2 * QEMU Crypto cipher nettle algorithms
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #ifdef CONFIG_QEMU_PRIVATE_XTS
22 #include "crypto/xts.h"
25 #include <nettle/nettle-types.h>
26 #include <nettle/aes.h>
27 #include <nettle/des.h>
28 #include <nettle/cbc.h>
29 #include <nettle/cast128.h>
30 #include <nettle/serpent.h>
31 #include <nettle/twofish.h>
32 #include <nettle/ctr.h>
33 #ifndef CONFIG_QEMU_PRIVATE_XTS
34 #include <nettle/xts.h>
37 typedef void (*QCryptoCipherNettleFuncWrapper)(const void *ctx,
42 #if CONFIG_NETTLE_VERSION_MAJOR < 3
43 typedef nettle_crypt_func * QCryptoCipherNettleFuncNative;
44 typedef void * cipher_ctx_t;
45 typedef unsigned cipher_length_t;
47 #define cast5_set_key cast128_set_key
49 #define aes128_ctx aes_ctx
50 #define aes192_ctx aes_ctx
51 #define aes256_ctx aes_ctx
52 #define aes128_set_encrypt_key(c, k) \
53 aes_set_encrypt_key(c, 16, k)
54 #define aes192_set_encrypt_key(c, k) \
55 aes_set_encrypt_key(c, 24, k)
56 #define aes256_set_encrypt_key(c, k) \
57 aes_set_encrypt_key(c, 32, k)
58 #define aes128_set_decrypt_key(c, k) \
59 aes_set_decrypt_key(c, 16, k)
60 #define aes192_set_decrypt_key(c, k) \
61 aes_set_decrypt_key(c, 24, k)
62 #define aes256_set_decrypt_key(c, k) \
63 aes_set_decrypt_key(c, 32, k)
64 #define aes128_encrypt aes_encrypt
65 #define aes192_encrypt aes_encrypt
66 #define aes256_encrypt aes_encrypt
67 #define aes128_decrypt aes_decrypt
68 #define aes192_decrypt aes_decrypt
69 #define aes256_decrypt aes_decrypt
71 typedef nettle_cipher_func * QCryptoCipherNettleFuncNative;
72 typedef const void * cipher_ctx_t;
73 typedef size_t cipher_length_t;
76 typedef struct QCryptoNettleAES128 {
77 struct aes128_ctx enc;
78 struct aes128_ctx dec;
79 } QCryptoNettleAES128;
81 typedef struct QCryptoNettleAES192 {
82 struct aes192_ctx enc;
83 struct aes192_ctx dec;
84 } QCryptoNettleAES192;
86 typedef struct QCryptoNettleAES256 {
87 struct aes256_ctx enc;
88 struct aes256_ctx dec;
89 } QCryptoNettleAES256;
91 static void aes128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
92 uint8_t *dst, const uint8_t *src)
94 const QCryptoNettleAES128 *aesctx = ctx;
95 aes128_encrypt(&aesctx->enc, length, dst, src);
98 static void aes128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
99 uint8_t *dst, const uint8_t *src)
101 const QCryptoNettleAES128 *aesctx = ctx;
102 aes128_decrypt(&aesctx->dec, length, dst, src);
105 static void aes192_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
106 uint8_t *dst, const uint8_t *src)
108 const QCryptoNettleAES192 *aesctx = ctx;
109 aes192_encrypt(&aesctx->enc, length, dst, src);
112 static void aes192_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
113 uint8_t *dst, const uint8_t *src)
115 const QCryptoNettleAES192 *aesctx = ctx;
116 aes192_decrypt(&aesctx->dec, length, dst, src);
119 static void aes256_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
120 uint8_t *dst, const uint8_t *src)
122 const QCryptoNettleAES256 *aesctx = ctx;
123 aes256_encrypt(&aesctx->enc, length, dst, src);
126 static void aes256_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
127 uint8_t *dst, const uint8_t *src)
129 const QCryptoNettleAES256 *aesctx = ctx;
130 aes256_decrypt(&aesctx->dec, length, dst, src);
133 static void des_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
134 uint8_t *dst, const uint8_t *src)
136 des_encrypt(ctx, length, dst, src);
139 static void des_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
140 uint8_t *dst, const uint8_t *src)
142 des_decrypt(ctx, length, dst, src);
145 static void des3_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
146 uint8_t *dst, const uint8_t *src)
148 des3_encrypt(ctx, length, dst, src);
151 static void des3_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
152 uint8_t *dst, const uint8_t *src)
154 des3_decrypt(ctx, length, dst, src);
157 static void cast128_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
158 uint8_t *dst, const uint8_t *src)
160 cast128_encrypt(ctx, length, dst, src);
163 static void cast128_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
164 uint8_t *dst, const uint8_t *src)
166 cast128_decrypt(ctx, length, dst, src);
169 static void serpent_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
170 uint8_t *dst, const uint8_t *src)
172 serpent_encrypt(ctx, length, dst, src);
175 static void serpent_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
176 uint8_t *dst, const uint8_t *src)
178 serpent_decrypt(ctx, length, dst, src);
181 static void twofish_encrypt_native(cipher_ctx_t ctx, cipher_length_t length,
182 uint8_t *dst, const uint8_t *src)
184 twofish_encrypt(ctx, length, dst, src);
187 static void twofish_decrypt_native(cipher_ctx_t ctx, cipher_length_t length,
188 uint8_t *dst, const uint8_t *src)
190 twofish_decrypt(ctx, length, dst, src);
193 static void aes128_encrypt_wrapper(const void *ctx, size_t length,
194 uint8_t *dst, const uint8_t *src)
196 const QCryptoNettleAES128 *aesctx = ctx;
197 aes128_encrypt(&aesctx->enc, length, dst, src);
200 static void aes128_decrypt_wrapper(const void *ctx, size_t length,
201 uint8_t *dst, const uint8_t *src)
203 const QCryptoNettleAES128 *aesctx = ctx;
204 aes128_decrypt(&aesctx->dec, length, dst, src);
207 static void aes192_encrypt_wrapper(const void *ctx, size_t length,
208 uint8_t *dst, const uint8_t *src)
210 const QCryptoNettleAES192 *aesctx = ctx;
211 aes192_encrypt(&aesctx->enc, length, dst, src);
214 static void aes192_decrypt_wrapper(const void *ctx, size_t length,
215 uint8_t *dst, const uint8_t *src)
217 const QCryptoNettleAES192 *aesctx = ctx;
218 aes192_decrypt(&aesctx->dec, length, dst, src);
221 static void aes256_encrypt_wrapper(const void *ctx, size_t length,
222 uint8_t *dst, const uint8_t *src)
224 const QCryptoNettleAES256 *aesctx = ctx;
225 aes256_encrypt(&aesctx->enc, length, dst, src);
228 static void aes256_decrypt_wrapper(const void *ctx, size_t length,
229 uint8_t *dst, const uint8_t *src)
231 const QCryptoNettleAES256 *aesctx = ctx;
232 aes256_decrypt(&aesctx->dec, length, dst, src);
235 static void des_encrypt_wrapper(const void *ctx, size_t length,
236 uint8_t *dst, const uint8_t *src)
238 des_encrypt(ctx, length, dst, src);
241 static void des_decrypt_wrapper(const void *ctx, size_t length,
242 uint8_t *dst, const uint8_t *src)
244 des_decrypt(ctx, length, dst, src);
247 static void des3_encrypt_wrapper(const void *ctx, size_t length,
248 uint8_t *dst, const uint8_t *src)
250 des3_encrypt(ctx, length, dst, src);
253 static void des3_decrypt_wrapper(const void *ctx, size_t length,
254 uint8_t *dst, const uint8_t *src)
256 des3_decrypt(ctx, length, dst, src);
259 static void cast128_encrypt_wrapper(const void *ctx, size_t length,
260 uint8_t *dst, const uint8_t *src)
262 cast128_encrypt(ctx, length, dst, src);
265 static void cast128_decrypt_wrapper(const void *ctx, size_t length,
266 uint8_t *dst, const uint8_t *src)
268 cast128_decrypt(ctx, length, dst, src);
271 static void serpent_encrypt_wrapper(const void *ctx, size_t length,
272 uint8_t *dst, const uint8_t *src)
274 serpent_encrypt(ctx, length, dst, src);
277 static void serpent_decrypt_wrapper(const void *ctx, size_t length,
278 uint8_t *dst, const uint8_t *src)
280 serpent_decrypt(ctx, length, dst, src);
283 static void twofish_encrypt_wrapper(const void *ctx, size_t length,
284 uint8_t *dst, const uint8_t *src)
286 twofish_encrypt(ctx, length, dst, src);
289 static void twofish_decrypt_wrapper(const void *ctx, size_t length,
290 uint8_t *dst, const uint8_t *src)
292 twofish_decrypt(ctx, length, dst, src);
295 typedef struct QCryptoCipherNettle QCryptoCipherNettle;
296 struct QCryptoCipherNettle {
297 /* Primary cipher context for all modes */
299 /* Second cipher context for XTS mode only */
301 /* Cipher callbacks for both contexts */
302 QCryptoCipherNettleFuncNative alg_encrypt_native;
303 QCryptoCipherNettleFuncNative alg_decrypt_native;
304 QCryptoCipherNettleFuncWrapper alg_encrypt_wrapper;
305 QCryptoCipherNettleFuncWrapper alg_decrypt_wrapper;
306 /* Initialization vector or Counter */
311 bool qcrypto_cipher_supports(QCryptoCipherAlgorithm alg,
312 QCryptoCipherMode mode)
315 case QCRYPTO_CIPHER_ALG_DES_RFB:
316 case QCRYPTO_CIPHER_ALG_3DES:
317 case QCRYPTO_CIPHER_ALG_AES_128:
318 case QCRYPTO_CIPHER_ALG_AES_192:
319 case QCRYPTO_CIPHER_ALG_AES_256:
320 case QCRYPTO_CIPHER_ALG_CAST5_128:
321 case QCRYPTO_CIPHER_ALG_SERPENT_128:
322 case QCRYPTO_CIPHER_ALG_SERPENT_192:
323 case QCRYPTO_CIPHER_ALG_SERPENT_256:
324 case QCRYPTO_CIPHER_ALG_TWOFISH_128:
325 case QCRYPTO_CIPHER_ALG_TWOFISH_192:
326 case QCRYPTO_CIPHER_ALG_TWOFISH_256:
333 case QCRYPTO_CIPHER_MODE_ECB:
334 case QCRYPTO_CIPHER_MODE_CBC:
335 case QCRYPTO_CIPHER_MODE_XTS:
336 case QCRYPTO_CIPHER_MODE_CTR:
345 qcrypto_nettle_cipher_free_ctx(QCryptoCipherNettle *ctx)
353 g_free(ctx->ctx_tweak);
358 static QCryptoCipherNettle *qcrypto_cipher_ctx_new(QCryptoCipherAlgorithm alg,
359 QCryptoCipherMode mode,
364 QCryptoCipherNettle *ctx;
368 case QCRYPTO_CIPHER_MODE_ECB:
369 case QCRYPTO_CIPHER_MODE_CBC:
370 case QCRYPTO_CIPHER_MODE_XTS:
371 case QCRYPTO_CIPHER_MODE_CTR:
374 error_setg(errp, "Unsupported cipher mode %s",
375 QCryptoCipherMode_str(mode));
379 if (!qcrypto_cipher_validate_key_length(alg, mode, nkey, errp)) {
383 ctx = g_new0(QCryptoCipherNettle, 1);
386 case QCRYPTO_CIPHER_ALG_DES_RFB:
387 ctx->ctx = g_new0(struct des_ctx, 1);
388 rfbkey = qcrypto_cipher_munge_des_rfb_key(key, nkey);
389 des_set_key(ctx->ctx, rfbkey);
392 ctx->alg_encrypt_native = des_encrypt_native;
393 ctx->alg_decrypt_native = des_decrypt_native;
394 ctx->alg_encrypt_wrapper = des_encrypt_wrapper;
395 ctx->alg_decrypt_wrapper = des_decrypt_wrapper;
397 ctx->blocksize = DES_BLOCK_SIZE;
400 case QCRYPTO_CIPHER_ALG_3DES:
401 ctx->ctx = g_new0(struct des3_ctx, 1);
402 des3_set_key(ctx->ctx, key);
404 ctx->alg_encrypt_native = des3_encrypt_native;
405 ctx->alg_decrypt_native = des3_decrypt_native;
406 ctx->alg_encrypt_wrapper = des3_encrypt_wrapper;
407 ctx->alg_decrypt_wrapper = des3_decrypt_wrapper;
409 ctx->blocksize = DES3_BLOCK_SIZE;
412 case QCRYPTO_CIPHER_ALG_AES_128:
413 ctx->ctx = g_new0(QCryptoNettleAES128, 1);
415 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
416 ctx->ctx_tweak = g_new0(QCryptoNettleAES128, 1);
419 aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc,
421 aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec,
424 aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)->
426 aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx_tweak)->
429 aes128_set_encrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->enc,
431 aes128_set_decrypt_key(&((QCryptoNettleAES128 *)ctx->ctx)->dec,
435 ctx->alg_encrypt_native = aes128_encrypt_native;
436 ctx->alg_decrypt_native = aes128_decrypt_native;
437 ctx->alg_encrypt_wrapper = aes128_encrypt_wrapper;
438 ctx->alg_decrypt_wrapper = aes128_decrypt_wrapper;
440 ctx->blocksize = AES_BLOCK_SIZE;
443 case QCRYPTO_CIPHER_ALG_AES_192:
444 ctx->ctx = g_new0(QCryptoNettleAES192, 1);
446 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
447 ctx->ctx_tweak = g_new0(QCryptoNettleAES192, 1);
450 aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc,
452 aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec,
455 aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)->
457 aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx_tweak)->
460 aes192_set_encrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->enc,
462 aes192_set_decrypt_key(&((QCryptoNettleAES192 *)ctx->ctx)->dec,
466 ctx->alg_encrypt_native = aes192_encrypt_native;
467 ctx->alg_decrypt_native = aes192_decrypt_native;
468 ctx->alg_encrypt_wrapper = aes192_encrypt_wrapper;
469 ctx->alg_decrypt_wrapper = aes192_decrypt_wrapper;
471 ctx->blocksize = AES_BLOCK_SIZE;
474 case QCRYPTO_CIPHER_ALG_AES_256:
475 ctx->ctx = g_new0(QCryptoNettleAES256, 1);
477 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
478 ctx->ctx_tweak = g_new0(QCryptoNettleAES256, 1);
481 aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc,
483 aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec,
486 aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)->
488 aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx_tweak)->
491 aes256_set_encrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->enc,
493 aes256_set_decrypt_key(&((QCryptoNettleAES256 *)ctx->ctx)->dec,
497 ctx->alg_encrypt_native = aes256_encrypt_native;
498 ctx->alg_decrypt_native = aes256_decrypt_native;
499 ctx->alg_encrypt_wrapper = aes256_encrypt_wrapper;
500 ctx->alg_decrypt_wrapper = aes256_decrypt_wrapper;
502 ctx->blocksize = AES_BLOCK_SIZE;
505 case QCRYPTO_CIPHER_ALG_CAST5_128:
506 ctx->ctx = g_new0(struct cast128_ctx, 1);
508 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
509 ctx->ctx_tweak = g_new0(struct cast128_ctx, 1);
512 cast5_set_key(ctx->ctx, nkey, key);
513 cast5_set_key(ctx->ctx_tweak, nkey, key + nkey);
515 cast5_set_key(ctx->ctx, nkey, key);
518 ctx->alg_encrypt_native = cast128_encrypt_native;
519 ctx->alg_decrypt_native = cast128_decrypt_native;
520 ctx->alg_encrypt_wrapper = cast128_encrypt_wrapper;
521 ctx->alg_decrypt_wrapper = cast128_decrypt_wrapper;
523 ctx->blocksize = CAST128_BLOCK_SIZE;
526 case QCRYPTO_CIPHER_ALG_SERPENT_128:
527 case QCRYPTO_CIPHER_ALG_SERPENT_192:
528 case QCRYPTO_CIPHER_ALG_SERPENT_256:
529 ctx->ctx = g_new0(struct serpent_ctx, 1);
531 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
532 ctx->ctx_tweak = g_new0(struct serpent_ctx, 1);
535 serpent_set_key(ctx->ctx, nkey, key);
536 serpent_set_key(ctx->ctx_tweak, nkey, key + nkey);
538 serpent_set_key(ctx->ctx, nkey, key);
541 ctx->alg_encrypt_native = serpent_encrypt_native;
542 ctx->alg_decrypt_native = serpent_decrypt_native;
543 ctx->alg_encrypt_wrapper = serpent_encrypt_wrapper;
544 ctx->alg_decrypt_wrapper = serpent_decrypt_wrapper;
546 ctx->blocksize = SERPENT_BLOCK_SIZE;
549 case QCRYPTO_CIPHER_ALG_TWOFISH_128:
550 case QCRYPTO_CIPHER_ALG_TWOFISH_192:
551 case QCRYPTO_CIPHER_ALG_TWOFISH_256:
552 ctx->ctx = g_new0(struct twofish_ctx, 1);
554 if (mode == QCRYPTO_CIPHER_MODE_XTS) {
555 ctx->ctx_tweak = g_new0(struct twofish_ctx, 1);
558 twofish_set_key(ctx->ctx, nkey, key);
559 twofish_set_key(ctx->ctx_tweak, nkey, key + nkey);
561 twofish_set_key(ctx->ctx, nkey, key);
564 ctx->alg_encrypt_native = twofish_encrypt_native;
565 ctx->alg_decrypt_native = twofish_decrypt_native;
566 ctx->alg_encrypt_wrapper = twofish_encrypt_wrapper;
567 ctx->alg_decrypt_wrapper = twofish_decrypt_wrapper;
569 ctx->blocksize = TWOFISH_BLOCK_SIZE;
573 error_setg(errp, "Unsupported cipher algorithm %s",
574 QCryptoCipherAlgorithm_str(alg));
577 g_assert(is_power_of_2(ctx->blocksize));
579 if (mode == QCRYPTO_CIPHER_MODE_XTS &&
580 ctx->blocksize != XTS_BLOCK_SIZE) {
581 error_setg(errp, "Cipher block size %zu must equal XTS block size %d",
582 ctx->blocksize, XTS_BLOCK_SIZE);
586 ctx->iv = g_new0(uint8_t, ctx->blocksize);
591 qcrypto_nettle_cipher_free_ctx(ctx);
597 qcrypto_nettle_cipher_ctx_free(QCryptoCipher *cipher)
599 QCryptoCipherNettle *ctx;
601 ctx = cipher->opaque;
602 qcrypto_nettle_cipher_free_ctx(ctx);
607 qcrypto_nettle_cipher_encrypt(QCryptoCipher *cipher,
613 QCryptoCipherNettle *ctx = cipher->opaque;
615 if (len & (ctx->blocksize - 1)) {
616 error_setg(errp, "Length %zu must be a multiple of block size %zu",
617 len, ctx->blocksize);
621 switch (cipher->mode) {
622 case QCRYPTO_CIPHER_MODE_ECB:
623 ctx->alg_encrypt_wrapper(ctx->ctx, len, out, in);
626 case QCRYPTO_CIPHER_MODE_CBC:
627 cbc_encrypt(ctx->ctx, ctx->alg_encrypt_native,
628 ctx->blocksize, ctx->iv,
632 case QCRYPTO_CIPHER_MODE_XTS:
633 #ifdef CONFIG_QEMU_PRIVATE_XTS
634 xts_encrypt(ctx->ctx, ctx->ctx_tweak,
635 ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
636 ctx->iv, len, out, in);
638 xts_encrypt_message(ctx->ctx, ctx->ctx_tweak,
639 ctx->alg_encrypt_native,
640 ctx->iv, len, out, in);
644 case QCRYPTO_CIPHER_MODE_CTR:
645 ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
646 ctx->blocksize, ctx->iv,
651 error_setg(errp, "Unsupported cipher mode %s",
652 QCryptoCipherMode_str(cipher->mode));
660 qcrypto_nettle_cipher_decrypt(QCryptoCipher *cipher,
666 QCryptoCipherNettle *ctx = cipher->opaque;
668 if (len & (ctx->blocksize - 1)) {
669 error_setg(errp, "Length %zu must be a multiple of block size %zu",
670 len, ctx->blocksize);
674 switch (cipher->mode) {
675 case QCRYPTO_CIPHER_MODE_ECB:
676 ctx->alg_decrypt_wrapper(ctx->ctx, len, out, in);
679 case QCRYPTO_CIPHER_MODE_CBC:
680 cbc_decrypt(ctx->ctx, ctx->alg_decrypt_native,
681 ctx->blocksize, ctx->iv,
685 case QCRYPTO_CIPHER_MODE_XTS:
686 #ifdef CONFIG_QEMU_PRIVATE_XTS
687 xts_decrypt(ctx->ctx, ctx->ctx_tweak,
688 ctx->alg_encrypt_wrapper, ctx->alg_decrypt_wrapper,
689 ctx->iv, len, out, in);
691 xts_decrypt_message(ctx->ctx, ctx->ctx_tweak,
692 ctx->alg_decrypt_native,
693 ctx->alg_encrypt_native,
694 ctx->iv, len, out, in);
697 case QCRYPTO_CIPHER_MODE_CTR:
698 ctr_crypt(ctx->ctx, ctx->alg_encrypt_native,
699 ctx->blocksize, ctx->iv,
704 error_setg(errp, "Unsupported cipher mode %s",
705 QCryptoCipherMode_str(cipher->mode));
712 qcrypto_nettle_cipher_setiv(QCryptoCipher *cipher,
713 const uint8_t *iv, size_t niv,
716 QCryptoCipherNettle *ctx = cipher->opaque;
717 if (niv != ctx->blocksize) {
718 error_setg(errp, "Expected IV size %zu not %zu",
719 ctx->blocksize, niv);
722 memcpy(ctx->iv, iv, niv);
727 static const struct QCryptoCipherDriver qcrypto_cipher_lib_driver = {
728 .cipher_encrypt = qcrypto_nettle_cipher_encrypt,
729 .cipher_decrypt = qcrypto_nettle_cipher_decrypt,
730 .cipher_setiv = qcrypto_nettle_cipher_setiv,
731 .cipher_free = qcrypto_nettle_cipher_ctx_free,