If the user provides a NULL private key, the kernel will generate it and further use it for dh. Signed-off-by: Tudor Ambarus <tudor.ambarus@xxxxxxxxxxxxx> --- crypto/dh.c | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/crypto/dh.c b/crypto/dh.c index 87e3542..7b4ac5b 100644 --- a/crypto/dh.c +++ b/crypto/dh.c @@ -83,7 +83,9 @@ static int dh_set_secret(struct crypto_kpp *tfm, const void *buf, unsigned int len) { struct dh_ctx *ctx = dh_get_ctx(tfm); + u8 *rndbuf = NULL; struct dh params; + int maxsize; if (crypto_dh_decode_key(buf, len, ¶ms) < 0) return -EINVAL; @@ -91,7 +93,26 @@ static int dh_set_secret(struct crypto_kpp *tfm, const void *buf, if (dh_set_params(ctx, ¶ms) < 0) return -EINVAL; + if (!params.key || !params.key_size) { + maxsize = crypto_kpp_maxsize(tfm); + if (maxsize < 0) { + dh_clear_params(ctx); + return maxsize; + } + + rndbuf = kmalloc(maxsize, GFP_KERNEL); + if (!rndbuf) { + dh_clear_params(ctx); + return -ENOMEM; + } + + get_random_bytes(rndbuf, maxsize); + params.key = rndbuf; + params.key_size = maxsize; + } + ctx->xa = mpi_read_raw_data(params.key, params.key_size); + kzfree(rndbuf); if (!ctx->xa) { dh_clear_params(ctx); return -EINVAL; -- 2.7.4