From: "Daniel P. Berrangé" <berrange@redhat.com>
To: "Cédric Le Goater" <clg@kaod.org>
Cc: Alejandro Zeise <alejandro.zeise@seagate.com>,
qemu-arm@nongnu.org, qemu-devel@nongnu.org,
peter.maydell@linaro.org
Subject: Re: [PATCH v2 1/2] crypto: add support for accumulative hashing
Date: Tue, 30 Jul 2024 17:34:00 +0100 [thread overview]
Message-ID: <ZqkV-OQizSWac5yo@redhat.com> (raw)
In-Reply-To: <fdc53976-2000-46cd-a65a-c9976fc8c9d1@kaod.org>
On Tue, Jul 30, 2024 at 05:58:38PM +0200, Cédric Le Goater wrote:
> On 7/29/24 21:00, Alejandro Zeise wrote:
> > This change adds an accumulative hashing function
> > (qcrypto_hash_accumulate_bytesv) and implementation
> > for each of the crypto library backends that QEMU supports.
> >
> > The QCrypto API did not support hashing in an accumulative mode.
> > As such, hardware hash modules (like the HACE from Aspeed's SoCs) are
> > unable to perform such operations correctly when the guest requires it.
> >
> > The creation and freeing of each library's context is abstracted by
> > the qcrypto_hash_accumulate_new_ctx and qcrypto_hash_accumulate_free_ctx
> > functions.
> >
> > Changes in V2:
> > * Fixed error checking bug in libgcrypt backend
> >
> > Signed-off-by: Alejandro Zeise <alejandro.zeise@seagate.com>
> > ---
> > crypto/hash-gcrypt.c | 105 ++++++++++++++++++++++++++++++++++++++++++
> > crypto/hash-glib.c | 89 +++++++++++++++++++++++++++++++++++
> > crypto/hash-gnutls.c | 82 +++++++++++++++++++++++++++++++++
> > crypto/hash-nettle.c | 93 +++++++++++++++++++++++++++++++++++++
> > crypto/hash.c | 42 +++++++++++++++++
> > crypto/hashpriv.h | 11 +++++
> > include/crypto/hash.h | 65 ++++++++++++++++++++++++++
> > 7 files changed, 487 insertions(+)
> > diff --git a/include/crypto/hash.h b/include/crypto/hash.h
> > index 54d87aa2a1..fb8ae2d099 100644
> > --- a/include/crypto/hash.h
> > +++ b/include/crypto/hash.h
> > @@ -1,6 +1,7 @@
> > /*
> > * QEMU Crypto hash algorithms
> > *
> > + * Copyright (c) 2024 Seagate Technology LLC and/or its Affiliates
> > * Copyright (c) 2015 Red Hat, Inc.
> > *
> > * This library is free software; you can redistribute it and/or
> > @@ -25,6 +26,8 @@
> > /* See also "QCryptoHashAlgorithm" defined in qapi/crypto.json */
> > +typedef void qcrypto_hash_accumulate_ctx_t;
>
>
> QCryptoHmac defines a similar API. I would do the same for the hash
> accumulative mode. See hmac files.
Yes, ideally the hmac APIs would match the hash APIs.
That said, the changes I've just requested are already a
large amount of work, so I'm not going to demand that
the hmac.c code is also changed.
Alejandro: if have you time to update hmac.c that would
be awesome, but consider it optional.
With regards,
Daniel
--
|: https://berrange.com -o- https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org -o- https://fstop138.berrange.com :|
|: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
next prev parent reply other threads:[~2024-07-30 16:34 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-29 19:00 [PATCH v2 0/2] hw/misc/aspeed_hace: Fix SG Accumulative Hash Calculations Alejandro Zeise
2024-07-29 19:00 ` [PATCH v2 1/2] crypto: add support for accumulative hashing Alejandro Zeise
2024-07-30 15:58 ` Cédric Le Goater
2024-07-30 16:34 ` Daniel P. Berrangé [this message]
2024-07-30 16:26 ` Daniel P. Berrangé
2024-07-29 19:00 ` [PATCH v2 2/2] hw/misc/aspeed_hace: Fix SG Accumulative hashing Alejandro Zeise
2024-07-30 7:03 ` Philippe Mathieu-Daudé
2024-07-30 10:54 ` Cédric Le Goater
2024-07-30 16:01 ` Alejandro Zeise
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZqkV-OQizSWac5yo@redhat.com \
--to=berrange@redhat.com \
--cc=alejandro.zeise@seagate.com \
--cc=clg@kaod.org \
--cc=peter.maydell@linaro.org \
--cc=qemu-arm@nongnu.org \
--cc=qemu-devel@nongnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).