tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

crypto: rsa-pkcs1pad - use clearer variable names

The new convention for akcipher_alg::verify makes it unclear which
values are the lengths of the signature and digest. Add local variables
to make it clearer what is going on.

Also rename the digest_size variable in pkcs1pad_sign(), as it is
actually the digest *info* size, not the digest size which is different.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Eric Biggers and committed by
Herbert Xu c2a28fdb a24611ea

+16 -15
+16 -15
crypto/rsa-pkcs1pad.c
··· 385 385 struct pkcs1pad_inst_ctx *ictx = akcipher_instance_ctx(inst); 386 386 const struct rsa_asn1_template *digest_info = ictx->digest_info; 387 387 int err; 388 - unsigned int ps_end, digest_size = 0; 388 + unsigned int ps_end, digest_info_size = 0; 389 389 390 390 if (!ctx->key_size) 391 391 return -EINVAL; 392 392 393 393 if (digest_info) 394 - digest_size = digest_info->size; 394 + digest_info_size = digest_info->size; 395 395 396 - if (req->src_len + digest_size > ctx->key_size - 11) 396 + if (req->src_len + digest_info_size > ctx->key_size - 11) 397 397 return -EOVERFLOW; 398 398 399 399 if (req->dst_len < ctx->key_size) { ··· 406 406 if (!req_ctx->in_buf) 407 407 return -ENOMEM; 408 408 409 - ps_end = ctx->key_size - digest_size - req->src_len - 2; 409 + ps_end = ctx->key_size - digest_info_size - req->src_len - 2; 410 410 req_ctx->in_buf[0] = 0x01; 411 411 memset(req_ctx->in_buf + 1, 0xff, ps_end - 1); 412 412 req_ctx->in_buf[ps_end] = 0x00; ··· 441 441 struct akcipher_instance *inst = akcipher_alg_instance(tfm); 442 442 struct pkcs1pad_inst_ctx *ictx = akcipher_instance_ctx(inst); 443 443 const struct rsa_asn1_template *digest_info = ictx->digest_info; 444 + const unsigned int sig_size = req->src_len; 445 + const unsigned int digest_size = req->dst_len; 444 446 unsigned int dst_len; 445 447 unsigned int pos; 446 448 u8 *out_buf; ··· 489 487 490 488 err = 0; 491 489 492 - if (req->dst_len != dst_len - pos) { 490 + if (digest_size != dst_len - pos) { 493 491 err = -EKEYREJECTED; 494 492 req->dst_len = dst_len - pos; 495 493 goto done; 496 494 } 497 495 /* Extract appended digest. */ 498 496 sg_pcopy_to_buffer(req->src, 499 - sg_nents_for_len(req->src, 500 - req->src_len + req->dst_len), 497 + sg_nents_for_len(req->src, sig_size + digest_size), 501 498 req_ctx->out_buf + ctx->key_size, 502 - req->dst_len, req->src_len); 499 + digest_size, sig_size); 503 500 /* Do the actual verification step. */ 504 501 if (memcmp(req_ctx->out_buf + ctx->key_size, out_buf + pos, 505 - req->dst_len) != 0) 502 + digest_size) != 0) 506 503 err = -EKEYREJECTED; 507 504 done: 508 505 kfree_sensitive(req_ctx->out_buf); ··· 537 536 struct crypto_akcipher *tfm = crypto_akcipher_reqtfm(req); 538 537 struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); 539 538 struct pkcs1pad_request *req_ctx = akcipher_request_ctx(req); 539 + const unsigned int sig_size = req->src_len; 540 + const unsigned int digest_size = req->dst_len; 540 541 int err; 541 542 542 - if (WARN_ON(req->dst) || 543 - WARN_ON(!req->dst_len) || 544 - !ctx->key_size || req->src_len != ctx->key_size) 543 + if (WARN_ON(req->dst) || WARN_ON(!digest_size) || 544 + !ctx->key_size || sig_size != ctx->key_size) 545 545 return -EINVAL; 546 546 547 - req_ctx->out_buf = kmalloc(ctx->key_size + req->dst_len, GFP_KERNEL); 547 + req_ctx->out_buf = kmalloc(ctx->key_size + digest_size, GFP_KERNEL); 548 548 if (!req_ctx->out_buf) 549 549 return -ENOMEM; 550 550 ··· 558 556 559 557 /* Reuse input buffer, output to a new buffer */ 560 558 akcipher_request_set_crypt(&req_ctx->child_req, req->src, 561 - req_ctx->out_sg, req->src_len, 562 - ctx->key_size); 559 + req_ctx->out_sg, sig_size, ctx->key_size); 563 560 564 561 err = crypto_akcipher_encrypt(&req_ctx->child_req); 565 562 if (err != -EINPROGRESS && err != -EBUSY)