mirror of
https://github.com/xemu-project/xemu.git
synced 2024-11-28 14:00:44 +00:00
91bfcdb01d
Currently the choice of whether to use nettle or gcrypt is made based on what gnutls is linked to. There are times when it is desirable to be able to force build against a specific library. For example, if testing changes to QEMU's crypto code all 3 possible backends need to be checked regardless of what the local gnutls uses. It is also desirable to be able to enable nettle/gcrypt for cipher/hash algorithms, without enabling gnutls for TLS support. This gives two new configure flags, which allow the following possibilities Automatically determine nettle vs gcrypt from what gnutls links to (recommended to minimize number of crypto libraries linked to) ./configure Automatically determine nettle vs gcrypt based on which is installed ./configure --disable-gnutls Force use of nettle ./configure --enable-nettle Force use of gcrypt ./configure --enable-gcrypt Force use of built-in AES & crippled-DES ./configure --disable-nettle --disable-gcrypt Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
75 lines
2.2 KiB
C
75 lines
2.2 KiB
C
/*
|
|
* QEMU Crypto cipher algorithms
|
|
*
|
|
* Copyright (c) 2015 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
#include "crypto/cipher.h"
|
|
|
|
|
|
static size_t alg_key_len[QCRYPTO_CIPHER_ALG_LAST] = {
|
|
[QCRYPTO_CIPHER_ALG_AES_128] = 16,
|
|
[QCRYPTO_CIPHER_ALG_AES_192] = 24,
|
|
[QCRYPTO_CIPHER_ALG_AES_256] = 32,
|
|
[QCRYPTO_CIPHER_ALG_DES_RFB] = 8,
|
|
};
|
|
|
|
static bool
|
|
qcrypto_cipher_validate_key_length(QCryptoCipherAlgorithm alg,
|
|
size_t nkey,
|
|
Error **errp)
|
|
{
|
|
if ((unsigned)alg >= QCRYPTO_CIPHER_ALG_LAST) {
|
|
error_setg(errp, "Cipher algorithm %d out of range",
|
|
alg);
|
|
return false;
|
|
}
|
|
|
|
if (alg_key_len[alg] != nkey) {
|
|
error_setg(errp, "Cipher key length %zu should be %zu",
|
|
alg_key_len[alg], nkey);
|
|
return false;
|
|
}
|
|
return true;
|
|
}
|
|
|
|
#if defined(CONFIG_GCRYPT) || defined(CONFIG_NETTLE)
|
|
static uint8_t *
|
|
qcrypto_cipher_munge_des_rfb_key(const uint8_t *key,
|
|
size_t nkey)
|
|
{
|
|
uint8_t *ret = g_new0(uint8_t, nkey);
|
|
size_t i;
|
|
for (i = 0; i < nkey; i++) {
|
|
uint8_t r = key[i];
|
|
r = (r & 0xf0) >> 4 | (r & 0x0f) << 4;
|
|
r = (r & 0xcc) >> 2 | (r & 0x33) << 2;
|
|
r = (r & 0xaa) >> 1 | (r & 0x55) << 1;
|
|
ret[i] = r;
|
|
}
|
|
return ret;
|
|
}
|
|
#endif /* CONFIG_GCRYPT || CONFIG_NETTLE */
|
|
|
|
#ifdef CONFIG_GCRYPT
|
|
#include "crypto/cipher-gcrypt.c"
|
|
#elif defined CONFIG_NETTLE
|
|
#include "crypto/cipher-nettle.c"
|
|
#else
|
|
#include "crypto/cipher-builtin.c"
|
|
#endif
|