lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20221227142740.2807136-1-roberto.sassu@huaweicloud.com>
Date:   Tue, 27 Dec 2022 15:27:38 +0100
From:   Roberto Sassu <roberto.sassu@...weicloud.com>
To:     dhowells@...hat.com, herbert@...dor.apana.org.au,
        davem@...emloft.net, zohar@...ux.ibm.com,
        dmitry.kasatkin@...il.com, paul@...l-moore.com, jmorris@...ei.org,
        serge@...lyn.com, ebiggers@...nel.org
Cc:     linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, keyrings@...r.kernel.org,
        linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
        stable@...r.kernel.org, Roberto Sassu <roberto.sassu@...wei.com>
Subject: [PATCH v5 0/2] KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()

From: Roberto Sassu <roberto.sassu@...wei.com>

Changelog:

v4:
 - Replace sg_init_table()/sg_set_buf() with sg_init_one() (suggested by
   Eric)

v3:

v2:
 - Add patch by Herbert to take only the needed bytes for a MPI from the
   scatterlist
 - Use only one scatterlist for signature and digest (suggested by Eric)
 - Rename key variable to buf (suggested by Eric)
 - Rename key_max_len variable to buf_len
 - Use size_t for the buf_len variable instead of u32

v1:
 - Unconditionally copy the signature and digest to the buffer to keep the
   code simple (suggested by Eric)

Herbert Xu (1):
  lib/mpi: Fix buffer overrun when SG is too long

Roberto Sassu (1):
  KEYS: asymmetric: Copy sig and digest in public_key_verify_signature()

 crypto/asymmetric_keys/public_key.c | 38 ++++++++++++++++-------------
 lib/mpi/mpicoder.c                  |  3 ++-
 2 files changed, 23 insertions(+), 18 deletions(-)

-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ