Re: [PATCH 17/18] crypto: dh - try to match domain parameters to a known safe-prime group
From: Hannes Reinecke
Date: Wed Dec 01 2021 - 02:34:27 EST
On 12/1/21 1:48 AM, Nicolai Stange wrote:
A subsequent patch will make the DH implementation to reject any input
domain parameter set with ->group_id == dh_group_id_unknown in FIPS mode.
However, as the keyctl(KEYCTL_DH_COMPUTE) implementation simply passes
forward keys from userspace, it does not (and cannot) set ->group_id to
anything else than dh_group_id_unknown.
In order to still allow for keyctl(KEYCTL_DH_COMPUTE) to work on approved
domain parameters passed in from userspace in FIPS mode, make
crypto_dh_decode_key() to compare them against any of the known groups and
set ->group_id upon having found a match, if any.
Signed-off-by: Nicolai Stange <nstange@xxxxxxx>
---
crypto/dh_helper.c | 33 +++++++++++++++++++++++++++++++++
1 file changed, 33 insertions(+)
Reviewed-by: Hannes Reinecke <hare@xxxxxxx>
Cheers,
Hannes
--
Dr. Hannes Reinecke Kernel Storage Architect
hare@xxxxxxx +49 911 74053 688
SUSE Software Solutions GmbH, Maxfeldstr. 5, 90409 Nürnberg
HRB 36809 (AG Nürnberg), Geschäftsführer: Felix Imendörffer