Re: [PATCH 1/5 v2] PM / hibernate: Create snapshot keys handler
From: Stephan Mueller
Date: Tue Jan 08 2019 - 02:10:45 EST
Am Dienstag, 8. Januar 2019, 06:03:58 CET schrieb Herbert Xu:
Hi Herbert,
> Are we going to have multiple implementations for the same KDF?
> If not then the crypto API is not a good fit. To consolidate
> multiple implementations of the same KDF, simply provide helpers
> for them.
It is unlikely to have multiple implementations of a KDF. However, KDFs relate
to hashes like block chaining modes to raw block ciphers. Thus a KDF can be
applied with different hashes.
My idea was to add template support to RNGs (because KDFs are effectively a
type of RNG since they produce an arbitrary output from a fixed input). The
KDFs would be a template wrapping hashes. For example, the CTR-KDF from
SP800-108 could be instantiated like kdf-ctr(sha256).
Ciao
Stephan