From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from eggs.gnu.org ([2001:4830:134:3::10]:35433) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1aRNxa-0002mA-N3 for qemu-devel@nongnu.org; Thu, 04 Feb 2016 12:44:52 -0500 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1aRNxZ-0004Ad-PL for qemu-devel@nongnu.org; Thu, 04 Feb 2016 12:44:50 -0500 References: <1453311539-1193-1-git-send-email-berrange@redhat.com> <1453311539-1193-3-git-send-email-berrange@redhat.com> From: Eric Blake Message-ID: <56B38E09.4030503@redhat.com> Date: Thu, 4 Feb 2016 10:44:41 -0700 MIME-Version: 1.0 In-Reply-To: <1453311539-1193-3-git-send-email-berrange@redhat.com> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="BQMIj22g9cjNvPq0ooWf3AnJqttoFIWij" Subject: Re: [Qemu-devel] [PATCH v2 02/17] crypto: add cryptographic random byte source List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: "Daniel P. Berrange" , qemu-devel@nongnu.org Cc: Kevin Wolf , Fam Zheng , qemu-block@nongnu.org This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --BQMIj22g9cjNvPq0ooWf3AnJqttoFIWij Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable On 01/20/2016 10:38 AM, Daniel P. Berrange wrote: > There are three backend impls provided. The preferred > is gnutls, which is backed by nettle in modern distros. > The gcrypt impl is provided for cases where QEMU build > against gnutls is disabled, but crypto is still desired. > No nettle impl is provided, since it is non-trivial to > use the nettle APIs for random numbers. Users of nettle > should ensure gnutls is enabled for QEMU. >=20 > Signed-off-by: Daniel P. Berrange > --- > +++ b/crypto/Makefile.objs > @@ -8,6 +8,10 @@ crypto-obj-y +=3D tlscredsanon.o > crypto-obj-y +=3D tlscredsx509.o > crypto-obj-y +=3D tlssession.o > crypto-obj-y +=3D secret.o > +crypto-obj-$(if $(CONFIG_GNUTLS),n,$(CONFIG_GCRYPT)) +=3D random-gcryp= t.o > +crypto-obj-$(CONFIG_GNUTLS) +=3D random-gnutls.o > =20 > # Let the userspace emulators avoid linking gnutls/etc > crypto-aes-obj-y =3D aes.o > + > +stub-obj-y +=3D random-stub.o > \ No newline at end of file You'll want to fix that newline. > +++ b/crypto/random-gcrypt.c > + > +#include Now that we are starting to include "qemu/osdep.h" first everywhere, you'll want to pick that up on rebase. > +++ b/include/crypto/random.h > + > +/** > + * qcrypto_random_bytes: > + * @buf: the buffer to fill > + * @buflen: length of @buf in bytes > + * @errp: pointer to a NULL-initialized error object > + * > + * Fill @buf with @buflen bytes of random data s/of/of cryptographically strong/ > + * > + * Returns 0 on sucess, -1 on error > + */ > +int qcrypto_random_bytes(uint8_t *buf, > + size_t buflen, > + Error **errp); > + With those tweaks, Reviewed-by: Eric Blake --=20 Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org --BQMIj22g9cjNvPq0ooWf3AnJqttoFIWij Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Public key at http://people.redhat.com/eblake/eblake.gpg Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQEcBAEBCAAGBQJWs44JAAoJEKeha0olJ0Nqfr8H/jywj06pSD1KEDhFY8y4gLIz iraGMjbNF3iSEYKtwXIWuriIPUbm+G/TrZbNGHxYt+qkTQmU1Jvsz2VzWPbZdnkV 1q/xgdOq7PNrSrA3ulj9sOa8Z+boW4nlTOBKvSzjflDHIfLeO3CVuV6Izz54blmX J5nxLL9oKNilx/xyPwiIBhM0tM1lj9yU4sP+wz1NV7o6h+BPvhoPVBNs0cB0cwSN 6XRcN1wgnjhnzaBDQp1eANSx6BDumm4Ib1GlZtbwyUhWE9POas5fgWzS6GTMEu1s qbSvNixV4iMd755ISkerK/x0nlJZYXgKtxySIsUETeTWXXAyidHLY2tTTKFt1+E= =QT1g -----END PGP SIGNATURE----- --BQMIj22g9cjNvPq0ooWf3AnJqttoFIWij--