Re: [PATCH 3/5] KEYS: DH: don't feed uninitialized result memory into KDF

2017-04-27 Thread David Howells
Eric Biggers wrote: > > > By the way: do we really need this in the kernel at all, given that it's > > > just doing some math on data which userspace has access to? > > > > It is the question about how we want the keys subsystem to operate. The DH > > shared secret shall

Re: [PATCH 3/5] KEYS: DH: don't feed uninitialized result memory into KDF

2017-04-20 Thread Eric Biggers
Hi Stephan, On Thu, Apr 20, 2017 at 08:38:30PM +0200, Stephan Müller wrote: > > > > By the way: do we really need this in the kernel at all, given that it's > > just doing some math on data which userspace has access to? > > It is the question about how we want the keys subsystem to operate.

Re: [PATCH 3/5] KEYS: DH: don't feed uninitialized result memory into KDF

2017-04-20 Thread Stephan Müller
Am Donnerstag, 20. April 2017, 19:46:02 CEST schrieb Eric Biggers: Hi Eric, > Hi Stephan, > > On Thu, Apr 20, 2017 at 03:27:17PM +0200, Stephan Müller wrote: > > Am Donnerstag, 20. April 2017, 07:46:31 CEST schrieb Eric Biggers: > > > > Hi Eric, > > > > > From: Eric Biggers

Re: [PATCH 3/5] KEYS: DH: don't feed uninitialized result memory into KDF

2017-04-20 Thread Eric Biggers
Hi Stephan, On Thu, Apr 20, 2017 at 03:27:17PM +0200, Stephan Müller wrote: > Am Donnerstag, 20. April 2017, 07:46:31 CEST schrieb Eric Biggers: > > Hi Eric, > > > From: Eric Biggers > > > > The result of the Diffie-Hellman computation may be shorter than the > > input

Re: [PATCH 3/5] KEYS: DH: don't feed uninitialized result memory into KDF

2017-04-20 Thread Stephan Müller
Am Donnerstag, 20. April 2017, 07:46:31 CEST schrieb Eric Biggers: Hi Eric, > From: Eric Biggers > > The result of the Diffie-Hellman computation may be shorter than the > input prime number. Only calculate the KDF over the actual result; > don't include additional