RE: [PATCH 2/2] crypto: kpp - Add DH software implementation

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Stephan,

> -----Original Message-----
> From: Stephan Mueller [mailto:sm@xxxxxxxx]
> Sent: Tuesday, April 12, 2016 2:01 PM
> To: Benedetto, Salvatore <salvatore.benedetto@xxxxxxxxx>
> Cc: herbert@xxxxxxxxxxxxxxxxxxx; linux-crypto@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH 2/2] crypto: kpp - Add DH software implementation
> 
> Am Dienstag, 12. April 2016, 11:39:16 schrieb Salvatore Benedetto:
> 
> Hi Salvatore,
> 
> >  * Implement MPI based Diffie-Hellman under kpp API
> >  * Add test with data generad by OpenSSL
> >
> > Signed-off-by: Salvatore Benedetto <salvatore.benedetto@xxxxxxxxx>
> > ---
> >  crypto/Kconfig      |   8 ++
> >  crypto/Makefile     |   2 +
> >  crypto/dh.c         | 233
> > ++++++++++++++++++++++++++++++++++++++++++++++++++++
> crypto/testmgr.c    |
> > 157 +++++++++++++++++++++++++++++++++++
> >  crypto/testmgr.h    | 208
> ++++++++++++++++++++++++++++++++++++++++++++++
> >  include/crypto/dh.h |  23 ++++++
> >  6 files changed, 631 insertions(+)
> >  create mode 100644 crypto/dh.c
> >  create mode 100644 include/crypto/dh.h
> >
> > +
> > +static int dh_check_params_length(unsigned int p_len)
> > +{
> > +	switch (p_len) {
> > +	case 1536:
> > +	case 2048:
> > +	case 3072:
> > +	case 4096:
> > +	case 6144:
> > +	case 8192:
> > +		return 0;
> 
> Does the math require this check?
> 
> Wouldn't it be better to implement limits to the low side (i.e. p_len < 1536)
> and then add a real limit due to the implementation (e.g. it must be multiple
> of full bytes)?
> 

The math itself does not require any check that I'm aware of.
As for the real limit, I think we have to add that as an hardware
that is only capable of handling up to 4096 bytes, should fall back
to the software implementation if a bigger param is used.

Thanks,
Salvatore
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux