david.venhoff/QEMU-Nyx-fork
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Merge qcrypto-next 2016/06/13 v1

Browse Source 
-----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQIcBAABCAAGBQJXXpxaAAoJEL6G67QVEE/feLgQAK7h4n4oESjzg+jg0lZ1KBkU
 VsxmJrV5gDR1u7sVl5zY3xEuGa+eBr2Atal0bGYqBnPJNynyxJSeICuFW2xklaVG
 Eo2mPB29btwnE8mTP0CtJW7bnmOCYjm2QMqm6z/sQ81HtmwsaoNec1smPg0iFec5
 khoRy9w+vfqKneQ3o3PJMxFDP2wzjSP7aA1bqZJcLkTC9MX/KY8Fq37OViZKQ4KQ
 +rY/j5c8i1yRd7THnHzNxfxerF0bEZl5UR9uHyhvbuItKqa8/q4eqFJxV3i71v6Q
 D+Wi0Fexle3CVdQX6lrWcFYGDJa4XfqoWmZr3798EaXlj4hWlS9OpCcSS9eFWESF
 qkCRhQJwyX7EMInIVcb44ZsgSMbBgyhHAeZRQT2LEhkW53s4P6VT7YLEWjf1NAVp
 wW8c42f+3bOmqFa1l/oQaIY7H8hjbo2aJzdMYlDL6ddMcWWC29S1qEAMldl/43ic
 soP0szz9YkFa2/FZ13pBvok7V0cwjM8hCZAbBJeGvL046k9J46XGqYx1i279x+QL
 4iDv7x/uIwhrYTMEHmXRqjA9u44+pzj6e4BgEeJu5nTHVxcuG+7DpJM6e8EIyXDQ
 57bNFD//aLdn/dEaW+KjAkTqoMyT9qbqot4KWinFxE23cT9Aft7ftDAboxLKmGVC
 Soyb4RwOTanm4aeqErQG
 =ptLb
 -----END PGP SIGNATURE-----

Merge remote-tracking branch 'remotes/berrange/tags/qcrypto-next-2016-06-13-v1' into staging

Merge qcrypto-next 2016/06/13 v1

# gpg: Signature made Mon 13 Jun 2016 12:43:22 BST
# gpg:                using RSA key 0xBE86EBB415104FDF
# gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>"
# gpg:                 aka "Daniel P. Berrange <berrange@redhat.com>"
# Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E  8E3F BE86 EBB4 1510 4FDF

* remotes/berrange/tags/qcrypto-next-2016-06-13-v1:
  crypto: aes: always rename internal symbols
  crypto: assert that qcrypto_hash_digest_len is in range
  crypto: remove temp files on completion of secrets test
  TLS: provide slightly more information when TLS certificate loading fails

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
This commit is contained in:
Peter Maydell 2016-06-13 13:05:02 +01:00
commit 55e5c3a2d2
4 changed files with 18 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
crypto/hash.c
View File

@ -36,9 +36,7 @@ static size_t qcrypto_hash_alg_size[QCRYPTO_HASH_ALG__MAX] = {
size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg) size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg)
{ {
if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_size)) { assert(alg < G_N_ELEMENTS(qcrypto_hash_alg_size));
return 0;
}
return qcrypto_hash_alg_size[alg]; return qcrypto_hash_alg_size[alg];
} }

17
crypto/tlscredsx509.c
View File

@ -392,11 +392,14 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
gsize buflen; gsize buflen;
GError *gerr; GError *gerr;
int ret = -1; int ret = -1;
int err;
trace_qcrypto_tls_creds_x509_load_cert(creds, isServer, certFile); trace_qcrypto_tls_creds_x509_load_cert(creds, isServer, certFile);
if (gnutls_x509_crt_init(&cert) < 0) { err = gnutls_x509_crt_init(&cert);
error_setg(errp, "Unable to initialize certificate"); if (err < 0) {
error_setg(errp, "Unable to initialize certificate: %s",
gnutls_strerror(err));
goto cleanup; goto cleanup;
} }
@ -410,11 +413,13 @@ qcrypto_tls_creds_load_cert(QCryptoTLSCredsX509 *creds,
data.data = (unsigned char *)buf; data.data = (unsigned char *)buf;
data.size = strlen(buf); data.size = strlen(buf);
if (gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM) < 0) { err = gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM);
if (err < 0) {
error_setg(errp, isServer ? error_setg(errp, isServer ?
"Unable to import server certificate %s" : "Unable to import server certificate %s: %s" :
"Unable to import client certificate %s", "Unable to import client certificate %s: %s",
certFile); certFile,
gnutls_strerror(err));
goto cleanup; goto cleanup;
} }

5
include/crypto/aes.h
View File

@ -10,14 +10,13 @@ struct aes_key_st {
}; };
typedef struct aes_key_st AES_KEY; typedef struct aes_key_st AES_KEY;
/* FreeBSD has its own AES_set_decrypt_key in -lcrypto, avoid conflicts */ /* FreeBSD/OpenSSL have their own AES functions with the same names in -lcrypto
#ifdef __FreeBSD__ * (which might be pulled in via curl), so redefine to avoid conflicts. */
#define AES_set_encrypt_key QEMU_AES_set_encrypt_key #define AES_set_encrypt_key QEMU_AES_set_encrypt_key
#define AES_set_decrypt_key QEMU_AES_set_decrypt_key #define AES_set_decrypt_key QEMU_AES_set_decrypt_key
#define AES_encrypt QEMU_AES_encrypt #define AES_encrypt QEMU_AES_encrypt
#define AES_decrypt QEMU_AES_decrypt #define AES_decrypt QEMU_AES_decrypt
#define AES_cbc_encrypt QEMU_AES_cbc_encrypt #define AES_cbc_encrypt QEMU_AES_cbc_encrypt
#endif
int AES_set_encrypt_key(const unsigned char *userKey, const int bits, int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key); AES_KEY *key);

6
tests/test-crypto-secret.c
View File

@ -49,7 +49,7 @@ static void test_secret_indirect_good(void)
{ {
Object *sec; Object *sec;
char *fname = NULL; char *fname = NULL;
int fd = g_file_open_tmp("secretXXXXXX", int fd = g_file_open_tmp("qemu-test-crypto-secret-XXXXXX",
&fname, &fname,
NULL); NULL);
@ -74,6 +74,7 @@ static void test_secret_indirect_good(void)
object_unparent(sec); object_unparent(sec);
g_free(pw); g_free(pw);
close(fd); close(fd);
unlink(fname);
g_free(fname); g_free(fname);
} }
@ -96,7 +97,7 @@ static void test_secret_indirect_emptyfile(void)
{ {
Object *sec; Object *sec;
char *fname = NULL; char *fname = NULL;
int fd = g_file_open_tmp("secretXXXXXX", int fd = g_file_open_tmp("qemu-test-crypto-secretXXXXXX",
&fname, &fname,
NULL); NULL);
@ -119,6 +120,7 @@ static void test_secret_indirect_emptyfile(void)
object_unparent(sec); object_unparent(sec);
g_free(pw); g_free(pw);
close(fd); close(fd);
unlink(fname);
g_free(fname); g_free(fname);
} }