Parameters are handled independently from the secret key. Therefore,
this patch allows setting of the parameter independently from the secret
key. Before invoking the actual crypto operation, the code must now
check that the secret key and the parameters are all present.
Signed-off-by: Stephan Mueller <smuel...@chronox.de>
---
crypto/dh.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/crypto/dh.c b/crypto/dh.c
index 87e3542..f7be48e 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -60,6 +60,10 @@ static int dh_check_params_length(unsigned int p_len)
static int dh_set_params(struct dh_ctx *ctx, struct dh *params)
{
+ /* If DH parameters are not given, do not check them. */
+ if (!params->p_size && !params->g_size)
+ return 0;
+
if (unlikely(!params->p || !params->g))
return -EINVAL;
@@ -111,7 +115,7 @@ static int dh_compute_value(struct kpp_request *req)
if (!val)
return -ENOMEM;
- if (unlikely(!ctx->xa)) {
+ if (unlikely(!ctx->xa || !ctx->p || !ctx->g)) {
ret = -EINVAL;
goto err_free_val;
}
--
2.9.3
