kernel/crypto/ecdh.c, branch linux-5.1.y

crypto: ecc - Actually remove stack VLA usage

2018-04-20T16:58:29Z

On the quest to remove all VLAs from the kernel[1], this avoids VLAs by just using the maximum allocation size (4 bytes) for stack arrays. All the VLAs in ecc were either 3 or 4 bytes (or a multiple), so just make it 4 bytes all the time. Initialization routines are adjusted to check that ndigits does not end up larger than the arrays. This includes a removal of the earlier attempt at this fix from commit a963834b4742 ("crypto/ecc: Remove stack VLA usage") [1] https://lkml.org/lkml/2018/3/7/621 Signed-off-by: Kees Cook Signed-off-by: Herbert Xu

crypto: ecdh - fix to allow multi segment scatterlists

2018-03-09T14:45:49Z

Apparently the ecdh use case was in bluetooth which always has single element scatterlists, so the ecdh module was hard coded to expect them. Now we're using this in TPM, we need multi-element scatterlists, so remove this limitation. Signed-off-by: James Bottomley Signed-off-by: Herbert Xu

crypto: ecdh - remove empty exit()

2017-11-06T06:45:04Z

Pointer members of an object with static storage duration, if not explicitly initialized, will be initialized to a NULL pointer. The crypto API checks if this pointer is not NULL before using it, we are safe to remove the function. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: ecdh - fix concurrency on shared secret and pubkey

2017-08-03T05:47:22Z

ecdh_ctx contained static allocated data for the shared secret and public key. The shared secret and the public key were doomed to concurrency issues because they could be shared by multiple crypto requests. The concurrency is fixed by replacing per-tfm shared secret and public key with per-request dynamically allocated shared secret and public key. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: ecdh - add privkey generation support

2017-06-10T04:04:35Z

Add support for generating ecc private keys. Generation of ecc private keys is helpful in a user-space to kernel ecdh offload because the keys are not revealed to user-space. Private key generation is also helpful to implement forward secrecy. If the user provides a NULL ecc private key, the kernel will generate it and further use it for ecdh. Move ecdh's object files below drbg's. drbg must be present in the kernel at the time of calling. Signed-off-by: Tudor Ambarus Reviewed-by: Stephan Müller Signed-off-by: Herbert Xu

crypto: ecdh - comply with crypto_kpp_maxsize()

2017-06-10T04:04:28Z

crypto_kpp_maxsize() asks for the output buffer size without caring for errors. It allways assume that will be called after a valid setkey. Comply with it and return what he wants. nbytes has no sense now, remove it and directly return the maxsize. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: ecc - rename ecdh_make_pub_key()

2017-06-10T04:04:26Z

Rename ecdh_make_pub_key() to ecc_make_pub_key(). ecdh_make_pub_key() is not dh specific and the reference to dh is wrong. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: ecc - remove unnecessary casts

2017-06-10T04:04:26Z

ecc software implementation works with chunks of u64 data. There were some unnecessary casts to u8 and then back to u64 for the ecc keys. This patch removes the unnecessary casts. Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: ecc - remove unused function arguments

2017-06-10T04:04:25Z

Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu

crypto: kpp, (ec)dh - fix typos

2017-06-10T04:04:25Z

While here, add missing argument description (ndigits). Signed-off-by: Tudor Ambarus Signed-off-by: Herbert Xu