Re: [PATCH] DH support: add KDF handling support

2016-07-27 Thread Stephan Mueller
Am Mittwoch, 27. Juli 2016, 08:55:31 CEST schrieb David Howells: Hi David, > Mat Martineau wrote: > > > Though, shall I stuff the wrapper code back into the existing dh_compute > > > functions or can I leave them as separate functions? > > > > I'm not sure.

Re: [PATCH] DH support: add KDF handling support

2016-07-27 Thread David Howells
Mat Martineau wrote: > > Though, shall I stuff the wrapper code back into the existing dh_compute > > functions or can I leave them as separate functions? > > I'm not sure. In the existing code there's one keyctl wrapper per keyctl > command. A combined

Re: [PATCH] DH support: add KDF handling support

2016-07-14 Thread Mat Martineau
On Thu, 14 Jul 2016, Stephan Mueller wrote: Am Mittwoch, 13. Juli 2016, 16:17:12 schrieb Mat Martineau: Hi Mat, ---8< Add the interface logic to support DH with KDF handling support. The dh_compute code now allows the following options: - no KDF support / output of raw DH shared

Re: [PATCH] DH support: add KDF handling support

2016-07-14 Thread Stephan Mueller
Am Donnerstag, 14. Juli 2016, 04:00:57 schrieb Jeffrey Walton: Hi Jeffrey, > > Note, as shared secrets potentially post-processed by a KDF usually are > > again used as key or data encryption keys, they need to be > > truncated/expanded to a specific length anyway. A KDF inherently provides > >

Re: [PATCH] DH support: add KDF handling support

2016-07-14 Thread Jeffrey Walton
> Note, as shared secrets potentially post-processed by a KDF usually are again > used as key or data encryption keys, they need to be truncated/expanded to a > specific length anyway. A KDF inherently provides the truncation support to > any arbitrary length. Thus, I would think that the caller

Re: [PATCH] DH support: add KDF handling support

2016-07-13 Thread Mat Martineau
Stephan, On Tue, 12 Jul 2016, Stephan Mueller wrote: Hi Mat, David, During the development of this patch, I saw that the test framework seems to be broken: when I change the expected values by one bit, the test framework will still mark the received result as PASS even though the returned

[PATCH] DH support: add KDF handling support

2016-07-12 Thread Stephan Mueller
Hi Mat, David, During the development of this patch, I saw that the test framework seems to be broken: when I change the expected values by one bit, the test framework will still mark the received result as PASS even though the returned data does not match the expected data. ---8< Add the