From 542671623129f1db947801d2756186b501c98c49 Mon Sep 17 00:00:00 2001 From: Simon Glass Date: Wed, 30 Jul 2014 10:00:17 -0600 Subject: [PATCH] rsa: Fix two errors in the implementation 1. Failure to set the return code correctly 2. Failure to detect the loop end condition when the value is equal to the modulus. Reported-by: Jeroen Hofstee Signed-off-by: Simon Glass --- lib/rsa/rsa-sign.c | 1 + lib/rsa/rsa-verify.c | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c index f4d433867a..5d9716f013 100644 --- a/lib/rsa/rsa-sign.c +++ b/lib/rsa/rsa-sign.c @@ -76,6 +76,7 @@ static int rsa_get_pub_key(const char *keydir, const char *name, RSA **rsap) rsa = EVP_PKEY_get1_RSA(key); if (!rsa) { rsa_err("Couldn't convert to a RSA style key"); + ret = -EINVAL; goto err_rsa; } fclose(f); diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c index c5bcdb60e8..4ef19b66f4 100644 --- a/lib/rsa/rsa-verify.c +++ b/lib/rsa/rsa-verify.c @@ -57,9 +57,9 @@ static void subtract_modulus(const struct rsa_public_key *key, uint32_t num[]) static int greater_equal_modulus(const struct rsa_public_key *key, uint32_t num[]) { - uint32_t i; + int i; - for (i = key->len - 1; i >= 0; i--) { + for (i = (int)key->len - 1; i >= 0; i--) { if (num[i] < key->modulus[i]) return 0; if (num[i] > key->modulus[i]) -- 2.39.5