From f3c8355c7aaa89a5c5676756d4ba6139ea26b446 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Thu, 21 Jul 2016 10:37:14 +0100 Subject: crypto: use /dev/[u]random as a final fallback random source If neither gcrypt or gnutls are available to provide a cryptographic random number generator, fallback to consuming bytes directly from /dev/[u]random. Signed-off-by: Daniel P. Berrange --- crypto/Makefile.objs | 2 +- crypto/random-platform.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++ crypto/random-stub.c | 31 ----------------------- 3 files changed, 65 insertions(+), 32 deletions(-) create mode 100644 crypto/random-platform.c delete mode 100644 crypto/random-stub.c diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs index 1f86f4f..febffba 100644 --- a/crypto/Makefile.objs +++ b/crypto/Makefile.objs @@ -12,6 +12,7 @@ crypto-obj-y += tlssession.o crypto-obj-y += secret.o crypto-obj-$(CONFIG_GCRYPT) += random-gcrypt.o crypto-obj-$(if $(CONFIG_GCRYPT),n,$(CONFIG_GNUTLS_RND)) += random-gnutls.o +crypto-obj-$(if $(CONFIG_GCRYPT),n,$(if $(CONFIG_GNUTLS_RND),n,y)) += random-platform.o crypto-obj-y += pbkdf.o crypto-obj-$(CONFIG_NETTLE_KDF) += pbkdf-nettle.o crypto-obj-$(if $(CONFIG_NETTLE_KDF),n,$(CONFIG_GCRYPT_KDF)) += pbkdf-gcrypt.o @@ -28,6 +29,5 @@ crypto-obj-y += block-luks.o # Let the userspace emulators avoid linking gnutls/etc crypto-aes-obj-y = aes.o -stub-obj-y += random-stub.o stub-obj-y += pbkdf-stub.o stub-obj-y += hash-stub.o diff --git a/crypto/random-platform.c b/crypto/random-platform.c new file mode 100644 index 0000000..82b755a --- /dev/null +++ b/crypto/random-platform.c @@ -0,0 +1,64 @@ +/* + * QEMU Crypto random number provider + * + * Copyright (c) 2015-2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, see . + * + */ + +#include "qemu/osdep.h" + +#include "crypto/random.h" + +int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED, + size_t buflen G_GNUC_UNUSED, + Error **errp) +{ + int fd; + int ret = -1; + int got; + + /* TBD perhaps also add support for BSD getentropy / Linux + * getrandom syscalls directly */ + fd = open("/dev/urandom", O_RDONLY); + if (fd == -1 && errno == ENOENT) { + fd = open("/dev/random", O_RDONLY); + } + + if (fd < 0) { + error_setg(errp, "No /dev/urandom or /dev/random found"); + return -1; + } + + while (buflen > 0) { + got = read(fd, buf, buflen); + if (got < 0) { + error_setg_errno(errp, errno, + "Unable to read random bytes"); + goto cleanup; + } else if (!got) { + error_setg(errp, + "Unexpected EOF reading random bytes"); + goto cleanup; + } + buflen -= got; + buf += got; + } + + ret = 0; + cleanup: + close(fd); + return ret; +} diff --git a/crypto/random-stub.c b/crypto/random-stub.c deleted file mode 100644 index 63bbf41..0000000 --- a/crypto/random-stub.c +++ /dev/null @@ -1,31 +0,0 @@ -/* - * QEMU Crypto random number provider - * - * Copyright (c) 2015-2016 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see . - * - */ - -#include "qemu/osdep.h" - -#include "crypto/random.h" - -int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED, - size_t buflen G_GNUC_UNUSED, - Error **errp) -{ - error_setg(errp, "No random byte source provided in this build"); - return -1; -} -- cgit v1.1 From 2165477c0f65d20fdfbdb2ddcd4e0e7fe8f61df5 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Tue, 5 Jul 2016 11:45:42 +0100 Subject: crypto: use glib as fallback for hash algorithm GLib >= 2.16 provides GChecksum API which is good enough for md5, sha1, sha256 and sha512. Use this as a final fallback if neither nettle or gcrypt are available. This lets us remove the stub hash impl, and so callers can be sure those 4 algs are always available at compile time. They may still be disabled at runtime, so a check for qcrypto_hash_supports() is still best practice to report good error messages. Signed-off-by: Daniel P. Berrange --- crypto/Makefile.objs | 2 +- crypto/hash-glib.c | 98 ++++++++++++++++++++++++++++++++++++++++++++++++++++ crypto/hash-stub.c | 41 ---------------------- 3 files changed, 99 insertions(+), 42 deletions(-) create mode 100644 crypto/hash-glib.c delete mode 100644 crypto/hash-stub.c diff --git a/crypto/Makefile.objs b/crypto/Makefile.objs index febffba..a36d2d9 100644 --- a/crypto/Makefile.objs +++ b/crypto/Makefile.objs @@ -2,6 +2,7 @@ crypto-obj-y = init.o crypto-obj-y += hash.o crypto-obj-$(CONFIG_NETTLE) += hash-nettle.o crypto-obj-$(if $(CONFIG_NETTLE),n,$(CONFIG_GCRYPT)) += hash-gcrypt.o +crypto-obj-$(if $(CONFIG_NETTLE),n,$(if $(CONFIG_GCRYPT),n,y)) += hash-glib.o crypto-obj-y += aes.o crypto-obj-y += desrfb.o crypto-obj-y += cipher.o @@ -30,4 +31,3 @@ crypto-obj-y += block-luks.o crypto-aes-obj-y = aes.o stub-obj-y += pbkdf-stub.o -stub-obj-y += hash-stub.o diff --git a/crypto/hash-glib.c b/crypto/hash-glib.c new file mode 100644 index 0000000..cb68a3b --- /dev/null +++ b/crypto/hash-glib.c @@ -0,0 +1,98 @@ +/* + * QEMU Crypto hash algorithms + * + * Copyright (c) 2016 Red Hat, Inc. + * + * This library is free software; you can redistribute it and/or + * modify it under the terms of the GNU Lesser General Public + * License as published by the Free Software Foundation; either + * version 2 of the License, or (at your option) any later version. + * + * This library is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + * Lesser General Public License for more details. + * + * You should have received a copy of the GNU Lesser General Public + * License along with this library; if not, see . + * + */ + +#include "qemu/osdep.h" +#include "qapi/error.h" +#include "crypto/hash.h" + + +static int qcrypto_hash_alg_map[QCRYPTO_HASH_ALG__MAX] = { + [QCRYPTO_HASH_ALG_MD5] = G_CHECKSUM_MD5, + [QCRYPTO_HASH_ALG_SHA1] = G_CHECKSUM_SHA1, + [QCRYPTO_HASH_ALG_SHA224] = -1, + [QCRYPTO_HASH_ALG_SHA256] = G_CHECKSUM_SHA256, + [QCRYPTO_HASH_ALG_SHA384] = -1, +#if GLIB_CHECK_VERSION(2, 36, 0) + [QCRYPTO_HASH_ALG_SHA512] = G_CHECKSUM_SHA512, +#else + [QCRYPTO_HASH_ALG_SHA512] = -1, +#endif + [QCRYPTO_HASH_ALG_RIPEMD160] = -1, +}; + +gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg) +{ + if (alg < G_N_ELEMENTS(qcrypto_hash_alg_map) && + qcrypto_hash_alg_map[alg] != -1) { + return true; + } + return false; +} + + +int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, + const struct iovec *iov, + size_t niov, + uint8_t **result, + size_t *resultlen, + Error **errp) +{ + int i, ret; + GChecksum *cs; + + if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_map) || + qcrypto_hash_alg_map[alg] == -1) { + error_setg(errp, + "Unknown hash algorithm %d", + alg); + return -1; + } + + cs = g_checksum_new(qcrypto_hash_alg_map[alg]); + + for (i = 0; i < niov; i++) { + g_checksum_update(cs, iov[i].iov_base, iov[i].iov_len); + } + + ret = g_checksum_type_get_length(qcrypto_hash_alg_map[alg]); + if (ret < 0) { + error_setg(errp, "%s", + "Unable to get hash length"); + goto error; + } + if (*resultlen == 0) { + *resultlen = ret; + *result = g_new0(uint8_t, *resultlen); + } else if (*resultlen != ret) { + error_setg(errp, + "Result buffer size %zu is smaller than hash %d", + *resultlen, ret); + goto error; + } + + g_checksum_get_digest(cs, *result, resultlen); + + g_checksum_free(cs); + return 0; + + error: + g_checksum_free(cs); + return -1; +} diff --git a/crypto/hash-stub.c b/crypto/hash-stub.c deleted file mode 100644 index 8a9b8d4..0000000 --- a/crypto/hash-stub.c +++ /dev/null @@ -1,41 +0,0 @@ -/* - * QEMU Crypto hash algorithms - * - * Copyright (c) 2016 Red Hat, Inc. - * - * This library is free software; you can redistribute it and/or - * modify it under the terms of the GNU Lesser General Public - * License as published by the Free Software Foundation; either - * version 2 of the License, or (at your option) any later version. - * - * This library is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * Lesser General Public License for more details. - * - * You should have received a copy of the GNU Lesser General Public - * License along with this library; if not, see . - * - */ - -#include "qemu/osdep.h" -#include "qapi/error.h" -#include "crypto/hash.h" - -gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg G_GNUC_UNUSED) -{ - return false; -} - -int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, - const struct iovec *iov G_GNUC_UNUSED, - size_t niov G_GNUC_UNUSED, - uint8_t **result G_GNUC_UNUSED, - size_t *resultlen G_GNUC_UNUSED, - Error **errp) -{ - error_setg(errp, - "Hash algorithm %d not supported without GNUTLS", - alg); - return -1; -} -- cgit v1.1 From 760328971218bace4ab14b01f619825607fab9c3 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrange" Date: Tue, 5 Jul 2016 17:41:45 +0100 Subject: crypto: don't open-code qcrypto_hash_supports Call the existing qcrypto_hash_supports method from qcrypto_hash_bytesv instead of open-coding it again. Signed-off-by: Daniel P. Berrange --- crypto/hash-gcrypt.c | 3 +-- crypto/hash-glib.c | 3 +-- crypto/hash-nettle.c | 3 +-- 3 files changed, 3 insertions(+), 6 deletions(-) diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c index ed6f842..7690690 100644 --- a/crypto/hash-gcrypt.c +++ b/crypto/hash-gcrypt.c @@ -55,8 +55,7 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, gcry_md_hd_t md; unsigned char *digest; - if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_map) || - qcrypto_hash_alg_map[alg] == GCRY_MD_NONE) { + if (!qcrypto_hash_supports(alg)) { error_setg(errp, "Unknown hash algorithm %d", alg); diff --git a/crypto/hash-glib.c b/crypto/hash-glib.c index cb68a3b..ec99ac9 100644 --- a/crypto/hash-glib.c +++ b/crypto/hash-glib.c @@ -57,8 +57,7 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, int i, ret; GChecksum *cs; - if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_map) || - qcrypto_hash_alg_map[alg] == -1) { + if (!qcrypto_hash_supports(alg)) { error_setg(errp, "Unknown hash algorithm %d", alg); diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 4c6f50b..6a206dc 100644 --- a/crypto/hash-nettle.c +++ b/crypto/hash-nettle.c @@ -113,8 +113,7 @@ int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg, int i; union qcrypto_hash_ctx ctx; - if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_map) || - qcrypto_hash_alg_map[alg].init == NULL) { + if (!qcrypto_hash_supports(alg)) { error_setg(errp, "Unknown hash algorithm %d", alg); -- cgit v1.1