From: Stefan Berger <[email protected]> Fix an off-by-one error where the most significant digit was not initialized leading to signature verification failures by the testmgr.
Example: If a curve requires ndigits (=9) and diff (=2) indicates that 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7) and clear 'diff' digits starting from there, so 7 and 8. Reported-by: Venkat Rao Bagalkote <[email protected]> Closes: https://lore.kernel.org/linux-crypto/[email protected]/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4 Fixes: 2fd2a82ccbfc ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array") Signed-off-by: Stefan Berger <[email protected]> Tested-by: Venkat Rao Bagalkote <[email protected]> Signed-off-by: Herbert Xu <[email protected]> (cherry picked from linux commit 1dcf865d3bf5bff45e93cb2410911b3428dacb78) Reported-by: Lukas Wunner <[email protected]> Signed-off-by: Jonas Rebmann <[email protected]> --- crypto/ecc.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/crypto/ecc.c b/crypto/ecc.c index 77068ebfbd..01003d8a38 100644 --- a/crypto/ecc.c +++ b/crypto/ecc.c @@ -1,4 +1,4 @@ -// SPDX-Comment: Origin-URL: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/crypto/ecc.c?id=c6ab5c915da460c0397960af3c308386c3f3247b +// SPDX-Comment: Origin-URL: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/crypto/ecc.c?id=1dcf865d3bf5bff45e93cb2410911b3428dacb78 /* * Copyright (c) 2013, 2014 Kenneth MacKay. All rights reserved. * Copyright (c) 2019 Vitaly Chikunov <[email protected]> @@ -66,7 +66,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes, /* diff > 0: not enough input bytes: set most significant digits to 0 */ if (diff > 0) { ndigits -= diff; - memset(&out[ndigits - 1], 0, diff * sizeof(u64)); + memset(&out[ndigits], 0, diff * sizeof(u64)); } if (o) { -- 2.54.0.129.g3edf2eeba9
