lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <87r3cihwr2.fsf@gmail.com>
Date:	Tue, 31 May 2016 21:07:29 +0200
From:	Nicolai Stange <nicstange@...il.com>
To:	Herbert Xu <herbert@...dor.apana.org.au>
Cc:	Nicolai Stange <nicstange@...il.com>,
	David Howells <dhowells@...hat.com>,
	Tadeusz Struk <tadeusz.struk@...el.com>,
	Michal Marek <mmarek@...e.com>, linux-crypto@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/5] refactor mpi_read_from_buffer()

Herbert Xu <herbert@...dor.apana.org.au> writes:

> On Thu, May 26, 2016 at 11:19:50PM +0200, Nicolai Stange wrote:
>> mpi_read_from_buffer() and mpi_read_raw_data() do almost the same and share a
>> fair amount of common code.
>> 
>> This patchset attempts to rewrite mpi_read_from_buffer() in order to implement
>> it in terms of mpi_read_raw_data().
>> 
>> The patches 1 and 3, i.e.
>>   "lib/mpi: mpi_read_from_buffer(): return error code"
>> and
>>   "lib/mpi: mpi_read_from_buffer(): return -EINVAL upon too short buffer"
>> do the groundwork in that they move any error detection unique to
>> mpi_read_from_buffer() out of the data handling loop.
>> 
>> The patches 2 and 4, that is
>>   "lib/digsig: digsig_verify_rsa(): return -EINVAL if modulo length is zero"
>> and
>>   "lib/mpi: mpi_read_from_buffer(): sanitize short buffer printk"
>> are not strictly necessary for the refactoring: they cleanup some minor oddities
>> related to error handling I came across.
>> 
>> Finally, the last patch in this series,
>>   "lib/mpi: refactor mpi_read_from_buffer() in terms of mpi_read_raw_data()"
>> actually does what this series is all about.
>> 
>> 
>> Applicable to linux-next-20160325.
>
> All applied.

Thanks! (As well as for applying the separately sent patches, of course)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ