On Thu, Apr 20, 2017 at 08:38:30PM +0200, Stephan Müller wrote:
> > By the way: do we really need this in the kernel at all, given that it's
> > just doing some math on data which userspace has access to?
> It is the question about how we want the keys subsystem to operate. The DH
> shared secret shall not be used as a key. But the DH operation is part of the
> key subsystem. If there is never a case where the result of the DH operation
> is used in the kernel, then the KDF can be removed and my patches could be
> reverted. However, in this case, the entire DH business could be questioned
> this can easily be done in user space as well.
Well, who exactly is asking for Diffie-Hellman in the kernel at all? If it can
be done in userspace then it should be done there. Having it in the kernel
means having yet another API that's callable by unprivileged users and needs to
be audited for security vulnerabilities. Just because the kernel can support
doing hashes or has an arbitrary-precision arithmetic library or whatever
doesn't mean it's the right place to do random crypto stuff.