On 2/21/22 13:10, Nicolai Stange wrote:
> Current work on NVME in-band authentication support ([1]) needs to invoke
> DH with the FFDHE safe-prime group parameters specified in RFC 7919.
>
> Introduce a new CRYPTO_DH_RFC7919_GROUPS Kconfig option. If enabled, make
> dh_generic register a couple of ffdheXYZ(dh) templates, one for each group:
> ffdhe2048(dh), ffdhe3072(dh), ffdhe4096(dh), ffdhe6144(dh) and
> ffdhe8192(dh). Their respective ->set_secret() expects a (serialized)
> struct dh, just like the underlying "dh" implementation does, but with the
> P and G values unset so that the safe-prime constants for the given group
> can be filled in by the wrapping template.
>
> Internally, a struct dh_safe_prime instance is being defined for each of
> the ffdheXYZ(dh) templates as appropriate. In order to prepare for future
> key generation, fill in the maximum security strength values as specified
> by SP800-56Arev3 on the go, even though they're not needed at this point
> yet.
>
> Implement the respective ffdheXYZ(dh) crypto_template's ->create() by
> simply forwarding any calls to the __dh_safe_prime_create() helper
> introduced with the previous commit, passing the associated dh_safe_prime
> in addition to the received ->create() arguments.
>
> [1] https://lore.kernel.org/r/[email protected]
>
> Signed-off-by: Nicolai Stange <[email protected]>
> ---
> crypto/Kconfig | 6 +
> crypto/dh.c | 298 ++++++++++++++++++++++++++++++++++++++++++++++++-
> 2 files changed, 303 insertions(+), 1 deletion(-)
>
Reviewed-by: Hannes Reinecke <[email protected]>
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
[email protected] +49 911 74053 688
SUSE Software Solutions Germany GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), GF: Felix Imendörffer