tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
1
fork

Configure Feed

Select the types of activity you want to include in your feed.

crypto: ecdsa - Adjust tests on length of key parameters

In preparation for support of NIST P521, adjust the basic tests on the
length of the provided key parameters to only ensure that the length of the
x plus y coordinates parameter array is not an odd number and that each
coordinate fits into an array of 'ndigits' digits. Mathematical tests on
the key's parameters are then done in ecc_is_pubkey_valid_full rejecting
invalid keys.

The change is necessary since NIST P521 keys do not have keys with
coordinates that each require 'full' digits (= all bits in u64 used).
NIST P521 only requires 2 bytes (9 bits) in the most significant digit
unlike NIST P192/256/384 that each require multiple 'full' digits.

Tested-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
Tested-by: Jarkko Sakkinen <jarkko@kernel.org>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Stefan Berger and committed by
Herbert Xu dcee6068 d67c96fb

+1 -1
+1 -1
crypto/ecdsa.c
··· 230 230 if (ret < 0) 231 231 return ret; 232 232 233 - if (keylen < 1 || (((keylen - 1) >> 1) % sizeof(u64)) != 0) 233 + if (keylen < 1 || ((keylen - 1) & 1) != 0) 234 234 return -EINVAL; 235 235 /* we only accept uncompressed format indicated by '4' */ 236 236 if (d[0] != 4)