aboutsummaryrefslogtreecommitdiffstats
path: root/lib/digsig.c
diff options
context:
space:
mode:
authorDmitry Kasatkin <dmitry.kasatkin@intel.com>2012-01-26 12:13:26 -0500
committerJames Morris <jmorris@namei.org>2012-02-01 08:23:39 -0500
commitb35e286a640f31d619a637332972498b51f3fd90 (patch)
tree66ea75588c31570245b7048693e15c72ce2ded34 /lib/digsig.c
parentf58a08152ce4198a2a1da162b97ecf8264c24866 (diff)
lib/digsig: pkcs_1_v1_5_decode_emsa cleanup
Removed useless 'is_valid' variable in pkcs_1_v1_5_decode_emsa(), which was inhereted from original code. Client now uses return value to check for an error. Signed-off-by: Dmitry Kasatkin <dmitry.kasatkin@intel.com> Reviewed-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'lib/digsig.c')
-rw-r--r--lib/digsig.c35
1 files changed, 10 insertions, 25 deletions
diff --git a/lib/digsig.c b/lib/digsig.c
index 5d840ac64fb1..b67e82c024b3 100644
--- a/lib/digsig.c
+++ b/lib/digsig.c
@@ -34,14 +34,9 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
34 unsigned long msglen, 34 unsigned long msglen,
35 unsigned long modulus_bitlen, 35 unsigned long modulus_bitlen,
36 unsigned char *out, 36 unsigned char *out,
37 unsigned long *outlen, 37 unsigned long *outlen)
38 int *is_valid)
39{ 38{
40 unsigned long modulus_len, ps_len, i; 39 unsigned long modulus_len, ps_len, i;
41 int result;
42
43 /* default to invalid packet */
44 *is_valid = 0;
45 40
46 modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0); 41 modulus_len = (modulus_bitlen >> 3) + (modulus_bitlen & 7 ? 1 : 0);
47 42
@@ -50,39 +45,30 @@ static int pkcs_1_v1_5_decode_emsa(const unsigned char *msg,
50 return -EINVAL; 45 return -EINVAL;
51 46
52 /* separate encoded message */ 47 /* separate encoded message */
53 if ((msg[0] != 0x00) || (msg[1] != (unsigned char)1)) { 48 if ((msg[0] != 0x00) || (msg[1] != (unsigned char)1))
54 result = -EINVAL; 49 return -EINVAL;
55 goto bail;
56 }
57 50
58 for (i = 2; i < modulus_len - 1; i++) 51 for (i = 2; i < modulus_len - 1; i++)
59 if (msg[i] != 0xFF) 52 if (msg[i] != 0xFF)
60 break; 53 break;
61 54
62 /* separator check */ 55 /* separator check */
63 if (msg[i] != 0) { 56 if (msg[i] != 0)
64 /* There was no octet with hexadecimal value 0x00 57 /* There was no octet with hexadecimal value 0x00
65 to separate ps from m. */ 58 to separate ps from m. */
66 result = -EINVAL; 59 return -EINVAL;
67 goto bail;
68 }
69 60
70 ps_len = i - 2; 61 ps_len = i - 2;
71 62
72 if (*outlen < (msglen - (2 + ps_len + 1))) { 63 if (*outlen < (msglen - (2 + ps_len + 1))) {
73 *outlen = msglen - (2 + ps_len + 1); 64 *outlen = msglen - (2 + ps_len + 1);
74 result = -EOVERFLOW; 65 return -EOVERFLOW;
75 goto bail;
76 } 66 }
77 67
78 *outlen = (msglen - (2 + ps_len + 1)); 68 *outlen = (msglen - (2 + ps_len + 1));
79 memcpy(out, &msg[2 + ps_len + 1], *outlen); 69 memcpy(out, &msg[2 + ps_len + 1], *outlen);
80 70
81 /* valid packet */ 71 return 0;
82 *is_valid = 1;
83 result = 0;
84bail:
85 return result;
86} 72}
87 73
88/* 74/*
@@ -96,7 +82,7 @@ static int digsig_verify_rsa(struct key *key,
96 unsigned long len; 82 unsigned long len;
97 unsigned long mlen, mblen; 83 unsigned long mlen, mblen;
98 unsigned nret, l; 84 unsigned nret, l;
99 int valid, head, i; 85 int head, i;
100 unsigned char *out1 = NULL, *out2 = NULL; 86 unsigned char *out1 = NULL, *out2 = NULL;
101 MPI in = NULL, res = NULL, pkey[2]; 87 MPI in = NULL, res = NULL, pkey[2];
102 uint8_t *p, *datap, *endp; 88 uint8_t *p, *datap, *endp;
@@ -172,10 +158,9 @@ static int digsig_verify_rsa(struct key *key,
172 memset(out1, 0, head); 158 memset(out1, 0, head);
173 memcpy(out1 + head, p, l); 159 memcpy(out1 + head, p, l);
174 160
175 err = -EINVAL; 161 err = pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len);
176 pkcs_1_v1_5_decode_emsa(out1, len, mblen, out2, &len, &valid);
177 162
178 if (valid && len == hlen) 163 if (!err && len == hlen)
179 err = memcmp(out2, h, hlen); 164 err = memcmp(out2, h, hlen);
180 165
181err: 166err: