2 * QEMU crypto secret support
4 * Copyright (c) 2015 Red Hat, Inc.
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
21 #include "qemu/osdep.h"
22 #include "crypto/secret.h"
23 #include "crypto/cipher.h"
24 #include "qapi/error.h"
25 #include "qom/object_interfaces.h"
26 #include "qemu/base64.h"
27 #include "qemu/module.h"
32 qcrypto_secret_load_data(QCryptoSecret
*secret
,
47 "'file' and 'data' are mutually exclusive");
50 if (!g_file_get_contents(secret
->file
, &data
, &length
, &gerr
)) {
52 "Unable to read %s: %s",
53 secret
->file
, gerr
->message
);
57 *output
= (uint8_t *)data
;
59 } else if (secret
->data
) {
60 *outputlen
= strlen(secret
->data
);
61 *output
= (uint8_t *)g_strdup(secret
->data
);
63 error_setg(errp
, "Either 'file' or 'data' must be provided");
68 static void qcrypto_secret_decrypt(QCryptoSecret
*secret
,
75 uint8_t *key
= NULL
, *ciphertext
= NULL
, *iv
= NULL
;
76 size_t keylen
, ciphertextlen
, ivlen
;
77 QCryptoCipher
*aes
= NULL
;
78 uint8_t *plaintext
= NULL
;
83 if (qcrypto_secret_lookup(secret
->keyid
,
90 error_setg(errp
, "Key should be 32 bytes in length");
95 error_setg(errp
, "IV is required to decrypt secret");
99 iv
= qbase64_decode(secret
->iv
, -1, &ivlen
, errp
);
104 error_setg(errp
, "IV should be 16 bytes in length not %zu",
109 aes
= qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_256
,
110 QCRYPTO_CIPHER_MODE_CBC
,
117 if (qcrypto_cipher_setiv(aes
, iv
, ivlen
, errp
) < 0) {
121 if (secret
->format
== QCRYPTO_SECRET_FORMAT_BASE64
) {
122 ciphertext
= qbase64_decode((const gchar
*)input
,
129 plaintext
= g_new0(uint8_t, ciphertextlen
+ 1);
131 ciphertextlen
= inputlen
;
132 plaintext
= g_new0(uint8_t, inputlen
+ 1);
134 if (qcrypto_cipher_decrypt(aes
,
135 ciphertext
? ciphertext
: input
,
143 if (plaintext
[ciphertextlen
- 1] > 16 ||
144 plaintext
[ciphertextlen
- 1] > ciphertextlen
) {
145 error_setg(errp
, "Incorrect number of padding bytes (%d) "
146 "found on decrypted data",
147 (int)plaintext
[ciphertextlen
- 1]);
153 /* Even though plaintext may contain arbitrary NUL
154 * ensure it is explicitly NUL terminated.
156 ciphertextlen
-= plaintext
[ciphertextlen
- 1];
157 plaintext
[ciphertextlen
] = '\0';
160 *outputlen
= ciphertextlen
;
166 qcrypto_cipher_free(aes
);
170 static void qcrypto_secret_decode(const uint8_t *input
,
176 *output
= qbase64_decode((const gchar
*)input
,
184 qcrypto_secret_prop_set_loaded(Object
*obj
,
188 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
191 Error
*local_err
= NULL
;
192 uint8_t *input
= NULL
;
194 uint8_t *output
= NULL
;
195 size_t outputlen
= 0;
197 qcrypto_secret_load_data(secret
, &input
, &inputlen
, &local_err
);
199 error_propagate(errp
, local_err
);
204 qcrypto_secret_decrypt(secret
, input
, inputlen
,
205 &output
, &outputlen
, &local_err
);
208 error_propagate(errp
, local_err
);
212 inputlen
= outputlen
;
214 if (secret
->format
!= QCRYPTO_SECRET_FORMAT_RAW
) {
215 qcrypto_secret_decode(input
, inputlen
,
216 &output
, &outputlen
, &local_err
);
219 error_propagate(errp
, local_err
);
223 inputlen
= outputlen
;
227 secret
->rawdata
= input
;
228 secret
->rawlen
= inputlen
;
230 g_free(secret
->rawdata
);
237 qcrypto_secret_prop_get_loaded(Object
*obj
,
238 Error
**errp G_GNUC_UNUSED
)
240 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
241 return secret
->data
!= NULL
;
246 qcrypto_secret_prop_set_format(Object
*obj
,
248 Error
**errp G_GNUC_UNUSED
)
250 QCryptoSecret
*creds
= QCRYPTO_SECRET(obj
);
252 creds
->format
= value
;
257 qcrypto_secret_prop_get_format(Object
*obj
,
258 Error
**errp G_GNUC_UNUSED
)
260 QCryptoSecret
*creds
= QCRYPTO_SECRET(obj
);
262 return creds
->format
;
267 qcrypto_secret_prop_set_data(Object
*obj
,
271 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
273 g_free(secret
->data
);
274 secret
->data
= g_strdup(value
);
279 qcrypto_secret_prop_get_data(Object
*obj
,
282 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
283 return g_strdup(secret
->data
);
288 qcrypto_secret_prop_set_file(Object
*obj
,
292 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
294 g_free(secret
->file
);
295 secret
->file
= g_strdup(value
);
300 qcrypto_secret_prop_get_file(Object
*obj
,
303 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
304 return g_strdup(secret
->file
);
309 qcrypto_secret_prop_set_iv(Object
*obj
,
313 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
316 secret
->iv
= g_strdup(value
);
321 qcrypto_secret_prop_get_iv(Object
*obj
,
324 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
325 return g_strdup(secret
->iv
);
330 qcrypto_secret_prop_set_keyid(Object
*obj
,
334 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
336 g_free(secret
->keyid
);
337 secret
->keyid
= g_strdup(value
);
342 qcrypto_secret_prop_get_keyid(Object
*obj
,
345 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
346 return g_strdup(secret
->keyid
);
351 qcrypto_secret_complete(UserCreatable
*uc
, Error
**errp
)
353 object_property_set_bool(OBJECT(uc
), true, "loaded", errp
);
358 qcrypto_secret_finalize(Object
*obj
)
360 QCryptoSecret
*secret
= QCRYPTO_SECRET(obj
);
363 g_free(secret
->file
);
364 g_free(secret
->keyid
);
365 g_free(secret
->rawdata
);
366 g_free(secret
->data
);
370 qcrypto_secret_class_init(ObjectClass
*oc
, void *data
)
372 UserCreatableClass
*ucc
= USER_CREATABLE_CLASS(oc
);
374 ucc
->complete
= qcrypto_secret_complete
;
376 object_class_property_add_bool(oc
, "loaded",
377 qcrypto_secret_prop_get_loaded
,
378 qcrypto_secret_prop_set_loaded
,
380 object_class_property_add_enum(oc
, "format",
381 "QCryptoSecretFormat",
382 &QCryptoSecretFormat_lookup
,
383 qcrypto_secret_prop_get_format
,
384 qcrypto_secret_prop_set_format
,
386 object_class_property_add_str(oc
, "data",
387 qcrypto_secret_prop_get_data
,
388 qcrypto_secret_prop_set_data
,
390 object_class_property_add_str(oc
, "file",
391 qcrypto_secret_prop_get_file
,
392 qcrypto_secret_prop_set_file
,
394 object_class_property_add_str(oc
, "keyid",
395 qcrypto_secret_prop_get_keyid
,
396 qcrypto_secret_prop_set_keyid
,
398 object_class_property_add_str(oc
, "iv",
399 qcrypto_secret_prop_get_iv
,
400 qcrypto_secret_prop_set_iv
,
405 int qcrypto_secret_lookup(const char *secretid
,
411 QCryptoSecret
*secret
;
413 obj
= object_resolve_path_component(
414 object_get_objects_root(), secretid
);
416 error_setg(errp
, "No secret with id '%s'", secretid
);
420 secret
= (QCryptoSecret
*)
421 object_dynamic_cast(obj
,
422 TYPE_QCRYPTO_SECRET
);
424 error_setg(errp
, "Object with id '%s' is not a secret",
429 if (!secret
->rawdata
) {
430 error_setg(errp
, "Secret with id '%s' has no data",
435 *data
= g_new0(uint8_t, secret
->rawlen
+ 1);
436 memcpy(*data
, secret
->rawdata
, secret
->rawlen
);
437 (*data
)[secret
->rawlen
] = '\0';
438 *datalen
= secret
->rawlen
;
444 char *qcrypto_secret_lookup_as_utf8(const char *secretid
,
450 if (qcrypto_secret_lookup(secretid
,
457 if (!g_utf8_validate((const gchar
*)data
, datalen
, NULL
)) {
459 "Data from secret %s is not valid UTF-8",
469 char *qcrypto_secret_lookup_as_base64(const char *secretid
,
476 if (qcrypto_secret_lookup(secretid
,
483 ret
= g_base64_encode(data
, datalen
);
489 static const TypeInfo qcrypto_secret_info
= {
490 .parent
= TYPE_OBJECT
,
491 .name
= TYPE_QCRYPTO_SECRET
,
492 .instance_size
= sizeof(QCryptoSecret
),
493 .instance_finalize
= qcrypto_secret_finalize
,
494 .class_size
= sizeof(QCryptoSecretClass
),
495 .class_init
= qcrypto_secret_class_init
,
496 .interfaces
= (InterfaceInfo
[]) {
497 { TYPE_USER_CREATABLE
},
504 qcrypto_secret_register_types(void)
506 type_register_static(&qcrypto_secret_info
);
510 type_init(qcrypto_secret_register_types
);