On Wed Jan 3, 2024 at 5:25 PM EET, James Bottomley wrote:
> On Wed, 2024-01-03 at 17:11 +0200, Jarkko Sakkinen wrote:
> > > + u8 ec_point_x[EC_PT_SZ];
> > > + u8 ec_point_y[EC_PT_SZ];
> >
> > And also prefix these similarly with hmac.
>
> This isn't in itself an HMAC; it's the public point of the P-256 key
> derived from the null seed (effectively it's a public key). It's used
> to exchange secret information with the TPM, like a salt for the HMAC
> sessions but it's a thing in its own right (and is bound to the null
> name). I suppose null_key_x/y is better.
>
> James
Right, yea would add clarity (or perhaps null_ec_key_{x,y} for extra
clarity).
BR, Jarkko
