crypto: ecdsa - Fix enc/dec size reported by KEYCTL_PKEY_QUERY

KEYCTL_PKEY_QUERY system calls for ecdsa keys return the key size as
max_enc_size and max_dec_size, even though such keys cannot be used for
encryption/decryption.  They're exclusively for signature generation or
verification.

Only rsa keys with pkcs1 encoding can also be used for encryption or
decryption.

Return 0 instead for ecdsa keys (as well as ecrdsa keys).

Signed-off-by: Lukas Wunner <lukas@wunner.de>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Ignat Korchagin <ignat@cloudflare.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

diff --git a/crypto/asymmetric_keys/public_key.c b/crypto/asymmetric_keys/public_key.c
index bf165d321440d5dbfdd8ad5547b37f85bb566e64..dd44a966947fb820d7442993557f5de28b65dc77 100644 (file)
--- a/crypto/asymmetric_keys/public_key.c
+++ b/crypto/asymmetric_keys/public_key.c
@@ -188,6 +188,8 @@ static int software_key_query(const struct kernel_pkey_params *params,
        ptr = pkey_pack_u32(ptr, pkey->paramlen);
        memcpy(ptr, pkey->params, pkey->paramlen);
 
+       memset(info, 0, sizeof(*info));
+
        if (issig) {
                sig = crypto_alloc_sig(alg_name, 0, 0);
                if (IS_ERR(sig)) {
@@ -211,6 +213,9 @@ static int software_key_query(const struct kernel_pkey_params *params,
                        info->supported_ops |= KEYCTL_SUPPORTS_SIGN;
 
                if (strcmp(params->encoding, "pkcs1") == 0) {
+                       info->max_enc_size = len;
+                       info->max_dec_size = len;
+
                        info->supported_ops |= KEYCTL_SUPPORTS_ENCRYPT;
                        if (pkey->key_is_private)
                                info->supported_ops |= KEYCTL_SUPPORTS_DECRYPT;
@@ -232,6 +237,8 @@ static int software_key_query(const struct kernel_pkey_params *params,
                len = crypto_akcipher_maxsize(tfm);
                info->max_sig_size = len;
                info->max_data_size = len;
+               info->max_enc_size = len;
+               info->max_dec_size = len;
 
                info->supported_ops = KEYCTL_SUPPORTS_ENCRYPT;
                if (pkey->key_is_private)
@@ -239,8 +246,6 @@ static int software_key_query(const struct kernel_pkey_params *params,
        }
 
        info->key_size = len * 8;
-       info->max_enc_size = len;
-       info->max_dec_size = len;
 
        ret = 0;