From patchwork Tue Sep 10 14:30:29 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Wunner X-Patchwork-Id: 13798817 Received: from mailout2.hostsharing.net (mailout2.hostsharing.net [83.223.78.233]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id DE472195F22; Tue, 10 Sep 2024 15:35:05 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=83.223.78.233 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725982507; cv=none; b=FEvzhuvaa2qTqsVeVwkyt3HJSZRcjb59k3g8J+gE6WuhfrOpWlKru6tkNSGPtx0H0dmD82xi3jdeiN2XpS5L5ADcVKxIXoJWpV4Lm2tXfjnLMmqq2rA8xWLgrGTBJOWlCfKB2DJ9hM0RO07jNpgxbmdsqS5722enj2LhM6d/Qk8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1725982507; c=relaxed/simple; bh=eZgtMdv1E6YANDrs+KDmIkrxBja+PSfHQUsMgKoVjFg=; h=Message-ID:In-Reply-To:References:From:Date:Subject:To:Cc; b=JgKBhLViuK230ES6a+mq/U1Fqq7lRIrFEZnMy5Nqo3kS43xCd+5xm0dUpREfThTWYCG2146yqr4ixqEEnF9WpSlUGJhFON7V9MubdSTlkaag9AuUME9+TkGS7pPB4JlYQpe1tcX3Ba0L33JxslHtwmsfxrrsD/RzAlKCPxr4tY8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=wunner.de; spf=pass smtp.mailfrom=wunner.de; arc=none smtp.client-ip=83.223.78.233 Authentication-Results: smtp.subspace.kernel.org; dmarc=none (p=none dis=none) header.from=wunner.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=wunner.de Received: from h08.hostsharing.net (h08.hostsharing.net [83.223.95.28]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "*.hostsharing.net", Issuer "RapidSSL TLS RSA CA G1" (verified OK)) by mailout2.hostsharing.net (Postfix) with ESMTPS id 8B1FB10323575; Tue, 10 Sep 2024 17:35:03 +0200 (CEST) Received: from localhost (unknown [89.246.108.87]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (prime256v1) server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by h08.hostsharing.net (Postfix) with ESMTPSA id 6B5F760A8B01; Tue, 10 Sep 2024 17:35:03 +0200 (CEST) X-Mailbox-Line: From b74f4875ae056ff8aa20b7530fe4f41592581c63 Mon Sep 17 00:00:00 2001 Message-ID: In-Reply-To: References: From: Lukas Wunner Date: Tue, 10 Sep 2024 16:30:29 +0200 Subject: [PATCH v2 19/19] crypto: ecrdsa - Fix signature size calculation To: Herbert Xu , "David S. Miller" , Eric Biggers , Stefan Berger , Vitaly Chikunov , Tadeusz Struk Cc: David Howells , Andrew Zaborowski , Saulo Alessandre , Jonathan Cameron , Ignat Korchagin , Marek Behun , Varad Gautam , Stephan Mueller , Denis Kenzior , linux-crypto@vger.kernel.org, keyrings@vger.kernel.org Precedence: bulk X-Mailing-List: keyrings@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: software_key_query() returns the curve size as maximum signature size for ecrdsa. However it should return twice as much. It's only the maximum signature size that seems to be off. The maximum digest size is likewise set to the curve size, but that's correct as it matches the checks in ecrdsa_set_pub_key() and ecrdsa_verify(). Signed-off-by: Lukas Wunner --- crypto/ecrdsa.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/crypto/ecrdsa.c b/crypto/ecrdsa.c index f981b31f4249..b3dd8a3ddeb7 100644 --- a/crypto/ecrdsa.c +++ b/crypto/ecrdsa.c @@ -252,6 +252,13 @@ static unsigned int ecrdsa_key_size(struct crypto_sig *tfm) return ctx->pub_key.ndigits * sizeof(u64); } +static unsigned int ecrdsa_max_size(struct crypto_sig *tfm) +{ + struct ecrdsa_ctx *ctx = crypto_sig_ctx(tfm); + + return 2 * ctx->pub_key.ndigits * sizeof(u64); +} + static void ecrdsa_exit_tfm(struct crypto_sig *tfm) { } @@ -260,6 +267,7 @@ static struct sig_alg ecrdsa_alg = { .verify = ecrdsa_verify, .set_pub_key = ecrdsa_set_pub_key, .key_size = ecrdsa_key_size, + .max_size = ecrdsa_max_size, .exit = ecrdsa_exit_tfm, .base = { .cra_name = "ecrdsa",