crypto: ecrdsa - Fix incorrect use of vli_cmp

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

Correctly compare values that shall be greater-or-equal and not just
greater.

Fixes: 0d7a78643f69 ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm")
Cc: <stable@vger.kernel.org>
Signed-off-by: Vitaly Chikunov <vt@altlinux.org>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

authored by

Vitaly Chikunov and committed by

Herbert Xu 4 years ago 7cc7ab73 4ee4cdad

+4 -4

1 changed file

expand all

crypto

ecrdsa.c

+4 -4

crypto/ecrdsa.c

··· 113 113 114 114 /* Step 1: verify that 0 < r < q, 0 < s < q */ 115 115 if (vli_is_zero(r, ndigits) || 116 - vli_cmp(r, ctx->curve->n, ndigits) == 1 || 116 + vli_cmp(r, ctx->curve->n, ndigits) >= 0 || 117 117 vli_is_zero(s, ndigits) || 118 - vli_cmp(s, ctx->curve->n, ndigits) == 1) 118 + vli_cmp(s, ctx->curve->n, ndigits) >= 0) 119 119 return -EKEYREJECTED; 120 120 121 121 /* Step 2: calculate hash (h) of the message (passed as input) */ 122 122 /* Step 3: calculate e = h \mod q */ 123 123 vli_from_le64(e, digest, ndigits); 124 - if (vli_cmp(e, ctx->curve->n, ndigits) == 1) 124 + if (vli_cmp(e, ctx->curve->n, ndigits) >= 0) 125 125 vli_sub(e, e, ctx->curve->n, ndigits); 126 126 if (vli_is_zero(e, ndigits)) 127 127 e[0] = 1; ··· 137 137 /* Step 6: calculate point C = z_1P + z_2Q, and R = x_c \mod q */ 138 138 ecc_point_mult_shamir(&cc, z1, &ctx->curve->g, z2, &ctx->pub_key, 139 139 ctx->curve); 140 - if (vli_cmp(cc.x, ctx->curve->n, ndigits) == 1) 140 + if (vli_cmp(cc.x, ctx->curve->n, ndigits) >= 0) 141 141 vli_sub(cc.x, cc.x, ctx->curve->n, ndigits); 142 142 143 143 /* Step 7: if R == r signature is valid */