From: "Marc-André Lureau" <marcandre.lureau@redhat.com>
To: "Daniel P. Berrangé" <berrange@redhat.com>
Cc: qemu-devel@nongnu.org, devel@lists.libvirt.org
Subject: Re: [PATCH 16/21] crypto: deprecate use of external dh-params.pem file
Date: Fri, 31 Oct 2025 15:32:51 +0400 [thread overview]
Message-ID: <CAMxuvawDsd+w_UFD7VJDq76BNzoEWL0tQvNt_ZC8soPVEdtTRg@mail.gmail.com> (raw)
In-Reply-To: <20251030144927.2241109-17-berrange@redhat.com>
[-- Attachment #1: Type: text/plain, Size: 7157 bytes --]
Hi
On Thu, Oct 30, 2025 at 6:50 PM Daniel P. Berrangé <berrange@redhat.com>
wrote:
> GNUTLS has deprecated use of externally provided diffie-hellman
> parameters, since it will automatically negotiate DH params in
> accordance with RFC7919.
>
The doc says:
Since 3.6.0, DH parameters are negotiated following RFC7919.
But QEMU doesn't require >= 3.6. Add a preliminary patch?
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
>
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
> ---
> crypto/tlscreds.c | 24 ++++++++----------------
> crypto/tlscredsanon.c | 6 ++++--
> crypto/tlscredspsk.c | 6 ++++--
> crypto/tlscredsx509.c | 4 +++-
> docs/about/deprecated.rst | 9 +++++++++
> docs/system/tls.rst | 12 +++++++-----
> 6 files changed, 35 insertions(+), 26 deletions(-)
>
> diff --git a/crypto/tlscreds.c b/crypto/tlscreds.c
> index 798c9712fb..85268f3b57 100644
> --- a/crypto/tlscreds.c
> +++ b/crypto/tlscreds.c
> @@ -22,6 +22,7 @@
> #include "qapi/error.h"
> #include "qapi-types-crypto.h"
> #include "qemu/module.h"
> +#include "qemu/error-report.h"
> #include "tlscredspriv.h"
> #include "trace.h"
>
> @@ -38,22 +39,7 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds
> *creds,
>
> trace_qcrypto_tls_creds_load_dh(creds, filename ? filename :
> "<generated>");
>
> - if (filename == NULL) {
> - ret = gnutls_dh_params_init(dh_params);
> - if (ret < 0) {
> - error_setg(errp, "Unable to initialize DH parameters: %s",
> - gnutls_strerror(ret));
> - return -1;
> - }
> - ret = gnutls_dh_params_generate2(*dh_params, DH_BITS);
> - if (ret < 0) {
> - gnutls_dh_params_deinit(*dh_params);
> - *dh_params = NULL;
> - error_setg(errp, "Unable to generate DH parameters: %s",
> - gnutls_strerror(ret));
> - return -1;
> - }
> - } else {
> + if (filename != NULL) {
> GError *gerr = NULL;
> gchar *contents;
> gsize len;
> @@ -67,6 +53,10 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds
> *creds,
> g_error_free(gerr);
> return -1;
> }
> + warn_report_once("Use of an external DH parameters file '%s' is "
> + "deprecated and will be removed in a future
> release",
> + filename);
> +
> data.data = (unsigned char *)contents;
> data.size = len;
> ret = gnutls_dh_params_init(dh_params);
> @@ -87,6 +77,8 @@ qcrypto_tls_creds_get_dh_params_file(QCryptoTLSCreds
> *creds,
> filename, gnutls_strerror(ret));
> return -1;
> }
> + } else {
> + *dh_params = NULL;
> }
>
> return 0;
> diff --git a/crypto/tlscredsanon.c b/crypto/tlscredsanon.c
> index 69ed1d792a..777cc4f5bb 100644
> --- a/crypto/tlscredsanon.c
> +++ b/crypto/tlscredsanon.c
> @@ -68,8 +68,10 @@ qcrypto_tls_creds_anon_load(QCryptoTLSCredsAnon *creds,
> return -1;
> }
>
> - gnutls_anon_set_server_dh_params(box->data.anonserver,
> - box->dh_params);
> + if (box->dh_params) {
> + gnutls_anon_set_server_dh_params(box->data.anonserver,
> + box->dh_params);
> + }
> } else {
> ret =
> gnutls_anon_allocate_client_credentials(&box->data.anonclient);
> if (ret < 0) {
> diff --git a/crypto/tlscredspsk.c b/crypto/tlscredspsk.c
> index e437985260..801da50625 100644
> --- a/crypto/tlscredspsk.c
> +++ b/crypto/tlscredspsk.c
> @@ -129,8 +129,10 @@ qcrypto_tls_creds_psk_load(QCryptoTLSCredsPSK *creds,
> gnutls_strerror(ret));
> goto cleanup;
> }
> - gnutls_psk_set_server_dh_params(box->data.pskserver,
> - box->dh_params);
> + if (box->dh_params) {
> + gnutls_psk_set_server_dh_params(box->data.pskserver,
> + box->dh_params);
> + }
> } else {
> box = qcrypto_tls_creds_box_new_client(GNUTLS_CRD_PSK);
>
> diff --git a/crypto/tlscredsx509.c b/crypto/tlscredsx509.c
> index 2fc0872627..7e79af4266 100644
> --- a/crypto/tlscredsx509.c
> +++ b/crypto/tlscredsx509.c
> @@ -684,7 +684,9 @@ qcrypto_tls_creds_x509_load(QCryptoTLSCredsX509 *creds,
> errp) < 0) {
> return -1;
> }
> - gnutls_certificate_set_dh_params(box->data.cert, box->dh_params);
> + if (box->dh_params) {
> + gnutls_certificate_set_dh_params(box->data.cert,
> box->dh_params);
> + }
> }
> creds->parent_obj.box = g_steal_pointer(&box);
>
> diff --git a/docs/about/deprecated.rst b/docs/about/deprecated.rst
> index ca6b3769b5..694a69da64 100644
> --- a/docs/about/deprecated.rst
> +++ b/docs/about/deprecated.rst
> @@ -365,6 +365,15 @@ Options are:
> - move backing file to NVDIMM storage and keep ``pmem=on``
> (to have NVDIMM with persistence guaranties).
>
> +Using an external DH (Diffie-Hellman) parameters file (since 10.2)
> +''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''''
> +
> +Loading of external Diffie-Hellman parameters from a 'dh-params.pem'
> +file is deprecated and will be removed with no replacement in a
> +future release. Where no 'dh-params.pem' file is provided, the DH
> +parameters will be automatically negotiated in accordance with
> +RFC7919.
> +
> Device options
> --------------
>
> diff --git a/docs/system/tls.rst b/docs/system/tls.rst
> index a4f6781d62..44c4bf04e9 100644
> --- a/docs/system/tls.rst
> +++ b/docs/system/tls.rst
> @@ -251,11 +251,13 @@ When specifying the object, the ``dir`` parameters
> specifies which
> directory contains the credential files. This directory is expected to
> contain files with the names mentioned previously, ``ca-cert.pem``,
> ``server-key.pem``, ``server-cert.pem``, ``client-key.pem`` and
> -``client-cert.pem`` as appropriate. It is also possible to include a set
> -of pre-generated Diffie-Hellman (DH) parameters in a file
> -``dh-params.pem``, which can be created using the
> -``certtool --generate-dh-params`` command. If omitted, QEMU will
> -dynamically generate DH parameters when loading the credentials.
> +``client-cert.pem`` as appropriate.
> +
> +While it is possible to include a set of pre-generated Diffie-Hellman
> +(DH) parameters in a file ``dh-params.pem``, this facility is now
> +deprecated and will be removed in a future release. When omitted the
> +DH parameters will be automatically negotiated in accordance with
> +RFC7919.
>
> The ``endpoint`` parameter indicates whether the credentials will be
> used for a network client or server, and determines which PEM files are
> --
> 2.51.1
>
>
[-- Attachment #2: Type: text/html, Size: 9239 bytes --]
next prev parent reply other threads:[~2025-10-31 11:33 UTC|newest]
Thread overview: 44+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-30 14:49 [PATCH 00/21] crypto: support multiple parallel certificate identities Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 01/21] crypto: remove redundant parameter checking CA certs Daniel P. Berrangé
2025-10-31 13:57 ` Philippe Mathieu-Daudé
2025-10-30 14:49 ` [PATCH 02/21] crypto: add missing free of certs array Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 03/21] crypto: replace stat() with access() for credential checks Daniel P. Berrangé
2025-10-31 13:58 ` Philippe Mathieu-Daudé
2025-10-30 14:49 ` [PATCH 04/21] crypto: remove redundant access() checks before loading certs Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 05/21] crypto: move check for TLS creds 'dir' property Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 06/21] crypto: use g_autofree when loading x509 credentials Daniel P. Berrangé
2025-10-31 13:59 ` Philippe Mathieu-Daudé
2025-10-30 14:49 ` [PATCH 07/21] crypto: remove needless indirection via parent_obj field Daniel P. Berrangé
2025-10-30 19:31 ` Marc-André Lureau
2025-10-31 14:00 ` Philippe Mathieu-Daudé
2025-10-30 14:49 ` [PATCH 08/21] crypto: move release of DH parameters into TLS creds parent Daniel P. Berrangé
2025-10-30 19:31 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 09/21] crypto: shorten the endpoint == server check in TLS creds Daniel P. Berrangé
2025-10-30 19:32 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 10/21] crypto: remove duplication loading x509 CA cert Daniel P. Berrangé
2025-10-30 19:31 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 11/21] crypto: reduce duplication in handling TLS priority strings Daniel P. Berrangé
2025-10-30 19:40 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 12/21] crypto: introduce method for reloading TLS creds Daniel P. Berrangé
2025-10-30 19:43 ` Marc-André Lureau
2025-10-31 11:31 ` Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 13/21] crypto: introduce a wrapper around gnutls credentials Daniel P. Berrangé
2025-10-31 11:23 ` Marc-André Lureau
2025-10-31 11:27 ` Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 14/21] crypto: fix lifecycle handling of gnutls credentials objects Daniel P. Berrangé
2025-10-31 11:24 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 15/21] crypto: make TLS credentials structs private Daniel P. Berrangé
2025-10-31 11:25 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 16/21] crypto: deprecate use of external dh-params.pem file Daniel P. Berrangé
2025-10-31 11:32 ` Marc-André Lureau [this message]
2025-10-31 11:38 ` Daniel P. Berrangé
2025-10-30 14:49 ` [PATCH 17/21] crypto: avoid loading the CA certs twice Daniel P. Berrangé
2025-10-31 15:08 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 18/21] crypto: avoid loading the identity " Daniel P. Berrangé
2025-11-01 9:25 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 19/21] crypto: expand logic to cope with multiple certificate identities Daniel P. Berrangé
2025-11-02 8:11 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 20/21] crypto: support upto 5 parallel " Daniel P. Berrangé
2025-11-02 8:25 ` Marc-André Lureau
2025-10-30 14:49 ` [PATCH 21/21] docs: creation of x509 certs compliant with post-quantum crypto Daniel P. Berrangé
2025-11-02 11:40 ` Marc-André Lureau
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAMxuvawDsd+w_UFD7VJDq76BNzoEWL0tQvNt_ZC8soPVEdtTRg@mail.gmail.com \
--to=marcandre.lureau@redhat.com \
--cc=berrange@redhat.com \
--cc=devel@lists.libvirt.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).