Message ID | 20221006130837.17587-5-pankaj.gupta@nxp.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | Hardware Bound key added to Trusted Key-Ring | expand |
In the short summary, please try to use imperative form and accurate names. "Checking" means nothing. On Thu, Oct 06, 2022 at 06:38:33PM +0530, Pankaj Gupta wrote: > Checking for hw bound key. If yes, > - skipping the key-length validation to fall in min-max range. What does "-" mean here? I seriously cannot interpret what I'm reading. > > Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> > --- > crypto/skcipher.c | 3 ++- > 1 file changed, 2 insertions(+), 1 deletion(-) > > diff --git a/crypto/skcipher.c b/crypto/skcipher.c > index 418211180cee..0f2d0228d73e 100644 > --- a/crypto/skcipher.c > +++ b/crypto/skcipher.c > @@ -598,7 +598,8 @@ int crypto_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, > unsigned long alignmask = crypto_skcipher_alignmask(tfm); > int err; > > - if (keylen < cipher->min_keysize || keylen > cipher->max_keysize) > + if ((!tfm->base.is_hbk) > + && (keylen < cipher->min_keysize || keylen > cipher->max_keysize)) > return -EINVAL; > > if ((unsigned long)key & alignmask) > -- > 2.17.1 > BR, Jarkko
diff --git a/crypto/skcipher.c b/crypto/skcipher.c index 418211180cee..0f2d0228d73e 100644 --- a/crypto/skcipher.c +++ b/crypto/skcipher.c @@ -598,7 +598,8 @@ int crypto_skcipher_setkey(struct crypto_skcipher *tfm, const u8 *key, unsigned long alignmask = crypto_skcipher_alignmask(tfm); int err; - if (keylen < cipher->min_keysize || keylen > cipher->max_keysize) + if ((!tfm->base.is_hbk) + && (keylen < cipher->min_keysize || keylen > cipher->max_keysize)) return -EINVAL; if ((unsigned long)key & alignmask)
Checking for hw bound key. If yes, - skipping the key-length validation to fall in min-max range. Signed-off-by: Pankaj Gupta <pankaj.gupta@nxp.com> --- crypto/skcipher.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)