Re: [PATCH v5] KEYS: add SP800-56A KDF support for DH
Pulled.
Re: [PATCH v5] KEYS: add SP800-56A KDF support for DH
Am Freitag, 19. August 2016, 20:39:09 CET schrieb Stephan Mueller: Hi David, > Hi, > > This patch now folds the KDF into the keys support as requested by > Herbert. The caller can only supply the hash name used for the KDF. > > Note, the KDF implementation is identical to the kdf_ctr() support in > the now unneeded KDF patches to the kernel crypto API. > > The new patch also changes the variable name from kdfname to hashname. > > Also, the patch adds a missing semicolon. > > Finally, the patch adds a guard against compiling the compat code > if the general Linux kernel configuration does not have the compat > code enabled. Without that guard, compilation warnings are seen. May I ask which plans do you have with the KDF support for DH? Ciao Stephan
Re: [PATCH v5] KEYS: add SP800-56A KDF support for DH
Am Freitag, 19. August 2016, 20:39:09 CEST schrieb Stephan Mueller: Hi David, > > SP800-56A defines the use of DH with key derivation function based on a > counter. The input to the KDF is defined as (DH shared secret || other > information). The value for the "other information" is to be provided by > the caller. > > The KDF is implemented using the hash support from the kernel crypto API. > The implementation uses the symmetric hash support as the input to the > hash operation is usually very small. The caller is allowed to specify > the hash name that he wants to use to derive the key material allowing > the use of all supported hashes provided with the kernel crypto API. > > As the KDF implements the proper truncation of the DH shared secret to > the requested size, this patch fills the caller buffer up to its size. > > The patch is tested with a new test added to the keyutils user space > code which uses a CAVS test vector testing the compliance with > SP800-56A. Is there a decision about this patch set? Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html