|
|
@@ -396,8 +396,15 @@ static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt)
|
|
|
if (copied == 0) {
|
|
|
unsigned int len;
|
|
|
spin_unlock_bh(&zcrypt_device_lock);
|
|
|
- /* len is max 256 / 2 - 120 = 8 */
|
|
|
- len = crt->inputdatalength / 2 - 120;
|
|
|
+ /* len is max 256 / 2 - 120 = 8
|
|
|
+ * For bigger device just assume len of leading
|
|
|
+ * 0s is 8 as stated in the requirements for
|
|
|
+ * ica_rsa_modexpo_crt struct in zcrypt.h.
|
|
|
+ */
|
|
|
+ if (crt->inputdatalength <= 256)
|
|
|
+ len = crt->inputdatalength / 2 - 120;
|
|
|
+ else
|
|
|
+ len = 8;
|
|
|
if (len > sizeof(z1))
|
|
|
return -EFAULT;
|
|
|
z1 = z2 = z3 = 0;
|
|
|
@@ -405,6 +412,7 @@ static long zcrypt_rsa_crt(struct ica_rsa_modexpo_crt *crt)
|
|
|
copy_from_user(&z2, crt->bp_key, len) ||
|
|
|
copy_from_user(&z3, crt->u_mult_inv, len))
|
|
|
return -EFAULT;
|
|
|
+ z1 = z2 = z3 = 0;
|
|
|
copied = 1;
|
|
|
/*
|
|
|
* We have to restart device lookup -
|
Felix Beck