crypto/hmac: Allow to build hmac over multiple qcrypto_gnutls_hmac_bytes[v] calls

If the buffers that should be considered for building the hmac are not available at the same time, the current API is unsuitable. Extend it so that passing a NULL pointer as result_len is used as indicator that further buffers will be passed in succeeding calls to qcrypto_gnutls_hmac_bytes[v]. Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com> Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org> Message-ID: <2d3539c247a6c323491a3821f0e5b6fc382a4686.1756706188.git.jan.kiszka@siemens.com> Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
2025-09-01 07:56:26 +02:00 · 2025-09-01 07:56:26 +02:00 · 22ece1a6eb
commit 22ece1a6eb
parent e2d7c1a3cd
5 changed files with 24 additions and 4 deletions
--- a/crypto/hmac-gcrypt.c
+++ b/crypto/hmac-gcrypt.c
@ -121,7 +121,9 @@ qcrypto_gcrypt_hmac_bytesv(QCryptoHmac *hmac,
        return -1;
    }

-    if (*resultlen == 0) {
+    if (resultlen == NULL) {
+        return 0;
+    } else if (*resultlen == 0) {
        *resultlen = ret;
        *result = g_new0(uint8_t, *resultlen);
    } else if (*resultlen != ret) {
--- a/crypto/hmac-glib.c
+++ b/crypto/hmac-glib.c
@ -104,7 +104,9 @@ qcrypto_glib_hmac_bytesv(QCryptoHmac *hmac,
        return -1;
    }

-    if (*resultlen == 0) {
+    if (resultlen == NULL) {
+        return 0;
+    } else if (*resultlen == 0) {
        *resultlen = ret;
        *result = g_new0(uint8_t, *resultlen);
    } else if (*resultlen != ret) {
--- a/crypto/hmac-gnutls.c
+++ b/crypto/hmac-gnutls.c
@ -119,7 +119,9 @@ qcrypto_gnutls_hmac_bytesv(QCryptoHmac *hmac,
        return -1;
    }

-    if (*resultlen == 0) {
+    if (resultlen == NULL) {
+        return 0;
+    } else if (*resultlen == 0) {
        *resultlen = ret;
        *result = g_new0(uint8_t, *resultlen);
    } else if (*resultlen != ret) {
--- a/crypto/hmac-nettle.c
+++ b/crypto/hmac-nettle.c
@ -164,7 +164,9 @@ qcrypto_nettle_hmac_bytesv(QCryptoHmac *hmac,
        }
    }

-    if (*resultlen == 0) {
+    if (resultlen == NULL) {
+        return 0;
+    } else if (*resultlen == 0) {
        *resultlen = qcrypto_hmac_alg_map[hmac->alg].len;
        *result = g_new0(uint8_t, *resultlen);
    } else if (*resultlen != qcrypto_hmac_alg_map[hmac->alg].len) {
--- a/include/crypto/hmac.h
+++ b/include/crypto/hmac.h
@ -90,6 +90,12 @@ G_DEFINE_AUTOPTR_CLEANUP_FUNC(QCryptoHmac, qcrypto_hmac_free)
 * The memory referenced in @result must be released with a call
 * to g_free() when no longer required by the caller.
 *
+ * If @result_len is set to a NULL pointer, no result will be returned, and
+ * the hmac object can be used for further invocations of qcrypto_hmac_bytes()
+ * or qcrypto_hmac_bytesv() until a non-NULL pointer is provided. This allows
+ * to build the hmac across memory regions that are not available at the same
+ * time.
+ *
 * Returns:
 *  0 on success, -1 on error
 */
@ -123,6 +129,12 @@ int qcrypto_hmac_bytesv(QCryptoHmac *hmac,
 * The memory referenced in @result must be released with a call
 * to g_free() when no longer required by the caller.
 *
+ * If @result_len is set to a NULL pointer, no result will be returned, and
+ * the hmac object can be used for further invocations of qcrypto_hmac_bytes()
+ * or qcrypto_hmac_bytesv() until a non-NULL pointer is provided. This allows
+ * to build the hmac across memory regions that are not available at the same
+ * time.
+ *
 * Returns:
 *  0 on success, -1 on error
 */