1# -*- Mode: Python -*- 2# 3# QAPI crypto definitions 4 5## 6# QCryptoTLSCredsEndpoint: 7# 8# The type of network endpoint that will be using the credentials. 9# Most types of credential require different setup / structures 10# depending on whether they will be used in a server versus a 11# client. 12# 13# @client: the network endpoint is acting as the client 14# 15# @server: the network endpoint is acting as the server 16# 17# Since: 2.5 18## 19{ 'enum': 'QCryptoTLSCredsEndpoint', 20 'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT', 21 'data': ['client', 'server']} 22 23 24## 25# QCryptoSecretFormat: 26# 27# The data format that the secret is provided in 28# 29# @raw: raw bytes. When encoded in JSON only valid UTF-8 sequences can be used 30# @base64: arbitrary base64 encoded binary data 31# Since: 2.6 32## 33{ 'enum': 'QCryptoSecretFormat', 34 'prefix': 'QCRYPTO_SECRET_FORMAT', 35 'data': ['raw', 'base64']} 36 37 38## 39# QCryptoHashAlgorithm: 40# 41# The supported algorithms for computing content digests 42# 43# @md5: MD5. Should not be used in any new code, legacy compat only 44# @sha1: SHA-1. Should not be used in any new code, legacy compat only 45# @sha256: SHA-256. Current recommended strong hash. 46# Since: 2.6 47## 48{ 'enum': 'QCryptoHashAlgorithm', 49 'prefix': 'QCRYPTO_HASH_ALG', 50 'data': ['md5', 'sha1', 'sha256']} 51 52 53## 54# QCryptoCipherAlgorithm: 55# 56# The supported algorithms for content encryption ciphers 57# 58# @aes-128: AES with 128 bit / 16 byte keys 59# @aes-192: AES with 192 bit / 24 byte keys 60# @aes-256: AES with 256 bit / 32 byte keys 61# @des-rfb: RFB specific variant of single DES. Do not use except in VNC. 62# @cast5-128: Cast5 with 128 bit / 16 byte keys 63# @serpent-128: Serpent with 128 bit / 16 byte keys 64# @serpent-192: Serpent with 192 bit / 24 byte keys 65# @serpent-256: Serpent with 256 bit / 32 byte keys 66# Since: 2.6 67## 68{ 'enum': 'QCryptoCipherAlgorithm', 69 'prefix': 'QCRYPTO_CIPHER_ALG', 70 'data': ['aes-128', 'aes-192', 'aes-256', 71 'des-rfb', 72 'cast5-128', 73 'serpent-128', 'serpent-192', 'serpent-256']} 74 75 76## 77# QCryptoCipherMode: 78# 79# The supported modes for content encryption ciphers 80# 81# @ecb: Electronic Code Book 82# @cbc: Cipher Block Chaining 83# Since: 2.6 84## 85{ 'enum': 'QCryptoCipherMode', 86 'prefix': 'QCRYPTO_CIPHER_MODE', 87 'data': ['ecb', 'cbc']} 88 89 90## 91# QCryptoIVGenAlgorithm: 92# 93# The supported algorithms for generating initialization 94# vectors for full disk encryption. The 'plain' generator 95# should not be used for disks with sector numbers larger 96# than 2^32, except where compatibility with pre-existing 97# Linux dm-crypt volumes is required. 98# 99# @plain: 64-bit sector number truncated to 32-bits 100# @plain64: 64-bit sector number 101# @essiv: 64-bit sector number encrypted with a hash of the encryption key 102# Since: 2.6 103## 104{ 'enum': 'QCryptoIVGenAlgorithm', 105 'prefix': 'QCRYPTO_IVGEN_ALG', 106 'data': ['plain', 'plain64', 'essiv']} 107