From: Eric Biggers Date: Mon, 20 Apr 2026 06:34:22 +0000 (-0700) Subject: crypto: drbg - Clean up loop in drbg_hmac_update() X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=58d0b2b90796d603b01afb8eeaeb14c58131ad57;p=thirdparty%2Fkernel%2Flinux.git crypto: drbg - Clean up loop in drbg_hmac_update() This loop is a bit hard to read, with the loop counter that's used in the HMAC being separate from the actual loop counter, which counts backwards for some reason. Just replace it with a regular loop. Signed-off-by: Eric Biggers Signed-off-by: Herbert Xu --- diff --git a/crypto/drbg.c b/crypto/drbg.c index b54c807930af8..ad7b9577479e0 100644 --- a/crypto/drbg.c +++ b/crypto/drbg.c @@ -137,11 +137,6 @@ struct drbg_state { size_t test_entropylen; }; -enum drbg_prefixes { - DRBG_PREFIX0 = 0x00, - DRBG_PREFIX1, -}; - /****************************************************************** * HMAC DRBG functions ******************************************************************/ @@ -151,19 +146,14 @@ static void drbg_hmac_update(struct drbg_state *drbg, const u8 *data1, size_t data1_len, const u8 *data2, size_t data2_len) { - int i = 0; struct hmac_sha512_ctx hmac_ctx; u8 new_key[DRBG_STATE_LEN]; - for (i = 2; 0 < i; i--) { - /* first round uses 0x0, second 0x1 */ - unsigned char prefix = DRBG_PREFIX0; - if (1 == i) - prefix = DRBG_PREFIX1; + for (u8 i = 0; i < 2; i++) { /* 10.1.2.2 step 1 and 4 -- concatenation and HMAC for key */ hmac_sha512_init(&hmac_ctx, &drbg->key); hmac_sha512_update(&hmac_ctx, drbg->V, DRBG_STATE_LEN); - hmac_sha512_update(&hmac_ctx, &prefix, 1); + hmac_sha512_update(&hmac_ctx, &i, 1); hmac_sha512_update(&hmac_ctx, data1, data1_len); hmac_sha512_update(&hmac_ctx, data2, data2_len); hmac_sha512_final(&hmac_ctx, new_key);