jcs.org
qemu with hax to log dma reads & writes
jcs.org/2018/11/12/vfio
1/*
2 * QEMU crypto secret support
3 *
4 * Copyright (c) 2015 Red Hat, Inc.
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 *
19 */
20
21#include "qemu/osdep.h"
22#include "crypto/secret_common.h"
23#include "crypto/cipher.h"
24#include "qapi/error.h"
25#include "qom/object_interfaces.h"
26#include "qemu/base64.h"
27#include "qemu/module.h"
28#include "trace.h"
29
30
31static void qcrypto_secret_decrypt(QCryptoSecretCommon *secret,
32 const uint8_t *input,
33 size_t inputlen,
34 uint8_t **output,
35 size_t *outputlen,
36 Error **errp)
37{
38 g_autofree uint8_t *iv = NULL;
39 g_autofree uint8_t *key = NULL;
40 g_autofree uint8_t *ciphertext = NULL;
41 size_t keylen, ciphertextlen, ivlen;
42 g_autoptr(QCryptoCipher) aes = NULL;
43 g_autofree uint8_t *plaintext = NULL;
44
45 *output = NULL;
46 *outputlen = 0;
47
48 if (qcrypto_secret_lookup(secret->keyid,
49 &key, &keylen,
50 errp) < 0) {
51 return;
52 }
53
54 if (keylen != 32) {
55 error_setg(errp, "Key should be 32 bytes in length");
56 return;
57 }
58
59 if (!secret->iv) {
60 error_setg(errp, "IV is required to decrypt secret");
61 return;
62 }
63
64 iv = qbase64_decode(secret->iv, -1, &ivlen, errp);
65 if (!iv) {
66 return;
67 }
68 if (ivlen != 16) {
69 error_setg(errp, "IV should be 16 bytes in length not %zu",
70 ivlen);
71 return;
72 }
73
74 aes = qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_256,
75 QCRYPTO_CIPHER_MODE_CBC,
76 key, keylen,
77 errp);
78 if (!aes) {
79 return;
80 }
81
82 if (qcrypto_cipher_setiv(aes, iv, ivlen, errp) < 0) {
83 return;
84 }
85
86 if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
87 ciphertext = qbase64_decode((const gchar *)input,
88 inputlen,
89 &ciphertextlen,
90 errp);
91 if (!ciphertext) {
92 return;
93 }
94 plaintext = g_new0(uint8_t, ciphertextlen + 1);
95 } else {
96 ciphertextlen = inputlen;
97 plaintext = g_new0(uint8_t, inputlen + 1);
98 }
99 if (qcrypto_cipher_decrypt(aes,
100 ciphertext ? ciphertext : input,
101 plaintext,
102 ciphertextlen,
103 errp) < 0) {
104 return;
105 }
106
107 if (plaintext[ciphertextlen - 1] > 16 ||
108 plaintext[ciphertextlen - 1] > ciphertextlen) {
109 error_setg(errp, "Incorrect number of padding bytes (%d) "
110 "found on decrypted data",
111 (int)plaintext[ciphertextlen - 1]);
112 return;
113 }
114
115 /*
116 * Even though plaintext may contain arbitrary NUL
117 * ensure it is explicitly NUL terminated.
118 */
119 ciphertextlen -= plaintext[ciphertextlen - 1];
120 plaintext[ciphertextlen] = '\0';
121
122 *output = g_steal_pointer(&plaintext);
123 *outputlen = ciphertextlen;
124}
125
126
127static void qcrypto_secret_decode(const uint8_t *input,
128 size_t inputlen,
129 uint8_t **output,
130 size_t *outputlen,
131 Error **errp)
132{
133 *output = qbase64_decode((const gchar *)input,
134 inputlen,
135 outputlen,
136 errp);
137}
138
139
140static void
141qcrypto_secret_prop_set_loaded(Object *obj,
142 bool value,
143 Error **errp)
144{
145 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
146 QCryptoSecretCommonClass *sec_class
147 = QCRYPTO_SECRET_COMMON_GET_CLASS(obj);
148
149 if (value) {
150 Error *local_err = NULL;
151 uint8_t *input = NULL;
152 size_t inputlen = 0;
153 uint8_t *output = NULL;
154 size_t outputlen = 0;
155
156 if (sec_class->load_data) {
157 sec_class->load_data(secret, &input, &inputlen, &local_err);
158 if (local_err) {
159 error_propagate(errp, local_err);
160 return;
161 }
162 } else {
163 error_setg(errp, "%s provides no 'load_data' method'",
164 object_get_typename(obj));
165 return;
166 }
167
168 if (secret->keyid) {
169 qcrypto_secret_decrypt(secret, input, inputlen,
170 &output, &outputlen, &local_err);
171 g_free(input);
172 if (local_err) {
173 error_propagate(errp, local_err);
174 return;
175 }
176 input = output;
177 inputlen = outputlen;
178 } else {
179 if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
180 qcrypto_secret_decode(input, inputlen,
181 &output, &outputlen, &local_err);
182 g_free(input);
183 if (local_err) {
184 error_propagate(errp, local_err);
185 return;
186 }
187 input = output;
188 inputlen = outputlen;
189 }
190 }
191
192 secret->rawdata = input;
193 secret->rawlen = inputlen;
194 } else {
195 g_free(secret->rawdata);
196 secret->rawlen = 0;
197 }
198}
199
200
201static bool
202qcrypto_secret_prop_get_loaded(Object *obj,
203 Error **errp G_GNUC_UNUSED)
204{
205 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
206 return secret->rawdata != NULL;
207}
208
209
210static void
211qcrypto_secret_prop_set_format(Object *obj,
212 int value,
213 Error **errp G_GNUC_UNUSED)
214{
215 QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
216 creds->format = value;
217}
218
219
220static int
221qcrypto_secret_prop_get_format(Object *obj,
222 Error **errp G_GNUC_UNUSED)
223{
224 QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
225 return creds->format;
226}
227
228
229static void
230qcrypto_secret_prop_set_iv(Object *obj,
231 const char *value,
232 Error **errp)
233{
234 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
235
236 g_free(secret->iv);
237 secret->iv = g_strdup(value);
238}
239
240
241static char *
242qcrypto_secret_prop_get_iv(Object *obj,
243 Error **errp)
244{
245 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
246 return g_strdup(secret->iv);
247}
248
249
250static void
251qcrypto_secret_prop_set_keyid(Object *obj,
252 const char *value,
253 Error **errp)
254{
255 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
256
257 g_free(secret->keyid);
258 secret->keyid = g_strdup(value);
259}
260
261
262static char *
263qcrypto_secret_prop_get_keyid(Object *obj,
264 Error **errp)
265{
266 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
267 return g_strdup(secret->keyid);
268}
269
270
271static void
272qcrypto_secret_finalize(Object *obj)
273{
274 QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
275
276 g_free(secret->iv);
277 g_free(secret->keyid);
278 g_free(secret->rawdata);
279}
280
281static void
282qcrypto_secret_class_init(ObjectClass *oc, void *data)
283{
284 object_class_property_add_bool(oc, "loaded",
285 qcrypto_secret_prop_get_loaded,
286 qcrypto_secret_prop_set_loaded);
287 object_class_property_add_enum(oc, "format",
288 "QCryptoSecretFormat",
289 &QCryptoSecretFormat_lookup,
290 qcrypto_secret_prop_get_format,
291 qcrypto_secret_prop_set_format);
292 object_class_property_add_str(oc, "keyid",
293 qcrypto_secret_prop_get_keyid,
294 qcrypto_secret_prop_set_keyid);
295 object_class_property_add_str(oc, "iv",
296 qcrypto_secret_prop_get_iv,
297 qcrypto_secret_prop_set_iv);
298}
299
300
301int qcrypto_secret_lookup(const char *secretid,
302 uint8_t **data,
303 size_t *datalen,
304 Error **errp)
305{
306 Object *obj;
307 QCryptoSecretCommon *secret;
308
309 obj = object_resolve_path_component(
310 object_get_objects_root(), secretid);
311 if (!obj) {
312 error_setg(errp, "No secret with id '%s'", secretid);
313 return -1;
314 }
315
316 secret = (QCryptoSecretCommon *)
317 object_dynamic_cast(obj,
318 TYPE_QCRYPTO_SECRET_COMMON);
319 if (!secret) {
320 error_setg(errp, "Object with id '%s' is not a secret",
321 secretid);
322 return -1;
323 }
324
325 if (!secret->rawdata) {
326 error_setg(errp, "Secret with id '%s' has no data",
327 secretid);
328 return -1;
329 }
330
331 *data = g_new0(uint8_t, secret->rawlen + 1);
332 memcpy(*data, secret->rawdata, secret->rawlen);
333 (*data)[secret->rawlen] = '\0';
334 *datalen = secret->rawlen;
335
336 return 0;
337}
338
339
340char *qcrypto_secret_lookup_as_utf8(const char *secretid,
341 Error **errp)
342{
343 uint8_t *data;
344 size_t datalen;
345
346 if (qcrypto_secret_lookup(secretid,
347 &data,
348 &datalen,
349 errp) < 0) {
350 return NULL;
351 }
352
353 if (!g_utf8_validate((const gchar *)data, datalen, NULL)) {
354 error_setg(errp,
355 "Data from secret %s is not valid UTF-8",
356 secretid);
357 g_free(data);
358 return NULL;
359 }
360
361 return (char *)data;
362}
363
364
365char *qcrypto_secret_lookup_as_base64(const char *secretid,
366 Error **errp)
367{
368 uint8_t *data;
369 size_t datalen;
370 char *ret;
371
372 if (qcrypto_secret_lookup(secretid,
373 &data,
374 &datalen,
375 errp) < 0) {
376 return NULL;
377 }
378
379 ret = g_base64_encode(data, datalen);
380 g_free(data);
381 return ret;
382}
383
384
385static const TypeInfo qcrypto_secret_info = {
386 .parent = TYPE_OBJECT,
387 .name = TYPE_QCRYPTO_SECRET_COMMON,
388 .instance_size = sizeof(QCryptoSecretCommon),
389 .instance_finalize = qcrypto_secret_finalize,
390 .class_size = sizeof(QCryptoSecretCommonClass),
391 .class_init = qcrypto_secret_class_init,
392 .abstract = true,
393};
394
395
396static void
397qcrypto_secret_register_types(void)
398{
399 type_register_static(&qcrypto_secret_info);
400}
401
402
403type_init(qcrypto_secret_register_types);