Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp4419728imu; Mon, 7 Jan 2019 23:12:09 -0800 (PST) X-Google-Smtp-Source: ALg8bN6b5Nj1RanCPrQC5+OtpMUjOhhjHm5D2Hvx4AZfp3ko2iGCeZXxLWwvGr72UOHyeP8MCWBg X-Received: by 2002:a17:902:1e9:: with SMTP id b96mr655953plb.150.1546931529584; Mon, 07 Jan 2019 23:12:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1546931529; cv=none; d=google.com; s=arc-20160816; b=dHC97w7gQa8w5CZ9V5Ki1SIEDrk6eSE1pZ10t5O3Fyq4nL4ZtmTgiZN0FAkWRJnHMq iM4OKD49oEdNGbrTaIsFdiV5TlIjxUMDUdXVujp3Kilx8RSRqAHXFnRPtUUmYPmtQ1n0 fmVtW7EDPXO3KtAFi02BhXWO+PP6hjYXxS/hJ0YaduLUW6Bbn6o7JflHPRi4DiYvE7ih 3cnvwS7nteZEC5K/AH+GXErY7qBBLW1uBSYQyTjk9MCTkHySninasDDmMHuhRZ3HK9pi 1/0C5wTXhSxf2FNzFLBmVqJbIcnoiH83yt8JH65qbRZNQMbYvRa+BUW6UDAko9kvuYdM 3Plw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding:mime-version :references:in-reply-to:message-id:date:subject:cc:to:from :dkim-signature; bh=17RF/1aXaPSHHQcSKJwmCEH2ho3xWAcK1nvGUCYgmTs=; b=di84nt+BBqsha8tiKCQVxLf/Vjt+akoXUq8ojq5xHv5H2oqQPAhOs0L2kOAcwjKcYP cUoo6Ldax8/PEDeSeQ1WeZist3QiKeaKn0n3OHsIRi9p9Myps4ciS18chRoapgyYF9MF +PmqliAZ/GMg+iJF+p9gEwLqksWKwf7xzeWCbLo/8CtjNiq0m4dlxXgb9t/2ivhEJozm b7w7R/61Y6p2M4/iYQc9+FNflaNw6/BpYRnzQZLOuPbDyIul1hmNJpVsovZ8mQms2b79 tVnxjR88POVvt+XQXsxt2iLFSHhBLqRIWp+8sKU0zHVbfYhvUuoFcgH6fcaDuSLu6I83 Tlqw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=h7Lxm8Qh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id a1si4923416pgk.495.2019.01.07.23.11.52; Mon, 07 Jan 2019 23:12:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@chronox.de header.s=strato-dkim-0002 header.b=h7Lxm8Qh; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727538AbfAHHKf (ORCPT + 99 others); Tue, 8 Jan 2019 02:10:35 -0500 Received: from mo4-p01-ob.smtp.rzone.de ([85.215.255.50]:24729 "EHLO mo4-p01-ob.smtp.rzone.de" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727383AbfAHHKe (ORCPT ); Tue, 8 Jan 2019 02:10:34 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1546931430; s=strato-dkim-0002; d=chronox.de; h=References:In-Reply-To:Message-ID:Date:Subject:Cc:To:From: X-RZG-CLASS-ID:X-RZG-AUTH:From:Subject:Sender; bh=17RF/1aXaPSHHQcSKJwmCEH2ho3xWAcK1nvGUCYgmTs=; b=h7Lxm8QhRsE9pwLGZHoWhKOK5kUYf+D2ERHgAmMT3WdKtVDd+LdXnIHz/L2ZlYR6WR rAa6iyuueae8B0HYXIpn/7adZtoYLufFnHO/2y9wpPmtkCt9U7WBqPNXeWWs/EXnw+MA XDXcE1SV7SyHF0fjdaLgt12RDl4+FinG+rAr6eipwHj/KQBGyMAlOnxFc4cSjCEBLraQ qBsWKFmdRf041qgENENfhxoSwKk2qtwEetq9SSJDGnu27D+fXIP6kVz5P/tNszoq0Tph BOYm9PsArpmbq9P9Nrni1OsIUApmdLy5/yAgKFMUI0cmVzbmm6Lj82UbKzVfUhCi0Llr u85g== X-RZG-AUTH: ":P2ERcEykfu11Y98lp/T7+hdri+uKZK8TKWEqNyiHySGSa9k9xmwdNnzGHXPaJ/SfQIux" X-RZG-CLASS-ID: mo00 Received: from tauon.chronox.de by smtp.strato.de (RZmta 44.9 DYNA|AUTH) with ESMTPSA id 309bcfv0879hHNH (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (curve secp521r1 with 521 ECDH bits, eq. 15360 bits RSA)) (Client did not present a certificate); Tue, 8 Jan 2019 08:09:43 +0100 (CET) From: Stephan Mueller To: Herbert Xu Cc: "Lee, Chun-Yi" , "Rafael J . Wysocki" , Pavel Machek , linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, keyrings@vger.kernel.org, "Rafael J. Wysocki" , Chen Yu , Oliver Neukum , Ryan Chen , David Howells , Giovanni Gherdovich , Randy Dunlap , Jann Horn , Andy Lutomirski Subject: Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler Date: Tue, 08 Jan 2019 08:09:43 +0100 Message-ID: <1565399.7ulKdI1fm5@tauon.chronox.de> In-Reply-To: <20190108050358.llsox32hggn2jioe@gondor.apana.org.au> References: <20190103143227.9138-1-jlee@suse.com> <4499700.LRS4F2YjjC@tauon.chronox.de> <20190108050358.llsox32hggn2jioe@gondor.apana.org.au> MIME-Version: 1.0 Content-Transfer-Encoding: 7Bit Content-Type: text/plain; charset="us-ascii" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Am Dienstag, 8. Januar 2019, 06:03:58 CET schrieb Herbert Xu: Hi Herbert, > Are we going to have multiple implementations for the same KDF? > If not then the crypto API is not a good fit. To consolidate > multiple implementations of the same KDF, simply provide helpers > for them. It is unlikely to have multiple implementations of a KDF. However, KDFs relate to hashes like block chaining modes to raw block ciphers. Thus a KDF can be applied with different hashes. My idea was to add template support to RNGs (because KDFs are effectively a type of RNG since they produce an arbitrary output from a fixed input). The KDFs would be a template wrapping hashes. For example, the CTR-KDF from SP800-108 could be instantiated like kdf-ctr(sha256). Ciao Stephan