Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-14 Thread Stephan Mueller
Am Montag, 14. Januar 2019, 18:53:16 CET schrieb Eric Biggers: Hi Eric, > > I would not suggest this, because that rounds contrary to the concept of > > the kernel crypto API IMHO. The caller has to provide the wrapping > > cipher. It is perfectly viable to allow a caller to invoke a specific > >

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-14 Thread Eric Biggers
On Mon, Jan 14, 2019 at 10:30:39AM +0100, Stephan Müller wrote: > Am Samstag, 12. Januar 2019, 06:12:54 CET schrieb Eric Biggers: > > Hi Eric, > > [...] > > > > The extract and expand phases use different instances of the underlying > > > keyed message digest cipher to ensure that while the extr

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-14 Thread Stephan Müller
Am Samstag, 12. Januar 2019, 06:12:54 CET schrieb Eric Biggers: Hi Eric, [...] > > The extract and expand phases use different instances of the underlying > > keyed message digest cipher to ensure that while the extraction phase > > generates a new key for the expansion phase, the cipher for the

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-13 Thread James Bottomley
On Sun, 2019-01-13 at 08:56 +0100, Stephan Müller wrote: > The question may arise why to plug the KDFs into RNGs. The answer is > quite simple: KDFs are a form of random number generator. In that > they take some input for initialization (aka seed, salt, key, > personalization string). Then they pr

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-12 Thread Stephan Müller
Am Samstag, 12. Januar 2019, 10:55:35 CET schrieb Herbert Xu: Hi Herbert, > On Fri, Jan 11, 2019 at 09:12:54PM -0800, Eric Biggers wrote: > > Hi Stephan, > > > > On Fri, Jan 11, 2019 at 08:10:39PM +0100, Stephan Müller wrote: > > > The RFC5869 compliant Key Derivation Function is implemented as

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-12 Thread Herbert Xu
On Fri, Jan 11, 2019 at 09:12:54PM -0800, Eric Biggers wrote: > Hi Stephan, > > On Fri, Jan 11, 2019 at 08:10:39PM +0100, Stephan Müller wrote: > > The RFC5869 compliant Key Derivation Function is implemented as a > > random number generator considering that it behaves like a deterministic > > RNG

Re: [PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-11 Thread Eric Biggers
Hi Stephan, On Fri, Jan 11, 2019 at 08:10:39PM +0100, Stephan Müller wrote: > The RFC5869 compliant Key Derivation Function is implemented as a > random number generator considering that it behaves like a deterministic > RNG. > Thanks for the proof of concept! I guess it ended up okay. But can

[PATCH 4/6] crypto: hkdf - RFC5869 Key Derivation Function

2019-01-11 Thread Stephan Müller
The RFC5869 compliant Key Derivation Function is implemented as a random number generator considering that it behaves like a deterministic RNG. The extract and expand phases use different instances of the underlying keyed message digest cipher to ensure that while the extraction phase generates a