Am Donnerstag, 24. Mai 2018, 04:45:00 CEST schrieb Eric Biggers: Hi Eric, > > "Not having to rely on any third-party library" is not an excuse to add > random code to the kernel, which runs in a privileged context. Please do > PBKDF2 in userspace instead. I second that. Besides, if you really need to rely on the kernel crypto API to do that because you do not want to add yet another crypto lib, libkcapi has a PBKDF2 implementation that uses the kernel crypto API via AF_ALG. I.e. the kernel crypto API is used and yet the PBKDF logic is in user space. http://www.chronox.de/libkcapi.html Ciao Stephan