Herbert -
On Thu, 22 Sep 2016, Herbert Xu wrote:
On Wed, Sep 21, 2016 at 04:39:30PM -0700, Mat Martineau wrote:
There was a regression in pkcs1pad signature verification, related
to signature verification, that you fixed in commit 27710b8ea3defcb:
https://git.kernel.org/cgit/linux/kernel/git/herbert/crypto-2.6.git/commit/?id=27710b8ea3defcbd7d340dbd0423d911b4eb7c4f
There is a very similar problem in the decrypt operation, which was
not adjusted for the leading zero changes. See
pkcs1pad_decrypt_complete().
I haven't had a chance to test a fix yet, but with the final 4.8
release coming up very soon I wanted to report the issue.
Thanks. This patch should fix the problem.
---8<---
crypto: rsa-pkcs1pad - Handle leading zero for decryption
As the software RSA implementation now produces fixed-length
output, we need to eliminate leading zeros in the calling code
instead.
This patch does just that for pkcs1pad decryption while signature
verification was fixed in an earlier patch.
Fixes: 9b45b7bba3d2 ("crypto: rsa - Generate fixed-length output")
Reported-by: Mat Martineau <mathew.j.martineau@xxxxxxxxxxxxxxx>
Signed-off-by: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
This patch does fix the decrypt problem, my tests are now passing. Thank
you.
--
Mat Martineau
Intel OTC
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
