[PATCH v12 02/10] crypto: Add support for ECDSA signature verification
Stefan Berger
stefanb at linux.ibm.com
Mon Jul 22 12:19:41 UTC 2024
On 7/17/24 12:17, Lukas Wunner wrote:
> Hi Stefan,
>
> On Tue, Mar 16, 2021 at 05:07:32PM -0400, Stefan Berger wrote:
>> +/*
>> + * Get the r and s components of a signature from the X509 certificate.
>> + */
>> +static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
>> + const void *value, size_t vlen, unsigned int ndigits)
>> +{
>> + size_t keylen = ndigits * sizeof(u64);
>> + ssize_t diff = vlen - keylen;
>> + const char *d = value;
>> + u8 rs[ECC_MAX_BYTES];
>> +
>> + if (!value || !vlen)
>> + return -EINVAL;
>> +
>> + /* diff = 0: 'value' has exacly the right size
>> + * diff > 0: 'value' has too many bytes; one leading zero is allowed that
>> + * makes the value a positive integer; error on more
>> + * diff < 0: 'value' is missing leading zeros, which we add
>> + */
>> + if (diff > 0) {
>> + /* skip over leading zeros that make 'value' a positive int */
>> + if (*d == 0) {
>> + vlen -= 1;
>> + diff--;
>> + d++;
>> + }
>> + if (diff)
>> + return -EINVAL;
>> + }
>> + if (-diff >= keylen)
>> + return -EINVAL;
>
> I'm in the process of creating a crypto_template for decoding an x962
> signature as requested by Herbert:
>
> https://lore.kernel.org/all/ZoHXyGwRzVvYkcTP@gondor.apana.org.au/
>
> I intend to move the above code to the template and to do so I'm
> trying to understand what it's doing.
>
> There's an oddity in the above-quoted function. The check ...
>
> + if (-diff >= keylen)
> + return -EINVAL;
>
> ... seems superfluous. diff is assigned the following value at the
> top of the function:
>
> + ssize_t diff = vlen - keylen;
>
> This means that: -diff == keylen - vlen.
>
> Now, if vlen is zero, -diff would equal keylen and then the
> "-diff >= keylen" check would be true. However at the top of
> the function, there's already a !vlen check. No need to check
> the same thing again!
You're right, this check is not necessary.
Stefan
More information about the Linux-security-module-archive
mailing list