crypto: dh - split out deserialization code from crypto_dh_decode()
A subsequent commit will introduce "dh" wrapping templates of the form "ffdhe2048(dh)", "ffdhe3072(dh)" and so on in order to provide built-in support for the well-known safe-prime ffdhe group parameters specified in RFC 7919. Those templates' ->set_secret() will wrap the inner "dh" implementation's ->set_secret() and set the ->p and ->g group parameters as appropriate on the way inwards. More specifically, - A ffdheXYZ(dh) user would call crypto_dh_encode() on a struct dh instance having ->p == ->g == NULL as well as ->p_size == ->g_size == 0 and pass the resulting buffer to the outer ->set_secret(). - This outer ->set_secret() would then decode the struct dh via crypto_dh_decode_key(), set ->p, ->g, ->p_size as well as ->g_size as appropriate for the group in question and encode the struct dh again before passing it further down to the inner "dh"'s ->set_secret(). The problem is that crypto_dh_decode_key() implements some basic checks which would reject parameter sets with ->p_size == 0 and thus, the ffdheXYZ templates' ->set_secret() cannot use it as-is for decoding the passed buffer. As the inner "dh"'s ->set_secret() will eventually conduct said checks on the final parameter set anyway, the outer ->set_secret() really only needs the decoding functionality. Split out the pure struct dh decoding part from crypto_dh_decode_key() into the new __crypto_dh_decode_key(). __crypto_dh_decode_key() gets defined in crypto/dh_helper.c, but will have to get called from crypto/dh.c and thus, its declaration must be somehow made available to the latter. Strictly speaking, __crypto_dh_decode_key() is internal to the dh_generic module, yet it would be a bit over the top to introduce a new header like e.g. include/crypto/internal/dh.h containing just a single prototype. Add the __crypto_dh_decode_key() declaration to include/crypto/dh.h instead. Provide a proper kernel-doc annotation, even though __crypto_dh_decode_key() is purposedly not on the function list specified in Documentation/crypto/api-kpp.rst. Signed-off-by: Nicolai Stange <nstange@suse.de> Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
This commit is contained in:
parent
215bebc8c6
commit
fae198935c
|
@ -63,7 +63,7 @@ int crypto_dh_encode_key(char *buf, unsigned int len, const struct dh *params)
|
||||||
}
|
}
|
||||||
EXPORT_SYMBOL_GPL(crypto_dh_encode_key);
|
EXPORT_SYMBOL_GPL(crypto_dh_encode_key);
|
||||||
|
|
||||||
int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params)
|
int __crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params)
|
||||||
{
|
{
|
||||||
const u8 *ptr = buf;
|
const u8 *ptr = buf;
|
||||||
struct kpp_secret secret;
|
struct kpp_secret secret;
|
||||||
|
@ -81,6 +81,24 @@ int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params)
|
||||||
if (secret.len != crypto_dh_key_len(params))
|
if (secret.len != crypto_dh_key_len(params))
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
|
/* Don't allocate memory. Set pointers to data within
|
||||||
|
* the given buffer
|
||||||
|
*/
|
||||||
|
params->key = (void *)ptr;
|
||||||
|
params->p = (void *)(ptr + params->key_size);
|
||||||
|
params->g = (void *)(ptr + params->key_size + params->p_size);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params)
|
||||||
|
{
|
||||||
|
int err;
|
||||||
|
|
||||||
|
err = __crypto_dh_decode_key(buf, len, params);
|
||||||
|
if (err)
|
||||||
|
return err;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Don't permit the buffer for 'key' or 'g' to be larger than 'p', since
|
* Don't permit the buffer for 'key' or 'g' to be larger than 'p', since
|
||||||
* some drivers assume otherwise.
|
* some drivers assume otherwise.
|
||||||
|
@ -89,13 +107,6 @@ int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params)
|
||||||
params->g_size > params->p_size)
|
params->g_size > params->p_size)
|
||||||
return -EINVAL;
|
return -EINVAL;
|
||||||
|
|
||||||
/* Don't allocate memory. Set pointers to data within
|
|
||||||
* the given buffer
|
|
||||||
*/
|
|
||||||
params->key = (void *)ptr;
|
|
||||||
params->p = (void *)(ptr + params->key_size);
|
|
||||||
params->g = (void *)(ptr + params->key_size + params->p_size);
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Don't permit 'p' to be 0. It's not a prime number, and it's subject
|
* Don't permit 'p' to be 0. It's not a prime number, and it's subject
|
||||||
* to corner cases such as 'mod 0' being undefined or
|
* to corner cases such as 'mod 0' being undefined or
|
||||||
|
|
|
@ -79,4 +79,20 @@ int crypto_dh_encode_key(char *buf, unsigned int len, const struct dh *params);
|
||||||
*/
|
*/
|
||||||
int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params);
|
int crypto_dh_decode_key(const char *buf, unsigned int len, struct dh *params);
|
||||||
|
|
||||||
|
/**
|
||||||
|
* __crypto_dh_decode_key() - decode a private key without parameter checks
|
||||||
|
* @buf: Buffer holding a packet key that should be decoded
|
||||||
|
* @len: Length of the packet private key buffer
|
||||||
|
* @params: Buffer allocated by the caller that is filled with the
|
||||||
|
* unpacked DH private key.
|
||||||
|
*
|
||||||
|
* Internal function providing the same services as the exported
|
||||||
|
* crypto_dh_decode_key(), but without any of those basic parameter
|
||||||
|
* checks conducted by the latter.
|
||||||
|
*
|
||||||
|
* Return: -EINVAL if buffer has insufficient size, 0 on success
|
||||||
|
*/
|
||||||
|
int __crypto_dh_decode_key(const char *buf, unsigned int len,
|
||||||
|
struct dh *params);
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|
Loading…
Reference in New Issue