aboutsummaryrefslogtreecommitdiff
path: root/crypto
AgeCommit message (Collapse)Author
2015-07-27crypto: fix built-in AES decrypt functionDaniel P. Berrange
The qcrypto_cipher_decrypt_aes method was using the wrong key material, and passing the wrong mode. This caused it to incorrectly decrypt ciphertext. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1437740634-6261-1-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-20crypto: Fix aes_decrypt_wrapper()Kevin Wolf
Commit d3462e3 broke qcow2's encryption functionality by using encrypt instead of decrypt in the wrapper function it introduces. This was found by qemu-iotests case 134. Signed-off-by: Kevin Wolf <kwolf@redhat.com> Reviewed-by: Daniel P. Berrange <berrange@redhat.com>
2015-07-16crypto: avoid undefined behavior in nettle callsRadim Krčmář
Calling a function pointer that was cast from an incompatible function results in undefined behavior. 'void *' isn't compatible with 'struct XXX *', so we can't cast to nettle_cipher_func, but have to provide a wrapper. (Conversion from 'void *' to 'struct XXX *' might require computation, which won't be done if we drop argument's true type, and pointers can have different sizes so passing arguments on stack would bug.) Having two different prototypes based on nettle version doesn't make this solution any nicer. Reported-by: Peter Maydell <peter.maydell@linaro.org> Signed-off-by: Radim Krčmář <rkrcmar@redhat.com> Message-Id: <1437062641-12684-3-git-send-email-rkrcmar@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-16crypto: fix build with nettle >= 3.0.0Radim Krčmář
In nettle 3, cbc_encrypt() accepts 'nettle_cipher_func' instead of 'nettle_crypt_func' and these two differ in 'const' qualifier of the first argument. The build fails with: In file included from crypto/cipher.c:71:0: ./crypto/cipher-nettle.c: In function ‘qcrypto_cipher_encrypt’: ./crypto/cipher-nettle.c:154:38: error: passing argument 2 of ‘nettle_cbc_encrypt’ from incompatible pointer type cbc_encrypt(ctx->ctx_encrypt, ctx->alg_encrypt, ^ In file included from ./crypto/cipher-nettle.c:24:0, from crypto/cipher.c:71: /usr/include/nettle/cbc.h:48:1: note: expected ‘void (*)(const void *, size_t, uint8_t *, const uint8_t *) but argument is of type ‘void (*)( void *, size_t, uint8_t *, const uint8_t *) To allow both versions, we switch to the new definition and #if typedef it for old versions. Signed-off-by: Radim Krčmář <rkrcmar@redhat.com> Message-Id: <1436548682-9315-2-git-send-email-rkrcmar@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-09crypto: fix builtin qcrypto_cipher_freePaolo Bonzini
This was dereferencing a pointer before checking if it was NULL. Reported-by: Christian Borntraeger <borntraeger@de.ibm.com> Reported-by: Aurelien Jarno <aurelien@aurel32.net> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08crypto: add a nettle cipher implementationDaniel P. Berrange
If we are linking to gnutls already and gnutls is built against nettle, then we should use nettle as a cipher backend in preference to our built-in backend. This will be used when linking against some GNUTLS 2.x versions and all GNUTLS 3.x versions. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-7-git-send-email-berrange@redhat.com> [Change "#elif" to "#elif defined". - Paolo] Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08crypto: add a gcrypt cipher implementationDaniel P. Berrange
If we are linking to gnutls already and gnutls is built against gcrypt, then we should use gcrypt as a cipher backend in preference to our built-in backend. This will be used when linking against GNUTLS 1.x and many GNUTLS 2.x versions. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-6-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-08crypto: introduce generic cipher API & built-in implementationDaniel P. Berrange
Introduce a generic cipher API and an implementation of it that supports only the built-in AES and DES-RFB algorithms. The test suite checks the supported algorithms + modes to validate that every backend implementation is actually correctly complying with the specs. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-5-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07crypto: move built-in D3DES implementation into crypto/Daniel P. Berrange
To prepare for a generic internal cipher API, move the built-in D3DES implementation into the crypto/ directory. This is not in fact a normal D3DES implementation, it is D3DES with double & triple length modes removed, and the key bytes in reversed bit order. IOW it is crippled specifically for the "benefit" of RFB, so call the new files desrfb.c instead of d3des.c to make it clear that it isn't a generally useful impl. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-4-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07crypto: move built-in AES implementation into crypto/Daniel P. Berrange
To prepare for a generic internal cipher API, move the built-in AES implementation into the crypto/ directory Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-3-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
2015-07-07crypto: introduce new module for computing hash digestsDaniel P. Berrange
Introduce a new crypto/ directory that will (eventually) contain all the cryptographic related code. This initially defines a wrapper for initializing gnutls and for computing hashes with gnutls. The former ensures that gnutls is guaranteed to be initialized exactly once in QEMU regardless of CLI args. The block quorum code currently fails to initialize gnutls so it only works by luck, if VNC server TLS is not requested. The hash APIs avoids the need to litter the rest of the code with preprocessor checks and simplifies callers by allocating the correct amount of memory for the requested hash. Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-Id: <1435770638-25715-2-git-send-email-berrange@redhat.com> Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>