On Sat, May 14, 2022 at 08:55:01AM +0800, zhenwei pi wrote: > From: Lei He <helei.sig11@xxxxxxxxxxxxx> > > Added gcryt implementation of RSA algorithm, RSA algorithm > implemented by gcrypt has a higher priority than nettle because > it supports raw padding. > > Signed-off-by: zhenwei pi <pizhenwei@xxxxxxxxxxxxx> > Signed-off-by: lei he <helei.sig11@xxxxxxxxxxxxx> > --- > crypto/akcipher-gcrypt.c.inc | 597 +++++++++++++++++++++++++++++++++++ > crypto/akcipher.c | 4 +- > 2 files changed, 600 insertions(+), 1 deletion(-) > create mode 100644 crypto/akcipher-gcrypt.c.inc > > diff --git a/crypto/akcipher-gcrypt.c.inc b/crypto/akcipher-gcrypt.c.inc > new file mode 100644 > index 0000000000..6c5daa301e > --- /dev/null > +++ b/crypto/akcipher-gcrypt.c.inc > @@ -0,0 +1,597 @@ > +/* > + * QEMU Crypto akcipher algorithms > + * > + * Copyright (c) 2022 Bytedance > + * Author: lei he <helei.sig11@xxxxxxxxxxxxx> > + * > + * This library is free software; you can redistribute it and/or > + * modify it under the terms of the GNU Lesser General Public > + * License as published by the Free Software Foundation; either > + * version 2.1 of the License, or (at your option) any later version. > + * > + * This library is distributed in the hope that it will be useful, > + * but WITHOUT ANY WARRANTY; without even the implied warranty of > + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + * Lesser General Public License for more details. > + * > + * You should have received a copy of the GNU Lesser General Public > + * License along with this library; if not, see <http://www.gnu.org/licenses/>. > + * > + */ > + > +#include <gcrypt.h> > +static QCryptoGcryptRSA *qcrypto_gcrypt_rsa_new( > + const QCryptoAkCipherOptionsRSA *opt, > + QCryptoAkCipherKeyType type, > + const uint8_t *key, size_t keylen, > + Error **errp) > +{ > + QCryptoGcryptRSA *rsa = g_new0(QCryptoGcryptRSA, 1); > + rsa->padding_alg = opt->padding_alg; > + rsa->hash_alg = opt->hash_alg; > + rsa->akcipher.driver = &gcrypt_rsa; > + > + switch (type) { > + case QCRYPTO_AKCIPHER_KEY_TYPE_PRIVATE: > + if (qcrypto_gcrypt_parse_rsa_private_key(rsa, key, keylen, errp) != 0) { > + error_setg(errp, "Failed to parse rsa private key"); Not need now, since qcrypto_gcrypt_parse_rsa_private_key reports the real error message. > + goto error; > + } > + break; > + > + case QCRYPTO_AKCIPHER_KEY_TYPE_PUBLIC: > + if (qcrypto_gcrypt_parse_rsa_public_key(rsa, key, keylen, errp) != 0) { > + error_setg(errp, "Failed to parse rsa public rsa key"); Likewise not needed. > + goto error; > + } > + break; > + > + default: > + error_setg(errp, "Unknown akcipher key type %d", type); > + goto error; > + } > + > + return rsa; > + > +error: > + qcrypto_gcrypt_rsa_free((QCryptoAkCipher *)rsa); > + return NULL; > +} With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|