All of lore.kernel.org
 help / color / mirror / Atom feed
From: Pascal van Leeuwen <pascalvanl@gmail.com>
To: linux-crypto@vger.kernel.org
Cc: antoine.tenart@bootlin.com, herbert@gondor.apana.org.au,
	davem@davemloft.net,
	Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
Subject: [PATCH 1/2] crypto: inside-secure - Use defines instead of some constants (cosmetic)
Date: Tue, 30 Jul 2019 15:27:11 +0200	[thread overview]
Message-ID: <1564493232-30733-2-git-send-email-pvanleeuwen@verimatrix.com> (raw)
In-Reply-To: <1564493232-30733-1-git-send-email-pvanleeuwen@verimatrix.com>

This patch replaces some hard constants regarding key, IV and nonce sizes
with appropriate defines from the crypto header files.

Signed-off-by: Pascal van Leeuwen <pvanleeuwen@verimatrix.com>
---
 drivers/crypto/inside-secure/safexcel_cipher.c | 35 ++++++++++++++------------
 1 file changed, 19 insertions(+), 16 deletions(-)

diff --git a/drivers/crypto/inside-secure/safexcel_cipher.c b/drivers/crypto/inside-secure/safexcel_cipher.c
index d65e5f7..a30fdd5 100644
--- a/drivers/crypto/inside-secure/safexcel_cipher.c
+++ b/drivers/crypto/inside-secure/safexcel_cipher.c
@@ -12,6 +12,7 @@
 #include <crypto/aead.h>
 #include <crypto/aes.h>
 #include <crypto/authenc.h>
+#include <crypto/ctr.h>
 #include <crypto/des.h>
 #include <crypto/sha.h>
 #include <crypto/skcipher.h>
@@ -237,19 +238,21 @@ static int safexcel_aead_setkey(struct crypto_aead *ctfm, const u8 *key,
 		goto badkey;
 
 	if (ctx->mode == CONTEXT_CONTROL_CRYPTO_MODE_CTR_LOAD) {
-		/* 20 is minimum AES key: 16 bytes + 4 bytes nonce */
-		if (keys.enckeylen < 20)
+		/* Minimum keysize is minimum AES key size + nonce size */
+		if (keys.enckeylen < (AES_MIN_KEY_SIZE +
+				      CTR_RFC3686_NONCE_SIZE))
 			goto badkey;
 		/* last 4 bytes of key are the nonce! */
-		ctx->nonce = *(u32 *)(keys.enckey + keys.enckeylen - 4);
+		ctx->nonce = *(u32 *)(keys.enckey + keys.enckeylen -
+				      CTR_RFC3686_NONCE_SIZE);
 		/* exclude the nonce here */
-		keys.enckeylen -= 4;
+		keys.enckeylen -= CONTEXT_CONTROL_CRYPTO_MODE_CTR_LOAD;
 	}
 
 	/* Encryption key */
 	switch (ctx->alg) {
 	case SAFEXCEL_3DES:
-		if (keys.enckeylen != 24)
+		if (keys.enckeylen != DES3_EDE_KEY_SIZE)
 			goto badkey;
 		flags = crypto_aead_get_flags(ctfm);
 		err = __des3_verify_key(&flags, keys.enckey);
@@ -1114,9 +1117,9 @@ static int safexcel_skcipher_aesctr_setkey(struct crypto_skcipher *ctfm,
 	unsigned int keylen;
 
 	/* last 4 bytes of key are the nonce! */
-	ctx->nonce = *(u32 *)(key + len - 4);
+	ctx->nonce = *(u32 *)(key + len - CTR_RFC3686_NONCE_SIZE);
 	/* exclude the nonce here */
-	keylen = len - 4;
+	keylen = len - CTR_RFC3686_NONCE_SIZE;
 	ret = crypto_aes_expand_key(&aes, key, keylen);
 	if (ret) {
 		crypto_skcipher_set_flags(ctfm, CRYPTO_TFM_RES_BAD_KEY_LEN);
@@ -1157,10 +1160,10 @@ struct safexcel_alg_template safexcel_alg_ctr_aes = {
 		.setkey = safexcel_skcipher_aesctr_setkey,
 		.encrypt = safexcel_encrypt,
 		.decrypt = safexcel_decrypt,
-		/* Add 4 to include the 4 byte nonce! */
-		.min_keysize = AES_MIN_KEY_SIZE + 4,
-		.max_keysize = AES_MAX_KEY_SIZE + 4,
-		.ivsize = 8,
+		/* Add nonce size */
+		.min_keysize = AES_MIN_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
+		.max_keysize = AES_MAX_KEY_SIZE + CTR_RFC3686_NONCE_SIZE,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.base = {
 			.cra_name = "rfc3686(ctr(aes))",
 			.cra_driver_name = "safexcel-ctr-aes",
@@ -1620,7 +1623,7 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha1_ctr_aes = {
 		.setkey = safexcel_aead_setkey,
 		.encrypt = safexcel_aead_encrypt,
 		.decrypt = safexcel_aead_decrypt,
-		.ivsize = 8,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.maxauthsize = SHA1_DIGEST_SIZE,
 		.base = {
 			.cra_name = "authenc(hmac(sha1),rfc3686(ctr(aes)))",
@@ -1653,7 +1656,7 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha256_ctr_aes = {
 		.setkey = safexcel_aead_setkey,
 		.encrypt = safexcel_aead_encrypt,
 		.decrypt = safexcel_aead_decrypt,
-		.ivsize = 8,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.maxauthsize = SHA256_DIGEST_SIZE,
 		.base = {
 			.cra_name = "authenc(hmac(sha256),rfc3686(ctr(aes)))",
@@ -1686,7 +1689,7 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha224_ctr_aes = {
 		.setkey = safexcel_aead_setkey,
 		.encrypt = safexcel_aead_encrypt,
 		.decrypt = safexcel_aead_decrypt,
-		.ivsize = 8,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.maxauthsize = SHA224_DIGEST_SIZE,
 		.base = {
 			.cra_name = "authenc(hmac(sha224),rfc3686(ctr(aes)))",
@@ -1719,7 +1722,7 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha512_ctr_aes = {
 		.setkey = safexcel_aead_setkey,
 		.encrypt = safexcel_aead_encrypt,
 		.decrypt = safexcel_aead_decrypt,
-		.ivsize = 8,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.maxauthsize = SHA512_DIGEST_SIZE,
 		.base = {
 			.cra_name = "authenc(hmac(sha512),rfc3686(ctr(aes)))",
@@ -1752,7 +1755,7 @@ struct safexcel_alg_template safexcel_alg_authenc_hmac_sha384_ctr_aes = {
 		.setkey = safexcel_aead_setkey,
 		.encrypt = safexcel_aead_encrypt,
 		.decrypt = safexcel_aead_decrypt,
-		.ivsize = 8,
+		.ivsize = CTR_RFC3686_IV_SIZE,
 		.maxauthsize = SHA384_DIGEST_SIZE,
 		.base = {
 			.cra_name = "authenc(hmac(sha384),rfc3686(ctr(aes)))",
-- 
1.8.3.1


  reply	other threads:[~2019-07-30 14:29 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-30 13:27 [PATCH 0/2] crypto: inside-secure - Cosmetic fixes for readability Pascal van Leeuwen
2019-07-30 13:27 ` Pascal van Leeuwen [this message]
2019-07-30 14:35   ` [PATCH 1/2] crypto: inside-secure - Use defines instead of some constants (cosmetic) Antoine Tenart
2019-08-09  6:17   ` Herbert Xu
2019-07-30 13:27 ` [PATCH 2/2] crypto: inside-secure: This fixes a mistake in a comment for XTS Pascal van Leeuwen
2019-07-30 14:37   ` Antoine Tenart
2019-08-09  5:10   ` Herbert Xu
2019-08-09  9:21     ` Pascal Van Leeuwen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1564493232-30733-2-git-send-email-pvanleeuwen@verimatrix.com \
    --to=pascalvanl@gmail.com \
    --cc=antoine.tenart@bootlin.com \
    --cc=davem@davemloft.net \
    --cc=herbert@gondor.apana.org.au \
    --cc=linux-crypto@vger.kernel.org \
    --cc=pvanleeuwen@verimatrix.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.