From patchwork Mon Apr 24 17:51:49 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Geert Martin Ijewski <gm.ijewski@web.de>
X-Patchwork-Id: 9696833
Return-Path: 
 <qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	D26C7603F3 for <patchwork-qemu-devel@patchwork.kernel.org>;
	Mon, 24 Apr 2017 17:52:50 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id CA1E728404
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Mon, 24 Apr 2017 17:52:50 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id BEE3328408; Mon, 24 Apr 2017 17:52:50 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-6.9 required=2.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_HI autolearn=ham version=3.3.1
Received: from lists.gnu.org (lists.gnu.org [208.118.235.17])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id D7EDA2867E
	for <patchwork-qemu-devel@patchwork.kernel.org>;
	Mon, 24 Apr 2017 17:52:43 +0000 (UTC)
Received: from localhost ([::1]:45295 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71) (envelope-from
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>)
	id 1d2iAE-0005bI-Fl for patchwork-qemu-devel@patchwork.kernel.org;
	Mon, 24 Apr 2017 13:52:42 -0400
Received: from eggs.gnu.org ([2001:4830:134:3::10]:57310)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <gm.ijewski@web.de>) id 1d2i9a-0005bA-7d
	for qemu-devel@nongnu.org; Mon, 24 Apr 2017 13:52:03 -0400
Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <gm.ijewski@web.de>) id 1d2i9W-0003VT-8a
	for qemu-devel@nongnu.org; Mon, 24 Apr 2017 13:52:02 -0400
Received: from mout.web.de ([212.227.15.3]:55515)
	by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <gm.ijewski@web.de>) id 1d2i9V-0003Tl-SO
	for qemu-devel@nongnu.org; Mon, 24 Apr 2017 13:51:58 -0400
Received: from [192.168.2.125] ([217.94.5.243]) by smtp.web.de (mrweb001
	[213.165.67.108]) with ESMTPSA (Nemesis) id 0Lc8rF-1cJznN2SDV-00jcvO;
	Mon, 24 Apr 2017 19:51:48 +0200
To: qemu-devel@nongnu.org, Peter Maydell <peter.maydell@linaro.org>,
	"Daniel P. Berrange" <berrange@redhat.com>
From: Geert Martin Ijewski <gm.ijewski@web.de>
Message-ID: <faa27752-45a9-e6f3-d6fc-cad8254c4f31@web.de>
Date: Mon, 24 Apr 2017 19:51:49 +0200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101
	Thunderbird/45.8.0
MIME-Version: 1.0
X-Provags-ID: V03:K0:yPQEMK37QjoLxE6qGWFDGOph6RpsiWWTfg2h2Ss44QZFNWZfvTx
	KRhnET1OOBeRHhIs8R3AOAZagcV+tGnVGuxFJxvBzdsO5+eQWk+KBhgGTBIQQpflHIXwE7k
	MZTmU9897z0U5dyjqRmbSncx4/GKU9SAQPQKvjt/B4mHlEjEft39QAR5je32Dlp2g8j8jy7
	pZG9Tg+SlzdVRDzFjU+yw==
X-UI-Out-Filterresults: notjunk:1; V01:K0:DAmjwJoPYcs=:/g8xcEzh8WtVSqfvU3Ylki
	ujawEOOqhOZVlEaRpqrgVJLeoe9NGDU75DktuNo7qiAsiI3UWd29PPJVF3wQDcuLd1rsJNC0K
	v7AJlvgASj2V7C+1lCmsZM26JP4RmC0zdwwtJzN1cyywP9wlC8JIIAN042aepUeI7D93/1wIf
	7EWfeiQ146MdXN3xAcEdcJopoz4w/b9UnzSMA9QW+jd7Ha3DL4172ipWPabu3zElSPQegrZXc
	LCzaYTgWzju8/shyfW5xzZ05coui/0uqxtjwiRL6B7y73ZWedHkpnc/mHJYDdofPtUWFuWN+v
	kaKHhjL2VeJaLfpB4Z40e06wMjb64t7Ye2XhWoWqm1ZsPL7zFLUoHy+QOjwzUQdLExux3mqN4
	0v/XQuzfgW89NQ6J7qeuxba8Dnjg8jSuXuSVdNujcqK7c2mkpIoGx7sR+DzTcVp8NIWfJj4cz
	7umczVE8Zb/DShOM54dkQLW6lA2m3Kuqr/y35jAOtJLrLeH4XClGOJ/gqwWYwP1+uc3hj2ztw
	uRWUj98+B8QK9z0BazRq1/PMUm5soMe+6OeKHAYtBrrLOkHm4X5qrcOOgZDasOnV9F9ForRgT
	PG/ugW61UWLMfMmu8Xd93P6OvFLsH1kQsIR3dKW+w+NOcMu1Mt+4pSJl9t9dDb/0Y8dF9+j8C
	0hgXwm32PH4DlSvxUiy8yxc2KKe8wf8CPpidYZM2BoF9rF6kSHEucUV4uuT1M0CXewUimoT1Z
	SjpmuKDVDY4UFUanJ963Fam+CBLMjaPaFpGhuK2KpjMgRDHhMG21heGgaaJElJR6oLIOcxC9z
	cMDiJjD
X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic]
	[fuzzy]
X-Received-From: 212.227.15.3
Subject: [Qemu-devel] [PATCH v2] crypto_gen_random() now also works on
	windows
X-BeenThere: qemu-devel@nongnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: <qemu-devel.nongnu.org>
List-Unsubscribe: <https://lists.nongnu.org/mailman/options/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.nongnu.org/archive/html/qemu-devel/>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <https://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
Errors-To: 
 qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org
Sender: "Qemu-devel"
	<qemu-devel-bounces+patchwork-qemu-devel=patchwork.kernel.org@nongnu.org>
X-Virus-Scanned: ClamAV using ClamSMTP

If no crypto library is included in the build QEMU uses 
qcrypto_random_bytes() to generate random data. That function tried to 
open /dev/urandom or /dev/random and if openeing neither file worked it 
errored out.

Those files obviously do not exist on windows, so there the code now 
uses CryptGenRandom().

Furthermore there was some refactoring and a new function 
qcrypto_random_init() was introduced, that initalizes (platform 
specific) handles that are used by qcrypto_random_bytes().

Signed-off-by: Geert Martin Ijewski <gm.ijewski@web.de>
---
  crypto/init.c            |  6 ++++++
  crypto/random-platform.c | 45 
+++++++++++++++++++++++++++++++++++++--------
  include/crypto/random.h  |  9 +++++++++
  3 files changed, 52 insertions(+), 8 deletions(-)

diff --git a/crypto/init.c b/crypto/init.c
index f65207e..f131c42
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -32,6 +32,8 @@
  #include <gcrypt.h>
  #endif

+#include "crypto/random.h"
+
  /* #define DEBUG_GNUTLS */

  /*
@@ -146,5 +148,9 @@ int qcrypto_init(Error **errp)
      gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
  #endif

+    if (qcrypto_random_init(errp) < 0) {
+        return -1;
+    }
+
      return 0;
  }
diff --git a/crypto/random-platform.c b/crypto/random-platform.c
index 82b755a..49d7f80
@@ -22,14 +22,23 @@

  #include "crypto/random.h"

-int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
-                         size_t buflen G_GNUC_UNUSED,
-                         Error **errp)
-{
-    int fd;
-    int ret = -1;
-    int got;
+#ifdef _WIN32
+#include <Wincrypt.h>
+HCRYPTPROV hCryptProv;
+#else
+int fd; /* a file handle to either /dev/urandom or /dev/random */
+#endif

+int qcrypto_random_init(Error **errp)
+{
+#ifdef _WIN32
+    if (!CryptAcquireContext(&hCryptProv, NULL, NULL, PROV_RSA_FULL,
+                             CRYPT_SILENT | CRYPT_VERIFYCONTEXT)) {
+        error_setg_errno(errp, GetLastError(),
+                         "Unable to create cryptographic provider");
+        return -1;
+    }
+#else
      /* TBD perhaps also add support for BSD getentropy / Linux
       * getrandom syscalls directly */
      fd = open("/dev/urandom", O_RDONLY);
@@ -41,6 +50,18 @@ int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
          error_setg(errp, "No /dev/urandom or /dev/random found");
          return -1;
      }
+#endif
+
+    return 0;
+}
+
+int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,
+                         size_t buflen G_GNUC_UNUSED,
+                         Error **errp)
+{
+#ifndef _WIN32
+    int ret = -1;
+    int got;

      while (buflen > 0) {
          got = read(fd, buf, buflen);
@@ -59,6 +80,14 @@ int qcrypto_random_bytes(uint8_t *buf G_GNUC_UNUSED,

      ret = 0;
   cleanup:
-    close(fd);
      return ret;
+#else
+    if (!CryptGenRandom(hCryptProv, buflen, buf)) {
+        error_setg_errno(errp, GetLastError(),
+                         "Unable to read random bytes");
+        return -1;
+    }
+
+    return 0;
+#endif
  }
diff --git a/include/crypto/random.h b/include/crypto/random.h
index a101353..82a3209
--- a/include/crypto/random.h
+++ b/include/crypto/random.h
@@ -40,5 +40,14 @@ int qcrypto_random_bytes(uint8_t *buf,
                           size_t buflen,
                           Error **errp);

+/**
+ * qcrypto_random_init:
+ * @errp: pointer to a NULL-initialized error object
+ *
+ * Initalizes the handles used by qcrypto_random_bytes
+ *
+ * Returns 0 on success, -1 on error
+ */
+int qcrypto_random_init(Error **errp);

  #endif /* QCRYPTO_RANDOM_H */