On 6/3/2023 6:02 PM, Eric Biggers wrote:
On Sat, Jun 03, 2023 at 12:41:00PM +0200, Roberto Sassu wrote:
On 6/3/2023 2:02 AM, Linus Torvalds wrote:
On Fri, Jun 2, 2023 at 1:38 PM Linus Torvalds
<torvalds@xxxxxxxxxxxxxxxxxxxx> wrote:
The patch re-uses the allocation it already does for the key data, and
it seems sane.
Ugh. I had to check that it was ok to re-use the key buffer, but it
does seem to be the case that you can just re-use the buffer after
you've done that crypto_akcipher_set_priv/pub_key() call, and the
crypto layer has to copy it into its own data structures.
Yes, we could not do it if the set_pub_key/set_priv_key methods use
internally the passed pointer. I guess it depends on the methods, for RSA
and ECDSA it seems fine (they copy to a different location).
The doubt comes because the buffer is freed after crypto_wait_req() and not
after crypto_akcipher_set_*_key(), suggesting that it could be actually used
during the crypto operation.
Rechecked the thread, and the suggestion to reuse the buffer and not append
the signature and digest at the end was by Eric Biggers.
Eric, in light of this finding, should we still reuse the buffer?
I don't think there was any "finding" here. The setkey methods in the crypto
API aren't allowed to reuse the buffer they are passed, so the patch is fine.
That was the information I was missing.
Thanks!
Roberto