qemu/include/hw/virtio
zhenwei pi 0e660a6f90 crypto: Introduce RSA algorithm
There are two parts in this patch:
1, support akcipher service by cryptodev-builtin driver
2, virtio-crypto driver supports akcipher service

In principle, we should separate this into two patches, to avoid
compiling error, merge them into one.

Then virtio-crypto gets request from guest side, and forwards the
request to builtin driver to handle it.

Test with a guest linux:
1, The self-test framework of crypto layer works fine in guest kernel
2, Test with Linux guest(with asym support), the following script
test(note that pkey_XXX is supported only in a newer version of keyutils):
  - both public key & private key
  - create/close session
  - encrypt/decrypt/sign/verify basic driver operation
  - also test with kernel crypto layer(pkey add/query)

All the cases work fine.

Run script in guest:
rm -rf *.der *.pem *.pfx
modprobe pkcs8_key_parser # if CONFIG_PKCS8_PRIVATE_KEY_PARSER=m
rm -rf /tmp/data
dd if=/dev/random of=/tmp/data count=1 bs=20

openssl req -nodes -x509 -newkey rsa:2048 -keyout key.pem -out cert.pem -subj "/C=CN/ST=BJ/L=HD/O=qemu/OU=dev/CN=qemu/emailAddress=qemu@qemu.org"
openssl pkcs8 -in key.pem -topk8 -nocrypt -outform DER -out key.der
openssl x509 -in cert.pem -inform PEM -outform DER -out cert.der

PRIV_KEY_ID=`cat key.der | keyctl padd asymmetric test_priv_key @s`
echo "priv key id = "$PRIV_KEY_ID
PUB_KEY_ID=`cat cert.der | keyctl padd asymmetric test_pub_key @s`
echo "pub key id = "$PUB_KEY_ID

keyctl pkey_query $PRIV_KEY_ID 0
keyctl pkey_query $PUB_KEY_ID 0

echo "Enc with priv key..."
keyctl pkey_encrypt $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.priv
echo "Dec with pub key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.priv enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Sign with priv key..."
keyctl pkey_sign $PRIV_KEY_ID 0 /tmp/data enc=pkcs1 hash=sha1 > /tmp/sig
echo "Verify with pub key..."
keyctl pkey_verify $PRIV_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

echo "Enc with pub key..."
keyctl pkey_encrypt $PUB_KEY_ID 0 /tmp/data enc=pkcs1 >/tmp/enc.pub
echo "Dec with priv key..."
keyctl pkey_decrypt $PRIV_KEY_ID 0 /tmp/enc.pub enc=pkcs1 >/tmp/dec
cmp /tmp/data /tmp/dec

echo "Verify with pub key..."
keyctl pkey_verify $PUB_KEY_ID 0 /tmp/data /tmp/sig enc=pkcs1 hash=sha1

Reviewed-by: Gonglei <arei.gonglei@huawei.com>
Signed-off-by: lei he <helei.sig11@bytedance.com
Signed-off-by: zhenwei pi <pizhenwei@bytedance.com>
Message-Id: <20220611064243.24535-2-pizhenwei@bytedance.com>
Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
Signed-off-by: Michael S. Tsirkin <mst@redhat.com>
2022-06-16 12:54:58 -04:00
..
vhost-backend.h Revert "vhost: introduce new VhostOps vhost_set_config_call" 2022-01-10 16:02:01 -05:00
vhost-scsi-common.h vhost-scsi: support inflight io track 2020-09-30 19:09:20 +02:00
vhost-scsi.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
vhost-user-blk.h vhost: recheck dev state in the vhost_migration_log routine 2020-09-29 02:14:29 -04:00
vhost-user-fs.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user-i2c.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user-rng.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user-scsi.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
vhost-user-vsock.h Clean up ill-advised or unusual header guards 2022-05-11 16:50:01 +02:00
vhost-user.h virtio/vhost-user: dynamically assign VhostUserHostNotifiers 2022-05-16 04:38:40 -04:00
vhost-vdpa.h vdpa: Expose VHOST_F_LOG_ALL on SVQ 2022-03-15 13:57:44 +08:00
vhost-vsock-common.h virtio: drop name parameter for virtio_init() 2022-05-16 04:38:40 -04:00
vhost-vsock.h vhost-vsock: handle common features in vhost-vsock-common 2021-10-05 17:30:57 -04:00
vhost.h include/hw: start documenting the vhost API 2022-05-16 04:38:40 -04:00
virtio-access.h Replace TARGET_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
virtio-balloon.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-blk.h virtio-blk: drop unused virtio_blk_handle_vq() return value 2022-01-12 17:09:39 +00:00
virtio-bus.h virtio-bus: introduce iommu_enabled() 2021-09-04 16:35:17 -04:00
virtio-crypto.h crypto: Introduce RSA algorithm 2022-06-16 12:54:58 -04:00
virtio-gpu-bswap.h Replace config-time define HOST_WORDS_BIGENDIAN 2022-04-06 10:50:37 +02:00
virtio-gpu-pci.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-gpu-pixman.h virtio-gpu: add a pixman helper header 2019-05-29 06:29:07 +02:00
virtio-gpu.h virtio-gpu: Respect UI refresh rate for EDID 2022-06-14 10:34:37 +02:00
virtio-input.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-iommu.h virtio-iommu: Use recursive lock to avoid deadlock 2022-06-16 12:54:58 -04:00
virtio-mem.h virtio-mem: Support VIRTIO_MEM_F_UNPLUGGED_INACCESSIBLE 2022-01-07 19:30:13 -05:00
virtio-mmio.h hw/virtio: enable ioeventfd configuring for mmio 2021-05-14 10:26:18 -04:00
virtio-net.h virtio-net: vhost control virtqueue support 2021-10-20 04:44:05 -04:00
virtio-pci.h hw/virtio: move virtio-pci.h into shared include space 2022-05-16 04:38:40 -04:00
virtio-pmem.h qapi: Restrict device memory commands to machine code 2020-09-29 15:41:36 +02:00
virtio-rng.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio-scsi.h virtio-scsi: move request-related items from .h to .c 2022-05-09 10:45:04 +01:00
virtio-serial.h Use OBJECT_DECLARE_SIMPLE_TYPE when possible 2020-09-18 14:12:32 -04:00
virtio.h virtio: add vhost support for virtio devices 2022-05-16 04:38:40 -04:00