| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 28 May 2024 01:59:23 +0300
From: "Jarkko Sakkinen" <jarkko@...nel.org>
To: "Jarkko Sakkinen" <jarkko@...nel.org>, "Herbert Xu"
<herbert@...dor.apana.org.au>
Cc: <linux-crypto@...r.kernel.org>, "David S. Miller" <davem@...emloft.net>,
"Stefan Berger" <stefanb@...ux.ibm.com>, <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] crypto: ecdsa: Fix the public key format description
On Tue May 28, 2024 at 1:49 AM EEST, Jarkko Sakkinen wrote:
> On Tue May 28, 2024 at 1:31 AM EEST, Jarkko Sakkinen wrote:
> > > ret = crypto_akcipher_set_pub_key(tfm, data, 3 * x_size + 1);
>
> Noticed this mistake i.e. fixed it with "2 * x_size + 1"
>
> This is results earlier failure:
>
> ecdsa: (tpm2_key_ecdsa_query+0x10d/0x170 <- ecdsa_set_pub_key) arg1=0xffffffea
>
> Totally lost with the expected input format after trying out various
> options.
OK got it working with:
ptr = &data[0];
*ptr++ = 0x04; /* uncompressed */
memcpy(&ptr[0], &x[2], x_size);
memcpy(&ptr[x_size], &x[2 + x_size + 2], x_size);
ret = crypto_akcipher_set_pub_key(tfm, data, 2 * x_size + 1);
crypto_free_akcipher(tfm);
Had still a few "off-bys".
Makes me wonder why this is not in ASN.1.
E.g. TPM2 stuff and for instance RSA code takes ASN.1.
This all and the required prefix byte really should be explained in
the documentation of this function. I.e. follows the RFC in the sense
that number is big-endian and has the prefix byte, but it does not
follow it in the sense that x and y are not in input octect strings.
Why is that? Does not feel right intuitively.
BR, Jarkko
Powered by blists - more mailing lists