motorhead/qemu
1
0
Fork 0
mirror of https://github.com/Motorhead1991/qemu.git synced 2025-08-09 10:34:58 -06:00
Code Issues Projects Releases Packages Wiki Activity Actions

crypto: add block encryption framework

Browse source 
Add a generic framework for supporting different block encryption
formats. Upon instantiating a QCryptoBlock object, it will read
the encryption header and extract the encryption keys. It is
then possible to call methods to encrypt/decrypt data buffers.

There is also a mode whereby it will create/initialize a new
encryption header on a previously unformatted volume.

The initial framework comes with support for the legacy QCow
AES based encryption. This enables code in the QCow driver to
be consolidated later.

Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
This commit is contained in:
Daniel P. Berrange 2015-10-24 11:44:13 +01:00
parent eaec903c5b
commit 7d9690148a
10 changed files with 1095 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

2
crypto/Makefile.objs
View file

@ -19,6 +19,8 @@ crypto-obj-y += ivgen-plain.o
crypto-obj-y += ivgen-plain64.o
crypto-obj-y += afsplit.o
crypto-obj-y += xts.o
crypto-obj-y += block.o
crypto-obj-y += block-qcow.o
# Let the userspace emulators avoid linking gnutls/etc
crypto-aes-obj-y = aes.o

173
crypto/block-qcow.c Normal file
View file

@ -0,0 +1,173 @@
/*
* QEMU Crypto block device encryption QCow/QCow2 AES-CBC format
*
* Copyright (c) 2015-2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
/*
* Note that the block encryption implemented in this file is broken
* by design. This exists only to allow data to be liberated from
* existing qcow[2] images and should not be used in any new areas.
*/
#include "qemu/osdep.h"
#include "crypto/block-qcow.h"
#include "crypto/secret.h"
#define QCRYPTO_BLOCK_QCOW_SECTOR_SIZE 512
static bool
qcrypto_block_qcow_has_format(const uint8_t *buf G_GNUC_UNUSED,
size_t buf_size G_GNUC_UNUSED)
{
return false;
}
static int
qcrypto_block_qcow_init(QCryptoBlock *block,
const char *keysecret,
Error **errp)
{
char *password;
int ret;
uint8_t keybuf[16];
int len;
memset(keybuf, 0, 16);
password = qcrypto_secret_lookup_as_utf8(keysecret, errp);
if (!password) {
return -1;
}
len = strlen(password);
memcpy(keybuf, password, MIN(len, sizeof(keybuf)));
g_free(password);
block->niv = qcrypto_cipher_get_iv_len(QCRYPTO_CIPHER_ALG_AES_128,
QCRYPTO_CIPHER_MODE_CBC);
block->ivgen = qcrypto_ivgen_new(QCRYPTO_IVGEN_ALG_PLAIN64,
0, 0, NULL, 0, errp);
if (!block->ivgen) {
ret = -ENOTSUP;
goto fail;
}
block->cipher = qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_128,
QCRYPTO_CIPHER_MODE_CBC,
keybuf, G_N_ELEMENTS(keybuf),
errp);
if (!block->cipher) {
ret = -ENOTSUP;
goto fail;
}
block->payload_offset = 0;
return 0;
fail:
qcrypto_cipher_free(block->cipher);
qcrypto_ivgen_free(block->ivgen);
return ret;
}
static int
qcrypto_block_qcow_open(QCryptoBlock *block,
QCryptoBlockOpenOptions *options,
QCryptoBlockReadFunc readfunc G_GNUC_UNUSED,
void *opaque G_GNUC_UNUSED,
unsigned int flags,
Error **errp)
{
if (flags & QCRYPTO_BLOCK_OPEN_NO_IO) {
return 0;
} else {
if (!options->u.qcow.key_secret) {
error_setg(errp,
"Parameter 'key-secret' is required for cipher");
return -1;
}
return qcrypto_block_qcow_init(block,
options->u.qcow.key_secret, errp);
}
}
static int
qcrypto_block_qcow_create(QCryptoBlock *block,
QCryptoBlockCreateOptions *options,
QCryptoBlockInitFunc initfunc G_GNUC_UNUSED,
QCryptoBlockWriteFunc writefunc G_GNUC_UNUSED,
void *opaque G_GNUC_UNUSED,
Error **errp)
{
if (!options->u.qcow.key_secret) {
error_setg(errp, "Parameter 'key-secret' is required for cipher");
return -1;
}
/* QCow2 has no special header, since everything is hardwired */
return qcrypto_block_qcow_init(block, options->u.qcow.key_secret, errp);
}
static void
qcrypto_block_qcow_cleanup(QCryptoBlock *block)
{
}
static int
qcrypto_block_qcow_decrypt(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
return qcrypto_block_decrypt_helper(block->cipher,
block->niv, block->ivgen,
QCRYPTO_BLOCK_QCOW_SECTOR_SIZE,
startsector, buf, len, errp);
}
static int
qcrypto_block_qcow_encrypt(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
return qcrypto_block_encrypt_helper(block->cipher,
block->niv, block->ivgen,
QCRYPTO_BLOCK_QCOW_SECTOR_SIZE,
startsector, buf, len, errp);
}
const QCryptoBlockDriver qcrypto_block_driver_qcow = {
.open = qcrypto_block_qcow_open,
.create = qcrypto_block_qcow_create,
.cleanup = qcrypto_block_qcow_cleanup,
.decrypt = qcrypto_block_qcow_decrypt,
.encrypt = qcrypto_block_qcow_encrypt,
.has_format = qcrypto_block_qcow_has_format,
};

28
crypto/block-qcow.h Normal file
View file

@ -0,0 +1,28 @@
/*
* QEMU Crypto block device encryption QCow/QCow2 AES-CBC format
*
* Copyright (c) 2015-2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef QCRYPTO_BLOCK_QCOW_H__
#define QCRYPTO_BLOCK_QCOW_H__
#include "crypto/blockpriv.h"
extern const QCryptoBlockDriver qcrypto_block_driver_qcow;
#endif /* QCRYPTO_BLOCK_QCOW_H__ */

258
crypto/block.c Normal file
View file

@ -0,0 +1,258 @@
/*
* QEMU Crypto block device encryption
*
* Copyright (c) 2015-2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
#include "qemu/osdep.h"
#include "crypto/blockpriv.h"
#include "crypto/block-qcow.h"
static const QCryptoBlockDriver *qcrypto_block_drivers[] = {
[Q_CRYPTO_BLOCK_FORMAT_QCOW] = &qcrypto_block_driver_qcow,
};
bool qcrypto_block_has_format(QCryptoBlockFormat format,
const uint8_t *buf,
size_t len)
{
const QCryptoBlockDriver *driver;
if (format >= G_N_ELEMENTS(qcrypto_block_drivers) ||
!qcrypto_block_drivers[format]) {
return false;
}
driver = qcrypto_block_drivers[format];
return driver->has_format(buf, len);
}
QCryptoBlock *qcrypto_block_open(QCryptoBlockOpenOptions *options,
QCryptoBlockReadFunc readfunc,
void *opaque,
unsigned int flags,
Error **errp)
{
QCryptoBlock *block = g_new0(QCryptoBlock, 1);
block->format = options->format;
if (options->format >= G_N_ELEMENTS(qcrypto_block_drivers) ||
!qcrypto_block_drivers[options->format]) {
error_setg(errp, "Unsupported block driver %d", options->format);
g_free(block);
return NULL;
}
block->driver = qcrypto_block_drivers[options->format];
if (block->driver->open(block, options,
readfunc, opaque, flags, errp) < 0) {
g_free(block);
return NULL;
}
return block;
}
QCryptoBlock *qcrypto_block_create(QCryptoBlockCreateOptions *options,
QCryptoBlockInitFunc initfunc,
QCryptoBlockWriteFunc writefunc,
void *opaque,
Error **errp)
{
QCryptoBlock *block = g_new0(QCryptoBlock, 1);
block->format = options->format;
if (options->format >= G_N_ELEMENTS(qcrypto_block_drivers) ||
!qcrypto_block_drivers[options->format]) {
error_setg(errp, "Unsupported block driver %d", options->format);
g_free(block);
return NULL;
}
block->driver = qcrypto_block_drivers[options->format];
if (block->driver->create(block, options, initfunc,
writefunc, opaque, errp) < 0) {
g_free(block);
return NULL;
}
return block;
}
int qcrypto_block_decrypt(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
return block->driver->decrypt(block, startsector, buf, len, errp);
}
int qcrypto_block_encrypt(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
return block->driver->encrypt(block, startsector, buf, len, errp);
}
QCryptoCipher *qcrypto_block_get_cipher(QCryptoBlock *block)
{
return block->cipher;
}
QCryptoIVGen *qcrypto_block_get_ivgen(QCryptoBlock *block)
{
return block->ivgen;
}
QCryptoHashAlgorithm qcrypto_block_get_kdf_hash(QCryptoBlock *block)
{
return block->kdfhash;
}
uint64_t qcrypto_block_get_payload_offset(QCryptoBlock *block)
{
return block->payload_offset;
}
void qcrypto_block_free(QCryptoBlock *block)
{
if (!block) {
return;
}
block->driver->cleanup(block);
qcrypto_cipher_free(block->cipher);
qcrypto_ivgen_free(block->ivgen);
g_free(block);
}
int qcrypto_block_decrypt_helper(QCryptoCipher *cipher,
size_t niv,
QCryptoIVGen *ivgen,
int sectorsize,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
uint8_t *iv;
int ret = -1;
iv = niv ? g_new0(uint8_t, niv) : NULL;
while (len > 0) {
size_t nbytes;
if (niv) {
if (qcrypto_ivgen_calculate(ivgen,
startsector,
iv, niv,
errp) < 0) {
goto cleanup;
}
if (qcrypto_cipher_setiv(cipher,
iv, niv,
errp) < 0) {
goto cleanup;
}
}
nbytes = len > sectorsize ? sectorsize : len;
if (qcrypto_cipher_decrypt(cipher, buf, buf,
nbytes, errp) < 0) {
goto cleanup;
}
startsector++;
buf += nbytes;
len -= nbytes;
}
ret = 0;
cleanup:
g_free(iv);
return ret;
}
int qcrypto_block_encrypt_helper(QCryptoCipher *cipher,
size_t niv,
QCryptoIVGen *ivgen,
int sectorsize,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp)
{
uint8_t *iv;
int ret = -1;
iv = niv ? g_new0(uint8_t, niv) : NULL;
while (len > 0) {
size_t nbytes;
if (niv) {
if (qcrypto_ivgen_calculate(ivgen,
startsector,
iv, niv,
errp) < 0) {
goto cleanup;
}
if (qcrypto_cipher_setiv(cipher,
iv, niv,
errp) < 0) {
goto cleanup;
}
}
nbytes = len > sectorsize ? sectorsize : len;
if (qcrypto_cipher_encrypt(cipher, buf, buf,
nbytes, errp) < 0) {
goto cleanup;
}
startsector++;
buf += nbytes;
len -= nbytes;
}
ret = 0;
cleanup:
g_free(iv);
return ret;
}

92
crypto/blockpriv.h Normal file
View file

@ -0,0 +1,92 @@
/*
* QEMU Crypto block device encryption
*
* Copyright (c) 2015-2016 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
*
*/
#ifndef QCRYPTO_BLOCK_PRIV_H__
#define QCRYPTO_BLOCK_PRIV_H__
#include "crypto/block.h"
typedef struct QCryptoBlockDriver QCryptoBlockDriver;
struct QCryptoBlock {
QCryptoBlockFormat format;
const QCryptoBlockDriver *driver;
void *opaque;
QCryptoCipher *cipher;
QCryptoIVGen *ivgen;
QCryptoHashAlgorithm kdfhash;
size_t niv;
uint64_t payload_offset; /* In bytes */
};
struct QCryptoBlockDriver {
int (*open)(QCryptoBlock *block,
QCryptoBlockOpenOptions *options,
QCryptoBlockReadFunc readfunc,
void *opaque,
unsigned int flags,
Error **errp);
int (*create)(QCryptoBlock *block,
QCryptoBlockCreateOptions *options,
QCryptoBlockInitFunc initfunc,
QCryptoBlockWriteFunc writefunc,
void *opaque,
Error **errp);
void (*cleanup)(QCryptoBlock *block);
int (*encrypt)(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp);
int (*decrypt)(QCryptoBlock *block,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp);
bool (*has_format)(const uint8_t *buf,
size_t buflen);
};
int qcrypto_block_decrypt_helper(QCryptoCipher *cipher,
size_t niv,
QCryptoIVGen *ivgen,
int sectorsize,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp);
int qcrypto_block_encrypt_helper(QCryptoCipher *cipher,
size_t niv,
QCryptoIVGen *ivgen,
int sectorsize,
uint64_t startsector,
uint8_t *buf,
size_t len,
Error **errp);
#endif /* QCRYPTO_BLOCK_PRIV_H__ */