From: Andreas Niederl <andreas.niederl@iaik.tugraz.at>
To: Stefan Berger <stefanb@linux.vnet.ibm.com>
Cc: qemu-devel@nongnu.org
Subject: Re: [Qemu-devel] [PATCH V7 12/13] Support for taking measurements when kernel etc. are passed to Qemu
Date: Fri, 12 Aug 2011 17:12:41 +0200 [thread overview]
Message-ID: <4E4542E9.9060000@iaik.tugraz.at> (raw)
In-Reply-To: <20110810193018.029981610@linux.vnet.ibm.com>
[-- Attachment #1.1: Type: text/plain, Size: 470 bytes --]
Hi,
the SHA1_HashBuf function you are using originates from a non-public
internal API which gets packaged on Fedora but is not available at least
on Debian (Squeeze) and Gentoo.
Could you please use HASH_HashBuf(HASH_AlgSHA1,...) which is available
on more platforms?
The attached patch would do this.
I'm not familiar with Fedora's nss packaging but maybe you can also drop
the check for nss-softokn in favor of nss with pkg-config.
Regards,
Andreas
[-- Attachment #1.2: qemu_tpm_paravirt_nss_sha1.diff --]
[-- Type: text/plain, Size: 2062 bytes --]
commit 43c8469eac29fe941d699e8cdd962fc4f0e97cc2
Author: Andreas Niederl <andreas.niederl@iaik.tugraz.at>
Date: Fri Aug 12 14:34:47 2011 +0200
Use public NSS API for SHA1 hash
diff --git a/configure b/configure
index 78571bf..8b696ea 100755
--- a/configure
+++ b/configure
@@ -2578,22 +2578,31 @@ fi
# libtpms probe
if test "$tpm" = "yes" ; then
- if $pkg_config --atleast-version=3.12.8 nss-softokn >/dev/null 2>&1 ; then
- tpmsupport_cflags=$($pkg_config --cflags nss-softokn 2>/dev/null)
- tpmsupport_libs="-lfreebl -lnspr4 -lnssutil3"
+ if $pkg_config --exists nss-softokn ; then
+ tpmsupport_nss="nss-softokn"
+ else
+ tpmsupport_nss="nss"
+ fi
+ if $pkg_config --atleast-version=3.12.8 $tpmsupport_nss >/dev/null 2>&1 ; then
+ tpmsupport_cflags=$($pkg_config --cflags $tpmsupport_nss 2>/dev/null)
+ if test "$tpmsupport_nss" = "nss-softokn" ; then
+ tpmsupport_libs="-lfreebl -lnspr4 -lnssutil3"
+ else
+ tpmsupport_libs="-lnss3 -lnspr4 -lnssutil3"
+ fi
QEMU_CFLAGS="$QEMU_CFLAGS $tpmsupport_cflags"
LIBS="$LIBS $tpmsupport_libs"
else
- feature_not_found "nss-softokn"
+ feature_not_found "$tpmsupport_nss"
fi
# Check for nss-softokn-freebl-devel
cat > $TMPC <<EOF
-#include <blapi.h>
+#include <sechash.h>
int main(void) {
unsigned char hash[20];
char src[1];
- return (int)SHA1_Hash(hash, src);
+ return (int)HASH_HashBuf(HASH_AlgSHA1, hash, src, sizeof(src));
}
EOF
diff --git a/sha1.c b/sha1.c
index 51c0f0b..3e6a94a 100644
--- a/sha1.c
+++ b/sha1.c
@@ -1,5 +1,5 @@
/*
- * SHA1 Freebl wrapper
+ * SHA1 NSS wrapper
*
* Copyright (C) 2011 IBM Corporation
* Copyright (C) 2011 Stefan Berger
@@ -11,9 +11,9 @@
#include "sha1.h"
-#include <nss3/blapi.h>
+#include <sechash.h>
int qemu_sha1(unsigned char hash[20], const unsigned char *data, uint32_t len)
{
- return SHA1_HashBuf(hash, data, len);
+ return HASH_HashBuf(HASH_AlgSHA1, hash, (unsigned char *)data, len);
}
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 6163 bytes --]
next prev parent reply other threads:[~2011-08-12 15:13 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-08-10 19:29 [Qemu-devel] [PATCH V7 00/13] Qemu Trusted Platform Module (TPM) integration Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 01/13] Support for TPM command line options Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 02/13] Add TPM (frontend) hardware interface (TPM TIS) to Qemu Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 03/13] Add persistent state handling to TPM TIS frontend driver Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 04/13] Add tpm_tis driver to build process Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 05/13] Add a debug register Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 06/13] Add a TPM backend skeleton implementation Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 07/13] Implementation of the libtpms-based backend Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 08/13] Introduce file lock for the block layer Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 09/13] Add block storage support for libtpms based TPM backend Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 10/13] Encrypt state blobs using AES CBC encryption Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 11/13] Experimental support for block migrating TPMs state Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 12/13] Support for taking measurements when kernel etc. are passed to Qemu Stefan Berger
2011-08-12 15:12 ` Andreas Niederl [this message]
2011-08-14 20:18 ` Stefan Berger
2011-08-10 19:29 ` [Qemu-devel] [PATCH V7 13/13] Add a TPM backend null driver implementation Stefan Berger
2011-08-12 14:55 ` Andreas Niederl
2011-08-14 20:18 ` Stefan Berger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4E4542E9.9060000@iaik.tugraz.at \
--to=andreas.niederl@iaik.tugraz.at \
--cc=qemu-devel@nongnu.org \
--cc=stefanb@linux.vnet.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).