diff mbox series

[2/2] crypto: perform runtime check for hash/hmac support in gcrypt

Message ID 20241030101150.3023300-3-berrange@redhat.com
State New
Headers show
Series crypto: misc gcrypt hash/hmac fixes | expand

Commit Message

Daniel P. Berrangé Oct. 30, 2024, 10:11 a.m. UTC 
gcrypto has the ability to dynamically disable hash/hmac algorithms
at runtime, so QEMU must perform a runtime check.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
 crypto/hash-gcrypt.c | 2 +-
 crypto/hmac-gcrypt.c | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

Comments

Philippe Mathieu-Daudé Oct. 31, 2024, 4:01 a.m. UTC | #1 
On 30/10/24 07:11, Daniel P. Berrangé wrote:
> gcrypto has the ability to dynamically disable hash/hmac algorithms
> at runtime, so QEMU must perform a runtime check.
> 
> Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
> ---
>   crypto/hash-gcrypt.c | 2 +-
>   crypto/hmac-gcrypt.c | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)

Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
diff mbox series

Patch

diff --git a/crypto/hash-gcrypt.c b/crypto/hash-gcrypt.c
index 22ddf394ec..2c8325869a 100644
--- a/crypto/hash-gcrypt.c
+++ b/crypto/hash-gcrypt.c
@@ -40,7 +40,7 @@  gboolean qcrypto_hash_supports(QCryptoHashAlgo alg)
 {
     if (alg < G_N_ELEMENTS(qcrypto_hash_alg_map) &&
         qcrypto_hash_alg_map[alg] != GCRY_MD_NONE) {
-        return true;
+        return gcry_md_test_algo(qcrypto_hash_alg_map[alg]) == 0;
     }
     return false;
 }
diff --git a/crypto/hmac-gcrypt.c b/crypto/hmac-gcrypt.c
index 19990cb6ed..181b376572 100644
--- a/crypto/hmac-gcrypt.c
+++ b/crypto/hmac-gcrypt.c
@@ -37,7 +37,7 @@  bool qcrypto_hmac_supports(QCryptoHashAlgo alg)
 {
     if (alg < G_N_ELEMENTS(qcrypto_hmac_alg_map) &&
         qcrypto_hmac_alg_map[alg] != GCRY_MAC_NONE) {
-        return true;
+        return gcry_mac_test_algo(qcrypto_hmac_alg_map[alg]) == 0;
     }
 
     return false;