From: Iuliana Prodan <iuliana.prodan@nxp.com>
To: Herbert Xu <herbert@gondor.apana.org.au>,
"David S. Miller" <davem@davemloft.net>
Cc: linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
linux-imx <linux-imx@nxp.com>
Subject: [PATCH v3 2/2] crypto: aes - helper function to validate key length for AES algorithms
Date: Wed, 31 Jul 2019 16:05:55 +0300 [thread overview]
Message-ID: <1564578355-9639-3-git-send-email-iuliana.prodan@nxp.com> (raw)
In-Reply-To: <1564578355-9639-1-git-send-email-iuliana.prodan@nxp.com>
Add inline helper function to check key length for AES algorithms.
The key can be 128, 192 or 256 bits size.
This function is used in the generic aes implementation.
Signed-off-by: Iuliana Prodan <iuliana.prodan@nxp.com>
---
include/crypto/aes.h | 17 +++++++++++++++++
lib/crypto/aes.c | 8 ++++----
2 files changed, 21 insertions(+), 4 deletions(-)
diff --git a/include/crypto/aes.h b/include/crypto/aes.h
index 8e0f4cf..2090729 100644
--- a/include/crypto/aes.h
+++ b/include/crypto/aes.h
@@ -31,6 +31,23 @@ struct crypto_aes_ctx {
extern const u32 crypto_ft_tab[4][256] ____cacheline_aligned;
extern const u32 crypto_it_tab[4][256] ____cacheline_aligned;
+/*
+ * validate key length for AES algorithms
+ */
+static inline int aes_check_keylen(unsigned int keylen)
+{
+ switch (keylen) {
+ case AES_KEYSIZE_128:
+ case AES_KEYSIZE_192:
+ case AES_KEYSIZE_256:
+ break;
+ default:
+ return -EINVAL;
+ }
+
+ return 0;
+}
+
int crypto_aes_set_key(struct crypto_tfm *tfm, const u8 *in_key,
unsigned int key_len);
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index 4e100af..827fe89 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -187,11 +187,11 @@ int aes_expandkey(struct crypto_aes_ctx *ctx, const u8 *in_key,
{
u32 kwords = key_len / sizeof(u32);
u32 rc, i, j;
+ int err;
- if (key_len != AES_KEYSIZE_128 &&
- key_len != AES_KEYSIZE_192 &&
- key_len != AES_KEYSIZE_256)
- return -EINVAL;
+ err = aes_check_keylen(key_len);
+ if (err)
+ return err;
ctx->key_length = key_len;
--
2.1.0
next prev parent reply other threads:[~2019-07-31 13:06 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-07-31 13:05 [PATCH v3 0/2] crypto: validate inputs for gcm and aes Iuliana Prodan
2019-07-31 13:05 ` [PATCH v3 1/2] crypto: gcm - helper functions for assoclen/authsize check Iuliana Prodan
2019-07-31 13:05 ` Iuliana Prodan [this message]
2019-07-31 13:35 ` [PATCH v3 0/2] crypto: validate inputs for gcm and aes Horia Geanta
2019-08-01 7:14 ` Ard Biesheuvel
2019-08-09 6:18 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1564578355-9639-3-git-send-email-iuliana.prodan@nxp.com \
--to=iuliana.prodan@nxp.com \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-imx@nxp.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).