lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAOi1vP9kB5a-JeZ1PriwyQO0XH4Qh3UKidp==NPvVw-AsL=uqw@mail.gmail.com>
Date:	Tue, 26 Jan 2016 12:29:57 +0100
From:	Ilya Dryomov <idryomov@...il.com>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	Linux Crypto Mailing List <linux-crypto@...r.kernel.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	netdev <netdev@...r.kernel.org>, devel@...verdev.osuosl.org,
	dm-devel@...hat.com, linux-wireless@...r.kernel.org,
	linux-cifs@...r.kernel.org, ecryptfs@...r.kernel.org,
	linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
	linux-nfs@...r.kernel.org, keyrings@...r.kernel.org,
	linux-bluetooth@...r.kernel.org,
	Ceph Development <ceph-devel@...r.kernel.org>,
	linux-wpan@...r.kernel.org, linux-afs@...ts.infradead.org,
	Lars Ellenberg <drbd-dev@...ts.linbit.com>,
	open-iscsi@...glegroups.com
Subject: Re: [PATCH 16/26] libceph: Use skcipher

On Tue, Jan 26, 2016 at 11:54 AM, Herbert Xu
<herbert@...dor.apana.org.au> wrote:
> On Mon, Jan 25, 2016 at 05:18:47PM +0100, Ilya Dryomov wrote:
>>
>> Could you get rid of ivsize instead of assigning to it - see the
>> attached diff?
>
> How about an incremental patch like this? Thanks!
>
> ---8<---
> From: Ilya Dryomov <idryomov@...il.com>
> Subject: libceph: Remove unnecessary ivsize variables
>
> This patch removes the unnecessary ivsize variabls as they always
> have the value of AES_BLOCK_SIZE.
>
> Signed-off-by: Ilya Dryomov <idryomov@...il.com>
>
> diff --git a/net/ceph/crypto.c b/net/ceph/crypto.c
> index fb9cb2b..db2847a 100644
> --- a/net/ceph/crypto.c
> +++ b/net/ceph/crypto.c
> @@ -166,8 +166,7 @@ static int ceph_aes_encrypt(const void *key, int key_len,
>         struct crypto_skcipher *tfm = ceph_crypto_alloc_cipher();
>         SKCIPHER_REQUEST_ON_STACK(req, tfm);
>         int ret;
> -       int ivsize = AES_BLOCK_SIZE;
> -       char iv[ivsize];
> +       char iv[AES_BLOCK_SIZE];
>         size_t zero_padding = (0x10 - (src_len & 0x0f));
>         char pad[16];
>
> @@ -186,7 +185,7 @@ static int ceph_aes_encrypt(const void *key, int key_len,
>                 goto out_tfm;
>
>         crypto_skcipher_setkey((void *)tfm, key, key_len);
> -       memcpy(iv, aes_iv, ivsize);
> +       memcpy(iv, aes_iv, AES_BLOCK_SIZE);
>
>         skcipher_request_set_tfm(req, tfm);
>         skcipher_request_set_callback(req, 0, NULL, NULL);
> @@ -229,8 +228,7 @@ static int ceph_aes_encrypt2(const void *key, int key_len, void *dst,
>         struct crypto_skcipher *tfm = ceph_crypto_alloc_cipher();
>         SKCIPHER_REQUEST_ON_STACK(req, tfm);
>         int ret;
> -       int ivsize = AES_BLOCK_SIZE;
> -       char iv[ivsize];
> +       char iv[AES_BLOCK_SIZE];
>         size_t zero_padding = (0x10 - ((src1_len + src2_len) & 0x0f));
>         char pad[16];
>
> @@ -250,7 +248,7 @@ static int ceph_aes_encrypt2(const void *key, int key_len, void *dst,
>                 goto out_tfm;
>
>         crypto_skcipher_setkey((void *)tfm, key, key_len);
> -       memcpy(iv, aes_iv, ivsize);
> +       memcpy(iv, aes_iv, AES_BLOCK_SIZE);
>
>         skcipher_request_set_tfm(req, tfm);
>         skcipher_request_set_callback(req, 0, NULL, NULL);
> @@ -294,8 +292,7 @@ static int ceph_aes_decrypt(const void *key, int key_len,
>         struct crypto_skcipher *tfm = ceph_crypto_alloc_cipher();
>         SKCIPHER_REQUEST_ON_STACK(req, tfm);
>         char pad[16];
> -       int ivsize = AES_BLOCK_SIZE;
> -       char iv[16];
> +       char iv[AES_BLOCK_SIZE];
>         int ret;
>         int last_byte;
>
> @@ -310,7 +307,7 @@ static int ceph_aes_decrypt(const void *key, int key_len,
>                 goto out_tfm;
>
>         crypto_skcipher_setkey((void *)tfm, key, key_len);
> -       memcpy(iv, aes_iv, ivsize);
> +       memcpy(iv, aes_iv, AES_BLOCK_SIZE);
>
>         skcipher_request_set_tfm(req, tfm);
>         skcipher_request_set_callback(req, 0, NULL, NULL);
> @@ -363,8 +360,7 @@ static int ceph_aes_decrypt2(const void *key, int key_len,
>         struct crypto_skcipher *tfm = ceph_crypto_alloc_cipher();
>         SKCIPHER_REQUEST_ON_STACK(req, tfm);
>         char pad[16];
> -       int ivsize = AES_BLOCK_SIZE;
> -       char iv[ivsize];
> +       char iv[AES_BLOCK_SIZE];
>         int ret;
>         int last_byte;
>
> @@ -380,7 +376,7 @@ static int ceph_aes_decrypt2(const void *key, int key_len,
>                 goto out_tfm;
>
>         crypto_skcipher_setkey((void *)tfm, key, key_len);
> -       memcpy(iv, aes_iv, ivsize);
> +       memcpy(iv, aes_iv, AES_BLOCK_SIZE);
>
>         skcipher_request_set_tfm(req, tfm);
>         skcipher_request_set_callback(req, 0, NULL, NULL);

LGTM.  You want to take it through crypto?

Thanks,

                Ilya

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ