* [PATCH] crypto: dh - Make public key test FIPS-only
@ 2024-02-21 5:19 Herbert Xu
0 siblings, 0 replies; only message in thread
From: Herbert Xu @ 2024-02-21 5:19 UTC (permalink / raw)
To: Linux Crypto Mailing List, Nicolai Stange, Hannes Reinecke,
Stephan Mueller
The function dh_is_pubkey_valid was added to for FIPS but it was
only partially conditional to fips_enabled.
In particular, the first test in the function relies on the last
test to work properly, but the last test is only run in FIPS mode.
Fix this inconsistency by making the whole function conditional
on fips_enabled.
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
---
crypto/dh.c | 63 +++++++++++++++++++++++++++--------------------------
1 file changed, 32 insertions(+), 31 deletions(-)
diff --git a/crypto/dh.c b/crypto/dh.c
index 0fcad279e6fe..68d11d66c0b5 100644
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -106,6 +106,12 @@ static int dh_set_secret(struct crypto_kpp *tfm, const void *buf,
*/
static int dh_is_pubkey_valid(struct dh_ctx *ctx, MPI y)
{
+ MPI val, q;
+ int ret;
+
+ if (!fips_enabled)
+ return 0;
+
if (unlikely(!ctx->p))
return -EINVAL;
@@ -125,41 +131,36 @@ static int dh_is_pubkey_valid(struct dh_ctx *ctx, MPI y)
*
* For the safe-prime groups q = (p - 1)/2.
*/
- if (fips_enabled) {
- MPI val, q;
- int ret;
-
- val = mpi_alloc(0);
- if (!val)
- return -ENOMEM;
-
- q = mpi_alloc(mpi_get_nlimbs(ctx->p));
- if (!q) {
- mpi_free(val);
- return -ENOMEM;
- }
-
- /*
- * ->p is odd, so no need to explicitly subtract one
- * from it before shifting to the right.
- */
- mpi_rshift(q, ctx->p, 1);
-
- ret = mpi_powm(val, y, q, ctx->p);
- mpi_free(q);
- if (ret) {
- mpi_free(val);
- return ret;
- }
-
- ret = mpi_cmp_ui(val, 1);
+ val = mpi_alloc(0);
+ if (!val)
+ return -ENOMEM;
+ q = mpi_alloc(mpi_get_nlimbs(ctx->p));
+ if (!q) {
mpi_free(val);
-
- if (ret != 0)
- return -EINVAL;
+ return -ENOMEM;
}
+ /*
+ * ->p is odd, so no need to explicitly subtract one
+ * from it before shifting to the right.
+ */
+ mpi_rshift(q, ctx->p, 1);
+
+ ret = mpi_powm(val, y, q, ctx->p);
+ mpi_free(q);
+ if (ret) {
+ mpi_free(val);
+ return ret;
+ }
+
+ ret = mpi_cmp_ui(val, 1);
+
+ mpi_free(val);
+
+ if (ret != 0)
+ return -EINVAL;
+
return 0;
}
--
Email: Herbert Xu <herbert@gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2024-02-21 5:19 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2024-02-21 5:19 [PATCH] crypto: dh - Make public key test FIPS-only Herbert Xu
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).