Received: by 2002:a05:6a10:8c0a:0:0:0:0 with SMTP id go10csp1283303pxb; Thu, 28 Jan 2021 12:20:37 -0800 (PST) X-Google-Smtp-Source: ABdhPJz+4OpGqzOGAVOmkGpX70Tk7fX66qkVoSrundo+DbOyJXWYvoiw8smy395cBXj4ZnZIk+Ph X-Received: by 2002:a05:6402:1e5:: with SMTP id i5mr1587364edy.86.1611865236955; Thu, 28 Jan 2021 12:20:36 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1611865236; cv=none; d=google.com; s=arc-20160816; b=ABPPfVK8u65GlocC6r1AsQWV9DFqPJ45S0ZgYRZZ4InHUrLEtwEgrzfkEqkmPEJ2Lv qZzcWSRnjnPSiKeBYbFGPkDnnjMUnBZDpvfrpAabOzEqAHMa/sFQm1Drozs8k0kumxli PKXlRVH7Z+ruTcitRhCDH7HkPkJeY7/pbU18yk7KRIH+WRFMQizOFjVeca8tHzfeRnLV vM3cP6ZhRzuU+2H7eADPGBQ/ij7CDUamUZUROsjQVghllRf94pjr1A6W/LsxGotFMQQw jzK54vs9cMEvzJdpFAO8qA0MmDt5iDvP5y+tt2C+IFrxMZ/eEwrLo4m6BzG4Qk0/Ubx/ ckmA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=+OD5b8VNPHbyFgSoGUtwa8HtrBImNvjGnD0BczO6b98=; b=SiUFdWuRdRAV0fojyq7noLQtJ27mUwnX4LDv3cysnddSF1bpbMgGCLHkDUqpNPxDzI boRlHdk71eXvCZFJx0OF6jD+v1YpiZJZiMTKhMceAFPvc/2EXRKMdSJ1ReyyDOefu/HT I+NWSLF72Ix4FHMLIyLLgx1ErEJv5q39srWYUiO/eAgo7OLEGZbKUTuAq5UrnA7m90ZE 4zBtn9Sd70BH7nbbBqqic9dFSpjYJc5gPl6pxbb1qKnjiHE1zwhr07jSKZAWFn9Vf3fs cuPUuTan1/RuId3D8Ab7kMpV+yrRmxupdEarEC/U1jOz/a3IsyCvYZtzMT6w0TQyYY8E Jurw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="QJdCJ/F0"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id p8si3298524ejb.474.2021.01.28.12.20.12; Thu, 28 Jan 2021 12:20:36 -0800 (PST) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b="QJdCJ/F0"; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231261AbhA1UTs (ORCPT + 99 others); Thu, 28 Jan 2021 15:19:48 -0500 Received: from mail.kernel.org ([198.145.29.99]:47868 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229854AbhA1USz (ORCPT ); Thu, 28 Jan 2021 15:18:55 -0500 Received: by mail.kernel.org (Postfix) with ESMTPSA id EEF7364E01; Thu, 28 Jan 2021 20:18:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1611865094; bh=tf8zGLnljkCRKGs4eAElVNeZDxD9yB+2IhOiwey7nNM=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=QJdCJ/F0rR9XucpltdUINHRLSbmiX5iqPf5dbBdx4vw1aiAv7ipxMWIzsESeuO27U JRqrO5tXHH7SFFbVZo0HoVNLgTmdu+7IrdLOouRFyZuRY6d0O0mbJOXun32KAeh9Io 9PiPeCZ5inPVFcYX0uRDXXVgRpx+l3S76UMLIYhKZQZd14xS9MEsF+jfJfpod/EdAB XPEB7EknNm7DkDHbL9Za8/TbbW8pzijNUOtdt0vG/wRlZhioDugX6iiOiGdjBtNr0V Emg8XoYwJvELE/+gfJERLbULX2UU49XuejAxboXIrhRfa2uDBZXrQ4rY/kdZhxoZMV IDffJwTrtbi3w== Date: Thu, 28 Jan 2021 12:18:12 -0800 From: Eric Biggers To: Stephan =?iso-8859-1?Q?M=FCller?= Cc: herbert@gondor.apana.org.au, Jarkko Sakkinen , mathew.j.martineau@linux.intel.com, dhowells@redhat.com, linux-crypto@vger.kernel.org, linux-fscrypt@vger.kernel.org, linux-kernel@vger.kernel.org, keyrings@vger.kernel.org, simo@redhat.com Subject: Re: [PATCH v2 6/7] fs: use HKDF implementation from kernel crypto API Message-ID: References: <1772794.tdWV9SEqCh@positron.chronox.de> <3577027.kQq0lBPeGt@positron.chronox.de> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <3577027.kQq0lBPeGt@positron.chronox.de> Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Sun, Jan 24, 2021 at 03:04:31PM +0100, Stephan M?ller wrote: > @@ -74,16 +57,14 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key, > return PTR_ERR(hmac_tfm); > } > > - if (WARN_ON(crypto_shash_digestsize(hmac_tfm) != sizeof(prk))) { > + if (WARN_ON(crypto_shash_digestsize(hmac_tfm) != HKDF_HASHLEN)) { > err = -EINVAL; > goto err_free_tfm; > } > > - err = hkdf_extract(hmac_tfm, master_key, master_key_size, prk); > - if (err) > - goto err_free_tfm; > - > - err = crypto_shash_setkey(hmac_tfm, prk, sizeof(prk)); > + /* HKDF-Extract (RFC 5869 section 2.2), unsalted */ > + err = crypto_hkdf_extract(hmac_tfm, NULL, 0, > + master_key, master_key_size); > if (err) > goto err_free_tfm; > > @@ -93,7 +74,6 @@ int fscrypt_init_hkdf(struct fscrypt_hkdf *hkdf, const u8 *master_key, > err_free_tfm: > crypto_free_shash(hmac_tfm); > out: > - memzero_explicit(prk, sizeof(prk)); > return err; > } The 'out' label isn't needed anymore. 'goto out' should be replaced with 'return 0'. - Eric