From: "Daniel P. Berrangé" <berrange@redhat.com>
To: qemu-devel@nongnu.org
Cc: "Daniel P. Berrangé" <berrange@redhat.com>,
"Fabiano Rosas" <farosas@suse.de>,
"Paolo Bonzini" <pbonzini@redhat.com>,
"Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Marc-André Lureau" <marcandre.lureau@redhat.com>,
devel@lists.libvirt.org, "Laurent Vivier" <lvivier@redhat.com>
Subject: [PULL 27/32] crypto: deprecate use of external dh-params.pem file
Date: Mon, 3 Nov 2025 13:37:21 +0000 [thread overview]
Message-ID: <20251103133727.423041-28-berrange@redhat.com> (raw)
In-Reply-To: <20251103133727.423041-1-berrange@redhat.com>
GNUTLS has deprecated use of externally provided diffie-hellman
parameters. Since 3.6.0 it will automatically negotiate DH params
in accordance with RFC7919.
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/tlscreds.c | 24 ++++++++----------------
crypto/tlscredsanon.c | 6 ++++--
crypto/tlscredspsk.c | 6 ++++--
crypto/tlscredsx509.c | 4 +++-
docs/about/deprecated.rst | 9 +++++++++
docs/system/tls.rst | 12 +++++++-----
6 files changed, 35 insertions(+), 26 deletions(-)
diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
index 9912e3ffbf..3d25efe425 100644
--- a/crypto/tlscreds.c
+++ b/crypto/tlscreds.c
@@ -22,6 +22,7 @@
#include "qapi/error.h"
#include "qapi-types-crypto.h"
#include "qemu/module.h"
+#include "qemu/error-report.h"
#include "tlscredspriv.h"
#include "trace.h"
@@ -38,22 +39,7 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds,
trace_qcrypto_tls_creds_load_dh(creds, filename ? filename : "<generated>");
- if (filename == NULL) {
- ret = gnutls_dh_params_init(dh_params);
- if (ret < 0) {
- error_setg(errp, "Unable to initialize DH parameters: %s",
- gnutls_strerror(ret));
- return -1;
- }
- ret = gnutls_dh_params_generate2(*dh_params, DH_BITS);
- if (ret < 0) {
- gnutls_dh_params_deinit(*dh_params);
- *dh_params = NULL;
- error_setg(errp, "Unable to generate DH parameters: %s",
- gnutls_strerror(ret));
- return -1;
- }
- } else {
+ if (filename != NULL) {
GError *gerr = NULL;
gchar *contents;
gsize len;
@@ -67,6 +53,10 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds,
g_error_free(gerr);
return -1;
}
+ warn_report_once("Use of an external DH parameters file '%s' is "
+ "deprecated and will be removed in a future release",
+ filename);
+
data.data = (unsigned char *)contents;
data.size = len;
ret = gnutls_dh_params_init(dh_params);
@@ -87,6 +77,8 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds *creds,
filename, gnutls_strerror(ret));
return -1;
}
+ } else {
+ *dh_params = NULL;
}
return 0;
diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
index 646574d6ae..1551382e1f 100644
--- a/crypto/tlscredsanon.c
+++ b/crypto/tlscredsanon.c
@@ -68,8 +68,10 @@ qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
return -1;
}
- gnutls_anon_set_server_dh_params(box->data.anonserver,
- box->dh_params);
+ if (box->dh_params) {
+ gnutls_anon_set_server_dh_params(box->data.anonserver,
+ box->dh_params);
+ }
} else {
ret = gnutls_anon_allocate_client_credentials(&box->data.anonclient);
if (ret < 0) {
diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
index 8879c84ea7..e1b1e1a613 100644
--- a/crypto/tlscredspsk.c
+++ b/crypto/tlscredspsk.c
@@ -129,8 +129,10 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
gnutls_strerror(ret));
goto cleanup;
}
- gnutls_psk_set_server_dh_params(box->data.pskserver,
- box->dh_params);
+ if (box->dh_params) {
+ gnutls_psk_set_server_dh_params(box->data.pskserver,
+ box->dh_params);
+ }
} else {
box = qcrypto_tls_creds_box_new_client(GNUTLS_CRD_PSK);
diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
index 397ff4caa9..e28fcdc6ff 100644
--- a/crypto/tlscredsx509.c
+++ b/crypto/tlscredsx509.c
@@ -683,7 +683,9 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
errp) < 0) {
return -1;
}
- gnutls_certificate_set_dh_params(box->data.cert, box->dh_params);
+ if (box->dh_params) {
+ gnutls_certificate_set_dh_params(box->data.cert, box->dh_params);
+ }
}
creds->parent_obj.box = g_steal_pointer(&box);
diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
index 4ee98d6646..03e29915f0 100644
--- a/docs/about/deprecated.rst
+++ b/docs/about/deprecated.rst
@@ -385,6 +385,15 @@ Options are:
- move backing file to NVDIMM storage and keep ``pmem=on``
(to have NVDIMM with persistence guaranties).
+Using an external DH (Diffie-Hellman) parameters file (since 10.2)
+''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
+
+Loading of external Diffie-Hellman parameters from a 'dh-params.pem'
+file is deprecated and will be removed with no replacement in a
+future release. Where no 'dh-params.pem' file is provided, the DH
+parameters will be automatically negotiated in accordance with
+RFC7919.
+
Device options
--------------
diff --git a/docs/system/tls.rst b/docs/system/tls.rst
index a4f6781d62..44c4bf04e9 100644
--- a/docs/system/tls.rst
+++ b/docs/system/tls.rst
@@ -251,11 +251,13 @@ When specifying the object, the ``dir`` parameters specifies which
directory contains the credential files. This directory is expected to
contain files with the names mentioned previously, ``ca-cert.pem``,
``server-key.pem``, ``server-cert.pem``, ``client-key.pem`` and
-``client-cert.pem`` as appropriate. It is also possible to include a set
-of pre-generated Diffie-Hellman (DH) parameters in a file
-``dh-params.pem``, which can be created using the
-``certtool --generate-dh-params`` command. If omitted, QEMU will
-dynamically generate DH parameters when loading the credentials.
+``client-cert.pem`` as appropriate.
+
+While it is possible to include a set of pre-generated Diffie-Hellman
+(DH) parameters in a file ``dh-params.pem``, this facility is now
+deprecated and will be removed in a future release. When omitted the
+DH parameters will be automatically negotiated in accordance with
+RFC7919.
The ``endpoint`` parameter indicates whether the credentials will be
used for a network client or server, and determines which PEM files are
--
2.51.1
next prev parent reply other threads:[~2025-11-03 13:45 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-11-03 13:36 [PULL 00/32] Next pr patches Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 01/32] Implement -run-with exit-with-parent=on Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 02/32] tests/qtest: Use exit-with-parent=on in qtest invocations Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 03/32] crypto/hash: Have hashing functions take void * buffer argument Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 04/32] io/channel: Have read/write " Daniel P. Berrangé
2025-11-03 13:36 ` [PULL 05/32] io: add a "blocking" field to QIOChannelSocket Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 06/32] io: flush zerocopy socket error queue on sendmsg failure due to ENOBUF Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 07/32] crypto: bump min gnutls to 3.7.5 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 08/32] crypto: unconditionally enable gnutls XTS support Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 09/32] crypto: bump min libgcrypt to 1.9.4 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 10/32] crypto: bump min nettle to 3.7.3 Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 11/32] crypto: drop in-tree XTS cipher mode impl Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 12/32] crypto: remove redundant parameter checking CA certs Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 13/32] crypto: add missing free of certs array Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 14/32] crypto: replace stat() with access() for credential checks Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 15/32] crypto: remove redundant access() checks before loading certs Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 16/32] crypto: move check for TLS creds 'dir' property Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 17/32] crypto: use g_autofree when loading x509 credentials Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 18/32] crypto: remove needless indirection via parent_obj field Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 19/32] crypto: move release of DH parameters into TLS creds parent Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 20/32] crypto: shorten the endpoint == server check in TLS creds Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 21/32] crypto: remove duplication loading x509 CA cert Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 22/32] crypto: reduce duplication in handling TLS priority strings Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 23/32] crypto: introduce method for reloading TLS creds Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 24/32] crypto: introduce a wrapper around gnutls credentials Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 25/32] crypto: fix lifecycle handling of gnutls credentials objects Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 26/32] crypto: make TLS credentials structs private Daniel P. Berrangé
2025-11-03 13:37 ` Daniel P. Berrangé [this message]
2025-11-03 13:37 ` [PULL 28/32] crypto: avoid loading the CA certs twice Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 29/32] crypto: avoid loading the identity " Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 30/32] crypto: expand logic to cope with multiple certificate identities Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 31/32] crypto: support upto 5 parallel " Daniel P. Berrangé
2025-11-03 13:37 ` [PULL 32/32] docs: creation of x509 certs compliant with post-quantum crypto Daniel P. Berrangé
2025-11-04 15:19 ` [PULL 00/32] Next pr patches Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251103133727.423041-28-berrange@redhat.com \
--to=berrange@redhat.com \
--cc=devel@lists.libvirt.org \
--cc=farosas@suse.de \
--cc=lvivier@redhat.com \
--cc=marcandre.lureau@redhat.com \
--cc=pbonzini@redhat.com \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).