Commit Graph

5 Commits

Author SHA1 Message Date
Rasmus Villemoes b9f918a31d MPILIB: Fix comparison of negative MPIs
If u and v both represent negative integers and their limb counts
happen to differ, mpi_cmp will always return a positive value - this
is obviously bogus. u is smaller than v if and only if it is larger in
absolute value.

Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
2015-01-14 16:10:12 +00:00
Rasmus Villemoes 7fe21291ba MPILIB: Deobfuscate mpi_cmp
The condition preceding 'return 1;' makes my head hurt. At this point,
we know that u and v have the same sign; if they are negative, they
compare opposite to how their absolute values compare (which
mpihelp_cmp found for us), otherwise cmp itself is the
answer. Negating cmp is ok since mpihelp_cmp returns {-1,0,1};
-INT_MIN==INT_MIN won't bite us.

Signed-off-by: Rasmus Villemoes <linux@rasmusvillemoes.dk>
Signed-off-by: David Howells <dhowells@redhat.com>
Acked-by: Dmitry Kasatkin <dmitry.kasatkin@gmail.com>
2015-01-14 15:15:57 +00:00
David Howells 12f008b6dc MPILIB: Reinstate mpi_cmp[_ui]() and export for RSA signature verification
Reinstate and export mpi_cmp() and mpi_cmp_ui() from the MPI library for use by
RSA signature verification as per RFC3447 section 5.2.2 step 1.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
2012-10-08 13:50:15 +10:30
Dmitry Kasatkin 9e235dcaf4 Revert "crypto: GnuPG based MPI lib - additional sources (part 4)"
This reverts commit 7e8dec918e.

RSA verification implementation does not use this code.
James Morris has asked to remove that.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
Requested-by: James Morris <james.l.morris@oracle.com>
Signed-off-by: James Morris <james.l.morris@oracle.com>
2012-05-26 11:50:44 +10:00
Dmitry Kasatkin 7e8dec918e crypto: GnuPG based MPI lib - additional sources (part 4)
Adds the multi-precision-integer maths library which was originally taken
from GnuPG and ported to the kernel by (among others) David Howells.
This version is taken from Fedora kernel 2.6.32-71.14.1.el6.
The difference is that checkpatch reported errors and warnings have been fixed.

This library is used to implemenet RSA digital signature verification
used in IMA/EVM integrity protection subsystem.

Due to patch size limitation, the patch is divided into 4 parts.

This code is unnecessary for RSA digital signature verification,
but for completeness it is included here and can be compiled,
if CONFIG_MPILIB_EXTRA is enabled.

Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com>
2011-11-09 11:47:26 +02:00