Home
last modified time | relevance | path

Searched refs:secret (Results 1 – 25 of 141) sorted by relevance

123456

/openbmc/qemu/crypto/
H A Dsecret.c44 if (secret->file) { in qcrypto_secret_load_data()
45 if (secret->data) { in qcrypto_secret_load_data()
59 } else if (secret->data) { in qcrypto_secret_load_data()
75 g_free(secret->data); in qcrypto_secret_prop_set_data()
76 secret->data = g_strdup(value); in qcrypto_secret_prop_set_data()
85 return g_strdup(secret->data); in qcrypto_secret_prop_get_data()
96 g_free(secret->file); in qcrypto_secret_prop_set_file()
97 secret->file = g_strdup(value); in qcrypto_secret_prop_set_file()
106 return g_strdup(secret->file); in qcrypto_secret_prop_get_file()
115 g_free(secret->file); in qcrypto_secret_finalize()
[all …]
H A Dsecret_common.c59 if (!secret->iv) { in qcrypto_secret_decrypt()
165 if (secret->keyid) { in qcrypto_secret_complete()
189 secret->rawdata = input; in qcrypto_secret_complete()
229 g_free(secret->iv); in qcrypto_secret_prop_set_iv()
250 g_free(secret->keyid); in qcrypto_secret_prop_set_keyid()
269 g_free(secret->iv); in qcrypto_secret_finalize()
270 g_free(secret->keyid); in qcrypto_secret_finalize()
271 g_free(secret->rawdata); in qcrypto_secret_finalize()
316 if (!secret) { in qcrypto_secret_lookup()
322 if (!secret->rawdata) { in qcrypto_secret_lookup()
[all …]
H A Dsecret_keyring.c43 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(sec_common); in qcrypto_secret_keyring_load_data() local
50 if (!secret->serial) { in qcrypto_secret_keyring_load_data()
55 retcode = keyctl_read(secret->serial, NULL, 0); in qcrypto_secret_keyring_load_data()
62 retcode = keyctl_read(secret->serial, buffer, retcode); in qcrypto_secret_keyring_load_data()
75 secret->serial); in qcrypto_secret_keyring_load_data()
84 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(obj); in qcrypto_secret_prop_set_key() local
90 secret->serial = value; in qcrypto_secret_prop_set_key()
99 QCryptoSecretKeyring *secret = QCRYPTO_SECRET_KEYRING(obj); in qcrypto_secret_prop_get_key() local
100 int32_t value = secret->serial; in qcrypto_secret_prop_get_key()
/openbmc/linux/include/crypto/
H A Dcurve25519.h29 const u8 secret[CURVE25519_KEY_SIZE]);
35 const u8 secret[CURVE25519_KEY_SIZE], in curve25519()
39 curve25519_arch(mypublic, secret, basepoint); in curve25519()
41 curve25519_generic(mypublic, secret, basepoint); in curve25519()
48 const u8 secret[CURVE25519_KEY_SIZE]) in curve25519_generate_public()
55 curve25519_base_arch(pub, secret); in curve25519_generate_public()
57 curve25519_generic(pub, secret, curve25519_base_point); in curve25519_generate_public()
63 secret[0] &= 248; in curve25519_clamp_secret()
64 secret[31] = (secret[31] & 127) | 64; in curve25519_clamp_secret()
69 get_random_bytes_wait(secret, CURVE25519_KEY_SIZE); in curve25519_generate_secret()
[all …]
/openbmc/qemu/tests/qemu-iotests/
H A D29370 _make_test_img $S0 $EXTRA_IMG_ARGS -o ${PR}key-secret=sec0,${PR}iter-time=10 32M
80 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=active,${PR}new-secret=sec1,${PR}iter-time=10
139 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec2
142 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec1
145 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=inactive,${PR}old-secret=sec0
148 $QEMU_IMG amend $SECRETS $IMGS3 -o ${PR}state=inactive,${PR}old-secret=sec3
161 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=inactive,${PR}old-secret=sec3
171 $QEMU_IMG amend $SECRETS $IMGS0 -o ${PR}state=active,${PR}new-secret=sec1,${PR}keyslot=0
187 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec1
191 $QEMU_IMG amend $SECRETS $IMGS1 -o ${PR}state=inactive,${PR}old-secret=sec5 --force
[all …]
H A D29538 def secret(self): member in Secret
46 "data": self.secret() }
59 for secret in self.secrets:
60 self.vm.cmd("object-add", **secret.to_qmp_object())
76 def createImg(self, file, secret): argument
80 '--object', *secret.to_cmdline_object(),
82 '-o', self.pfx + 'key-secret=' + secret.id(),
93 'key-secret' : secret.id()
124 def addKeyQmp(self, id, new_secret, secret = None, argument
137 if secret != None:
[all …]
H A D29638 def secret(self): member in Secret
46 "data": self.secret() }
63 for secret in self.secrets:
75 def createImg(self, file, secret): argument
79 '--object', *secret.to_cmdline_object(),
81 '-o', 'key-secret=' + secret.id(),
88 def addKey(self, file, secret, new_secret): argument
91 'key-secret' : secret.id(),
101 '--object', *secret.to_cmdline_object(),
116 def openImageQmp(self, vm, id, file, secret, argument
[all …]
H A D282.out2 == Create non-UTF8 secret ==
3 == Throws an error because of invalid UTF-8 secret ==
4 Formatting 'vol.img', fmt=luks size=4194304 key-secret=sec0
5 qemu-img: vol.img: Data from secret sec0 is not valid UTF-8
8 Formatting 'vol.img', fmt=luks size=4194304 key-secret=sec0
9 qemu-img: vol.img: Data from secret sec0 is not valid UTF-8
H A D087139 _make_test_img --object secret,id=sec0,data=123456 -o encryption=on,encrypt.key-secret=sec0 $size
170 _make_test_img --object secret,id=sec0,data=123456 -o encrypt.format=luks,encrypt.key-secret=sec0 $…
201 _make_test_img --object secret,id=sec0,data=123456 -o encryption=on,encrypt.key-secret=sec0 $size
H A D149.out23 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
28 …c read -P 0x13 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
33 …o -c write -P 0x91 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
38 … write -P 0x5e 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
81 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
86 …c read -P 0x13 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
91 …o -c write -P 0x91 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
96 … write -P 0x5e 3145728M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
141 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
496 …io -c read -P 0xa7 100M 10M --object secret,id=sec0,data=MTIzNDU2,format=base64 --image-opts drive…
[all …]
H A D28846 SECRET=secret,id=sec0,data=passphrase
53 -o key-secret=sec0,iter-time=10 \
76 -o key-secret=sec0,iter-time=10,preallocation=falloc \
87 -o key-secret=sec0,iter-time=10 \
H A D293.out31 == filling 4 slots with secret 2 ==
33 == adding secret 0 ==
35 == adding secret 3 (last slot) ==
50 == erase all keys of secret 2==
51 == erase all keys of secret 1==
52 == erase all keys of secret 0==
53 == erasing secret3 will fail now since it is the only secret (in 3 slots) ==
85 == erase last secret (should fail) ==
89 qemu-img: No secret with id 'sec5'
92 == erase last secret with force by slot (should work) ==
H A D210.out10 …, "options": {"driver": "luks", "file": "imgfile", "iter-time": 10, "key-secret": "keysec0", "size…
15 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
63 …, "iter-time": 10, "ivgen-alg": "plain64", "ivgen-hash-alg": "md5", "key-secret": "keysec0", "size…
68 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
119 …0", "options": {"driver": "luks", "file": "node0", "iter-time": 10, "key-secret": "keysec0", "size…
124 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
167 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
173 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
179 …: {"job-id": "job0", "options": {"driver": "luks", "file": "node0", "key-secret": "keysec0", "size…
195 image: json:{"driver": "IMGFMT", "file": {"driver": "file", "filename": "TEST_IMG"}, "key-secret": …
/openbmc/linux/fs/crypto/
H A Dkeyring.c43 fscrypt_destroy_hkdf(&secret->hkdf); in wipe_master_key_secret()
44 memzero_explicit(secret, sizeof(*secret)); in wipe_master_key_secret()
537 err = fscrypt_init_hkdf(&secret->hkdf, secret->raw, in add_master_key()
538 secret->size); in add_master_key()
546 memzero_explicit(secret->raw, secret->size); in add_master_key()
651 memcpy(secret->raw, payload->raw, secret->size); in get_keyring_key()
712 memset(&secret, 0, sizeof(secret)); in fscrypt_ioctl_add_key()
723 secret.size = arg.raw_size; in fscrypt_ioctl_add_key()
725 if (copy_from_user(secret.raw, uarg->raw, secret.size)) in fscrypt_ioctl_add_key()
753 memset(secret, 0, sizeof(*secret)); in fscrypt_get_test_dummy_secret()
[all …]
/openbmc/linux/crypto/
H A Decdh_helper.c37 struct kpp_secret secret = { in crypto_ecdh_encode_key() local
48 ptr = ecdh_pack_data(ptr, &secret, sizeof(secret)); in crypto_ecdh_encode_key()
60 struct kpp_secret secret; in crypto_ecdh_decode_key() local
65 ptr = ecdh_unpack_data(&secret, ptr, sizeof(secret)); in crypto_ecdh_decode_key()
66 if (secret.type != CRYPTO_KPP_SECRET_TYPE_ECDH) in crypto_ecdh_decode_key()
69 if (unlikely(len < secret.len)) in crypto_ecdh_decode_key()
73 if (secret.len != crypto_ecdh_key_len(params)) in crypto_ecdh_decode_key()
H A Ddh_helper.c44 struct kpp_secret secret = { in crypto_dh_encode_key() local
52 ptr = dh_pack_data(ptr, end, &secret, sizeof(secret)); in crypto_dh_encode_key()
69 struct kpp_secret secret; in __crypto_dh_decode_key() local
74 ptr = dh_unpack_data(&secret, ptr, sizeof(secret)); in __crypto_dh_decode_key()
75 if (secret.type != CRYPTO_KPP_SECRET_TYPE_DH) in __crypto_dh_decode_key()
81 if (secret.len != crypto_dh_key_len(params)) in __crypto_dh_decode_key()
H A Dcurve25519-generic.c12 u8 *secret = kpp_tfm_ctx(tfm); in curve25519_set_secret() local
15 curve25519_generate_secret(secret); in curve25519_set_secret()
18 memcpy(secret, buf, CURVE25519_KEY_SIZE); in curve25519_set_secret()
27 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_compute_value() local
45 curve25519_generic(buf, secret, bp); in curve25519_compute_value()
H A Dtestmgr.h1349 .secret =
1456 .secret =
1566 .secret =
1654 .secret =
1727 .secret =
1847 .secret =
1936 .secret =
2088 .secret =
2193 .secret =
2409 .secret =
[all …]
/openbmc/qemu/docs/system/
H A Dsecrets.rst3 Providing secret data to QEMU
11 secure manner, using the ``secret`` object type.
32 to pass secret data inline on the command line.
36 -object secret,id=secvnc0,data=87539319
45 -object secret,id=secvnc0,data=ODc1MzkzMTk=,format=base64
54 the secret:
58 -object secret,id=secvnc0,file=vnc-password.txt
65 this newline is not intended to be part of the secret data.
72 -object secret,id=sec0,file=vnc-password.txt,format=base64
80 secret data.
[all …]
/openbmc/linux/arch/arm/crypto/
H A Dcurve25519-glue.c23 const u8 secret[CURVE25519_KEY_SIZE],
43 const u8 secret[CURVE25519_KEY_SIZE]) in curve25519_base_arch()
45 return curve25519_arch(pub, secret, curve25519_base_point); in curve25519_base_arch()
52 u8 *secret = kpp_tfm_ctx(tfm); in curve25519_set_secret() local
55 curve25519_generate_secret(secret); in curve25519_set_secret()
58 memcpy(secret, buf, CURVE25519_KEY_SIZE); in curve25519_set_secret()
67 const u8 *secret = kpp_tfm_ctx(tfm); in curve25519_compute_value() local
85 curve25519_arch(buf, secret, bp); in curve25519_compute_value()
/openbmc/linux/Documentation/ABI/testing/
H A Dsecurityfs-secrets-coco9 platforms (such as AMD SEV and SEV-ES) for secret injection by
15 secret appears as a file under <securityfs>/secrets/coco,
18 if the EFI secret area is populated.
21 Reading the file returns the content of secret entry.
22 Unlinking the file overwrites the secret data with zeroes and
23 removes the entry from the filesystem. A secret cannot be read
35 Reading the secret data by reading a file::
38 the-content-of-the-secret-data
40 Wiping a secret by unlinking a file::
51 the EFI secret area".
/openbmc/phosphor-dbus-interfaces/yaml/xyz/openbmc_project/User/
H A DTOTPAuthenticator.interface.yaml4 support multi-factor authentication secret key setup for each user. This
12 secret key for the given user and returns secret key string to share
13 secret key to user.
27 authenticator secret key for the given user and returns weather this
28 OTP is valid or not which make sure user has setup valid secret key
46 This method clears Time-based One-time Password authenticator secret
58 This property indicates whether TOTP authenticator secret key setup
66 This property indicates whether TOTP authenticator secret key setup
/openbmc/linux/Documentation/security/secrets/
H A Dcoco.rst7 This document describes how Confidential Computing secret injection is handled
18 secret injection is performed early in the VM launch process, before the
28 The guest firmware may reserve a designated memory area for secret injection,
38 Guest Owner secret data should be a GUIDed table of secret values; the binary
40 "Structure of the EFI secret area".
44 Later it checks if the secret area is populated: it maps the area and checks
46 (``1e74f542-71dd-4d66-963e-ef4287ff173b``). If the secret area is populated,
56 provides the decryption key (= secret) using the secret injection mechanism.
57 The guest application reads the secret from the efi_secret filesystem and
63 it is passed using the secret injection mechanism (= secure channel).
[all …]
/openbmc/linux/drivers/virt/coco/efi_secret/
H A DKconfig3 tristate "EFI secret area securityfs support"
8 This is a driver for accessing the EFI secret area via securityfs.
9 The EFI secret area is a memory area designated by the firmware for
10 confidential computing secret injection (for example for AMD SEV
13 a file wipes the secret from memory).
/openbmc/qemu/docs/devel/
H A Dluks-detached-header.rst102 # qemu-img create --object secret,id=sec0,data=abc123 -f luks \
103 -o cipher-alg=aes-256,cipher-mode=xts -o key-secret=sec0 \
115 -object '{"qom-type":"secret","id":"libvirt-3-format-secret", \
126 "file":"libvirt-2-format","header":"libvirt-1-format","key-secret": \
127 "libvirt-3-format-secret"}' \
134 1. object-add the secret for decrypting the cipher stored in
138 "arguments":{"qom-type":"secret", "id": \
139 "libvirt-4-format-secret", "data":"abc123"}}'
171 "key-secret":"libvirt-2-format-secret"}}'

123456