summaryrefslogtreecommitdiff
path: root/tools/testing/selftests/safesetid/safesetid-test.sh
diff options
context:
space:
mode:
authorJason A. Donenfeld <Jason@zx2c4.com>2020-03-18 18:30:47 -0600
committerDavid S. Miller <davem@davemloft.net>2020-03-18 18:51:43 -0700
commit11a7686aa99c7fe4b3f80f6dcccd54129817984d (patch)
tree94cc7594f7e7251436916ef36ffd87430fd8e3d7 /tools/testing/selftests/safesetid/safesetid-test.sh
parent2b8765c52db24c0fbcc81bac9b5e8390f2c7d3c8 (diff)
wireguard: noise: error out precomputed DH during handshake rather than config
We precompute the static-static ECDH during configuration time, in order to save an expensive computation later when receiving network packets. However, not all ECDH computations yield a contributory result. Prior, we were just not letting those peers be added to the interface. However, this creates a strange inconsistency, since it was still possible to add other weird points, like a valid public key plus a low-order point, and, like points that result in zeros, a handshake would not complete. In order to make the behavior more uniform and less surprising, simply allow all peers to be added. Then, we'll error out later when doing the crypto if there's an issue. This also adds more separation between the crypto layer and the configuration layer. Discussed-with: Mathias Hall-Andersen <mathias@hall-andersen.dk> Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com> Signed-off-by: David S. Miller <davem@davemloft.net>
Diffstat (limited to 'tools/testing/selftests/safesetid/safesetid-test.sh')
0 files changed, 0 insertions, 0 deletions