From 1a4eca9e88ade76016660b45302cbe5cf5bafdbd Mon Sep 17 00:00:00 2001 From: Jan Grulich Date: Wed, 2 Nov 2022 09:43:50 +0100 Subject: [PATCH] Add QCryptographicHash::supportsAlgorithm() to check supported algorithm MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Adds QCH::supportsAlgorithm() method which returns whether the selected algorithm is supported and we guarantee to get a result when generating hashes. OpenSSL will be responsible for providing us this information. Returns TRUE if OpenSSL is not used as a provider. [ChangeLog][QtCore][QCryptographicHash] Add supportsAlgorithm() method that can be used to query OpenSSL and check whether the selected algorithm is supported. Change-Id: I0d94e02b8c70beb79520150fab6c32bdd1da3fca Reviewed-by: MÃ¥rten Nordheim (cherry picked from commit 0657b0734ef78cbaeb5f9d800df79647790d3163) Reviewed-by: Qt Cherry-pick Bot --- src/corelib/tools/qcryptographichash.cpp | 35 ++++++++++++++++++++++++ src/corelib/tools/qcryptographichash.h | 1 + 2 files changed, 36 insertions(+) diff --git a/src/corelib/tools/qcryptographichash.cpp b/src/corelib/tools/qcryptographichash.cpp index 6044665d28f..8210b7716b6 100644 --- a/src/corelib/tools/qcryptographichash.cpp +++ b/src/corelib/tools/qcryptographichash.cpp @@ -217,6 +217,7 @@ public: void addData(QByteArrayView bytes) noexcept; void finalize() noexcept; QByteArrayView resultView() const noexcept { return result.toByteArrayView(); } + static bool supportsAlgorithm(QCryptographicHash::Algorithm method); const QCryptographicHash::Algorithm method; @@ -865,6 +866,40 @@ int QCryptographicHash::hashLength(QCryptographicHash::Algorithm method) return hashLengthInternal(method); } +/*! + Returns whether the selected algorithm \a method is supported and if + result() will return a value when the \a method is used. + + \note OpenSSL will be responsible for providing this information when + used as a provider, otherwise \c true will be returned as the non-OpenSSL + implementation doesn't have any restrictions. + We return \c false if we fail to query OpenSSL. + + \since 6.5 +*/ + + +bool QCryptographicHash::supportsAlgorithm(QCryptographicHash::Algorithm method) +{ + return QCryptographicHashPrivate::supportsAlgorithm(method); +} + +bool QCryptographicHashPrivate::supportsAlgorithm(QCryptographicHash::Algorithm method) +{ +#ifdef USING_OPENSSL30 + OSSL_PROVIDER_load(nullptr, "legacy"); + OSSL_PROVIDER_load(nullptr, "default"); + + const char *restriction = "-fips"; + EVP_MD_ptr algorithm = EVP_MD_ptr(EVP_MD_fetch(nullptr, methodToName(method), restriction)); + + return algorithm != nullptr; +#else + Q_UNUSED(method); + return true; +#endif +} + QT_END_NAMESPACE #ifndef QT_NO_QOBJECT diff --git a/src/corelib/tools/qcryptographichash.h b/src/corelib/tools/qcryptographichash.h index 5f9104fe9f0..9bf473dd4b0 100644 --- a/src/corelib/tools/qcryptographichash.h +++ b/src/corelib/tools/qcryptographichash.h @@ -91,6 +91,7 @@ public: #endif static QByteArray hash(QByteArrayView data, Algorithm method); static int hashLength(Algorithm method); + static bool supportsAlgorithm(Algorithm method); private: Q_DISABLE_COPY(QCryptographicHash) QCryptographicHashPrivate *d;