| Message ID | 20240418152445.2773042-1-stefanb@linux.ibm.com (mailing list archive) |
|---|---|
| Headers | show |
| Series | crypto: ecdh & ecc: Fix private key byte ordering issues | expand |
Both patches look good to me. On Thursday, 18 April 2024 17:24:43 CEST, Stefan Berger wrote: > The 1st patch fixes a byte ordering issue where ctx->private_key is > currently passed to ecc_is_key_valid but the key is in reverse byte order. > To solve this issue it introduces the variable 'priv', that is already used > throughout the ecc and ecdh code bases for a private key in proper byte > order, and calls ecc_is_key_valid with 'priv'. Note that ecc_gen_privkey > also calls __ecc_is_key_valid with 'priv' already. > > The 2nd patch gets rid of the 'priv' variable wherever it is used to hold > a private key (byte-swapped initialized from ctx->private_key) in proper > byte order and uses ctx->private_key directly that is now initialized in > proper byte order. > > Regards, > Stefan > > v3: > - Added Jarkko's A-b tag > - Expanded on the description of changes to ecc_gen_privkey (2/2) > > v2: > - Added missing zeroizing of priv variable (1/2) > - Improved patch description (2/2) > > > > > Stefan Berger (2): > crypto: ecdh - Pass private key in proper byte order to check valid > key > crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order > > crypto/ecc.c | 29 ++++++++++------------------- > crypto/ecdh.c | 9 ++++++--- > include/crypto/internal/ecc.h | 3 ++- > 3 files changed, 18 insertions(+), 23 deletions(-) >
On Thu, Apr 18, 2024 at 11:24:43AM -0400, Stefan Berger wrote: > The 1st patch fixes a byte ordering issue where ctx->private_key is > currently passed to ecc_is_key_valid but the key is in reverse byte order. > To solve this issue it introduces the variable 'priv', that is already used > throughout the ecc and ecdh code bases for a private key in proper byte > order, and calls ecc_is_key_valid with 'priv'. Note that ecc_gen_privkey > also calls __ecc_is_key_valid with 'priv' already. > > The 2nd patch gets rid of the 'priv' variable wherever it is used to hold > a private key (byte-swapped initialized from ctx->private_key) in proper > byte order and uses ctx->private_key directly that is now initialized in > proper byte order. > > Regards, > Stefan > > v3: > - Added Jarkko's A-b tag > - Expanded on the description of changes to ecc_gen_privkey (2/2) > > v2: > - Added missing zeroizing of priv variable (1/2) > - Improved patch description (2/2) > > > > > Stefan Berger (2): > crypto: ecdh - Pass private key in proper byte order to check valid > key > crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order > > crypto/ecc.c | 29 ++++++++++------------------- > crypto/ecdh.c | 9 ++++++--- > include/crypto/internal/ecc.h | 3 ++- > 3 files changed, 18 insertions(+), 23 deletions(-) > > -- > 2.43.0 All applied. Thanks.
The 1st patch fixes a byte ordering issue where ctx->private_key is currently passed to ecc_is_key_valid but the key is in reverse byte order. To solve this issue it introduces the variable 'priv', that is already used throughout the ecc and ecdh code bases for a private key in proper byte order, and calls ecc_is_key_valid with 'priv'. Note that ecc_gen_privkey also calls __ecc_is_key_valid with 'priv' already. The 2nd patch gets rid of the 'priv' variable wherever it is used to hold a private key (byte-swapped initialized from ctx->private_key) in proper byte order and uses ctx->private_key directly that is now initialized in proper byte order. Regards, Stefan v3: - Added Jarkko's A-b tag - Expanded on the description of changes to ecc_gen_privkey (2/2) v2: - Added missing zeroizing of priv variable (1/2) - Improved patch description (2/2) Stefan Berger (2): crypto: ecdh - Pass private key in proper byte order to check valid key crypto: ecdh & ecc - Initialize ctx->private_key in proper byte order crypto/ecc.c | 29 ++++++++++------------------- crypto/ecdh.c | 9 ++++++--- include/crypto/internal/ecc.h | 3 ++- 3 files changed, 18 insertions(+), 23 deletions(-)