libnm-crypto: add new option for no cryptography

For some embedded systems, no cryptography is required at all (e.g when
only using Ethernet).

https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/merge_requests/1108
This commit is contained in:
Christian Eggers
2022-01-31 14:42:21 +01:00
committed by Thomas Haller
parent 5b4ce608d4
commit b26c9723d9
8 changed files with 144 additions and 7 deletions

View File

@@ -24,11 +24,21 @@ if crypto_gnutls_dep.found()
)
endif
libnm_crypto_null = static_library(
'nm-crypto-null',
sources: 'nm-crypto-null.c',
dependencies: [
libnm_core_public_dep,
],
)
if crypto == 'nss'
libnm_crypto = libnm_crypto_nss
else
assert(crypto == 'gnutls', 'Unexpected setting "crypto=' + crypto + '"')
elif crypto == 'gnutls'
libnm_crypto = libnm_crypto_gnutls
else
assert(crypto == 'null', 'Unexpected setting "crypto=' + crypto + '"')
libnm_crypto = libnm_crypto_null
endif
libnm_core_settings_sources = files(

View File

@@ -0,0 +1,104 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Christian Eggers <ceggers@arri.de>
* Copyright (C) 2020 - 2022 ARRI Lighting
*/
#include "libnm-glib-aux/nm-default-glib-i18n-lib.h"
#include "nm-crypto-impl.h"
#include "libnm-glib-aux/nm-secret-utils.h"
#include "nm-errors.h"
/*****************************************************************************/
gboolean
_nm_crypto_init(GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return FALSE;
}
guint8 *
_nmtst_crypto_decrypt(NMCryptoCipherType cipher,
const guint8 *data,
gsize data_len,
const guint8 *iv,
gsize iv_len,
const guint8 *key,
gsize key_len,
gsize *out_len,
GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return NULL;
}
guint8 *
_nmtst_crypto_encrypt(NMCryptoCipherType cipher,
const guint8 *data,
gsize data_len,
const guint8 *iv,
gsize iv_len,
const guint8 *key,
gsize key_len,
gsize *out_len,
GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return NULL;
}
gboolean
_nm_crypto_verify_x509(const guint8 *data, gsize len, GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return FALSE;
}
gboolean
_nm_crypto_verify_pkcs12(const guint8 *data, gsize data_len, const char *password, GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return FALSE;
}
gboolean
_nm_crypto_verify_pkcs8(const guint8 *data,
gsize data_len,
gboolean is_encrypted,
const char *password,
GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return FALSE;
}
gboolean
_nm_crypto_randomize(void *buffer, gsize buffer_len, GError **error)
{
g_set_error(error,
NM_CRYPTO_ERROR,
NM_CRYPTO_ERROR_FAILED,
_("Compiled without crypto support."));
return FALSE;
}