| Message ID | 20240613213820.995832-1-stefanb@linux.ibm.com (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | crypto: ecc - Fix off-by-one missing to clear most significant digit | expand |
Tested with the proposed patch and issue is fixed. Tested-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> Regards, Venkat. On 14/06/24 3:08 am, Stefan Berger wrote: > Fix an off-by-one error where the most significant digit was not > initialized leading to signature verification failures by the testmgr. > > Example: If a curve requires ndigits (=9) and diff (=2) indicates that > 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7) > and clear 'diff' digits starting from there, so 7 and 8. > > Reported-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> > Closes: https://lore.kernel.org/linux-crypto/619bc2de-b18a-4939-a652-9ca886bf6349@linux.ibm.com/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4 > Fixes: 2fd2a82ccbfc ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array") > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecc.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/crypto/ecc.c b/crypto/ecc.c > index fe761256e335..dd48d9928a21 100644 > --- a/crypto/ecc.c > +++ b/crypto/ecc.c > @@ -78,7 +78,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes, > /* diff > 0: not enough input bytes: set most significant digits to 0 */ > if (diff > 0) { > ndigits -= diff; > - memset(&out[ndigits - 1], 0, diff * sizeof(u64)); > + memset(&out[ndigits], 0, diff * sizeof(u64)); > } > > if (o) {
On Thu, Jun 13, 2024 at 05:38:20PM -0400, Stefan Berger wrote: > Fix an off-by-one error where the most significant digit was not > initialized leading to signature verification failures by the testmgr. > > Example: If a curve requires ndigits (=9) and diff (=2) indicates that > 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7) > and clear 'diff' digits starting from there, so 7 and 8. > > Reported-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> > Closes: https://lore.kernel.org/linux-crypto/619bc2de-b18a-4939-a652-9ca886bf6349@linux.ibm.com/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4 > Fixes: 2fd2a82ccbfc ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array") > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> > --- > crypto/ecc.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) Patch applied. Thanks.
diff --git a/crypto/ecc.c b/crypto/ecc.c index fe761256e335..dd48d9928a21 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -78,7 +78,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes, /* diff > 0: not enough input bytes: set most significant digits to 0 */ if (diff > 0) { ndigits -= diff; - memset(&out[ndigits - 1], 0, diff * sizeof(u64)); + memset(&out[ndigits], 0, diff * sizeof(u64)); } if (o) {
Fix an off-by-one error where the most significant digit was not initialized leading to signature verification failures by the testmgr. Example: If a curve requires ndigits (=9) and diff (=2) indicates that 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7) and clear 'diff' digits starting from there, so 7 and 8. Reported-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> Closes: https://lore.kernel.org/linux-crypto/619bc2de-b18a-4939-a652-9ca886bf6349@linux.ibm.com/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4 Fixes: 2fd2a82ccbfc ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array") Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> --- crypto/ecc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)