From 278d59601536a95a3c62af31ebd20e0bfcb833fc Mon Sep 17 00:00:00 2001 From: Alejandro Zeise Date: Tue, 8 Oct 2024 09:57:12 +0200 Subject: crypto/hash-nettle: Implement new hash API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Implements the new hashing API in the nettle hash driver. Supports creating/destroying a context, updating the context with input data and obtaining an output hash. Signed-off-by: Alejandro Zeise [ clg: - Dropped qcrypto_hash_supports() in qcrypto_nettle_hash_new() ] Signed-off-by: Cédric Le Goater Reviewed-by: Daniel P. Berrangé Signed-off-by: Daniel P. Berrangé --- crypto/hash-nettle.c | 70 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 70 insertions(+) (limited to 'crypto/hash-nettle.c') diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 8b08a9c675..07e18ce26c 100644 --- a/crypto/hash-nettle.c +++ b/crypto/hash-nettle.c @@ -1,6 +1,7 @@ /* * QEMU Crypto hash algorithms * + * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates * Copyright (c) 2016 Red Hat, Inc. * * This library is free software; you can redistribute it and/or @@ -155,7 +156,76 @@ qcrypto_nettle_hash_bytesv(QCryptoHashAlgo alg, return 0; } +static +QCryptoHash *qcrypto_nettle_hash_new(QCryptoHashAlgo alg, Error **errp) +{ + QCryptoHash *hash; + + hash = g_new(QCryptoHash, 1); + hash->alg = alg; + hash->opaque = g_new(union qcrypto_hash_ctx, 1); + + qcrypto_hash_alg_map[alg].init(hash->opaque); + return hash; +} + +static +void qcrypto_nettle_hash_free(QCryptoHash *hash) +{ + union qcrypto_hash_ctx *ctx = hash->opaque; + + g_free(ctx); + g_free(hash); +} + +static +int qcrypto_nettle_hash_update(QCryptoHash *hash, + const struct iovec *iov, + size_t niov, + Error **errp) +{ + union qcrypto_hash_ctx *ctx = hash->opaque; + + for (int i = 0; i < niov; i++) { + /* + * Some versions of nettle have functions + * declared with 'int' instead of 'size_t' + * so to be safe avoid writing more than + * UINT_MAX bytes at a time + */ + size_t len = iov[i].iov_len; + uint8_t *base = iov[i].iov_base; + while (len) { + size_t shortlen = MIN(len, UINT_MAX); + qcrypto_hash_alg_map[hash->alg].write(ctx, len, base); + len -= shortlen; + base += len; + } + } + + return 0; +} + +static +int qcrypto_nettle_hash_finalize(QCryptoHash *hash, + uint8_t **result, + size_t *result_len, + Error **errp) +{ + union qcrypto_hash_ctx *ctx = hash->opaque; + + *result_len = qcrypto_hash_alg_map[hash->alg].len; + *result = g_new(uint8_t, *result_len); + + qcrypto_hash_alg_map[hash->alg].result(ctx, *result_len, *result); + + return 0; +} QCryptoHashDriver qcrypto_hash_lib_driver = { .hash_bytesv = qcrypto_nettle_hash_bytesv, + .hash_new = qcrypto_nettle_hash_new, + .hash_update = qcrypto_nettle_hash_update, + .hash_finalize = qcrypto_nettle_hash_finalize, + .hash_free = qcrypto_nettle_hash_free, }; -- cgit 1.4.1 From 7908bf74bd88fbf803ec9e0d496cd7217349ba3e Mon Sep 17 00:00:00 2001 From: Alejandro Zeise Date: Tue, 8 Oct 2024 09:57:20 +0200 Subject: crypto/hash-nettle: Remove old hash API functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Removes old hash implementation in the nettle hash driver. Signed-off-by: Alejandro Zeise Reviewed-by: Daniel P. Berrangé [ clg: - Fixed spelling in commit log ] Signed-off-by: Cédric Le Goater Reviewed-by: Daniel P. Berrangé Signed-off-by: Daniel P. Berrangé --- crypto/hash-nettle.c | 53 ---------------------------------------------------- 1 file changed, 53 deletions(-) (limited to 'crypto/hash-nettle.c') diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 07e18ce26c..570ce8a645 100644 --- a/crypto/hash-nettle.c +++ b/crypto/hash-nettle.c @@ -104,58 +104,6 @@ gboolean qcrypto_hash_supports(QCryptoHashAlgo alg) return false; } - -static int -qcrypto_nettle_hash_bytesv(QCryptoHashAlgo alg, - const struct iovec *iov, - size_t niov, - uint8_t **result, - size_t *resultlen, - Error **errp) -{ - size_t i; - union qcrypto_hash_ctx ctx; - - if (!qcrypto_hash_supports(alg)) { - error_setg(errp, - "Unknown hash algorithm %d", - alg); - return -1; - } - - qcrypto_hash_alg_map[alg].init(&ctx); - - for (i = 0; i < niov; i++) { - /* Some versions of nettle have functions - * declared with 'int' instead of 'size_t' - * so to be safe avoid writing more than - * UINT_MAX bytes at a time - */ - size_t len = iov[i].iov_len; - uint8_t *base = iov[i].iov_base; - while (len) { - size_t shortlen = MIN(len, UINT_MAX); - qcrypto_hash_alg_map[alg].write(&ctx, len, base); - len -= shortlen; - base += len; - } - } - - if (*resultlen == 0) { - *resultlen = qcrypto_hash_alg_map[alg].len; - *result = g_new0(uint8_t, *resultlen); - } else if (*resultlen != qcrypto_hash_alg_map[alg].len) { - error_setg(errp, - "Result buffer size %zu is smaller than hash %zu", - *resultlen, qcrypto_hash_alg_map[alg].len); - return -1; - } - - qcrypto_hash_alg_map[alg].result(&ctx, *resultlen, *result); - - return 0; -} - static QCryptoHash *qcrypto_nettle_hash_new(QCryptoHashAlgo alg, Error **errp) { @@ -223,7 +171,6 @@ int qcrypto_nettle_hash_finalize(QCryptoHash *hash, } QCryptoHashDriver qcrypto_hash_lib_driver = { - .hash_bytesv = qcrypto_nettle_hash_bytesv, .hash_new = qcrypto_nettle_hash_new, .hash_update = qcrypto_nettle_hash_update, .hash_finalize = qcrypto_nettle_hash_finalize, -- cgit 1.4.1 From 95cc223afbde013c2dd0d6399211227861dbd9b2 Mon Sep 17 00:00:00 2001 From: "Daniel P. Berrangé" Date: Thu, 10 Oct 2024 12:40:49 +0100 Subject: crypto: drop obsolete back compat logic for old nettle MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit The nettle 2.x series declared all the hash functions with 'int' for the data size. Since we dropped support for anything older than 3.4 we can assume nettle is using 'size_t' and thus avoid the back compat looping logic. Reviewed-by: Cédric Le Goater Signed-off-by: Daniel P. Berrangé --- crypto/hash-nettle.c | 17 +++-------------- 1 file changed, 3 insertions(+), 14 deletions(-) (limited to 'crypto/hash-nettle.c') diff --git a/crypto/hash-nettle.c b/crypto/hash-nettle.c index 570ce8a645..3b847aa60e 100644 --- a/crypto/hash-nettle.c +++ b/crypto/hash-nettle.c @@ -135,20 +135,9 @@ int qcrypto_nettle_hash_update(QCryptoHash *hash, union qcrypto_hash_ctx *ctx = hash->opaque; for (int i = 0; i < niov; i++) { - /* - * Some versions of nettle have functions - * declared with 'int' instead of 'size_t' - * so to be safe avoid writing more than - * UINT_MAX bytes at a time - */ - size_t len = iov[i].iov_len; - uint8_t *base = iov[i].iov_base; - while (len) { - size_t shortlen = MIN(len, UINT_MAX); - qcrypto_hash_alg_map[hash->alg].write(ctx, len, base); - len -= shortlen; - base += len; - } + qcrypto_hash_alg_map[hash->alg].write(ctx, + iov[i].iov_len, + iov[i].iov_base); } return 0; -- cgit 1.4.1