Re: key retention service: DH support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Stephan Mueller <smueller@xxxxxxxxxx> wrote:

> The KDF patches are fully tested. All that would be needed on the key 
> retention side after the shared secret generation are the following calls:
> 
> kdf = crypto_alloc_rng(NAME, 0, 0);
> 
> crypto_rng_reset(kdf, <shared_secret>, sizeof(<shared_secret>));
> 
> crypto_rng_generate(kdf, LABEL, sizeof(LABEL), outbuf, outbuflen);
> 
> NAME would be the KDF type such as "kdf_ctr(hmac(sha256))"
> 
> LABEL would be an arbitrary string defined by the key service (e.g. 
> "LxKeyRet").

So there wouldn't be a change to the DH keyctl (including functional)?

David
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux