Received: by 2002:a05:6a10:1a4d:0:0:0:0 with SMTP id nk13csp1461203pxb; Wed, 2 Feb 2022 05:35:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJwRWCFoT7PdTN63M1o64TMyO4/u+9TmY8atGyY52Il7/gCbmGRGtWPqJ8/ZW958lMe6Q0gk X-Received: by 2002:a17:903:1cd:: with SMTP id e13mr30402483plh.158.1643808950746; Wed, 02 Feb 2022 05:35:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1643808950; cv=none; d=google.com; s=arc-20160816; b=NbY9LLb5VoWjntr6JQOvyGK3euAZJj6gynSOQ/68eM/GxRycXIz9wWbMkUb7R3FGuG UJRakCEQC6lJwRqCyIVbQVc3S5uCKruhifmE7KRbE2oWUlGNWPqbjgXXbV3+/irTxzke fg8GJX8SQZmCmwtHS+gDzAhPa39avRF/5f8diRDPKC3m55DnwbAQMIoOz/WizKBnsnLM S6vjMa/RfajZqfvIRv2PAwNmNgw2uc7dZ8Bm2iyMTPjQY1VcWF0kYrniRXLo06afyeVY otVtPsDhNcdSYdQ65wCKtq3aqxEQeClZHL0LSjqQDaXuPVDf9F/VLgzO6+pMFNxDNHpt fbvg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature:dkim-signature; bh=WnOdrlh6LGfG36vDb1+pe1e6uf+fKBULrRSd0uCVIeg=; b=szsUIYd3HGO6AC+BW7YpeGX+bxkNaGpSoGvuysGvkFNP8bHpGlk/d7rSK4sM8VOHJm D2jkRvooptKZSuUeFw4V6bAQSx1o32hQ2HV0sfhubor5Dfa9J3aK4SBibMTZKIu/X7m2 UIqh4IihE9Q058grsanxBfj8P6pYrgubr4DhV4VR6AqjNXWV3hfo7tT5N+2wzkzpl/T1 sr2VdO2RINPn9Y01xUU1irsGs5zBM9G6pQrFjg9lVZdR1EN4LE8nINJVzXjqYhZ2Y+Hw 1pM2t9B5H1VQgZ01ZJo7MIdcHjCBQcTtrQrZ2/oQBunAvjMtPhclRCXtGMpUc3d7FDmV Dz3Q== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=zkz0m9Cj; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id j28si19163905pgb.379.2022.02.02.05.35.38; Wed, 02 Feb 2022 05:35:50 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@suse.de header.s=susede2_rsa header.b=zkz0m9Cj; dkim=neutral (no key) header.i=@suse.de; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=suse.de Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S233525AbiBBKmT (ORCPT + 99 others); Wed, 2 Feb 2022 05:42:19 -0500 Received: from smtp-out1.suse.de ([195.135.220.28]:41944 "EHLO smtp-out1.suse.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S245127AbiBBKln (ORCPT ); Wed, 2 Feb 2022 05:41:43 -0500 Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by smtp-out1.suse.de (Postfix) with ESMTPS id 131282110B; Wed, 2 Feb 2022 10:41:42 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1643798502; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WnOdrlh6LGfG36vDb1+pe1e6uf+fKBULrRSd0uCVIeg=; b=zkz0m9CjVHZ6CJwznJn+MYL7lhZ2ho8jMz8x4WjA+EWh6fBUh7bwU7hE3dRf7hUVmSXIN4 ui2N+q5ZBkKyJlPEtLtg87SEPS55NA3BD7J4t+AAgJBPxZpYv6SeTOKdRY+4+P8fFFZ5D1 49EjaUe4YI4yMxe03RNO8lg2IWtfFag= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1643798502; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc:cc: mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=WnOdrlh6LGfG36vDb1+pe1e6uf+fKBULrRSd0uCVIeg=; b=9zcaE/0Pd1URR6BQWk5xCvIQlbD0x6edm1UYd38NSCYijjGR/qQeNBPK84ye9kkD61uXyC Gsj5WWSRo6H9dACQ== Received: from imap2.suse-dmz.suse.de (imap2.suse-dmz.suse.de [192.168.254.74]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-521) server-digest SHA512) (No client certificate requested) by imap2.suse-dmz.suse.de (Postfix) with ESMTPS id F1EF813E02; Wed, 2 Feb 2022 10:41:41 +0000 (UTC) Received: from dovecot-director2.suse.de ([192.168.254.65]) by imap2.suse-dmz.suse.de with ESMTPSA id g/u8OeVf+mGObAAAMHmgww (envelope-from ); Wed, 02 Feb 2022 10:41:41 +0000 From: Nicolai Stange To: Herbert Xu , "David S. Miller" Cc: =?UTF-8?q?Stephan=20M=C3=BCller?= , Hannes Reinecke , Torsten Duwe , David Howells , Jarkko Sakkinen , linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org, Nicolai Stange Subject: [PATCH v3 11/15] crypto: dh - allow for passing NULL to the ffdheXYZ(dh)s' ->set_secret() Date: Wed, 2 Feb 2022 11:40:08 +0100 Message-Id: <20220202104012.4193-12-nstange@suse.de> X-Mailer: git-send-email 2.26.2 In-Reply-To: <20220202104012.4193-1-nstange@suse.de> References: <20220202104012.4193-1-nstange@suse.de> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Ephemeral key generation can be requested from any of the ffdheXYZ(dh) variants' common ->set_secret() by passing it an (encoded) struct dh with the key parameter being unset, i.e. with ->key_size == 0. As the whole purpose of the ffdheXYZ(dh) templates is to fill in the group parameters as appropriate, they expect ->p and ->g to be unset in any input struct dh as well. This means that a user would have to encode an all-zeroes struct dh instance via crypto_dh_encode_key() when requesting ephemeral key generation from a ffdheXYZ(dh) instance, which is kind of pointless. Make dh_safe_prime_set_secret() to decode a struct dh from the supplied buffer only if the latter is non-NULL and initialize it with all zeroes otherwise. That is, it is now possible to call crypto_kpp_set_secret(tfm, NULL, 0); on any ffdheXYZ(dh) tfm for requesting ephemeral key generation. Signed-off-by: Nicolai Stange --- crypto/dh.c | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/crypto/dh.c b/crypto/dh.c index 869a0476e5e2..d0d24f615b2d 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -444,17 +444,18 @@ static int dh_safe_prime_set_secret(struct crypto_kpp *tfm, const void *buffer, struct dh_safe_prime_instance_ctx *inst_ctx = dh_safe_prime_instance_ctx(tfm); struct dh_safe_prime_tfm_ctx *tfm_ctx = kpp_tfm_ctx(tfm); - struct dh params; + struct dh params = {}; void *buf = NULL, *key = NULL; unsigned int buf_size; int err; - err = __crypto_dh_decode_key(buffer, len, ¶ms); - if (err) - return err; - - if (params.p_size || params.g_size) - return -EINVAL; + if (buffer) { + err = __crypto_dh_decode_key(buffer, len, ¶ms); + if (err) + return err; + if (params.p_size || params.g_size) + return -EINVAL; + } params.p = inst_ctx->safe_prime->p; params.p_size = inst_ctx->safe_prime->p_size; -- 2.26.2