Commit 73f79189 authored by Herbert Xu's avatar Herbert Xu

crypto: rsa-pkcs1pad - Move key size check to setkey

Rather than repeatedly checking the key size on each operation,
we should be checking it once when the key is set.
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
parent 3a32ce50
...@@ -111,40 +111,48 @@ static int pkcs1pad_set_pub_key(struct crypto_akcipher *tfm, const void *key, ...@@ -111,40 +111,48 @@ static int pkcs1pad_set_pub_key(struct crypto_akcipher *tfm, const void *key,
unsigned int keylen) unsigned int keylen)
{ {
struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
int err, size; int err;
ctx->key_size = 0;
err = crypto_akcipher_set_pub_key(ctx->child, key, keylen); err = crypto_akcipher_set_pub_key(ctx->child, key, keylen);
if (err)
return err;
if (!err) {
/* Find out new modulus size from rsa implementation */ /* Find out new modulus size from rsa implementation */
size = crypto_akcipher_maxsize(ctx->child); err = crypto_akcipher_maxsize(ctx->child);
if (err < 0)
return err;
ctx->key_size = size > 0 ? size : 0; if (err > PAGE_SIZE)
if (size <= 0) return -ENOTSUPP;
err = size;
}
return err; ctx->key_size = err;
return 0;
} }
static int pkcs1pad_set_priv_key(struct crypto_akcipher *tfm, const void *key, static int pkcs1pad_set_priv_key(struct crypto_akcipher *tfm, const void *key,
unsigned int keylen) unsigned int keylen)
{ {
struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm); struct pkcs1pad_ctx *ctx = akcipher_tfm_ctx(tfm);
int err, size; int err;
ctx->key_size = 0;
err = crypto_akcipher_set_priv_key(ctx->child, key, keylen); err = crypto_akcipher_set_priv_key(ctx->child, key, keylen);
if (err)
return err;
if (!err) {
/* Find out new modulus size from rsa implementation */ /* Find out new modulus size from rsa implementation */
size = crypto_akcipher_maxsize(ctx->child); err = crypto_akcipher_maxsize(ctx->child);
if (err < 0)
return err;
ctx->key_size = size > 0 ? size : 0; if (err > PAGE_SIZE)
if (size <= 0) return -ENOTSUPP;
err = size;
}
return err; ctx->key_size = err;
return 0;
} }
static int pkcs1pad_get_max_size(struct crypto_akcipher *tfm) static int pkcs1pad_get_max_size(struct crypto_akcipher *tfm)
...@@ -247,9 +255,6 @@ static int pkcs1pad_encrypt(struct akcipher_request *req) ...@@ -247,9 +255,6 @@ static int pkcs1pad_encrypt(struct akcipher_request *req)
return -EOVERFLOW; return -EOVERFLOW;
} }
if (ctx->key_size > PAGE_SIZE)
return -ENOTSUPP;
/* /*
* Replace both input and output to add the padding in the input and * Replace both input and output to add the padding in the input and
* the potential missing leading zeros in the output. * the potential missing leading zeros in the output.
...@@ -367,9 +372,6 @@ static int pkcs1pad_decrypt(struct akcipher_request *req) ...@@ -367,9 +372,6 @@ static int pkcs1pad_decrypt(struct akcipher_request *req)
if (!ctx->key_size || req->src_len != ctx->key_size) if (!ctx->key_size || req->src_len != ctx->key_size)
return -EINVAL; return -EINVAL;
if (ctx->key_size > PAGE_SIZE)
return -ENOTSUPP;
/* Reuse input buffer, output to a new buffer */ /* Reuse input buffer, output to a new buffer */
req_ctx->child_req.src = req->src; req_ctx->child_req.src = req->src;
req_ctx->child_req.src_len = req->src_len; req_ctx->child_req.src_len = req->src_len;
...@@ -420,9 +422,6 @@ static int pkcs1pad_sign(struct akcipher_request *req) ...@@ -420,9 +422,6 @@ static int pkcs1pad_sign(struct akcipher_request *req)
return -EOVERFLOW; return -EOVERFLOW;
} }
if (ctx->key_size > PAGE_SIZE)
return -ENOTSUPP;
/* /*
* Replace both input and output to add the padding in the input and * Replace both input and output to add the padding in the input and
* the potential missing leading zeros in the output. * the potential missing leading zeros in the output.
...@@ -560,9 +559,6 @@ static int pkcs1pad_verify(struct akcipher_request *req) ...@@ -560,9 +559,6 @@ static int pkcs1pad_verify(struct akcipher_request *req)
if (!ctx->key_size || req->src_len < ctx->key_size) if (!ctx->key_size || req->src_len < ctx->key_size)
return -EINVAL; return -EINVAL;
if (ctx->key_size > PAGE_SIZE)
return -ENOTSUPP;
/* Reuse input buffer, output to a new buffer */ /* Reuse input buffer, output to a new buffer */
req_ctx->child_req.src = req->src; req_ctx->child_req.src = req->src;
req_ctx->child_req.src_len = req->src_len; req_ctx->child_req.src_len = req->src_len;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment