From: Yu Watanabe <watanabe.yu+github@gmail.com>
Date: Thu, 25 Jun 2026 15:47:33 +0000 (+0900)
Subject: journal-authenticate: move one more function
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=ede9ff4c8b2644a1b9eee50b0c7ed6a24a18441d;p=thirdparty%2Fsystemd.git

journal-authenticate: move one more function
---

diff --git a/src/libsystemd/sd-journal/journal-authenticate.c b/src/libsystemd/sd-journal/journal-authenticate.c
index 5e6a8f81063..854283f9298 100644
--- a/src/libsystemd/sd-journal/journal-authenticate.c
+++ b/src/libsystemd/sd-journal/journal-authenticate.c
@@ -237,6 +237,41 @@ int journal_file_hmac_setup(JournalFile *f) {
 #endif
 }
 
+int journal_file_hmac_start(JournalFile *f) {
+#if HAVE_GCRYPT
+        int r;
+
+        assert(f);
+
+        if (!JOURNAL_HEADER_SEALED(f->header))
+                return 0;
+
+        if (f->hmac_running)
+                return 0;
+
+        /* Prepare HMAC for next cycle */
+        sym_gcry_md_reset(f->hmac);
+
+        uint8_t key[256 / 8]; /* Let's pass 256 bit from FSPRG to HMAC */
+        CLEANUP_ERASE(key);
+        r = FSPRG_GetKey(f->fsprg_state.iov_base, key, sizeof(key), 0);
+        if (r < 0)
+                return r;
+
+        gcry_error_t err = sym_gcry_md_setkey(f->hmac, key, sizeof(key));
+        if (gcry_err_code(err) != GPG_ERR_NO_ERROR)
+                return log_debug_errno(SYNTHETIC_ERRNO(EIO),
+                                       "sym_gcry_md_setkey() failed with error code: %s",
+                                       sym_gcry_strerror(err));
+
+        f->hmac_running = true;
+
+        return 0;
+#else
+        return -EOPNOTSUPP;
+#endif
+}
+
 int journal_file_append_tag(JournalFile *f) {
 #if HAVE_GCRYPT
         int r;
@@ -285,41 +320,6 @@ int journal_file_append_tag(JournalFile *f) {
 #endif
 }
 
-int journal_file_hmac_start(JournalFile *f) {
-#if HAVE_GCRYPT
-        int r;
-
-        assert(f);
-
-        if (!JOURNAL_HEADER_SEALED(f->header))
-                return 0;
-
-        if (f->hmac_running)
-                return 0;
-
-        /* Prepare HMAC for next cycle */
-        sym_gcry_md_reset(f->hmac);
-
-        uint8_t key[256 / 8]; /* Let's pass 256 bit from FSPRG to HMAC */
-        CLEANUP_ERASE(key);
-        r = FSPRG_GetKey(f->fsprg_state.iov_base, key, sizeof(key), 0);
-        if (r < 0)
-                return r;
-
-        gcry_error_t err = sym_gcry_md_setkey(f->hmac, key, sizeof(key));
-        if (gcry_err_code(err) != GPG_ERR_NO_ERROR)
-                return log_debug_errno(SYNTHETIC_ERRNO(EIO),
-                                       "sym_gcry_md_setkey() failed with error code: %s",
-                                       sym_gcry_strerror(err));
-
-        f->hmac_running = true;
-
-        return 0;
-#else
-        return -EOPNOTSUPP;
-#endif
-}
-
 static int journal_file_get_epoch(JournalFile *f, uint64_t realtime, uint64_t *epoch) {
         uint64_t t;