diff options
author | Nicolai Stange <nstange@suse.de> | 2022-02-21 13:10:49 +0100 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2022-03-03 10:47:50 +1200 |
commit | 606af6ac4aad0c551d86d655807b8acd99629fa8 (patch) | |
tree | 5a7200b1863ea5e1ff66b50ed8ca7bd615f7ae24 /crypto/asymmetric_keys/x509_akid.asn1 | |
parent | 45221abd457578f6832ceab73719ac574915587b (diff) | |
download | linux-crypto-606af6ac4aad0c551d86d655807b8acd99629fa8.tar.gz linux-crypto-606af6ac4aad0c551d86d655807b8acd99629fa8.zip |
crypto: dh - remove struct dh's ->q member
The only current user of the DH KPP algorithm, the
keyctl(KEYCTL_DH_COMPUTE) syscall, doesn't set the domain parameter ->q
in struct dh. Remove it and any associated (de)serialization code in
crypto_dh_encode_key() and crypto_dh_decode_key. Adjust the encoded
->secret values in testmgr's DH test vectors accordingly.
Note that the dh-generic implementation would have initialized its
struct dh_ctx's ->q from the decoded struct dh's ->q, if present. If this
struct dh_ctx's ->q would ever have been non-NULL, it would have enabled a
full key validation as specified in NIST SP800-56A in dh_is_pubkey_valid().
However, as outlined above, ->q is always NULL in practice and the full key
validation code is effectively dead. A later patch will make
dh_is_pubkey_valid() to calculate Q from P on the fly, if possible, so
don't remove struct dh_ctx's ->q now, but leave it there until that has
happened.
Signed-off-by: Nicolai Stange <nstange@suse.de>
Reviewed-by: Hannes Reinecke <hare@suse.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/asymmetric_keys/x509_akid.asn1')
0 files changed, 0 insertions, 0 deletions