Am Mittwoch, 1. Dezember 2021, 01:48:51 CET schrieb Nicolai Stange:
Hi Nicolai,
> A previous patch made the dh-generic implementation's ->set_secret() to
> generate an ephemeral key in case the input ->key_size is zero, just in
> analogy with ecdh. Make the hpre crypto driver's DH implementation to
> behave consistently by doing the same.
>
> Signed-off-by: Nicolai Stange <nstange@xxxxxxx>
> ---
> drivers/crypto/hisilicon/hpre/hpre_crypto.c | 11 +++++++++++
> 1 file changed, 11 insertions(+)
>
> diff --git a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> b/drivers/crypto/hisilicon/hpre/hpre_crypto.c index
> a032c192ef1d..02ca79e263f1 100644
> --- a/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> +++ b/drivers/crypto/hisilicon/hpre/hpre_crypto.c
> @@ -701,11 +701,20 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm,
> const void *buf, {
> struct hpre_ctx *ctx = kpp_tfm_ctx(tfm);
> struct dh params;
> + char key[CRYPTO_DH_MAX_PRIVKEY_SIZE];
> int ret;
>
> if (crypto_dh_decode_key(buf, len, ¶ms) < 0)
> return -EINVAL;
>
> + if (!params.key_size) {
dto.
> + ret = crypto_dh_gen_privkey(params.group_id, key,
> + ¶ms.key_size);
> + if (ret)
> + return ret;
> + params.key = key;
> + }
> +
> /* Free old secret if any */
> hpre_dh_clear_ctx(ctx, false);
>
> @@ -716,6 +725,8 @@ static int hpre_dh_set_secret(struct crypto_kpp *tfm,
> const void *buf, memcpy(ctx->dh.xa_p + (ctx->key_sz - params.key_size),
> params.key, params.key_size);
>
> + memzero_explicit(key, sizeof(key));
> +
> return 0;
>
> err_clear_ctx:
Ciao
Stephan
