github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-06-20 20:53:46 +00:00
Code Issues Projects Releases Wiki Activity

hv: fix violations in md.c md.h and md_internal.h for crypto lib

Browse Source 
-remove goto
-remove multiple return
-Modify assignment operator in boolean expression
-Modify/fix code style violations
-fix attempt to change parameters passed by value
-fix value need U suffix
-fix use of mixed arithmetic
-fix assigment in expression
-other fixes

Tracked-On: #861
Signed-off-by: Chen Gang G <gang.g.chen@intel.com>
Reviewed-by: Bing Zhu <bing.zhu@intel.com>
Acked-by: Eddie Dong <eddie.dong@intel.com>
This commit is contained in:
Chen Gang G 2018-12-27 15:47:13 +08:00 committed by wenlingz
parent c230a1a6c8
commit ddf1c923ce
3 changed files with 146 additions and 336 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

271
hypervisor/lib/crypto/mbedtls/md.c
View File

@ -31,191 +31,150 @@
/* /*
* Reminder: update profiles in x509_crt.c when adding a new hash! * Reminder: update profiles in x509_crt.c when adding a new hash!
*/ */
static const int32_t supported_digests[] = {
MBEDTLS_MD_SHA256,
MBEDTLS_MD_NONE
};
const int32_t *mbedtls_md_list( void )
{
return( supported_digests );
}
const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type) const mbedtls_md_info_t *mbedtls_md_info_from_type(mbedtls_md_type_t md_type)
{ {
const mbedtls_md_info_t *md_info;
switch (md_type) switch (md_type)
{ {
case MBEDTLS_MD_SHA256: case MBEDTLS_MD_SHA256:
return( &mbedtls_sha256_info ); md_info = &mbedtls_sha256_info;
break;
default: default:
return( NULL ); md_info = NULL;
break;
} }
return md_info;
} }
void mbedtls_md_init(mbedtls_md_context_t *ctx) void mbedtls_md_init(mbedtls_md_context_t *ctx)
{ {
memset( ctx, 0, sizeof( mbedtls_md_context_t ) ); (void) memset(ctx, 0U, sizeof(mbedtls_md_context_t));
} }
void mbedtls_md_free(mbedtls_md_context_t *ctx) void mbedtls_md_free(mbedtls_md_context_t *ctx)
{ {
if( ctx == NULL ) if (ctx != NULL) {
(void) mbedtls_platform_zeroize(ctx, sizeof(mbedtls_md_context_t));
}
return; return;
mbedtls_platform_zeroize( ctx, sizeof( mbedtls_md_context_t ) );
}
int32_t mbedtls_md_clone( mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src )
{
if( dst == NULL || dst->md_info == NULL ||
src == NULL || src->md_info == NULL ||
dst->md_info != src->md_info )
{
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
}
dst->md_info->clone_func( dst->md_ctx, src->md_ctx );
return( 0 );
} }
int32_t mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info) int32_t mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info)
{ {
if( md_info == NULL || ctx == NULL ) int32_t ret = 0;
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
if ((md_info == NULL) || (ctx == NULL)) {
ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
} else {
ctx->md_info = md_info; ctx->md_info = md_info;
return( 0 );
} }
int32_t mbedtls_md_starts( mbedtls_md_context_t *ctx ) return ret;
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->starts_func( ctx->md_ctx ) );
}
int32_t mbedtls_md_update( mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) );
}
int32_t mbedtls_md_finish( mbedtls_md_context_t *ctx, uint8_t *output )
{
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
}
int32_t mbedtls_md( const mbedtls_md_info_t *md_info, const uint8_t *input, size_t ilen,
uint8_t *output )
{
if( md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( md_info->digest_func( input, ilen, output ) );
} }
int32_t mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const uint8_t *key, size_t keylen) int32_t mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const uint8_t *key, size_t keylen)
{ {
int32_t ret; int32_t ret = 0;
uint8_t sum[MBEDTLS_MD_MAX_SIZE]; uint8_t sum[MBEDTLS_MD_MAX_SIZE];
uint8_t *ipad, *opad; uint8_t *ipad, *opad;
const uint8_t *temp_key = key;
size_t i; size_t i;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if ((ctx == NULL) || (ctx->md_info == NULL) || (ctx->hmac_ctx == NULL) || (temp_key == NULL)) {
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
if( keylen > (size_t) ctx->md_info->block_size )
{
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, key, keylen ) ) != 0 )
goto cleanup;
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, sum ) ) != 0 )
goto cleanup;
keylen = ctx->md_info->size;
key = sum;
} }
if (ret == 0) {
if (keylen > ctx->md_info->block_size) {
ret = ctx->md_info->starts_func((void *) ctx->md_ctx);
if (ret == 0) {
ret = ctx->md_info->update_func((void *) ctx->md_ctx, temp_key, keylen);
if (ret == 0) {
ret = ctx->md_info->finish_func((void *) ctx->md_ctx, sum);
}
}
if (ret == 0) {
keylen = (size_t) ctx->md_info->size;
temp_key = sum;
}
}
if (ret == 0) {
ipad = (uint8_t *) ctx->hmac_ctx; ipad = (uint8_t *) ctx->hmac_ctx;
opad = (uint8_t *) ctx->hmac_ctx + ctx->md_info->block_size; opad = (uint8_t *) ctx->hmac_ctx + ctx->md_info->block_size;
memset( ipad, 0x36, ctx->md_info->block_size ); (void) memset(ipad, 0x36U, ctx->md_info->block_size);
memset( opad, 0x5C, ctx->md_info->block_size ); (void) memset(opad, 0x5CU, ctx->md_info->block_size);
for( i = 0; i < keylen; i++ ) for(i = 0U; i < keylen; i++) {
{ *(ipad + i) = (uint8_t) (*(ipad + i) ^ *(temp_key + i));
ipad[i] = (uint8_t)( ipad[i] ^ key[i] ); *(opad + i) = (uint8_t) (*(opad + i) ^ *(temp_key + i));
opad[i] = (uint8_t)( opad[i] ^ key[i] );
} }
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) ret = ctx->md_info->starts_func((void *) ctx->md_ctx);
goto cleanup; if (ret == 0) {
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, ipad, ret = ctx->md_info->update_func((void *) ctx->md_ctx, ipad,
ctx->md_info->block_size ) ) != 0 ) ctx->md_info->block_size);
goto cleanup; }
}
(void) mbedtls_platform_zeroize(sum, sizeof(sum));
}
cleanup: return ret;
mbedtls_platform_zeroize( sum, sizeof( sum ) );
return( ret );
} }
int32_t mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen) int32_t mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen)
{ {
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) int32_t ret;
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->update_func( ctx->md_ctx, input, ilen ) ); if ((ctx == NULL) || (ctx->md_info == NULL) || (ctx->hmac_ctx == NULL)) {
ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
} else {
ret = ctx->md_info->update_func((void *) ctx->md_ctx, input, ilen);
}
return ret;
} }
int32_t mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, uint8_t *output) int32_t mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, uint8_t *output)
{ {
int32_t ret; int32_t ret = 0;
uint8_t tmp[MBEDTLS_MD_MAX_SIZE]; uint8_t tmp[MBEDTLS_MD_MAX_SIZE];
uint8_t *opad; uint8_t *opad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) if ((ctx == NULL) || (ctx->md_info == NULL) || (ctx->hmac_ctx == NULL)) {
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
opad = (uint8_t *) ctx->hmac_ctx + ctx->md_info->block_size;
if( ( ret = ctx->md_info->finish_func( ctx->md_ctx, tmp ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, opad,
ctx->md_info->block_size ) ) != 0 )
return( ret );
if( ( ret = ctx->md_info->update_func( ctx->md_ctx, tmp,
ctx->md_info->size ) ) != 0 )
return( ret );
return( ctx->md_info->finish_func( ctx->md_ctx, output ) );
} }
int32_t mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx ) if (ret == 0) {
{ opad = (uint8_t *) ctx->hmac_ctx + ctx->md_info->block_size;
int32_t ret;
uint8_t *ipad;
if( ctx == NULL || ctx->md_info == NULL || ctx->hmac_ctx == NULL ) ret = ctx->md_info->finish_func((void *) ctx->md_ctx, tmp);
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); if (ret == 0) {
ret = ctx->md_info->starts_func((void *) ctx->md_ctx);
}
}
ipad = (uint8_t *) ctx->hmac_ctx; if (ret == 0) {
ret = ctx->md_info->update_func((void *) ctx->md_ctx, opad,
ctx->md_info->block_size);
if (ret == 0) {
ret = ctx->md_info->update_func((void *) ctx->md_ctx, tmp,
ctx->md_info->size);
}
if( ( ret = ctx->md_info->starts_func( ctx->md_ctx ) ) != 0 ) if (ret == 0) {
return( ret ); ret = ctx->md_info->finish_func((void *) ctx->md_ctx,
return( ctx->md_info->update_func( ctx->md_ctx, ipad, (uint8_t *) output);
ctx->md_info->block_size ) ); }
}
return ret;
} }
int32_t mbedtls_md_hmac(const mbedtls_md_info_t *md_info, int32_t mbedtls_md_hmac(const mbedtls_md_info_t *md_info,
@ -224,49 +183,41 @@ int32_t mbedtls_md_hmac( const mbedtls_md_info_t *md_info,
uint8_t *output) uint8_t *output)
{ {
mbedtls_md_context_t ctx; mbedtls_md_context_t ctx;
int32_t ret; int32_t ret = 0;
if( md_info == NULL ) if (md_info == NULL) {
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA ); ret = MBEDTLS_ERR_MD_BAD_INPUT_DATA;
mbedtls_md_init( &ctx );
if( ( ret = mbedtls_md_setup( &ctx, md_info ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_starts( &ctx, key, keylen ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_update( &ctx, input, ilen ) ) != 0 )
goto cleanup;
if( ( ret = mbedtls_md_hmac_finish( &ctx, output ) ) != 0 )
goto cleanup;
cleanup:
mbedtls_md_free( &ctx );
return( ret );
} }
int32_t mbedtls_md_process( mbedtls_md_context_t *ctx, const uint8_t *data ) if (ret == 0) {
{ mbedtls_md_init(&ctx);
if( ctx == NULL || ctx->md_info == NULL )
return( MBEDTLS_ERR_MD_BAD_INPUT_DATA );
return( ctx->md_info->process_func( ctx->md_ctx, data ) ); ret = mbedtls_md_setup(&ctx, md_info);
if (ret == 0) {
ret = mbedtls_md_hmac_starts(&ctx, key, keylen);
}
if (ret == 0) {
ret = mbedtls_md_hmac_update(&ctx, input, ilen);
}
if (ret == 0) {
ret = mbedtls_md_hmac_finish(&ctx, output);
}
mbedtls_md_free(&ctx);
}
return ret;
} }
uint8_t mbedtls_md_get_size(const mbedtls_md_info_t *md_info) uint8_t mbedtls_md_get_size(const mbedtls_md_info_t *md_info)
{ {
if( md_info == NULL ) uint8_t ret = 0U;
return( 0 );
return md_info->size; if (md_info != NULL) {
ret = (uint8_t) md_info->size;
} }
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info ) return ret;
{
if( md_info == NULL )
return( MBEDTLS_MD_NONE );
return md_info->type;
} }

149
hypervisor/lib/crypto/mbedtls/md.h
View File

@ -36,7 +36,7 @@
#define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */ #define MBEDTLS_ERR_MD_FILE_IO_ERROR -0x5200 /**< Opening or reading of file failed. */
#define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */ #define MBEDTLS_ERR_MD_HW_ACCEL_FAILED -0x5280 /**< MD hardware accelerator failed. */
#define mbedtls_platform_zeroize(buf, len) memset(buf, 0, len) #define mbedtls_platform_zeroize(buf, len) memset((buf), 0U, (len))
/** /**
* \brief Supported message digests. * \brief Supported message digests.
@ -71,17 +71,6 @@ typedef struct {
uint8_t hmac_ctx[128]; uint8_t hmac_ctx[128];
} mbedtls_md_context_t; } mbedtls_md_context_t;
/**
* \brief This function returns the list of digests supported by the
* generic digest module.
*
* \return A statically allocated array of digests. Each element
* in the returned list is an integer belonging to the
* message-digest enumeration #mbedtls_md_type_t.
* The last entry is 0.
*/
const int32_t *mbedtls_md_list( void );
/** /**
* \brief This function returns the message-digest information * \brief This function returns the message-digest information
* associated with the given digest type. * associated with the given digest type.
@ -137,28 +126,6 @@ void mbedtls_md_free( mbedtls_md_context_t *ctx );
*/ */
int32_t mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info); int32_t mbedtls_md_setup(mbedtls_md_context_t *ctx, const mbedtls_md_info_t *md_info);
/**
* \brief This function clones the state of an message-digest
* context.
*
* \note You must call mbedtls_md_setup() on \c dst before calling
* this function.
*
* \note The two contexts must have the same type,
* for example, both are SHA-256.
*
* \warning This function clones the message-digest state, not the
* HMAC state.
*
* \param dst The destination context.
* \param src The context to be cloned.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification failure.
*/
int32_t mbedtls_md_clone( mbedtls_md_context_t *dst,
const mbedtls_md_context_t *src );
/** /**
* \brief This function extracts the message-digest size from the * \brief This function extracts the message-digest size from the
* message-digest information structure. * message-digest information structure.
@ -170,91 +137,6 @@ int32_t mbedtls_md_clone( mbedtls_md_context_t *dst,
*/ */
uint8_t mbedtls_md_get_size(const mbedtls_md_info_t *md_info); uint8_t mbedtls_md_get_size(const mbedtls_md_info_t *md_info);
/**
* \brief This function extracts the message-digest type from the
* message-digest information structure.
*
* \param md_info The information structure of the message-digest algorithm
* to use.
*
* \return The type of the message digest.
*/
mbedtls_md_type_t mbedtls_md_get_type( const mbedtls_md_info_t *md_info );
/**
* \brief This function starts a message-digest computation.
*
* You must call this function after setting up the context
* with mbedtls_md_setup(), and before passing data with
* mbedtls_md_update().
*
* \param ctx The generic message-digest context.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int32_t mbedtls_md_starts( mbedtls_md_context_t *ctx );
/**
* \brief This function feeds an input buffer into an ongoing
* message-digest computation.
*
* You must call mbedtls_md_starts() before calling this
* function. You may call this function multiple times.
* Afterwards, call mbedtls_md_finish().
*
* \param ctx The generic message-digest context.
* \param input The buffer holding the input data.
* \param ilen The length of the input data.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int32_t mbedtls_md_update( mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen );
/**
* \brief This function finishes the digest operation,
* and writes the result to the output buffer.
*
* Call this function after a call to mbedtls_md_starts(),
* followed by any number of calls to mbedtls_md_update().
* Afterwards, you may either clear the context with
* mbedtls_md_free(), or call mbedtls_md_starts() to reuse
* the context for another digest operation with the same
* algorithm.
*
* \param ctx The generic message-digest context.
* \param output The buffer for the generic message-digest checksum result.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int32_t mbedtls_md_finish( mbedtls_md_context_t *ctx, uint8_t *output );
/**
* \brief This function calculates the message-digest of a buffer,
* with respect to a configurable message-digest algorithm
* in a single call.
*
* The result is calculated as
* Output = message_digest(input buffer).
*
* \param md_info The information structure of the message-digest algorithm
* to use.
* \param input The buffer holding the data.
* \param ilen The length of the input data.
* \param output The generic message-digest checksum result.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int32_t mbedtls_md( const mbedtls_md_info_t *md_info, const uint8_t *input, size_t ilen,
uint8_t *output );
/** /**
* \brief This function sets the HMAC key and prepares to * \brief This function sets the HMAC key and prepares to
* authenticate a new message. * authenticate a new message.
@ -273,8 +155,7 @@ int32_t mbedtls_md( const mbedtls_md_info_t *md_info, const uint8_t *input, size
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure. * failure.
*/ */
int32_t mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const uint8_t *key, int32_t mbedtls_md_hmac_starts(mbedtls_md_context_t *ctx, const uint8_t *key, size_t keylen);
size_t keylen );
/** /**
* \brief This function feeds an input buffer into an ongoing HMAC * \brief This function feeds an input buffer into an ongoing HMAC
@ -295,8 +176,7 @@ int32_t mbedtls_md_hmac_starts( mbedtls_md_context_t *ctx, const uint8_t *key,
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification * \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure. * failure.
*/ */
int32_t mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const uint8_t *input, int32_t mbedtls_md_hmac_update(mbedtls_md_context_t *ctx, const uint8_t *input, size_t ilen);
size_t ilen );
/** /**
* \brief This function finishes the HMAC operation, and writes * \brief This function finishes the HMAC operation, and writes
@ -318,23 +198,6 @@ int32_t mbedtls_md_hmac_update( mbedtls_md_context_t *ctx, const uint8_t *input,
*/ */
int32_t mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, uint8_t *output); int32_t mbedtls_md_hmac_finish(mbedtls_md_context_t *ctx, uint8_t *output);
/**
* \brief This function prepares to authenticate a new message with
* the same key as the previous HMAC operation.
*
* You may call this function after mbedtls_md_hmac_finish().
* Afterwards call mbedtls_md_hmac_update() to pass the new
* input.
*
* \param ctx The message digest context containing an embedded HMAC
* context.
*
* \return \c 0 on success.
* \return #MBEDTLS_ERR_MD_BAD_INPUT_DATA on parameter-verification
* failure.
*/
int32_t mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
/** /**
* \brief This function calculates the full generic HMAC * \brief This function calculates the full generic HMAC
* on the input buffer with the provided key. * on the input buffer with the provided key.
@ -358,10 +221,6 @@ int32_t mbedtls_md_hmac_reset( mbedtls_md_context_t *ctx );
* failure. * failure.
*/ */
int32_t mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const uint8_t *key, size_t keylen, int32_t mbedtls_md_hmac(const mbedtls_md_info_t *md_info, const uint8_t *key, size_t keylen,
const uint8_t *input, size_t ilen, const uint8_t *input, size_t ilen, uint8_t *output);
uint8_t *output );
/* Internal use */
int32_t mbedtls_md_process( mbedtls_md_context_t *ctx, const uint8_t *data );
#endif /* MBEDTLS_MD_H */ #endif /* MBEDTLS_MD_H */

2
hypervisor/lib/crypto/mbedtls/md_internal.h
View File

@ -47,7 +47,7 @@ struct mbedtls_md_info_t
int32_t size; int32_t size;
/** Block length of the digest function in bytes */ /** Block length of the digest function in bytes */
int32_t block_size; size_t block_size;
/** Digest initialisation function */ /** Digest initialisation function */
int32_t (*starts_func)( void *ctx ); int32_t (*starts_func)( void *ctx );