git.proxmox.com Git - mirror_ubuntu-bionic-kernel.git/commit

author	Stephan Mueller <smueller@chronox.de>
	Wed, 17 Jul 2019 09:02:42 +0000 (11:02 +0200)
committer	Sultan Alsawaf <sultan.alsawaf@canonical.com>
	Wed, 24 Jul 2019 15:45:12 +0000 (09:45 -0600)
commit	3bc65bb503d81e508f5bdf33a9999111a3594c1c
tree	7520108a607ebf208d19ef769df579b25871d8ea	tree
parent	4c4d41759849d57b8f3ad83a46ce61dbbc2061ef	commit \| diff

crypto: ecdh - add public key verification test

According to SP800-56A section 5.6.2.1, the public key to be processed
for the ECDH operation shall be checked for appropriateness. When the
public key is considered to be an ephemeral key, the partial validation
test as defined in SP800-56A section 5.6.2.3.4 can be applied.

The partial verification test requires the presence of the field
elements of a and b. For the implemented NIST curves, b is defined in
FIPS 186-4 appendix D.1.2. The element a is implicitly given with the
Weierstrass equation given in D.1.2 where a = p - 3.

Without the test, the NIST ACVP testing fails. After adding this check,
the NIST ACVP testing passes.

Signed-off-by: Stephan Mueller <smueller@chronox.de>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
CVE-2018-5383

(cherry picked from commit ea169a30a6bf6782a05a51d2b9cf73db151eab8b)
Signed-off-by: Paolo Pisati <paolo.pisati@canonical.com>
Acked-by: Connor Kuehl <connor.kuehl@canonical.com>
Acked-by: Stefan Bader <stefan.bader@canonical.com>
Signed-off-by: Khalid Elmously <khalid.elmously@canonical.com>

crypto/ecc.c		diff \| blob \| blame \| history
crypto/ecc_curve_defs.h		diff \| blob \| blame \| history