crypto: ecc - Fix off-by-one missing to clear most significant digit

stefanberger · gregkh · commit b557ccd62c5c · 2024-09-08T07:56:40.000+02:00
[ Upstream commit 1dcf865 ] Fix an off-by-one error where the most significant digit was not initialized leading to signature verification failures by the testmgr. Example: If a curve requires ndigits (=9) and diff (=2) indicates that 2 digits need to be set to zero then start with digit 'ndigits - diff' (=7) and clear 'diff' digits starting from there, so 7 and 8. Reported-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> Closes: https://lore.kernel.org/linux-crypto/619bc2de-b18a-4939-a652-9ca886bf6349@linux.ibm.com/T/#m045d8812409ce233c17fcdb8b88b6629c671f9f4 Fixes: 2fd2a82 ("crypto: ecdsa - Use ecc_digits_from_bytes to create hash digits array") Signed-off-by: Stefan Berger <stefanb@linux.ibm.com> Tested-by: Venkat Rao Bagalkote <venkat88@linux.vnet.ibm.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au> Signed-off-by: Sasha Levin <sashal@kernel.org>
diff --git a/crypto/ecc.c b/crypto/ecc.c
@@ -78,7 +78,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,
 	/* diff > 0: not enough input bytes: set most significant digits to 0 */
 	if (diff > 0) {
 		ndigits -= diff;
-		memset(&out[ndigits - 1], 0, diff * sizeof(u64));
+		memset(&out[ndigits], 0, diff * sizeof(u64));
 	}
 
 	if (o) {

Original file line number	Diff line number	Diff line change
`@@ -78,7 +78,7 @@ void ecc_digits_from_bytes(const u8 *in, unsigned int nbytes,`
`78`	`78`	`/* diff > 0: not enough input bytes: set most significant digits to 0 */`
`79`	`79`	`if (diff > 0) {`
`80`	`80`	`ndigits -= diff;`
`81`		`- memset(&out[ndigits - 1], 0, diff * sizeof(u64));`
	`81`	`+ memset(&out[ndigits], 0, diff * sizeof(u64));`
`82`	`82`	`}`
`83`	`83`
`84`	`84`	`if (o) {`