From 542671623129f1db947801d2756186b501c98c49 Mon Sep 17 00:00:00 2001
From: Simon Glass <sjg@chromium.org>
Date: Wed, 30 Jul 2014 10:00:17 -0600
Subject: rsa: Fix two errors in the implementation

1. Failure to set the return code correctly
2. Failure to detect the loop end condition when the value is equal to
the modulus.

Reported-by: Jeroen Hofstee <jeroen@myspectrum.nl>
Signed-off-by: Simon Glass <sjg@chromium.org>
---
 lib/rsa/rsa-sign.c   | 1 +
 lib/rsa/rsa-verify.c | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)

(limited to 'lib/rsa')

diff --git a/lib/rsa/rsa-sign.c b/lib/rsa/rsa-sign.c
index f4d433867a..5d9716f013 100644
--- a/lib/rsa/rsa-sign.c
+++ b/lib/rsa/rsa-sign.c
@@ -76,6 +76,7 @@ static int rsa_get_pub_key(const char *keydir, const char *name, RSA **rsap)
 	rsa = EVP_PKEY_get1_RSA(key);
 	if (!rsa) {
 		rsa_err("Couldn't convert to a RSA style key");
+		ret = -EINVAL;
 		goto err_rsa;
 	}
 	fclose(f);
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index c5bcdb60e8..4ef19b66f4 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -57,9 +57,9 @@ static void subtract_modulus(const struct rsa_public_key *key, uint32_t num[])
 static int greater_equal_modulus(const struct rsa_public_key *key,
 				 uint32_t num[])
 {
-	uint32_t i;
+	int i;
 
-	for (i = key->len - 1; i >= 0; i--) {
+	for (i = (int)key->len - 1; i >= 0; i--) {
 		if (num[i] < key->modulus[i])
 			return 0;
 		if (num[i] > key->modulus[i])
-- 
cgit v1.2.1