Am Mittwoch, 17. Mai 2017, 17:26:52 CEST schrieb Tudor Ambarus:

Hi Tudor,

> If the user provides a NULL private key, the kernel will
> generate it and further use it for dh.
> 
> Signed-off-by: Tudor Ambarus <tudor.amba...@microchip.com>
> ---
>  crypto/dh.c | 21 +++++++++++++++++++++
>  1 file changed, 21 insertions(+)
> 
> diff --git a/crypto/dh.c b/crypto/dh.c
> index 87e3542..7b4ac5b 100644
> --- a/crypto/dh.c
> +++ b/crypto/dh.c
> @@ -83,7 +83,9 @@ static int dh_set_secret(struct crypto_kpp *tfm, const
> void *buf, unsigned int len)
>  {
>       struct dh_ctx *ctx = dh_get_ctx(tfm);
> +     u8 *rndbuf = NULL;
>       struct dh params;
> +     int maxsize;
> 
>       if (crypto_dh_decode_key(buf, len, &params) < 0)
>               return -EINVAL;
> @@ -91,7 +93,26 @@ static int dh_set_secret(struct crypto_kpp *tfm, const
> void *buf, if (dh_set_params(ctx, &params) < 0)
>               return -EINVAL;
> 
> +     if (!params.key || !params.key_size) {
> +             maxsize = crypto_kpp_maxsize(tfm);
> +             if (maxsize < 0) {
> +                     dh_clear_params(ctx);
> +                     return maxsize;
> +             }
> +
> +             rndbuf = kmalloc(maxsize, GFP_KERNEL);
> +             if (!rndbuf) {
> +                     dh_clear_params(ctx);
> +                     return -ENOMEM;
> +             }
> +
> +             get_random_bytes(rndbuf, maxsize);

Could you please use again the kernel crypto API RNG as mentioned for ECC?


> +             params.key = rndbuf;
> +             params.key_size = maxsize;
> +     }
> +
>       ctx->xa = mpi_read_raw_data(params.key, params.key_size);
> +     kzfree(rndbuf);
>       if (!ctx->xa) {
>               dh_clear_params(ctx);
>               return -EINVAL;


Ciao
Stephan

Reply via email to