On Mon May 27, 2024 at 8:25 PM EEST, Jarkko Sakkinen wrote: > Hi, > > The documentation of ecdsa_set_pub_key() is the following: > > /* > * Set the public key given the raw uncompressed key data from an X509 > * certificate. The key data contain the concatenated X and Y coordinates of > * the public key. > */ > > If you interpret this literally it would mean 64 bytes buffer for p256 > with two 32 byte blobs for x and y. > > With such buffer the function fails with -EINVAL, which is obvious from > the code that does checks on the contents. > > Instead of responding to this, can you please fix the documentation bug? > > There was also badly documented stuff in akcipher that has been > unreacted so far so putting also that one here: > > https://lore.kernel.org/keyrings/D1HCVOZ1IN7S.1SUZ75QRE8QUZ@xxxxxxxxxx/ > > BR, Jarkko The best reference I could quickly find is Wikipedia: "The older uncompressed keys are 65 bytes, consisting of constant prefix (0x04), followed by two 256-bit integers called x and y (2 * 32 bytes). The prefix of a compressed key allows for the y value to be derived from the x value." The documentation says absolutely nothing about the prefix byte, and neither Wikipedia nor kernel documentation has a reference to this "older format". BR, Jarkko
