From da9410565d3a4c2d107278014e29608fb21db32c Mon Sep 17 00:00:00 2001 From: jordan Date: Fri, 23 May 2025 22:29:16 -0500 Subject: [PATCH] linuxkm rsa: km_pkcs1_sign should return sig_len on success. --- linuxkm/lkcapi_rsa_glue.c | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/linuxkm/lkcapi_rsa_glue.c b/linuxkm/lkcapi_rsa_glue.c index 6dc72479c..5108cebc3 100644 --- a/linuxkm/lkcapi_rsa_glue.c +++ b/linuxkm/lkcapi_rsa_glue.c @@ -1281,6 +1281,9 @@ static unsigned int km_pkcs1_key_size(struct crypto_sig *tfm) * - dst is destination signature buffer. * - dlen must be >= key_len size. * + * Returns signature length on success. + * Returns < 0 on error. + * * See kernel (6.13 or later): * - include/crypto/sig.h */ @@ -1361,7 +1364,7 @@ static int km_pkcs1_sign(struct crypto_sig *tfm, goto pkcs1_sign_out; } - err = 0; + err = sig_len; pkcs1_sign_out: if (msg != NULL) { free(msg); msg = NULL; } @@ -3098,12 +3101,19 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits, } ret = crypto_sig_sign(tfm, hash, hash_len, km_sig, key_len); - if (ret) { + if (ret < 0) { pr_err("error: crypto_sig_sign returned: %d\n", ret); test_rc = BAD_FUNC_ARG; goto test_pkcs1_end; } + if ((word32) ret != sig_len) { + pr_err("error: crypto_sig_sign returned %d, expected %d\n", ret, + sig_len); + test_rc = BAD_FUNC_ARG; + goto test_pkcs1_end; + } + n_diff = memcmp(km_sig, sig, sig_len); if (n_diff) { pr_err("error: km-sig doesn't match sig: %d\n", n_diff); @@ -3118,7 +3128,6 @@ static int linuxkm_test_pkcs1_driver(const char * driver, int nbits, goto test_pkcs1_end; } - test_rc = 0; test_pkcs1_end: if (tfm) { crypto_free_sig(tfm); tfm = NULL; }