[PATCH 2/6] lib/crypto: curve25519: Add at_least decoration to fixed-size array params

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Ard Biesheuvel <ardb@kernel.org>,
	"Jason A . Donenfeld" <Jason@zx2c4.com>,
	Herbert Xu <herbert@gondor.apana.org.au>,
	linux-hardening@vger.kernel.org, Kees Cook <kees@kernel.org>,
	Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 2/6] lib/crypto: curve25519: Add at_least decoration to fixed-size array params
Date: Sat, 22 Nov 2025 11:42:02 -0800	[thread overview]
Message-ID: <20251122194206.31822-3-ebiggers@kernel.org> (raw)
In-Reply-To: <20251122194206.31822-1-ebiggers@kernel.org>

Add the at_least (i.e. 'static') decoration to the fixed-size array
parameters of the curve25519 library functions.  This causes clang to
warn when a too-small array of known size is passed.

Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
 include/crypto/curve25519.h | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/include/crypto/curve25519.h b/include/crypto/curve25519.h
index db63a5577c00..2362b48f8741 100644
--- a/include/crypto/curve25519.h
+++ b/include/crypto/curve25519.h
@@ -11,28 +11,32 @@
 
 enum curve25519_lengths {
 	CURVE25519_KEY_SIZE = 32
 };
 
-void curve25519_generic(u8 out[CURVE25519_KEY_SIZE],
-			const u8 scalar[CURVE25519_KEY_SIZE],
-			const u8 point[CURVE25519_KEY_SIZE]);
+void curve25519_generic(u8 out[at_least CURVE25519_KEY_SIZE],
+			const u8 scalar[at_least CURVE25519_KEY_SIZE],
+			const u8 point[at_least CURVE25519_KEY_SIZE]);
 
-bool __must_check curve25519(u8 mypublic[CURVE25519_KEY_SIZE],
-			     const u8 secret[CURVE25519_KEY_SIZE],
-			     const u8 basepoint[CURVE25519_KEY_SIZE]);
+bool __must_check
+curve25519(u8 mypublic[at_least CURVE25519_KEY_SIZE],
+	   const u8 secret[at_least CURVE25519_KEY_SIZE],
+	   const u8 basepoint[at_least CURVE25519_KEY_SIZE]);
 
-bool __must_check curve25519_generate_public(u8 pub[CURVE25519_KEY_SIZE],
-					     const u8 secret[CURVE25519_KEY_SIZE]);
+bool __must_check
+curve25519_generate_public(u8 pub[at_least CURVE25519_KEY_SIZE],
+			   const u8 secret[at_least CURVE25519_KEY_SIZE]);
 
-static inline void curve25519_clamp_secret(u8 secret[CURVE25519_KEY_SIZE])
+static inline void
+curve25519_clamp_secret(u8 secret[at_least CURVE25519_KEY_SIZE])
 {
 	secret[0] &= 248;
 	secret[31] = (secret[31] & 127) | 64;
 }
 
-static inline void curve25519_generate_secret(u8 secret[CURVE25519_KEY_SIZE])
+static inline void
+curve25519_generate_secret(u8 secret[at_least CURVE25519_KEY_SIZE])
 {
 	get_random_bytes_wait(secret, CURVE25519_KEY_SIZE);
 	curve25519_clamp_secret(secret);
 }
 
-- 
2.51.2

next prev parent reply	other threads:[~2025-11-22 19:42 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-11-22 19:42 [PATCH 0/6] lib/crypto: More at_least decorations Eric Biggers
2025-11-22 19:42 ` [PATCH 1/6] lib/crypto: chacha: Add at_least decoration to fixed-size array params Eric Biggers
2025-11-22 19:42 ` Eric Biggers [this message]
2025-11-22 19:42 ` [PATCH 3/6] lib/crypto: md5: " Eric Biggers
2025-11-22 19:42 ` [PATCH 4/6] lib/crypto: poly1305: " Eric Biggers
2025-11-22 19:42 ` [PATCH 5/6] lib/crypto: sha1: " Eric Biggers
2025-11-22 19:42 ` [PATCH 6/6] lib/crypto: sha2: " Eric Biggers
2025-11-22 21:00 ` [PATCH 0/6] lib/crypto: More at_least decorations Jason A. Donenfeld
2025-11-23  4:00 ` Eric Biggers
2025-11-23  5:16   ` Jason A. Donenfeld
2025-11-23  5:17     ` Eric Biggers
2025-11-23  8:31 ` Ard Biesheuvel
2025-11-23 20:35   ` Eric Biggers
2025-11-23 20:38     ` Jason A. Donenfeld
2025-11-23 20:54       ` Eric Biggers
2025-11-24 19:17         ` Kees Cook
2025-11-23 20:31 ` Eric Biggers

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:db63a5577c0 dfblob:2362b48f874 )
 OR (
bs:"[PATCH 2/6] lib/crypto: curve25519: Add at_least decoration to fixed-size array params" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20251122194206.31822-3-ebiggers@kernel.org \
    --to=ebiggers@kernel.org \
    --cc=Jason@zx2c4.com \
    --cc=ardb@kernel.org \
    --cc=herbert@gondor.apana.org.au \
    --cc=kees@kernel.org \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-hardening@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.