From: Iuliana Prodan <iuliana.prodan@nxp.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-imx <linux-imx@nxp.com>
Subject: [PATCH 2/2] crypto: aes - helper function to validate key length for AES algorithms
Date: Thu, 25 Jul 2019 16:47:11 +0300 [thread overview]
Message-ID: <1564062431-8873-3-git-send-email-iuliana.prodan@nxp.com> (raw)
In-Reply-To: <1564062431-8873-1-git-send-email-iuliana.prodan@nxp.com>
Add inline helper function to check key length for AES algorithms.
The key can be 128, 192 or 256 bits size.
This function is used in the generic aes and aes_ti implementations.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
---
crypto/aes_generic.c | 7 ++++---
crypto/aes_ti.c | 8 ++++----
include/crypto/aes.h | 17 +++++++++++++++++
3 files changed, 25 insertions(+), 7 deletions(-)
diff --git a/crypto/aes_generic.c b/crypto/aes_generic.c
index f217568..f5b7cf6 100644
--- a/crypto/aes_generic.c
+++ b/crypto/aes_generic.c
@@ -1219,10 +1219,11 @@ int crypto_aes_expand_key(struct crypto_aes_ctx *ctx, const u8 *in_key,
unsigned int key_len)
{
u32 i, t, u, v, w, j;
+ int err;
- if (key_len != AES_KEYSIZE_128 && key_len != AES_KEYSIZE_192 &&
- key_len != AES_KEYSIZE_256)
- return -EINVAL;
+ err = check_aes_keylen(key_len);
+ if (err)
+ return err;
ctx->key_length = key_len;
diff --git a/crypto/aes_ti.c b/crypto/aes_ti.c
index 1ff9785b..786311c 100644
--- a/crypto/aes_ti.c
+++ b/crypto/aes_ti.c
@@ -172,11 +172,11 @@ static int aesti_expand_key(struct crypto_aes_ctx *ctx, const u8 *in_key,
{
u32 kwords = key_len / sizeof(u32);
u32 rc, i, j;
+ int err;
- if (key_len != AES_KEYSIZE_128 &&
- key_len != AES_KEYSIZE_192 &&
- key_len != AES_KEYSIZE_256)
- return -EINVAL;
+ err = check_aes_keylen(key_len);
+ if (err)
+ return err;
ctx->key_length = key_len;
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index 0fdb542..c3a92ca 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -33,6 +33,23 @@ extern const u32 crypto_fl_tab[4][256] ____cacheline_aligned;
extern const u32 crypto_it_tab[4][256] ____cacheline_aligned;
extern const u32 crypto_il_tab[4][256] ____cacheline_aligned;
+/*
+ * validate key length for AES algorithms
+ */
+static inline int check_aes_keylen(unsigned int keylen)
+{
+ switch (keylen) {
+ case AES_KEYSIZE_128:
+ case AES_KEYSIZE_192:
+ case AES_KEYSIZE_256:
+ break;
+ default:
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
unsigned int key_len);
int crypto_aes_expand_key(struct crypto_aes_ctx *ctx, const u8 *in_key,
--
2.1.0
next prev parent reply other threads:[~2019-07-25 13:47 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-25 13:47 [PATCH 0/2] crypto: validate inputs for gcm and aes Iuliana Prodan
2019-07-25 13:47 ` [PATCH 1/2] crypto: gcm - helper functions for assoclen/authsize check Iuliana Prodan
2019-07-26 14:12 ` Horia Geanta
2019-07-25 13:47 ` Iuliana Prodan [this message]
2019-07-26 13:49 ` [PATCH 2/2] crypto: aes - helper function to validate key length for AES algorithms Horia Geanta
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1564062431-8873-3-git-send-email-iuliana.prodan@nxp.com \
--to=iuliana.prodan@nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).