Re: [PATCH 2/2] crypto: ecdsa - Use ecc_digits_from_bytes to convert signature

From: Jarkko Sakkinen
Date: Thu May 30 2024 - 01:28:57 EST


On Thu May 30, 2024 at 2:08 AM EEST, Stefan Berger wrote:
> Since ecc_digits_from_bytes will provide zeros when an insufficient number
> of bytes are passed in the input byte array, use it to convert the r and s
> components of the signature to digits directly from the input byte
> array. This avoids going through an intermediate byte array that has the
> first few bytes filled with zeros.
>
> Signed-off-by: Stefan Berger <stefanb@xxxxxxxxxxxxx>
> ---
> crypto/ecdsa.c | 12 ++----------
> 1 file changed, 2 insertions(+), 10 deletions(-)
>
> diff --git a/crypto/ecdsa.c b/crypto/ecdsa.c
> index fa029f36110b..941cdc2b889b 100644
> --- a/crypto/ecdsa.c
> +++ b/crypto/ecdsa.c
> @@ -38,7 +38,6 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
> size_t bufsize = ndigits * sizeof(u64);
> ssize_t diff = vlen - bufsize;
> const char *d = value;
> - u8 rs[ECC_MAX_BYTES];
>
> if (!value || !vlen)
> return -EINVAL;
> @@ -46,7 +45,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
> /* diff = 0: 'value' has exacly the right size
> * diff > 0: 'value' has too many bytes; one leading zero is allowed that
> * makes the value a positive integer; error on more
> - * diff < 0: 'value' is missing leading zeros, which we add
> + * diff < 0: 'value' is missing leading zeros
> */
> if (diff > 0) {
> /* skip over leading zeros that make 'value' a positive int */
> @@ -61,14 +60,7 @@ static int ecdsa_get_signature_rs(u64 *dest, size_t hdrlen, unsigned char tag,
> if (-diff >= bufsize)
> return -EINVAL;
>
> - if (diff) {
> - /* leading zeros not given in 'value' */
> - memset(rs, 0, -diff);
> - }
> -
> - memcpy(&rs[-diff], d, vlen);
> -
> - ecc_swap_digits((u64 *)rs, dest, ndigits);
> + ecc_digits_from_bytes(d, vlen, dest, ndigits);
>
> return 0;
> }

Reviewed-by: Jarkko Sakkinen <jarkko@xxxxxxxxxx>

BR, Jarkko