uadk_engine/0066-uadk_engine-cleanup-magic-number-and-comments.patch

From 20049f2becb9cc339276d4839f6d9f909273f5a5 Mon Sep 17 00:00:00 2001
From: Zhiqi Song <songzhiqi1@huawei.com>
Date: Sat, 22 Oct 2022 15:54:51 +0800
Subject: uadk_engine: cleanup magic number and comments

Use macros to replace magic numbers and related operations.
Simplify code comments and unify style.

Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com>
---
 src/uadk_cipher.c |  4 +---
 src/uadk_dh.c     |  5 ++---
 src/uadk_digest.c |  2 +-
 src/uadk_ec.c     | 51 ++++++++++++++++++++++++++-------------------------
 src/uadk_ecx.c    | 40 +++++++++++++++++++++++-----------------
 src/uadk_pkey.c   |  9 ++++-----
 src/uadk_pkey.h   |  6 +++++-
 src/uadk_rsa.c    | 25 ++++++++++---------------
 src/uadk_sm2.c    | 23 ++++++++++++-----------
 9 files changed, 84 insertions(+), 81 deletions(-)

diff --git a/src/uadk_cipher.c b/src/uadk_cipher.c
index 14e2af2..de5f078 100644
--- a/src/uadk_cipher.c
+++ b/src/uadk_cipher.c
@@ -480,13 +480,11 @@ static __u32 sched_single_pick_next_ctx(handle_t sched_ctx,
 	struct sched_params *key = (struct sched_params *)sched_key;
 
 	if (sched_mode) {
-		/* async */
 		if (key->type == WD_CIPHER_ENCRYPTION)
 			return CTX_ASYNC_ENC;
 		else
 			return CTX_ASYNC_DEC;
 	} else {
-		/* sync */
 		if (key->type == WD_CIPHER_ENCRYPTION)
 			return CTX_SYNC_ENC;
 		else
@@ -744,7 +742,7 @@ static void async_cb(struct wd_cipher_req *req, void *data)
 	}
 }
 
-/* increment counter (128-bit int) by c */
+/* Increment counter (128-bit int) by c */
 static void ctr_iv_inc(uint8_t *counter, __u32 c)
 {
 	uint32_t n = CTR_128BIT_COUNTER;
diff --git a/src/uadk_dh.c b/src/uadk_dh.c
index 2af2455..6356872 100644
--- a/src/uadk_dh.c
+++ b/src/uadk_dh.c
@@ -603,7 +603,7 @@ static int dh_fill_genkey_req(const BIGNUM *g, const BIGNUM *p,
 	if (!ag_bin)
 		return UADK_E_FAIL;
 
-	/* malloc a contiguous chunk of memory */
+	/* Malloc a contiguous chunk of memory */
 	apriv_key_bin =  OPENSSL_malloc(key_size * DH_PARAMS_CNT);
 	if (!apriv_key_bin)
 		goto free_ag;
@@ -615,7 +615,7 @@ static int dh_fill_genkey_req(const BIGNUM *g, const BIGNUM *p,
 	memset(ap_bin, 0, key_size);
 	memset(out_pri, 0, key_size);
 
-	/* construct data block of g */
+	/* Construct data block of g */
 	ret = dh_set_g(g, key_size, ag_bin, dh_sess);
 	if (!ret)
 		goto free_apriv;
@@ -623,7 +623,6 @@ static int dh_fill_genkey_req(const BIGNUM *g, const BIGNUM *p,
 	dh_sess->req.xbytes = BN_bn2bin(priv_key, apriv_key_bin);
 	dh_sess->req.pbytes = BN_bn2bin(p, ap_bin);
 	dh_sess->req.x_p = (void *)apriv_key_bin;
-	/* the output from uadk */
 	dh_sess->req.pri = out_pri;
 	dh_sess->req.pri_bytes = key_size;
 	dh_sess->req.op_type = WD_DH_PHASE1;
diff --git a/src/uadk_digest.c b/src/uadk_digest.c
index 9568a98..9d009a9 100644
--- a/src/uadk_digest.c
+++ b/src/uadk_digest.c
@@ -71,7 +71,7 @@ static struct digest_engine engine;
 
 struct evp_md_ctx_st {
 	const EVP_MD *digest;
-	/* functional reference if 'digest' is ENGINE-provided */
+	/* Functional reference if 'digest' is ENGINE-provided */
 	ENGINE *engine;
 	unsigned long flags;
 	void *md_data;
diff --git a/src/uadk_ec.c b/src/uadk_ec.c
index 247b875..9b48ae7 100644
--- a/src/uadk_ec.c
+++ b/src/uadk_ec.c
@@ -27,23 +27,23 @@
 #include "uadk.h"
 
 #define ECC128BITS	128
-#define ECC192BITS      192
-#define ECC224BITS      224
-#define ECC256BITS      256
-#define ECC320BITS      320
-#define ECC384BITS      384
-#define ECC521BITS      521
+#define ECC192BITS	192
+#define ECC224BITS	224
+#define ECC256BITS	256
+#define ECC320BITS	320
+#define ECC384BITS	384
+#define ECC521BITS	521
 
 struct curve_param {
-	/* prime */
+	/* Prime */
 	BIGNUM *p;
-	/* ecc coefficient 'a' */
+	/* ECC coefficient 'a' */
 	BIGNUM *a;
-	/* ecc coefficient 'b' */
+	/* ECC coefficient 'b' */
 	BIGNUM *b;
-	/* base point */
+	/* Base point */
 	const EC_POINT *g;
-	/* order of base point */
+	/* Order of base point */
 	const BIGNUM *order;
 };
 
@@ -176,7 +176,6 @@ free_ctx:
 
 static int get_smallest_hw_keybits(int bits)
 {
-	/* ec curve order width */
 	if (bits > ECC384BITS)
 		return ECC521BITS;
 	else if (bits > ECC320BITS)
@@ -283,7 +282,7 @@ static int eckey_check(const EC_KEY *eckey)
 		return -1;
 	}
 
-	/* field GF(2m) is not supported by uadk */
+	/* Field GF(2m) is not supported by uadk */
 	if (!uadk_prime_field(group))
 		return UADK_DO_SOFT;
 
@@ -336,22 +335,25 @@ static int set_digest(handle_t sess, struct wd_dtb *e,
 	unsigned int dlen = sdgst->dsize;
 	BIGNUM *m;
 
-	if (dlen << UADK_BITS_2_BYTES_SHIFT > order_bits) {
+	if (dlen << TRANS_BITS_BYTES_SHIFT > order_bits) {
 		m = BN_new();
 
 		/* Need to truncate digest if it is too long: first truncate
 		 * whole bytes
 		 */
-		dlen = (order_bits + 7) >> UADK_BITS_2_BYTES_SHIFT;
+		dlen = BITS_TO_BYTES(order_bits);
 		if (!BN_bin2bn(dgst, dlen, m)) {
 			fprintf(stderr, "failed to BN_bin2bn digest\n");
 			BN_free(m);
 			return -1;
 		}
 
-		/* If still too long, truncate remaining bits with a shift */
-		if (dlen << UADK_BITS_2_BYTES_SHIFT > order_bits &&
-		    !BN_rshift(m, m, 8 - (order_bits & 0x7))) {
+		/* If the length of digest is still longer than the length
+		 * of the base point order, truncate remaining bits with a
+		 * shift to that length
+		 */
+		if (dlen << TRANS_BITS_BYTES_SHIFT > order_bits &&
+		    !BN_rshift(m, m, DGST_SHIFT_NUM(order_bits))) {
 			fprintf(stderr, "failed to truncate input digest\n");
 			BN_free(m);
 			return -1;
@@ -743,7 +745,7 @@ err:
 
 static int set_key_to_ec_key(EC_KEY *ec, struct wd_ecc_req *req)
 {
-	unsigned char buff[SM2_KEY_BYTES * 2 + 1] = {UADK_OCTET_STRING};
+	unsigned char buff[ECC_POINT_SIZE(SM2_KEY_BYTES) + 1] = {UADK_OCTET_STRING};
 	struct wd_ecc_point *pubkey = NULL;
 	struct wd_dtb *privkey = NULL;
 	const EC_GROUP *group;
@@ -768,8 +770,8 @@ static int set_key_to_ec_key(EC_KEY *ec, struct wd_ecc_req *req)
 		return -ENOMEM;
 	}
 
-	memcpy(buff + 1, pubkey->x.data, SM2_KEY_BYTES * 2);
-	tmp = BN_bin2bn(buff, SM2_KEY_BYTES * 2 + 1, NULL);
+	memcpy(buff + 1, pubkey->x.data, ECC_POINT_SIZE(SM2_KEY_BYTES));
+	tmp = BN_bin2bn(buff, ECC_POINT_SIZE(SM2_KEY_BYTES) + 1, NULL);
 	ptr = EC_POINT_bn2point(group, tmp, point, NULL);
 	BN_free(tmp);
 	if (!ptr) {
@@ -1029,7 +1031,7 @@ static int ecdh_compkey_init_iot(handle_t sess, struct wd_ecc_req *req,
 	in_pkey.x.dsize = BN_bn2bin(pkey_x, (unsigned char *)in_pkey.x.data);
 	in_pkey.y.dsize = BN_bn2bin(pkey_y, (unsigned char *)in_pkey.y.data);
 
-	/* set public key */
+	/* Set public key */
 	ecdh_in = wd_ecxdh_new_in(sess, &in_pkey);
 	if (!ecdh_in) {
 		fprintf(stderr, "failed to new ecxdh in\n");
@@ -1075,7 +1077,7 @@ static int ecdh_set_key_to_ec_key(EC_KEY *ecdh, struct wd_ecc_req *req)
 	}
 
 	key_size_std = (unsigned int)(EC_GROUP_get_degree(group) +
-			UADK_ECC_PADDING) >> UADK_BITS_2_BYTES_SHIFT;
+			UADK_ECC_PADDING) >> TRANS_BITS_BYTES_SHIFT;
 	key_size_x = pubkey->x.dsize;
 	key_size_y = pubkey->y.dsize;
 	if ((key_size_x > key_size_std) || (key_size_y > key_size_std)) {
@@ -1088,9 +1090,8 @@ static int ecdh_set_key_to_ec_key(EC_KEY *ecdh, struct wd_ecc_req *req)
 	 * tag - 1 byte
 	 * point_x - [key_size_std] bytes
 	 * point_y - [key_size_std] bytes
-	 * so the malloc size is: key_size_std * 2 + 1
 	 */
-	buff_size = key_size_std * 2 + 1;
+	buff_size = ECC_POINT_SIZE(key_size_std) + 1;
 	x_shift = key_size_std - key_size_x + 1;
 	y_shift = buff_size - key_size_y;
 	buff = (unsigned char *)OPENSSL_malloc(buff_size);
diff --git a/src/uadk_ecx.c b/src/uadk_ecx.c
index df23156..67042a3 100644
--- a/src/uadk_ecx.c
+++ b/src/uadk_ecx.c
@@ -295,33 +295,39 @@ static int ecx_keygen_set_pkey(EVP_PKEY *pkey, struct ecx_ctx *ecx_ctx,
 
 	memcpy(ecx_key->pubkey, (const unsigned char *)pubkey->x.data,
 	       key_size);
-	/* trans public key from big-endian to little-endian */
+	/* Trans public key from big-endian to little-endian */
 	ret = reverse_bytes(ecx_key->pubkey, key_size);
 	if (!ret) {
 		fprintf(stderr, "failed to trans public key\n");
 		return UADK_E_FAIL;
 	}
-	/* trans private key from big-endian to little-endian */
+	/* Trans private key from big-endian to little-endian */
 	ret = reverse_bytes(ecx_key->privkey, key_size);
 	if (!ret) {
 		fprintf(stderr, "failed to trans private key\n");
 		return UADK_E_FAIL;
 	}
 	/*
-	 * This is a pretreatment of X25519/X448, as described in RFC 7748:
-	 * For X25519, in order to decode 32 random bytes as an integer
-	 * scaler, set the three LSB of the first byte and MSB of the last
-	 * to zero, set the second MSB of the last byte to 1.
-	 * For X448, set the two LSB of the first byte to 0, and MSB of the
-	 * last byte to 1. Decode in little-endian mode.
+	 * This is a pretreatment of X25519/X448 described in RFC 7748.
+	 * In order to decode the random bytes as an integer scaler, there
+	 * are some special data processing. And use little-endian mode for
+	 * decoding.
 	 */
 	if (ecx_ctx->nid == EVP_PKEY_X25519) {
-		ecx_key->privkey[0] &= 248;
-		ecx_key->privkey[X25519_KEYLEN - 1] &= 127;
-		ecx_key->privkey[X25519_KEYLEN - 1] |= 64;
+		/* Set the three LSB of the first byte to 0 */
+		ecx_key->privkey[0] &= 0xF8;
+
+		/* Set the MSB of the last byte to 0 */
+		ecx_key->privkey[X25519_KEYLEN - 1] &= 0x7F;
+
+		/* Set the second MSB of the last byte to 1 */
+		ecx_key->privkey[X25519_KEYLEN - 1] |= 0x40;
 	} else if (ecx_ctx->nid == EVP_PKEY_X448) {
-		ecx_key->privkey[0] &= 252;
-		ecx_key->privkey[X448_KEYLEN - 1] |= 128;
+		/* Set the two LSB of the first byte to 0 */
+		ecx_key->privkey[0] &= 0xFC;
+
+		/* Set the MSB of the last byte to 1 */
+		ecx_key->privkey[X448_KEYLEN - 1] |= 0x80;
 	}
 
 	ret = EVP_PKEY_assign(pkey, ecx_ctx->nid, ecx_key);
@@ -494,7 +500,7 @@ static int ecx_compkey_init_iot(struct ecx_ctx *ecx_ctx, struct wd_ecc_req *req,
 	struct wd_ecc_in *ecx_in;
 	int ret;
 
-	/* trans public key from little-endian to big-endian */
+	/* Trans public key from little-endian to big-endian */
 	ret = reverse_bytes(peer_ecx_key->pubkey, key_size);
 	if(!ret) {
 		fprintf(stderr, "failed to trans public key\n");
@@ -521,7 +527,7 @@ static int ecx_compkey_init_iot(struct ecx_ctx *ecx_ctx, struct wd_ecc_req *req,
 
 	uadk_ecc_fill_req(req, WD_ECXDH_COMPUTE_KEY, ecx_in, ecx_out);
 
-	/* trans public key from big-endian to little-endian */
+	/* Trans public key from big-endian to little-endian */
 	ret = reverse_bytes(peer_ecx_key->pubkey, key_size);
 	if (!ret) {
 		fprintf(stderr, "failed to trans public key\n");
@@ -553,7 +559,7 @@ static int ecx_derive_set_private_key(struct ecx_ctx *ecx_ctx,
 	struct wd_dtb prikey;
 	int ret;
 
-	/* trans private key from little-endian to big-endian */
+	/* Trans private key from little-endian to big-endian */
 	ret = reverse_bytes(ecx_key->privkey, key_size);
 	if (!ret) {
 		fprintf(stderr, "failed to trans private key\n");
@@ -569,7 +575,7 @@ static int ecx_derive_set_private_key(struct ecx_ctx *ecx_ctx,
 		return UADK_E_FAIL;
 	}
 
-	/* trans private key from big-endian to little-endian */
+	/* Trans private key from big-endian to little-endian */
 	ret = reverse_bytes(ecx_key->privkey, key_size);
 	if (!ret) {
 		fprintf(stderr, "failed to trans private key\n");
diff --git a/src/uadk_pkey.c b/src/uadk_pkey.c
index 6920cff..6b5ae9a 100644
--- a/src/uadk_pkey.c
+++ b/src/uadk_pkey.c
@@ -44,7 +44,7 @@ struct ecc_res_config {
 	int numa_id;
 };
 
-/* ecc global hardware resource is saved here */
+/* ECC global hardware resource is saved here */
 struct ecc_res {
 	struct wd_ctx_config *ctx_res;
 	int pid;
@@ -123,7 +123,7 @@ static int uadk_ecc_poll(void *ctx)
 	return -ETIMEDOUT;
 }
 
-/* make resource configure static */
+/* Make resource configure static */
 struct ecc_res_config ecc_res_config = {
 	.sched = {
 		.sched_type = -1,
@@ -234,7 +234,7 @@ static int uadk_wd_ecc_init(struct ecc_res_config *config)
 	struct uacce_dev *dev;
 	int ret;
 
-	/* ctx is no difference for sm2/ecdsa/ecdh/x25519/x448 */
+	/* The ctx is no difference for sm2/ecdsa/ecdh/x25519/x448 */
 	dev = wd_get_accel_dev("ecdsa");
 	if (!dev)
 		return -ENOMEM;
@@ -396,8 +396,7 @@ int uadk_ecc_set_private_key(handle_t sess, const EC_KEY *eckey)
 		return -EINVAL;
 	}
 
-	/* pad and convert bits to bytes */
-	buflen = (EC_GROUP_get_degree(group) + 7) / 8;
+	buflen = BITS_TO_BYTES(EC_GROUP_get_degree(group));
 	ecc_key = wd_ecc_get_key(sess);
 	prikey.data = (void *)bin;
 	prikey.dsize = BN_bn2binpad(d, bin, buflen);
diff --git a/src/uadk_pkey.h b/src/uadk_pkey.h
index b30c2de..6d1cc77 100644
--- a/src/uadk_pkey.h
+++ b/src/uadk_pkey.h
@@ -26,7 +26,6 @@
 #define UADK_ECC_MAX_KEY_BITS		521
 #define UADK_ECC_MAX_KEY_BYTES		66
 #define UADK_ECC_CV_PARAM_NUM		6
-#define UADK_BITS_2_BYTES_SHIFT		3
 #define SM2_KEY_BYTES			32
 #define UADK_OCTET_STRING		4
 #define UADK_ECC_PUBKEY_PARAM_NUM	2
@@ -34,6 +33,11 @@
 #define UADK_ECDH_CV_NUM		8
 #define ENV_ENABLED			1
 #define UADK_E_INVALID			(-2)
+#define TRANS_BITS_BYTES_SHIFT		3
+#define ECC_POINT_SIZE(n)		((n) * 2)
+#define GET_MS_BYTE(n)			((n) >> 8)
+#define GET_LS_BYTE(n)			((n) & 0xFF)
+#define DGST_SHIFT_NUM(n)		(8 - ((n) & 0x7))
 
 struct uadk_pkey_meth {
 	EVP_PKEY_METHOD *sm2;
diff --git a/src/uadk_rsa.c b/src/uadk_rsa.c
index 7d25338..e9a2c53 100644
--- a/src/uadk_rsa.c
+++ b/src/uadk_rsa.c
@@ -52,6 +52,9 @@
 #define UADK_E_INIT_SUCCESS		0
 #define CHECK_PADDING_FAIL		(-1)
 #define ENV_ENABLED			1
+#define PRIME_RETRY_COUNT		4
+#define GENCB_NEXT			2
+#define GENCB_RETRY			3
 
 static RSA_METHOD *rsa_hw_meth;
 
@@ -173,11 +176,7 @@ static int rsa_prime_mul_res(int num, struct rsa_prime_param *param,
 		if (!BN_mul(param->r1, param->rsa_p, param->rsa_q, ctx))
 			return BN_ERR;
 	} else {
-		/*
-		 * Use the number 3 to indicate whether
-		 * the generator has been found.
-		 */
-		if (!BN_GENCB_call(cb, 3, num))
+		if (!BN_GENCB_call(cb, GENCB_RETRY, num))
 			return BN_ERR;
 		return BN_CONTINUE;
 	}
@@ -228,14 +227,11 @@ static int check_rsa_prime_sufficient(int *num, const int *bitsr,
 			*bitse -= bitsr[*num];
 		else
 			return -1;
-		/*
-		 * Use the number 2 to indicate whether
-		 * a prime has been found.
-		 */
-		ret = BN_GENCB_call(cb, 2, *n++);
+
+		ret = BN_GENCB_call(cb, GENCB_NEXT, *n++);
 		if (!ret)
 			return -1;
-		if (retries == 4) {
+		if (retries == PRIME_RETRY_COUNT) {
 			*num = -1;
 			*bitse = 0;
 			retries = 0;
@@ -244,8 +240,8 @@ static int check_rsa_prime_sufficient(int *num, const int *bitsr,
 		retries++;
 		return BN_REDO;
 	}
-	/* Use the number 3 to indicate whether the generator has been found. */
-	ret = BN_GENCB_call(cb, 3, *num);
+
+	ret = BN_GENCB_call(cb, GENCB_RETRY, *num);
 	if (!ret)
 		return BN_ERR;
 	retries = 0;
@@ -320,8 +316,7 @@ static int check_rsa_prime_useful(const int *n, struct rsa_prime_param *param,
 	else
 		return BN_ERR;
 
-	/* Use the number 2 to indicate whether a prime has been found. */
-	if (!BN_GENCB_call(cb, 2, *n++))
+	if (!BN_GENCB_call(cb, GENCB_NEXT, *n++))
 		return BN_ERR;
 
 	return GET_ERR_FINISH;
diff --git a/src/uadk_sm2.c b/src/uadk_sm2.c
index 8a9adca..578d2d8 100644
--- a/src/uadk_sm2.c
+++ b/src/uadk_sm2.c
@@ -34,12 +34,12 @@ enum {
 typedef struct {
 	/* Key and paramgen group */
 	EC_GROUP *gen_group;
-	/* message digest */
+	/* Message digest */
 	const EVP_MD *md;
 	/* Distinguishing Identifier, ISO/IEC 15946-3 */
 	uint8_t *id;
 	size_t id_len;
-	/* id_set indicates if the 'id' field is set (1) or not (0) */
+	/* Indicates if the 'id' field is set (1) or not (0) */
 	int id_set;
 } SM2_PKEY_CTX;
 
@@ -557,8 +557,7 @@ static size_t ec_field_size(const EC_GROUP *group)
 	if (!EC_GROUP_get_curve(group, p, a, b, NULL))
 		goto done;
 
-	/* Pad and convert bits to bytes */
-	field_size = (BN_num_bits(p) + 7) / 8;
+	field_size = BITS_TO_BYTES(BN_num_bits(p));
 
 done:
 	BN_free(p);
@@ -1172,7 +1171,7 @@ static int sm2_set_ctx_id(struct sm2_ctx *smctx, int p1, const void *p2)
 		OPENSSL_free(smctx->ctx.id);
 		smctx->ctx.id = tmp_id;
 	} else {
-		/* set null-ID */
+		/* Set null-ID */
 		OPENSSL_free(smctx->ctx.id);
 		smctx->ctx.id = NULL;
 	}
@@ -1231,7 +1230,7 @@ static int sm2_ctrl(EVP_PKEY_CTX *ctx, int type, int p1, void *p2)
 		*(size_t *)p2 = smctx->ctx.id_len;
 		return 1;
 	case EVP_PKEY_CTRL_DIGESTINIT:
-		/* nothing to be inited, this is to suppress the error... */
+		/* Nothing to be inited, for suppress the error */
 		return 1;
 	default:
 		fprintf(stderr, "sm2 ctrl type = %d error\n", type);
@@ -1323,20 +1322,22 @@ static int check_digest_evp_lib(const EVP_MD *digest, EVP_MD_CTX *hash,
 	}
 
 	/* Z = h(ENTL || ID || a || b || xG || yG || xA || yA) */
-	if (id_len >= (UINT16_MAX / 8)) {
+	if (id_len >= (UINT16_MAX >> TRANS_BITS_BYTES_SHIFT)) {
 		fprintf(stderr, "id too large\n");
 		return 0;
 	}
 
-	entl = (uint16_t)(8 * id_len);
+	entl = (uint16_t)(id_len << TRANS_BITS_BYTES_SHIFT);
 
-	e_byte = entl >> 8;
+	/* Update the most significant (first) byte of 'entl' */
+	e_byte = GET_MS_BYTE(entl);
 	if (!EVP_DigestUpdate(hash, &e_byte, 1)) {
 		fprintf(stderr, "error evp lib\n");
 		return 0;
 	}
 
-	e_byte = entl & 0xFF;
+	/* Update the least significant (second) byte of 'entl' */
+	e_byte = GET_LS_BYTE(entl);
 	if (!EVP_DigestUpdate(hash, &e_byte, 1)) {
 		fprintf(stderr, "error evp lib\n");
 		return 0;
@@ -1516,7 +1517,7 @@ static int sm2_digest_custom(EVP_PKEY_CTX *ctx, EVP_MD_CTX *mctx)
 		return 0;
 	}
 
-	/* get hashed prefix 'z' of tbs message */
+	/* Get hashed prefix 'z' of tbs message */
 	if (!sm2_compute_z_digest(z, md, smctx->ctx.id, smctx->ctx.id_len, ec))
 		return 0;
 
-- 
1.8.3.1