[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-devel] [PATCH v3 00/10] Consolidate crypto APIs & implementations
From: |
Daniel P. Berrange |
Subject: |
[Qemu-devel] [PATCH v3 00/10] Consolidate crypto APIs & implementations |
Date: |
Thu, 18 Jun 2015 18:02:14 +0100 |
This small series covers the crypto consolidation patches
I previously posted:
RFC: https://lists.nongnu.org/archive/html/qemu-devel/2015-04/msg02038.html
v1: https://lists.nongnu.org/archive/html/qemu-devel/2015-05/msg04267.html
v2: https://lists.nongnu.org/archive/html/qemu-devel/2015-06/msg00601.html
Currently there are a 5 main places in QEMU which use some
form of cryptographic hash or cipher algorithm. These are
the quorum block driver (hash), qcow[2] block driver (cipher),
VNC password auth (cipher), VNC websockets (hash) and some
of the CPU instruction emulation (cipher).
For ciphers the code is using the in-tree implementations
of AES and/or the RFB cripple-DES. While there is nothing
broken about these implementations, it is none the less
desirable to be able to use the GNUTLS provided impls in
cases whre we are already linking to GNUTLS. This will
allow QEMU to use FIPS certified implementations, which
have been well audited, have some protection against
side-channel leakage and are generally actively maintained
by people knowledgable about encryption.
For hash digests the code is already using GNUTLS APIs.
With the TLS work, and possible future improved block device
encryption, there will be more general purpose crypto APIs
needed in QEMU.
It is undesirable to continue to litter the code with
countless #ifdef WITH_GNUTLS conditionals, as it makes
it increasingly hard to understand the code.
The goal of this series is to thus consolidate all the
crypto code into a single logical place in QEMU - the
source in $GIT/crypto and heads in $GIT/include/crypto
The code in this location will provide QEMU internal
APIs for hash digests, ciphers, and later TLS and block
encryption primitives. The implementations will be
backed by GNUTLS, and either libgcrypt or nettle depending
on which of these GNUTLS is linking to. In the case where
GNUTLS is disabled at build time, we'll still keep the
built-in AES & RFB-cripple-DES implementations available
so we have no regression vs today's level of support.
The callers of the crypto code can now be unconditionally
compiled and, if needed, they can check the availability
of algorithms they want at runtime and report clear errors
to the CLI or QMP if not available. This is a minor
difference in behaviour for the quorum block driver which
would previously be disabled at compile time if gnutls
was not available.
A future posting will include the TLS crypto APIs.
I have not attempted to convert the CPU emulation code to
use the new crypto APIs, since that code appears to have
quite specific need for access to the low level internal
stages of the AES algorithm. So I've left it using the
QEMU built-in AES code.
I've added myself in the MAINTAINERS file for the new
directories, since it was't clear if anyone else on the
existing QEMU maintainer list had any interest / knowledge
in maintaining the crypto related pieces.
Changes since v2:
- Remove _(..) gettext markers from error messages
- Fix array bounds check in hash module (Richard Henderson)
- Fix null dereference in freeing of gcrypt cipher impl
(Gonglei)
Changes since v1:
- Add explicit algorithm constants for each AES key size,
instead of inferring it from array length
- Share code for munging des rfb key bit order
- Share code for validating key array size vs algorithm
- Refactor built-in cipher impl to reduce number of big
switch statements
- Fix uninitialized 'Error *err' var
- Add comments in places where error reporting should be
improved in future
Daniel P. Berrange (10):
crypto: introduce new module for computing hash digests
crypto: move built-in AES implementation into crypto/
crypto: move built-in D3DES implementation into crypto/
crypto: introduce generic cipher API & built-in implementation
crypto: add a gcrypt cipher implementation
crypto: add a nettle cipher implementation
block: convert quorum blockdrv to use crypto APIs
ui: convert VNC websockets to use crypto APIs
block: convert qcow/qcow2 to use generic cipher API
ui: convert VNC to use generic cipher API
MAINTAINERS | 7 +
Makefile.objs | 1 +
block/Makefile.objs | 2 +-
block/qcow.c | 102 ++++++---
block/qcow2-cluster.c | 46 +++-
block/qcow2.c | 96 ++++----
block/qcow2.h | 13 +-
block/quorum.c | 41 ++--
configure | 162 +++++++++-----
crypto/Makefile.objs | 5 +
{util => crypto}/aes.c | 2 +-
crypto/cipher-builtin.c | 398 ++++++++++++++++++++++++++++++++++
crypto/cipher-gcrypt.c | 195 +++++++++++++++++
crypto/cipher-nettle.c | 206 ++++++++++++++++++
crypto/cipher.c | 71 ++++++
ui/d3des.c => crypto/desrfb.c | 2 +-
crypto/hash.c | 200 +++++++++++++++++
crypto/init.c | 150 +++++++++++++
include/{qemu => crypto}/aes.h | 0
include/crypto/cipher.h | 210 ++++++++++++++++++
ui/d3des.h => include/crypto/desrfb.h | 0
include/crypto/hash.h | 189 ++++++++++++++++
include/crypto/init.h | 29 +++
target-arm/crypto_helper.c | 2 +-
target-i386/fpu_helper.c | 1 -
target-i386/ops_sse.h | 2 +-
target-ppc/int_helper.c | 2 +-
tests/.gitignore | 2 +
tests/Makefile | 4 +
tests/test-crypto-cipher.c | 290 +++++++++++++++++++++++++
tests/test-crypto-hash.c | 209 ++++++++++++++++++
ui/Makefile.objs | 4 +-
ui/vnc-ws.c | 22 +-
ui/vnc-ws.h | 2 -
ui/vnc.c | 119 +++++-----
ui/vnc.h | 8 -
util/Makefile.objs | 2 +-
vl.c | 7 +
38 files changed, 2538 insertions(+), 265 deletions(-)
create mode 100644 crypto/Makefile.objs
rename {util => crypto}/aes.c (99%)
create mode 100644 crypto/cipher-builtin.c
create mode 100644 crypto/cipher-gcrypt.c
create mode 100644 crypto/cipher-nettle.c
create mode 100644 crypto/cipher.c
rename ui/d3des.c => crypto/desrfb.c (99%)
create mode 100644 crypto/hash.c
create mode 100644 crypto/init.c
rename include/{qemu => crypto}/aes.h (100%)
create mode 100644 include/crypto/cipher.h
rename ui/d3des.h => include/crypto/desrfb.h (100%)
create mode 100644 include/crypto/hash.h
create mode 100644 include/crypto/init.h
create mode 100644 tests/test-crypto-cipher.c
create mode 100644 tests/test-crypto-hash.c
--
2.4.2
- [Qemu-devel] [PATCH v3 00/10] Consolidate crypto APIs & implementations,
Daniel P. Berrange <=
- [Qemu-devel] [PATCH v3 03/10] crypto: move built-in D3DES implementation into crypto/, Daniel P. Berrange, 2015/06/18
- [Qemu-devel] [PATCH v3 01/10] crypto: introduce new module for computing hash digests, Daniel P. Berrange, 2015/06/18
- [Qemu-devel] [PATCH v3 02/10] crypto: move built-in AES implementation into crypto/, Daniel P. Berrange, 2015/06/18
- [Qemu-devel] [PATCH v3 07/10] block: convert quorum blockdrv to use crypto APIs, Daniel P. Berrange, 2015/06/18
- [Qemu-devel] [PATCH v3 04/10] crypto: introduce generic cipher API & built-in implementation, Daniel P. Berrange, 2015/06/18