Am Donnerstag, 2. Juni 2016, 16:55:26 schrieb Herbert Xu: Hi Herbert, > > Why don't you put the result in a temporary buffer and then copy > it? These things are tiny, right? The KDFs are usually used for output sizes between one and 4 keys. So, commonly it is expected that not more than 200 or 300 bytes are generated by one call. But you cannot be sure how much data a user wants. The spec allows that the user generates up to 2^50 or so bytes. The implementation I offer is limited to unsigned int bytes. Note, if one would implement a key ladder, it can be expected that many keys are generated from one KDF seed. I tried to avoid memcpy for speed purposes. And all the user needs to do is to not invoke an in-place crypto operation. Maybe I should copy the input data into a private memory location so that the KDF can be used like any other cipher: the caller uses a reference to the instance to generate data where the caller does not need to ensure that some initial data must be left at some specific place. Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html