On Wed, Aug 12, 2020 at 08:25:36PM -0700, Richard Henderson wrote:
> Use separate classes for each cipher entry point: des_rfb, des3,
> aes128, aes192, aes256, cast128, serpent, and twofish.
>
> Generate wrappers for XTS only for CONFIG_QEMU_PRIVATE_XTS.
> This eliminates unreachable wrappers for DES_RFB, DES3 and
> CAST128, which have blocksizes that do not allow XTS mode.
>
> Signed-off-by: Richard Henderson <richard.hender...@linaro.org>
> ---
> crypto/cipher-nettle.inc.c | 987 +++++++++++++++++++------------------
> 1 file changed, 503 insertions(+), 484 deletions(-)
>
> diff --git a/crypto/cipher-nettle.inc.c b/crypto/cipher-nettle.inc.c
> index 36d57ef430..a1f4f6eac6 100644
> --- a/crypto/cipher-nettle.inc.c
> +++ b/crypto/cipher-nettle.inc.c
> @@ -34,8 +34,6 @@
> #include <nettle/xts.h>
> #endif
>
> -static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver;
> -
> typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
> size_t length,
> uint8_t *dst,
> @@ -75,62 +73,212 @@ typedef const void * cipher_ctx_t;
> typedef size_t cipher_length_t;
> #endif
>
> -typedef struct QCryptoNettleAES128 {
> - struct aes128_ctx enc;
> - struct aes128_ctx dec;
> -} QCryptoNettleAES128;
> -
> -typedef struct QCryptoNettleAES192 {
> - struct aes192_ctx enc;
> - struct aes192_ctx dec;
> -} QCryptoNettleAES192;
> -
> -typedef struct QCryptoNettleAES256 {
> - struct aes256_ctx enc;
> - struct aes256_ctx dec;
> -} QCryptoNettleAES256;
> -
> -static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static inline bool qcrypto_length_check(size_t len, size_t blocksize,
> + Error **errp)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> + if (unlikely(len & (blocksize - 1))) {
> + error_setg(errp, "Length %zu must be a multiple of block size %zu",
> + len, blocksize);
> + return false;
> + }
> + return true;
> }
>
> -static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +
> +static void qcrypto_cipher_ctx_free(QCryptoCipher *ctx)
> {
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> + g_free(ctx);
> }
>
> -static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> +static int qcrypto_cipher_no_setiv(QCryptoCipher *cipher,
> + const uint8_t *iv, size_t niv,
> + Error **errp)
> {
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> + error_setg(errp, "Setting IV is not supported");
> + return -1;
> }
>
> -static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> +
> +#define DEFINE_SETIV(NAME, TYPE, BLEN) \
> +static int NAME##_setiv(QCryptoCipher *cipher, const uint8_t *iv, \
> + size_t niv, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (niv != BLEN) { \
> + error_setg(errp, "Expected IV size %d not %zu", BLEN, niv); \
> + return -1; \
> + } \
> + memcpy(ctx->iv, iv, niv); \
> + return 0; \
> }
>
> -static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
>
> -static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> +#define DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ENCRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_ecb(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + DECRYPT(&ctx->key, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ecb = { \
> + .cipher_encrypt = NAME##_encrypt_ecb, \
> + .cipher_decrypt = NAME##_decrypt_ecb, \
> + .cipher_setiv = qcrypto_cipher_no_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_encrypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_cbc(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + cbc_decrypt(&ctx->key, DECRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_cbc = { \
> + .cipher_encrypt = NAME##_encrypt_cbc, \
> + .cipher_decrypt = NAME##_decrypt_cbc, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT) \
> +static int NAME##_encrypt_ctr(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + ctr_crypt(&ctx->key, ENCRYPT, BLEN, ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static const struct QCryptoCipherDriver NAME##_driver_ctr = { \
> + .cipher_encrypt = NAME##_encrypt_ctr, \
> + .cipher_decrypt = NAME##_encrypt_ctr, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#ifdef CONFIG_QEMU_PRIVATE_XTS
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static void NAME##_xts_wrape(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + ENCRYPT(ctx, length, dst, src); \
> +} \
> +static void NAME##_xts_wrapd(const void *ctx, size_t length, \
> + uint8_t *dst, const uint8_t *src) \
> +{ \
> + DECRYPT(ctx, length, dst, src); \
> +} \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt(&ctx->key, &ctx->key_xts, \
> + NAME##_xts_wrape, NAME##_xts_wrapd, \
> + ctx->iv, len, out, in); \
> + return 0; \
> }
> +#else
> +#define DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static int NAME##_encrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_encrypt_message(&ctx->key, &ctx->key_xts, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +} \
> +static int NAME##_decrypt_xts(QCryptoCipher *cipher, const void *in, \
> + void *out, size_t len, Error **errp) \
> +{ \
> + TYPE *ctx = container_of(cipher, TYPE, base); \
> + if (!qcrypto_length_check(len, BLEN, errp)) { \
> + return -1; \
> + } \
> + xts_decrypt_message(&ctx->key, &ctx->key_xts, DECRYPT, ENCRYPT, \
> + ctx->iv, len, out, in); \
> + return 0; \
> +}
> +#endif
> +
> +#define DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + QEMU_BUILD_BUG_ON(BLEN != XTS_BLOCK_SIZE); \
> + DEFINE__XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> +static const struct QCryptoCipherDriver NAME##_driver_xts = { \
> + .cipher_encrypt = NAME##_encrypt_xts, \
> + .cipher_decrypt = NAME##_decrypt_xts, \
> + .cipher_setiv = NAME##_setiv, \
> + .cipher_free = qcrypto_cipher_ctx_free, \
> +};
> +
> +
> +#define DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_SETIV(NAME, TYPE, BLEN) \
> + DEFINE_ECB(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CBC(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_CTR(NAME, TYPE, BLEN, ENCRYPT)
> +
> +#define DEFINE_ECB_CBC_CTR_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_ECB_CBC_CTR(NAME, TYPE, BLEN, ENCRYPT, DECRYPT) \
> + DEFINE_XTS(NAME, TYPE, BLEN, ENCRYPT, DECRYPT)
> +
> +
> +typedef struct QCryptoNettleDESRFB {
> + QCryptoCipher base;
> + struct des_ctx key;
> + uint8_t iv[DES_BLOCK_SIZE];
> +} QCryptoNettleDESRFB;
>
> static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> @@ -144,6 +292,16 @@ static void des_decrypt_native(cipher_ctx_t ctx,
> cipher_length_t length,
> des_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des_rfb, QCryptoNettleDESRFB,
> + DES_BLOCK_SIZE, des_encrypt_native, des_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleDES3 {
> + QCryptoCipher base;
> + struct des3_ctx key;
> + uint8_t iv[DES3_BLOCK_SIZE];
> +} QCryptoNettleDES3;
> +
> static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -156,6 +314,94 @@ static void des3_decrypt_native(cipher_ctx_t ctx,
> cipher_length_t length,
> des3_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_des3, QCryptoNettleDES3, DES3_BLOCK_SIZE,
> + des3_encrypt_native, des3_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES128 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes128_ctx key[2], key_xts[2];
> +} QCryptoNettleAES128;
> +
> +static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes128_ctx *keys = ctx;
> + aes128_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes128,
> + QCryptoNettleAES128, AES_BLOCK_SIZE,
> + aes128_encrypt_native, aes128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES192 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes192_ctx key[2], key_xts[2];
> +} QCryptoNettleAES192;
> +
> +static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes192_ctx *keys = ctx;
> + aes192_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes192,
> + QCryptoNettleAES192, AES_BLOCK_SIZE,
> + aes192_encrypt_native, aes192_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleAES256 {
> + QCryptoCipher base;
> + uint8_t iv[AES_BLOCK_SIZE];
> + /* First key from pair is encode, second key is decode. */
> + struct aes256_ctx key[2], key_xts[2];
> +} QCryptoNettleAES256;
> +
> +static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_encrypt(&keys[0], length, dst, src);
> +}
> +
> +static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> + uint8_t *dst, const uint8_t *src)
> +{
> + const struct aes256_ctx *keys = ctx;
> + aes256_decrypt(&keys[1], length, dst, src);
> +}
> +
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_aes256,
> + QCryptoNettleAES256, AES_BLOCK_SIZE,
> + aes256_encrypt_native, aes256_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleCAST128 {
> + QCryptoCipher base;
> + uint8_t iv[CAST128_BLOCK_SIZE];
> + struct cast128_ctx key, key_xts;
> +} QCryptoNettleCAST128;
> +
> static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -168,6 +414,18 @@ static void cast128_decrypt_native(cipher_ctx_t ctx,
> cipher_length_t length,
> cast128_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR(qcrypto_nettle_cast128,
> + QCryptoNettleCAST128, CAST128_BLOCK_SIZE,
> + cast128_encrypt_native, cast128_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleSerpent {
> + QCryptoCipher base;
> + uint8_t iv[SERPENT_BLOCK_SIZE];
> + struct serpent_ctx key, key_xts;
> +} QCryptoNettleSerpent;
> +
> +
> static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -180,6 +438,17 @@ static void serpent_decrypt_native(cipher_ctx_t ctx,
> cipher_length_t length,
> serpent_decrypt(ctx, length, dst, src);
> }
>
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_serpent,
> + QCryptoNettleSerpent, SERPENT_BLOCK_SIZE,
> + serpent_encrypt_native, serpent_decrypt_native)
> +
> +
> +typedef struct QCryptoNettleTwofish {
> + QCryptoCipher base;
> + uint8_t iv[TWOFISH_BLOCK_SIZE];
> + struct twofish_ctx key, key_xts;
> +} QCryptoNettleTwofish;
> +
> static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
> uint8_t *dst, const uint8_t *src)
> {
> @@ -192,125 +461,10 @@ static void twofish_decrypt_native(cipher_ctx_t ctx,
> cipher_length_t length,
> twofish_decrypt(ctx, length, dst, src);
> }
>
> -static void aes128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_encrypt(&aesctx->enc, length, dst, src);
> -}
> +DEFINE_ECB_CBC_CTR_XTS(qcrypto_nettle_twofish,
> + QCryptoNettleTwofish, TWOFISH_BLOCK_SIZE,
> + twofish_encrypt_native, twofish_decrypt_native)
>
> -static void aes128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES128 *aesctx = ctx;
> - aes128_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes192_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes192_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES192 *aesctx = ctx;
> - aes192_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void aes256_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_encrypt(&aesctx->enc, length, dst, src);
> -}
> -
> -static void aes256_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - const QCryptoNettleAES256 *aesctx = ctx;
> - aes256_decrypt(&aesctx->dec, length, dst, src);
> -}
> -
> -static void des_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des_decrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_encrypt(ctx, length, dst, src);
> -}
> -
> -static void des3_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - des3_decrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_encrypt(ctx, length, dst, src);
> -}
> -
> -static void cast128_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - cast128_decrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_encrypt(ctx, length, dst, src);
> -}
> -
> -static void serpent_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - serpent_decrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_encrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_encrypt(ctx, length, dst, src);
> -}
> -
> -static void twofish_decrypt_wrapper(const void *ctx, size_t length,
> - uint8_t *dst, const uint8_t *src)
> -{
> - twofish_decrypt(ctx, length, dst, src);
> -}
> -
> -typedef struct QCryptoCipherNettle QCryptoCipherNettle;
> -struct QCryptoCipherNettle {
> - QCryptoCipher base;
> -
> - /* Primary cipher context for all modes */
> - void *ctx;
> - /* Second cipher context for XTS mode only */
> - void *ctx_tweak;
> - /* Cipher callbacks for both contexts */
> - QCryptoCipherNettleFuncNative alg_encrypt_native;
> - QCryptoCipherNettleFuncNative alg_decrypt_native;
> - QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
> - QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
> - /* Initialization vector or Counter */
> - uint8_t *iv;
> - size_t blocksize;
> -};
>
> bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode)
> @@ -344,30 +498,12 @@ bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
> }
> }
>
> -
> -static void
> -qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
> -{
> - if (!ctx) {
> - return;
> - }
> -
> - g_free(ctx->iv);
> - g_free(ctx->ctx);
> - g_free(ctx->ctx_tweak);
> - g_free(ctx);
> -}
> -
> -
> static QCryptoCipher *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> QCryptoCipherMode mode,
> const uint8_t *key,
> size_t nkey,
> Error **errp)
> {
> - QCryptoCipherNettle *ctx;
> - uint8_t *rfbkey;
> -
> switch (mode) {
> case QCRYPTO_CIPHER_MODE_ECB:
> case QCRYPTO_CIPHER_MODE_CBC:
> @@ -375,6 +511,7 @@ static QCryptoCipher
> *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
> case QCRYPTO_CIPHER_MODE_CTR:
> break;
> default:
> + bad_cipher_mode:
> error_setg(errp, "Unsupported cipher mode %s",
> QCryptoCipherMode_str(mode));
Lets put this jump target at the end of the method, so we avoid having
to jump backwards in the code.
Aside from that
Reviewed-by: Daniel P. Berrangé <berra...@redhat.com>
Regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
