QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { QCryptoCipher *cipher; gcry_cipher_hd_t handle; gcry_error_t err; int gcryalg, gcrymode; switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: gcrymode = GCRY_CIPHER_MODE_ECB; break; case QCRYPTO_CIPHER_MODE_CBC: gcrymode = GCRY_CIPHER_MODE_CBC; break; default: error_setg(errp, "Unsupported cipher mode %d", mode); return NULL; } if (!qcrypto_cipher_validate_key_length(alg, nkey, errp)) { return NULL; } switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: gcryalg = GCRY_CIPHER_DES; break; case QCRYPTO_CIPHER_ALG_AES_128: gcryalg = GCRY_CIPHER_AES128; break; case QCRYPTO_CIPHER_ALG_AES_192: gcryalg = GCRY_CIPHER_AES192; break; case QCRYPTO_CIPHER_ALG_AES_256: gcryalg = GCRY_CIPHER_AES256; break; default: error_setg(errp, "Unsupported cipher algorithm %d", alg); return NULL; } cipher = g_new0(QCryptoCipher, 1); cipher->alg = alg; cipher->mode = mode; err = gcry_cipher_open(&handle, gcryalg, gcrymode, 0); if (err != 0) { error_setg(errp, "Cannot initialize cipher: %s", gcry_strerror(err)); goto error; } if (cipher->alg == QCRYPTO_CIPHER_ALG_DES_RFB) { /* We're using standard DES cipher from gcrypt, so we need * to munge the key so that the results are the same as the * bizarre RFB variant of DES :-) */ uint8_t *rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); err = gcry_cipher_setkey(handle, rfbkey, nkey); g_free(rfbkey); } else { err = gcry_cipher_setkey(handle, key, nkey); } if (err != 0) { error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); goto error; } cipher->opaque = handle; return cipher; error: gcry_cipher_close(handle); g_free(cipher); return NULL; }
QCryptoCipher *qcrypto_cipher_new(QCryptoCipherAlgorithm alg, QCryptoCipherMode mode, const uint8_t *key, size_t nkey, Error **errp) { QCryptoCipher *cipher; QCryptoCipherNettle *ctx; uint8_t *rfbkey; switch (mode) { case QCRYPTO_CIPHER_MODE_ECB: case QCRYPTO_CIPHER_MODE_CBC: break; default: error_setg(errp, "Unsupported cipher mode %d", mode); return NULL; } if (!qcrypto_cipher_validate_key_length(alg, nkey, errp)) { return NULL; } cipher = g_new0(QCryptoCipher, 1); cipher->alg = alg; cipher->mode = mode; ctx = g_new0(QCryptoCipherNettle, 1); switch (alg) { case QCRYPTO_CIPHER_ALG_DES_RFB: ctx->ctx_encrypt = g_new0(struct des_ctx, 1); ctx->ctx_decrypt = NULL; /* 1 ctx can do both */ rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey); des_set_key(ctx->ctx_encrypt, rfbkey); g_free(rfbkey); ctx->alg_encrypt = des_encrypt_wrapper; ctx->alg_decrypt = des_decrypt_wrapper; ctx->blocksize = DES_BLOCK_SIZE; break; case QCRYPTO_CIPHER_ALG_AES_128: case QCRYPTO_CIPHER_ALG_AES_192: case QCRYPTO_CIPHER_ALG_AES_256: ctx->ctx_encrypt = g_new0(struct aes_ctx, 1); ctx->ctx_decrypt = g_new0(struct aes_ctx, 1); aes_set_encrypt_key(ctx->ctx_encrypt, nkey, key); aes_set_decrypt_key(ctx->ctx_decrypt, nkey, key); ctx->alg_encrypt = aes_encrypt_wrapper; ctx->alg_decrypt = aes_decrypt_wrapper; ctx->blocksize = AES_BLOCK_SIZE; break; default: error_setg(errp, "Unsupported cipher algorithm %d", alg); goto error; } ctx->iv = g_new0(uint8_t, ctx->blocksize); cipher->opaque = ctx; return cipher; error: g_free(cipher); g_free(ctx); return NULL; }