RE: [PATCH v5 0/3] Key-agreement Protocol Primitives (KPP) API

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Stephan Mueller [mailto:smueller@xxxxxxxxxx]
> Sent: Tuesday, May 10, 2016 8:03 AM
> To: Benedetto, Salvatore <salvatore.benedetto@xxxxxxxxx>
> Cc: herbert@xxxxxxxxxxxxxxxxxxx; linux-crypto@xxxxxxxxxxxxxxx
> Subject: Re: [PATCH v5 0/3] Key-agreement Protocol Primitives (KPP) API
> 
> Am Montag, 9. Mai 2016, 22:40:38 schrieb Salvatore Benedetto:
> 
> Hi Salvatore,
> 
> > Hi Herb,
> >
> > the following patchset introduces a new API for abstracting
> > key-agreement protocols such as DH and ECDH. It provides the
> > primitives required for implementing the protocol, thus the name KPP
> > (Key-agreement Protocol Primitives).
> >
> > Regards,
> > Salvatore
> >
> > Changes from v4:
> > * If fips_enabled is set allow only P256 (or higher) as Stephan
> > suggested
> 
> Thank you.
> 
> What I am wondering though is whether the kernel crashes in FIPS mode
> with this implementation as follows: there are test vectors for P192 which
> seem(?) to be called unconditionally. In FIPS mode, we do not have P192 and
> the ECC code returns an error when using this curve. Thus, wouldn't the self
> test fail for P192?

I have to admit I didn't test that small change with fips_enabled. My bad.
ECDH is indeed failing to load with fips_enabled.
I also spotted a bug in ecdh_shared_secret. Basically I was not checking the
return value of ecc_get_curve and I was dereferencing anyway. I guess I have
to resend the patch and fix that.

Thanks,
Salvatore
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux