03 Jun, 2016
1 commit
-
The values computed during Diffie-Hellman key exchange are often used
in combination with key derivation functions to create cryptographic
keys. Add a placeholder for a later implementation to configure a
key derivation function that will transform the Diffie-Hellman
result returned by the KEYCTL_DH_COMPUTE command.[This patch was stripped down from a patch produced by Mat Martineau that
had a bug in the compat code - so for the moment Stephan's patch simply
requires that the placeholder argument must be NULL]Original-signed-off-by: Mat Martineau
Signed-off-by: Stephan Mueller
Signed-off-by: David Howells
Signed-off-by: James Morris
13 Apr, 2016
1 commit
-
This adds userspace access to Diffie-Hellman computations through a
new keyctl() syscall command to calculate shared secrets or public
keys using input parameters stored in the keyring.Input key ids are provided in a struct due to the current 5-arg limit
for the keyctl syscall. Only user keys are supported in order to avoid
exposing the content of logon or encrypted keys.The output is written to the provided buffer, based on the assumption
that the values are only needed in userspace.Future support for other types of key derivation would involve a new
command, like KEYCTL_ECDH_COMPUTE.Once Diffie-Hellman support is included in the crypto API, this code
can be converted to use the crypto API to take advantage of possible
hardware acceleration and reduce redundant code.Signed-off-by: Mat Martineau
Signed-off-by: David Howells
