Home
last modified time | relevance | path

Searched refs:secret (Results 1 – 25 of 42) sorted by relevance

12

/qemu/crypto/
H A Dsecret_common.c59 if (!secret->iv) { in qcrypto_secret_decrypt()
165 if (secret->keyid) { in qcrypto_secret_complete()
189 secret->rawdata = input; in qcrypto_secret_complete()
229 g_free(secret->iv); in qcrypto_secret_prop_set_iv()
250 g_free(secret->keyid); in qcrypto_secret_prop_set_keyid()
269 g_free(secret->iv); in qcrypto_secret_finalize()
270 g_free(secret->keyid); in qcrypto_secret_finalize()
271 g_free(secret->rawdata); in qcrypto_secret_finalize()
316 if (!secret) { in qcrypto_secret_lookup()
322 if (!secret->rawdata) { in qcrypto_secret_lookup()
[all …]
H A Dsecret.c44 if (secret->file) { in qcrypto_secret_load_data()
45 if (secret->data) { in qcrypto_secret_load_data()
59 } else if (secret->data) { in qcrypto_secret_load_data()
75 g_free(secret->data); in qcrypto_secret_prop_set_data()
76 secret->data = g_strdup(value); in qcrypto_secret_prop_set_data()
85 return g_strdup(secret->data); in qcrypto_secret_prop_get_data()
96 g_free(secret->file); in qcrypto_secret_prop_set_file()
97 secret->file = g_strdup(value); in qcrypto_secret_prop_set_file()
106 return g_strdup(secret->file); in qcrypto_secret_prop_get_file()
115 g_free(secret->file); in qcrypto_secret_finalize()
[all …]
H A Dsecret_keyring.c43 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(sec_common); in qcrypto_secret_keyring_load_data() local
50 if (!secret->serial) { in qcrypto_secret_keyring_load_data()
55 retcode = keyctl_read(secret->serial, NULL, 0); in qcrypto_secret_keyring_load_data()
62 retcode = keyctl_read(secret->serial, buffer, retcode); in qcrypto_secret_keyring_load_data()
75 secret->serial); in qcrypto_secret_keyring_load_data()
84 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(obj); in qcrypto_secret_prop_set_key() local
90 secret->serial = value; in qcrypto_secret_prop_set_key()
99 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(obj); in qcrypto_secret_prop_get_key() local
100 int32_t value = secret->serial; in qcrypto_secret_prop_get_key()
H A Dblock-luks.c146 char *secret; member
1214 luks->secret = g_strdup(options->u.luks.key_secret); in qcrypto_block_luks_open()
1281 g_free(luks->secret); in qcrypto_block_luks_open()
1363 luks->secret = g_strdup(options->u.luks.key_secret); in qcrypto_block_luks_create()
1605 g_free(luks->secret); in qcrypto_block_luks_create()
1628 char *secret = opts_luks->secret ?: luks->secret; in qcrypto_block_luks_amend_add_keyslot() local
1666 old_password = qcrypto_secret_lookup_as_utf8(secret, errp); in qcrypto_block_luks_amend_add_keyslot()
1718 if (opts_luks->secret) { in qcrypto_block_luks_amend_erase_keyslots()
1925 g_free(luks->secret); in qcrypto_block_luks_cleanup()
/qemu/tests/qemu-iotests/
H A D29370 _make_test_img $S0 $EXTRA_IMG_ARGS -o ${PR}key-secret=sec0,${PR}iter-time=10 32M
80 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=active,${PR}new-secret=sec1,${PR}iter-time=10
139 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec2
142 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec1
145 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=inactive,${PR}old-secret=sec0
148 $QEMU_IMG amend $SECRETS $IMGS3 -o ${PR}state=inactive,${PR}old-secret=sec3
161 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=inactive,${PR}old-secret=sec3
171 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=active,${PR}new-secret=sec1,${PR}keyslot=0
187 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec1
191 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec5 --force
[all …]
H A D29538 def secret(self): member in Secret
46 "data": self.secret() }
59 for secret in self.secrets:
60 self.vm.cmd("object-add", **secret.to_qmp_object())
76 def createImg(self, file, secret): argument
80 '--object', *secret.to_cmdline_object(),
82 '-o', self.pfx + 'key-secret=' + secret.id(),
93 'key-secret' : secret.id()
124 def addKeyQmp(self, id, new_secret, secret = None, argument
137 if secret != None:
[all …]
H A D29638 def secret(self): member in Secret
46 "data": self.secret() }
63 for secret in self.secrets:
75 def createImg(self, file, secret): argument
79 '--object', *secret.to_cmdline_object(),
81 '-o', 'key-secret=' + secret.id(),
88 def addKey(self, file, secret, new_secret): argument
91 'key-secret' : secret.id(),
101 '--object', *secret.to_cmdline_object(),
116 def openImageQmp(self, vm, id, file, secret, argument
[all …]
H A D282.out2 == Create non-UTF8 secret ==
3 == Throws an error because of invalid UTF-8 secret ==
4 Formatting 'vol.img', fmt=luks size=4194304 key-secret=sec0
5 qemu-img: vol.img: Data from secret sec0 is not valid UTF-8
8 Formatting 'vol.img', fmt=luks size=4194304 key-secret=sec0
9 qemu-img: vol.img: Data from secret sec0 is not valid UTF-8
H A D149.out23 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
28 …c read -P 0x13 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
33 …o -c write -P 0x91 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
38 … write -P 0x5e 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
81 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
86 …c read -P 0x13 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
91 …o -c write -P 0x91 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
96 … write -P 0x5e 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
141 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
496 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
[all …]
H A D087139 _make_test_img --object secret,id=sec0,data=123456 -o encryption=on,encrypt.key-secret=sec0 $size
170 _make_test_img --object secret,id=sec0,data=123456 -o encrypt.format=luks,encrypt.key-secret=sec0 $…
201 _make_test_img --object secret,id=sec0,data=123456 -o encryption=on,encrypt.key-secret=sec0 $size
H A D28846 SECRET=secret,id=sec0,data=passphrase
53 -o key-secret=sec0,iter-time=10 \
76 -o key-secret=sec0,iter-time=10,preallocation=falloc \
87 -o key-secret=sec0,iter-time=10 \
H A D293.out31 == filling 4 slots with secret 2 ==
33 == adding secret 0 ==
35 == adding secret 3 (last slot) ==
50 == erase all keys of secret 2==
51 == erase all keys of secret 1==
52 == erase all keys of secret 0==
53 == erasing secret3 will fail now since it is the only secret (in 3 slots) ==
85 == erase last secret (should fail) ==
89 qemu-img: No secret with id 'sec5'
92 == erase last secret with force by slot (should work) ==
H A D210.out10 …, "options": {"driver": "luks", "file": "imgfile", "iter-time": 10, "key-secret": "keysec0", "size…
15 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
63 …, "iter-time": 10, "ivgen-alg": "plain64", "ivgen-hash-alg": "md5", "key-secret": "keysec0", "size…
68 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
119 …0", "options": {"driver": "luks", "file": "node0", "iter-time": 10, "key-secret": "keysec0", "size…
124 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
167 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
173 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
179 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
195 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
H A D082.out65 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
91 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
117 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
143 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
169 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
195 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
221 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
247 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
288 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
375 encrypt.key-secret=<str> - ID of secret providing qcow AES key or LUKS passphrase
[all …]
H A D17855 $QEMU_IMG measure --object secret,id=sec0,data=MTIzNDU2,format=base64 # size or filename needed
152 --object secret,id=sec0,data=base \
153 -o encrypt.format=luks,encrypt.key-secret=sec0,encrypt.iter-time=10 \
H A D049113 test_qemu_img create -f $IMGFMT --object secret,id=sec0,data=123456 -o encryption=on,encrypt.key-se…
H A D29461 $QEMU_IMG amend $SECRETS $IMGS0 -o state=active,new-secret=sec1,keyslot=1,iter-time=10
/qemu/docs/system/
H A Dsecrets.rst3 Providing secret data to QEMU
11 secure manner, using the ``secret`` object type.
32 to pass secret data inline on the command line.
36 -object secret,id=secvnc0,data=87539319
45 -object secret,id=secvnc0,data=ODc1MzkzMTk=,format=base64
54 the secret:
58 -object secret,id=secvnc0,file=vnc-password.txt
65 this newline is not intended to be part of the secret data.
72 -object secret,id=sec0,file=vnc-password.txt,format=base64
80 secret data.
[all …]
/qemu/qapi/
H A Dcrypto.json29 # The data format that the secret is provided in
183 # @key-secret: the ID of a QCryptoSecret object providing the
190 'data': { '*key-secret': 'str' }}
204 'data': { '*key-secret': 'str' }}
401 # same secret that was used to open the image
407 '*new-secret': 'str',
408 '*old-secret': 'str',
411 '*secret': 'str' } }
437 # @format: the data format that the secret is provided in
465 # Properties for secret objects.
[all …]
H A Dmisc-target.json32 # @launch-secret: The guest is currently being launched; ciphertext
46 'data': ['uninit', 'launch-update', 'launch-secret', 'running',
179 # @sev-inject-launch-secret:
181 # This command injects a secret blob into memory of SEV guest.
183 # @packet-header: the launch secret packet header encoded in base64
185 # @secret: the launch secret data to be injected encoded in base64
187 # @gpa: the guest physical address where secret will be injected.
191 { 'command': 'sev-inject-launch-secret',
192 'data': { 'packet-header': 'str', 'secret': 'str', '*gpa': 'uint64' },
/qemu/docs/specs/
H A Dsev-guest-firmware.rst52 | 0xffffff9e | 4 | SEV secret block base address |
54 | 0xffffffa2 | 4 | SEV secret block size (=0xc00) |
56 | 0xffffffa6 | 2 | SEV secret block entry length (=0x1a) |
58 | 0xffffffa8 | 16 | SEV secret block GUID: |
104 SEV secret block
110 Guest Owner secret (using SEV_LAUNCH_SECRET).
/qemu/include/crypto/
H A Dsecret_common.h44 void (*load_data)(QCryptoSecretCommon *secret,
/qemu/target/i386/
H A Dsev.h54 int sev_inject_launch_secret(const char *hdr, const char *secret,
H A Dsev-sysemu-stub.c39 void qmp_sev_inject_launch_secret(const char *packet_header, const char *secret, in qmp_sev_inject_launch_secret() argument
H A Dtrace-events12 kvm_sev_launch_secret(uint64_t hpa, uint64_t hva, uint64_t secret, int len) "hpa 0x%" PRIx64 " hva …

12