| Message ID | 20240301022007.344948-10-stefanb@linux.ibm.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | Add support for NIST P521 to ecdsa | expand |
On Fri Mar 1, 2024 at 4:20 AM EET, Stefan Berger wrote: > In some cases the name keylen does not reflect the purpose of the variable > anymore once NIST P521 is used but it is the size of the buffer. There- > for, rename keylen to bufsize where appropriate. > > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecdsa.c | 12 ++++++------ > 1 file changed, 6 insertions(+), 6 deletions(-) > > diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c > index 4daefb40c37a..4e847b59622a 100644 > --- a/crypto/ecdsa.c > +++ b/crypto/ecdsa.c > @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { > static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > const void *value, size_t vlen, unsigned int ndigits) > { > - size_t keylen = ndigits * sizeof(u64); > - ssize_t diff = vlen - keylen; > + size_t bufsize = ndigits * sizeof(u64); why not just "* 8"? using sizeof here makes this function only unreadable. > + ssize_t diff = vlen - bufsize; > const char *d = value; > u8 rs[ECC_MAX_BYTES]; > > @@ -58,7 +58,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > if (diff) > return -EINVAL; > } > - if (-diff >= keylen) > + if (-diff >= bufsize) > return -EINVAL; > > if (diff) { > @@ -138,7 +138,7 @@ static int ecdsa_verify(struct akcipher_request *req) > { > struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); > struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); > - size_t keylen = ctx->curve->g.ndigits * sizeof(u64); > + size_t bufsize = ctx->curve->g.ndigits * sizeof(u64); > struct ecdsa_signature_ctx sig_ctx = { > .curve = ctx->curve, > }; > @@ -165,14 +165,14 @@ static int ecdsa_verify(struct akcipher_request *req) > goto error; > > /* if the hash is shorter then we will add leading zeros to fit to ndigits */ > - diff = keylen - req->dst_len; > + diff = bufsize - req->dst_len; > if (diff >= 0) { > if (diff) > memset(rawhash, 0, diff); > memcpy(&rawhash[diff], buffer + req->src_len, req->dst_len); > } else if (diff < 0) { > /* given hash is longer, we take the left-most bytes */ > - memcpy(&rawhash, buffer + req->src_len, keylen); > + memcpy(&rawhash, buffer + req->src_len, bufsize); > } > > ecc_swap_digits((u64 *)rawhash, hash, ctx->curve->g.ndigits); BR, Jarkko
On 3/1/24 15:41, Jarkko Sakkinen wrote: > On Fri Mar 1, 2024 at 4:20 AM EET, Stefan Berger wrote: >> In some cases the name keylen does not reflect the purpose of the variable >> anymore once NIST P521 is used but it is the size of the buffer. There- >> for, rename keylen to bufsize where appropriate. >> >> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> >> --- >> crypto/ecdsa.c | 12 ++++++------ >> 1 file changed, 6 insertions(+), 6 deletions(-) >> >> diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c >> index 4daefb40c37a..4e847b59622a 100644 >> --- a/crypto/ecdsa.c >> +++ b/crypto/ecdsa.c >> @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { >> static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, >> const void *value, size_t vlen, unsigned int ndigits) >> { >> - size_t keylen = ndigits * sizeof(u64); >> - ssize_t diff = vlen - keylen; >> + size_t bufsize = ndigits * sizeof(u64); > > why not just "* 8"? using sizeof here makes this function only unreadable. 'unreadable' is a 'strong' word ... # grep -r -E "ndigits \*" crypto/ | grep sizeof crypto/ecrdsa.c: req->dst_len != ctx->curve->g.ndigits * sizeof(u64) || crypto/ecrdsa.c: vli_from_be64(r, sig + ndigits * sizeof(u64), ndigits); crypto/ecrdsa.c: ctx->curve->g.ndigits * sizeof(u64) != ctx->digest_len) crypto/ecrdsa.c: ctx->key_len != ctx->curve->g.ndigits * sizeof(u64) * 2) crypto/ecrdsa.c: vli_from_le64(ctx->pub_key.y, ctx->key + ndigits * sizeof(u64), crypto/ecrdsa.c: return ctx->pub_key.ndigits * sizeof(u64); crypto/ecc.c: size_t len = ndigits * sizeof(u64); crypto/ecc.c: num_bits = sizeof(u64) * ndigits * 8 + 1; crypto/ecdsa.c: size_t keylen = ndigits * sizeof(u64); crypto/ecdsa.c: size_t keylen = ctx->curve->g.ndigits * sizeof(u64); Stefan
On Fri Mar 1, 2024 at 10:47 PM EET, Stefan Berger wrote: > > > On 3/1/24 15:41, Jarkko Sakkinen wrote: > > On Fri Mar 1, 2024 at 4:20 AM EET, Stefan Berger wrote: > >> In some cases the name keylen does not reflect the purpose of the variable > >> anymore once NIST P521 is used but it is the size of the buffer. There- > >> for, rename keylen to bufsize where appropriate. > >> > >> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > >> --- > >> crypto/ecdsa.c | 12 ++++++------ > >> 1 file changed, 6 insertions(+), 6 deletions(-) > >> > >> diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c > >> index 4daefb40c37a..4e847b59622a 100644 > >> --- a/crypto/ecdsa.c > >> +++ b/crypto/ecdsa.c > >> @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { > >> static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, > >> const void *value, size_t vlen, unsigned int ndigits) > >> { > >> - size_t keylen = ndigits * sizeof(u64); > >> - ssize_t diff = vlen - keylen; > >> + size_t bufsize = ndigits * sizeof(u64); > > > > why not just "* 8"? using sizeof here makes this function only unreadable. > > 'unreadable' is a 'strong' word ... so what is the gain when writing sizeof(u64)? BR, Jarkko
On 3/1/24 15:50, Jarkko Sakkinen wrote: > On Fri Mar 1, 2024 at 10:47 PM EET, Stefan Berger wrote: >> >> >> On 3/1/24 15:41, Jarkko Sakkinen wrote: >>> On Fri Mar 1, 2024 at 4:20 AM EET, Stefan Berger wrote: >>>> In some cases the name keylen does not reflect the purpose of the variable >>>> anymore once NIST P521 is used but it is the size of the buffer. There- >>>> for, rename keylen to bufsize where appropriate. >>>> >>>> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> >>>> --- >>>> crypto/ecdsa.c | 12 ++++++------ >>>> 1 file changed, 6 insertions(+), 6 deletions(-) >>>> >>>> diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c >>>> index 4daefb40c37a..4e847b59622a 100644 >>>> --- a/crypto/ecdsa.c >>>> +++ b/crypto/ecdsa.c >>>> @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { >>>> static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, >>>> const void *value, size_t vlen, unsigned int ndigits) >>>> { >>>> - size_t keylen = ndigits * sizeof(u64); >>>> - ssize_t diff = vlen - keylen; >>>> + size_t bufsize = ndigits * sizeof(u64); >>> >>> why not just "* 8"? using sizeof here makes this function only unreadable. >> >> 'unreadable' is a 'strong' word ... > > so what is the gain when writing sizeof(u64)? It matches existing code and a digit is a 'u64'. > > BR, Jarkko
diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c index 4daefb40c37a..4e847b59622a 100644 --- a/crypto/ecdsa.c +++ b/crypto/ecdsa.c @@ -35,8 +35,8 @@ struct ecdsa_signature_ctx { static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, const void *value, size_t vlen, unsigned int ndigits) { - size_t keylen = ndigits * sizeof(u64); - ssize_t diff = vlen - keylen; + size_t bufsize = ndigits * sizeof(u64); + ssize_t diff = vlen - bufsize; const char *d = value; u8 rs[ECC_MAX_BYTES]; @@ -58,7 +58,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag, if (diff) return -EINVAL; } - if (-diff >= keylen) + if (-diff >= bufsize) return -EINVAL; if (diff) { @@ -138,7 +138,7 @@ static int ecdsa_verify(struct akcipher_request *req) { struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm); - size_t keylen = ctx->curve->g.ndigits * sizeof(u64); + size_t bufsize = ctx->curve->g.ndigits * sizeof(u64); struct ecdsa_signature_ctx sig_ctx = { .curve = ctx->curve, }; @@ -165,14 +165,14 @@ static int ecdsa_verify(struct akcipher_request *req) goto error; /* if the hash is shorter then we will add leading zeros to fit to ndigits */ - diff = keylen - req->dst_len; + diff = bufsize - req->dst_len; if (diff >= 0) { if (diff) memset(rawhash, 0, diff); memcpy(&rawhash[diff], buffer + req->src_len, req->dst_len); } else if (diff < 0) { /* given hash is longer, we take the left-most bytes */ - memcpy(&rawhash, buffer + req->src_len, keylen); + memcpy(&rawhash, buffer + req->src_len, bufsize); } ecc_swap_digits((u64 *)rawhash, hash, ctx->curve->g.ndigits);
In some cases the name keylen does not reflect the purpose of the variable anymore once NIST P521 is used but it is the size of the buffer. There- for, rename keylen to bufsize where appropriate. Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- crypto/ecdsa.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-)