Re: [PATCH] crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve

Next message: Rob Herring (Arm): "Re: [PATCH 1/4] dt-bindings: clock: renesas,cpg-clocks: Document ZT/ZTR trace clock on R-Mobile APE6"
Previous message: Carlo Szelinsky: "Re: [PATCH RFC net-next 0/4] net: pse-pd: decouple controller lookup from MDIO probe"
In reply to: Thorsten Blum: "[PATCH] crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve"
Next in thread: Vitaly Chikunov: "Re: [PATCH] crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Lukas Wunner

Date: Sat May 02 2026 - 16:18:31 EST

On Sat, May 02, 2026 at 09:09:04PM +0200, Thorsten Blum wrote:
> The ->curve_oid check in ecrdsa_param_curve() rejects the valid enum
> value 0 (OID_id_dsa_with_sha1), but look_up_OID() returns OID__NR on
> lookup failure. Compare ->curve_oid with OID__NR instead to ensure that
> only unknown OIDs return -EINVAL.
>
> Fixes: 0d7a78643f69 ("crypto: ecrdsa - add EC-RDSA (GOST 34.10) algorithm")
> Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>

Reviewed-by: Lukas Wunner <lukas@xxxxxxxxx>

> +++ b/crypto/ecrdsa.c
> @@ -145,7 +145,7 @@ int ecrdsa_param_curve(void *context, size_t hdrlen, unsigned char tag,
> struct ecrdsa_ctx *ctx = context;
>
> ctx->curve_oid = look_up_OID(value, vlen);
> - if (!ctx->curve_oid)
> + if (ctx->curve_oid == OID__NR)
> return -EINVAL;
> ctx->curve = get_curve_by_oid(ctx->curve_oid);
> return 0;

This is a fairly harmless logic bug: OID_id_dsa_with_sha1 is not
a valid curve and so get_curve_by_oid() returns NULL, which is
assigned to ctx->curve.

The function you're changing, ecrdsa_param_curve(), is called
from the ecrdsa_params ASN.1 parser, which is invoked from
ecrdsa_set_pub_key(). That function does perform a NULL pointer
check for ctx->curve right after the ASN.1 parser returns.

Your patch will change the return value for an unknown OID from
-ENOPKG to -EINVAL, but that probably doesn't matter much.

Thanks,

Lukas