| Message ID | 20211209090358.28231-13-nstange@suse.de (mailing list archive) |
|---|---|
| State | New |
| Headers | show |
| Series | crypto: dh - infrastructure for NVM in-band auth and FIPS conformance | expand |
On Thu, Dec 09, 2021 at 09:03:52AM +0000, Nicolai Stange wrote: > A previous patch made the dh-generic implementation's ->set_secret() to > generate an ephemeral key in case the input ->key_size is zero, just in > analogy with ecdh. Make the qat crypto driver's DH implementation to > behave consistently by doing the same. I ran a few tests on QAT GEN2 HW and this patch/set does not causes regressions. On the headline of the commit, should this be crypto: qat - ... ? > Signed-off-by: Nicolai Stange <nstange@suse.de> > Reviewed-by: Hannes Reinecke <hare@suse.de> Acked-by: Giovanni Cabiddu <giovanni.cabiddu@intel.com>
diff --git a/drivers/crypto/qat/qat_common/qat_asym_algs.c b/drivers/crypto/qat/qat_common/qat_asym_algs.c index b0b78445418b..e0d3a70fa6b1 100644 --- a/drivers/crypto/qat/qat_common/qat_asym_algs.c +++ b/drivers/crypto/qat/qat_common/qat_asym_algs.c @@ -441,11 +441,20 @@ static int qat_dh_set_secret(struct crypto_kpp *tfm, const void *buf, struct qat_dh_ctx *ctx = kpp_tfm_ctx(tfm); struct device *dev = &GET_DEV(ctx->inst->accel_dev); struct dh params; + char key[CRYPTO_DH_MAX_PRIVKEY_SIZE]; int ret; if (crypto_dh_decode_key(buf, len, ¶ms) < 0) return -EINVAL; + if (!params.key_size) { + ret = crypto_dh_gen_privkey(params.group_id, key, + ¶ms.key_size); + if (ret) + return ret; + params.key = key; + } + /* Free old secret if any */ qat_dh_clear_ctx(dev, ctx);