qemu-e2k/crypto/hmac.c
Longpeng f1710638ed crypto: afalg: fix a NULL pointer dereference
Test-crypto-hash calls qcrypto_hash_bytesv/digest/base64 with
errp=NULL, this will cause a NULL pointer dereference if afalg_driver
doesn't support requested algos:

    ret = qcrypto_hash_afalg_driver.hash_bytesv(alg, iov, niov,
                                                result, resultlen,
                                                errp);
    if (ret == 0) {
        return ret;
    }

    error_free(*errp);  // <--- here

Because the error message is thrown away immediately, we should
just pass NULL to hash_bytesv(). There is also the same problem in
afalg-backend cipher & hmac, let's fix them together.

Reviewed-by: Eric Blake <eblake@redhat.com>
Reported-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Longpeng <longpeng2@huawei.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
2017-11-08 11:05:09 +00:00

129 lines
3.0 KiB
C

/*
* QEMU Crypto hmac algorithms
*
* Copyright (c) 2016 HUAWEI TECHNOLOGIES CO., LTD.
*
* This work is licensed under the terms of the GNU GPL, version 2 or
* (at your option) any later version. See the COPYING file in the
* top-level directory.
*
*/
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "crypto/hmac.h"
#include "hmacpriv.h"
static const char hex[] = "0123456789abcdef";
int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
const struct iovec *iov,
size_t niov,
uint8_t **result,
size_t *resultlen,
Error **errp)
{
QCryptoHmacDriver *drv = hmac->driver;
return drv->hmac_bytesv(hmac, iov, niov, result, resultlen, errp);
}
int qcrypto_hmac_bytes(QCryptoHmac *hmac,
const char *buf,
size_t len,
uint8_t **result,
size_t *resultlen,
Error **errp)
{
struct iovec iov = {
.iov_base = (char *)buf,
.iov_len = len
};
return qcrypto_hmac_bytesv(hmac, &iov, 1, result, resultlen, errp);
}
int qcrypto_hmac_digestv(QCryptoHmac *hmac,
const struct iovec *iov,
size_t niov,
char **digest,
Error **errp)
{
uint8_t *result = NULL;
size_t resultlen = 0;
size_t i;
if (qcrypto_hmac_bytesv(hmac, iov, niov, &result, &resultlen, errp) < 0) {
return -1;
}
*digest = g_new0(char, (resultlen * 2) + 1);
for (i = 0 ; i < resultlen ; i++) {
(*digest)[(i * 2)] = hex[(result[i] >> 4) & 0xf];
(*digest)[(i * 2) + 1] = hex[result[i] & 0xf];
}
(*digest)[resultlen * 2] = '\0';
g_free(result);
return 0;
}
int qcrypto_hmac_digest(QCryptoHmac *hmac,
const char *buf,
size_t len,
char **digest,
Error **errp)
{
struct iovec iov = {
.iov_base = (char *)buf,
.iov_len = len
};
return qcrypto_hmac_digestv(hmac, &iov, 1, digest, errp);
}
QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg,
const uint8_t *key, size_t nkey,
Error **errp)
{
QCryptoHmac *hmac;
void *ctx = NULL;
QCryptoHmacDriver *drv = NULL;
#ifdef CONFIG_AF_ALG
ctx = qcrypto_afalg_hmac_ctx_new(alg, key, nkey, NULL);
if (ctx) {
drv = &qcrypto_hmac_afalg_driver;
}
#endif
if (!ctx) {
ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp);
if (!ctx) {
return NULL;
}
drv = &qcrypto_hmac_lib_driver;
}
hmac = g_new0(QCryptoHmac, 1);
hmac->alg = alg;
hmac->opaque = ctx;
hmac->driver = (void *)drv;
return hmac;
}
void qcrypto_hmac_free(QCryptoHmac *hmac)
{
QCryptoHmacDriver *drv;
if (hmac) {
drv = hmac->driver;
drv->hmac_free(hmac);
g_free(hmac);
}
}