Commit 130e17b5 authored by Stephen Rothwell's avatar Stephen Rothwell Committed by Stefan Bader

crypto: ecdh - make ecdh_shared_secret unique

There is another ecdh_shared_secret in net/bluetooth/ecc.c

Fixes: 3c4b2390 ("crypto: ecdh - Add ECDH software support")
Signed-off-by: default avatarStephen Rothwell <sfr@canb.auug.org.au>
Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>

CVE-2018-5383

(cherry picked from commit 8f44df15)
Signed-off-by: default avatarPaolo Pisati <paolo.pisati@canonical.com>
Acked-by: default avatarStefan Bader <stefan.bader@canonical.com>
Acked-by: default avatarConnor Kuehl <connor.kuehl@canonical.com>
Signed-off-by: default avatarKhalid Elmously <khalid.elmously@canonical.com>
parent 8c06b887
...@@ -966,7 +966,7 @@ int ecdh_make_pub_key(unsigned int curve_id, unsigned int ndigits, ...@@ -966,7 +966,7 @@ int ecdh_make_pub_key(unsigned int curve_id, unsigned int ndigits,
return ret; return ret;
} }
int ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
const u8 *private_key, unsigned int private_key_len, const u8 *private_key, unsigned int private_key_len,
const u8 *public_key, unsigned int public_key_len, const u8 *public_key, unsigned int public_key_len,
u8 *secret, unsigned int secret_len) u8 *secret, unsigned int secret_len)
......
...@@ -60,7 +60,7 @@ int ecdh_make_pub_key(const unsigned int curve_id, unsigned int ndigits, ...@@ -60,7 +60,7 @@ int ecdh_make_pub_key(const unsigned int curve_id, unsigned int ndigits,
u8 *public_key, unsigned int public_key_len); u8 *public_key, unsigned int public_key_len);
/** /**
* ecdh_shared_secret() - Compute a shared secret * crypto_ecdh_shared_secret() - Compute a shared secret
* *
* @curve_id: id representing the curve to use * @curve_id: id representing the curve to use
* @private_key: private key of part A * @private_key: private key of part A
...@@ -70,13 +70,13 @@ int ecdh_make_pub_key(const unsigned int curve_id, unsigned int ndigits, ...@@ -70,13 +70,13 @@ int ecdh_make_pub_key(const unsigned int curve_id, unsigned int ndigits,
* @secret: buffer for storing the calculated shared secret * @secret: buffer for storing the calculated shared secret
* @secret_len: length of the secret buffer * @secret_len: length of the secret buffer
* *
* Note: It is recommended that you hash the result of ecdh_shared_secret * Note: It is recommended that you hash the result of crypto_ecdh_shared_secret
* before using it for symmetric encryption or HMAC. * before using it for symmetric encryption or HMAC.
* *
* Returns 0 if the shared secret was generated successfully, a negative value * Returns 0 if the shared secret was generated successfully, a negative value
* if an error occurred. * if an error occurred.
*/ */
int ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits, int crypto_ecdh_shared_secret(unsigned int curve_id, unsigned int ndigits,
const u8 *private_key, unsigned int private_key_len, const u8 *private_key, unsigned int private_key_len,
const u8 *public_key, unsigned int public_key_len, const u8 *public_key, unsigned int public_key_len,
u8 *secret, unsigned int secret_len); u8 *secret, unsigned int secret_len);
......
...@@ -79,7 +79,7 @@ static int ecdh_compute_value(struct kpp_request *req) ...@@ -79,7 +79,7 @@ static int ecdh_compute_value(struct kpp_request *req)
if (copied != 2 * nbytes) if (copied != 2 * nbytes)
return -EINVAL; return -EINVAL;
ret = ecdh_shared_secret(ctx->curve_id, ctx->ndigits, ret = crypto_ecdh_shared_secret(ctx->curve_id, ctx->ndigits,
(const u8 *)ctx->private_key, nbytes, (const u8 *)ctx->private_key, nbytes,
(const u8 *)ctx->public_key, 2 * nbytes, (const u8 *)ctx->public_key, 2 * nbytes,
(u8 *)ctx->shared_secret, nbytes); (u8 *)ctx->shared_secret, nbytes);
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment