[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-commits] [qemu/qemu] 59b060: crypto: use uint64_t for pbkdf iterat
|
From: |
GitHub |
|
Subject: |
[Qemu-commits] [qemu/qemu] 59b060: crypto: use uint64_t for pbkdf iteration count par... |
|
Date: |
Mon, 19 Sep 2016 10:30:04 -0700 |
Branch: refs/heads/master
Home: https://github.com/qemu/qemu
Commit: 59b060be184aff59cfa101c937c8139e66f452f2
https://github.com/qemu/qemu/commit/59b060be184aff59cfa101c937c8139e66f452f2
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/block-luks.c
M crypto/pbkdf-gcrypt.c
M crypto/pbkdf-nettle.c
M crypto/pbkdf-stub.c
M crypto/pbkdf.c
M include/crypto/pbkdf.h
Log Message:
-----------
crypto: use uint64_t for pbkdf iteration count parameters
The qcrypto_pbkdf_count_iters method uses a 64 bit int
but then checks its value against INT32_MAX before
returning it. This bounds check is premature, because
the calling code may well scale the iteration count
by some value. It is thus better to return a 64-bit
integer and let the caller do range checking.
For consistency the qcrypto_pbkdf method is also changed
to accept a 64bit int, though this is somewhat academic
since nettle is limited to taking an 'int' while gcrypt
is limited to taking a 'long int'.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: 3bd18890cab82735ae2565fa50aa122e1b4a0ef0
https://github.com/qemu/qemu/commit/3bd18890cab82735ae2565fa50aa122e1b4a0ef0
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M block/crypto.c
M crypto/block-luks.c
M qapi/crypto.json
Log Message:
-----------
crypto: make PBKDF iterations configurable for LUKS format
As protection against bruteforcing passphrases, the PBKDF
algorithm is tuned by counting the number of iterations
needed to produce 1 second of running time. If the machine
that the image will be used on is much faster than the
machine where the image is created, it can be desirable
to raise the number of iterations. This change adds a new
'iter-time' property that allows the user to choose the
iteration wallclock time.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: 8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a
https://github.com/qemu/qemu/commit/8813800b7d995d8b54ef0a1e16d41fc13d8b5f3a
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/pbkdf.c
Log Message:
-----------
crypto: clear out buffer after timing pbkdf algorithm
The 'out' buffer will hold a key derived from master
password, so it is best practice to clear this buffer
when no longer required.
At this time, the code isn't worrying about locking
buffers into RAM to prevent swapping sensitive data
to disk.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: e74aabcffb74e6c15de05255480d43771ec63d8b
https://github.com/qemu/qemu/commit/e74aabcffb74e6c15de05255480d43771ec63d8b
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/block-luks.c
M crypto/pbkdf.c
M include/crypto/pbkdf.h
M tests/test-crypto-pbkdf.c
Log Message:
-----------
crypto: use correct derived key size when timing pbkdf
Currently when timing the pbkdf algorithm a fixed key
size of 32 bytes is used. This results in inaccurate
timings for certain hashes depending on their digest
size. For example when using sha1 with aes-256, this
causes us to measure time for the master key digest
doing 2 sha1 operations per iteration, instead of 1.
Instead we should pass in the desired key size to the
timing routine that matches the key size that will be
used for real later.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc
https://github.com/qemu/qemu/commit/acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/block-luks.c
Log Message:
-----------
crypto: remove bogus /= 2 for pbkdf iterations
When calculating iterations for pbkdf of the key slot
data, we had a /= 2, which was copied from identical
code in cryptsetup. It was always unclear & undocumented
why cryptsetup had this division and it was recently
removed there, too.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: 2ab66cd577d6d0ec3c44b14cc823e76ea5a4397c
https://github.com/qemu/qemu/commit/2ab66cd577d6d0ec3c44b14cc823e76ea5a4397c
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/block-luks.c
M qapi/crypto.json
Log Message:
-----------
crypto: increase default pbkdf2 time for luks to 2 seconds
cryptsetup recently increased the default pbkdf2 time to 2 seconds
to partially mitigate improvements in hardware performance wrt
brute-forcing the pbkdf algorithm. This updates QEMU defaults to
match.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: 533008f4f382490f817a0c313f2d32f6173c08c7
https://github.com/qemu/qemu/commit/533008f4f382490f817a0c313f2d32f6173c08c7
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/pbkdf-gcrypt.c
M crypto/pbkdf-nettle.c
M tests/test-crypto-pbkdf.c
Log Message:
-----------
crypto: support more hash algorithms for pbkdf
Currently pbkdf is only supported with SHA1 and SHA256. Expand
this to support all algorithms known to QEMU.
Reviewed-by: Eric Blake <address@hidden>
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: b57482d7a0fe669aeb6f0c3c3503d143b9db89dd
https://github.com/qemu/qemu/commit/b57482d7a0fe669aeb6f0c3c3503d143b9db89dd
Author: Daniel P. Berrange <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M crypto/tlssession.c
M crypto/trace-events
Log Message:
-----------
crypto: add trace points for TLS cert verification
It is very useful to know about TLS cert verification
status when debugging, so add a trace point for it.
Signed-off-by: Daniel P. Berrange <address@hidden>
Commit: 3d47a1390bd80b7b974185827a340012d21ad1e3
https://github.com/qemu/qemu/commit/3d47a1390bd80b7b974185827a340012d21ad1e3
Author: Peter Maydell <address@hidden>
Date: 2016-09-19 (Mon, 19 Sep 2016)
Changed paths:
M block/crypto.c
M crypto/block-luks.c
M crypto/pbkdf-gcrypt.c
M crypto/pbkdf-nettle.c
M crypto/pbkdf-stub.c
M crypto/pbkdf.c
M crypto/tlssession.c
M crypto/trace-events
M include/crypto/pbkdf.h
M qapi/crypto.json
M tests/test-crypto-pbkdf.c
Log Message:
-----------
Merge remote-tracking branch
'remotes/berrange/tags/pull-qcrypto-2016-09-19-2' into staging
Merge qcrypto 2016/09/19 v2
# gpg: Signature made Mon 19 Sep 2016 16:30:52 BST
# gpg: using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <address@hidden>"
# gpg: aka "Daniel P. Berrange <address@hidden>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF
* remotes/berrange/tags/pull-qcrypto-2016-09-19-2:
crypto: add trace points for TLS cert verification
crypto: support more hash algorithms for pbkdf
crypto: increase default pbkdf2 time for luks to 2 seconds
crypto: remove bogus /= 2 for pbkdf iterations
crypto: use correct derived key size when timing pbkdf
crypto: clear out buffer after timing pbkdf algorithm
crypto: make PBKDF iterations configurable for LUKS format
crypto: use uint64_t for pbkdf iteration count parameters
Signed-off-by: Peter Maydell <address@hidden>
Compare: https://github.com/qemu/qemu/compare/55b90fc76603...3d47a1390bd8
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Qemu-commits] [qemu/qemu] 59b060: crypto: use uint64_t for pbkdf iteration count par...,
GitHub <=