Received: by 2002:ad5:474a:0:0:0:0:0 with SMTP id i10csp1350143imu; Fri, 11 Jan 2019 21:29:28 -0800 (PST) X-Google-Smtp-Source: ALg8bN6eqw9IMFoC5JU9nuXJMUSG8e6mwQEECfv4onolIi7JyBqvg2KoePUQ3YHifXEpJ+VDdggF X-Received: by 2002:a17:902:3383:: with SMTP id b3mr17054002plc.170.1547270968174; Fri, 11 Jan 2019 21:29:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1547270968; cv=none; d=google.com; s=arc-20160816; b=tkGdzCeUKY2WoW9e9gRzfgAKfVQDDDmI+UGtWDrxsDDWg1AEEX5gwWAVS8ZNdFqvEa 7SeyY6u2fsDpwiLDAG3+jSJZj0Ndq5jzGnUwo6ZfpiT+yajSELZlKWBLSdOTDZGsjku9 jKGpvm3Y1waEOu8q6amYdH5fufKpeNmhcKknAl3rvsIng9uLtS8tuhpr6clOFlK88jtM YF2v2Ns1B3S+aFp2iHW+h9GA0RNike493Bezsd8q2nXGzijgGrUeAO+2ciV+9im+zXn1 bckige66oosB3jerq/rzEmg8QNwsWbw7bQpAAPC+lggrk3Rv2AfwgFZUvDBu+ld2ID2D 3rNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-transfer-encoding:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=G1a+r8XyQqyFMBEaWqG2AJqWHP4+D1TUxPc94BZha4A=; b=QU0L71YxD/9h1t6gFIh24KbYUa+OeXdn1lLiinhtipwz9+d4oZRVbH9MdjIUnR4GbG 2W6rTxSevSqdOxRudpUyo50wKmqt8TAtIHEQbGvyRPKC8gLYNOkX9KvGyrwbxsfTU0ln PV8D08jVk4vPKuZCiaPfoVGq7CfnPQCmYYF/RAvjZYqbk4Hcg8LFOvbm1H9obtmAxaJk ZYlrP9Y9Q1Rr5BOWxIHPHi6eK8jdGSZ6WAHeuY0tI1XRz7MKffDEM3V/9bfKKL8sw3Qd NyylWyP7wfPnU5BBiSMTB2H0HXSpty+9+LdXbez2v5VoCVFla7s1Gxej2b76JKUFFIlI 9aEA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=sxexAAZu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id ce11si2269499plb.420.2019.01.11.21.29.12; Fri, 11 Jan 2019 21:29:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=default header.b=sxexAAZu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1725859AbfALF2C (ORCPT + 99 others); Sat, 12 Jan 2019 00:28:02 -0500 Received: from mail.kernel.org ([198.145.29.99]:33372 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725372AbfALF2C (ORCPT ); Sat, 12 Jan 2019 00:28:02 -0500 Received: from sol.localdomain (c-24-23-143-129.hsd1.ca.comcast.net [24.23.143.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id A24182086C; Sat, 12 Jan 2019 05:28:00 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=default; t=1547270881; bh=sJA3D8jZy1xB28qUxmFVn6TTU/D9WZsThVBFgei5Gm8=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=sxexAAZu6HT8IjdjnBWesenfPyg0KN294Qn+OnzTAAGf0zevmmW/qzPnpdeD0iecX rCg37ZtTh/NmZLu06IFpFXiioyX0MsPdZXS25Zs+a9TOD2pWUe2mAr6CF5PvwBHN7S cbch3VCuc97k8Opandw53D4jYsYTYGZfksvxT7L0= Date: Fri, 11 Jan 2019 21:27:59 -0800 From: Eric Biggers To: Stephan =?iso-8859-1?Q?M=FCller?= Cc: Herbert Xu , James Bottomley , Andy Lutomirski , "Lee, Chun-Yi" , "Rafael J . Wysocki" , Pavel Machek , linux-kernel@vger.kernel.org, linux-pm@vger.kernel.org, keyrings@vger.kernel.org, "Rafael J. Wysocki" , Chen Yu , Oliver Neukum , Ryan Chen , David Howells , Giovanni Gherdovich , Randy Dunlap , Jann Horn , Andy Lutomirski , linux-crypto@vger.kernel.org Subject: Re: [PATCH 2/6] crypto: kdf - SP800-108 Key Derivation Function Message-ID: <20190112052758.GD639@sol.localdomain> References: <20190103143227.9138-1-jlee@suse.com> <20190109082103.GA8586@sol.localdomain> <9733066.Vrs4h5eWcW@positron.chronox.de> <1830918.5I3Y3k8tQf@positron.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1830918.5I3Y3k8tQf@positron.chronox.de> User-Agent: Mutt/1.11.2 (2019-01-07) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, Jan 11, 2019 at 08:10:02PM +0100, Stephan M?ller wrote: > The SP800-108 compliant Key Derivation Function is implemented as a > random number generator considering that it behaves like a deterministic > RNG. > > All three KDF types specified in SP800-108 are implemented. > > The code comments provide details about how to invoke the different KDF > types. > > Signed-off-by: Stephan Mueller > --- > crypto/Kconfig | 7 + > crypto/Makefile | 1 + > crypto/kdf.c | 492 ++++++++++++++++++++++++++++++++++++++++++++++++ > 3 files changed, 500 insertions(+) > create mode 100644 crypto/kdf.c > > diff --git a/crypto/Kconfig b/crypto/Kconfig > index 86960aa53e0f..cc80d89e0cf5 100644 > --- a/crypto/Kconfig > +++ b/crypto/Kconfig > @@ -561,6 +561,13 @@ config CRYPTO_HMAC > HMAC: Keyed-Hashing for Message Authentication (RFC2104). > This is required for IPSec. > > +config CRYPTO_KDF > + tristate "Key Derivation Function (SP800-108)" > + select CRYPTO_RNG > + help > + Support for KDF compliant to SP800-108. All three types of > + KDF specified in SP800-108 are implemented. > + > config CRYPTO_XCBC > tristate "XCBC support" > select CRYPTO_HASH > diff --git a/crypto/Makefile b/crypto/Makefile > index 799ed5e94606..69a0bb64b0ac 100644 > --- a/crypto/Makefile > +++ b/crypto/Makefile > @@ -58,6 +58,7 @@ crypto_user-y := crypto_user_base.o > crypto_user-$(CONFIG_CRYPTO_STATS) += crypto_user_stat.o > obj-$(CONFIG_CRYPTO_CMAC) += cmac.o > obj-$(CONFIG_CRYPTO_HMAC) += hmac.o > +obj-$(CONFIG_CRYPTO_KDF) += kdf.o This naming is too generic. CONFIG_CRYPTO_KDF and kdf.c imply that this is related to all KDFs. But actually it is an implementation of a few specific KDFs. Can you give it a clearer name, like KDF_SP800? - Eric