Re: [PATCH] crypto: implement DH primitives under akcipher API

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Am Dienstag, 1. März 2016, 11:08:34 schrieb Salvatore Benedetto:

Hi Salvatore,

> > > +static int dh_check_params_length(unsigned int p_len)
> > > +{
> > > +	switch (p_len) {
> > > +	case 768:
> > > +	case 1024:
> > > +	case 1536:
> > > +	case 2048:
> > > +	case 3072:
> > > +	case 4096:
> > > +		return 0;
> > > +	}
> > > +	return -EINVAL;
> > > +}
> > 
> > What is the reason for restricting the size to 4096?
> 
> Honestly no reason.
> Could not find restrictions in the spec about the params length.

I am just wondering because other DH impls allow longer sizes.

And besides, I would like to disallow all < 2048 right from the start.
> 
> > > +
> > > +static int dh_no_op(struct akcipher_request *req)
> > > +{
> > > +	return -ENOPROTOOPT;
> > > +}
> > > +
> > > +static int dh_set_priv_key(struct crypto_akcipher *tfm, const void
> > > *key,
> > > +			   unsigned int keylen)
> > > +{
> > > +	struct dh_params *params = akcipher_tfm_ctx(tfm);
> > 
> > dh_get_params?
> 
> You mean adding a helper function? OK.

Not adding, but using your helper function -- why do you have it there in the 
first place? :-)

Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux