summaryrefslogtreecommitdiff
path: root/include/crypto
diff options
context:
space:
mode:
authorStefan Berger <stefanb@linux.ibm.com>2024-05-09 21:59:21 -0400
committerHerbert Xu <herbert@gondor.apana.org.au>2024-05-17 18:55:07 +0800
commitc6ab5c915da460c0397960af3c308386c3f3247b (patch)
treec717a821b8783d5f6f7371fc4c65ea0a5a6d74d5 /include/crypto
parentd3b17c6d9dddc2db3670bc9be628b122416a3d26 (diff)
crypto: ecc - Prevent ecc_digits_from_bytes from reading too many bytes
Prevent ecc_digits_from_bytes from reading too many bytes from the input byte array in case an insufficient number of bytes is provided to fill the output digit array of ndigits. Therefore, initialize the most significant digits with 0 to avoid trying to read too many bytes later on. Convert the function into a regular function since it is getting too big for an inline function. If too many bytes are provided on the input byte array the extra bytes are ignored since the input variable 'ndigits' limits the number of digits that will be filled. Fixes: d67c96fb97b5 ("crypto: ecdsa - Convert byte arrays with key coordinates to digits") Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org> Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'include/crypto')
-rw-r--r--include/crypto/internal/ecc.h15
1 files changed, 2 insertions, 13 deletions
diff --git a/include/crypto/internal/ecc.h b/include/crypto/internal/ecc.h
index 7ca1f463d1ec..f7e75e1e71f3 100644
--- a/include/crypto/internal/ecc.h
+++ b/include/crypto/internal/ecc.h
@@ -64,19 +64,8 @@ static inline void ecc_swap_digits(const void *in, u64 *out, unsigned int ndigit
* @out Output digits array
* @ndigits: Number of digits to create from byte array
*/
-static inline void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
- u64 *out, unsigned int ndigits)
-{
- unsigned int o = nbytes & 7;
- __be64 msd = 0;
-
- if (o) {
- memcpy((u8 *)&msd + sizeof(msd) - o, in, o);
- out[--ndigits] = be64_to_cpu(msd);
- in += o;
- }
- ecc_swap_digits(in, out, ndigits);
-}
+void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
+ u64 *out, unsigned int ndigits);
/**
* ecc_is_key_valid() - Validate a given ECDH private key