Merge tag 'crypto-fixes-pull-request' of https://gitlab.com/berrange/qemu into staging

* Remove deprecated 'loaded' property from crypto objects * Fix error checking of hash function in gcrypt * Perform runtime check for hash functions in gcrypt * Add SM3 hash function to pbkdf # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEE2vOm/bJrYpEtDo4/vobrtBUQT98FAmcqZpkACgkQvobrtBUQ # T992Gg//TMfrdS8CtjzCMSDbPuGu4NSkNa0nm3vnz6KOyOoZ7MYDjhWFXux0xckG # cetuWBPQR/prQorzVje2ojEa3aUWQ4AxOn6xbHg1bXl+nCLB2iu9RcKy0vc/pZ2i # mFI3HIFyZjETJ/9NXgy7fZFTNmiMAucYwtxfHXwcvRXHH8cBGIwiXpAWpAOo2pXd # iS90PDxxd20anykuHBmN9RSXcLTaEqT5pIMCowqPVh0vwdnLVi+5UpYrwR6JYIG7 # GxsnoXXl5aB786gEL0M2p4XTfJs0zESVMAt2sjxD8gtVDERd87x1cCHLkuVnb3GS # HtHdxRT4TeUjwvYStU9lNpHT3wC1vGaU8x7SBKZ9VensbR+OERWlkdJGRixXc9FT # 1RyRfJzUbCk7wjJFfNmhMvEaE8sSvhxIc1JVQVCDBxqpMYTFOmLZqhD0vpcxkyot # go1+y0+6wlxjw2/JlOG0CDDDnYwOpRCETYTHm0G0/Gm4izu/YQOGqCC/0YA+mOhX # Gkg230gj2BzWYFvU7iGotEY3yWN6qRN06+GRlImDSNmFr6FdEzc8u5ZvDtVuq3++ # SwvbKQ7N0sJbzmWCyB9/rNiJMu5723VW9phCmRwcUBp79fVYJpH+QOHmZixoqBf7 # oKUYxhRhzCiQQaxWG7E8Um7sDjk0LTYf29W0tebCSZuRqSnVHGM= # =tzW1 # -----END PGP SIGNATURE----- # gpg: Signature made Tue 05 Nov 2024 18:40:25 GMT # gpg: using RSA key DAF3A6FDB26B62912D0E8E3FBE86EBB415104FDF # gpg: Good signature from "Daniel P. Berrange <dan@berrange.com>" [full] # gpg: aka "Daniel P. Berrange <berrange@redhat.com>" [full] # Primary key fingerprint: DAF3 A6FD B26B 6291 2D0E 8E3F BE86 EBB4 1510 4FDF * tag 'crypto-fixes-pull-request' of https://gitlab.com/berrange/qemu: crypto: perform runtime check for hash/hmac support in gcrypt crypto: fix error check on gcry_md_open crypto: Introduce SM3 hash hmac pbkdf algorithm crypto: purge 'loaded' property that was not fully removed Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
author: Peter Maydell <peter.maydell@linaro.org> 2024-11-06 17:28:36 +0000
committer: Peter Maydell <peter.maydell@linaro.org> 2024-11-06 17:28:36 +0000
commit: 731d58b545ef66072d38b428fe0dcd1d691e364c (patch)
tree: a8fbd884b7f9e85657bd2ec6d732240ec13264f2 /meson.build
parent: 51d7495ed9901966d90517032d9b9ae8faebe1d5 (diff)
parent: a7e42752324a264439bef28da3ee3e2563cf0e16 (diff)
1 files changed, 39 insertions, 0 deletions
diff --git a/meson.build b/meson.build
index 5cfffb4aa6..34e2bdb0c2 100644
--- a/meson.build
+++ b/meson.build
@@ -1760,6 +1760,7 @@ gcrypt = not_found
 nettle = not_found
 hogweed = not_found
 crypto_sm4 = not_found
+crypto_sm3 = not_found
 xts = 'none'
 
 if get_option('nettle').enabled() and get_option('gcrypt').enabled()
@@ -1795,6 +1796,17 @@ if not gnutls_crypto.found()
       }''', dependencies: gcrypt)
       crypto_sm4 = not_found
     endif
+    crypto_sm3 = gcrypt
+    # SM3 ALG is available in libgcrypt >= 1.9
+    if gcrypt.found() and not cc.links('''
+      #include <gcrypt.h>
+      int main(void) {
+        gcry_md_hd_t handler;
+        gcry_md_open(&handler, GCRY_MD_SM3, 0);
+        return 0;
+      }''', dependencies: gcrypt)
+      crypto_sm3 = not_found
+    endif
   endif
   if (not get_option('nettle').auto() or have_system) and not gcrypt.found()
     nettle = dependency('nettle', version: '>=3.4',
@@ -1815,6 +1827,31 @@ if not gnutls_crypto.found()
       }''', dependencies: nettle)
       crypto_sm4 = not_found
     endif
+    crypto_sm3 = nettle
+    # SM3 ALG is available in nettle >= 3.8
+    if nettle.found() and not cc.links('''
+      #include <nettle/sm3.h>
+      #include <nettle/hmac.h>
+      int main(void) {
+      struct sm3_ctx ctx;
+      struct hmac_sm3_ctx hmac_ctx;
+      unsigned char data[64] = {0};
+      unsigned char output[32];
+
+      // SM3 hash function test
+      sm3_init(&ctx);
+      sm3_update(&ctx, 64, data);
+      sm3_digest(&ctx, 32, data);
+
+      // HMAC-SM3 test
+      hmac_sm3_set_key(&hmac_ctx, 32, data);
+      hmac_sm3_update(&hmac_ctx, 64, data);
+      hmac_sm3_digest(&hmac_ctx, 32, output);
+
+      return 0;
+      }''', dependencies: nettle)
+      crypto_sm3 = not_found
+    endif
   endif
 endif
 
@@ -2462,6 +2499,7 @@ config_host_data.set('CONFIG_TASN1', tasn1.found())
 config_host_data.set('CONFIG_GCRYPT', gcrypt.found())
 config_host_data.set('CONFIG_NETTLE', nettle.found())
 config_host_data.set('CONFIG_CRYPTO_SM4', crypto_sm4.found())
+config_host_data.set('CONFIG_CRYPTO_SM3', crypto_sm3.found())
 config_host_data.set('CONFIG_HOGWEED', hogweed.found())
 config_host_data.set('CONFIG_QEMU_PRIVATE_XTS', xts == 'private')
 config_host_data.set('CONFIG_MALLOC_TRIM', has_malloc_trim)
@@ -4596,6 +4634,7 @@ if nettle.found()
    summary_info += {'  XTS':             xts != 'private'}
 endif
 summary_info += {'SM4 ALG support':   crypto_sm4}
+summary_info += {'SM3 ALG support':   crypto_sm3}
 summary_info += {'AF_ALG support':    have_afalg}
 summary_info += {'rng-none':          get_option('rng_none')}
 summary_info += {'Linux keyring':     have_keyring}
author	Peter Maydell <peter.maydell@linaro.org>	2024-11-06 17:28:36 +0000
committer	Peter Maydell <peter.maydell@linaro.org>	2024-11-06 17:28:36 +0000
commit	731d58b545ef66072d38b428fe0dcd1d691e364c (patch)
tree	a8fbd884b7f9e85657bd2ec6d732240ec13264f2 /meson.build
parent	51d7495ed9901966d90517032d9b9ae8faebe1d5 (diff)
parent	a7e42752324a264439bef28da3ee3e2563cf0e16 (diff)