crypto: add support for nettle's native XTS impl

Nettle 3.5.0 will add support for the XTS mode. Use this because long
term we wish to delete QEMU's XTS impl to avoid carrying private crypto
algorithm impls.

Unfortunately this degrades nettle performance from 612 MB/s to 568 MB/s
as nettle's XTS impl isn't so well optimized yet.

Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Reviewed-by: Stefano Garzarella <sgarzare@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrangé 2019-10-14 17:28:27 +01:00
parent e0576942e0
commit dc2207af2d
2 changed files with 36 additions and 0 deletions

18
configure vendored
View File

@ -472,6 +472,7 @@ gtk_gl="no"
tls_priority="NORMAL" tls_priority="NORMAL"
gnutls="" gnutls=""
nettle="" nettle=""
nettle_xts="no"
gcrypt="" gcrypt=""
gcrypt_hmac="no" gcrypt_hmac="no"
gcrypt_xts="no" gcrypt_xts="no"
@ -2871,6 +2872,19 @@ if test "$nettle" != "no"; then
pass="yes" pass="yes"
fi fi
fi fi
if test "$pass" = "yes"
then
cat > $TMPC << EOF
#include <nettle/xts.h>
int main(void) {
return 0;
}
EOF
if compile_prog "$nettle_cflags" "$nettle_libs" ; then
nettle_xts=yes
qemu_private_xts=no
fi
fi
if test "$pass" = "no" && test "$nettle" = "yes"; then if test "$pass" = "no" && test "$nettle" = "yes"; then
feature_not_found "nettle" "Install nettle devel >= 2.7.1" feature_not_found "nettle" "Install nettle devel >= 2.7.1"
else else
@ -6346,6 +6360,10 @@ then
echo " XTS $gcrypt_xts" echo " XTS $gcrypt_xts"
fi fi
echo "nettle $nettle $(echo_version $nettle $nettle_version)" echo "nettle $nettle $(echo_version $nettle $nettle_version)"
if test "$nettle" = "yes"
then
echo " XTS $nettle_xts"
fi
echo "libtasn1 $tasn1" echo "libtasn1 $tasn1"
echo "PAM $auth_pam" echo "PAM $auth_pam"
echo "iconv support $iconv" echo "iconv support $iconv"

View File

@ -19,7 +19,9 @@
*/ */
#include "qemu/osdep.h" #include "qemu/osdep.h"
#ifdef CONFIG_QEMU_PRIVATE_XTS
#include "crypto/xts.h" #include "crypto/xts.h"
#endif
#include "cipherpriv.h" #include "cipherpriv.h"
#include <nettle/nettle-types.h> #include <nettle/nettle-types.h>
@ -30,6 +32,9 @@
#include <nettle/serpent.h> #include <nettle/serpent.h>
#include <nettle/twofish.h> #include <nettle/twofish.h>
#include <nettle/ctr.h> #include <nettle/ctr.h>
#ifndef CONFIG_QEMU_PRIVATE_XTS
#include <nettle/xts.h>
#endif
typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx, typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
size_t length, size_t length,
@ -626,9 +631,15 @@ qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher,
break; break;
case QCRYPTO_CIPHER_MODE_XTS: case QCRYPTO_CIPHER_MODE_XTS:
#ifdef CONFIG_QEMU_PRIVATE_XTS
xts_encrypt(ctx->ctx, ctx->ctx_tweak, xts_encrypt(ctx->ctx, ctx->ctx_tweak,
ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper, ctx->alg_encrypt_wrapper,
ctx->iv, len, out, in); ctx->iv, len, out, in);
#else
xts_encrypt_message(ctx->ctx, ctx->ctx_tweak,
ctx->alg_encrypt_native,
ctx->iv, len, out, in);
#endif
break; break;
case QCRYPTO_CIPHER_MODE_CTR: case QCRYPTO_CIPHER_MODE_CTR:
@ -673,9 +684,16 @@ qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher,
break; break;
case QCRYPTO_CIPHER_MODE_XTS: case QCRYPTO_CIPHER_MODE_XTS:
#ifdef CONFIG_QEMU_PRIVATE_XTS
xts_decrypt(ctx->ctx, ctx->ctx_tweak, xts_decrypt(ctx->ctx, ctx->ctx_tweak,
ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper, ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
ctx->iv, len, out, in); ctx->iv, len, out, in);
#else
xts_decrypt_message(ctx->ctx, ctx->ctx_tweak,
ctx->alg_decrypt_native,
ctx->alg_encrypt_native,
ctx->iv, len, out, in);
#endif
break; break;
case QCRYPTO_CIPHER_MODE_CTR: case QCRYPTO_CIPHER_MODE_CTR:
ctr_crypt(ctx->ctx, ctx->alg_encrypt_native, ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,