Re: [RFC PATCH] crypto: RSA padding transform

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Andrew,
On 09/05/2015 04:00 PM, Andrew Zaborowski wrote:
> +static int crypto_akcipher_init(struct crypto_tfm *tfm, u32 type, u32 mask)
> +{
> +	return 0;
> +}
> +

This is not needed I think.

> 
> +static int pkcs1pad_decrypt_complete(struct akcipher_request *req, int err)
> +{
> +	struct akcipher_request *child_req = akcipher_request_ctx(req);
> +	int pos;
> +	uint8_t *dst = child_req->dst;
> +
> +	BUG_ON(err == -EOVERFLOW);
> +
> +	if (err)
> +		goto done;
> +
> +	if (dst[0] != 0x00) {
> +		err = -EINVAL;
> +		goto done;
> +	}

This won't work I'm afraid, because MPI strips all leading zeors. 

> +	if (dst[1] != 0x02) {
> +		err = -EINVAL;
> +		goto done;
> +	}
> 
> +static int pkcs1pad_verify_complete(struct akcipher_request *req, int err)
> +{
> +	struct akcipher_request *child_req = akcipher_request_ctx(req);
> +	int pos;
> +	uint8_t *dst = child_req->dst;
> +
> +	BUG_ON(err == -EOVERFLOW);
> +
> +	if (err)
> +		goto done;
> +
> +	if (dst[0] != 0x00) {
> +		err = -EINVAL;
> +		goto done;
> +	}

same here the zero will be stripped off.

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux