crypto: sig - Rename crypto_sig_maxsize() to crypto_sig_keysize()

crypto_sig_maxsize() is a bit of a misnomer as it doesn't return the
maximum signature size, but rather the key size.

Rename it as well as all implementations of the ->max_size callback.
A subsequent commit introduces a crypto_sig_maxsize() function which
returns the actual maximum signature size.

While at it, change the return type of crypto_sig_keysize() from int to
unsigned int for consistency with crypto_akcipher_maxsize().  None of
the callers checks for a negative return value and an error condition
can always be indicated by returning zero.

Signed-off-by: Lukas Wunner <lukas@wunner.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
Lukas Wunner 2024-09-10 16:30:26 +02:00 committed by Herbert Xu
parent d6793ff974
commit 221f00418e
9 changed files with 26 additions and 25 deletions

View File

@ -11,4 +11,5 @@ Asymmetric Signature API
:doc: Generic Public Key Signature API :doc: Generic Public Key Signature API
.. kernel-doc:: include/crypto/sig.h .. kernel-doc:: include/crypto/sig.h
:functions: crypto_alloc_sig crypto_free_sig crypto_sig_set_pubkey crypto_sig_set_privkey crypto_sig_maxsize crypto_sig_sign crypto_sig_verify :functions: crypto_alloc_sig crypto_free_sig crypto_sig_set_pubkey crypto_sig_set_privkey crypto_sig_keysize crypto_sig_sign crypto_sig_verify

View File

@ -201,7 +201,7 @@ static int software_key_query(const struct kernel_pkey_params *params,
if (ret < 0) if (ret < 0)
goto error_free_tfm; goto error_free_tfm;
len = crypto_sig_maxsize(sig); len = crypto_sig_keysize(sig);
info->supported_ops = KEYCTL_SUPPORTS_VERIFY; info->supported_ops = KEYCTL_SUPPORTS_VERIFY;
if (pkey->key_is_private) if (pkey->key_is_private)
@ -332,7 +332,7 @@ static int software_key_eds_op(struct kernel_pkey_params *params,
if (ret) if (ret)
goto error_free_tfm; goto error_free_tfm;
ksz = crypto_sig_maxsize(sig); ksz = crypto_sig_keysize(sig);
} else { } else {
tfm = crypto_alloc_akcipher(alg_name, 0, 0); tfm = crypto_alloc_akcipher(alg_name, 0, 0);
if (IS_ERR(tfm)) { if (IS_ERR(tfm)) {

View File

@ -81,7 +81,7 @@ static int ecdsa_x962_verify(struct crypto_sig *tfm,
struct ecdsa_x962_signature_ctx sig_ctx; struct ecdsa_x962_signature_ctx sig_ctx;
int err; int err;
sig_ctx.ndigits = DIV_ROUND_UP(crypto_sig_maxsize(ctx->child), sig_ctx.ndigits = DIV_ROUND_UP(crypto_sig_keysize(ctx->child),
sizeof(u64)); sizeof(u64));
err = asn1_ber_decoder(&ecdsasignature_decoder, &sig_ctx, src, slen); err = asn1_ber_decoder(&ecdsasignature_decoder, &sig_ctx, src, slen);
@ -92,11 +92,11 @@ static int ecdsa_x962_verify(struct crypto_sig *tfm,
digest, dlen); digest, dlen);
} }
static unsigned int ecdsa_x962_max_size(struct crypto_sig *tfm) static unsigned int ecdsa_x962_key_size(struct crypto_sig *tfm)
{ {
struct ecdsa_x962_ctx *ctx = crypto_sig_ctx(tfm); struct ecdsa_x962_ctx *ctx = crypto_sig_ctx(tfm);
return crypto_sig_maxsize(ctx->child); return crypto_sig_keysize(ctx->child);
} }
static int ecdsa_x962_set_pub_key(struct crypto_sig *tfm, static int ecdsa_x962_set_pub_key(struct crypto_sig *tfm,
@ -179,7 +179,7 @@ static int ecdsa_x962_create(struct crypto_template *tmpl, struct rtattr **tb)
inst->alg.exit = ecdsa_x962_exit_tfm; inst->alg.exit = ecdsa_x962_exit_tfm;
inst->alg.verify = ecdsa_x962_verify; inst->alg.verify = ecdsa_x962_verify;
inst->alg.max_size = ecdsa_x962_max_size; inst->alg.key_size = ecdsa_x962_key_size;
inst->alg.set_pub_key = ecdsa_x962_set_pub_key; inst->alg.set_pub_key = ecdsa_x962_set_pub_key;
inst->free = ecdsa_x962_free; inst->free = ecdsa_x962_free;

View File

@ -162,7 +162,7 @@ static void ecdsa_exit_tfm(struct crypto_sig *tfm)
ecdsa_ecc_ctx_deinit(ctx); ecdsa_ecc_ctx_deinit(ctx);
} }
static unsigned int ecdsa_max_size(struct crypto_sig *tfm) static unsigned int ecdsa_key_size(struct crypto_sig *tfm)
{ {
struct ecc_ctx *ctx = crypto_sig_ctx(tfm); struct ecc_ctx *ctx = crypto_sig_ctx(tfm);
@ -179,7 +179,7 @@ static int ecdsa_nist_p521_init_tfm(struct crypto_sig *tfm)
static struct sig_alg ecdsa_nist_p521 = { static struct sig_alg ecdsa_nist_p521 = {
.verify = ecdsa_verify, .verify = ecdsa_verify,
.set_pub_key = ecdsa_set_pub_key, .set_pub_key = ecdsa_set_pub_key,
.max_size = ecdsa_max_size, .key_size = ecdsa_key_size,
.init = ecdsa_nist_p521_init_tfm, .init = ecdsa_nist_p521_init_tfm,
.exit = ecdsa_exit_tfm, .exit = ecdsa_exit_tfm,
.base = { .base = {
@ -201,7 +201,7 @@ static int ecdsa_nist_p384_init_tfm(struct crypto_sig *tfm)
static struct sig_alg ecdsa_nist_p384 = { static struct sig_alg ecdsa_nist_p384 = {
.verify = ecdsa_verify, .verify = ecdsa_verify,
.set_pub_key = ecdsa_set_pub_key, .set_pub_key = ecdsa_set_pub_key,
.max_size = ecdsa_max_size, .key_size = ecdsa_key_size,
.init = ecdsa_nist_p384_init_tfm, .init = ecdsa_nist_p384_init_tfm,
.exit = ecdsa_exit_tfm, .exit = ecdsa_exit_tfm,
.base = { .base = {
@ -223,7 +223,7 @@ static int ecdsa_nist_p256_init_tfm(struct crypto_sig *tfm)
static struct sig_alg ecdsa_nist_p256 = { static struct sig_alg ecdsa_nist_p256 = {
.verify = ecdsa_verify, .verify = ecdsa_verify,
.set_pub_key = ecdsa_set_pub_key, .set_pub_key = ecdsa_set_pub_key,
.max_size = ecdsa_max_size, .key_size = ecdsa_key_size,
.init = ecdsa_nist_p256_init_tfm, .init = ecdsa_nist_p256_init_tfm,
.exit = ecdsa_exit_tfm, .exit = ecdsa_exit_tfm,
.base = { .base = {
@ -245,7 +245,7 @@ static int ecdsa_nist_p192_init_tfm(struct crypto_sig *tfm)
static struct sig_alg ecdsa_nist_p192 = { static struct sig_alg ecdsa_nist_p192 = {
.verify = ecdsa_verify, .verify = ecdsa_verify,
.set_pub_key = ecdsa_set_pub_key, .set_pub_key = ecdsa_set_pub_key,
.max_size = ecdsa_max_size, .key_size = ecdsa_key_size,
.init = ecdsa_nist_p192_init_tfm, .init = ecdsa_nist_p192_init_tfm,
.exit = ecdsa_exit_tfm, .exit = ecdsa_exit_tfm,
.base = { .base = {

View File

@ -241,7 +241,7 @@ static int ecrdsa_set_pub_key(struct crypto_sig *tfm, const void *key,
return 0; return 0;
} }
static unsigned int ecrdsa_max_size(struct crypto_sig *tfm) static unsigned int ecrdsa_key_size(struct crypto_sig *tfm)
{ {
struct ecrdsa_ctx *ctx = crypto_sig_ctx(tfm); struct ecrdsa_ctx *ctx = crypto_sig_ctx(tfm);
@ -259,7 +259,7 @@ static void ecrdsa_exit_tfm(struct crypto_sig *tfm)
static struct sig_alg ecrdsa_alg = { static struct sig_alg ecrdsa_alg = {
.verify = ecrdsa_verify, .verify = ecrdsa_verify,
.set_pub_key = ecrdsa_set_pub_key, .set_pub_key = ecrdsa_set_pub_key,
.max_size = ecrdsa_max_size, .key_size = ecrdsa_key_size,
.exit = ecrdsa_exit_tfm, .exit = ecrdsa_exit_tfm,
.base = { .base = {
.cra_name = "ecrdsa", .cra_name = "ecrdsa",

View File

@ -302,7 +302,7 @@ static int rsassa_pkcs1_verify(struct crypto_sig *tfm,
return 0; return 0;
} }
static unsigned int rsassa_pkcs1_max_size(struct crypto_sig *tfm) static unsigned int rsassa_pkcs1_key_size(struct crypto_sig *tfm)
{ {
struct rsassa_pkcs1_ctx *ctx = crypto_sig_ctx(tfm); struct rsassa_pkcs1_ctx *ctx = crypto_sig_ctx(tfm);
@ -419,7 +419,7 @@ static int rsassa_pkcs1_create(struct crypto_template *tmpl, struct rtattr **tb)
inst->alg.sign = rsassa_pkcs1_sign; inst->alg.sign = rsassa_pkcs1_sign;
inst->alg.verify = rsassa_pkcs1_verify; inst->alg.verify = rsassa_pkcs1_verify;
inst->alg.max_size = rsassa_pkcs1_max_size; inst->alg.key_size = rsassa_pkcs1_key_size;
inst->alg.set_pub_key = rsassa_pkcs1_set_pub_key; inst->alg.set_pub_key = rsassa_pkcs1_set_pub_key;
inst->alg.set_priv_key = rsassa_pkcs1_set_priv_key; inst->alg.set_priv_key = rsassa_pkcs1_set_priv_key;

View File

@ -125,7 +125,7 @@ int crypto_register_sig(struct sig_alg *alg)
alg->set_priv_key = sig_default_set_key; alg->set_priv_key = sig_default_set_key;
if (!alg->set_pub_key) if (!alg->set_pub_key)
return -EINVAL; return -EINVAL;
if (!alg->max_size) if (!alg->key_size)
return -EINVAL; return -EINVAL;
sig_prepare_alg(alg); sig_prepare_alg(alg);

View File

@ -4340,7 +4340,7 @@ static int test_sig_one(struct crypto_sig *tfm, const struct sig_testvec *vecs)
if (vecs->public_key_vec) if (vecs->public_key_vec)
return 0; return 0;
sig_size = crypto_sig_maxsize(tfm); sig_size = crypto_sig_keysize(tfm);
if (sig_size < vecs->c_size) { if (sig_size < vecs->c_size) {
pr_err("alg: sig: invalid maxsize %u\n", sig_size); pr_err("alg: sig: invalid maxsize %u\n", sig_size);
return -EINVAL; return -EINVAL;

View File

@ -32,7 +32,7 @@ struct crypto_sig {
* @set_priv_key: Function invokes the algorithm specific set private key * @set_priv_key: Function invokes the algorithm specific set private key
* function, which knows how to decode and interpret * function, which knows how to decode and interpret
* the BER encoded private key and parameters. Optional. * the BER encoded private key and parameters. Optional.
* @max_size: Function returns key size. Mandatory. * @key_size: Function returns key size. Mandatory.
* @init: Initialize the cryptographic transformation object. * @init: Initialize the cryptographic transformation object.
* This function is used to initialize the cryptographic * This function is used to initialize the cryptographic
* transformation object. This function is called only once at * transformation object. This function is called only once at
@ -58,7 +58,7 @@ struct sig_alg {
const void *key, unsigned int keylen); const void *key, unsigned int keylen);
int (*set_priv_key)(struct crypto_sig *tfm, int (*set_priv_key)(struct crypto_sig *tfm,
const void *key, unsigned int keylen); const void *key, unsigned int keylen);
unsigned int (*max_size)(struct crypto_sig *tfm); unsigned int (*key_size)(struct crypto_sig *tfm);
int (*init)(struct crypto_sig *tfm); int (*init)(struct crypto_sig *tfm);
void (*exit)(struct crypto_sig *tfm); void (*exit)(struct crypto_sig *tfm);
@ -121,20 +121,20 @@ static inline void crypto_free_sig(struct crypto_sig *tfm)
} }
/** /**
* crypto_sig_maxsize() - Get len for output buffer * crypto_sig_keysize() - Get key size
* *
* Function returns the dest buffer size required for a given key. * Function returns the key size in bytes.
* Function assumes that the key is already set in the transformation. If this * Function assumes that the key is already set in the transformation. If this
* function is called without a setkey or with a failed setkey, you will end up * function is called without a setkey or with a failed setkey, you may end up
* in a NULL dereference. * in a NULL dereference.
* *
* @tfm: signature tfm handle allocated with crypto_alloc_sig() * @tfm: signature tfm handle allocated with crypto_alloc_sig()
*/ */
static inline int crypto_sig_maxsize(struct crypto_sig *tfm) static inline unsigned int crypto_sig_keysize(struct crypto_sig *tfm)
{ {
struct sig_alg *alg = crypto_sig_alg(tfm); struct sig_alg *alg = crypto_sig_alg(tfm);
return alg->max_size(tfm); return alg->key_size(tfm);
} }
/** /**