crypto: hisilicon/hpre - ensure private key less than n

The private key of the curve key size generated by stdrng, which maybe not less than n. Therefore, the private key with the curve key size minus 1 is generated to ensure that the private key is less than n. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

crypto: hisilicon/hpre - ensure private key less than n
The private key of the curve key size generated by stdrng, which maybe not less than n. Therefore, the private key with the curve key size minus 1 is generated to ensure that the private key is less than n. Signed-off-by: Weili Qian <qianweili@huawei.com> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
b0ab0797 · Weili Qian · Herbert Xu · b3882fa2 · b0ab0797
Commit b0ab0797 authored Jul 07, 2023 by Weili Qian Committed by Herbert Xu Jul 20, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 2 deletions

drivers/crypto/hisilicon/hpre/hpre_crypto.c drivers/crypto/hisilicon/hpre/hpre_crypto.c +8 -2

No files found.
--- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
+++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
@@ -1392,9 +1392,9 @@ static int hpre_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
 				unsigned int len)
 {
 	struct hpre_ctx *ctx = kpp_tfm_ctx(tfm);
+	unsigned int sz, sz_shift, curve_sz;
 	struct device *dev = ctx->dev;
 	char key[HPRE_ECC_MAX_KSZ];
-	unsigned int sz, sz_shift;
 	struct ecdh params;
 	int ret;
@@ -1406,7 +1406,13 @@ static int hpre_ecdh_set_secret(struct crypto_kpp *tfm, const void *buf,
 	/* Use stdrng to generate private key */
 	if (!params.key || !params.key_size) {
 		params.key = key;
-		params.key_size = hpre_ecdh_get_curvesz(ctx->curve_id);
+		curve_sz = hpre_ecdh_get_curvesz(ctx->curve_id);
+		if (!curve_sz) {
+			dev_err(dev, "Invalid curve size!\n");
+			return -EINVAL;
+		}
+		params.key_size = curve_sz - 1;
 		ret = ecdh_gen_privkey(ctx, &params);
 		if (ret)
 			return ret;