Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler

From: Stephan Mueller
Date: Wed Jan 09 2019 - 13:19:04 EST

Next message: Pankaj Gupta: "Re: [PATCH v3 3/5] libnvdimm: add nd_region buffered dax_dev flag"
Previous message: Sebastian Reichel: "Re: [PATCH 10/14] media: wl128x-radio: simplify fmc_prepare/fmc_release"
In reply to: Eric Biggers: "Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler"
Next in thread: Stephan Müller: "[PATCH 0/6] General Key Derivation Function Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am Mittwoch, 9. Januar 2019, 18:34:55 CET schrieb Eric Biggers:

Hi Eric,

> That would not meet my performance requirements as I want to precompute
> HKDF-Extract, and then do HKDF-Expand many times. Also the HKDF-Expand part
> should be thread-safe and not require allocating memory, especially not a
> whole crypto_shash tfm every time.
>
> So presumably with crypto_rng, crypto_rng_reset() would need to take the
> input keyring material and salt and do HKDF-Extract (like my
> fscrypt_init_hkdf()), and crypto_rng_generate() would need to take the
> application-specific info string and do HKDF-Expand (like my
> fscrypt_hkdf_expand()).

Great, that was the idea I had in mind as well. Maybe the example was not
right to convey that. Let me work on that.
>
> It is ugly though. Please also consider just having simple crypto_hkdf_*()
> helper functions which wrap a HMAC tfm along the lines of my patch, rather
> than shoehorning it into the crypto_rng API.
>
> - Eric

Ciao
Stephan

Next message: Pankaj Gupta: "Re: [PATCH v3 3/5] libnvdimm: add nd_region buffered dax_dev flag"
Previous message: Sebastian Reichel: "Re: [PATCH 10/14] media: wl128x-radio: simplify fmc_prepare/fmc_release"
In reply to: Eric Biggers: "Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler"
Next in thread: Stephan Müller: "[PATCH 0/6] General Key Derivation Function Support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]