1d663ab619
To get more information, please visit the pr:
https://github.com/Linaro/uadk/pull/532
Signed-off-by: Yang Shen <shenyang39@huawei.com>
154 lines
4.5 KiB
Diff
154 lines
4.5 KiB
Diff
From 770967b993db3bb6dcdb9e23d4d9f6c14869cd4d Mon Sep 17 00:00:00 2001
|
|
From: Zhiqi Song <songzhiqi1@huawei.com>
|
|
Date: Thu, 15 Dec 2022 16:50:20 +0800
|
|
Subject: [PATCH 3/4] uadk/v1/ecc: bugfix incorrect parameter length
|
|
|
|
In 'struct wd_dtb', the member 'bsize' indicates the whole
|
|
buffer size of the data, the member 'dsize' indicates the
|
|
valid size of the data. The 'bsize' is generally greater
|
|
than or equal to 'dsize'. In some cases, the data will be
|
|
filled with zero, the value of 'dsize' will not be updated,
|
|
so directly using 'dsize' may truncate the data and cause
|
|
erroneous judgement.
|
|
|
|
The solution is when check whether a 'struct wd_dtb' type
|
|
variable is all zero, if 'bsize' is larger than 'dsize',
|
|
the length of the data should be the value of 'bsize'.
|
|
And the key size value is redundant.
|
|
|
|
Signed-off-by: Zhiqi Song <songzhiqi1@huawei.com>
|
|
---
|
|
v1/drv/hisi_hpre_udrv.c | 22 +++++++++++++---------
|
|
v1/wd_ecc.c | 14 +++++++-------
|
|
2 files changed, 20 insertions(+), 16 deletions(-)
|
|
|
|
diff --git a/v1/drv/hisi_hpre_udrv.c b/v1/drv/hisi_hpre_udrv.c
|
|
index 191beab..9e3bd3b 100644
|
|
--- a/v1/drv/hisi_hpre_udrv.c
|
|
+++ b/v1/drv/hisi_hpre_udrv.c
|
|
@@ -1111,17 +1111,21 @@ static void correct_random(struct wd_dtb *k)
|
|
k->data[lens] = 0;
|
|
}
|
|
|
|
-static bool is_all_zero(struct wd_dtb *e, struct wcrypto_ecc_msg *msg,
|
|
- const char *p_name)
|
|
+static bool is_all_zero(struct wd_dtb *e, const char *p_name)
|
|
{
|
|
int i;
|
|
|
|
- for (i = 0; i < e->dsize && i < msg->key_bytes; i++) {
|
|
+ if (!e || !e->data) {
|
|
+ WD_ERR("invalid: %s is NULL!\n", p_name);
|
|
+ return true;
|
|
+ }
|
|
+
|
|
+ for (i = 0; i < e->bsize; i++) {
|
|
if (e->data[i])
|
|
return false;
|
|
}
|
|
|
|
- WD_ERR("error: %s all zero!\n", p_name);
|
|
+ WD_ERR("invalid: %s all zero!\n", p_name);
|
|
|
|
return true;
|
|
}
|
|
@@ -1144,15 +1148,15 @@ static int ecc_prepare_sign_in(struct wcrypto_ecc_msg *msg,
|
|
e = &in->dgst;
|
|
if (!in->k_set) {
|
|
if (msg->op_type != WCRYPTO_SM2_SIGN) {
|
|
- WD_ERR("random k not set!\n");
|
|
+ WD_ERR("invalid: random k not set!\n");
|
|
return -WD_EINVAL;
|
|
}
|
|
hw_msg->sm2_ksel = 1;
|
|
- } else if (is_all_zero(k, msg, "ecc sgn k")) {
|
|
+ } else if (is_all_zero(k, "ecc sgn k")) {
|
|
return -WD_EINVAL;
|
|
}
|
|
|
|
- if (is_all_zero(e, msg, "ecc sgn e"))
|
|
+ if (is_all_zero(e, "ecc sgn e"))
|
|
return -WD_EINVAL;
|
|
|
|
ret = qm_crypto_bin_to_hpre_bin(e->data, (const char *)e->data,
|
|
@@ -1192,7 +1196,7 @@ static int ecc_prepare_verf_in(struct wcrypto_ecc_msg *msg, void **data)
|
|
s = &vin->s;
|
|
r = &vin->r;
|
|
|
|
- if (is_all_zero(e, msg, "ecc vrf e"))
|
|
+ if (is_all_zero(e, "ecc vrf e"))
|
|
return -WD_EINVAL;
|
|
|
|
ret = qm_crypto_bin_to_hpre_bin(e->data, (const char *)e->data,
|
|
@@ -1274,7 +1278,7 @@ static int ecc_prepare_sm2_enc_in(struct wcrypto_ecc_msg *msg,
|
|
int ret;
|
|
|
|
if (ein->k_set) {
|
|
- if (is_all_zero(k, msg, "sm2 enc k"))
|
|
+ if (is_all_zero(k, "sm2 enc k"))
|
|
return -WD_EINVAL;
|
|
|
|
ret = qm_crypto_bin_to_hpre_bin(k->data, (const char *)k->data,
|
|
diff --git a/v1/wd_ecc.c b/v1/wd_ecc.c
|
|
index e108051..e6b771a 100644
|
|
--- a/v1/wd_ecc.c
|
|
+++ b/v1/wd_ecc.c
|
|
@@ -544,6 +544,7 @@ static struct wcrypto_ecc_in *create_ecc_sign_in(struct wcrypto_ecc_ctx *ctx,
|
|
{
|
|
if (is_dgst)
|
|
return create_ecc_in(ctx, ECC_SIGN_IN_PARAM_NUM);
|
|
+
|
|
return create_sm2_sign_in(ctx, m_len);
|
|
}
|
|
|
|
@@ -1489,7 +1490,6 @@ static int ecc_request_init(struct wcrypto_ecc_msg *req,
|
|
if (req->op_type == WCRYPTO_ECXDH_GEN_KEY ||
|
|
req->op_type == WCRYPTO_SM2_KG) {
|
|
struct wcrypto_ecc_point *g = NULL;
|
|
-
|
|
wcrypto_get_ecc_prikey_params((void *)key, NULL, NULL,
|
|
NULL, NULL, &g, NULL);
|
|
req->in = (void *)g;
|
|
@@ -1715,11 +1715,11 @@ static bool less_than_latter(struct wd_dtb *d, struct wd_dtb *n)
|
|
return ret < 0;
|
|
}
|
|
|
|
-static bool is_all_zero(struct wd_dtb *p, struct wcrypto_ecc_ctx *ctx)
|
|
+static bool is_all_zero(struct wd_dtb *p)
|
|
{
|
|
int i;
|
|
|
|
- for (i = 0; i < p->dsize && i < ctx->key_size; i++) {
|
|
+ for (i = 0; i < p->bsize; i++) {
|
|
if (p->data[i])
|
|
return false;
|
|
}
|
|
@@ -1733,7 +1733,7 @@ static bool check_k_param(struct wd_dtb *k, struct wcrypto_ecc_ctx *ctx)
|
|
int ret;
|
|
|
|
if (unlikely(!k->data)) {
|
|
- WD_ERR("error: k->data NULL!\n");
|
|
+ WD_ERR("invalid: k->data NULL!\n");
|
|
return false;
|
|
}
|
|
|
|
@@ -1744,12 +1744,12 @@ static bool check_k_param(struct wd_dtb *k, struct wcrypto_ecc_ctx *ctx)
|
|
}
|
|
|
|
if (unlikely(!less_than_latter(k, &cv->n))) {
|
|
- WD_ERR("error: k >= n\n");
|
|
+ WD_ERR("invalid: k >= n!\n");
|
|
return false;
|
|
}
|
|
|
|
- if (unlikely(is_all_zero(k, ctx))) {
|
|
- WD_ERR("error: k all zero\n");
|
|
+ if (unlikely(is_all_zero(k))) {
|
|
+ WD_ERR("invalid: k all zero!\n");
|
|
return false;
|
|
}
|
|
|
|
--
|
|
2.25.1
|
|
|