aboutsummaryrefslogtreecommitdiff
path: root/crypto/ecdsa.c
diff options
context:
space:
mode:
Diffstat (limited to 'crypto/ecdsa.c')
-rw-r--r--crypto/ecdsa.c34
1 files changed, 8 insertions, 26 deletions
diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c
index 258fffbf623d..d5a10959ec28 100644
--- a/crypto/ecdsa.c
+++ b/crypto/ecdsa.c
@@ -38,7 +38,6 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
size_t bufsize = ndigits * sizeof(u64);
ssize_t diff = vlen - bufsize;
const char *d = value;
- u8 rs[ECC_MAX_BYTES];
if (!value || !vlen)
return -EINVAL;
@@ -46,7 +45,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
/* diff = 0: 'value' has exacly the right size
* diff > 0: 'value' has too many bytes; one leading zero is allowed that
* makes the value a positive integer; error on more
- * diff < 0: 'value' is missing leading zeros, which we add
+ * diff < 0: 'value' is missing leading zeros
*/
if (diff > 0) {
/* skip over leading zeros that make 'value' a positive int */
@@ -61,14 +60,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
if (-diff >= bufsize)
return -EINVAL;
- if (diff) {
- /* leading zeros not given in 'value' */
- memset(rs, 0, -diff);
- }
-
- memcpy(&rs[-diff], d, vlen);
-
- ecc_swap_digits((u64 *)rs, dest, ndigits);
+ ecc_digits_from_bytes(d, vlen, dest, ndigits);
return 0;
}
@@ -142,10 +134,8 @@ static int ecdsa_verify(struct akcipher_request *req)
struct ecdsa_signature_ctx sig_ctx = {
.curve = ctx->curve,
};
- u8 rawhash[ECC_MAX_BYTES];
u64 hash[ECC_MAX_DIGITS];
unsigned char *buffer;
- ssize_t diff;
int ret;
if (unlikely(!ctx->pub_key_set))
@@ -164,18 +154,11 @@ static int ecdsa_verify(struct akcipher_request *req)
if (ret < 0)
goto error;
- /* if the hash is shorter then we will add leading zeros to fit to ndigits */
- diff = bufsize - req->dst_len;
- if (diff >= 0) {
- if (diff)
- memset(rawhash, 0, diff);
- memcpy(&rawhash[diff], buffer + req->src_len, req->dst_len);
- } else if (diff < 0) {
- /* given hash is longer, we take the left-most bytes */
- memcpy(&rawhash, buffer + req->src_len, bufsize);
- }
+ if (bufsize > req->dst_len)
+ bufsize = req->dst_len;
- ecc_swap_digits((u64 *)rawhash, hash, ctx->curve->g.ndigits);
+ ecc_digits_from_bytes(buffer + req->src_len, bufsize,
+ hash, ctx->curve->g.ndigits);
ret = _ecdsa_verify(ctx, hash, sig_ctx.r, sig_ctx.s);
@@ -215,9 +198,8 @@ static int ecdsa_ecc_ctx_reset(struct ecc_ctx *ctx)
}
/*
- * Set the public key given the raw uncompressed key data from an X509
- * certificate. The key data contain the concatenated X and Y coordinates of
- * the public key.
+ * Set the public ECC key as defined by RFC5480 section 2.2 "Subject Public
+ * Key". Only the uncompressed format is supported.
*/
static int ecdsa_set_pub_key(struct crypto_akcipher *tfm, const void *key, unsigned int keylen)
{
Powered by cgit, Gruvboxed by Blaster4385.