X-Git-Url: http://review.tizen.org/git/?a=blobdiff_plain;f=lib%2Fcrypto_backend%2Fcrypto_nettle.c;h=086e4fcafb9c67e4098fe88bf02412537084a84f;hb=6497abd1df88001eb1f45f7348534911b33d05b5;hp=3cffba926cf99eb46b8ccde9752b79446ece8381;hpb=f7fc3bb4e50cce23dd95111b246b6e034537e2cf;p=platform%2Fupstream%2Fcryptsetup.git

diff --git a/lib/crypto_backend/crypto_nettle.c b/lib/crypto_backend/crypto_nettle.c
index 3cffba9..086e4fc 100644
--- a/lib/crypto_backend/crypto_nettle.c
+++ b/lib/crypto_backend/crypto_nettle.c
@@ -1,8 +1,8 @@
 /*
  * Nettle crypto backend implementation
  *
- * Copyright (C) 2011-2021 Red Hat, Inc. All rights reserved.
- * Copyright (C) 2011-2021 Milan Broz
+ * Copyright (C) 2011-2023 Red Hat, Inc. All rights reserved.
+ * Copyright (C) 2011-2023 Milan Broz
  *
  * This file is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -26,6 +26,7 @@
 #include <nettle/sha3.h>
 #include <nettle/hmac.h>
 #include <nettle/pbkdf2.h>
+#include <nettle/memops.h>
 #include "crypto_backend_internal.h"
 
 #if HAVE_NETTLE_VERSION_H
@@ -213,7 +214,7 @@ static struct hash_alg *_get_alg(const char *name)
 	return NULL;
 }
 
-int crypt_backend_init(void)
+int crypt_backend_init(bool fips __attribute__((unused)))
 {
 	return 0;
 }
@@ -301,12 +302,16 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
 
 
 	h->hash = _get_alg(name);
-	if (!h->hash)
-		goto bad;
+	if (!h->hash) {
+		free(h);
+		return -EINVAL;
+	}
 
 	h->key = malloc(key_length);
-	if (!h->key)
-		goto bad;
+	if (!h->key) {
+		free(h);
+		return -ENOMEM;
+	}
 
 	memcpy(h->key, key, key_length);
 	h->key_length = key_length;
@@ -316,9 +321,6 @@ int crypt_hmac_init(struct crypt_hmac **ctx, const char *name,
 
 	*ctx = h;
 	return 0;
-bad:
-	free(h);
-	return -EINVAL;
 }
 
 static void crypt_hmac_restart(struct crypt_hmac *ctx)
@@ -351,7 +353,10 @@ void crypt_hmac_destroy(struct crypt_hmac *ctx)
 }
 
 /* RNG - N/A */
-int crypt_backend_rng(char *buffer, size_t length, int quality, int fips)
+int crypt_backend_rng(char *buffer __attribute__((unused)),
+		      size_t length __attribute__((unused)),
+		      int quality __attribute__((unused)),
+		      int fips __attribute__((unused)))
 {
 	return -EINVAL;
 }
@@ -429,7 +434,7 @@ int crypt_cipher_decrypt(struct crypt_cipher *ctx,
 	return crypt_cipher_decrypt_kernel(&ctx->ck, in, out, length, iv, iv_length);
 }
 
-bool crypt_cipher_kernel_only(struct crypt_cipher *ctx)
+bool crypt_cipher_kernel_only(struct crypt_cipher *ctx __attribute__((unused)))
 {
 	return true;
 }
@@ -442,3 +447,14 @@ int crypt_bitlk_decrypt_key(const void *key, size_t key_length,
 	return crypt_bitlk_decrypt_key_kernel(key, key_length, in, out, length,
 					      iv, iv_length, tag, tag_length);
 }
+
+int crypt_backend_memeq(const void *m1, const void *m2, size_t n)
+{
+	/* The logic is inverse to memcmp... */
+	return !memeql_sec(m1, m2, n);
+}
+
+bool crypt_fips_mode(void)
+{
+	return false;
+}