size_t qcrypto_hash_digest_len(QCryptoHashAlgorithm alg)
{
- if (alg >= G_N_ELEMENTS(qcrypto_hash_alg_size)) {
- return 0;
- }
+ assert(alg < G_N_ELEMENTS(qcrypto_hash_alg_size));
return qcrypto_hash_alg_size[alg];
}
gsize buflen;
GError *gerr;
int ret = -1;
+ int err;
trace_qcrypto_tls_creds_x509_load_cert(creds, isServer, certFile);
- if (gnutls_x509_crt_init(&cert) < 0) {
- error_setg(errp, "Unable to initialize certificate");
+ err = gnutls_x509_crt_init(&cert);
+ if (err < 0) {
+ error_setg(errp, "Unable to initialize certificate: %s",
+ gnutls_strerror(err));
goto cleanup;
}
data.data = (unsigned char *)buf;
data.size = strlen(buf);
- if (gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM) < 0) {
+ err = gnutls_x509_crt_import(cert, &data, GNUTLS_X509_FMT_PEM);
+ if (err < 0) {
error_setg(errp, isServer ?
- "Unable to import server certificate %s" :
- "Unable to import client certificate %s",
- certFile);
+ "Unable to import server certificate %s: %s" :
+ "Unable to import client certificate %s: %s",
+ certFile,
+ gnutls_strerror(err));
goto cleanup;
}
};
typedef struct aes_key_st AES_KEY;
-/* FreeBSD has its own AES_set_decrypt_key in -lcrypto, avoid conflicts */
-#ifdef __FreeBSD__
+/* FreeBSD/OpenSSL have their own AES functions with the same names in -lcrypto
+ * (which might be pulled in via curl), so redefine to avoid conflicts. */
#define AES_set_encrypt_key QEMU_AES_set_encrypt_key
#define AES_set_decrypt_key QEMU_AES_set_decrypt_key
#define AES_encrypt QEMU_AES_encrypt
#define AES_decrypt QEMU_AES_decrypt
#define AES_cbc_encrypt QEMU_AES_cbc_encrypt
-#endif
int AES_set_encrypt_key(const unsigned char *userKey, const int bits,
AES_KEY *key);
{
Object *sec;
char *fname = NULL;
- int fd = g_file_open_tmp("secretXXXXXX",
+ int fd = g_file_open_tmp("qemu-test-crypto-secret-XXXXXX",
&fname,
NULL);
object_unparent(sec);
g_free(pw);
close(fd);
+ unlink(fname);
g_free(fname);
}
{
Object *sec;
char *fname = NULL;
- int fd = g_file_open_tmp("secretXXXXXX",
+ int fd = g_file_open_tmp("qemu-test-crypto-secretXXXXXX",
&fname,
NULL);
object_unparent(sec);
g_free(pw);
close(fd);
+ unlink(fname);
g_free(fname);
}