Searched hist:"68 c68bce76a64a07ba92ec4eecb9f8df24671bac" (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/tee/ |
| H A D | tee_svc_cryp.c | 68c68bce76a64a07ba92ec4eecb9f8df24671bac Wed Sep 09 14:05:17 UTC 2020 Jens Wiklander <jens.wiklander@linaro.org> core: syscall_asymm_verify(): accurate DSA parameter check
A comment in syscall_asymm_verify() reads:
"Depending on the DSA algorithm (NIST), the digital signature output
size may be truncated to the size of a key pair (Q prime size). Q prime
size must be less or equal than the hash output length of the hash
algorithm involved."
Instead of just assuming that Q size is small when data length is
smaller than the hash, check that it's the case also. Don't allow data
length smaller than both hash size and Q size.
Acked-by: Jerome Forissier <jerome@forissier.org>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|