[PATCH v2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()
Roberto Sassu
roberto.sassu at huaweicloud.com
Mon Dec 19 08:49:29 UTC 2022
On Mon, 2022-12-12 at 17:15 +0800, Herbert Xu wrote:
> On Mon, Dec 12, 2022 at 10:07:38AM +0100, Roberto Sassu wrote:
> > The problem is a misalignment between req->src_len (set to sig->s_size
> > by akcipher_request_set_crypt()) and the length of the scatterlist (if
> > we set the latter to sig->s_size + sig->digest_size).
> >
> > When rsa_enc() calls mpi_read_raw_from_sgl(), it passes req->src_len as
> > argument, and the latter allocates the MPI according to that. However,
> > it does parsing depending on the length of the scatterlist.
> >
> > If there are two scatterlists, it is not a problem, there is no
> > misalignment. mpi_read_raw_from_sgl() picks the first. If there is just
> > one, mpi_read_raw_from_sgl() parses all data there.
>
> Thanks for the explanation. That's definitely a bug which should
> be fixed either in the RSA code or in MPI.
>
> I'll look into it.
Hi Herbert
do you have any news on this bug?
Thanks
Roberto
More information about the Linux-security-module-archive
mailing list