On 01/20/2016 10:38 AM, Daniel P. Berrange wrote: > There are three backend impls provided. The preferred > is gnutls, which is backed by nettle in modern distros. > The gcrypt impl is provided for cases where QEMU build > against gnutls is disabled, but crypto is still desired. > No nettle impl is provided, since it is non-trivial to > use the nettle APIs for random numbers. Users of nettle > should ensure gnutls is enabled for QEMU. > > Signed-off-by: Daniel P. Berrange <[email protected]> > ---
> +++ b/crypto/Makefile.objs > @@ -8,6 +8,10 @@ crypto-obj-y += tlscredsanon.o > crypto-obj-y += tlscredsx509.o > crypto-obj-y += tlssession.o > crypto-obj-y += secret.o > +crypto-obj-$(if $(CONFIG_GNUTLS),n,$(CONFIG_GCRYPT)) += random-gcrypt.o > +crypto-obj-$(CONFIG_GNUTLS) += random-gnutls.o > > # Let the userspace emulators avoid linking gnutls/etc > crypto-aes-obj-y = aes.o > + > +stub-obj-y += random-stub.o > \ No newline at end of file You'll want to fix that newline. > +++ b/crypto/random-gcrypt.c > + > +#include <config-host.h> Now that we are starting to include "qemu/osdep.h" first everywhere, you'll want to pick that up on rebase. > +++ b/include/crypto/random.h > + > +/** > + * qcrypto_random_bytes: > + * @buf: the buffer to fill > + * @buflen: length of @buf in bytes > + * @errp: pointer to a NULL-initialized error object > + * > + * Fill @buf with @buflen bytes of random data s/of/of cryptographically strong/ > + * > + * Returns 0 on sucess, -1 on error > + */ > +int qcrypto_random_bytes(uint8_t *buf, > + size_t buflen, > + Error **errp); > + With those tweaks, Reviewed-by: Eric Blake <[email protected]> -- Eric Blake eblake redhat com +1-919-301-3266 Libvirt virtualization library http://libvirt.org
signature.asc
Description: OpenPGP digital signature
