[v2,0/4] ecdsa KEYCTL_PKEY_QUERY fixes

Message ID	cover.1738521533.git.lukas@wunner.de (mailing list archive)
Headers	show Received: from mailout2.hostsharing.net (mailout2.hostsharing.net [83.223.78.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 023A01FDA99; Sun, 2 Feb 2025 19:09:37 +0000 (UTC) Message-ID: <cover.1738521533.git.lukas@wunner.de> From: Lukas Wunner <lukas@wunner.de> Date: Sun, 2 Feb 2025 20:00:50 +0100 Subject: [PATCH v2 0/4] ecdsa KEYCTL_PKEY_QUERY fixes To: Herbert Xu <herbert@gondor.apana.org.au>, "David S. Miller" <davem@davemloft.net>, Stefan Berger <stefanb@linux.ibm.com>, Vitaly Chikunov <vt@altlinux.org> Cc: David Howells <dhowells@redhat.com>, Ignat Korchagin <ignat@cloudflare.com>, linux-crypto@vger.kernel.org, keyrings@vger.kernel.org Precedence: bulk
Series	ecdsa KEYCTL_PKEY_QUERY fixes \| expand [v2,0/4] ecdsa KEYCTL_PKEY_QUERY fixes [v2,1/4] crypto: sig - Prepare for algorithms with variable signature size [v2,2/4] crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP() [v2,3/4] crypto: ecdsa - Fix enc/dec size reported by KEYCTL_PKEY_QUERY [v2,4/4] crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY

Message ID

cover.1738521533.git.lukas@wunner.de (mailing list archive)

Headers

Message-ID: <cover.1738521533.git.lukas@wunner.de>
From: Lukas Wunner <lukas@wunner.de>
Date: Sun, 2 Feb 2025 20:00:50 +0100
Subject: [PATCH v2 0/4] ecdsa KEYCTL_PKEY_QUERY fixes
To: Herbert Xu <herbert@gondor.apana.org.au>,
 "David S. Miller" <davem@davemloft.net>,
 Stefan Berger <stefanb@linux.ibm.com>, Vitaly Chikunov <vt@altlinux.org>
Cc: David Howells <dhowells@redhat.com>,
 Ignat Korchagin <ignat@cloudflare.com>, linux-crypto@vger.kernel.org,
 keyrings@vger.kernel.org
Precedence: bulk

Series

ecdsa KEYCTL_PKEY_QUERY fixes | expand

Message

Lukas Wunner Feb. 2, 2025, 7 p.m. UTC

For ecdsa, KEYCTL_PKEY_QUERY reports nonsensical values for
enc/dec size and (for P521 keys) also the key size.
Second attempt at fixing them.

Changes v1 -> v2:

* New patch [2/4] to introduce DIV_ROUND_UP_POW2(), which avoids
  integer overflows that may occur with DIV_ROUND_UP() (Herbert)

* Amend patch [4/4] to use DIV_ROUND_UP_POW2() (Herbert)

* Amend patch [4/4] to use BITS_PER_BYTE for clarity

Link to v1:

  https://lore.kernel.org/r/cover.1735236227.git.lukas@wunner.de

Lukas Wunner (4):
  crypto: sig - Prepare for algorithms with variable signature size
  crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()
  crypto: ecdsa - Fix enc/dec size reported by KEYCTL_PKEY_QUERY
  crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY

 crypto/asymmetric_keys/public_key.c | 22 +++++++++++-----------
 crypto/ecc.c                        |  2 +-
 crypto/ecdsa-p1363.c                |  8 +++++---
 crypto/ecdsa-x962.c                 |  7 ++++---
 crypto/ecdsa.c                      |  2 +-
 crypto/ecrdsa.c                     |  2 +-
 crypto/rsassa-pkcs1.c               |  4 ++--
 crypto/sig.c                        |  9 +++++++--
 crypto/testmgr.c                    |  7 ++++---
 include/crypto/sig.h                |  7 ++++---
 include/linux/math.h                | 12 ++++++++++++
 11 files changed, 52 insertions(+), 30 deletions(-)

Comments

Herbert Xu Feb. 9, 2025, 10:25 a.m. UTC | #1

On Sun, Feb 02, 2025 at 08:00:50PM +0100, Lukas Wunner wrote:
> For ecdsa, KEYCTL_PKEY_QUERY reports nonsensical values for
> enc/dec size and (for P521 keys) also the key size.
> Second attempt at fixing them.
> 
> Changes v1 -> v2:
> 
> * New patch [2/4] to introduce DIV_ROUND_UP_POW2(), which avoids
>   integer overflows that may occur with DIV_ROUND_UP() (Herbert)
> 
> * Amend patch [4/4] to use DIV_ROUND_UP_POW2() (Herbert)
> 
> * Amend patch [4/4] to use BITS_PER_BYTE for clarity
> 
> Link to v1:
> 
>   https://lore.kernel.org/r/cover.1735236227.git.lukas@wunner.de
> 
> Lukas Wunner (4):
>   crypto: sig - Prepare for algorithms with variable signature size
>   crypto: ecdsa - Harden against integer overflows in DIV_ROUND_UP()
>   crypto: ecdsa - Fix enc/dec size reported by KEYCTL_PKEY_QUERY
>   crypto: ecdsa - Fix NIST P521 key size reported by KEYCTL_PKEY_QUERY
> 
>  crypto/asymmetric_keys/public_key.c | 22 +++++++++++-----------
>  crypto/ecc.c                        |  2 +-
>  crypto/ecdsa-p1363.c                |  8 +++++---
>  crypto/ecdsa-x962.c                 |  7 ++++---
>  crypto/ecdsa.c                      |  2 +-
>  crypto/ecrdsa.c                     |  2 +-
>  crypto/rsassa-pkcs1.c               |  4 ++--
>  crypto/sig.c                        |  9 +++++++--
>  crypto/testmgr.c                    |  7 ++++---
>  include/crypto/sig.h                |  7 ++++---
>  include/linux/math.h                | 12 ++++++++++++
>  11 files changed, 52 insertions(+), 30 deletions(-)
> 
> -- 
> 2.43.0

Patches 1-2 applied.  Thanks.