[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PULL 03/10] crypto: check gnutls & gcrypt support the requested pbkdf h
From: |
Daniel P . Berrangé |
Subject: |
[PULL 03/10] crypto: check gnutls & gcrypt support the requested pbkdf hash |
Date: |
Mon, 9 Sep 2024 15:16:28 +0100 |
Both gnutls and gcrypt can be configured to exclude support for certain
algorithms via a runtime check against system crypto policies. Thus it
is not sufficient to have a compile time test for hash support in their
pbkdf implementations.
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>
---
crypto/pbkdf-gcrypt.c | 2 +-
crypto/pbkdf-gnutls.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/crypto/pbkdf-gcrypt.c b/crypto/pbkdf-gcrypt.c
index a8d8e64f4d..bc0719c831 100644
--- a/crypto/pbkdf-gcrypt.c
+++ b/crypto/pbkdf-gcrypt.c
@@ -33,7 +33,7 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
case QCRYPTO_HASH_ALG_SHA384:
case QCRYPTO_HASH_ALG_SHA512:
case QCRYPTO_HASH_ALG_RIPEMD160:
- return true;
+ return qcrypto_hash_supports(hash);
default:
return false;
}
diff --git a/crypto/pbkdf-gnutls.c b/crypto/pbkdf-gnutls.c
index 2dfbbd382c..911b565bea 100644
--- a/crypto/pbkdf-gnutls.c
+++ b/crypto/pbkdf-gnutls.c
@@ -33,7 +33,7 @@ bool qcrypto_pbkdf2_supports(QCryptoHashAlgorithm hash)
case QCRYPTO_HASH_ALG_SHA384:
case QCRYPTO_HASH_ALG_SHA512:
case QCRYPTO_HASH_ALG_RIPEMD160:
- return true;
+ return qcrypto_hash_supports(hash);
default:
return false;
}
--
2.45.2
- [PULL 00/10] Crypto fixes patches, Daniel P . Berrangé, 2024/09/09
- [PULL 01/10] iotests: fix expected output from gnutls, Daniel P . Berrangé, 2024/09/09
- [PULL 02/10] crypto: run qcrypto_pbkdf2_count_iters in a new thread, Daniel P . Berrangé, 2024/09/09
- [PULL 03/10] crypto: check gnutls & gcrypt support the requested pbkdf hash,
Daniel P . Berrangé <=
- [PULL 04/10] tests/unit: always build the pbkdf crypto unit test, Daniel P . Berrangé, 2024/09/09
- [PULL 05/10] tests/unit: build pbkdf test on macOS, Daniel P . Berrangé, 2024/09/09
- [PULL 07/10] crypto: use consistent error reporting pattern for unsupported cipher modes, Daniel P . Berrangé, 2024/09/09
- [PULL 06/10] crypto: avoid leak of ctx when bad cipher mode is given, Daniel P . Berrangé, 2024/09/09
- [PULL 08/10] crypto: Define macros for hash algorithm digest lengths, Daniel P . Berrangé, 2024/09/09
- [PULL 09/10] crypto: Support SHA384 hash when using glib, Daniel P . Berrangé, 2024/09/09
- [PULL 10/10] crypto: Introduce x509 utils, Daniel P . Berrangé, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Peter Maydell, 2024/09/09
- Re: [PULL 00/10] Crypto fixes patches, Michael Tokarev, 2024/09/11