From: =?UTF-8?q?Stephan=20M=C3=BCller?= <smueller@chronox.de>
Date: Mon, 20 Jul 2020 19:08:52 +0200
Subject: crypto: dh - SP800-56A rev 3 local public key validation
Git-commit: 2ed5ba61cc78f102656eedc0b4c80fd14a5e8c7c
Patch-mainline: v5.9-rc1
References: bsc#1175718
After the generation of a local public key, SP800-56A rev 3 section
5.6.2.1.3 mandates a validation of that key with a full validation
compliant to section 5.6.2.3.1.
Only if the full validation passes, the key is allowed to be used.
Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Acked-by: Petr Tesarik <ptesarik@suse.com>
---
crypto/dh.c | 59 ++++++++++++++++++++++++++++++++++-------------------------
1 file changed, 34 insertions(+), 25 deletions(-)
--- a/crypto/dh.c
+++ b/crypto/dh.c
@@ -180,32 +180,41 @@ static int dh_compute_value(struct kpp_r
if (ret)
goto err_free_base;
- /* SP800-56A rev3 5.7.1.1 check: Validation of shared secret */
- if (fips_enabled && req->src) {
- MPI pone;
-
- /* z <= 1 */
- if (mpi_cmp_ui(val, 1) < 1) {
- ret = -EBADMSG;
- goto err_free_base;
+ if (fips_enabled) {
+ /* SP800-56A rev3 5.7.1.1 check: Validation of shared secret */
+ if (req->src) {
+ MPI pone;
+
+ /* z <= 1 */
+ if (mpi_cmp_ui(val, 1) < 1) {
+ ret = -EBADMSG;
+ goto err_free_base;
+ }
+
+ /* z == p - 1 */
+ pone = mpi_alloc(0);
+
+ if (!pone) {
+ ret = -ENOMEM;
+ goto err_free_base;
+ }
+
+ ret = mpi_sub_ui(pone, ctx->p, 1);
+ if (!ret && !mpi_cmp(pone, val))
+ ret = -EBADMSG;
+
+ mpi_free(pone);
+
+ if (ret)
+ goto err_free_base;
+
+ /* SP800-56A rev 3 5.6.2.1.3 key check */
+ } else {
+ if (dh_is_pubkey_valid(ctx, val)) {
+ ret = -EAGAIN;
+ goto err_free_val;
+ }
}
-
- /* z == p - 1 */
- pone = mpi_alloc(0);
-
- if (!pone) {
- ret = -ENOMEM;
- goto err_free_base;
- }
-
- ret = mpi_sub_ui(pone, ctx->p, 1);
- if (!ret && !mpi_cmp(pone, val))
- ret = -EBADMSG;
-
- mpi_free(pone);
-
- if (ret)
- goto err_free_base;
}
ret = mpi_write_to_sgl(val, req->dst, req->dst_len, &sign);