| Message ID | 20240807195122.2827364-5-alejandro.zeise@seagate.com |
|---|---|
| State | New |
| Headers | show |
| Series | hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations | expand |
On Wed, Aug 07, 2024 at 07:51:11PM +0000, Alejandro Zeise wrote: > Implements the new hashing API in the gnutls hash driver. > Supports creating/destroying a context, updating the context > with input data and obtaining an output hash. > > Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com> > --- > crypto/hash-gnutls.c | 73 ++++++++++++++++++++++++++++++++++++++++++++ > 1 file changed, 73 insertions(+) > > diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c > index 17911ac5d1..15fc630a11 100644 > --- a/crypto/hash-gnutls.c > +++ b/crypto/hash-gnutls.c > @@ -1,6 +1,7 @@ > /* > * QEMU Crypto hash algorithms > * > + * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates > * Copyright (c) 2021 Red Hat, Inc. > * > * This library is free software; you can redistribute it and/or > @@ -98,7 +99,79 @@ qcrypto_gnutls_hash_bytesv(QCryptoHashAlgorithm alg, > return 0; > } > > +static > +QCryptoHash *qcrypto_gnutls_hash_new(QCryptoHashAlgorithm alg, Error **errp) > +{ > + QCryptoHash *hash = NULL; > + > + if (!qcrypto_hash_supports(alg)) { > + error_setg(errp, > + "Unknown hash algorithm %d", > + alg); > + } else { > + hash = g_new(QCryptoHash, 1); > + hash->alg = alg; > + hash->opaque = g_new(gnutls_hash_hd_t, 1); > + > + gnutls_hash_init(hash->opaque, qcrypto_hash_alg_map[alg]); int ret = gnutls_hash_init(...) if (ret < 0) { error_setg(errp, ....) g_free(hash->opaque); g_free(hash); return NULL; } > + } > + > + return hash; > +} > + > +static > +void qcrypto_gnutls_hash_free(QCryptoHash *hash) > +{ > + gnutls_hash_hd_t *ctx = hash->opaque; > + > + g_free(ctx); > + g_free(hash); > +} > + > + > +static > +int qcrypto_gnutls_hash_update(QCryptoHash *hash, > + const struct iovec *iov, > + size_t niov, > + Error **errp) > +{ > + int fail = 0; > + gnutls_hash_hd_t *ctx = hash->opaque; > + > + for (int i = 0; i < niov; i++) { > + fail = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len) || fail; Needs to report in 'errp' when failure happens & return immediately. eg int ret = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len); if (ret != 0) { error_setg(errp, ....) return -1; } > + } > + > + return fail; Just 'return 0' > +} > + > +static > +int qcrypto_gnutls_hash_finalize(QCryptoHash *hash, > + uint8_t **result, > + size_t *result_len, > + Error **errp) > +{ > + int ret = 0; > + gnutls_hash_hd_t *ctx = hash->opaque; > + > + *result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]); > + if (*result_len == 0) { > + error_setg(errp, "%s", > + "Unable to get hash length"); > + ret = -1; > + } else { > + *result = g_new(uint8_t, *result_len); > + > + gnutls_hash_deinit(*ctx, *result); We should use gnutls_hash_output() here instead, and call gnutls_hash_deinit() in the qcrypto_gnutls_hash_free() method. That ensures all memory is freed if the user never calls qcrypto_hash_finalize() > + } > + > + return ret; > +} > > QCryptoHashDriver qcrypto_hash_lib_driver = { > .hash_bytesv = qcrypto_gnutls_hash_bytesv, > + .hash_new = qcrypto_gnutls_hash_new, > + .hash_update = qcrypto_gnutls_hash_update, > + .hash_finalize = qcrypto_gnutls_hash_finalize, > + .hash_free = qcrypto_gnutls_hash_free, > }; > -- > 2.34.1 > With regards, Daniel
diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c index 17911ac5d1..15fc630a11 100644 --- a/crypto/hash-gnutls.c +++ b/crypto/hash-gnutls.c @@ -1,6 +1,7 @@ /* * QEMU Crypto hash algorithms * + * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates * Copyright (c) 2021 Red Hat, Inc. * * This library is free software; you can redistribute it and/or @@ -98,7 +99,79 @@ qcrypto_gnutls_hash_bytesv(QCryptoHashAlgorithm alg, return 0; } +static +QCryptoHash *qcrypto_gnutls_hash_new(QCryptoHashAlgorithm alg, Error **errp) +{ + QCryptoHash *hash = NULL; + + if (!qcrypto_hash_supports(alg)) { + error_setg(errp, + "Unknown hash algorithm %d", + alg); + } else { + hash = g_new(QCryptoHash, 1); + hash->alg = alg; + hash->opaque = g_new(gnutls_hash_hd_t, 1); + + gnutls_hash_init(hash->opaque, qcrypto_hash_alg_map[alg]); + } + + return hash; +} + +static +void qcrypto_gnutls_hash_free(QCryptoHash *hash) +{ + gnutls_hash_hd_t *ctx = hash->opaque; + + g_free(ctx); + g_free(hash); +} + + +static +int qcrypto_gnutls_hash_update(QCryptoHash *hash, + const struct iovec *iov, + size_t niov, + Error **errp) +{ + int fail = 0; + gnutls_hash_hd_t *ctx = hash->opaque; + + for (int i = 0; i < niov; i++) { + fail = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len) || fail; + } + + return fail; +} + +static +int qcrypto_gnutls_hash_finalize(QCryptoHash *hash, + uint8_t **result, + size_t *result_len, + Error **errp) +{ + int ret = 0; + gnutls_hash_hd_t *ctx = hash->opaque; + + *result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]); + if (*result_len == 0) { + error_setg(errp, "%s", + "Unable to get hash length"); + ret = -1; + } else { + *result = g_new(uint8_t, *result_len); + + gnutls_hash_deinit(*ctx, *result); + } + + return ret; +} QCryptoHashDriver qcrypto_hash_lib_driver = { .hash_bytesv = qcrypto_gnutls_hash_bytesv, + .hash_new = qcrypto_gnutls_hash_new, + .hash_update = qcrypto_gnutls_hash_update, + .hash_finalize = qcrypto_gnutls_hash_finalize, + .hash_free = qcrypto_gnutls_hash_free, };
Implements the new hashing API in the gnutls hash driver. Supports creating/destroying a context, updating the context with input data and obtaining an output hash. Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com> --- crypto/hash-gnutls.c | 73 ++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+)