* [PATCH 4.3.y] crypto: fix test vector for rsa
@ 2016-01-14 4:57 Tadeusz Struk
2016-02-02 0:52 ` Greg KH
2016-02-14 21:04 ` Patch "crypto: fix test vector for rsa" has been added to the 4.3-stable tree gregkh
0 siblings, 2 replies; 4+ messages in thread
From: Tadeusz Struk @ 2016-01-14 4:57 UTC (permalink / raw)
To: Greg KH
Cc: stable, Herbert Xu, Linux Crypto Mailing List,
Linux Kernel Developers List, David Howells
Hi,
After the fix to the asn1_decoder in commit: 0d62e9dd
"ASN.1: Fix non-match detection failure on data overrun"
the rsa algorithm is failing to register in 4.3 stable kernels with
error: "alg: rsa: test failed on vector 4, err=-74"
This happens because the asn1 definition for the rsa key that has been
added in 4.2 defined all 3 components of the key as non-optional, as
the asn1_decoder before the fix was working fine for both the private
and public keys.
This patch adds the missing (fake) component to one key vector to allow
the algorithm to successfully register and be used with a valid private
keys later. This is only to make the asn1_decoder successfully parse the
key and the fake component is never used in the test as the vector is
marked as public key.
This patch applies only to 4.3 kernels as the 4.2 version of asn1_decoder
works fine with the asn1 definition.
4.4 is also ok because the akcipher interface has been changed, and
the set_key function has been split into set_public_key and set_priv_key
and there are two separate asn1 definitions for the two key formats
with all the required components correctly defined (commit 22287b0).
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
---
diff --git a/crypto/testmgr.h b/crypto/testmgr.h
index 64b8a80..450f30e 100644
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -270,7 +270,7 @@ static struct akcipher_testvec rsa_tv_template[] = {
.c_size = 256,
}, {
.key =
- "\x30\x82\x01\x09" /* sequence of 265 bytes */
+ "\x30\x82\x01\x0C" /* sequence of 268 bytes */
"\x02\x82\x01\x00" /* modulus - integer of 256 bytes */
"\xDB\x10\x1A\xC2\xA3\xF1\xDC\xFF\x13\x6B\xED\x44\xDF\xF0\x02\x6D"
"\x13\xC7\x88\xDA\x70\x6B\x54\xF1\xE8\x27\xDC\xC3\x0F\x99\x6A\xFA"
@@ -288,8 +288,9 @@ static struct akcipher_testvec rsa_tv_template[] = {
"\x55\xE6\x29\x69\xD1\xC2\xE8\xB9\x78\x59\xF6\x79\x10\xC6\x4E\xEB"
"\x6A\x5E\xB9\x9A\xC7\xC4\x5B\x63\xDA\xA3\x3F\x5E\x92\x7A\x81\x5E"
"\xD6\xB0\xE2\x62\x8F\x74\x26\xC2\x0C\xD3\x9A\x17\x47\xE6\x8E\xAB"
- "\x02\x03\x01\x00\x01", /* public key - integer of 3 bytes */
- .key_len = 269,
+ "\x02\x03\x01\x00\x01" /* public key - integer of 3 bytes */
+ "\x02\x01\x00", /* private key - integer of 1 byte */
+ .key_len = 272,
.m = "\x54\x85\x9b\x34\x2c\x49\xea\x2a",
.c =
"\xb2\x97\x76\xb4\xae\x3e\x38\x3c\x7e\x64\x1f\xcc\xa2\x7f\xf6\xbe"
--
TS
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 4.3.y] crypto: fix test vector for rsa
2016-01-14 4:57 [PATCH 4.3.y] crypto: fix test vector for rsa Tadeusz Struk
@ 2016-02-02 0:52 ` Greg KH
2016-02-02 3:20 ` Herbert Xu
2016-02-14 21:04 ` Patch "crypto: fix test vector for rsa" has been added to the 4.3-stable tree gregkh
1 sibling, 1 reply; 4+ messages in thread
From: Greg KH @ 2016-02-02 0:52 UTC (permalink / raw)
To: Tadeusz Struk
Cc: stable, Herbert Xu, Linux Crypto Mailing List,
Linux Kernel Developers List, David Howells
On Wed, Jan 13, 2016 at 08:57:40PM -0800, Tadeusz Struk wrote:
> Hi,
> After the fix to the asn1_decoder in commit: 0d62e9dd
> "ASN.1: Fix non-match detection failure on data overrun"
> the rsa algorithm is failing to register in 4.3 stable kernels with
> error: "alg: rsa: test failed on vector 4, err=-74"
>
> This happens because the asn1 definition for the rsa key that has been
> added in 4.2 defined all 3 components of the key as non-optional, as
> the asn1_decoder before the fix was working fine for both the private
> and public keys.
>
> This patch adds the missing (fake) component to one key vector to allow
> the algorithm to successfully register and be used with a valid private
> keys later. This is only to make the asn1_decoder successfully parse the
> key and the fake component is never used in the test as the vector is
> marked as public key.
>
> This patch applies only to 4.3 kernels as the 4.2 version of asn1_decoder
> works fine with the asn1 definition.
> 4.4 is also ok because the akcipher interface has been changed, and
> the set_key function has been split into set_public_key and set_priv_key
> and there are two separate asn1 definitions for the two key formats
> with all the required components correctly defined (commit 22287b0).
>
> Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
> ---
> diff --git a/crypto/testmgr.h b/crypto/testmgr.h
> index 64b8a80..450f30e 100644
> --- a/crypto/testmgr.h
> +++ b/crypto/testmgr.h
> @@ -270,7 +270,7 @@ static struct akcipher_testvec rsa_tv_template[] = {
> .c_size = 256,
> }, {
> .key =
> - "\x30\x82\x01\x09" /* sequence of 265 bytes */
> + "\x30\x82\x01\x0C" /* sequence of 268 bytes */
> "\x02\x82\x01\x00" /* modulus - integer of 256 bytes */
> "\xDB\x10\x1A\xC2\xA3\xF1\xDC\xFF\x13\x6B\xED\x44\xDF\xF0\x02\x6D"
> "\x13\xC7\x88\xDA\x70\x6B\x54\xF1\xE8\x27\xDC\xC3\x0F\x99\x6A\xFA"
> @@ -288,8 +288,9 @@ static struct akcipher_testvec rsa_tv_template[] = {
> "\x55\xE6\x29\x69\xD1\xC2\xE8\xB9\x78\x59\xF6\x79\x10\xC6\x4E\xEB"
> "\x6A\x5E\xB9\x9A\xC7\xC4\x5B\x63\xDA\xA3\x3F\x5E\x92\x7A\x81\x5E"
> "\xD6\xB0\xE2\x62\x8F\x74\x26\xC2\x0C\xD3\x9A\x17\x47\xE6\x8E\xAB"
> - "\x02\x03\x01\x00\x01", /* public key - integer of 3 bytes */
> - .key_len = 269,
> + "\x02\x03\x01\x00\x01" /* public key - integer of 3 bytes */
> + "\x02\x01\x00", /* private key - integer of 1 byte */
> + .key_len = 272,
> .m = "\x54\x85\x9b\x34\x2c\x49\xea\x2a",
> .c =
> "\xb2\x97\x76\xb4\xae\x3e\x38\x3c\x7e\x64\x1f\xcc\xa2\x7f\xf6\xbe"
>
I need an ack from the maintainer of this subsystem before I can take a
patch that is not already upstream in Linus's tree...
thanks,
greg k-h
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 4.3.y] crypto: fix test vector for rsa
2016-02-02 0:52 ` Greg KH
@ 2016-02-02 3:20 ` Herbert Xu
0 siblings, 0 replies; 4+ messages in thread
From: Herbert Xu @ 2016-02-02 3:20 UTC (permalink / raw)
To: Greg KH
Cc: Tadeusz Struk, stable, Linux Crypto Mailing List,
Linux Kernel Developers List, David Howells
On Mon, Feb 01, 2016 at 04:52:53PM -0800, Greg KH wrote:
> On Wed, Jan 13, 2016 at 08:57:40PM -0800, Tadeusz Struk wrote:
> > Hi,
> > After the fix to the asn1_decoder in commit: 0d62e9dd
> > "ASN.1: Fix non-match detection failure on data overrun"
> > the rsa algorithm is failing to register in 4.3 stable kernels with
> > error: "alg: rsa: test failed on vector 4, err=-74"
> >
> > This happens because the asn1 definition for the rsa key that has been
> > added in 4.2 defined all 3 components of the key as non-optional, as
> > the asn1_decoder before the fix was working fine for both the private
> > and public keys.
> >
> > This patch adds the missing (fake) component to one key vector to allow
> > the algorithm to successfully register and be used with a valid private
> > keys later. This is only to make the asn1_decoder successfully parse the
> > key and the fake component is never used in the test as the vector is
> > marked as public key.
> >
> > This patch applies only to 4.3 kernels as the 4.2 version of asn1_decoder
> > works fine with the asn1 definition.
> > 4.4 is also ok because the akcipher interface has been changed, and
> > the set_key function has been split into set_public_key and set_priv_key
> > and there are two separate asn1 definitions for the two key formats
> > with all the required components correctly defined (commit 22287b0).
> >
> > Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
> > ---
> > diff --git a/crypto/testmgr.h b/crypto/testmgr.h
> > index 64b8a80..450f30e 100644
> > --- a/crypto/testmgr.h
> > +++ b/crypto/testmgr.h
> > @@ -270,7 +270,7 @@ static struct akcipher_testvec rsa_tv_template[] = {
> > .c_size = 256,
> > }, {
> > .key =
> > - "\x30\x82\x01\x09" /* sequence of 265 bytes */
> > + "\x30\x82\x01\x0C" /* sequence of 268 bytes */
> > "\x02\x82\x01\x00" /* modulus - integer of 256 bytes */
> > "\xDB\x10\x1A\xC2\xA3\xF1\xDC\xFF\x13\x6B\xED\x44\xDF\xF0\x02\x6D"
> > "\x13\xC7\x88\xDA\x70\x6B\x54\xF1\xE8\x27\xDC\xC3\x0F\x99\x6A\xFA"
> > @@ -288,8 +288,9 @@ static struct akcipher_testvec rsa_tv_template[] = {
> > "\x55\xE6\x29\x69\xD1\xC2\xE8\xB9\x78\x59\xF6\x79\x10\xC6\x4E\xEB"
> > "\x6A\x5E\xB9\x9A\xC7\xC4\x5B\x63\xDA\xA3\x3F\x5E\x92\x7A\x81\x5E"
> > "\xD6\xB0\xE2\x62\x8F\x74\x26\xC2\x0C\xD3\x9A\x17\x47\xE6\x8E\xAB"
> > - "\x02\x03\x01\x00\x01", /* public key - integer of 3 bytes */
> > - .key_len = 269,
> > + "\x02\x03\x01\x00\x01" /* public key - integer of 3 bytes */
> > + "\x02\x01\x00", /* private key - integer of 1 byte */
> > + .key_len = 272,
> > .m = "\x54\x85\x9b\x34\x2c\x49\xea\x2a",
> > .c =
> > "\xb2\x97\x76\xb4\xae\x3e\x38\x3c\x7e\x64\x1f\xcc\xa2\x7f\xf6\xbe"
> >
>
> I need an ack from the maintainer of this subsystem before I can take a
> patch that is not already upstream in Linus's tree...
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
Thanks,
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply [flat|nested] 4+ messages in thread
* Patch "crypto: fix test vector for rsa" has been added to the 4.3-stable tree
2016-01-14 4:57 [PATCH 4.3.y] crypto: fix test vector for rsa Tadeusz Struk
2016-02-02 0:52 ` Greg KH
@ 2016-02-14 21:04 ` gregkh
1 sibling, 0 replies; 4+ messages in thread
From: gregkh @ 2016-02-14 21:04 UTC (permalink / raw)
To: tadeusz.struk, dhowells, gregkh, herbert, linux-crypto, linux-kernel
Cc: stable, stable-commits
This is a note to let you know that I've just added the patch titled
crypto: fix test vector for rsa
to the 4.3-stable tree which can be found at:
http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary
The filename of the patch is:
crypto-fix-test-vector-for-rsa.patch
and it can be found in the queue-4.3 subdirectory.
If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@vger.kernel.org> know about it.
>From tadeusz.struk@intel.com Sun Feb 14 12:56:09 2016
From: Tadeusz Struk <tadeusz.struk@intel.com>
Date: Wed, 13 Jan 2016 20:57:40 -0800
Subject: crypto: fix test vector for rsa
To: Greg KH <gregkh@linuxfoundation.org>
Cc: stable@vger.kernel.org, Herbert Xu <herbert@gondor.apana.org.au>, Linux Crypto Mailing List <linux-crypto@vger.kernel.org>, Linux Kernel Developers List <linux-kernel@vger.kernel.org>, David Howells <dhowells@redhat.com>
Message-ID: <56972AC4.4010501@intel.com>
From: Tadeusz Struk <tadeusz.struk@intel.com>
After the fix to the asn1_decoder in commit: 0d62e9dd
"ASN.1: Fix non-match detection failure on data overrun"
the rsa algorithm is failing to register in 4.3 stable kernels with
error: "alg: rsa: test failed on vector 4, err=-74"
This happens because the asn1 definition for the rsa key that has been
added in 4.2 defined all 3 components of the key as non-optional, as
the asn1_decoder before the fix was working fine for both the private
and public keys.
This patch adds the missing (fake) component to one key vector to allow
the algorithm to successfully register and be used with a valid private
keys later. This is only to make the asn1_decoder successfully parse the
key and the fake component is never used in the test as the vector is
marked as public key.
This patch applies only to 4.3 kernels as the 4.2 version of asn1_decoder
works fine with the asn1 definition.
4.4 is also ok because the akcipher interface has been changed, and
the set_key function has been split into set_public_key and set_priv_key
and there are two separate asn1 definitions for the two key formats
with all the required components correctly defined (commit 22287b0).
Signed-off-by: Tadeusz Struk <tadeusz.struk@intel.com>
Acked-by: Herbert Xu <herbert@gondor.apana.org.au>
---
---
crypto/testmgr.h | 7 ++++---
1 file changed, 4 insertions(+), 3 deletions(-)
--- a/crypto/testmgr.h
+++ b/crypto/testmgr.h
@@ -270,7 +270,7 @@ static struct akcipher_testvec rsa_tv_te
.c_size = 256,
}, {
.key =
- "\x30\x82\x01\x09" /* sequence of 265 bytes */
+ "\x30\x82\x01\x0C" /* sequence of 268 bytes */
"\x02\x82\x01\x00" /* modulus - integer of 256 bytes */
"\xDB\x10\x1A\xC2\xA3\xF1\xDC\xFF\x13\x6B\xED\x44\xDF\xF0\x02\x6D"
"\x13\xC7\x88\xDA\x70\x6B\x54\xF1\xE8\x27\xDC\xC3\x0F\x99\x6A\xFA"
@@ -288,8 +288,9 @@ static struct akcipher_testvec rsa_tv_te
"\x55\xE6\x29\x69\xD1\xC2\xE8\xB9\x78\x59\xF6\x79\x10\xC6\x4E\xEB"
"\x6A\x5E\xB9\x9A\xC7\xC4\x5B\x63\xDA\xA3\x3F\x5E\x92\x7A\x81\x5E"
"\xD6\xB0\xE2\x62\x8F\x74\x26\xC2\x0C\xD3\x9A\x17\x47\xE6\x8E\xAB"
- "\x02\x03\x01\x00\x01", /* public key - integer of 3 bytes */
- .key_len = 269,
+ "\x02\x03\x01\x00\x01" /* public key - integer of 3 bytes */
+ "\x02\x01\x00", /* private key - integer of 1 byte */
+ .key_len = 272,
.m = "\x54\x85\x9b\x34\x2c\x49\xea\x2a",
.c =
"\xb2\x97\x76\xb4\xae\x3e\x38\x3c\x7e\x64\x1f\xcc\xa2\x7f\xf6\xbe"
Patches currently in stable-queue which might be from tadeusz.struk@intel.com are
queue-4.3/crypto-fix-test-vector-for-rsa.patch
queue-4.3/crypto-qat-don-t-use-userspace-pointer.patch
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2016-02-14 21:04 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-01-14 4:57 [PATCH 4.3.y] crypto: fix test vector for rsa Tadeusz Struk
2016-02-02 0:52 ` Greg KH
2016-02-02 3:20 ` Herbert Xu
2016-02-14 21:04 ` Patch "crypto: fix test vector for rsa" has been added to the 4.3-stable tree gregkh
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.