Commit Graph

33 Commits

Author SHA1 Message Date
Peter Krempa
53e46e4cd6 virCryptoEncryptDataAESgnutls: Don't secure erase gnutls_datum_t structs
'gnutls_datum_t' simply holds pointers to the encryption key and its
length. There's absolutely no point in securely erasing that.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-12-19 14:40:26 +01:00
Peng Liang
55a996c90b util: Remove unused includes
Signed-off-by: Peng Liang <tcx4c70@gmail.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2022-06-16 06:43:57 +02:00
Peter Krempa
acfce77201 util: Remove use of virCryptoHaveCipher(VIR_CRYPTO_CIPHER_AES256CBC)
It always returns true. Make the logic a bit simpler to see through.

This completely removes 'virCryptoHaveCipher' as it's pointless in the
current form.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
2021-09-22 14:53:55 +02:00
Peter Krempa
91858434b4 virCryptoEncryptDataAESgnutls: Use virSecureErase instead of memset
Clear the key and IV structs using virSecureErase.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-03 13:07:13 +01:00
Peter Krempa
288d051494 virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N
Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2021-02-03 13:07:13 +01:00
Ján Tomko
e59b8f96f7 util: a-n: use g_new0
Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Erik Skultety <eskultet@redhat.com>
2020-10-06 12:31:34 +02:00
Daniel P. Berrangé
fa434739a0 src: replace verify(expr) with G_STATIC_ASSERT(expr)
G_STATIC_ASSERT() is a drop-in functional equivalent of
the GNULIB verify() macro.

Reviewed-by: Pavel Hrdina <phrdina@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
2020-01-17 10:02:01 +00:00
Ján Tomko
67e72053c1 Use G_N_ELEMENTS instead of ARRAY_CARDINALITY
Prefer the GLib version of the macro.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Reviewed-by: Michal Privoznik <mprivozn@redhat.com>
2019-10-15 16:14:19 +02:00
Yuri Chornoivan
e5c1fbca24 Fix minor typos in messages and docs
Signed-off-by: Yuri Chornoivan <yurchor@ukr.net>
Reviewed-by: Ján Tomko <jtomko@redhat.com>
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-12-05 10:39:54 +01:00
Michal Privoznik
234ce7d02f src: Drop most of #ifdef WITH_GNUTLS
Now that GnuTLS is a requirement, we can drop a lot of
conditionally built code. However, not all ifdef-s can go because
we still want libvirt_setuid to build without gnutls.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2018-06-05 14:32:36 +02:00
Michal Privoznik
f785aa6c2b vircrypto: Drop virCryptoGenerateRandom
Now that virCryptoGenerateRandom() is plain wrapper over
virRandomBytes() we can drop it in favour of the latter.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
b87dda7549 virRandomBytes: Use gnutls_rnd whenever possible
While /dev/urandom is not terrible source of random data
gnutls_rnd is better. Prefer that one.

Also, since nearly every platform we build on already has gnutls
(if not all of them) this is going to be used by default.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
8981c750b1 virRandomBytes: Report error
Instead of having each caller report error move it into the
function. This way we can produce more accurate error messages
too.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
c3320d6518 virCryptoGenerateRandom: Don't allocate return buffer
To unify our vir*Random() functions we need to make
virCryptoGenerateRandom NOT allocate return buffer. It should
just fill given buffer with random data.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
a5865cdbea virCryptoGenerateRandom: Explain gnults error
When generating random stream using gnults fails an error is
reported. However, the error is not helpful as it contains only
an integer error code (a negative number). Use gnutls_strerror()
to turn the error code into a string explaining what went wrong.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
d4e66f7639 virCryptoGenerateRandom: rename ret
This function allocates a buffer, fills it in with random bytes
and then returns it. However, the buffer is held in @buf
variable, therefore having @ret variable which does not hold
return value of the function is misleading.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-06-05 10:31:19 +02:00
Michal Privoznik
29592788f1 virRandomBytes: Fix return value
In libvirt when a function wants to return an error code it
should be a negative value. Returning a positive value (or zero)
means success. But virRandomBytes() does not follow this rule.

Signed-off-by: Michal Privoznik <mprivozn@redhat.com>
Reviewed-by: Eric Blake <eblake@redhat.com>
2018-06-05 10:31:19 +02:00
Ján Tomko
fe8a06798d Remove check for gnutls/crypto.h
Assume its presence for gnutls >= 3.2.

Check introduced by <commit 7d21d6b>.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
504b4f2669 Fix indentation in virCryptoHaveCipher
Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
fbb07a757b Remove explicit check for gnutls_cipher_encrypt
Introduced in gnutls 2.10, and we assume >= 3.2.

Commit 1ce9c08a added this check.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
ac9ad77303 Remove explicit check for gnutls_rnd
Introduced in gnutls 2.12, but we require gnutls >= 3.2
Check added by commit <2d23d14>.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
c25fbbec68 virCryptoHashBuf: return the length of the hash in bytes
virCryptoHashString also needs to know the size of the returned hash.
Return it if the hash conversion succeeded so the caller does not need
to access the hashinfo array.

This should make virCryptoHashString build without gnutls.
Also fixes the missing return value for the virCryptoHashBuf stub.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
Suggested-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
2018-05-16 10:40:40 +02:00
Ján Tomko
799011bbe7 vircrypto: Rely on GnuTLS for hash functions
Ditch the use of gnulib's digest functions in favor of GnuTLS,
which might be more likely to get FIPS-certified.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-14 14:05:21 +02:00
Ján Tomko
0eeedd61a9 Introduce virCryptoHashBuf
A function that keeps the hash in binary form instead of converting
it to human-readable hexadecimal form.

Signed-off-by: Ján Tomko <jtomko@redhat.com>
2018-05-14 13:57:45 +02:00
Daniel P. Berrange
71890992da Fix padding of encrypted data
If we are encoding a block of data that is 16 bytes in length,
we cannot leave it as 16 bytes, we must pad it out to the next
block boundary, 32 bytes. Without this padding, the decoder will
incorrectly treat the last byte of plain text as the padding
length, as it can't distinguish padded from non-padded data.

The problem exhibited itself when using a 16 byte passphrase
for a LUKS volume

  $ virsh secret-set-value 55806c7d-8e93-456f-829b-607d8c198367 \
       $(echo -n 1234567812345678 | base64)
  Secret value set

  $ virsh start demo
  error: Failed to start domain demo
  error: internal error: process exited while connecting to monitor: >>>>>>>>>>Len 16
  2017-05-02T10:35:40.016390Z qemu-system-x86_64: -object \
    secret,id=virtio-disk1-luks-secret0,data=SEtNi5vDUeyseMKHwc1c1Q==,\
    keyid=masterKey0,iv=zm7apUB1A6dPcH53VW960Q==,format=base64: \
    Incorrect number of padding bytes (56) found on decrypted data

Notice how the padding '56' corresponds to the ordinal value of
the character '8'.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-05-02 17:27:13 +01:00
Nitesh Konkar
d276da48bc Fix typos and grammar
Signed-off-by: Nitesh Konkar <nitkon12@linux.vnet.ibm.com>
2016-11-23 12:08:15 -05:00
John Ferlan
456ccc14d5 util: Perform proper virRandomBytes return value checking
Document the return value of virRandomBytes as 0 or some errno value and
then make sure all callers make the proper checks.
2016-06-07 10:18:36 -04:00
John Ferlan
896c4862d5 util: Alter virCryptoEncryptData for non GNUTLS builds
Rather than intermixing the ATTRIBUTE_UNUSED - use HAVE_GNUTLS_CIPHER_ENCRYPT
for the whole function instead.
2016-06-07 07:38:25 -04:00
Mikhail Feoktistov
33705aeec0 util: fix build without GNUTLS 2016-05-22 08:53:58 +03:00
John Ferlan
238032505f util: Introduce virCryptoGenerateRandom
Move the logic from qemuDomainGenerateRandomKey into this new
function, altering the comments, variable names, and error messages
to keep things more generic.

NB: Although perhaps more reasonable to add soemthing to virrandom.c.
    The virrandom.c was included in the setuid_rpc_client, so I chose
    placement in vircrypto.
2016-05-20 11:09:05 -04:00
John Ferlan
1ce9c08ab3 util: Introduce encryption APIs
Introduce virCryptoHaveCipher and virCryptoEncryptData to handle
performing encryption.

 virCryptoHaveCipher:
   Boolean function to determine whether the requested cipher algorithm
   is available. It's expected this API will be called prior to
   virCryptoEncryptdata. It will return true/false.

 virCryptoEncryptData:
   Based on the requested cipher type, call the specific encryption
   API to encrypt the data.

Currently the only algorithm support is the AES 256 CBC encryption.

Adjust tests for the API's
2016-05-20 11:09:01 -04:00
Nehal J Wani
03fc0c626d vircrypto: fix Invalid write in virCryptoHashString()
While running vircryptotest, it was found that valgrind pointed out the
following error:

==27453== Invalid write of size 1
==27453==    at 0x4C7D7C9: virCryptoHashString (vircrypto.c:76)
==27453==    by 0x401C4E: testCryptoHash (vircryptotest.c:41)
==27453==    by 0x402A11: virtTestRun (testutils.c:199)
==27453==    by 0x401AD5: mymain (vircryptotest.c:76)
==27453==    by 0x40318D: virtTestMain (testutils.c:782)
==27453==    by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
==27453==  Address 0x51f0541 is 0 bytes after a block of size 65 alloc'd
==27453==    at 0x4A0577B: calloc (vg_replace_malloc.c:593)
==27453==    by 0x4C69F2E: virAllocN (viralloc.c:189)
==27453==    by 0x4C7D76B: virCryptoHashString (vircrypto.c:69)
==27453==    by 0x401C4E: testCryptoHash (vircryptotest.c:41)
==27453==    by 0x402A11: virtTestRun (testutils.c:199)
==27453==    by 0x401AD5: mymain (vircryptotest.c:76)
==27453==    by 0x40318D: virtTestMain (testutils.c:782)
==27453==    by 0x3E6CE1ED1C: (below main) (libc-start.c:226)
==27453==

...and many more.  Two observations: hashstrlen was already set
to include the trailing NUL byte (so writing to hashstrlen as
the array offset was indeed writing one byte beyond bounds), and
VIR_ALLOC_N already guarantees zero-initialization (so we already
have a trailing NUL without needing to explicitly write one).

Signed-off-by: Eric Blake <eblake@redhat.com>
2014-03-12 16:01:30 -06:00
Daniel P. Berrange
3a7fe8d508 Add helper APIs for generating cryptographic hashes
GNULIB provides APIs for calculating md5 and sha256 hashes,
but these APIs only return you raw byte arrays. Most users
in libvirt want the hash in printable string format. Add
some helper APIs in util/vircrypto.{c,h} for doing this.

Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2014-03-10 16:39:18 +00:00