00f2cfbbec
Per supported platforms doc[1], the various min glib on relevant distros is:
RHEL-8: 2.56.1
RHEL-7: 2.50.3
Debian (Buster): 2.58.3
Debian (Stretch): 2.50.3
OpenBSD (Ports): 2.58.3
FreeBSD (Ports): 2.56.3
OpenSUSE Leap 15: 2.54.3
SLE12-SP2: 2.48.2
Ubuntu (Xenial): 2.48.0
macOS (Homebrew): 2.56.0
This suggests that a minimum glib of 2.48 is a reasonable target.
Compared to the previous version bump in
commit e7b3af8159
Author: Daniel P. Berrangé <berrange@redhat.com>
Date: Fri May 4 15:34:46 2018 +0100
glib: bump min required glib library version to 2.40
This will result in us dropping support for Debian Jessie and
Ubuntu 14.04.
As per the commit message 14.04 was already outside our list
of supported build platforms and an exception was only made
because one of the build hosts used during merge testing was
stuck on 14.04.
Debian Jessie is justified to drop because we only aim to
support at most 2 major versions of Debian at any time. This
means Buster and Stretch at this time.
The g_strv_contains compat code is dropped as this API is
present since 2.44
The g_assert_cmpmem compat code is dropped as this API is
present since 2.46
[1] https://qemu.weilnetz.de/doc/qemu-doc.html#Supported-build-platforms
Reviewed-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Stefan Hajnoczi <stefanha@redhat.com>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
125 lines
3.0 KiB
C
125 lines
3.0 KiB
C
/*
|
|
* QEMU Crypto hmac algorithms (based on glib)
|
|
*
|
|
* Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
|
|
*
|
|
* Authors:
|
|
* Longpeng(Mike) <longpeng2@huawei.com>
|
|
*
|
|
* This work is licensed under the terms of the GNU GPL, version 2 or
|
|
* (at your option) any later version. See the COPYING file in the
|
|
* top-level directory.
|
|
*
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "qapi/error.h"
|
|
#include "crypto/hmac.h"
|
|
#include "hmacpriv.h"
|
|
|
|
static int qcrypto_hmac_alg_map[QCRYPTO_HASH_ALG__MAX] = {
|
|
[QCRYPTO_HASH_ALG_MD5] = G_CHECKSUM_MD5,
|
|
[QCRYPTO_HASH_ALG_SHA1] = G_CHECKSUM_SHA1,
|
|
[QCRYPTO_HASH_ALG_SHA256] = G_CHECKSUM_SHA256,
|
|
[QCRYPTO_HASH_ALG_SHA512] = G_CHECKSUM_SHA512,
|
|
[QCRYPTO_HASH_ALG_SHA224] = -1,
|
|
[QCRYPTO_HASH_ALG_SHA384] = -1,
|
|
[QCRYPTO_HASH_ALG_RIPEMD160] = -1,
|
|
};
|
|
|
|
typedef struct QCryptoHmacGlib QCryptoHmacGlib;
|
|
struct QCryptoHmacGlib {
|
|
GHmac *ghmac;
|
|
};
|
|
|
|
bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg)
|
|
{
|
|
if (alg < G_N_ELEMENTS(qcrypto_hmac_alg_map) &&
|
|
qcrypto_hmac_alg_map[alg] != -1) {
|
|
return true;
|
|
}
|
|
|
|
return false;
|
|
}
|
|
|
|
void *qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg,
|
|
const uint8_t *key, size_t nkey,
|
|
Error **errp)
|
|
{
|
|
QCryptoHmacGlib *ctx;
|
|
|
|
if (!qcrypto_hmac_supports(alg)) {
|
|
error_setg(errp, "Unsupported hmac algorithm %s",
|
|
QCryptoHashAlgorithm_str(alg));
|
|
return NULL;
|
|
}
|
|
|
|
ctx = g_new0(QCryptoHmacGlib, 1);
|
|
|
|
ctx->ghmac = g_hmac_new(qcrypto_hmac_alg_map[alg],
|
|
(const uint8_t *)key, nkey);
|
|
if (!ctx->ghmac) {
|
|
error_setg(errp, "Cannot initialize hmac and set key");
|
|
goto error;
|
|
}
|
|
|
|
return ctx;
|
|
|
|
error:
|
|
g_free(ctx);
|
|
return NULL;
|
|
}
|
|
|
|
static void
|
|
qcrypto_glib_hmac_ctx_free(QCryptoHmac *hmac)
|
|
{
|
|
QCryptoHmacGlib *ctx;
|
|
|
|
ctx = hmac->opaque;
|
|
g_hmac_unref(ctx->ghmac);
|
|
|
|
g_free(ctx);
|
|
}
|
|
|
|
static int
|
|
qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac,
|
|
const struct iovec *iov,
|
|
size_t niov,
|
|
uint8_t **result,
|
|
size_t *resultlen,
|
|
Error **errp)
|
|
{
|
|
QCryptoHmacGlib *ctx;
|
|
int i, ret;
|
|
|
|
ctx = hmac->opaque;
|
|
|
|
for (i = 0; i < niov; i++) {
|
|
g_hmac_update(ctx->ghmac, iov[i].iov_base, iov[i].iov_len);
|
|
}
|
|
|
|
ret = g_checksum_type_get_length(qcrypto_hmac_alg_map[hmac->alg]);
|
|
if (ret < 0) {
|
|
error_setg(errp, "Unable to get hmac length");
|
|
return -1;
|
|
}
|
|
|
|
if (*resultlen == 0) {
|
|
*resultlen = ret;
|
|
*result = g_new0(uint8_t, *resultlen);
|
|
} else if (*resultlen != ret) {
|
|
error_setg(errp, "Result buffer size %zu is smaller than hmac %d",
|
|
*resultlen, ret);
|
|
return -1;
|
|
}
|
|
|
|
g_hmac_get_digest(ctx->ghmac, *result, resultlen);
|
|
|
|
return 0;
|
|
}
|
|
|
|
QCryptoHmacDriver qcrypto_hmac_lib_driver = {
|
|
.hmac_bytesv = qcrypto_glib_hmac_bytesv,
|
|
.hmac_free = qcrypto_glib_hmac_ctx_free,
|
|
};
|