mirror of
https://github.com/xemu-project/xemu.git
synced 2024-11-24 03:59:52 +00:00
50f6753e27
New cipher algorithms 'twofish-128', 'twofish-192' and 'twofish-256' are defined for the Twofish algorithm. The gcrypt backend does not support 'twofish-192'. The nettle and gcrypt cipher backends are updated to support the new cipher and a test vector added to the cipher test suite. The new algorithm is enabled in the LUKS block encryption driver. Reviewed-by: Eric Blake <eblake@redhat.com> Reviewed-by: Fam Zheng <famz@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
111 lines
3.0 KiB
Python
111 lines
3.0 KiB
Python
# -*- Mode: Python -*-
|
|
#
|
|
# QAPI crypto definitions
|
|
|
|
##
|
|
# QCryptoTLSCredsEndpoint:
|
|
#
|
|
# The type of network endpoint that will be using the credentials.
|
|
# Most types of credential require different setup / structures
|
|
# depending on whether they will be used in a server versus a
|
|
# client.
|
|
#
|
|
# @client: the network endpoint is acting as the client
|
|
#
|
|
# @server: the network endpoint is acting as the server
|
|
#
|
|
# Since: 2.5
|
|
##
|
|
{ 'enum': 'QCryptoTLSCredsEndpoint',
|
|
'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT',
|
|
'data': ['client', 'server']}
|
|
|
|
|
|
##
|
|
# QCryptoSecretFormat:
|
|
#
|
|
# The data format that the secret is provided in
|
|
#
|
|
# @raw: raw bytes. When encoded in JSON only valid UTF-8 sequences can be used
|
|
# @base64: arbitrary base64 encoded binary data
|
|
# Since: 2.6
|
|
##
|
|
{ 'enum': 'QCryptoSecretFormat',
|
|
'prefix': 'QCRYPTO_SECRET_FORMAT',
|
|
'data': ['raw', 'base64']}
|
|
|
|
|
|
##
|
|
# QCryptoHashAlgorithm:
|
|
#
|
|
# The supported algorithms for computing content digests
|
|
#
|
|
# @md5: MD5. Should not be used in any new code, legacy compat only
|
|
# @sha1: SHA-1. Should not be used in any new code, legacy compat only
|
|
# @sha256: SHA-256. Current recommended strong hash.
|
|
# Since: 2.6
|
|
##
|
|
{ 'enum': 'QCryptoHashAlgorithm',
|
|
'prefix': 'QCRYPTO_HASH_ALG',
|
|
'data': ['md5', 'sha1', 'sha256']}
|
|
|
|
|
|
##
|
|
# QCryptoCipherAlgorithm:
|
|
#
|
|
# The supported algorithms for content encryption ciphers
|
|
#
|
|
# @aes-128: AES with 128 bit / 16 byte keys
|
|
# @aes-192: AES with 192 bit / 24 byte keys
|
|
# @aes-256: AES with 256 bit / 32 byte keys
|
|
# @des-rfb: RFB specific variant of single DES. Do not use except in VNC.
|
|
# @cast5-128: Cast5 with 128 bit / 16 byte keys
|
|
# @serpent-128: Serpent with 128 bit / 16 byte keys
|
|
# @serpent-192: Serpent with 192 bit / 24 byte keys
|
|
# @serpent-256: Serpent with 256 bit / 32 byte keys
|
|
# @twofish-128: Twofish with 128 bit / 16 byte keys
|
|
# @twofish-192: Twofish with 192 bit / 24 byte keys
|
|
# @twofish-256: Twofish with 256 bit / 32 byte keys
|
|
# Since: 2.6
|
|
##
|
|
{ 'enum': 'QCryptoCipherAlgorithm',
|
|
'prefix': 'QCRYPTO_CIPHER_ALG',
|
|
'data': ['aes-128', 'aes-192', 'aes-256',
|
|
'des-rfb',
|
|
'cast5-128',
|
|
'serpent-128', 'serpent-192', 'serpent-256',
|
|
'twofish-128', 'twofish-192', 'twofish-256']}
|
|
|
|
|
|
##
|
|
# QCryptoCipherMode:
|
|
#
|
|
# The supported modes for content encryption ciphers
|
|
#
|
|
# @ecb: Electronic Code Book
|
|
# @cbc: Cipher Block Chaining
|
|
# Since: 2.6
|
|
##
|
|
{ 'enum': 'QCryptoCipherMode',
|
|
'prefix': 'QCRYPTO_CIPHER_MODE',
|
|
'data': ['ecb', 'cbc']}
|
|
|
|
|
|
##
|
|
# QCryptoIVGenAlgorithm:
|
|
#
|
|
# The supported algorithms for generating initialization
|
|
# vectors for full disk encryption. The 'plain' generator
|
|
# should not be used for disks with sector numbers larger
|
|
# than 2^32, except where compatibility with pre-existing
|
|
# Linux dm-crypt volumes is required.
|
|
#
|
|
# @plain: 64-bit sector number truncated to 32-bits
|
|
# @plain64: 64-bit sector number
|
|
# @essiv: 64-bit sector number encrypted with a hash of the encryption key
|
|
# Since: 2.6
|
|
##
|
|
{ 'enum': 'QCryptoIVGenAlgorithm',
|
|
'prefix': 'QCRYPTO_IVGEN_ALG',
|
|
'data': ['plain', 'plain64', 'essiv']}
|