ShuriZma
/
xemu
mirror of https://github.com/xemu-project/xemu.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
xemu/hw/virtio
History
zhenwei pi 0e660a6f90 crypto: Introduce RSA algorithm 
There are two parts in this patch:
1, support akcipher service by cryptodev-builtin driver
2, virtio-crypto driver supports akcipher service

In principle, we should separate this into two patches, to avoid
compiling error, merge them into one.

Then virtio-crypto gets request from guest side, and forwards the
request to builtin driver to handle it.

Test with a guest linux:
1, The self-test framework of crypto layer works fine in guest kernel
2, Test with Linux guest(with asym support), the following script
test(note that pkey_XXX is supported only in a newer version of keyutils):
  - both public key & private key
  - create/close session
  - encrypt/decrypt/sign/verify basic driver operation
  - also test with kernel crypto layer(pkey add/query)

All the cases work fine.

Run script in guest:
rm -rf *.der *.pem *.pfx
modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
rm -rf /tmp/data
dd if=/dev/random of=/tmp/data count=1 bs=20

openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -subj "/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=qemu@qemu.org"
openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der

PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
echo "priv key id = "$PRIV_KEY_ID
PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
echo "pub key id = "$PUB_KEY_ID

keyctl pkey_query $PRIV_KEY_ID 0
keyctl pkey_query $PUB_KEY_ID 0

echo "Enc with priv key..."
keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
echo "Dec with pub key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Sign with priv key..."
keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
echo "Verify with pub key..."
keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

echo "Enc with pub key..."
keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
echo "Dec with priv key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Verify with pub key..."
keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: lei he <helei.sig11@bytedance.com
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20220611064243.24535-2-pizhenwei@bytedance.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
 		2022-06-16 12:54:58 -04:00
..
Kconfig meson: use have_vhost_* variables to pick sources 2022-05-07 07:46:58 +02:00
meson.build meson: use have_vhost_* variables to pick sources 2022-05-07 07:46:58 +02:00
trace-events virtio-iommu: Add bypass mode support to assigned device 2022-06-16 12:54:58 -04:00
trace.h trace: switch position of headers to what Meson requires 2020-08-21 06:18:24 -04:00
vhost-backend.c vhost-backend: do not depend on CONFIG_VHOST_VSOCK 2022-05-12 12:29:44 +02:00
vhost-iova-tree.c Replace qemu_real_host_page variables with inlined functions 2022-04-06 10:50:38 +02:00
vhost-iova-tree.h vhost: Add VhostIOVATree 2022-03-15 13:57:44 +08:00
vhost-scsi-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-shadow-virtqueue.c vhost: Fix element in vhost_svq_add failure 2022-05-13 07:57:26 -04:00
vhost-shadow-virtqueue.h vhost: Track descriptor chain in private at SVQ 2022-05-13 07:57:26 -04:00
vhost-stub.c vhost-user: simplify vhost_user_init/vhost_user_cleanup 2019-03-12 21:22:31 -04:00
vhost-user-blk-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-fs-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-fs.c virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00
vhost-user-i2c-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-i2c.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
vhost-user-input-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-rng-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-rng.c virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00
vhost-user-scsi-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-vsock-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-user-vsock.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
vhost-user.c virtio/vhost-user: Fix wrong vhost notifier GPtrArray size 2022-06-16 12:54:58 -04:00
vhost-vdpa.c vhost-vdpa: change name and polarity for vhost_vdpa_one_time_request() 2022-05-16 16:15:41 -04:00
vhost-vsock-common.c virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00
vhost-vsock-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
vhost-vsock.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
vhost.c virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00
virtio-9p-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-balloon-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-balloon.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
virtio-blk-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-bus.c virtio: stop ioeventfd on reset 2022-06-14 16:50:30 +02:00
virtio-crypto-pci.c Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
virtio-crypto.c crypto: Introduce RSA algorithm 2022-06-16 12:54:58 -04:00
virtio-input-host-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-input-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-iommu-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-iommu.c virtio-iommu: Add an assert check in translate routine 2022-06-16 12:54:58 -04:00
virtio-mem-pci.c qapi: Include qom-path in MEMORY_DEVICE_SIZE_CHANGE qapi events 2021-10-02 08:43:21 +02:00
virtio-mem-pci.h Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
virtio-mem.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
virtio-mmio.c virtio-mmio: cleanup reset 2022-06-14 16:50:30 +02:00
virtio-net-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-pci.c virtio: stop ioeventfd on reset 2022-06-14 16:50:30 +02:00
virtio-pmem-pci.c virtio-pmem-pci: force virtio version 1 2020-09-29 02:14:30 -04:00
virtio-pmem-pci.h Use DECLARE_*CHECKER* macros 2020-09-09 09:27:09 -04:00
virtio-pmem.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
virtio-rng-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-rng.c virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
virtio-scsi-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-serial-pci.c hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio.c virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00