In 'struct wd_dtb', the member 'bsize' indicates the whole buffer size of the data, the member 'dsize' indicates the valid size of the data. The 'bsize' is generally greater than or equal to 'dsize'. In some cases, the data will be filled with zero, the value of 'dsize' will not be updated, so directly using 'dsize' may truncate the data and cause erroneous judgement.
The solution is when check whether a 'struct wd_dtb' type variable is all zero, if 'bsize' is larger than 'dsize', the length of the data should be the value of 'bsize'. And the key size value is redundant.
Signed-off-by: Zhiqi Song songzhiqi1@huawei.com --- v1/drv/hisi_hpre_udrv.c | 19 +++++++++---------- v1/wd_ecc.c | 14 +++++++------- 2 files changed, 16 insertions(+), 17 deletions(-)
diff --git a/v1/drv/hisi_hpre_udrv.c b/v1/drv/hisi_hpre_udrv.c index 00ceec2..0eba2d6 100644 --- a/v1/drv/hisi_hpre_udrv.c +++ b/v1/drv/hisi_hpre_udrv.c @@ -1106,22 +1106,21 @@ static void correct_random(struct wd_dtb *k) k->data[lens] = 0; }
-static bool is_all_zero(struct wd_dtb *e, struct wcrypto_ecc_msg *msg, - const char *p_name) +static bool is_all_zero(struct wd_dtb *e, const char *p_name) { int i;
if (!e || !e->data) { - WD_ERR("%s: e or data NULL!\n", p_name); + WD_ERR("invalid: %s is NULL!\n", p_name); return true; }
- for (i = 0; i < e->dsize && i < msg->key_bytes; i++) { + for (i = 0; i < e->bsize; i++) { if (e->data[i]) return false; }
- WD_ERR("error: %s all zero!\n", p_name); + WD_ERR("invalid: %s all zero!\n", p_name);
return true; } @@ -1144,15 +1143,15 @@ static int ecc_prepare_sign_in(struct wcrypto_ecc_msg *msg, e = &in->dgst; if (!in->k_set) { if (msg->op_type != WCRYPTO_SM2_SIGN) { - WD_ERR("random k not set!\n"); + WD_ERR("invalid: random k not set!\n"); return -WD_EINVAL; } hw_msg->sm2_ksel = 1; - } else if (is_all_zero(k, msg, "ecc sgn k")) { + } else if (is_all_zero(k, "ecc sgn k")) { return -WD_EINVAL; }
- if (is_all_zero(e, msg, "ecc sgn e")) + if (is_all_zero(e, "ecc sgn e")) return -WD_EINVAL;
ret = qm_crypto_bin_to_hpre_bin(e->data, (const char *)e->data, @@ -1192,7 +1191,7 @@ static int ecc_prepare_verf_in(struct wcrypto_ecc_msg *msg, void **data) s = &vin->s; r = &vin->r;
- if (is_all_zero(e, msg, "ecc vrf e")) + if (is_all_zero(e, "ecc vrf e")) return -WD_EINVAL;
ret = qm_crypto_bin_to_hpre_bin(e->data, (const char *)e->data, @@ -1274,7 +1273,7 @@ static int ecc_prepare_sm2_enc_in(struct wcrypto_ecc_msg *msg, int ret;
if (ein->k_set) { - if (is_all_zero(k, msg, "sm2 enc k")) + if (is_all_zero(k, "sm2 enc k")) return -WD_EINVAL;
ret = qm_crypto_bin_to_hpre_bin(k->data, (const char *)k->data, diff --git a/v1/wd_ecc.c b/v1/wd_ecc.c index e108051..e6b771a 100644 --- a/v1/wd_ecc.c +++ b/v1/wd_ecc.c @@ -544,6 +544,7 @@ static struct wcrypto_ecc_in *create_ecc_sign_in(struct wcrypto_ecc_ctx *ctx, { if (is_dgst) return create_ecc_in(ctx, ECC_SIGN_IN_PARAM_NUM); + return create_sm2_sign_in(ctx, m_len); }
@@ -1489,7 +1490,6 @@ static int ecc_request_init(struct wcrypto_ecc_msg *req, if (req->op_type == WCRYPTO_ECXDH_GEN_KEY || req->op_type == WCRYPTO_SM2_KG) { struct wcrypto_ecc_point *g = NULL; - wcrypto_get_ecc_prikey_params((void *)key, NULL, NULL, NULL, NULL, &g, NULL); req->in = (void *)g; @@ -1715,11 +1715,11 @@ static bool less_than_latter(struct wd_dtb *d, struct wd_dtb *n) return ret < 0; }
-static bool is_all_zero(struct wd_dtb *p, struct wcrypto_ecc_ctx *ctx) +static bool is_all_zero(struct wd_dtb *p) { int i;
- for (i = 0; i < p->dsize && i < ctx->key_size; i++) { + for (i = 0; i < p->bsize; i++) { if (p->data[i]) return false; } @@ -1733,7 +1733,7 @@ static bool check_k_param(struct wd_dtb *k, struct wcrypto_ecc_ctx *ctx) int ret;
if (unlikely(!k->data)) { - WD_ERR("error: k->data NULL!\n"); + WD_ERR("invalid: k->data NULL!\n"); return false; }
@@ -1744,12 +1744,12 @@ static bool check_k_param(struct wd_dtb *k, struct wcrypto_ecc_ctx *ctx) }
if (unlikely(!less_than_latter(k, &cv->n))) { - WD_ERR("error: k >= n\n"); + WD_ERR("invalid: k >= n!\n"); return false; }
- if (unlikely(is_all_zero(k, ctx))) { - WD_ERR("error: k all zero\n"); + if (unlikely(is_all_zero(k))) { + WD_ERR("invalid: k all zero!\n"); return false; }