From: Lukas Wunner <lukas@wunner.de>
To: Jarkko Sakkinen <jarkko@kernel.org>
Cc: Stefan Berger <stefanb@linux.ibm.com>,
keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
herbert@gondor.apana.org.au, davem@davemloft.net,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] crypto: ecc - Protect ecc_digits_from_bytes from reading too many bytes
Date: Mon, 29 Apr 2024 05:30:37 +0200 [thread overview]
Message-ID: <Zi8UXS1MD5V58dnN@wunner.de> (raw)
In-Reply-To: <D0W3MTR0CY08.Q2UIYE4N274L@kernel.org>
On Mon, Apr 29, 2024 at 01:12:00AM +0300, Jarkko Sakkinen wrote:
> On Sat Apr 27, 2024 at 1:55 AM EEST, Stefan Berger wrote:
> > Protect ecc_digits_from_bytes from reading too many bytes from the input
> > byte array in case an insufficient number of bytes is provided to fill the
> > output digit array of ndigits. Therefore, initialize the most significant
> > digits with 0 to avoid trying to read too many bytes later on.
> >
> > If too many bytes are provided on the input byte array the extra bytes
> > are ignored since the input variable 'ndigits' limits the number of digits
> > that will be filled.
> >
> > Fixes: d67c96fb97b5 ("crypto: ecdsa - Convert byte arrays with key coordinates to digits")
> > Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
> > ---
> > include/crypto/internal/ecc.h | 7 +++++++
> > 1 file changed, 7 insertions(+)
> >
> > diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h
> > index 7ca1f463d1ec..56215f14ff96 100644
> > --- a/include/crypto/internal/ecc.h
> > +++ b/include/crypto/internal/ecc.h
> > @@ -67,9 +67,16 @@ static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int ndigit
> > static inline void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
> > u64 *out, unsigned int ndigits)
> > {
> > + int diff = ndigits - DIV_ROUND_UP(nbytes, sizeof(u64));
> > unsigned int o = nbytes & 7;
> > __be64 msd = 0;
> >
> > + /* diff > 0: not enough input bytes: set most significant digits to 0 */
> > + while (diff > 0) {
> > + out[--ndigits] = 0;
> > + diff--;
> > + }
>
> Could be just trivial for-loop:
>
> for (i = 0; i < diff; i++)
> out[--ndigits] = 0;
>
> Or also simpler while-loop could work:
>
> while (diff-- > 0)
> out[--ndigits] = 0;
Or just use memset(), which uses optimized instructions on many arches.
next prev parent reply other threads:[~2024-04-29 3:39 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-04-26 22:55 [PATCH] crypto: ecc - Protect ecc_digits_from_bytes from reading too many bytes Stefan Berger
2024-04-28 22:12 ` Jarkko Sakkinen
2024-04-29 3:30 ` Lukas Wunner [this message]
2024-04-29 10:14 ` Jarkko Sakkinen
2024-04-29 11:11 ` Stefan Berger
2024-04-29 13:12 ` Jarkko Sakkinen
2024-05-03 10:30 ` Herbert Xu
2024-05-03 23:49 ` Jarkko Sakkinen
2024-05-03 23:51 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Zi8UXS1MD5V58dnN@wunner.de \
--to=lukas@wunner.de \
--cc=davem@davemloft.net \
--cc=herbert@gondor.apana.org.au \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=stefanb@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.