diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2015-10-15 16:14:42 +0100 |
---|---|---|
committer | Timothy Pearson <tpearson@raptorengineering.com> | 2019-11-29 19:28:20 -0600 |
commit | 9ca20000eb5e2182c793c6b3f819c446268527a2 (patch) | |
tree | 19017c956b823855b5060c38674105b77413d328 /target-xtensa/op_helper.c | |
parent | 9f628f24571fb5dcf7f0a3a495c9e42b42a58f78 (diff) | |
download | hqemu-9ca20000eb5e2182c793c6b3f819c446268527a2.zip hqemu-9ca20000eb5e2182c793c6b3f819c446268527a2.tar.gz |
crypto: add support for loading encrypted x509 keys
Make use of the QCryptoSecret object to support loading of
encrypted x509 keys. The optional 'passwordid' parameter
to the tls-creds-x509 object type, provides the ID of a
secret object instance that holds the decryption password
for the PEM file.
# printf "123456" > mypasswd.txt
# $QEMU \
-object secret,id=sec0,filename=mypasswd.txt \
-object tls-creds-x509,passwordid=sec0,id=creds0,\
dir=/home/berrange/.pki/qemu,endpoint=server \
-vnc :1,tls-creds=creds0
This requires QEMU to be linked to GNUTLS >= 3.1.11. If
GNUTLS is too old an error will be reported if an attempt
is made to pass a decryption password.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
Diffstat (limited to 'target-xtensa/op_helper.c')
0 files changed, 0 insertions, 0 deletions