| Message ID | 20211201004858.19831-12-nstange@suse.de (mailing list archive) |
|---|---|
| State | Superseded |
| Delegated to: | Herbert Xu |
| Headers | show |
| Series | crypto: dh - infrastructure for NVM in-band auth and FIPS conformance | expand |
On 12/1/21 1:48 AM, Nicolai Stange wrote: > A previous patch made the dh-generic implementation's ->set_secret() to > generate an ephemeral key in case the input ->key_size is zero, just in > analogy with ecdh. Make the hpre crypto driver's DH implementation to > behave consistently by doing the same. > > Signed-off-by: Nicolai Stange <nstange@suse.de> > --- > drivers/crypto/hisilicon/hpre/hpre_crypto.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) > Can't really comment here, but FWIW: Reviewed-by: Hannes Reinecke <hare@suse.de> Cheers, Hannes
Am Mittwoch, 1. Dezember 2021, 01:48:51 CET schrieb Nicolai Stange: Hi Nicolai, > A previous patch made the dh-generic implementation's ->set_secret() to > generate an ephemeral key in case the input ->key_size is zero, just in > analogy with ecdh. Make the hpre crypto driver's DH implementation to > behave consistently by doing the same. > > Signed-off-by: Nicolai Stange <nstange@suse.de> > --- > drivers/crypto/hisilicon/hpre/hpre_crypto.c | 11 +++++++++++ > 1 file changed, 11 insertions(+) > > diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c > b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index > a032c192ef1d..02ca79e263f1 100644 > --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c > +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c > @@ -701,11 +701,20 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm, > const void *buf, { > struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); > struct dh params; > + char key[CRYPTO_DH_MAX_PRIVKEY_SIZE]; > int ret; > > if (crypto_dh_decode_key(buf, len, ¶ms) < 0) > return -EINVAL; > > + if (!params.key_size) { dto. > + ret = crypto_dh_gen_privkey(params.group_id, key, > + ¶ms.key_size); > + if (ret) > + return ret; > + params.key = key; > + } > + > /* Free old secret if any */ > hpre_dh_clear_ctx(ctx, false); > > @@ -716,6 +725,8 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm, > const void *buf, memcpy(ctx->dh.xa_p + (ctx->key_sz - params.key_size), > params.key, params.key_size); > > + memzero_explicit(key, sizeof(key)); > + > return 0; > > err_clear_ctx: Ciao Stephan
diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index a032c192ef1d..02ca79e263f1 100644 --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c @@ -701,11 +701,20 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm, const void *buf, { struct hpre_ctx *ctx = kpp_tfm_ctx(tfm); struct dh params; + char key[CRYPTO_DH_MAX_PRIVKEY_SIZE]; int ret; if (crypto_dh_decode_key(buf, len, ¶ms) < 0) return -EINVAL; + if (!params.key_size) { + ret = crypto_dh_gen_privkey(params.group_id, key, + ¶ms.key_size); + if (ret) + return ret; + params.key = key; + } + /* Free old secret if any */ hpre_dh_clear_ctx(ctx, false); @@ -716,6 +725,8 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm, const void *buf, memcpy(ctx->dh.xa_p + (ctx->key_sz - params.key_size), params.key, params.key_size); + memzero_explicit(key, sizeof(key)); + return 0; err_clear_ctx:
A previous patch made the dh-generic implementation's ->set_secret() to generate an ephemeral key in case the input ->key_size is zero, just in analogy with ecdh. Make the hpre crypto driver's DH implementation to behave consistently by doing the same. Signed-off-by: Nicolai Stange <nstange@suse.de> --- drivers/crypto/hisilicon/hpre/hpre_crypto.c | 11 +++++++++++ 1 file changed, 11 insertions(+)