On Mon, Dec 12, 2022 at 10:07:38AM +0100, Roberto Sassu wrote: > > The problem is a misalignment between req->src_len (set to sig->s_size > by akcipher_request_set_crypt()) and the length of the scatterlist (if > we set the latter to sig->s_size + sig->digest_size). > > When rsa_enc() calls mpi_read_raw_from_sgl(), it passes req->src_len as > argument, and the latter allocates the MPI according to that. However, > it does parsing depending on the length of the scatterlist. > > If there are two scatterlists, it is not a problem, there is no > misalignment. mpi_read_raw_from_sgl() picks the first. If there is just > one, mpi_read_raw_from_sgl() parses all data there. Thanks for the explanation. That's definitely a bug which should be fixed either in the RSA code or in MPI. I'll look into it. Cheers, -- Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
