[libvirt] [PATCH REPOST 4/4] util: Adjust virCryptoEncryptData code to use macros

John Ferlan jferlan at redhat.com
Mon Jun 6 18:13:49 UTC 2016


Will make it easier to add new key lengths

Signed-off-by: John Ferlan <jferlan at redhat.com>
---
 src/util/vircrypto.c | 50 +++++++++++++++++++++++++++-----------------------
 1 file changed, 27 insertions(+), 23 deletions(-)

diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index 27a3d1d..f50ac6a 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -229,36 +229,40 @@ virCryptoEncryptData(virCryptoCipher algorithm,
                      uint8_t **ciphertext,
                      size_t *ciphertextlen)
 {
+    /*
+     * Encrypt the data buffer using an encryption key and
+     * initialization vector via the gnutls_cipher_encrypt API
+     * for the specific cipher algorithm.
+     */
+# define DO_CRYPT(ekl, ivl, alg, nam)                                       \
+    do {                                                                    \
+        if (enckeylen != ekl) {                                             \
+            virReportError(VIR_ERR_INVALID_ARG,                             \
+                           _("'%s' encryption invalid keylen=%d"),          \
+                           nam, ekl);                                       \
+            return -1;                                                      \
+        }                                                                   \
+        if (ivlen != ivl) {                                                 \
+            virReportError(VIR_ERR_INVALID_ARG,                             \
+                           _("'%s' initialization vector invalid len=%d"),  \
+                           nam, ivl);                                       \
+            return -1;                                                      \
+        }                                                                   \
+        return virCryptoEncryptDataAESgnutls(alg, enckey, enckeylen,        \
+                                             iv, ivlen, data, datalen,      \
+                                             ciphertext, ciphertextlen);    \
+    } while (0);
+
     switch (algorithm) {
     case VIR_CRYPTO_CIPHER_AES256CBC:
-        if (enckeylen != 32) {
-            virReportError(VIR_ERR_INVALID_ARG,
-                           _("AES256CBC encryption invalid keylen=%zu"),
-                           enckeylen);
-            return -1;
-        }
-
-        if (ivlen != 16) {
-            virReportError(VIR_ERR_INVALID_ARG,
-                           _("AES256CBC initialization vector invalid len=%zu"),
-                           ivlen);
-            return -1;
-        }
-
-        /*
-         * Encrypt the data buffer using an encryption key and
-         * initialization vector via the gnutls_cipher_encrypt API
-         * for GNUTLS_CIPHER_AES_256_CBC.
-         */
-        return virCryptoEncryptDataAESgnutls(GNUTLS_CIPHER_AES_256_CBC,
-                                             enckey, enckeylen, iv, ivlen,
-                                             data, datalen,
-                                             ciphertext, ciphertextlen);
+        DO_CRYPT(32, 16, GNUTLS_CIPHER_AES_256_CBC, "AES256CBC");
 
     case VIR_CRYPTO_CIPHER_NONE:
     case VIR_CRYPTO_CIPHER_LAST:
         break;
     }
+# undef DO_CRYPT
+
 
     virReportError(VIR_ERR_INVALID_ARG,
                    _("algorithm=%d is not supported"), algorithm);
-- 
2.5.5




More information about the libvir-list mailing list