]>
Commit | Line | Data |
---|---|---|
a090187d DB |
1 | # -*- Mode: Python -*- |
2 | # | |
3 | # QAPI crypto definitions | |
4 | ||
5 | ## | |
6 | # QCryptoTLSCredsEndpoint: | |
7 | # | |
8 | # The type of network endpoint that will be using the credentials. | |
9 | # Most types of credential require different setup / structures | |
10 | # depending on whether they will be used in a server versus a | |
11 | # client. | |
12 | # | |
13 | # @client: the network endpoint is acting as the client | |
14 | # | |
15 | # @server: the network endpoint is acting as the server | |
16 | # | |
17 | # Since: 2.5 | |
18 | ## | |
19 | { 'enum': 'QCryptoTLSCredsEndpoint', | |
20 | 'prefix': 'QCRYPTO_TLS_CREDS_ENDPOINT', | |
21 | 'data': ['client', 'server']} | |
ac1d8878 DB |
22 | |
23 | ||
24 | ## | |
25 | # QCryptoSecretFormat: | |
26 | # | |
27 | # The data format that the secret is provided in | |
28 | # | |
29 | # @raw: raw bytes. When encoded in JSON only valid UTF-8 sequences can be used | |
30 | # @base64: arbitrary base64 encoded binary data | |
31 | # Since: 2.6 | |
32 | ## | |
33 | { 'enum': 'QCryptoSecretFormat', | |
34 | 'prefix': 'QCRYPTO_SECRET_FORMAT', | |
35 | 'data': ['raw', 'base64']} | |
d84b79d3 DB |
36 | |
37 | ||
38 | ## | |
39 | # QCryptoHashAlgorithm: | |
40 | # | |
41 | # The supported algorithms for computing content digests | |
42 | # | |
43 | # @md5: MD5. Should not be used in any new code, legacy compat only | |
44 | # @sha1: SHA-1. Should not be used in any new code, legacy compat only | |
45 | # @sha256: SHA-256. Current recommended strong hash. | |
46 | # Since: 2.6 | |
47 | ## | |
48 | { 'enum': 'QCryptoHashAlgorithm', | |
49 | 'prefix': 'QCRYPTO_HASH_ALG', | |
50 | 'data': ['md5', 'sha1', 'sha256']} | |
d8c02bcc DB |
51 | |
52 | ||
53 | ## | |
54 | # QCryptoCipherAlgorithm: | |
55 | # | |
56 | # The supported algorithms for content encryption ciphers | |
57 | # | |
58 | # @aes-128: AES with 128 bit / 16 byte keys | |
59 | # @aes-192: AES with 192 bit / 24 byte keys | |
60 | # @aes-256: AES with 256 bit / 32 byte keys | |
61 | # @des-rfb: RFB specific variant of single DES. Do not use except in VNC. | |
084a85ee | 62 | # @cast5-128: Cast5 with 128 bit / 16 byte keys |
94318522 DB |
63 | # @serpent-128: Serpent with 128 bit / 16 byte keys |
64 | # @serpent-192: Serpent with 192 bit / 24 byte keys | |
65 | # @serpent-256: Serpent with 256 bit / 32 byte keys | |
d8c02bcc DB |
66 | # Since: 2.6 |
67 | ## | |
68 | { 'enum': 'QCryptoCipherAlgorithm', | |
69 | 'prefix': 'QCRYPTO_CIPHER_ALG', | |
084a85ee DB |
70 | 'data': ['aes-128', 'aes-192', 'aes-256', |
71 | 'des-rfb', | |
94318522 DB |
72 | 'cast5-128', |
73 | 'serpent-128', 'serpent-192', 'serpent-256']} | |
d8c02bcc DB |
74 | |
75 | ||
76 | ## | |
77 | # QCryptoCipherMode: | |
78 | # | |
79 | # The supported modes for content encryption ciphers | |
80 | # | |
81 | # @ecb: Electronic Code Book | |
82 | # @cbc: Cipher Block Chaining | |
83 | # Since: 2.6 | |
84 | ## | |
85 | { 'enum': 'QCryptoCipherMode', | |
86 | 'prefix': 'QCRYPTO_CIPHER_MODE', | |
87 | 'data': ['ecb', 'cbc']} | |
cb730894 DB |
88 | |
89 | ||
90 | ## | |
91 | # QCryptoIVGenAlgorithm: | |
92 | # | |
93 | # The supported algorithms for generating initialization | |
94 | # vectors for full disk encryption. The 'plain' generator | |
95 | # should not be used for disks with sector numbers larger | |
96 | # than 2^32, except where compatibility with pre-existing | |
97 | # Linux dm-crypt volumes is required. | |
98 | # | |
99 | # @plain: 64-bit sector number truncated to 32-bits | |
100 | # @plain64: 64-bit sector number | |
101 | # @essiv: 64-bit sector number encrypted with a hash of the encryption key | |
102 | # Since: 2.6 | |
103 | ## | |
104 | { 'enum': 'QCryptoIVGenAlgorithm', | |
105 | 'prefix': 'QCRYPTO_IVGEN_ALG', | |
106 | 'data': ['plain', 'plain64', 'essiv']} |