From: "Daniel P. Berrange" <berrange@redhat.com>
To: Wen Congyang <wency@cn.fujitsu.com>
Cc: Peter Maydell <peter.maydell@linaro.org>, qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PULL v3 02/13] crypto: add support for PBKDF2 algorithm
Date: Tue, 29 Mar 2016 10:09:32 +0100 [thread overview]
Message-ID: <20160329090932.GC29697@redhat.com> (raw)
In-Reply-To: <56F359AD.8090502@cn.fujitsu.com>
On Thu, Mar 24, 2016 at 11:06:21AM +0800, Wen Congyang wrote:
> On 03/18/2016 12:53 AM, Daniel P. Berrange wrote:
> > The LUKS data format includes use of PBKDF2 (Password-Based
> > Key Derivation Function). The Nettle library can provide
> > an implementation of this, but we don't want code directly
> > depending on a specific crypto library backend. Introduce
> > a new include/crypto/pbkdf.h header which defines a QEMU
> > API for invoking PBKDK2. The initial implementations are
> > backed by nettle & gcrypt, which are commonly available
> > with distros shipping GNUTLS.
> >
> > The test suite data is taken from the cryptsetup codebase
> > under the LGPLv2.1+ license. This merely aims to verify
> > that whatever backend we provide for this function in QEMU
> > will comply with the spec.
> >
> > Reviewed-by: Fam Zheng <famz@redhat.com>
> > Reviewed-by: Eric Blake <eblake@redhat.com>
> > Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
>
> I get the following building error:
>
> CC crypto/pbkdf.o
> CC crypto/pbkdf-nettle.o
> CC crypto/ivgen.o
> crypto/pbkdf-nettle.c:23:27: error: nettle/pbkdf2.h: No such file or directory
> crypto/pbkdf-nettle.c: In function ‘qcrypto_pbkdf2’:
> crypto/pbkdf-nettle.c:46: warning: implicit declaration of function ‘pbkdf2_hmac_sha1’
> crypto/pbkdf-nettle.c:46: warning: nested extern declaration of ‘pbkdf2_hmac_sha1’
> crypto/pbkdf-nettle.c:53: warning: implicit declaration of function ‘pbkdf2_hmac_sha256’
> crypto/pbkdf-nettle.c:53: warning: nested extern declaration of ‘pbkdf2_hmac_sha256’
> make: *** [crypto/pbkdf-nettle.o] Error 1
> make: *** Waiting for unfinished jobs....
>
> rpm -qf /usr/include/nettle/
> libnettle-devel-2.4-8.1.2
>
> The nettle version is very old......
> The OS is SUSE 11 SP3.
Ok, I work on a patch to make this conditional on nettle version.
Regards,
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
next prev parent reply other threads:[~2016-03-29 9:09 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-03-17 16:53 [Qemu-devel] [PULL v3 00/13] Merge crypto code for LUKS encryption Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 01/13] crypto: add cryptographic random byte source Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 02/13] crypto: add support for PBKDF2 algorithm Daniel P. Berrange
2016-03-24 3:06 ` Wen Congyang
2016-03-29 9:09 ` Daniel P. Berrange [this message]
2016-03-29 14:50 ` Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 03/13] crypto: add support for generating initialization vectors Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 04/13] crypto: add support for anti-forensic split algorithm Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 05/13] crypto: skip testing of unsupported cipher algorithms Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 06/13] crypto: add support for the cast5-128 cipher algorithm Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 07/13] crypto: add support for the serpent " Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 08/13] crypto: add support for the twofish " Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 09/13] crypto: import an implementation of the XTS cipher mode Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 10/13] crypto: refactor code for dealing with AES cipher Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 11/13] crypto: wire up XTS mode for cipher APIs Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 12/13] crypto: add block encryption framework Daniel P. Berrange
2016-03-17 16:53 ` [Qemu-devel] [PULL v3 13/13] crypto: implement the LUKS block encryption format Daniel P. Berrange
2016-03-17 18:00 ` [Qemu-devel] [PULL v3 00/13] Merge crypto code for LUKS encryption Peter Maydell
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160329090932.GC29697@redhat.com \
--to=berrange@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=wency@cn.fujitsu.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).