[U-Boot] [PATCH] rsa: Fix two errors in the implementation
Simon Glass
sjg at chromium.org
Mon Aug 4 12:10:49 CEST 2014
Hi Jeroen,
On 30 July 2014 15:17, Jeroen Hofstee <dasuboot at myspectrum.nl> wrote:
> Hello Simon,
>
>
>>> {
>>> - uint32_t i;
>>> + int i;
>>> - for (i = key->len - 1; i >= 0; i--) {
>>> + for (i = (int)key->len - 1; i >= 0; i--) {
>>> if (num[i] < key->modulus[i])
>>> return 0;
>>> if (num[i] > key->modulus[i])
>>
>>
>> I did indeed not post a patch, since I do not know how this code
>> is used and how critical it is. And I still haven't bothered to look it
>> up.
>>
>> So just a general comment, which might not make any sense
>> at all for the actual usage. If num can somehow be controlled by an
>
>
> I meant key->len here of course ^
OK I see. Well the key length is range-checked in pow_mod(). If a key
length of 0 were used, it would not be a valid signature - this
function might do strange things. But the key length has to match the
public key, so something like that would juts cause a verification
failure higher up the stack.
Regards,
Simon
More information about the U-Boot
mailing list