-
Stefan Berger authored
In preparation for support of NIST P521, adjust the basic tests on the length of the provided key parameters to only ensure that the length of the x plus y coordinates parameter array is not an odd number and that each coordinate fits into an array of 'ndigits' digits. Mathematical tests on the key's parameters are then done in ecc_is_pubkey_valid_full rejecting invalid keys. The change is necessary since NIST P521 keys do not have keys with coordinates that each require 'full' digits (= all bits in u64 used). NIST P521 only requires 2 bytes (9 bits) in the most significant digit unlike NIST P192/256/384 that each require multiple 'full' digits. Tested-by:
Lukas Wunner <lukas@wunner.de> Reviewed-by:
Jarkko Sakkinen <jarkko@kernel.org> Tested-by:
Stefan Berger <stefanb@linux.ibm.com> Signed-off-by:
Herbert Xu <herbert@gondor.apana.org.au>
dcee6068
