From: Stefan Berger <stefanb@linux.ibm.com>
To: Lukas Wunner <lukas@wunner.de>
Cc: keyrings@vger.kernel.org, linux-crypto@vger.kernel.org,
davem@davemloft.net, herbert@gondor.apana.org.au,
dhowells@redhat.com, zohar@linux.ibm.com, jarkko@kernel.org,
linux-integrity@vger.kernel.org,
linux-security-module@vger.kernel.org,
linux-kernel@vger.kernel.org, patrick@puiterwijk.org
Subject: Re: [PATCH v12 02/10] crypto: Add support for ECDSA signature verification
Date: Mon, 22 Jul 2024 08:19:41 -0400 [thread overview]
Message-ID: <6eee0c55-40cd-4e7b-8819-1a4c9596062a@linux.ibm.com> (raw)
In-Reply-To: <ZpfuqeSVC47jqme2@wunner.de>
On 7/17/24 12:17, Lukas Wunner wrote:
> Hi Stefan,
>
> On Tue, Mar 16, 2021 at 05:07:32PM -0400, Stefan Berger wrote:
>> +/*
>> + * Get the r and s components of a signature from the X509 certificate.
>> + */
>> +static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
>> + const void *value, size_t vlen, unsigned int ndigits)
>> +{
>> + size_t keylen = ndigits * sizeof(u64);
>> + ssize_t diff = vlen - keylen;
>> + const char *d = value;
>> + u8 rs[ECC_MAX_BYTES];
>> +
>> + if (!value || !vlen)
>> + return -EINVAL;
>> +
>> + /* diff = 0: 'value' has exacly the right size
>> + * diff > 0: 'value' has too many bytes; one leading zero is allowed that
>> + * makes the value a positive integer; error on more
>> + * diff < 0: 'value' is missing leading zeros, which we add
>> + */
>> + if (diff > 0) {
>> + /* skip over leading zeros that make 'value' a positive int */
>> + if (*d == 0) {
>> + vlen -= 1;
>> + diff--;
>> + d++;
>> + }
>> + if (diff)
>> + return -EINVAL;
>> + }
>> + if (-diff >= keylen)
>> + return -EINVAL;
>
> I'm in the process of creating a crypto_template for decoding an x962
> signature as requested by Herbert:
>
> https://lore.kernel.org/all/ZoHXyGwRzVvYkcTP@gondor.apana.org.au/
>
> I intend to move the above code to the template and to do so I'm
> trying to understand what it's doing.
>
> There's an oddity in the above-quoted function. The check ...
>
> + if (-diff >= keylen)
> + return -EINVAL;
>
> ... seems superfluous. diff is assigned the following value at the
> top of the function:
>
> + ssize_t diff = vlen - keylen;
>
> This means that: -diff == keylen - vlen.
>
> Now, if vlen is zero, -diff would equal keylen and then the
> "-diff >= keylen" check would be true. However at the top of
> the function, there's already a !vlen check. No need to check
> the same thing again!
You're right, this check is not necessary.
Stefan
next prev parent reply other threads:[~2024-07-22 12:20 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-16 21:07 [PATCH v12 00/10] Add support for x509 certs with NIST P384/256/192 keys Stefan Berger
2021-03-16 21:07 ` [PATCH v12 01/10] oid_registry: Add OIDs for ECDSA with SHA224/256/384/512 Stefan Berger
2021-03-16 21:07 ` [PATCH v12 02/10] crypto: Add support for ECDSA signature verification Stefan Berger
2024-07-17 16:17 ` Lukas Wunner
2024-07-22 12:19 ` Stefan Berger [this message]
2024-07-22 13:17 ` Lukas Wunner
2021-03-16 21:07 ` [PATCH v12 03/10] crypto: Add NIST P384 curve parameters Stefan Berger
2021-03-16 21:07 ` [PATCH v12 04/10] crypto: Add math to support fast NIST P384 Stefan Berger
2021-03-16 21:07 ` [PATCH v12 05/10] ecdsa: Register NIST P384 and extend test suite Stefan Berger
2021-03-16 21:07 ` [PATCH v12 06/10] x509: Detect sm2 keys by their parameters OID Stefan Berger
2021-03-16 21:07 ` [PATCH v12 07/10] x509: Add support for parsing x509 certs with ECDSA keys Stefan Berger
2021-03-16 21:07 ` [PATCH v12 08/10] ima: Support EC keys for signature verification Stefan Berger
2021-03-16 21:07 ` [PATCH v12 09/10] x509: Add OID for NIST P384 and extend parser for it Stefan Berger
2021-03-16 21:07 ` [PATCH v12 10/10] certs: Add support for using elliptic curve keys for signing modules Stefan Berger
2021-03-16 21:16 ` [PATCH v12 00/10] Add support for x509 certs with NIST P384/256/192 keys Stefan Berger
2021-03-26 9:30 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=6eee0c55-40cd-4e7b-8819-1a4c9596062a@linux.ibm.com \
--to=stefanb@linux.ibm.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=jarkko@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=lukas@wunner.de \
--cc=patrick@puiterwijk.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).