[edk2-devel] [PATCH v2 1/1] CryptoPkg/BaseCryptoLib: Remove unnecessary key generation.

Tue, 18 Jul 2023 08:13:20 -0700 

When EcGenerateKey() is called with PublicKeySize set to zero or
less than the required size,
it returns the size of the required buffer with failure.
However, EcGenerateKey() generates a key and then checks
if the buffer size is insufficient.
This can be optimised by moving the public key size check
before generating the key.
Therefore, optimise to avoid unnecessary key generation.

Signed-off-by: levi.yun <yeoreum....@arm.com>
---

Notes:
    v2:
      - Fix missing spceial case when (PublicKey == NULL && PublicKeySize == 0)

This changes can be seen at 
https://github.com/LeviYeoReum/edk2/tree/2716_not_generate_key_on_fail_size_v2

 CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c 
b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c
index 
d8cc9ba0e8f968f6cbd9ac4c56018f9a4392cd0b..4ec1903440acdc20e7b71ce8c17fe32bdfa7bab9
 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptEc.c
@@ -497,18 +497,23 @@ EcGenerateKey (
   Group    = EC_KEY_get0_group (EcKey);
   HalfSize = (EC_GROUP_get_degree (Group) + 7) / 8;

+  if ((PublicKey != NULL) && (*PublicKeySize < HalfSize * 2)) {
+    *PublicKeySize = HalfSize * 2;
+    return FALSE;
+  }
+
   // Assume RAND_seed was called
   if (EC_KEY_generate_key (EcKey) != 1) {
     return FALSE;
   }

-  if (*PublicKeySize < HalfSize * 2) {
-    *PublicKeySize = HalfSize * 2;
-    return FALSE;
-  }
-
   *PublicKeySize = HalfSize * 2;

+  // If PublicKey is NULL and PublicKeySize is 0, return True and fill 
PublickKeySize with correct Key Size.
+  if (PublicKey == NULL) {
+    return TRUE;
+  }
+
   EcPoint = EC_KEY_get0_public_key (EcKey);
   if (EcPoint == NULL) {
     return FALSE;
--
Guid("CE165669-3EF3-493F-B85D-6190EE5B9759")
IMPORTANT NOTICE: The contents of this email and any attachments are 
confidential and may also be privileged. If you are not the intended recipient, 
please notify the sender immediately and do not disclose the contents to any 
other person, use it for any purpose, or store or copy the information in any 
medium. Thank you.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#107020): https://edk2.groups.io/g/devel/message/107020
Mute This Topic: https://groups.io/mt/100217352/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to