fix violation in crypto lib #1
Conversation
hypervisor/lib/crypto/crypto_api.c
Outdated
| salt, salt_len, | ||
| secret, secret_len, | ||
| info, info_len, | ||
| out_key, out_len) != 0) { |
hypervisor/lib/crypto/crypto_api.c
Outdated
| if (mbedtls_md_hmac(md, | ||
| secret, secret_len, | ||
| salt, salt_len, | ||
| out_key) != 0) { |
hypervisor/lib/crypto/mbedtls/hkdf.c
Outdated
| uint8_t c = (uint8_t)(i & 0xffU); | ||
|
|
||
| ret = mbedtls_md_hmac_starts( &ctx, prk, prk_len ); | ||
| if ( ret != 0 ) { |
There was a problem hiding this comment.
IMHO, could we change this style to
if (ret == 0) {
ret = ...;
}
| break; | ||
| } | ||
|
|
||
| num_to_copy = (i != n) ? hash_len : (okm_len - where); |
hypervisor/lib/crypto/mbedtls/hkdf.c
Outdated
| } | ||
|
|
||
| exit: | ||
| mbedtls_md_free( &ctx ); |
There was a problem hiding this comment.
the original logic return MBEDTLS_ERR_HKDF_BAD_INPUT_DATA will not do these ?
| void mbedtls_sha256_free( mbedtls_sha256_context *ctx ) | ||
| { | ||
| if( ctx == NULL ) | ||
| if ( ctx == NULL ) |
| P( A[3], A[4], A[5], A[6], A[7], A[0], A[1], A[2], R(i+5), K[i+5] ); | ||
| P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], R(i+6), K[i+6] ); | ||
| P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], R(i+7), K[i+7] ); | ||
|
|
There was a problem hiding this comment.
" for( i = 0; i < 16; i += 8 )" violate "271S: For loop incrementation is not simple."
hypervisor/lib/crypto/mbedtls/md.c
Outdated
| } | ||
|
|
||
| return( md_info->digest_func( input, ilen, output ) ); | ||
| return( ret ); |
There was a problem hiding this comment.
some functions are removed due to not used. So the patch seems hard to review. The last function is here.
219 uint8_t mbedtls_md_get_size( const mbedtls_md_info_t *md_info )
220 {
221 uint8_t ret = 0U;
222
223 if ( md_info != NULL ) {
224 ret = (uint8_t) md_info->size;
225 }
226
227 return ( ret );
228 }
|
|
||
| ctx->buffer[used] = 0x80U; | ||
|
|
||
| ctx->buffer[used++] = 0x80; |
| if (ret == 0) { | ||
| memset( ctx->buffer, 0U, 56U ); | ||
| } else { | ||
| ret = 1; |
There was a problem hiding this comment.
yes, will resolve it
hypervisor/lib/crypto/crypto_api.c
Outdated
| salt, salt_len, | ||
| secret, secret_len, | ||
| info, info_len, | ||
| out_key, out_len) != 0) { |
There was a problem hiding this comment.
Please merge these lines into one line and kindly apply this rule to the whole patch.
The line limit is 120 columns instead of 80 columns for ACRN.
hypervisor/lib/crypto/mbedtls/hkdf.c
Outdated
| if( ret == 0 ) | ||
| { | ||
| ret = mbedtls_hkdf_expand( md, prk, mbedtls_md_get_size( md ), | ||
| if ( ret == 0 ) { |
There was a problem hiding this comment.
Please remove the unnecessary space before and after brackets and kindly apply this rule to the whole patch.
if (ret == 0)
There was a problem hiding this comment.
All the code was ported from 3rd lib, the code style is different from acrn. But anyway, I will modify them since so many codes are changed.
hypervisor/lib/crypto/mbedtls/hkdf.c
Outdated
| * Compute T = T(1) | T(2) | T(3) | ... | T(N) | ||
| * Where T(N) is defined in RFC 5869 Section 2.3 | ||
| */ | ||
| for ( i = 1; i <= n; i++ ) { |
| */ | ||
| for ( i = 1; i <= n; i++ ) { | ||
| size_t num_to_copy; | ||
| uint8_t c = (uint8_t)(i & 0xffU); |
hypervisor/lib/crypto/mbedtls/hkdf.c
Outdated
| /* The constant concatenated to the end of each T(n) is a single octet. | ||
| * */ | ||
| if ( ret == 0 ) { | ||
| ret = mbedtls_md_hmac_update( &ctx, &c, 1 ); |
There was a problem hiding this comment.
1U
Please check all the constant usages in your patches.
U for uint8_t, uint16_t, uint32_t, size_t
UL for uint64_t
hypervisor/lib/crypto/mbedtls/md.c
Outdated
|
|
||
| for( i = 0U; i < keylen; i++ ) { | ||
| *( ipad + i ) = (uint8_t)( *( ipad + i ) ^ *( temp_key + i ) ); | ||
| *( opad + i ) = (uint8_t)( *( opad + i ) ^ *( temp_key + i ) ); |
There was a problem hiding this comment.
change to
*(opad + i) = (uint8_t)((*(opad + i)) ^ (*(temp_key + i)));
There was a problem hiding this comment.
same as previous, done
| #define SHR(x,n) ((x & 0xFFFFFFFF) >> n) | ||
| #define ROTR(x,n) (SHR(x,n) | (x << (32 - n))) | ||
| #define SHR(x,n) (((x) & 0xFFFFFFFF) >> (n)) | ||
| #define ROTR(x,n) (SHR((x),(n)) | ((x) << (32 - (n)))) |
There was a problem hiding this comment.
Please use inline functions rather than MACRO for these function-like MACRO. Same for the others.
There was a problem hiding this comment.
I'd like to keep the original code what it is since all the code are ported from 3rd and this is only advisory rule.
| P( A[2], A[3], A[4], A[5], A[6], A[7], A[0], A[1], W[i+6], K[i+6] ); | ||
| P( A[1], A[2], A[3], A[4], A[5], A[6], A[7], A[0], W[i+7], K[i+7] ); | ||
|
|
||
| i += 8; |
There was a problem hiding this comment.
Moving the loop counter inside loop body violates another rule.
Modification of loop counter in loop body.
A loop counter used within a for loop for iteration shall not be modified in the body of the loop. Modification of the loop counter makes code difficult to read and maintain.
One suggestion:
add a local variable inside loop body to get the right index from the loop counter.
There was a problem hiding this comment.
what is about keep the original code? I don't think it is complex code.
| ret = mbedtls_internal_sha256_process( ctx, ctx->buffer ); | ||
| if (ret == 0) { | ||
| data += fill; | ||
| len -= fill; |
There was a problem hiding this comment.
remove the extra space, same for the others
| return( 0 ); | ||
| } | ||
|
|
||
| static const uint32_t K[] = |
There was a problem hiding this comment.
it is better to use lower case for variable name
There was a problem hiding this comment.
I'd like to keep it.
-remove goto -remove multiple return -Modify assignment operator in boolean expression -Modify/fix code style violations -fix attempt to change parameters passed by value -fix value need U suffix -fix use of mixed arithmetic -fix assigment in expression -other fix Tracked-On: projectacrn#861 Signed-off-by: Chen Gang G <gang.g.chen@intel.com> Reviewed-by: Bing Zhu <bing.zhu@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
-remove goto -remove multiple return -Modify assignment operator in boolean expression -Modify/fix code style violations -fix attempt to change parameters passed by value -fix value need U suffix -fix use of mixed arithmetic -fix assigment in expression -other fixes Tracked-On: projectacrn#861 Signed-off-by: Chen Gang G <gang.g.chen@intel.com> Reviewed-by: Bing Zhu <bing.zhu@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
-remove goto -remove multiple return -Modify assignment operator in boolean expression -Modify/fix code style violations -fix attempt to change parameters passed by value -fix value need U suffix -fix use of mixed arithmetic -fix assigment in expression -other fixes Tracked-On: projectacrn#861 Signed-off-by: Chen Gang G <gang.g.chen@intel.com> Reviewed-by: Bing Zhu <bing.zhu@intel.com> Acked-by: Eddie Dong <eddie.dong@intel.com>
No description provided.