crypto/ecdsa: fix buffer size on s390x for ecdsa

I used too small a size for buffers, which can cause a panic in some testing.
The new buffer size is generous and sufficient for all purposes.

Fixes #34927
Fixes #34928

Change-Id: Icdbbfed5da87fe3757be40dfd23182b37ec62d58
Reviewed-on: https://go-review.googlesource.com/c/go/+/201317
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>

diff --git a/src/crypto/ecdsa/ecdsa_s390x.go b/src/crypto/ecdsa/ecdsa_s390x.go
index f07c3bf50c23baecd187a2e58fafe525fa338c1e..485f5fe971842037c86512d5fc00da8f473f0090 100644 (file)
--- a/src/crypto/ecdsa/ecdsa_s390x.go
+++ b/src/crypto/ecdsa/ecdsa_s390x.go
@@ -15,7 +15,7 @@ import (
 
 // s390x accelerated signatures
 //go:noescape
-func kdsaSig(fc uint64, block *[1720]byte) (errn uint64)
+func kdsaSig(fc uint64, block *[4096]byte) (errn uint64)
 
 type signverify int
 
@@ -109,7 +109,7 @@ func zeroExtendAndCopy(dst, src []byte, size int) {
 func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, e *big.Int) (r, s *big.Int, err error) {
        var bo bufferOffsets
        if canUseKDSA(signing, c, &bo) && e.Sign() != 0 {
-               var buffer [1720]byte
+               var buffer [4096]byte
                for {
                        var k *big.Int
                        k, err = randFieldElement(c, csprng)
@@ -140,7 +140,7 @@ func sign(priv *PrivateKey, csprng *cipher.StreamReader, c elliptic.Curve, e *bi
 func verify(pub *PublicKey, c elliptic.Curve, e, r, s *big.Int) bool {
        var bo bufferOffsets
        if canUseKDSA(verifying, c, &bo) && e.Sign() != 0 {
-               var buffer [1720]byte
+               var buffer [4096]byte
                zeroExtendAndCopy(buffer[bo.offsetR:], r.Bytes(), bo.baseSize)
                zeroExtendAndCopy(buffer[bo.offsetS:], s.Bytes(), bo.baseSize)
                zeroExtendAndCopy(buffer[bo.offsetHash:], e.Bytes(), bo.hashSize)

diff --git a/src/crypto/ecdsa/ecdsa_s390x.s b/src/crypto/ecdsa/ecdsa_s390x.s
index 6ee00ce79c3dc2f6a3be1c3d9aa1cc502f33f8fb..c064400709bbcabc0b4dddebbce765b8c66f1b33 100644 (file)
--- a/src/crypto/ecdsa/ecdsa_s390x.s
+++ b/src/crypto/ecdsa/ecdsa_s390x.s
@@ -4,7 +4,7 @@
 
 #include "textflag.h"
 
-// func kdsaSig(fc uint64, block *[1720]byte) (errn uint64)
+// func kdsaSig(fc uint64, block *[4096]byte) (errn uint64)
 TEXT ·kdsaSig(SB), NOSPLIT|NOFRAME, $0-24
        MOVD fc+0(FP), R0    // function code
        MOVD block+8(FP), R1 // address parameter block