Skip to content

Commit 7cbe093

Browse files
mjmartineauJames Morris
mjmartineau
authored and
James Morris
committed
KEYS: Convert KEYCTL_DH_COMPUTE to use the crypto KPP API
The initial Diffie-Hellman computation made direct use of the MPI library because the crypto module did not support DH at the time. Now that KPP is implemented, KEYCTL_DH_COMPUTE should use it to get rid of duplicate code and leverage possible hardware acceleration. This fixes an issue whereby the input to the KDF computation would include additional uninitialized memory when the result of the Diffie-Hellman computation was shorter than the input prime number. Signed-off-by: Mat Martineau <[email protected]> Signed-off-by: David Howells <[email protected]> Signed-off-by: James Morris <[email protected]>
1 parent da7798a commit 7cbe093

File tree

2 files changed

+171
-103
lines changed

2 files changed

+171
-103
lines changed

security/keys/Kconfig

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -93,9 +93,9 @@ config ENCRYPTED_KEYS
9393
config KEY_DH_OPERATIONS
9494
bool "Diffie-Hellman operations on retained keys"
9595
depends on KEYS
96-
select MPILIB
9796
select CRYPTO
9897
select CRYPTO_HASH
98+
select CRYPTO_DH
9999
help
100100
This option provides support for calculating Diffie-Hellman
101101
public keys and shared secrets using values stored as keys

0 commit comments

Comments
 (0)