LDP
/
man-pages
mirror of https://github.com/mkerrisk/man-pages
0
1
Fork 0
Code Releases Activity

keyctl.2: Improve KEYCTL_DH_COMPUTE details 

Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
Michael Kerrisk 2016-10-17 17:15:34 +02:00
parent f595473369
commit 1deb8c8ee8
1 changed files with 30 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
man2/keyctl.2
View File

@ -1252,21 +1252,21 @@ via the function
.BR keyctl_get_persistent (3). .BR keyctl_get_persistent (3).
.TP .TP
.BR KEYCTL_DH_COMPUTE " (since Linux 4.7)" .BR KEYCTL_DH_COMPUTE " (since Linux 4.7)"
Compute Diffie-Hellman values. Compute a Diffie-Hellman shared secret or public key.
The The
.I arg2 .I arg2
argument is a pointer to argument is a pointer to a set of parameters containing
.I struct keyctl_dh_params serial numbers for three keys used in the Diffie-Hellman calculation,
which is defined in packaged in a structure of the following form:
.I <linux/keyctl.h>
as follows:
.nf .nf
.in +4n .in +4n
struct keyctl_dh_params { struct keyctl_dh_params {
int32_t private; int32_t private; /* The local private key */
int32_t prime; int32_t prime; /* The prime, known to both parties */
int32_t base; int32_t base; /* The base integer: either a shared
generator or the remote public key */
}; };
.in .in
.fi .fi
@ -1275,21 +1275,30 @@ The
.IR private ", " prime " and " base .IR private ", " prime " and " base
fields are IDs of the keys, payload of which would be used for DH values fields are IDs of the keys, payload of which would be used for DH values
calculation. calculation.
The result is calculated as The result is calculated as:
.IR "base^private mod prime" .
base ^ private mod prime
If the base is the shared generator, the result is the local public key.
If the base is the remote public key, the result is the shared secret.
The The
.I arg3 .I arg3
argument (cast to argument (cast to
.IR "char\ *" ) .IR "char\ *" )
should point to an output buffer whose size is passed in the points to a buffer where the result of the calculation is placed.
The size of that buffer is specified in
.I arg4 .I arg4
argument (cast to (cast to
.IR size_t ). .IR size_t ).
The buffer should be big enough in order to accommodate the output data,
The buffer must be large enough to accommodate the output data,
otherwise an error is returned. otherwise an error is returned.
A NULL pointer can be provided as buffer in order If
to obtain the required buffer size. .I arg4
is specified zero,
the operation returns the minimum required buffer size
(i.e., the length of the prime).
The The
.I arg5 .I arg5
@ -1334,7 +1343,9 @@ irrespective of the provided buffer size.
The ID of the persistent keyring. The ID of the persistent keyring.
.TP .TP
.B KEYCTL_DH_COMPUTE .B KEYCTL_DH_COMPUTE
Amount of bytes being copied. The number of bytes copied to the buffer, or, if
.I arg4
is 0, the required buffer size.
.TP .TP
All other commands All other commands
Zero. Zero.
@ -1438,9 +1449,8 @@ or a kernel thread.
.I option .I option
is is
.B KEYCTL_DH_COMPUTE .B KEYCTL_DH_COMPUTE
and the buffer size provided is not enough for the result to fit in. and the buffer size provided is not enough to hold the result.
Provide 0 as Provide 0 as a buffer size in order to obtain the minimum buffer size.
a buffer size in order to obtain minimum buffer size first.
.SH VERSIONS .SH VERSIONS
This system call first appeared in Linux 2.6.11. This system call first appeared in Linux 2.6.11.
.SH CONFORMING TO .SH CONFORMING TO