summaryrefslogtreecommitdiff
path: root/crypto/dh.c
diff options
context:
space:
mode:
authorNicolai Stange <nstange@suse.de>2022-02-21 15:10:49 +0300
committerHerbert Xu <herbert@gondor.apana.org.au>2022-03-03 01:47:50 +0300
commit48c6d8b878c1d811015cfba1a302d8474a9aace6 (patch)
tree47d04827a70e193691b02a7b4ff9d1b22187c2f1 /crypto/dh.c
parent46ed5269bf7dac752f78fc5f8dc5efb52b483fe7 (diff)
downloadlinux-48c6d8b878c1d811015cfba1a302d8474a9aace6.tar.xz
crypto: dh - remove struct dh's ->q member
The only current user of the DH KPP algorithm, the keyctl(KEYCTL_DH_COMPUTE) syscall, doesn't set the domain parameter ->q in struct dh. Remove it and any associated (de)serialization code in crypto_dh_encode_key() and crypto_dh_decode_key. Adjust the encoded ->secret values in testmgr's DH test vectors accordingly. Note that the dh-generic implementation would have initialized its struct dh_ctx's ->q from the decoded struct dh's ->q, if present. If this struct dh_ctx's ->q would ever have been non-NULL, it would have enabled a full key validation as specified in NIST SP800-56A in dh_is_pubkey_valid(). However, as outlined above, ->q is always NULL in practice and the full key validation code is effectively dead. A later patch will make dh_is_pubkey_valid() to calculate Q from P on the fly, if possible, so don't remove struct dh_ctx's ->q now, but leave it there until that has happened. Signed-off-by: Nicolai Stange <nstange@suse.de> Reviewed-by: Hannes Reinecke <hare@suse.de> Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/dh.c')
-rw-r--r--crypto/dh.c6
1 files changed, 0 insertions, 6 deletions
diff --git a/crypto/dh.c b/crypto/dh.c
index 27e62a2a8027..abc2a72c8271 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -62,12 +62,6 @@ static int dh_set_params(struct dh_ctx *ctx, struct dh *params)
if (!ctx->p)
return -EINVAL;
- if (params->q && params->q_size) {
- ctx->q = mpi_read_raw_data(params->q, params->q_size);
- if (!ctx->q)
- return -EINVAL;
- }
-
ctx->g = mpi_read_raw_data(params->g, params->g_size);
if (!ctx->g)
return -EINVAL;