diff mbox series

[v4,04/15] crypto/hash-gnutls: Implement new hash API

Message ID 20240807195122.2827364-5-alejandro.zeise@seagate.com (mailing list archive)
State New, archived
Headers show
Series hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations | expand

Commit Message

Alejandro Zeise Aug. 7, 2024, 7:51 p.m. UTC
Implements the new hashing API in the gnutls hash driver.
Supports creating/destroying a context, updating the context
with input data and obtaining an output hash.

Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
---
 crypto/hash-gnutls.c | 73 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 73 insertions(+)

Comments

Daniel P. Berrangé Aug. 8, 2024, 5:10 p.m. UTC | #1
On Wed, Aug 07, 2024 at 07:51:11PM +0000, Alejandro Zeise wrote:
> Implements the new hashing API in the gnutls hash driver.
> Supports creating/destroying a context, updating the context
> with input data and obtaining an output hash.
> 
> Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
> ---
>  crypto/hash-gnutls.c | 73 ++++++++++++++++++++++++++++++++++++++++++++
>  1 file changed, 73 insertions(+)
> 
> diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c
> index 17911ac5d1..15fc630a11 100644
> --- a/crypto/hash-gnutls.c
> +++ b/crypto/hash-gnutls.c
> @@ -1,6 +1,7 @@
>  /*
>   * QEMU Crypto hash algorithms
>   *
> + * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates
>   * Copyright (c) 2021 Red Hat, Inc.
>   *
>   * This library is free software; you can redistribute it and/or
> @@ -98,7 +99,79 @@ qcrypto_gnutls_hash_bytesv(QCryptoHashAlgorithm alg,
>      return 0;
>  }
>  
> +static
> +QCryptoHash *qcrypto_gnutls_hash_new(QCryptoHashAlgorithm alg, Error **errp)
> +{
> +    QCryptoHash *hash = NULL;
> +
> +    if (!qcrypto_hash_supports(alg)) {
> +        error_setg(errp,
> +                   "Unknown hash algorithm %d",
> +                   alg);
> +    } else {
> +        hash = g_new(QCryptoHash, 1);
> +        hash->alg = alg;
> +        hash->opaque = g_new(gnutls_hash_hd_t, 1);
> +
> +        gnutls_hash_init(hash->opaque, qcrypto_hash_alg_map[alg]);

  int ret = gnutls_hash_init(...)
  if (ret < 0) {
      error_setg(errp, ....)
      g_free(hash->opaque);
      g_free(hash);
      return NULL;
  }

> +    }
> +
> +    return hash;
> +}
> +
> +static
> +void qcrypto_gnutls_hash_free(QCryptoHash *hash)
> +{
> +    gnutls_hash_hd_t *ctx = hash->opaque;
> +
> +    g_free(ctx);
> +    g_free(hash);
> +}
> +
> +
> +static
> +int qcrypto_gnutls_hash_update(QCryptoHash *hash,
> +                               const struct iovec *iov,
> +                               size_t niov,
> +                               Error **errp)
> +{
> +    int fail = 0;
> +    gnutls_hash_hd_t *ctx = hash->opaque;
> +
> +    for (int i = 0; i < niov; i++) {
> +        fail = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len) || fail;

Needs to report in 'errp'  when failure happens & return immediately. eg

   int ret = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len);
   if (ret != 0) {
       error_setg(errp, ....)
       return -1;
   }

> +    }
> +
> +    return fail;

Just 'return 0'

> +}
> +
> +static
> +int qcrypto_gnutls_hash_finalize(QCryptoHash *hash,
> +                                 uint8_t **result,
> +                                 size_t *result_len,
> +                                 Error **errp)
> +{
> +    int ret = 0;
> +    gnutls_hash_hd_t *ctx = hash->opaque;
> +
> +    *result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
> +    if (*result_len == 0) {
> +        error_setg(errp, "%s",
> +                   "Unable to get hash length");
> +        ret = -1;
> +    } else {
> +        *result = g_new(uint8_t, *result_len);
> +
> +        gnutls_hash_deinit(*ctx, *result);

We should use  gnutls_hash_output() here instead, and call
gnutls_hash_deinit() in the qcrypto_gnutls_hash_free()
method.  That ensures all memory is freed if the user
never calls qcrypto_hash_finalize()

> +    }
> +
> +    return ret;
> +}
>  
>  QCryptoHashDriver qcrypto_hash_lib_driver = {
>      .hash_bytesv = qcrypto_gnutls_hash_bytesv,
> +    .hash_new      = qcrypto_gnutls_hash_new,
> +    .hash_update   = qcrypto_gnutls_hash_update,
> +    .hash_finalize = qcrypto_gnutls_hash_finalize,
> +    .hash_free     = qcrypto_gnutls_hash_free,
>  };
> -- 
> 2.34.1
> 

With regards,
Daniel
diff mbox series

Patch

diff --git a/crypto/hash-gnutls.c b/crypto/hash-gnutls.c
index 17911ac5d1..15fc630a11 100644
--- a/crypto/hash-gnutls.c
+++ b/crypto/hash-gnutls.c
@@ -1,6 +1,7 @@ 
 /*
  * QEMU Crypto hash algorithms
  *
+ * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates
  * Copyright (c) 2021 Red Hat, Inc.
  *
  * This library is free software; you can redistribute it and/or
@@ -98,7 +99,79 @@  qcrypto_gnutls_hash_bytesv(QCryptoHashAlgorithm alg,
     return 0;
 }
 
+static
+QCryptoHash *qcrypto_gnutls_hash_new(QCryptoHashAlgorithm alg, Error **errp)
+{
+    QCryptoHash *hash = NULL;
+
+    if (!qcrypto_hash_supports(alg)) {
+        error_setg(errp,
+                   "Unknown hash algorithm %d",
+                   alg);
+    } else {
+        hash = g_new(QCryptoHash, 1);
+        hash->alg = alg;
+        hash->opaque = g_new(gnutls_hash_hd_t, 1);
+
+        gnutls_hash_init(hash->opaque, qcrypto_hash_alg_map[alg]);
+    }
+
+    return hash;
+}
+
+static
+void qcrypto_gnutls_hash_free(QCryptoHash *hash)
+{
+    gnutls_hash_hd_t *ctx = hash->opaque;
+
+    g_free(ctx);
+    g_free(hash);
+}
+
+
+static
+int qcrypto_gnutls_hash_update(QCryptoHash *hash,
+                               const struct iovec *iov,
+                               size_t niov,
+                               Error **errp)
+{
+    int fail = 0;
+    gnutls_hash_hd_t *ctx = hash->opaque;
+
+    for (int i = 0; i < niov; i++) {
+        fail = gnutls_hash(*ctx, iov[i].iov_base, iov[i].iov_len) || fail;
+    }
+
+    return fail;
+}
+
+static
+int qcrypto_gnutls_hash_finalize(QCryptoHash *hash,
+                                 uint8_t **result,
+                                 size_t *result_len,
+                                 Error **errp)
+{
+    int ret = 0;
+    gnutls_hash_hd_t *ctx = hash->opaque;
+
+    *result_len = gnutls_hash_get_len(qcrypto_hash_alg_map[hash->alg]);
+    if (*result_len == 0) {
+        error_setg(errp, "%s",
+                   "Unable to get hash length");
+        ret = -1;
+    } else {
+        *result = g_new(uint8_t, *result_len);
+
+        gnutls_hash_deinit(*ctx, *result);
+    }
+
+    return ret;
+}
 
 QCryptoHashDriver qcrypto_hash_lib_driver = {
     .hash_bytesv = qcrypto_gnutls_hash_bytesv,
+    .hash_new      = qcrypto_gnutls_hash_new,
+    .hash_update   = qcrypto_gnutls_hash_update,
+    .hash_finalize = qcrypto_gnutls_hash_finalize,
+    .hash_free     = qcrypto_gnutls_hash_free,
 };