firmware/lib/cryptolib/rsa.c - Issue 3136017: Add additional sanity checks to RSA verification code.

Side by Side Diff

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Side by Side Diff: firmware/lib/cryptolib/rsa.c

Issue 3136017: Add additional sanity checks to RSA verification code. (Closed) Base URL: ssh://git@gitrw.chromium.org:9222/vboot_reference.git

Patch Set: Created 10 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

OLD	NEW
1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.	1 /* Copyright (c) 2010 The Chromium OS Authors. All rights reserved.

2 * Use of this source code is governed by a BSD-style license that can be	2 * Use of this source code is governed by a BSD-style license that can be

3 * found in the LICENSE file.	3 * found in the LICENSE file.

4 */	4 */

5	5

6 /* Implementation of RSA signature verification which uses a pre-processed	6 /* Implementation of RSA signature verification which uses a pre-processed

7 * key for computation. The code extends Android's RSA verification code to	7 * key for computation. The code extends Android's RSA verification code to

8 * support multiple RSA key lengths and hash digest algorithms.	8 * support multiple RSA key lengths and hash digest algorithms.

9 */	9 */

10	10

(...skipping 116 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
127 int RSAVerify(const RSAPublicKey *key,	127 int RSAVerify(const RSAPublicKey *key,

128 const uint8_t *sig,	128 const uint8_t *sig,

129 const uint32_t sig_len,	129 const uint32_t sig_len,

130 const uint8_t sig_type,	130 const uint8_t sig_type,

131 const uint8_t *hash) {	131 const uint8_t *hash) {

132 int i;	132 int i;

133 uint8_t* buf;	133 uint8_t* buf;

134 const uint8_t* padding;	134 const uint8_t* padding;

135 int success = 1;	135 int success = 1;

136	136

	137 if (!key \|\| !sig \|\| !hash)

	138 return 0;

	139

137 if (sig_len != (key->len * sizeof(uint32_t))) {	140 if (sig_len != (key->len * sizeof(uint32_t))) {

138 VBDEBUG(("Signature is of incorrect length!\n"));	141 VBDEBUG(("Signature is of incorrect length!\n"));

139 return 0;	142 return 0;

140 }	143 }

141	144

142 if (sig_type >= kNumAlgorithms) {	145 if (sig_type >= kNumAlgorithms) {

143 VBDEBUG(("Invalid signature type!\n"));	146 VBDEBUG(("Invalid signature type!\n"));

144 return 0;	147 return 0;

145 }	148 }

146	149

(...skipping 29 matching lines...) Expand all Loading...
176 VBDEBUG(("Digest: Expecting = %02x Got = %02x\n", padding[i], buf[i]));	179 VBDEBUG(("Digest: Expecting = %02x Got = %02x\n", padding[i], buf[i]));

177 #endif	180 #endif

178 success = 0;	181 success = 0;

179 }	182 }

180 }	183 }

181	184

182 Free(buf);	185 Free(buf);

183	186

184 return success;	187 return success;

185 }	188 }

OLD	NEW

« no previous file with comments | « firmware/lib/cryptolib/include/rsa.h ('k') | firmware/lib/cryptolib/rsa_utility.c » ('j') | no next file with comments »