Adds `virCryptoDecryptDataAESgnutls` and `virCryptoDecryptData`
as wrapper functions for GnuTLS decryption.
These functions are the inverse of the existing GnuTLS encryption wrappers.
This commit also includes a corresponding test case to validate data decryption.
Signed-off-by: Arun Menon <armenon@redhat.com>
---
src/libvirt_private.syms | 1 +
src/util/vircrypto.c | 126 ++++++++++++++++++++++++++++++++++++++-
src/util/vircrypto.h | 8 +++
tests/vircryptotest.c | 65 ++++++++++++++++++++
4 files changed, 199 insertions(+), 1 deletion(-)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 4e57e4a8f6..63a1ae4c70 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2254,6 +2254,7 @@ virConfWriteMem;
# util/vircrypto.h
+virCryptoDecryptData;
virCryptoEncryptData;
virCryptoHashBuf;
virCryptoHashString;
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index 3ce23264ca..00f723bb75 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -98,7 +98,7 @@ virCryptoHashString(virCryptoHash hash,
}
-/* virCryptoEncryptDataAESgntuls:
+/* virCryptoEncryptDataAESgnutls:
*
* Performs the AES gnutls encryption
*
@@ -233,3 +233,127 @@ virCryptoEncryptData(virCryptoCipher algorithm,
_("algorithm=%1$d is not supported"), algorithm);
return -1;
}
+
+/* virCryptoDecryptDataAESgnutls:
+ *
+ * Performs the AES gnutls decryption
+ *
+ * Same input as virCryptoDecryptData, except the algorithm is replaced
+ * by the specific gnutls algorithm.
+ *
+ * Decrypts the @data buffer using the @deckey and if available the @iv
+ *
+ * Returns 0 on success with the plaintext being filled. It is the
+ * caller's responsibility to clear and free it. Returns -1 on failure
+ * w/ error set.
+ */
+static int
+virCryptoDecryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_dec_alg,
+ uint8_t *deckey,
+ size_t deckeylen,
+ uint8_t *iv,
+ size_t ivlen,
+ uint8_t *data,
+ size_t datalen,
+ uint8_t **plaintextret,
+ size_t *plaintextlenret)
+{
+ int rc;
+ uint8_t padding_length;
+ gnutls_cipher_hd_t handle = NULL;
+ gnutls_datum_t dec_key = { .data = deckey, .size = deckeylen };
+ gnutls_datum_t iv_buf = { .data = iv, .size = ivlen };
+ g_autofree uint8_t *plaintext = NULL;
+ size_t plaintextlen;
+
+ if ((rc = gnutls_cipher_init(&handle, gnutls_dec_alg,
+ &dec_key, &iv_buf)) < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("failed to initialize cipher: '%1$s'"),
+ gnutls_strerror(rc));
+ return -1;
+ }
+
+ plaintext = g_memdup2(data, datalen);
+ plaintextlen = datalen;
+ if (plaintextlen == 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
+ _("decrypted data has zero length"));
+ goto error;
+ }
+ rc = gnutls_cipher_decrypt(handle, plaintext, plaintextlen);
+ gnutls_cipher_deinit(handle);
+ if (rc < 0) {
+ virReportError(VIR_ERR_INTERNAL_ERROR,
+ _("failed to decrypt the data: '%1$s'"),
+ gnutls_strerror(rc));
+ goto error;
+ }
+ /* Before encryption, padding is added to the data.
+ * The last byte indicates the padding length, because in PKCS#7, all
+ * padding bytes are set to the padding length value.
+ */
+ padding_length = plaintext[plaintextlen - 1];
+ if (padding_length > plaintextlen) {
+ virReportError(VIR_ERR_INVALID_SECRET, "%s",
+ _("decrypted data has invalid padding"));
+ goto error;
+ }
+ *plaintextlenret = plaintextlen - padding_length;
+ *plaintextret = g_steal_pointer(&plaintext);
+ return 0;
+ error:
+ virSecureErase(plaintext, plaintextlen);
+ return -1;
+}
+
+/* virCryptoDecryptData:
+ * @algorithm: algorithm desired for decryption
+ * @deckey: decryption key
+ * @deckeylen: decryption key length
+ * @iv: initialization vector
+ * @ivlen: length of initialization vector
+ * @data: data to decrypt
+ * @datalen: length of data
+ * @plaintext: stream of bytes allocated to store plaintext
+ * @plaintextlen: size of the stream of bytes
+ * Returns 0 on success, -1 on failure with error set
+ */
+int
+virCryptoDecryptData(virCryptoCipher algorithm,
+ uint8_t *deckey,
+ size_t deckeylen,
+ uint8_t *iv,
+ size_t ivlen,
+ uint8_t *data,
+ size_t datalen,
+ uint8_t **plaintext,
+ size_t *plaintextlen)
+{
+ switch (algorithm) {
+ case VIR_CRYPTO_CIPHER_AES256CBC:
+ if (deckeylen != 32) {
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("AES256CBC decryption invalid keylen=%1$zu"),
+ deckeylen);
+ return -1;
+ }
+ if (ivlen != 16) {
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("AES256CBC initialization vector invalid len=%1$zu"),
+ ivlen);
+ return -1;
+ }
+ return virCryptoDecryptDataAESgnutls(GNUTLS_CIPHER_AES_256_CBC,
+ deckey, deckeylen, iv, ivlen,
+ data, datalen,
+ plaintext, plaintextlen);
+ case VIR_CRYPTO_CIPHER_NONE:
+ case VIR_CRYPTO_CIPHER_LAST:
+ break;
+ }
+
+ virReportError(VIR_ERR_INVALID_ARG,
+ _("algorithm=%1$d is not supported"), algorithm);
+ return -1;
+}
diff --git a/src/util/vircrypto.h b/src/util/vircrypto.h
index 5f079ac335..2e8557839d 100644
--- a/src/util/vircrypto.h
+++ b/src/util/vircrypto.h
@@ -61,3 +61,11 @@ int virCryptoEncryptData(virCryptoCipher algorithm,
uint8_t **ciphertext, size_t *ciphertextlen)
ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6)
ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(9) G_GNUC_WARN_UNUSED_RESULT;
+
+int virCryptoDecryptData(virCryptoCipher algorithm,
+ uint8_t *deckey, size_t deckeylen,
+ uint8_t *iv, size_t ivlen,
+ uint8_t *data, size_t datalen,
+ uint8_t **plaintext, size_t *plaintextlen)
+ ATTRIBUTE_NONNULL(2) ATTRIBUTE_NONNULL(6)
+ ATTRIBUTE_NONNULL(8) ATTRIBUTE_NONNULL(9) G_GNUC_WARN_UNUSED_RESULT;
diff --git a/tests/vircryptotest.c b/tests/vircryptotest.c
index 9ffe70756e..864fa8838d 100644
--- a/tests/vircryptotest.c
+++ b/tests/vircryptotest.c
@@ -62,6 +62,14 @@ struct testCryptoEncryptData {
size_t ciphertextlen;
};
+struct testCryptoDecryptData {
+ virCryptoCipher algorithm;
+ uint8_t *input;
+ size_t inputlen;
+ uint8_t *plaintext;
+ size_t plaintextlen;
+};
+
static int
testCryptoEncrypt(const void *opaque)
{
@@ -101,6 +109,44 @@ testCryptoEncrypt(const void *opaque)
return 0;
}
+static int
+testCryptoDecrypt(const void *opaque)
+{
+ const struct testCryptoDecryptData *data = opaque;
+ g_autofree uint8_t *deckey = NULL;
+ size_t deckeylen = 32;
+ g_autofree uint8_t *iv = NULL;
+ size_t ivlen = 16;
+ g_autofree uint8_t *plaintext = NULL;
+ size_t plaintextlen = 0;
+
+ deckey = g_new0(uint8_t, deckeylen);
+ iv = g_new0(uint8_t, ivlen);
+
+ if (virRandomBytes(deckey, deckeylen) < 0 ||
+ virRandomBytes(iv, ivlen) < 0) {
+ fprintf(stderr, "Failed to generate random bytes\n");
+ return -1;
+ }
+
+ if (virCryptoDecryptData(data->algorithm, deckey, deckeylen, iv, ivlen,
+ data->input, data->inputlen,
+ &plaintext, &plaintextlen) < 0)
+ return -1;
+
+ if (data->plaintextlen != plaintextlen) {
+ fprintf(stderr, "Expected plaintexlen(%zu) doesn't match (%zu)\n",
+ data->plaintextlen, plaintextlen);
+ return -1;
+ }
+
+ if (memcmp(data->plaintext, plaintext, plaintextlen)) {
+ fprintf(stderr, "Expected plaintext doesn't match\n");
+ return -1;
+ }
+
+ return 0;
+}
static int
mymain(void)
@@ -155,7 +201,26 @@ mymain(void)
#undef VIR_CRYPTO_ENCRYPT
+#define VIR_CRYPTO_DECRYPT(a, n, i, il, c, cl) \
+ do { \
+ struct testCryptoDecryptData data = { \
+ .algorithm = a, \
+ .input = i, \
+ .inputlen = il, \
+ .plaintext = c, \
+ .plaintextlen = cl, \
+ }; \
+ if (virTestRun("Decrypt " n, testCryptoDecrypt, &data) < 0) \
+ ret = -1; \
+ } while (0)
+
+ VIR_CRYPTO_DECRYPT(VIR_CRYPTO_CIPHER_AES256CBC, "aes256cbc",
+ expected_ciphertext, 16, secretdata, 7);
+
+#undef VIR_CRYPTO_DECRYPT
+
return ret == 0 ? EXIT_SUCCESS : EXIT_FAILURE;
+
}
/* Forces usage of not so random virRandomBytes */
--
2.51.1On Thu, Nov 27, 2025 at 12:52:28 +0530, Arun Menon via Devel wrote: > Adds `virCryptoDecryptDataAESgnutls` and `virCryptoDecryptData` > as wrapper functions for GnuTLS decryption. > > These functions are the inverse of the existing GnuTLS encryption wrappers. > This commit also includes a corresponding test case to validate data decryption. > > Signed-off-by: Arun Menon <armenon@redhat.com> > --- > src/libvirt_private.syms | 1 + > src/util/vircrypto.c | 126 ++++++++++++++++++++++++++++++++++++++- > src/util/vircrypto.h | 8 +++ > tests/vircryptotest.c | 65 ++++++++++++++++++++ > 4 files changed, 199 insertions(+), 1 deletion(-) Reviewed-by: Peter Krempa <pkrempa@redhat.com>
© 2016 - 2025 Red Hat, Inc.