lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date: Fri, 14 Jun 2024 11:47:26 +0530
From: Venkat Rao Bagalkote <venkat88@...ux.vnet.ibm.com>
To: Stefan Berger <stefanb@...ux.ibm.com>, keyrings@...r.kernel.org,
        linux-crypto@...r.kernel.org, herbert@...dor.apana.org.au,
        davem@...emloft.net
Cc: linux-kernel@...r.kernel.org, jarkko@...nel.org
Subject: Re: [PATCH] crypto: ecc - Fix off-by-one missing to clear most
 significant digit

Tested with the proposed patch and issue is fixed.


Tested-by: Venkat Rao Bagalkote <venkat88@...ux.vnet.ibm.com>

Regards,

Venkat.

On 14/06/24 3:08 am, Stefan Berger wrote:
> Fix an off-by-one error where the most significant digit was not
> initialized leading to signature verification failures by the testmgr.
>
> Example: If a curve requires ndigits (=9) and diff (=2) indicates that
> 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7)
> and clear 'diff' digits starting from there, so 7 and 8.
>
> Reported-by: Venkat Rao Bagalkote <venkat88@...ux.vnet.ibm.com>
> Closes: https://lore.kernel.org/linux-crypto/619bc2de-b18a-4939-a652-9ca886bf6349@linux.ibm.com/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4
> Fixes: 2fd2a82ccbfc ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array")
> Signed-off-by: Stefan Berger <stefanb@...ux.ibm.com>
> ---
>   crypto/ecc.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/crypto/ecc.c b/crypto/ecc.c
> index fe761256e335..dd48d9928a21 100644
> --- a/crypto/ecc.c
> +++ b/crypto/ecc.c
> @@ -78,7 +78,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
>   	/* diff > 0: not enough input bytes: set most significant digits to 0 */
>   	if (diff > 0) {
>   		ndigits -= diff;
> -		memset(&out[ndigits - 1], 0, diff * sizeof(u64));
> +		memset(&out[ndigits], 0, diff * sizeof(u64));
>   	}
>   
>   	if (o) {

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ