| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <6300797.NZM0BCWY22@tauon.chronox.de>
Date: Thu, 18 Nov 2021 09:37:01 +0100
From: Stephan Mueller <smueller@...onox.de>
To: Mat Martineau <mathew.j.martineau@...ux.intel.com>
Cc: herbert@...dor.apana.org.au, ebiggers@...nel.org,
Jarkko Sakkinen <jarkko@...nel.org>,
"dhowells@...hat.com" <dhowells@...hat.com>,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org,
keyrings <keyrings@...r.kernel.org>, simo@...hat.com
Subject: Re: [PATCH v3 3/4] security: DH - remove dead code for zero padding
Am Mittwoch, 17. November 2021, 22:28:46 CET schrieb Mat Martineau:
Hi Mat,
> On Mon, 15 Nov 2021, Stephan Müller wrote:
> > Remove the specific code that adds a zero padding that was intended
> > to be invoked when the DH operation result was smaller than the
> > modulus. However, this cannot occur any more these days because the
> > function mpi_write_to_sgl is used in the code path that calculates the
> > shared secret in dh_compute_value. This MPI service function guarantees
> > that leading zeros are introduced as needed to ensure the resulting data
> > is exactly as long as the modulus. This implies that the specific code
> > to add zero padding is dead code which can be safely removed.
> >
> > Signed-off-by: Stephan Mueller <smueller@...onox.de>
> > ---
> > security/keys/dh.c | 25 ++++---------------------
> > 1 file changed, 4 insertions(+), 21 deletions(-)
>
> Hi Stephan -
>
> Thanks for the cleanup!
Thank you for the review.
>
> Acked-by: Mat Martineau <mathew.j.martineau@...ux.intel.com>
I have added your signature to the patch.
Ciao
Stephan
Powered by blists - more mailing lists