lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20240302213427.GA30938@wunner.de>
Date: Sat, 2 Mar 2024 22:34:27 +0100
From: Lukas Wunner <lukas@...ner.de>
To: Stefan Berger <stefanb@...ux.ibm.com>
Cc: keyrings@...r.kernel.org, linux-crypto@...r.kernel.org,
	herbert@...dor.apana.org.au, davem@...emloft.net,
	linux-kernel@...r.kernel.org, saulo.alessandre@....jus.br
Subject: Re: [PATCH v4 01/12] crypto: ecdsa - Convert byte arrays with key
 coordinates to digits

On Thu, Feb 29, 2024 at 09:19:56PM -0500, Stefan Berger wrote:
> --- a/crypto/ecdsa.c
> +++ b/crypto/ecdsa.c
> @@ -222,9 +222,8 @@ static int ecdsa_ecc_ctx_reset(struct ecc_ctx *ctx)
>  static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen)
>  {
>  	struct ecc_ctx *ctx = akcipher_tfm_ctx(tfm);
> +	unsigned int digitlen, ndigits;
>  	const unsigned char *d = key;
> -	const u64 *digits = (const u64 *)&d[1];
> -	unsigned int ndigits;
>  	int ret;
>  
>  	ret = ecdsa_ecc_ctx_reset(ctx);

Hm, the removal of digits isn't strictly necessary.  If you would keep it,
the patch would become simpler (fewer lines changes).


> @@ -238,12 +237,17 @@ static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsig
>  		return -EINVAL;
>  
>  	keylen--;
> -	ndigits = (keylen >> 1) / sizeof(u64);
> +	digitlen = keylen >> 1;
> +
> +	ndigits = DIV_ROUND_UP(digitlen, sizeof(u64));

Instead of introducing an additional digitlen variable, you could just
use keylen.  It seems it's not used in the remainder of the function,
so modifying it is harmless:

 	keylen--;
+ 	keylen >>= 1;
-	ndigits = (keylen >> 1) / sizeof(u64);
+	ndigits = DIV_ROUND_UP(digitlen, sizeof(u64));

Just a suggestion.

Thanks,

Lukas

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ