[libvirt] [PATCH v5 3/6] util: Introduce virCryptoGenerateRandom

John Ferlan jferlan at redhat.com
Thu May 19 20:29:02 UTC 2016 

Move the logic from qemuDomainGenerateRandomKey into this new
function, altering the comments, variable names, and error messages
to keep things more generic.

NB: Although perhaps more reasonable to add soemthing to virrandom.c.
    The virrandom.c was included in the setuid_rpc_client, so I chose
    placement in vircrypto.

Signed-off-by: John Ferlan <jferlan at redhat.com>
---
 src/libvirt_private.syms |  1 +
 src/qemu/qemu_domain.c   | 53 ++----------------------------------------------
 src/util/vircrypto.c     | 41 +++++++++++++++++++++++++++++++++++++
 src/util/vircrypto.h     |  2 ++
 4 files changed, 46 insertions(+), 51 deletions(-)

diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 6c02b10..fb5b419 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -1395,6 +1395,7 @@ virConfWriteMem;
 
 # util/vircrypto.h
 virCryptoEncryptData;
+virCryptoGenerateRandom;
 virCryptoHashString;
 virCryptoHaveCipher;
 
diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c
index 0cec340..f038450 100644
--- a/src/qemu/qemu_domain.c
+++ b/src/qemu/qemu_domain.c
@@ -45,15 +45,8 @@
 #include "virthreadjob.h"
 #include "viratomic.h"
 #include "virprocess.h"
-#include "virrandom.h"
+#include "vircrypto.h"
 #include "secret_util.h"
-#include "base64.h"
-#ifdef WITH_GNUTLS
-# include <gnutls/gnutls.h>
-# if HAVE_GNUTLS_CRYPTO_H
-#  include <gnutls/crypto.h>
-# endif
-#endif
 #include "logging/log_manager.h"
 #include "locking/domain_lock.h"
 
@@ -630,48 +623,6 @@ qemuDomainMasterKeyReadFile(qemuDomainObjPrivatePtr priv)
 }
 
 
-/* qemuDomainGenerateRandomKey
- * @nbytes: Size in bytes of random key to generate
- *
- * Generate a random key of nbytes length and return it.
- *
- * Since the gnutls_rnd could be missing, provide an alternate less
- * secure mechanism to at least have something.
- *
- * Returns pointer memory containing key on success, NULL on failure
- */
-static uint8_t *
-qemuDomainGenerateRandomKey(size_t nbytes)
-{
-    uint8_t *key;
-    int ret;
-
-    if (VIR_ALLOC_N(key, nbytes) < 0)
-        return NULL;
-
-#if HAVE_GNUTLS_RND
-    /* Generate a master key using gnutls_rnd() if possible */
-    if ((ret = gnutls_rnd(GNUTLS_RND_RANDOM, key, nbytes)) < 0) {
-        virReportError(VIR_ERR_INTERNAL_ERROR,
-                       _("failed to generate master key, ret=%d"), ret);
-        VIR_FREE(key);
-        return NULL;
-    }
-#else
-    /* If we don't have gnutls_rnd(), we will generate a less cryptographically
-     * strong master key from /dev/urandom.
-     */
-    if ((ret = virRandomBytes(key, nbytes)) < 0) {
-        virReportSystemError(ret, "%s", _("failed to generate master key"));
-        VIR_FREE(key);
-        return NULL;
-    }
-#endif
-
-    return key;
-}
-
-
 /* qemuDomainMasterKeyRemove:
  * @priv: Pointer to the domain private object
  *
@@ -718,7 +669,7 @@ qemuDomainMasterKeyCreate(virDomainObjPtr vm)
         return 0;
 
     if (!(priv->masterKey =
-          qemuDomainGenerateRandomKey(QEMU_DOMAIN_MASTER_KEY_LEN)))
+          virCryptoGenerateRandom(QEMU_DOMAIN_MASTER_KEY_LEN)))
         return -1;
 
     priv->masterKeyLen = QEMU_DOMAIN_MASTER_KEY_LEN;
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index b8f5554..a2132bf 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -266,3 +266,44 @@ virCryptoEncryptData(virCryptoCipher algorithm,
                    _("algorithm=%d is not supported"), algorithm);
     return -1;
 }
+
+/* virCryptoGenerateRandom:
+ * @nbytes: Size in bytes of random byte stream to generate
+ *
+ * Generate a random stream of nbytes length and return it.
+ *
+ * Since the gnutls_rnd could be missing, provide an alternate less
+ * secure mechanism to at least have something.
+ *
+ * Returns pointer memory containing byte stream on success, NULL on failure
+ */
+uint8_t *
+virCryptoGenerateRandom(size_t nbytes)
+{
+    uint8_t *buf;
+    int ret;
+
+    if (VIR_ALLOC_N(buf, nbytes) < 0)
+        return NULL;
+
+#if HAVE_GNUTLS_RND
+    /* Generate the byte stream using gnutls_rnd() if possible */
+    if ((ret = gnutls_rnd(GNUTLS_RND_RANDOM, buf, nbytes)) < 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("failed to generate byte stream, ret=%d"), ret);
+        VIR_FREE(buf);
+        return NULL;
+    }
+#else
+    /* If we don't have gnutls_rnd(), we will generate a less cryptographically
+     * strong master buf from /dev/urandom.
+     */
+    if ((ret = virRandomBytes(buf, nbytes)) < 0) {
+        virReportSystemError(ret, "%s", _("failed to generate byte stream"));
+        VIR_FREE(buf);
+        return NULL;
+    }
+#endif
+
+    return buf;
+}
diff --git a/src/util/vircrypto.h b/src/util/vircrypto.h
index f0ec07b..1270414 100644
--- a/src/util/vircrypto.h
+++ b/src/util/vircrypto.h
@@ -55,4 +55,6 @@ int virCryptoEncryptData(virCryptoCipher algorithm,
     ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6)
     ATTRIBUTE_NONNULL(8) ATTRIBUTE_RETURN_CHECK;
 
+uint8_t *virCryptoGenerateRandom(size_t nbytes);
+
 #endif /* __VIR_CRYPTO_H__ */
-- 
2.5.5

More information about the libvir-list mailing list