; Thu, 17 Mar 2016 16:54:31 +0000 (UTC) Received: from localhost ([::1]:36764 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1agbBv-0008R0-39 for patchwork-qemu-devel@patchwork.kernel.org; Thu, 17 Mar 2016 12:54:31 -0400 Received: from eggs.gnu.org ([2001:4830:134:3::10]:55006) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1agbBh-0008Me-8y for qemu-devel@nongnu.org; Thu, 17 Mar 2016 12:54:18 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1agbBg-0004On-2x for qemu-devel@nongnu.org; Thu, 17 Mar 2016 12:54:17 -0400 Received: from mx1.redhat.com ([209.132.183.28]:55979) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1agbBf-0004Og-Rb for qemu-devel@nongnu.org; Thu, 17 Mar 2016 12:54:16 -0400 Received: from int-mx10.intmail.prod.int.phx2.redhat.com (int-mx10.intmail.prod.int.phx2.redhat.com [10.5.11.23]) by mx1.redhat.com (Postfix) with ESMTPS id 6CEAD219F; Thu, 17 Mar 2016 16:54:15 +0000 (UTC) Received: from t530wlan.home.berrange.com.com (vpn1-7-40.ams2.redhat.com [10.36.7.40]) by int-mx10.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u2HGs6ol019889; Thu, 17 Mar 2016 12:54:14 -0400 From: "Daniel P. Berrange" To: qemu-devel@nongnu.org Date: Thu, 17 Mar 2016 16:53:47 +0000 Message-Id: <1458233634-27709-7-git-send-email-berrange@redhat.com> In-Reply-To: <1458233634-27709-1-git-send-email-berrange@redhat.com> References: <1458233634-27709-1-git-send-email-berrange@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.23 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 3.x X-Received-From: 209.132.183.28 Cc: Peter Maydell Subject: [Qemu-devel] [PULL v3 06/13] crypto: add support for the cast5-128 cipher algorithm X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org Sender: qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI, UNPARSEABLE_RELAY autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on mail.kernel.org X-Virus-Scanned: ClamAV using ClamSMTP A new cipher algorithm 'cast-5-128' is defined for the Cast-5 algorithm with 128 bit key size. Smaller key sizes are supported by Cast-5, but nothing in QEMU should use them, so only 128 bit keys are permitted. The nettle and gcrypt cipher backends are updated to support the new cipher and a test vector added to the cipher test suite. The new algorithm is enabled in the LUKS block encryption driver. Reviewed-by: Eric Blake Reviewed-by: Fam Zheng Signed-off-by: Daniel P. Berrange --- crypto/cipher-gcrypt.c | 18 +++++++++++++++++- crypto/cipher-nettle.c | 26 ++++++++++++++++++++++++++ crypto/cipher.c | 2 ++ qapi/crypto.json | 5 ++++- tests/test-crypto-cipher.c | 9 +++++++++ 5 files changed, 58 insertions(+), 2 deletions(-) diff --git a/crypto/cipher-gcrypt.c b/crypto/cipher-gcrypt.c index 56d4c9d..aa1d8c5 100644 --- a/crypto/cipher-gcrypt.c +++ b/crypto/cipher-gcrypt.c @@ -29,6 +29,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg) case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + case QCRYPTO_CIPHER_ALG_CAST5_128: return true; default: return false; @@ -84,6 +85,10 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, gcryalg = GCRY_CIPHER_AES256; break; + case QCRYPTO_CIPHER_ALG_CAST5_128: + gcryalg = GCRY_CIPHER_CAST5; + break; + default: error_setg(errp, "Unsupported cipher algorithm %d", alg); return NULL; @@ -113,7 +118,18 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, ctx->blocksize = 8; } else { err = gcry_cipher_setkey(ctx->handle, key, nkey); - ctx->blocksize = 16; + switch (cipher->alg) { + case QCRYPTO_CIPHER_ALG_AES_128: + case QCRYPTO_CIPHER_ALG_AES_192: + case QCRYPTO_CIPHER_ALG_AES_256: + ctx->blocksize = 16; + break; + case QCRYPTO_CIPHER_ALG_CAST5_128: + ctx->blocksize = 8; + break; + default: + g_assert_not_reached(); + } } if (err != 0) { error_setg(errp, "Cannot set key: %s", diff --git a/crypto/cipher-nettle.c b/crypto/cipher-nettle.c index cd2675c..cfa69cc 100644 --- a/crypto/cipher-nettle.c +++ b/crypto/cipher-nettle.c @@ -23,6 +23,7 @@ #include #include #include +#include #if CONFIG_NETTLE_VERSION_MAJOR < 3 typedef nettle_crypt_func nettle_cipher_func; @@ -63,6 +64,18 @@ static void des_decrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, des_decrypt(ctx, length, dst, src); } +static void cast128_encrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + cast128_encrypt(ctx, length, dst, src); +} + +static void cast128_decrypt_wrapper(cipher_ctx_t ctx, cipher_length_t length, + uint8_t *dst, const uint8_t *src) +{ + cast128_decrypt(ctx, length, dst, src); +} + typedef struct QCryptoCipherNettle QCryptoCipherNettle; struct QCryptoCipherNettle { void *ctx_encrypt; @@ -80,6 +93,7 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg) case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: + case QCRYPTO_CIPHER_ALG_CAST5_128: return true; default: return false; @@ -143,6 +157,18 @@ QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, ctx->blocksize = AES_BLOCK_SIZE; break; + + case QCRYPTO_CIPHER_ALG_CAST5_128: + ctx->ctx_encrypt = g_new0(struct cast128_ctx, 1); + ctx->ctx_decrypt = NULL; /* 1 ctx can do both */ + + cast5_set_key(ctx->ctx_encrypt, nkey, key); + + ctx->alg_encrypt = cast128_encrypt_wrapper; + ctx->alg_decrypt = cast128_decrypt_wrapper; + + ctx->blocksize = CAST128_BLOCK_SIZE; + break; default: error_setg(errp, "Unsupported cipher algorithm %d", alg); goto error; diff --git a/crypto/cipher.c b/crypto/cipher.c index 076dff0..9e0a226 100644 --- a/crypto/cipher.c +++ b/crypto/cipher.c @@ -27,6 +27,7 @@ static size_t alg_key_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_192] = 24, [QCRYPTO_CIPHER_ALG_AES_256] = 32, [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, + [QCRYPTO_CIPHER_ALG_CAST5_128] = 16, }; static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { @@ -34,6 +35,7 @@ static size_t alg_block_len[QCRYPTO_CIPHER_ALG__MAX] = { [QCRYPTO_CIPHER_ALG_AES_192] = 16, [QCRYPTO_CIPHER_ALG_AES_256] = 16, [QCRYPTO_CIPHER_ALG_DES_RFB] = 8, + [QCRYPTO_CIPHER_ALG_CAST5_128] = 8, }; static bool mode_need_iv[QCRYPTO_CIPHER_MODE__MAX] = { diff --git a/qapi/crypto.json b/qapi/crypto.json index 42b979a..0550ee7 100644 --- a/qapi/crypto.json +++ b/qapi/crypto.json @@ -59,11 +59,14 @@ # @aes-192: AES with 192 bit / 24 byte keys # @aes-256: AES with 256 bit / 32 byte keys # @des-rfb: RFB specific variant of single DES. Do not use except in VNC. +# @cast5-128: Cast5 with 128 bit / 16 byte keys # Since: 2.6 ## { 'enum': 'QCryptoCipherAlgorithm', 'prefix': 'QCRYPTO_CIPHER_ALG', - 'data': ['aes-128', 'aes-192', 'aes-256', 'des-rfb']} + 'data': ['aes-128', 'aes-192', 'aes-256', + 'des-rfb', + 'cast5-128']} ## diff --git a/tests/test-crypto-cipher.c b/tests/test-crypto-cipher.c index 7a073e9..a994ca9 100644 --- a/tests/test-crypto-cipher.c +++ b/tests/test-crypto-cipher.c @@ -165,6 +165,15 @@ static QCryptoCipherTestData test_data[] = { "ffd29f1bb5596ad94ea2d8e6196b7f09" "30d8ed0bf2773af36dd82a6280c20926", }, + { + /* RFC 2144, Appendix B.1 */ + .path = "/crypto/cipher/cast5-128", + .alg = QCRYPTO_CIPHER_ALG_CAST5_128, + .mode = QCRYPTO_CIPHER_MODE_ECB, + .key = "0123456712345678234567893456789A", + .plaintext = "0123456789abcdef", + .ciphertext = "238b4fe5847e44b2", + }, };