#include <gcrypt.h>
#endif
+#include "crypto/random.h"
+
/* #define DEBUG_GNUTLS */
/*
- * If GNUTLS is built against GCrypt then
- *
- * - When GNUTLS >= 2.12, we must not initialize gcrypt threading
- * because GNUTLS will do that itself
- * - When GNUTLS < 2.12 we must always initialize gcrypt threading
- * - When GNUTLS is disabled we must always initialize gcrypt threading
- *
- * But....
- *
- * When gcrypt >= 1.6.0 we must not initialize gcrypt threading
- * because gcrypt will do that itself.
- *
- * So we need to init gcrypt threading if
+ * We need to init gcrypt threading if
*
* - gcrypt < 1.6.0
- * AND
- * - gnutls < 2.12
- * OR
- * - gnutls is disabled
*
*/
#if (defined(CONFIG_GCRYPT) && \
- (!defined(CONFIG_GNUTLS) || \
- !defined(GNUTLS_VERSION_NUMBER) || \
- (GNUTLS_VERSION_NUMBER < 0x020c00)) && \
- (!defined(GCRYPT_VERSION_NUMBER) || \
- (GCRYPT_VERSION_NUMBER < 0x010600)))
+ (GCRYPT_VERSION_NUMBER < 0x010600))
#define QCRYPTO_INIT_GCRYPT_THREADS
#else
#undef QCRYPTO_INIT_GCRYPT_THREADS
int qcrypto_init(Error **errp)
{
+#ifdef QCRYPTO_INIT_GCRYPT_THREADS
+ gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl);
+#endif /* QCRYPTO_INIT_GCRYPT_THREADS */
+
#ifdef CONFIG_GNUTLS
int ret;
ret = gnutls_global_init();
error_setg(errp, "Unable to initialize gcrypt");
return -1;
}
-#ifdef QCRYPTO_INIT_GCRYPT_THREADS
- gcry_control(GCRYCTL_SET_THREAD_CBS, &qcrypto_gcrypt_thread_impl);
-#endif /* QCRYPTO_INIT_GCRYPT_THREADS */
gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0);
#endif
+ if (qcrypto_random_init(errp) < 0) {
+ return -1;
+ }
+
return 0;
}