crypto/secret_common.c

   1 /*
   2  * QEMU crypto secret support
   3  *
   4  * Copyright (c) 2015 Red Hat, Inc.
   5  *
   6  * This library is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2.1 of the License, or (at your option) any later version.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 #include "qemu/osdep.h"
  22 #include "crypto/secret_common.h"
  23 #include "crypto/cipher.h"
  24 #include "qapi/error.h"
  25 #include "qom/object_interfaces.h"
  26 #include "qemu/base64.h"
  27 #include "qemu/module.h"
  28 #include "trace.h"
  29
  30
  31 static void qcrypto_secret_decrypt(QCryptoSecretCommon *secret,
  32                                    const uint8_t *input,
  33                                    size_t inputlen,
  34                                    uint8_t **output,
  35                                    size_t *outputlen,
  36                                    Error **errp)
  37 {
  38     g_autofree uint8_t *iv = NULL;
  39     g_autofree uint8_t *key = NULL;
  40     g_autofree uint8_t *ciphertext = NULL;
  41     size_t keylen, ciphertextlen, ivlen;
  42     g_autoptr(QCryptoCipher) aes = NULL;
  43     g_autofree uint8_t *plaintext = NULL;
  44
  45     *output = NULL;
  46     *outputlen = 0;
  47
  48     if (qcrypto_secret_lookup(secret->keyid,
  49                               &key, &keylen,
  50                               errp) < 0) {
  51         return;
  52     }
  53
  54     if (keylen != 32) {
  55         error_setg(errp, "Key should be 32 bytes in length");
  56         return;
  57     }
  58
  59     if (!secret->iv) {
  60         error_setg(errp, "IV is required to decrypt secret");
  61         return;
  62     }
  63
  64     iv = qbase64_decode(secret->iv, -1, &ivlen, errp);
  65     if (!iv) {
  66         return;
  67     }
  68     if (ivlen != 16) {
  69         error_setg(errp, "IV should be 16 bytes in length not %zu",
  70                    ivlen);
  71         return;
  72     }
  73
  74     aes = qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_256,
  75                              QCRYPTO_CIPHER_MODE_CBC,
  76                              key, keylen,
  77                              errp);
  78     if (!aes) {
  79         return;
  80     }
  81
  82     if (qcrypto_cipher_setiv(aes, iv, ivlen, errp) < 0) {
  83         return;
  84     }
  85
  86     if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
  87         ciphertext = qbase64_decode((const gchar *)input,
  88                                     inputlen,
  89                                     &ciphertextlen,
  90                                     errp);
  91         if (!ciphertext) {
  92             return;
  93         }
  94         plaintext = g_new0(uint8_t, ciphertextlen + 1);
  95     } else {
  96         ciphertextlen = inputlen;
  97         plaintext = g_new0(uint8_t, inputlen + 1);
  98     }
  99     if (qcrypto_cipher_decrypt(aes,
 100                                ciphertext ? ciphertext : input,
 101                                plaintext,
 102                                ciphertextlen,
 103                                errp) < 0) {
 104         return;
 105     }
 106
 107     if (plaintext[ciphertextlen - 1] > 16 ||
 108         plaintext[ciphertextlen - 1] > ciphertextlen) {
 109         error_setg(errp, "Incorrect number of padding bytes (%d) "
 110                    "found on decrypted data",
 111                    (int)plaintext[ciphertextlen - 1]);
 112         return;
 113     }
 114
 115     /*
 116      *  Even though plaintext may contain arbitrary NUL
 117      * ensure it is explicitly NUL terminated.
 118      */
 119     ciphertextlen -= plaintext[ciphertextlen - 1];
 120     plaintext[ciphertextlen] = '\0';
 121
 122     *output = g_steal_pointer(&plaintext);
 123     *outputlen = ciphertextlen;
 124 }
 125
 126
 127 static void qcrypto_secret_decode(const uint8_t *input,
 128                                   size_t inputlen,
 129                                   uint8_t **output,
 130                                   size_t *outputlen,
 131                                   Error **errp)
 132 {
 133     *output = qbase64_decode((const gchar *)input,
 134                              inputlen,
 135                              outputlen,
 136                              errp);
 137 }
 138
 139
 140 static void
 141 qcrypto_secret_prop_set_loaded(Object *obj,
 142                                bool value,
 143                                Error **errp)
 144 {
 145     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 146     QCryptoSecretCommonClass *sec_class
 147                                 = QCRYPTO_SECRET_COMMON_GET_CLASS(obj);
 148
 149     if (value) {
 150         Error *local_err = NULL;
 151         uint8_t *input = NULL;
 152         size_t inputlen = 0;
 153         uint8_t *output = NULL;
 154         size_t outputlen = 0;
 155
 156         if (sec_class->load_data) {
 157             sec_class->load_data(secret, &input, &inputlen, &local_err);
 158             if (local_err) {
 159                 error_propagate(errp, local_err);
 160                 return;
 161             }
 162         } else {
 163             error_setg(errp, "%s provides no 'load_data' method'",
 164                              object_get_typename(obj));
 165             return;
 166         }
 167
 168         if (secret->keyid) {
 169             qcrypto_secret_decrypt(secret, input, inputlen,
 170                                    &output, &outputlen, &local_err);
 171             g_free(input);
 172             if (local_err) {
 173                 error_propagate(errp, local_err);
 174                 return;
 175             }
 176             input = output;
 177             inputlen = outputlen;
 178         } else {
 179             if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
 180                 qcrypto_secret_decode(input, inputlen,
 181                                       &output, &outputlen, &local_err);
 182                 g_free(input);
 183                 if (local_err) {
 184                     error_propagate(errp, local_err);
 185                     return;
 186                 }
 187                 input = output;
 188                 inputlen = outputlen;
 189             }
 190         }
 191
 192         secret->rawdata = input;
 193         secret->rawlen = inputlen;
 194     } else if (secret->rawdata) {
 195         error_setg(errp, "Cannot unload secret");
 196         return;
 197     }
 198 }
 199
 200
 201 static bool
 202 qcrypto_secret_prop_get_loaded(Object *obj,
 203                                Error **errp G_GNUC_UNUSED)
 204 {
 205     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 206     return secret->rawdata != NULL;
 207 }
 208
 209
 210 static void
 211 qcrypto_secret_prop_set_format(Object *obj,
 212                                int value,
 213                                Error **errp G_GNUC_UNUSED)
 214 {
 215     QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
 216     creds->format = value;
 217 }
 218
 219
 220 static int
 221 qcrypto_secret_prop_get_format(Object *obj,
 222                                Error **errp G_GNUC_UNUSED)
 223 {
 224     QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
 225     return creds->format;
 226 }
 227
 228
 229 static void
 230 qcrypto_secret_prop_set_iv(Object *obj,
 231                            const char *value,
 232                            Error **errp)
 233 {
 234     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 235
 236     g_free(secret->iv);
 237     secret->iv = g_strdup(value);
 238 }
 239
 240
 241 static char *
 242 qcrypto_secret_prop_get_iv(Object *obj,
 243                            Error **errp)
 244 {
 245     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 246     return g_strdup(secret->iv);
 247 }
 248
 249
 250 static void
 251 qcrypto_secret_prop_set_keyid(Object *obj,
 252                               const char *value,
 253                               Error **errp)
 254 {
 255     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 256
 257     g_free(secret->keyid);
 258     secret->keyid = g_strdup(value);
 259 }
 260
 261
 262 static char *
 263 qcrypto_secret_prop_get_keyid(Object *obj,
 264                               Error **errp)
 265 {
 266     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 267     return g_strdup(secret->keyid);
 268 }
 269
 270
 271 static void
 272 qcrypto_secret_complete(UserCreatable *uc, Error **errp)
 273 {
 274     object_property_set_bool(OBJECT(uc), "loaded", true, errp);
 275 }
 276
 277
 278 static void
 279 qcrypto_secret_finalize(Object *obj)
 280 {
 281     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 282
 283     g_free(secret->iv);
 284     g_free(secret->keyid);
 285     g_free(secret->rawdata);
 286 }
 287
 288 static void
 289 qcrypto_secret_class_init(ObjectClass *oc, void *data)
 290 {
 291     UserCreatableClass *ucc = USER_CREATABLE_CLASS(oc);
 292
 293     ucc->complete = qcrypto_secret_complete;
 294
 295     object_class_property_add_bool(oc, "loaded",
 296                                    qcrypto_secret_prop_get_loaded,
 297                                    qcrypto_secret_prop_set_loaded);
 298     object_class_property_add_enum(oc, "format",
 299                                    "QCryptoSecretFormat",
 300                                    &QCryptoSecretFormat_lookup,
 301                                    qcrypto_secret_prop_get_format,
 302                                    qcrypto_secret_prop_set_format);
 303     object_class_property_add_str(oc, "keyid",
 304                                   qcrypto_secret_prop_get_keyid,
 305                                   qcrypto_secret_prop_set_keyid);
 306     object_class_property_add_str(oc, "iv",
 307                                   qcrypto_secret_prop_get_iv,
 308                                   qcrypto_secret_prop_set_iv);
 309 }
 310
 311
 312 int qcrypto_secret_lookup(const char *secretid,
 313                           uint8_t **data,
 314                           size_t *datalen,
 315                           Error **errp)
 316 {
 317     Object *obj;
 318     QCryptoSecretCommon *secret;
 319
 320     obj = object_resolve_path_component(
 321         object_get_objects_root(), secretid);
 322     if (!obj) {
 323         error_setg(errp, "No secret with id '%s'", secretid);
 324         return -1;
 325     }
 326
 327     secret = (QCryptoSecretCommon *)
 328         object_dynamic_cast(obj,
 329                             TYPE_QCRYPTO_SECRET_COMMON);
 330     if (!secret) {
 331         error_setg(errp, "Object with id '%s' is not a secret",
 332                    secretid);
 333         return -1;
 334     }
 335
 336     if (!secret->rawdata) {
 337         error_setg(errp, "Secret with id '%s' has no data",
 338                    secretid);
 339         return -1;
 340     }
 341
 342     *data = g_new0(uint8_t, secret->rawlen + 1);
 343     memcpy(*data, secret->rawdata, secret->rawlen);
 344     (*data)[secret->rawlen] = '\0';
 345     *datalen = secret->rawlen;
 346
 347     return 0;
 348 }
 349
 350
 351 char *qcrypto_secret_lookup_as_utf8(const char *secretid,
 352                                     Error **errp)
 353 {
 354     uint8_t *data;
 355     size_t datalen;
 356
 357     if (qcrypto_secret_lookup(secretid,
 358                               &data,
 359                               &datalen,
 360                               errp) < 0) {
 361         return NULL;
 362     }
 363
 364     if (!g_utf8_validate((const gchar *)data, datalen, NULL)) {
 365         error_setg(errp,
 366                    "Data from secret %s is not valid UTF-8",
 367                    secretid);
 368         g_free(data);
 369         return NULL;
 370     }
 371
 372     return (char *)data;
 373 }
 374
 375
 376 char *qcrypto_secret_lookup_as_base64(const char *secretid,
 377                                       Error **errp)
 378 {
 379     uint8_t *data;
 380     size_t datalen;
 381     char *ret;
 382
 383     if (qcrypto_secret_lookup(secretid,
 384                               &data,
 385                               &datalen,
 386                               errp) < 0) {
 387         return NULL;
 388     }
 389
 390     ret = g_base64_encode(data, datalen);
 391     g_free(data);
 392     return ret;
 393 }
 394
 395
 396 static const TypeInfo qcrypto_secret_info = {
 397     .parent = TYPE_OBJECT,
 398     .name = TYPE_QCRYPTO_SECRET_COMMON,
 399     .instance_size = sizeof(QCryptoSecretCommon),
 400     .instance_finalize = qcrypto_secret_finalize,
 401     .class_size = sizeof(QCryptoSecretCommonClass),
 402     .class_init = qcrypto_secret_class_init,
 403     .abstract = true,
 404     .interfaces = (InterfaceInfo[]) {
 405         { TYPE_USER_CREATABLE },
 406         { }
 407     }
 408 };
 409
 410
 411 static void
 412 qcrypto_secret_register_types(void)
 413 {
 414     type_register_static(&qcrypto_secret_info);
 415 }
 416
 417
 418 type_init(qcrypto_secret_register_types);