Searched hist:dc9c6ddac896d50ffac021dcecb97591fb2b4606 (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/tee/ |
| H A D | tee_svc_cryp.c | dc9c6ddac896d50ffac021dcecb97591fb2b4606 Tue Apr 25 16:24:56 UTC 2017 Jerome Forissier <jerome.forissier@linaro.org> crypto: don't check hash size when the main algorithm is ECDSA
syscall_asymm_verify() (and therefore TEE_AsymmetricVerifyDigest())
incorrectly assumes that the hash algorithm is SHA1 when the main
algorithm is ECDSA, and will panic the TA if the hash size is not set
accordingly. This behavior does not comply with the TEE Internal Core
API v1.1, which states:
"Where a hash algorithm is specified in the algorithm, digestLen SHALL
be equal to the digest length of this hash algorithm".
For TEE_ALG_ECDSA_P192, TEE_ALG_ECDSA_P224, TEE_ALG_ECDSA_P256,
TEE_ALG_ECDSA_P384 and TEE_ALG_ECDSA_P521, no hash algorithm is
specified, and so we must not restrict the hash size to any specific
value.
Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org>
Reported-by: Henrik Andersson <Henrik.Andersson@se.bosch.com>
Acked-by: Etienne Carriere <etienne.carriere@linaro.org>
Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org>
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
|