Commit b35e286a authored by Dmitry Kasatkin's avatar Dmitry Kasatkin Committed by James Morris

lib/digsig: pkcs_1_v1_5_decode_emsa cleanup

Removed useless 'is_valid' variable in pkcs_1_v1_5_decode_emsa(),
which was inhereted from original code. Client now uses return value
to check for an error.
Signed-off-by: default avatarDmitry Kasatkin <dmitry.kasatkin@intel.com>
Reviewed-by: default avatarTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent f58a0815
...@@ -34,14 +34,9 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg, ...@@ -34,14 +34,9 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
unsigned long msglen, unsigned long msglen,
unsigned long modulus_bitlen, unsigned long modulus_bitlen,
unsigned char *out, unsigned char *out,
unsigned long *outlen, unsigned long *outlen)
int *is_valid)
{ {
unsigned long modulus_len, ps_len, i; unsigned long modulus_len, ps_len, i;
int result;
/* default to invalid packet */
*is_valid = 0;
modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
...@@ -50,39 +45,30 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg, ...@@ -50,39 +45,30 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
return -EINVAL; return -EINVAL;
/* separate encoded message */ /* separate encoded message */
if ((msg[0] != 0x00) || (msg[1] != (unsigned char)1)) { if ((msg[0] != 0x00) || (msg[1] != (unsigned char)1))
result = -EINVAL; return -EINVAL;
goto bail;
}
for (i = 2; i < modulus_len - 1; i++) for (i = 2; i < modulus_len - 1; i++)
if (msg[i] != 0xFF) if (msg[i] != 0xFF)
break; break;
/* separator check */ /* separator check */
if (msg[i] != 0) { if (msg[i] != 0)
/* There was no octet with hexadecimal value 0x00 /* There was no octet with hexadecimal value 0x00
to separate ps from m. */ to separate ps from m. */
result = -EINVAL; return -EINVAL;
goto bail;
}
ps_len = i - 2; ps_len = i - 2;
if (*outlen < (msglen - (2 + ps_len + 1))) { if (*outlen < (msglen - (2 + ps_len + 1))) {
*outlen = msglen - (2 + ps_len + 1); *outlen = msglen - (2 + ps_len + 1);
result = -EOVERFLOW; return -EOVERFLOW;
goto bail;
} }
*outlen = (msglen - (2 + ps_len + 1)); *outlen = (msglen - (2 + ps_len + 1));
memcpy(out, &msg[2 + ps_len + 1], *outlen); memcpy(out, &msg[2 + ps_len + 1], *outlen);
/* valid packet */ return 0;
*is_valid = 1;
result = 0;
bail:
return result;
} }
/* /*
...@@ -96,7 +82,7 @@ static int digsig_verify_rsa(struct key *key, ...@@ -96,7 +82,7 @@ static int digsig_verify_rsa(struct key *key,
unsigned long len; unsigned long len;
unsigned long mlen, mblen; unsigned long mlen, mblen;
unsigned nret, l; unsigned nret, l;
int valid, head, i; int head, i;
unsigned char *out1 = NULL, *out2 = NULL; unsigned char *out1 = NULL, *out2 = NULL;
MPI in = NULL, res = NULL, pkey[2]; MPI in = NULL, res = NULL, pkey[2];
uint8_t *p, *datap, *endp; uint8_t *p, *datap, *endp;
...@@ -172,10 +158,9 @@ static int digsig_verify_rsa(struct key *key, ...@@ -172,10 +158,9 @@ static int digsig_verify_rsa(struct key *key,
memset(out1, 0, head); memset(out1, 0, head);
memcpy(out1 + head, p, l); memcpy(out1 + head, p, l);
err = -EINVAL; err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len, &valid);
if (valid && len == hlen) if (!err && len == hlen)
err = memcmp(out2, h, hlen); err = memcmp(out2, h, hlen);
err: err:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment