Skip to content

Commit 86f40a2

Browse files
wgobradfitz
wgo
authored and
bradfitz
committed
crypto/ecdsa: fix buffer size on s390x for ecdsa
I used too small a size for buffers, which can cause a panic in some testing. The new buffer size is generous and sufficient for all purposes. Fixes #34927 Fixes #34928 Change-Id: Icdbbfed5da87fe3757be40dfd23182b37ec62d58 Reviewed-on: https://go-review.googlesource.com/c/go/+/201317 Reviewed-by: Brad Fitzpatrick <[email protected]>
1 parent c4817f5 commit 86f40a2

File tree

2 files changed

+4
-4
lines changed

2 files changed

+4
-4
lines changed

src/crypto/ecdsa/ecdsa_s390x.go

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ import (
1515

1616
// s390x accelerated signatures
1717
//go:noescape
18-
func kdsaSig(fc uint64, block *[1720]byte) (errn uint64)
18+
func kdsaSig(fc uint64, block *[4096]byte) (errn uint64)
1919

2020
type signverify int
2121

@@ -109,7 +109,7 @@ func zeroExtendAndCopy(dst, src []byte, size int) {
109109
func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, e *big.Int) (r, s *big.Int, err error) {
110110
var bo bufferOffsets
111111
if canUseKDSA(signing, c, &bo) && e.Sign() != 0 {
112-
var buffer [1720]byte
112+
var buffer [4096]byte
113113
for {
114114
var k *big.Int
115115
k, err = randFieldElement(c, csprng)
@@ -140,7 +140,7 @@ func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, e *bi
140140
func verify(pub *PublicKey, c elliptic.Curve, e, r, s *big.Int) bool {
141141
var bo bufferOffsets
142142
if canUseKDSA(verifying, c, &bo) && e.Sign() != 0 {
143-
var buffer [1720]byte
143+
var buffer [4096]byte
144144
zeroExtendAndCopy(buffer[bo.offsetR:], r.Bytes(), bo.baseSize)
145145
zeroExtendAndCopy(buffer[bo.offsetS:], s.Bytes(), bo.baseSize)
146146
zeroExtendAndCopy(buffer[bo.offsetHash:], e.Bytes(), bo.hashSize)

src/crypto/ecdsa/ecdsa_s390x.s

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,7 @@
44

55
#include "textflag.h"
66

7-
// func kdsaSig(fc uint64, block *[1720]byte) (errn uint64)
7+
// func kdsaSig(fc uint64, block *[4096]byte) (errn uint64)
88
TEXT ·kdsaSig(SB), NOSPLIT|NOFRAME, $0-24
99
MOVD fc+0(FP), R0 // function code
1010
MOVD block+8(FP), R1 // address parameter block

0 commit comments

Comments
 (0)