crypto: dh - calculate Q from P for the full public key verification - linux-crypto.git

diff options

author	Nicolai Stange <nstange@suse.de>	2022-02-21 13:11:01 +0100
committer	Herbert Xu <herbert@gondor.apana.org.au>	2022-03-03 10:47:52 +1200
commit	eb8a3b4e19b08362006a3ae241307bc00adc07b0 (patch)
tree	6228ec523be47a260675753ec06c0e8087b4162c /crypto/cfb.c
parent	28de78a698afc8046d96f066bc00e7b1467a949f (diff)
download	linux-crypto-eb8a3b4e19b08362006a3ae241307bc00adc07b0.tar.gz linux-crypto-eb8a3b4e19b08362006a3ae241307bc00adc07b0.zip

crypto: dh - calculate Q from P for the full public key verification

As the ->q in struct dh_ctx gets never set anywhere, the code in dh_is_pubkey_valid() for doing the full public key validation in accordance to SP800-56Arev3 is effectively dead. However, for safe-prime groups Q = (P - 1)/2 by definition and as the safe-prime groups are the only possible groups in FIPS mode (via those ffdheXYZ() templates), this enables dh_is_pubkey_valid() to calculate Q on the fly for these. Implement this. With this change, the last code accessing struct dh_ctx's ->q is now gone. Remove this member from struct dh_ctx. Signed-off-by: Nicolai Stange <nstange@suse.de> Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>

Diffstat (limited to 'crypto/cfb.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: