block: expose crypto option names / defs to other drivers

The block/crypto.c defines a set of QemuOpts that provide parameters for encryption. This will also be needed by the qcow/qcow2 integration, so expose the relevant pieces in a new block/crypto.h header. Some helper methods taking QemuOpts are changed to take QDict to simplify usage in other places. Reviewed-by: Max Reitz <mreitz@redhat.com> Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Alberto Garcia <berto@igalia.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com> Message-id: 20170623162419.26068-2-berrange@redhat.com Signed-off-by: Max Reitz <mreitz@redhat.com>
author: Daniel P. Berrange <berrange@redhat.com> 2017-06-23 17:24:00 +0100
committer: Max Reitz <mreitz@redhat.com> 2017-07-11 17:44:55 +0200
commit: 306a06e5f766acaf26b71397a5692c65b65a61c7 (patch)
tree: 385cb67aa1ad2bbb6396ef84911251798d2621b1 /block/crypto.h
parent: 29741be341d50e4311e42ca3199f9b0bcfd4f5d2 (diff)
download: qemu-306a06e5f766acaf26b71397a5692c65b65a61c7.tar.gz
1 files changed, 91 insertions, 0 deletions
diff --git a/block/crypto.h b/block/crypto.h
new file mode 100644
index 0000000000..c0e9b549aa
--- /dev/null
+++ b/block/crypto.h
@@ -0,0 +1,91 @@
+/*
+ * QEMU block full disk encryption
+ *
+ * Copyright (c) 2015-2017 Red Hat, Inc.
+ *
+ * This library is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 2 of the License, or (at your option) any later version.
+ *
+ * This library is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public
+ * License along with this library; if not, see <http://www.gnu.org/licenses/>.
+ *
+ */
+
+#ifndef BLOCK_CRYPTO_H__
+#define BLOCK_CRYPTO_H__
+
+#define BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET "key-secret"
+#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG "cipher-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE "cipher-mode"
+#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG "ivgen-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG "ivgen-hash-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_HASH_ALG "hash-alg"
+#define BLOCK_CRYPTO_OPT_LUKS_ITER_TIME "iter-time"
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_KEY_SECRET                            \
+    {                                                                   \
+        .name = BLOCK_CRYPTO_OPT_LUKS_KEY_SECRET,                       \
+        .type = QEMU_OPT_STRING,                                        \
+        .help = "ID of the secret that provides the keyslot passphrase", \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_ALG               \
+    {                                                      \
+        .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_ALG,          \
+        .type = QEMU_OPT_STRING,                           \
+        .help = "Name of encryption cipher algorithm",     \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_CIPHER_MODE         \
+    {                                                 \
+        .name = BLOCK_CRYPTO_OPT_LUKS_CIPHER_MODE,    \
+        .type = QEMU_OPT_STRING,                      \
+        .help = "Name of encryption cipher mode",     \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_ALG           \
+    {                                                 \
+        .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_ALG,      \
+        .type = QEMU_OPT_STRING,                      \
+        .help = "Name of IV generator algorithm",     \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_IVGEN_HASH_ALG                \
+    {                                                           \
+        .name = BLOCK_CRYPTO_OPT_LUKS_IVGEN_HASH_ALG,           \
+        .type = QEMU_OPT_STRING,                                \
+        .help = "Name of IV generator hash algorithm",          \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_HASH_ALG               \
+    {                                                    \
+        .name = BLOCK_CRYPTO_OPT_LUKS_HASH_ALG,          \
+        .type = QEMU_OPT_STRING,                         \
+        .help = "Name of encryption hash algorithm",     \
+    }
+
+#define BLOCK_CRYPTO_OPT_DEF_LUKS_ITER_TIME                   \
+    {                                                         \
+        .name = BLOCK_CRYPTO_OPT_LUKS_ITER_TIME,              \
+        .type = QEMU_OPT_NUMBER,                              \
+        .help = "Time to spend in PBKDF in milliseconds",     \
+    }
+
+QCryptoBlockCreateOptions *
+block_crypto_create_opts_init(QCryptoBlockFormat format,
+                              QDict *opts,
+                              Error **errp);
+
+QCryptoBlockOpenOptions *
+block_crypto_open_opts_init(QCryptoBlockFormat format,
+                            QDict *opts,
+                            Error **errp);
+
+#endif /* BLOCK_CRYPTO_H__ */
author	Daniel P. Berrange <berrange@redhat.com>	2017-06-23 17:24:00 +0100
committer	Max Reitz <mreitz@redhat.com>	2017-07-11 17:44:55 +0200
commit	306a06e5f766acaf26b71397a5692c65b65a61c7 (patch)
tree	385cb67aa1ad2bbb6396ef84911251798d2621b1 /block/crypto.h
parent	29741be341d50e4311e42ca3199f9b0bcfd4f5d2 (diff)
download	qemu-306a06e5f766acaf26b71397a5692c65b65a61c7.tar.gz