da34e65cb4
Commit 57cb38b included qapi/error.h into qemu/osdep.h to get the
Error typedef. Since then, we've moved to include qemu/osdep.h
everywhere. Its file comment explains: "To avoid getting into
possible circular include dependencies, this file should not include
any other QEMU headers, with the exceptions of config-host.h,
compiler.h, os-posix.h and os-win32.h, all of which are doing a
similar job to this file and are under similar constraints."
qapi/error.h doesn't do a similar job, and it doesn't adhere to
similar constraints: it includes qapi-types.h. That's in excess of
100KiB of crap most .c files don't actually need.
Add the typedef to qemu/typedefs.h, and include that instead of
qapi/error.h. Include qapi/error.h in .c files that need it and don't
get it now. Include qapi-types.h in qom/object.h for uint16List.
Update scripts/clean-includes accordingly. Update it further to match
reality: replace config.h by config-target.h, add sysemu/os-posix.h,
sysemu/os-win32.h. Update the list of includes in the qemu/osdep.h
comment quoted above similarly.
This reduces the number of objects depending on qapi/error.h from "all
of them" to less than a third. Unfortunately, the number depending on
qapi-types.h shrinks only a little. More work is needed for that one.
Signed-off-by: Markus Armbruster <armbru@redhat.com>
[Fix compilation without the spice devel packages. - Paolo]
Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
222 lines
6.0 KiB
C
222 lines
6.0 KiB
C
/*
|
|
* QEMU Crypto hash algorithms
|
|
*
|
|
* Copyright (c) 2015 Red Hat, Inc.
|
|
*
|
|
* This library is free software; you can redistribute it and/or
|
|
* modify it under the terms of the GNU Lesser General Public
|
|
* License as published by the Free Software Foundation; either
|
|
* version 2 of the License, or (at your option) any later version.
|
|
*
|
|
* This library is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
* Lesser General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public
|
|
* License along with this library; if not, see <http://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
#include "qemu/osdep.h"
|
|
#include "qapi/error.h"
|
|
#include "crypto/hash.h"
|
|
|
|
#ifdef CONFIG_GNUTLS_HASH
|
|
#include <gnutls/gnutls.h>
|
|
#include <gnutls/crypto.h>
|
|
#endif
|
|
|
|
|
|
static size_t qcrypto_hash_alg_size[QCRYPTO_HASH_ALG__MAX] = {
|
|
[QCRYPTO_HASH_ALG_MD5] = 16,
|
|
[QCRYPTO_HASH_ALG_SHA1] = 20,
|
|
[QCRYPTO_HASH_ALG_SHA256] = 32,
|
|
};
|
|
|
|
size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg)
|
|
{
|
|
if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_size)) {
|
|
return 0;
|
|
}
|
|
return qcrypto_hash_alg_size[alg];
|
|
}
|
|
|
|
|
|
#ifdef CONFIG_GNUTLS_HASH
|
|
static int qcrypto_hash_alg_map[QCRYPTO_HASH_ALG__MAX] = {
|
|
[QCRYPTO_HASH_ALG_MD5] = GNUTLS_DIG_MD5,
|
|
[QCRYPTO_HASH_ALG_SHA1] = GNUTLS_DIG_SHA1,
|
|
[QCRYPTO_HASH_ALG_SHA256] = GNUTLS_DIG_SHA256,
|
|
};
|
|
|
|
gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg)
|
|
{
|
|
if (alg < G_N_ELEMENTS(qcrypto_hash_alg_map)) {
|
|
return true;
|
|
}
|
|
return false;
|
|
}
|
|
|
|
|
|
int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
|
|
const struct iovec *iov,
|
|
size_t niov,
|
|
uint8_t **result,
|
|
size_t *resultlen,
|
|
Error **errp)
|
|
{
|
|
int i, ret;
|
|
gnutls_hash_hd_t dig;
|
|
|
|
if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_map)) {
|
|
error_setg(errp,
|
|
"Unknown hash algorithm %d",
|
|
alg);
|
|
return -1;
|
|
}
|
|
|
|
ret = gnutls_hash_init(&dig, qcrypto_hash_alg_map[alg]);
|
|
|
|
if (ret < 0) {
|
|
error_setg(errp,
|
|
"Unable to initialize hash algorithm: %s",
|
|
gnutls_strerror(ret));
|
|
return -1;
|
|
}
|
|
|
|
for (i = 0; i < niov; i++) {
|
|
ret = gnutls_hash(dig, iov[i].iov_base, iov[i].iov_len);
|
|
if (ret < 0) {
|
|
error_setg(errp,
|
|
"Unable process hash data: %s",
|
|
gnutls_strerror(ret));
|
|
goto error;
|
|
}
|
|
}
|
|
|
|
ret = gnutls_hash_get_len(qcrypto_hash_alg_map[alg]);
|
|
if (ret <= 0) {
|
|
error_setg(errp,
|
|
"Unable to get hash length: %s",
|
|
gnutls_strerror(ret));
|
|
goto error;
|
|
}
|
|
if (*resultlen == 0) {
|
|
*resultlen = ret;
|
|
*result = g_new0(uint8_t, *resultlen);
|
|
} else if (*resultlen != ret) {
|
|
error_setg(errp,
|
|
"Result buffer size %zu is smaller than hash %d",
|
|
*resultlen, ret);
|
|
goto error;
|
|
}
|
|
|
|
gnutls_hash_deinit(dig, *result);
|
|
return 0;
|
|
|
|
error:
|
|
gnutls_hash_deinit(dig, NULL);
|
|
return -1;
|
|
}
|
|
|
|
#else /* ! CONFIG_GNUTLS_HASH */
|
|
|
|
gboolean qcrypto_hash_supports(QCryptoHashAlgorithm alg G_GNUC_UNUSED)
|
|
{
|
|
return false;
|
|
}
|
|
|
|
int qcrypto_hash_bytesv(QCryptoHashAlgorithm alg,
|
|
const struct iovec *iov G_GNUC_UNUSED,
|
|
size_t niov G_GNUC_UNUSED,
|
|
uint8_t **result G_GNUC_UNUSED,
|
|
size_t *resultlen G_GNUC_UNUSED,
|
|
Error **errp)
|
|
{
|
|
error_setg(errp,
|
|
"Hash algorithm %d not supported without GNUTLS",
|
|
alg);
|
|
return -1;
|
|
}
|
|
|
|
#endif /* ! CONFIG_GNUTLS_HASH */
|
|
|
|
int qcrypto_hash_bytes(QCryptoHashAlgorithm alg,
|
|
const char *buf,
|
|
size_t len,
|
|
uint8_t **result,
|
|
size_t *resultlen,
|
|
Error **errp)
|
|
{
|
|
struct iovec iov = { .iov_base = (char *)buf,
|
|
.iov_len = len };
|
|
return qcrypto_hash_bytesv(alg, &iov, 1, result, resultlen, errp);
|
|
}
|
|
|
|
static const char hex[] = "0123456789abcdef";
|
|
|
|
int qcrypto_hash_digestv(QCryptoHashAlgorithm alg,
|
|
const struct iovec *iov,
|
|
size_t niov,
|
|
char **digest,
|
|
Error **errp)
|
|
{
|
|
uint8_t *result = NULL;
|
|
size_t resultlen = 0;
|
|
size_t i;
|
|
|
|
if (qcrypto_hash_bytesv(alg, iov, niov, &result, &resultlen, errp) < 0) {
|
|
return -1;
|
|
}
|
|
|
|
*digest = g_new0(char, (resultlen * 2) + 1);
|
|
for (i = 0 ; i < resultlen ; i++) {
|
|
(*digest)[(i * 2)] = hex[(result[i] >> 4) & 0xf];
|
|
(*digest)[(i * 2) + 1] = hex[result[i] & 0xf];
|
|
}
|
|
(*digest)[resultlen * 2] = '\0';
|
|
g_free(result);
|
|
return 0;
|
|
}
|
|
|
|
int qcrypto_hash_digest(QCryptoHashAlgorithm alg,
|
|
const char *buf,
|
|
size_t len,
|
|
char **digest,
|
|
Error **errp)
|
|
{
|
|
struct iovec iov = { .iov_base = (char *)buf, .iov_len = len };
|
|
|
|
return qcrypto_hash_digestv(alg, &iov, 1, digest, errp);
|
|
}
|
|
|
|
int qcrypto_hash_base64v(QCryptoHashAlgorithm alg,
|
|
const struct iovec *iov,
|
|
size_t niov,
|
|
char **base64,
|
|
Error **errp)
|
|
{
|
|
uint8_t *result = NULL;
|
|
size_t resultlen = 0;
|
|
|
|
if (qcrypto_hash_bytesv(alg, iov, niov, &result, &resultlen, errp) < 0) {
|
|
return -1;
|
|
}
|
|
|
|
*base64 = g_base64_encode(result, resultlen);
|
|
g_free(result);
|
|
return 0;
|
|
}
|
|
|
|
int qcrypto_hash_base64(QCryptoHashAlgorithm alg,
|
|
const char *buf,
|
|
size_t len,
|
|
char **base64,
|
|
Error **errp)
|
|
{
|
|
struct iovec iov = { .iov_base = (char *)buf, .iov_len = len };
|
|
|
|
return qcrypto_hash_base64v(alg, &iov, 1, base64, errp);
|
|
}
|