Am Freitag, 19. August 2016, 20:39:09 CEST schrieb Stephan Mueller: Hi David, > > SP800-56A defines the use of DH with key derivation function based on a > counter. The input to the KDF is defined as (DH shared secret || other > information). The value for the "other information" is to be provided by > the caller. > > The KDF is implemented using the hash support from the kernel crypto API. > The implementation uses the symmetric hash support as the input to the > hash operation is usually very small. The caller is allowed to specify > the hash name that he wants to use to derive the key material allowing > the use of all supported hashes provided with the kernel crypto API. > > As the KDF implements the proper truncation of the DH shared secret to > the requested size, this patch fills the caller buffer up to its size. > > The patch is tested with a new test added to the keyutils user space > code which uses a CAVS test vector testing the compliance with > SP800-56A. Is there a decision about this patch set? Ciao Stephan -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html