bwlp/qemu.git/crypto, branch master

crypto: Support export akcipher to pkcs8

2022-11-02T10:56:32+00:00

crypto: support export RSA private keys with PKCS#8 standard. So that users can upload this private key to linux kernel. Signed-off-by: lei he Message-Id: <20221008085030.70212-4-helei.sig11@bytedance.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin Reviewed-by: Daniel P. Berrangé

crypto: Support DER encodings

2022-11-02T10:56:32+00:00

Add encoding interfaces for DER encoding: 1. support decoding of 'bit string', 'octet string', 'object id' and 'context specific tag' for DER encoder. 2. implemented a simple DER encoder. 3. add more testsuits for DER encoder. Signed-off-by: lei he Message-Id: <20221008085030.70212-3-helei.sig11@bytedance.com> Reviewed-by: Michael S. Tsirkin Signed-off-by: Michael S. Tsirkin Reviewed-by: Daniel P. Berrangé

crypto: quote algorithm names in error messages

2022-10-27T11:55:27+00:00

If given a malformed LUKS header, it is possible that the algorithm names end up being an empty string. This leads to confusing error messages unless quoting is used to highlight where the empty string is subsituted in the error message. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: split off helpers for converting LUKS header endianess

2022-10-27T11:55:27+00:00

The unit test suite is shortly going to want to convert header endianness separately from the main I/O functions. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: split LUKS header definitions off into file

2022-10-27T11:55:27+00:00

This will allow unit testing code to use the structs. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: check that LUKS PBKDF2 iterations count is non-zero

2022-10-27T11:55:27+00:00

Both the master key and key slot passphrases are run through the PBKDF2 algorithm. The iterations count is expected to be generally very large (many 10's or 100's of 1000s). It is hard to define a low level cutoff, but we can certainly say that iterations count should be non-zero. A zero count likely indicates an initialization mistake so reject it. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: strengthen the check for key slots overlapping with LUKS header

2022-10-27T11:55:27+00:00

The LUKS header data on disk is a fixed size, however, there's expected to be a gap between the end of the header and the first key slot to get alignment with the 2nd sector on 4k drives. This wasn't originally part of the LUKS spec, but was always part of the reference implementation, so it is worth validating this. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: validate that LUKS payload doesn't overlap with header

2022-10-27T11:55:27+00:00

We already validate that LUKS keyslots don't overlap with the header, or with each other. This closes the remaining hole in validation of LUKS file regions. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: enforce that key material doesn't overlap with LUKS header

2022-10-27T11:55:27+00:00

We already check that key material doesn't overlap between key slots, and that it doesn't overlap with the payload. We didn't check for overlap with the LUKS header. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé

crypto: enforce that LUKS stripes is always a fixed value

2022-10-27T11:55:27+00:00

Although the LUKS stripes are encoded in the keyslot header and so potentially configurable, in pratice the cryptsetup impl mandates this has the fixed value 4000. To avoid incompatibility apply the same enforcement in QEMU too. This also caps the memory usage for key material when QEMU tries to open a LUKS volume. Reviewed-by: Richard W.M. Jones Signed-off-by: Daniel P. Berrangé