crypto/secret_common.c

   1 /*
   2  * QEMU crypto secret support
   3  *
   4  * Copyright (c) 2015 Red Hat, Inc.
   5  *
   6  * This library is free software; you can redistribute it and/or
   7  * modify it under the terms of the GNU Lesser General Public
   8  * License as published by the Free Software Foundation; either
   9  * version 2.1 of the License, or (at your option) any later version.
  10  *
  11  * This library is distributed in the hope that it will be useful,
  12  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  13  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  14  * Lesser General Public License for more details.
  15  *
  16  * You should have received a copy of the GNU Lesser General Public
  17  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
  18  *
  19  */
  20
  21 #include "qemu/osdep.h"
  22 #include "crypto/secret_common.h"
  23 #include "crypto/cipher.h"
  24 #include "qapi/error.h"
  25 #include "qom/object_interfaces.h"
  26 #include "qemu/base64.h"
  27 #include "qemu/module.h"
  28 #include "trace.h"
  29
  30
  31 static void qcrypto_secret_decrypt(QCryptoSecretCommon *secret,
  32                                    const uint8_t *input,
  33                                    size_t inputlen,
  34                                    uint8_t **output,
  35                                    size_t *outputlen,
  36                                    Error **errp)
  37 {
  38     g_autofree uint8_t *iv = NULL;
  39     g_autofree uint8_t *key = NULL;
  40     g_autofree uint8_t *ciphertext = NULL;
  41     size_t keylen, ciphertextlen, ivlen;
  42     g_autoptr(QCryptoCipher) aes = NULL;
  43     g_autofree uint8_t *plaintext = NULL;
  44
  45     *output = NULL;
  46     *outputlen = 0;
  47
  48     if (qcrypto_secret_lookup(secret->keyid,
  49                               &key, &keylen,
  50                               errp) < 0) {
  51         return;
  52     }
  53
  54     if (keylen != 32) {
  55         error_setg(errp, "Key should be 32 bytes in length");
  56         return;
  57     }
  58
  59     if (!secret->iv) {
  60         error_setg(errp, "IV is required to decrypt secret");
  61         return;
  62     }
  63
  64     iv = qbase64_decode(secret->iv, -1, &ivlen, errp);
  65     if (!iv) {
  66         return;
  67     }
  68     if (ivlen != 16) {
  69         error_setg(errp, "IV should be 16 bytes in length not %zu",
  70                    ivlen);
  71         return;
  72     }
  73
  74     aes = qcrypto_cipher_new(QCRYPTO_CIPHER_ALG_AES_256,
  75                              QCRYPTO_CIPHER_MODE_CBC,
  76                              key, keylen,
  77                              errp);
  78     if (!aes) {
  79         return;
  80     }
  81
  82     if (qcrypto_cipher_setiv(aes, iv, ivlen, errp) < 0) {
  83         return;
  84     }
  85
  86     if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
  87         ciphertext = qbase64_decode((const gchar *)input,
  88                                     inputlen,
  89                                     &ciphertextlen,
  90                                     errp);
  91         if (!ciphertext) {
  92             return;
  93         }
  94         plaintext = g_new0(uint8_t, ciphertextlen + 1);
  95     } else {
  96         ciphertextlen = inputlen;
  97         plaintext = g_new0(uint8_t, inputlen + 1);
  98     }
  99     if (qcrypto_cipher_decrypt(aes,
 100                                ciphertext ? ciphertext : input,
 101                                plaintext,
 102                                ciphertextlen,
 103                                errp) < 0) {
 104         return;
 105     }
 106
 107     if (plaintext[ciphertextlen - 1] > 16 ||
 108         plaintext[ciphertextlen - 1] > ciphertextlen) {
 109         error_setg(errp, "Incorrect number of padding bytes (%d) "
 110                    "found on decrypted data",
 111                    (int)plaintext[ciphertextlen - 1]);
 112         return;
 113     }
 114
 115     /*
 116      *  Even though plaintext may contain arbitrary NUL
 117      * ensure it is explicitly NUL terminated.
 118      */
 119     ciphertextlen -= plaintext[ciphertextlen - 1];
 120     plaintext[ciphertextlen] = '\0';
 121
 122     *output = g_steal_pointer(&plaintext);
 123     *outputlen = ciphertextlen;
 124 }
 125
 126
 127 static void qcrypto_secret_decode(const uint8_t *input,
 128                                   size_t inputlen,
 129                                   uint8_t **output,
 130                                   size_t *outputlen,
 131                                   Error **errp)
 132 {
 133     *output = qbase64_decode((const gchar *)input,
 134                              inputlen,
 135                              outputlen,
 136                              errp);
 137 }
 138
 139
 140 static void
 141 qcrypto_secret_prop_set_loaded(Object *obj,
 142                                bool value,
 143                                Error **errp)
 144 {
 145     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 146     QCryptoSecretCommonClass *sec_class
 147                                 = QCRYPTO_SECRET_COMMON_GET_CLASS(obj);
 148
 149     if (value) {
 150         Error *local_err = NULL;
 151         uint8_t *input = NULL;
 152         size_t inputlen = 0;
 153         uint8_t *output = NULL;
 154         size_t outputlen = 0;
 155
 156         if (sec_class->load_data) {
 157             sec_class->load_data(secret, &input, &inputlen, &local_err);
 158             if (local_err) {
 159                 error_propagate(errp, local_err);
 160                 return;
 161             }
 162         } else {
 163             error_setg(errp, "%s provides no 'load_data' method'",
 164                              object_get_typename(obj));
 165             return;
 166         }
 167
 168         if (secret->keyid) {
 169             qcrypto_secret_decrypt(secret, input, inputlen,
 170                                    &output, &outputlen, &local_err);
 171             g_free(input);
 172             if (local_err) {
 173                 error_propagate(errp, local_err);
 174                 return;
 175             }
 176             input = output;
 177             inputlen = outputlen;
 178         } else {
 179             if (secret->format == QCRYPTO_SECRET_FORMAT_BASE64) {
 180                 qcrypto_secret_decode(input, inputlen,
 181                                       &output, &outputlen, &local_err);
 182                 g_free(input);
 183                 if (local_err) {
 184                     error_propagate(errp, local_err);
 185                     return;
 186                 }
 187                 input = output;
 188                 inputlen = outputlen;
 189             }
 190         }
 191
 192         secret->rawdata = input;
 193         secret->rawlen = inputlen;
 194     } else {
 195         g_free(secret->rawdata);
 196         secret->rawlen = 0;
 197     }
 198 }
 199
 200
 201 static bool
 202 qcrypto_secret_prop_get_loaded(Object *obj,
 203                                Error **errp G_GNUC_UNUSED)
 204 {
 205     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 206     return secret->rawdata != NULL;
 207 }
 208
 209
 210 static void
 211 qcrypto_secret_prop_set_format(Object *obj,
 212                                int value,
 213                                Error **errp G_GNUC_UNUSED)
 214 {
 215     QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
 216     creds->format = value;
 217 }
 218
 219
 220 static int
 221 qcrypto_secret_prop_get_format(Object *obj,
 222                                Error **errp G_GNUC_UNUSED)
 223 {
 224     QCryptoSecretCommon *creds = QCRYPTO_SECRET_COMMON(obj);
 225     return creds->format;
 226 }
 227
 228
 229 static void
 230 qcrypto_secret_prop_set_iv(Object *obj,
 231                            const char *value,
 232                            Error **errp)
 233 {
 234     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 235
 236     g_free(secret->iv);
 237     secret->iv = g_strdup(value);
 238 }
 239
 240
 241 static char *
 242 qcrypto_secret_prop_get_iv(Object *obj,
 243                            Error **errp)
 244 {
 245     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 246     return g_strdup(secret->iv);
 247 }
 248
 249
 250 static void
 251 qcrypto_secret_prop_set_keyid(Object *obj,
 252                               const char *value,
 253                               Error **errp)
 254 {
 255     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 256
 257     g_free(secret->keyid);
 258     secret->keyid = g_strdup(value);
 259 }
 260
 261
 262 static char *
 263 qcrypto_secret_prop_get_keyid(Object *obj,
 264                               Error **errp)
 265 {
 266     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 267     return g_strdup(secret->keyid);
 268 }
 269
 270
 271 static void
 272 qcrypto_secret_finalize(Object *obj)
 273 {
 274     QCryptoSecretCommon *secret = QCRYPTO_SECRET_COMMON(obj);
 275
 276     g_free(secret->iv);
 277     g_free(secret->keyid);
 278     g_free(secret->rawdata);
 279 }
 280
 281 static void
 282 qcrypto_secret_class_init(ObjectClass *oc, void *data)
 283 {
 284     object_class_property_add_bool(oc, "loaded",
 285                                    qcrypto_secret_prop_get_loaded,
 286                                    qcrypto_secret_prop_set_loaded);
 287     object_class_property_add_enum(oc, "format",
 288                                    "QCryptoSecretFormat",
 289                                    &QCryptoSecretFormat_lookup,
 290                                    qcrypto_secret_prop_get_format,
 291                                    qcrypto_secret_prop_set_format);
 292     object_class_property_add_str(oc, "keyid",
 293                                   qcrypto_secret_prop_get_keyid,
 294                                   qcrypto_secret_prop_set_keyid);
 295     object_class_property_add_str(oc, "iv",
 296                                   qcrypto_secret_prop_get_iv,
 297                                   qcrypto_secret_prop_set_iv);
 298 }
 299
 300
 301 int qcrypto_secret_lookup(const char *secretid,
 302                           uint8_t **data,
 303                           size_t *datalen,
 304                           Error **errp)
 305 {
 306     Object *obj;
 307     QCryptoSecretCommon *secret;
 308
 309     obj = object_resolve_path_component(
 310         object_get_objects_root(), secretid);
 311     if (!obj) {
 312         error_setg(errp, "No secret with id '%s'", secretid);
 313         return -1;
 314     }
 315
 316     secret = (QCryptoSecretCommon *)
 317         object_dynamic_cast(obj,
 318                             TYPE_QCRYPTO_SECRET_COMMON);
 319     if (!secret) {
 320         error_setg(errp, "Object with id '%s' is not a secret",
 321                    secretid);
 322         return -1;
 323     }
 324
 325     if (!secret->rawdata) {
 326         error_setg(errp, "Secret with id '%s' has no data",
 327                    secretid);
 328         return -1;
 329     }
 330
 331     *data = g_new0(uint8_t, secret->rawlen + 1);
 332     memcpy(*data, secret->rawdata, secret->rawlen);
 333     (*data)[secret->rawlen] = '\0';
 334     *datalen = secret->rawlen;
 335
 336     return 0;
 337 }
 338
 339
 340 char *qcrypto_secret_lookup_as_utf8(const char *secretid,
 341                                     Error **errp)
 342 {
 343     uint8_t *data;
 344     size_t datalen;
 345
 346     if (qcrypto_secret_lookup(secretid,
 347                               &data,
 348                               &datalen,
 349                               errp) < 0) {
 350         return NULL;
 351     }
 352
 353     if (!g_utf8_validate((const gchar *)data, datalen, NULL)) {
 354         error_setg(errp,
 355                    "Data from secret %s is not valid UTF-8",
 356                    secretid);
 357         g_free(data);
 358         return NULL;
 359     }
 360
 361     return (char *)data;
 362 }
 363
 364
 365 char *qcrypto_secret_lookup_as_base64(const char *secretid,
 366                                       Error **errp)
 367 {
 368     uint8_t *data;
 369     size_t datalen;
 370     char *ret;
 371
 372     if (qcrypto_secret_lookup(secretid,
 373                               &data,
 374                               &datalen,
 375                               errp) < 0) {
 376         return NULL;
 377     }
 378
 379     ret = g_base64_encode(data, datalen);
 380     g_free(data);
 381     return ret;
 382 }
 383
 384
 385 static const TypeInfo qcrypto_secret_info = {
 386     .parent = TYPE_OBJECT,
 387     .name = TYPE_QCRYPTO_SECRET_COMMON,
 388     .instance_size = sizeof(QCryptoSecretCommon),
 389     .instance_finalize = qcrypto_secret_finalize,
 390     .class_size = sizeof(QCryptoSecretCommonClass),
 391     .class_init = qcrypto_secret_class_init,
 392     .abstract = true,
 393 };
 394
 395
 396 static void
 397 qcrypto_secret_register_types(void)
 398 {
 399     type_register_static(&qcrypto_secret_info);
 400 }
 401
 402
 403 type_init(qcrypto_secret_register_types);