If the user provides a NULL private key, the kernel will
generate it and further use it for dh.
Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx>
---
crypto/dh.c | 18 ++++++++++++++++++
1 file changed, 18 insertions(+)
diff --git a/crypto/dh.c b/crypto/dh.c
index 87e3542..33df165 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -83,7 +83,9 @@ static int dh_set_secret(struct crypto_kpp *tfm, const void *buf,
unsigned int len)
{
struct dh_ctx *ctx = dh_get_ctx(tfm);
+ u8 *rndbuf = NULL;
struct dh params;
+ int maxsize;
if (crypto_dh_decode_key(buf, len, ¶ms) < 0)
return -EINVAL;
@@ -91,12 +93,28 @@ static int dh_set_secret(struct crypto_kpp *tfm, const void *buf,
if (dh_set_params(ctx, ¶ms) < 0)
return -EINVAL;
+ if (!params.key || !params.key_size) {
+ maxsize = crypto_kpp_maxsize(tfm);
+ if (maxsize < 0)
+ return maxsize;
+
+ rndbuf = kmalloc(maxsize, GFP_KERNEL);
+ if (!rndbuf)
+ return -ENOMEM;
+
+ get_random_bytes(rndbuf, maxsize);
+ params.key = rndbuf;
+ params.key_size = maxsize;
+ }
+
ctx->xa = mpi_read_raw_data(params.key, params.key_size);
if (!ctx->xa) {
dh_clear_params(ctx);
+ kzfree(rndbuf);
return -EINVAL;
}
+ kzfree(rndbuf);
return 0;
}
--
2.7.4
