Message ID | 1564482824-26581-3-git-send-email-iuliana.prodan@nxp.com (mailing list archive) |
---|---|
State | Superseded |
Delegated to: | Herbert Xu |
Headers | show |
Series | crypto: validate inputs for gcm and aes | expand |
On 7/30/2019 1:33 PM, Iuliana Prodan wrote: > Add inline helper function to check key length for AES algorithms. > The key can be 128, 192 or 256 bits size. > This function is used in the generic aes implementation. > > Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> Reviewed-by: Horia Geantă <horia.geanta@nxp.com> Thanks, Horia
On Tue, 30 Jul 2019 at 13:33, Iuliana Prodan <iuliana.prodan@nxp.com> wrote: > > Add inline helper function to check key length for AES algorithms. > The key can be 128, 192 or 256 bits size. > This function is used in the generic aes implementation. > > Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> > --- > include/crypto/aes.h | 17 +++++++++++++++++ > lib/crypto/aes.c | 8 ++++---- > 2 files changed, 21 insertions(+), 4 deletions(-) > > diff --git a/include/crypto/aes.h b/include/crypto/aes.h > index 8e0f4cf..8ee07a8 100644 > --- a/include/crypto/aes.h > +++ b/include/crypto/aes.h > @@ -31,6 +31,23 @@ struct crypto_aes_ctx { > extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned; > extern const u32 crypto_it_tab[4][256] ____cacheline_aligned; > > +/* > + * validate key length for AES algorithms > + */ > +static inline int crypto_aes_check_keylen(unsigned int keylen) Please rename this to aes_check_keylen() > +{ > + switch (keylen) { > + case AES_KEYSIZE_128: > + case AES_KEYSIZE_192: > + case AES_KEYSIZE_256: > + break; > + default: > + return -EINVAL; > + } > + > + return 0; > +} > + > int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, > unsigned int key_len); > > diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c > index 4e100af..3407b01 100644 > --- a/lib/crypto/aes.c > +++ b/lib/crypto/aes.c > @@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key, > { > u32 kwords = key_len / sizeof(u32); > u32 rc, i, j; > + int err; > > - if (key_len != AES_KEYSIZE_128 && > - key_len != AES_KEYSIZE_192 && > - key_len != AES_KEYSIZE_256) > - return -EINVAL; > + err = crypto_aes_check_keylen(key_len); > + if (err) > + return err; > > ctx->key_length = key_len; > > -- > 2.1.0 >
On 7/31/2019 8:33 AM, Ard Biesheuvel wrote: > On Tue, 30 Jul 2019 at 13:33, Iuliana Prodan <iuliana.prodan@nxp.com> wrote: >> >> Add inline helper function to check key length for AES algorithms. >> The key can be 128, 192 or 256 bits size. >> This function is used in the generic aes implementation. >> >> Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> >> --- >> include/crypto/aes.h | 17 +++++++++++++++++ >> lib/crypto/aes.c | 8 ++++---- >> 2 files changed, 21 insertions(+), 4 deletions(-) >> >> diff --git a/include/crypto/aes.h b/include/crypto/aes.h >> index 8e0f4cf..8ee07a8 100644 >> --- a/include/crypto/aes.h >> +++ b/include/crypto/aes.h >> @@ -31,6 +31,23 @@ struct crypto_aes_ctx { >> extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned; >> extern const u32 crypto_it_tab[4][256] ____cacheline_aligned; >> >> +/* >> + * validate key length for AES algorithms >> + */ >> +static inline int crypto_aes_check_keylen(unsigned int keylen) > > Please rename this to aes_check_keylen() > I just renamed it to crypto_, the first version was check_aes_keylen - see https://patchwork.kernel.org/patch/11058869/. I think is better to keep the helper functions with crypto_, as most of these type of functions, in crypto, have this prefix. >> +{ >> + switch (keylen) { >> + case AES_KEYSIZE_128: >> + case AES_KEYSIZE_192: >> + case AES_KEYSIZE_256: >> + break; >> + default: >> + return -EINVAL; >> + } >> + >> + return 0; >> +} >> + >> int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, >> unsigned int key_len); >> >> diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c >> index 4e100af..3407b01 100644 >> --- a/lib/crypto/aes.c >> +++ b/lib/crypto/aes.c >> @@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key, >> { >> u32 kwords = key_len / sizeof(u32); >> u32 rc, i, j; >> + int err; >> >> - if (key_len != AES_KEYSIZE_128 && >> - key_len != AES_KEYSIZE_192 && >> - key_len != AES_KEYSIZE_256) >> - return -EINVAL; >> + err = crypto_aes_check_keylen(key_len); >> + if (err) >> + return err; >> >> ctx->key_length = key_len; >> >> -- >> 2.1.0 >> >
On Wed, 31 Jul 2019 at 11:35, Iuliana Prodan <iuliana.prodan@nxp.com> wrote: > > On 7/31/2019 8:33 AM, Ard Biesheuvel wrote: > > On Tue, 30 Jul 2019 at 13:33, Iuliana Prodan <iuliana.prodan@nxp.com> wrote: > >> > >> Add inline helper function to check key length for AES algorithms. > >> The key can be 128, 192 or 256 bits size. > >> This function is used in the generic aes implementation. > >> > >> Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> > >> --- > >> include/crypto/aes.h | 17 +++++++++++++++++ > >> lib/crypto/aes.c | 8 ++++---- > >> 2 files changed, 21 insertions(+), 4 deletions(-) > >> > >> diff --git a/include/crypto/aes.h b/include/crypto/aes.h > >> index 8e0f4cf..8ee07a8 100644 > >> --- a/include/crypto/aes.h > >> +++ b/include/crypto/aes.h > >> @@ -31,6 +31,23 @@ struct crypto_aes_ctx { > >> extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned; > >> extern const u32 crypto_it_tab[4][256] ____cacheline_aligned; > >> > >> +/* > >> + * validate key length for AES algorithms > >> + */ > >> +static inline int crypto_aes_check_keylen(unsigned int keylen) > > > > Please rename this to aes_check_keylen() > > > I just renamed it to crypto_, the first version was check_aes_keylen > - see https://patchwork.kernel.org/patch/11058869/. > I think is better to keep the helper functions with crypto_, as most of > these type of functions, in crypto, have this prefix. > The AES library consists of aes_encrypt aes_decrypt aes_expandkey and has no dependencies on the crypto API, which is why I omitted the crypto_ prefix from the identifiers. Please do the same for this function. . > >> +{ > >> + switch (keylen) { > >> + case AES_KEYSIZE_128: > >> + case AES_KEYSIZE_192: > >> + case AES_KEYSIZE_256: > >> + break; > >> + default: > >> + return -EINVAL; > >> + } > >> + > >> + return 0; > >> +} > >> + > >> int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, > >> unsigned int key_len); > >> > >> diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c > >> index 4e100af..3407b01 100644 > >> --- a/lib/crypto/aes.c > >> +++ b/lib/crypto/aes.c > >> @@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key, > >> { > >> u32 kwords = key_len / sizeof(u32); > >> u32 rc, i, j; > >> + int err; > >> > >> - if (key_len != AES_KEYSIZE_128 && > >> - key_len != AES_KEYSIZE_192 && > >> - key_len != AES_KEYSIZE_256) > >> - return -EINVAL; > >> + err = crypto_aes_check_keylen(key_len); > >> + if (err) > >> + return err; > >> > >> ctx->key_length = key_len; > >> > >> -- > >> 2.1.0 > >> > > >
diff --git a/include/crypto/aes.h b/include/crypto/aes.h index 8e0f4cf..8ee07a8 100644 --- a/include/crypto/aes.h +++ b/include/crypto/aes.h @@ -31,6 +31,23 @@ struct crypto_aes_ctx { extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned; extern const u32 crypto_it_tab[4][256] ____cacheline_aligned; +/* + * validate key length for AES algorithms + */ +static inline int crypto_aes_check_keylen(unsigned int keylen) +{ + switch (keylen) { + case AES_KEYSIZE_128: + case AES_KEYSIZE_192: + case AES_KEYSIZE_256: + break; + default: + return -EINVAL; + } + + return 0; +} + int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key, unsigned int key_len); diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c index 4e100af..3407b01 100644 --- a/lib/crypto/aes.c +++ b/lib/crypto/aes.c @@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key, { u32 kwords = key_len / sizeof(u32); u32 rc, i, j; + int err; - if (key_len != AES_KEYSIZE_128 && - key_len != AES_KEYSIZE_192 && - key_len != AES_KEYSIZE_256) - return -EINVAL; + err = crypto_aes_check_keylen(key_len); + if (err) + return err; ctx->key_length = key_len;
Add inline helper function to check key length for AES algorithms. The key can be 128, 192 or 256 bits size. This function is used in the generic aes implementation. Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com> --- include/crypto/aes.h | 17 +++++++++++++++++ lib/crypto/aes.c | 8 ++++---- 2 files changed, 21 insertions(+), 4 deletions(-)