Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp523058pxu; Thu, 7 Jan 2021 10:49:38 -0800 (PST) X-Google-Smtp-Source: ABdhPJzgYSMSnSrFD9O4iJdERZV30k4FlxpKnqDVXtXPr0OkDYNRSmi3CY5c6n0tbaaLUl9DcbY0 X-Received: by 2002:a50:d60f:: with SMTP id x15mr2602388edi.224.1610045378031; Thu, 07 Jan 2021 10:49:38 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1610045378; cv=none; d=google.com; s=arc-20160816; b=OXs6YDuYEwtADoV0zSQDwqPCRwBdtfomZLtSmTH6cSH2tO1iVQytFnNE4VK+MSm6r7 Yzmk6W39n2OZhcunkCnopin/hzxweHhzVx/rYQTS0+k6/FhWaKlNbIlmYHSkHc9fzBH3 hzvyBCDLDaGLPw+wJ8JBKYf4kHd+2BafM2SO4wP9C64vhgtQ+xpAiAL9M3Etn964Egl0 hYl/wbt4rMNi/rTbEUpe8ogeQNMEJu2FAWyzYddjXgMys4vdy0nlpS58PEmPnoiU9JRZ 0aQWkEZ3nz0q9g8mvvMLuOBCRukOeSbURrPAZ40BoRuc9CtPyEha91ucykfn+22XDmXk MqTQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=WmQzitPQpWg6UaPNgQ1IS79Is100UUbNUx/xv7iN5As=; b=fwm4tbUISsCF2PP8dHDjHWjw85rldgeuODoFacfwgSMN+WwoSoXrCaZRXxLm0KqhDZ mT1HKhi8xoDWc9Xbf8da11kdbc07saReF0MNeI8aFwo0vAVIGqMzd4MToyw8+59uRpgY ULV8BSRp48kyx/K1I+4EKWLEUCPkNTXKFP84Ey6YeXLBT2Jlpp0ca17qnGO1H4KXU/HS T1B+E3bvZ+6a8Y7JWumzpBwrmhxVBwMgO0g4J3fQ30a36prBT6Cg520ndePw61QS/TSy bCyRo9iLaZLVCsWJol7za+ha/OL5Of8VoDPmbpkt3IpD1DYUKGwHJ6BmCe5GXYkwI5Bt sUqQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dUvdi0wl; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id t11si2501238edv.337.2021.01.07.10.49.18; Thu, 07 Jan 2021 10:49:38 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=dUvdi0wl; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726650AbhAGSsj (ORCPT + 99 others); Thu, 7 Jan 2021 13:48:39 -0500 Received: from mail.kernel.org ([198.145.29.99]:39428 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726541AbhAGSsj (ORCPT ); Thu, 7 Jan 2021 13:48:39 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id 29F39233CE; Thu, 7 Jan 2021 18:47:58 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1610045278; bh=Dnauzd/8RJuh5QaFRYr7mEILCMaqsqRUKGBdFMzDwv4=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=dUvdi0wlNkC5hZlyXy931h1uxopbnv1wF6VFHnS/+O+umfX5xfD+Ofgq1PP4fB6A8 laK/wOB91ab9pv1+wX9qDEczk8/L+D/LU3YzNFAFQapcbHIuNuonuAlt2qNFzEYnew jYnNmYgM6xPNkFGBxQKKOn0MxuvFJqk1D8nt/6tEjHSrgPoNcb+sMo2zVSlHk5oomC qW3EnjUAfGUJhqfYgDBI3jRZ7kGVMGeEBaQHZNl1Euq6HkZpXsFOm8+7XTf5t5dxBN 5v6crdhPpXVhUAEXOyrxikOb641z0LW5FndkDvbp9ZOYIJmp5KXXcJA5S6M3k/Buzj fIVXR/knnx86w== Date: Thu, 7 Jan 2021 10:47:56 -0800 From: Eric Biggers To: Stephan Mueller Cc: herbert@gondor.apana.org.au, mathew.j.martineau@linux.intel.com, dhowells@redhat.com, linux-crypto@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org Subject: Re: [PATCH 5/5] fs: use HKDF implementation from kernel crypto API Message-ID: References: <4616980.31r3eYUQgx@positron.chronox.de> <7857050.T7Z3S40VBb@positron.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Thu, Jan 07, 2021 at 08:49:52AM +0100, Stephan Mueller wrote: > > > -int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key, > > > +int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, u8 *master_key, > > > ????????????????????? unsigned int master_key_size); > > > > It shouldn't be necessary to remove const here. > > Unfortunately it is when adding the pointer to struct kvec > > > > > ? > > > ?/* > > > @@ -323,7 +323,7 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const > > > u8 *master_key, > > > ?#define HKDF_CONTEXT_INODE_HASH_KEY????7 /* info=???????????????*/ > > > ? > > > ?int fscrypt_hkdf_expand(const struct fscrypt_hkdf *hkdf, u8 context, > > > -???????????????????????const u8 *info, unsigned int infolen, > > > +???????????????????????u8 *info, unsigned int infolen, > > > ????????????????????????u8 *okm, unsigned int okmlen); > > > > Likewise.? In fact some callers rely on 'info' not being modified. > > Same here. If the HKDF API will have a quirk like this, it's better not to "leak" it into the prototypes of these fscrypt functions. Just add the needed casts in fscrypt_init_hkdf() and fscrypt_hkdf_expand(). > > > -???????err = crypto_shash_setkey(hmac_tfm, prk, sizeof(prk)); > > > +???????err = crypto_hkdf_setkey(hmac_tfm, seed, ARRAY_SIZE(seed)); > > > ????????if (err) > > > ????????????????goto err_free_tfm; > > > > It's weird that the salt and key have to be passed in a kvec. > > Why not just have normal function parameters like: > > > > ????????int crypto_hkdf_setkey(struct crypto_shash *hmac_tfm, > > ?????????????????????????????? const u8 *key, size_t keysize, > > ?????????????????????????????? const u8 *salt, size_t saltsize); > > I wanted to have an identical interface for all types of KDFs to allow turning > them into a template eventually. For example, SP800-108 KDFs only have one > parameter. Hence the use of a kvec. But the API being provided is a library function specifically for HKDF. So there's no need to make it conform to some other API. - Eric