encrypted-keys: style and other cleanup

Cleanup based on David Howells suggestions: - use static const char arrays instead of #define - rename init_sdesc to alloc_sdesc - convert 'unsigned int' definitions to 'size_t' - revert remaining 'const unsigned int' definitions to 'unsigned int' Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Acked-by: David Howells <dhowells@redhat.com> Signed-off-by: James Morris <jmorris@namei.org>
author: Mimi Zohar <zohar@linux.vnet.ibm.com> 2010-12-13 16:53:13 -0500
committer: James Morris <jmorris@namei.org> 2010-12-15 01:44:34 -0500
commit: 3b1826cebe1d534ec05417a29b9a9f82651a5cb5 (patch)
tree: 38fc352e647df90c86a0b03722eff8f66b7eb607 /security
parent: 1f35065a9e2573427ce3fd6c4a40b355c2ddfb92 (diff)
2 files changed, 29 insertions, 37 deletions
diff --git a/security/keys/encrypted_defined.c b/security/keys/encrypted_defined.c
index d653e991c694..32d27c858388 100644
--- a/security/keys/encrypted_defined.c
+++ b/security/keys/encrypted_defined.c
@@ -32,21 +32,20 @@
 #include "encrypted_defined.h"
-#define KEY_TRUSTED_PREFIX "trusted:"
+static const char KEY_TRUSTED_PREFIX[] = "trusted:";
-#define KEY_TRUSTED_PREFIX_LEN (sizeof (KEY_TRUSTED_PREFIX) - 1)
+static const char KEY_USER_PREFIX[] = "user:";
-#define KEY_USER_PREFIX "user:"
-#define KEY_USER_PREFIX_LEN (sizeof (KEY_USER_PREFIX) - 1)
-#define HASH_SIZE SHA256_DIGEST_SIZE
-#define MAX_DATA_SIZE 4096
-#define MIN_DATA_SIZE  20
 static const char hash_alg[] = "sha256";
 static const char hmac_alg[] = "hmac(sha256)";
 static const char blkcipher_alg[] = "cbc(aes)";
 static unsigned int ivsize;
 static int blksize;
+#define KEY_TRUSTED_PREFIX_LEN (sizeof (KEY_TRUSTED_PREFIX) - 1)
+#define KEY_USER_PREFIX_LEN (sizeof (KEY_USER_PREFIX) - 1)
+#define HASH_SIZE SHA256_DIGEST_SIZE
+#define MAX_DATA_SIZE 4096
+#define MIN_DATA_SIZE  20
 struct sdesc {
        struct shash_desc shash;
        char ctx[];
@@ -217,8 +216,7 @@ out:
 * data, trusted key type data is not visible decrypted from userspace.
 */
 static struct key *request_trusted_key(const char *trusted_desc,
-                                       u8 **master_key,
+                                       u8 **master_key, size_t *master_keylen)
-                                       unsigned int *master_keylen)
 {
        struct trusted_key_payload *tpayload;
        struct key *tkey;
@@ -241,7 +239,7 @@ error:
 * Use a user provided key to encrypt/decrypt an encrypted-key.
 */
 static struct key *request_user_key(const char *master_desc, u8 **master_key,
-                                    unsigned int *master_keylen)
+                                    size_t *master_keylen)
 {
        struct user_key_payload *upayload;
        struct key *ukey;
@@ -258,7 +256,7 @@ error:
        return ukey;
 }
-static struct sdesc *init_sdesc(struct crypto_shash *alg)
+static struct sdesc *alloc_sdesc(struct crypto_shash *alg)
 {
        struct sdesc *sdesc;
        int size;
@@ -272,13 +270,13 @@ static struct sdesc *init_sdesc(struct crypto_shash *alg)
        return sdesc;
 }
-static int calc_hmac(u8 *digest, const u8 *key, const unsigned int keylen,
+static int calc_hmac(u8 *digest, const u8 *key, unsigned int keylen,
-                     const u8 *buf, const unsigned int buflen)
+                     const u8 *buf, unsigned int buflen)
 {
        struct sdesc *sdesc;
        int ret;
-        sdesc = init_sdesc(hmacalg);
+        sdesc = alloc_sdesc(hmacalg);
        if (IS_ERR(sdesc)) {
                pr_info("encrypted_key: can't alloc %s\n", hmac_alg);
                return PTR_ERR(sdesc);
@@ -291,12 +289,12 @@ static int calc_hmac(u8 *digest, const u8 *key, const unsigned int keylen,
        return ret;
 }
-static int calc_hash(u8 *digest, const u8 *buf, const unsigned int buflen)
+static int calc_hash(u8 *digest, const u8 *buf, unsigned int buflen)
 {
        struct sdesc *sdesc;
        int ret;
-        sdesc = init_sdesc(hashalg);
+        sdesc = alloc_sdesc(hashalg);
        if (IS_ERR(sdesc)) {
                pr_info("encrypted_key: can't alloc %s\n", hash_alg);
                return PTR_ERR(sdesc);
@@ -311,8 +309,7 @@ enum derived_key_type { ENC_KEY, AUTH_KEY };
 /* Derive authentication/encryption key from trusted key */
 static int get_derived_key(u8 *derived_key, enum derived_key_type key_type,
-                           const u8 *master_key,
+                           const u8 *master_key, size_t master_keylen)
-                           const unsigned int master_keylen)
 {
        u8 *derived_buf;
        unsigned int derived_buf_len;
@@ -340,8 +337,8 @@ static int get_derived_key(u8 *derived_key, enum derived_key_type key_type,
 }
 static int init_blkcipher_desc(struct blkcipher_desc *desc, const u8 *key,
-                               const unsigned int key_len, const u8 *iv,
+                               unsigned int key_len, const u8 *iv,
-                               const unsigned int ivsize)
+                               unsigned int ivsize)
 {
        int ret;
@@ -364,8 +361,7 @@ static int init_blkcipher_desc(struct blkcipher_desc *desc, const u8 *key,
 }
 static struct key *request_master_key(struct encrypted_key_payload *epayload,
-                                      u8 **master_key,
+                                      u8 **master_key, size_t *master_keylen)
-                                      unsigned int *master_keylen)
 {
        struct key *mkey = NULL;
@@ -394,7 +390,7 @@ out:
 /* Before returning data to userspace, encrypt decrypted data. */
 static int derived_key_encrypt(struct encrypted_key_payload *epayload,
                               const u8 *derived_key,
-                               const unsigned int derived_keylen)
+                               unsigned int derived_keylen)
 {
        struct scatterlist sg_in[2];
        struct scatterlist sg_out[1];
@@ -433,8 +429,7 @@ out:
 }
 static int datablob_hmac_append(struct encrypted_key_payload *epayload,
-                                const u8 *master_key,
+                                const u8 *master_key, size_t master_keylen)
-                                const unsigned int master_keylen)
 {
        u8 derived_key[HASH_SIZE];
        u8 *digest;
@@ -455,8 +450,7 @@ out:
 /* verify HMAC before decrypting encrypted key */
 static int datablob_hmac_verify(struct encrypted_key_payload *epayload,
-                                const u8 *master_key,
+                                const u8 *master_key, size_t master_keylen)
-                                const unsigned int master_keylen)
 {
        u8 derived_key[HASH_SIZE];
        u8 digest[HASH_SIZE];
@@ -485,7 +479,7 @@ out:
 static int derived_key_decrypt(struct encrypted_key_payload *epayload,
                               const u8 *derived_key,
-                               const unsigned int derived_keylen)
+                               unsigned int derived_keylen)
 {
        struct scatterlist sg_in[1];
        struct scatterlist sg_out[2];
@@ -506,7 +500,7 @@ static int derived_key_decrypt(struct encrypted_key_payload *epayload,
        sg_init_table(sg_out, 2);
        sg_set_buf(sg_in, epayload->encrypted_data, encrypted_datalen);
        sg_set_buf(&sg_out[0], epayload->decrypted_data,
-                   (unsigned int)epayload->decrypted_datalen);
+                   epayload->decrypted_datalen);
        sg_set_buf(&sg_out[1], pad, sizeof pad);
        ret = crypto_blkcipher_decrypt(&desc, sg_out, sg_in, encrypted_datalen);
@@ -563,8 +557,8 @@ static int encrypted_key_decrypt(struct encrypted_key_payload *epayload,
        u8 *master_key;
        u8 *hmac;
        const char *hex_encoded_data;
-        unsigned int master_keylen;
        unsigned int encrypted_datalen;
+        size_t master_keylen;
        size_t asciilen;
        int ret;
@@ -765,7 +759,7 @@ static long encrypted_read(const struct key *key, char __user *buffer,
        struct encrypted_key_payload *epayload;
        struct key *mkey;
        u8 *master_key;
-        unsigned int master_keylen;
+        size_t master_keylen;
        char derived_key[HASH_SIZE];
        char *ascii_buf;
        size_t asciiblob_len;
diff --git a/security/keys/encrypted_defined.h b/security/keys/encrypted_defined.h
index c298a3f1cf70..cef5e2f2b7d1 100644
--- a/security/keys/encrypted_defined.h
+++ b/security/keys/encrypted_defined.h
@@ -4,8 +4,7 @@
 #define ENCRYPTED_DEBUG 0
 #if ENCRYPTED_DEBUG
-static inline void dump_master_key(const u8 *master_key,
+static inline void dump_master_key(const u8 *master_key, size_t master_keylen)
-                                   unsigned int master_keylen)
 {
        print_hex_dump(KERN_ERR, "master key: ", DUMP_PREFIX_NONE, 32, 1,
                       master_key, master_keylen, 0);
@@ -34,8 +33,7 @@ static inline void dump_hmac(const char *str, const u8 *digest,
                       hmac_size, 0);
 }
 #else
-static inline void dump_master_key(const u8 *master_key,
+static inline void dump_master_key(const u8 *master_key, size_t master_keylen)
-                                   unsigned int master_keylen)
 {
 }
author	Mimi Zohar <zohar@linux.vnet.ibm.com>	2010-12-13 16:53:13 -0500
committer	James Morris <jmorris@namei.org>	2010-12-15 01:44:34 -0500
commit	3b1826cebe1d534ec05417a29b9a9f82651a5cb5 (patch)
tree	38fc352e647df90c86a0b03722eff8f66b7eb607 /security
parent	1f35065a9e2573427ce3fd6c4a40b355c2ddfb92 (diff)