qapi/crypto: Rename QCryptoRSAPaddingAlgorithm to *Algo, and drop prefix
QAPI's 'prefix' feature can make the connection between enumeration type and its constants less than obvious. It's best used with restraint. QCryptoRSAPaddingAlgorithm has a 'prefix' that overrides the generated enumeration constants' prefix to QCRYPTO_RSA_PADDING_ALG. We could simply drop 'prefix', but then the prefix becomes QCRYPTO_RSA_PADDING_ALGORITHM, which is rather long. We could additionally rename the type to QCryptoRSAPaddingAlg, but I think the abbreviation "alg" is less than clear. Rename the type to QCryptoRSAPaddingAlgo instead. The prefix becomes QCRYPTO_RSA_PADDING_ALGO. Signed-off-by: Markus Armbruster <armbru@redhat.com> Acked-by: Daniel P. Berrangé <berrange@redhat.com> Message-ID: <20240904111836.3273842-16-armbru@redhat.com>
This commit is contained in:
Markus Armbruster
parent
cd48d82a50
commit
c96050f43e
@ -65,7 +65,7 @@ static void cryptodev_builtin_init_akcipher(CryptoDevBackend *backend)
|
||||
QCryptoAkCipherOptions opts;
|
||||
|
||||
opts.alg = QCRYPTO_AK_CIPHER_ALGO_RSA;
|
||||
opts.u.rsa.padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
|
||||
opts.u.rsa.padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW;
|
||||
if (qcrypto_akcipher_supports(&opts)) {
|
||||
backend->conf.crypto_services |=
|
||||
(1u << QCRYPTODEV_BACKEND_SERVICE_AKCIPHER);
|
||||
@ -200,12 +200,12 @@ static int cryptodev_builtin_set_rsa_options(
|
||||
return -1;
|
||||
}
|
||||
opt->hash_alg = hash_alg;
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1;
|
||||
return 0;
|
||||
}
|
||||
|
||||
if (virtio_padding_algo == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -139,14 +139,14 @@ static int cryptodev_lkcf_set_op_desc(QCryptoAkCipherOptions *opts,
|
||||
}
|
||||
|
||||
rsa_opt = &opts->u.rsa;
|
||||
if (rsa_opt->padding_alg == QCRYPTO_RSA_PADDING_ALG_PKCS1) {
|
||||
if (rsa_opt->padding_alg == QCRYPTO_RSA_PADDING_ALGO_PKCS1) {
|
||||
snprintf(key_desc, desc_len, "enc=%s hash=%s",
|
||||
QCryptoRSAPaddingAlgorithm_str(rsa_opt->padding_alg),
|
||||
QCryptoRSAPaddingAlgo_str(rsa_opt->padding_alg),
|
||||
QCryptoHashAlgo_str(rsa_opt->hash_alg));
|
||||
|
||||
} else {
|
||||
snprintf(key_desc, desc_len, "enc=%s",
|
||||
QCryptoRSAPaddingAlgorithm_str(rsa_opt->padding_alg));
|
||||
QCryptoRSAPaddingAlgo_str(rsa_opt->padding_alg));
|
||||
}
|
||||
return 0;
|
||||
}
|
||||
@ -157,7 +157,7 @@ static int cryptodev_lkcf_set_rsa_opt(int virtio_padding_alg,
|
||||
Error **errp)
|
||||
{
|
||||
if (virtio_padding_alg == VIRTIO_CRYPTO_RSA_PKCS1_PADDING) {
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1;
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1;
|
||||
|
||||
switch (virtio_hash_alg) {
|
||||
case VIRTIO_CRYPTO_RSA_MD5:
|
||||
@ -184,7 +184,7 @@ static int cryptodev_lkcf_set_rsa_opt(int virtio_padding_alg,
|
||||
}
|
||||
|
||||
if (virtio_padding_alg == VIRTIO_CRYPTO_RSA_RAW_PADDING) {
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW;
|
||||
opt->padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW;
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
||||
@ -32,7 +32,7 @@
|
||||
typedef struct QCryptoGcryptRSA {
|
||||
QCryptoAkCipher akcipher;
|
||||
gcry_sexp_t key;
|
||||
QCryptoRSAPaddingAlgorithm padding_alg;
|
||||
QCryptoRSAPaddingAlgo padding_alg;
|
||||
QCryptoHashAlgo hash_alg;
|
||||
} QCryptoGcryptRSA;
|
||||
|
||||
@ -241,7 +241,7 @@ static int qcrypto_gcrypt_rsa_encrypt(QCryptoAkCipher *akcipher,
|
||||
|
||||
err = gcry_sexp_build(&data_sexp, NULL,
|
||||
"(data (flags %s) (value %b))",
|
||||
QCryptoRSAPaddingAlgorithm_str(rsa->padding_alg),
|
||||
QCryptoRSAPaddingAlgo_str(rsa->padding_alg),
|
||||
in_len, in);
|
||||
if (gcry_err_code(err) != 0) {
|
||||
error_setg(errp, "Failed to build plaintext: %s/%s",
|
||||
@ -263,7 +263,7 @@ static int qcrypto_gcrypt_rsa_encrypt(QCryptoAkCipher *akcipher,
|
||||
goto cleanup;
|
||||
}
|
||||
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALG_RAW) {
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALGO_RAW) {
|
||||
cipher_mpi = gcry_sexp_nth_mpi(cipher_sexp_item, 1, GCRYMPI_FMT_USG);
|
||||
if (!cipher_mpi) {
|
||||
error_setg(errp, "Invalid ciphertext result");
|
||||
@ -332,7 +332,7 @@ static int qcrypto_gcrypt_rsa_decrypt(QCryptoAkCipher *akcipher,
|
||||
|
||||
err = gcry_sexp_build(&cipher_sexp, NULL,
|
||||
"(enc-val (flags %s) (rsa (a %b) ))",
|
||||
QCryptoRSAPaddingAlgorithm_str(rsa->padding_alg),
|
||||
QCryptoRSAPaddingAlgo_str(rsa->padding_alg),
|
||||
in_len, in);
|
||||
if (gcry_err_code(err) != 0) {
|
||||
error_setg(errp, "Failed to build ciphertext: %s/%s",
|
||||
@ -348,7 +348,7 @@ static int qcrypto_gcrypt_rsa_decrypt(QCryptoAkCipher *akcipher,
|
||||
}
|
||||
|
||||
/* S-expression of plaintext: (value plaintext) */
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALG_RAW) {
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALGO_RAW) {
|
||||
data_mpi = gcry_sexp_nth_mpi(data_sexp, 1, GCRYMPI_FMT_USG);
|
||||
if (!data_mpi) {
|
||||
error_setg(errp, "Invalid plaintext result");
|
||||
@ -410,7 +410,7 @@ static int qcrypto_gcrypt_rsa_sign(QCryptoAkCipher *akcipher,
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (rsa->padding_alg != QCRYPTO_RSA_PADDING_ALG_PKCS1) {
|
||||
if (rsa->padding_alg != QCRYPTO_RSA_PADDING_ALGO_PKCS1) {
|
||||
error_setg(errp, "Invalid padding %u", rsa->padding_alg);
|
||||
return ret;
|
||||
}
|
||||
@ -482,7 +482,7 @@ static int qcrypto_gcrypt_rsa_verify(QCryptoAkCipher *akcipher,
|
||||
return ret;
|
||||
}
|
||||
|
||||
if (rsa->padding_alg != QCRYPTO_RSA_PADDING_ALG_PKCS1) {
|
||||
if (rsa->padding_alg != QCRYPTO_RSA_PADDING_ALGO_PKCS1) {
|
||||
error_setg(errp, "Invalid padding %u", rsa->padding_alg);
|
||||
return ret;
|
||||
}
|
||||
@ -570,10 +570,10 @@ bool qcrypto_akcipher_supports(QCryptoAkCipherOptions *opts)
|
||||
switch (opts->alg) {
|
||||
case QCRYPTO_AK_CIPHER_ALGO_RSA:
|
||||
switch (opts->u.rsa.padding_alg) {
|
||||
case QCRYPTO_RSA_PADDING_ALG_RAW:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_RAW:
|
||||
return true;
|
||||
|
||||
case QCRYPTO_RSA_PADDING_ALG_PKCS1:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_PKCS1:
|
||||
switch (opts->u.rsa.hash_alg) {
|
||||
case QCRYPTO_HASH_ALGO_MD5:
|
||||
case QCRYPTO_HASH_ALGO_SHA1:
|
||||
|
||||
@ -33,7 +33,7 @@ typedef struct QCryptoNettleRSA {
|
||||
QCryptoAkCipher akcipher;
|
||||
struct rsa_public_key pub;
|
||||
struct rsa_private_key priv;
|
||||
QCryptoRSAPaddingAlgorithm padding_alg;
|
||||
QCryptoRSAPaddingAlgo padding_alg;
|
||||
QCryptoHashAlgo hash_alg;
|
||||
} QCryptoNettleRSA;
|
||||
|
||||
@ -184,11 +184,11 @@ static int qcrypto_nettle_rsa_encrypt(QCryptoAkCipher *akcipher,
|
||||
|
||||
/* Nettle do not support RSA encryption without any padding */
|
||||
switch (rsa->padding_alg) {
|
||||
case QCRYPTO_RSA_PADDING_ALG_RAW:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_RAW:
|
||||
error_setg(errp, "RSA with raw padding is not supported");
|
||||
break;
|
||||
|
||||
case QCRYPTO_RSA_PADDING_ALG_PKCS1:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_PKCS1:
|
||||
mpz_init(c);
|
||||
if (rsa_encrypt(&rsa->pub, NULL, wrap_nettle_random_func,
|
||||
data_len, (uint8_t *)data, c) != 1) {
|
||||
@ -223,11 +223,11 @@ static int qcrypto_nettle_rsa_decrypt(QCryptoAkCipher *akcipher,
|
||||
}
|
||||
|
||||
switch (rsa->padding_alg) {
|
||||
case QCRYPTO_RSA_PADDING_ALG_RAW:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_RAW:
|
||||
error_setg(errp, "RSA with raw padding is not supported");
|
||||
break;
|
||||
|
||||
case QCRYPTO_RSA_PADDING_ALG_PKCS1:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_PKCS1:
|
||||
nettle_mpz_init_set_str_256_u(c, enc_len, enc);
|
||||
if (!rsa_decrypt(&rsa->priv, &data_len, (uint8_t *)data, c)) {
|
||||
error_setg(errp, "Failed to decrypt");
|
||||
@ -257,7 +257,7 @@ static int qcrypto_nettle_rsa_sign(QCryptoAkCipher *akcipher,
|
||||
* The RSA algorithm cannot be used for signature/verification
|
||||
* without padding.
|
||||
*/
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALG_RAW) {
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALGO_RAW) {
|
||||
error_setg(errp, "Try to make signature without padding");
|
||||
return ret;
|
||||
}
|
||||
@ -324,7 +324,7 @@ static int qcrypto_nettle_rsa_verify(QCryptoAkCipher *akcipher,
|
||||
* The RSA algorithm cannot be used for signature/verification
|
||||
* without padding.
|
||||
*/
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALG_RAW) {
|
||||
if (rsa->padding_alg == QCRYPTO_RSA_PADDING_ALGO_RAW) {
|
||||
error_setg(errp, "Try to verify signature without padding");
|
||||
return ret;
|
||||
}
|
||||
@ -427,7 +427,7 @@ bool qcrypto_akcipher_supports(QCryptoAkCipherOptions *opts)
|
||||
switch (opts->alg) {
|
||||
case QCRYPTO_AK_CIPHER_ALGO_RSA:
|
||||
switch (opts->u.rsa.padding_alg) {
|
||||
case QCRYPTO_RSA_PADDING_ALG_PKCS1:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_PKCS1:
|
||||
switch (opts->u.rsa.hash_alg) {
|
||||
case QCRYPTO_HASH_ALGO_MD5:
|
||||
case QCRYPTO_HASH_ALGO_SHA1:
|
||||
@ -439,7 +439,7 @@ bool qcrypto_akcipher_supports(QCryptoAkCipherOptions *opts)
|
||||
return false;
|
||||
}
|
||||
|
||||
case QCRYPTO_RSA_PADDING_ALG_RAW:
|
||||
case QCRYPTO_RSA_PADDING_ALGO_RAW:
|
||||
default:
|
||||
return false;
|
||||
}
|
||||
|
||||
@ -608,7 +608,7 @@
|
||||
'data': ['public', 'private']}
|
||||
|
||||
##
|
||||
# @QCryptoRSAPaddingAlgorithm:
|
||||
# @QCryptoRSAPaddingAlgo:
|
||||
#
|
||||
# The padding algorithm for RSA.
|
||||
#
|
||||
@ -618,8 +618,7 @@
|
||||
#
|
||||
# Since: 7.1
|
||||
##
|
||||
{ 'enum': 'QCryptoRSAPaddingAlgorithm',
|
||||
'prefix': 'QCRYPTO_RSA_PADDING_ALG',
|
||||
{ 'enum': 'QCryptoRSAPaddingAlgo',
|
||||
'data': ['raw', 'pkcs1']}
|
||||
|
||||
##
|
||||
@ -629,13 +628,13 @@
|
||||
#
|
||||
# @hash-alg: QCryptoHashAlgo
|
||||
#
|
||||
# @padding-alg: QCryptoRSAPaddingAlgorithm
|
||||
# @padding-alg: QCryptoRSAPaddingAlgo
|
||||
#
|
||||
# Since: 7.1
|
||||
##
|
||||
{ 'struct': 'QCryptoAkCipherOptionsRSA',
|
||||
'data': { 'hash-alg':'QCryptoHashAlgo',
|
||||
'padding-alg': 'QCryptoRSAPaddingAlgorithm'}}
|
||||
'padding-alg': 'QCryptoRSAPaddingAlgo'}}
|
||||
|
||||
##
|
||||
# @QCryptoAkCipherOptions:
|
||||
|
||||
@ -20,7 +20,7 @@
|
||||
|
||||
static QCryptoAkCipher *create_rsa_akcipher(const uint8_t *priv_key,
|
||||
size_t keylen,
|
||||
QCryptoRSAPaddingAlgorithm padding,
|
||||
QCryptoRSAPaddingAlgo padding,
|
||||
QCryptoHashAlgo hash)
|
||||
{
|
||||
QCryptoAkCipherOptions opt;
|
||||
@ -39,7 +39,7 @@ static void test_rsa_speed(const uint8_t *priv_key, size_t keylen,
|
||||
#define SHA1_DGST_LEN 20
|
||||
#define SIGN_TIMES 10000
|
||||
#define VERIFY_TIMES 100000
|
||||
#define PADDING QCRYPTO_RSA_PADDING_ALG_PKCS1
|
||||
#define PADDING QCRYPTO_RSA_PADDING_ALGO_PKCS1
|
||||
#define HASH QCRYPTO_HASH_ALGO_SHA1
|
||||
|
||||
g_autoptr(QCryptoAkCipher) rsa =
|
||||
@ -53,7 +53,7 @@ static void test_rsa_speed(const uint8_t *priv_key, size_t keylen,
|
||||
signature = g_new0(uint8_t, key_size / BYTE);
|
||||
|
||||
g_test_message("benchmark rsa%zu (%s-%s) sign...", key_size,
|
||||
QCryptoRSAPaddingAlgorithm_str(PADDING),
|
||||
QCryptoRSAPaddingAlgo_str(PADDING),
|
||||
QCryptoHashAlgo_str(HASH));
|
||||
g_test_timer_start();
|
||||
for (count = 0; count < SIGN_TIMES; ++count) {
|
||||
@ -64,13 +64,13 @@ static void test_rsa_speed(const uint8_t *priv_key, size_t keylen,
|
||||
g_test_timer_elapsed();
|
||||
g_test_message("rsa%zu (%s-%s) sign %zu times in %.2f seconds,"
|
||||
" %.2f times/sec ",
|
||||
key_size, QCryptoRSAPaddingAlgorithm_str(PADDING),
|
||||
key_size, QCryptoRSAPaddingAlgo_str(PADDING),
|
||||
QCryptoHashAlgo_str(HASH),
|
||||
count, g_test_timer_last(),
|
||||
(double)count / g_test_timer_last());
|
||||
|
||||
g_test_message("benchmark rsa%zu (%s-%s) verification...", key_size,
|
||||
QCryptoRSAPaddingAlgorithm_str(PADDING),
|
||||
QCryptoRSAPaddingAlgo_str(PADDING),
|
||||
QCryptoHashAlgo_str(HASH));
|
||||
g_test_timer_start();
|
||||
for (count = 0; count < VERIFY_TIMES; ++count) {
|
||||
@ -81,7 +81,7 @@ static void test_rsa_speed(const uint8_t *priv_key, size_t keylen,
|
||||
g_test_timer_elapsed();
|
||||
g_test_message("rsa%zu (%s-%s) verify %zu times in %.2f seconds,"
|
||||
" %.2f times/sec ",
|
||||
key_size, QCryptoRSAPaddingAlgorithm_str(PADDING),
|
||||
key_size, QCryptoRSAPaddingAlgo_str(PADDING),
|
||||
QCryptoHashAlgo_str(HASH),
|
||||
count, g_test_timer_last(),
|
||||
(double)count / g_test_timer_last());
|
||||
|
||||
@ -787,7 +787,7 @@ static QCryptoAkCipherTestData akcipher_test_data[] = {
|
||||
.opt = {
|
||||
.alg = QCRYPTO_AK_CIPHER_ALGO_RSA,
|
||||
.u.rsa = {
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW,
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW,
|
||||
},
|
||||
},
|
||||
.pub_key = rsa1024_public_key,
|
||||
@ -807,7 +807,7 @@ static QCryptoAkCipherTestData akcipher_test_data[] = {
|
||||
.opt = {
|
||||
.alg = QCRYPTO_AK_CIPHER_ALGO_RSA,
|
||||
.u.rsa = {
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1,
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1,
|
||||
.hash_alg = QCRYPTO_HASH_ALGO_SHA1,
|
||||
},
|
||||
},
|
||||
@ -832,7 +832,7 @@ static QCryptoAkCipherTestData akcipher_test_data[] = {
|
||||
.opt = {
|
||||
.alg = QCRYPTO_AK_CIPHER_ALGO_RSA,
|
||||
.u.rsa = {
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALG_RAW,
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALGO_RAW,
|
||||
},
|
||||
},
|
||||
.pub_key = rsa2048_public_key,
|
||||
@ -852,7 +852,7 @@ static QCryptoAkCipherTestData akcipher_test_data[] = {
|
||||
.opt = {
|
||||
.alg = QCRYPTO_AK_CIPHER_ALGO_RSA,
|
||||
.u.rsa = {
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1,
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1,
|
||||
.hash_alg = QCRYPTO_HASH_ALGO_SHA1,
|
||||
},
|
||||
},
|
||||
@ -946,7 +946,7 @@ static void test_rsakey(const void *opaque)
|
||||
QCryptoAkCipherOptions opt = {
|
||||
.alg = QCRYPTO_AK_CIPHER_ALGO_RSA,
|
||||
.u.rsa = {
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALG_PKCS1,
|
||||
.padding_alg = QCRYPTO_RSA_PADDING_ALGO_PKCS1,
|
||||
.hash_alg = QCRYPTO_HASH_ALGO_SHA1,
|
||||
}
|
||||
};
|
||||
|
||||
Loading…
Reference in New Issue
Block a user