From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:46886) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dSJec-0005B6-1x for qemu-devel@nongnu.org; Tue, 04 Jul 2017 04:57:54 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dSJeZ-0005cA-AT for qemu-devel@nongnu.org; Tue, 04 Jul 2017 04:57:54 -0400 Received: from szxga01-in.huawei.com ([45.249.212.187]:4013) by eggs.gnu.org with esmtps (TLS1.0:RSA_ARCFOUR_SHA1:16) (Exim 4.71) (envelope-from ) id 1dSJeY-0005an-O7 for qemu-devel@nongnu.org; Tue, 04 Jul 2017 04:57:51 -0400 From: "Longpeng(Mike)" Date: Tue, 4 Jul 2017 16:57:00 +0800 Message-ID: <1499158630-75260-9-git-send-email-longpeng2@huawei.com> In-Reply-To: <1499158630-75260-1-git-send-email-longpeng2@huawei.com> References: <1499158630-75260-1-git-send-email-longpeng2@huawei.com> MIME-Version: 1.0 Content-Type: text/plain Subject: [Qemu-devel] [PATCH v4 08/18] crypto: hmac: introduce qcrypto_hmac_ctx_new for gcrypt-backend List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: berrange@redhat.com Cc: arei.gonglei@huawei.com, weidong.huang@huawei.com, wangxinxin.wang@huawei.com, qemu-devel@nongnu.org, longpeng.mike@gmail.com, "Longpeng(Mike)" 1) Fix a handle-leak problem in qcrypto_hmac_new(), didn't free ctx->handle if gcry_mac_setkey fails. 2) Extracts qcrypto_hmac_ctx_new() from qcrypto_hmac_new() for gcrypt-backend impls. Reviewed-by: Daniel P. Berrange Reviewed-by: Gonglei Signed-off-by: Longpeng(Mike) --- crypto/hmac-gcrypt.c | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) diff --git a/crypto/hmac-gcrypt.c b/crypto/hmac-gcrypt.c index 21189e6..372ad7f 100644 --- a/crypto/hmac-gcrypt.c +++ b/crypto/hmac-gcrypt.c @@ -42,11 +42,11 @@ bool qcrypto_hmac_supports(QCryptoHashAlgorithm alg) return false; } -QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, - const uint8_t *key, size_t nkey, - Error **errp) +static QCryptoHmacGcrypt * +qcrypto_hmac_ctx_new(QCryptoHashAlgorithm alg, + const uint8_t *key, size_t nkey, + Error **errp) { - QCryptoHmac *hmac; QCryptoHmacGcrypt *ctx; gcry_error_t err; @@ -56,9 +56,6 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, return NULL; } - hmac = g_new0(QCryptoHmac, 1); - hmac->alg = alg; - ctx = g_new0(QCryptoHmacGcrypt, 1); err = gcry_mac_open(&ctx->handle, qcrypto_hmac_alg_map[alg], @@ -73,15 +70,14 @@ QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, if (err != 0) { error_setg(errp, "Cannot set key: %s", gcry_strerror(err)); + gcry_mac_close(ctx->handle); goto error; } - hmac->opaque = ctx; - return hmac; + return ctx; error: g_free(ctx); - g_free(hmac); return NULL; } @@ -150,3 +146,22 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac, return 0; } + +QCryptoHmac *qcrypto_hmac_new(QCryptoHashAlgorithm alg, + const uint8_t *key, size_t nkey, + Error **errp) +{ + QCryptoHmac *hmac; + QCryptoHmacGcrypt *ctx; + + ctx = qcrypto_hmac_ctx_new(alg, key, nkey, errp); + if (!ctx) { + return NULL; + } + + hmac = g_new0(QCryptoHmac, 1); + hmac->alg = alg; + hmac->opaque = ctx; + + return hmac; +} -- 1.8.3.1