Re: [PATCH v2 3/4] crypto: kdf - SP800-108 Key Derivation Function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jun 02, 2016 at 05:12:20PM +0200, Stephan Mueller wrote:
>
> The KDFs are usually used for output sizes between one and 4 keys. So, 
> commonly it is expected that not more than 200 or 300 bytes are generated by 
> one call. But you cannot be sure how much data a user wants. The spec allows 
> that the user generates up to 2^50 or so bytes. The implementation I offer is 
> limited to unsigned int bytes.
> 
> Note, if one would implement a key ladder, it can be expected that many keys 
> are generated from one KDF seed.
> 
> I tried to avoid memcpy for speed purposes. And all the user needs to do is to 
> not invoke an in-place crypto operation.
> 
> Maybe I should copy the input data into a private memory location so that the 
> KDF can be used like any other cipher: the caller uses a reference to the 
> instance to generate data where the caller does not need to ensure that some 
> initial data must be left at some specific place.

OK.  I don't think the RNG API really guarantees that you can do
in-place generation anyway.  So don't even bother checking for
src == dst.

When you submit this again can you please send it along with a
user?

Thanks,
-- 
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux