lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Fri, 26 Nov 2021 13:32:01 +0800
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     Stephan Müller <smueller@...onox.de>
Cc:     ebiggers@...nel.org, jarkko@...nel.org,
        Mat Martineau <mathew.j.martineau@...ux.intel.com>,
        dhowells@...hat.com, linux-kernel@...r.kernel.org,
        linux-crypto@...r.kernel.org, keyrings@...r.kernel.org,
        simo@...hat.com
Subject: Re: [PATCH v4 0/4] Add SP800-108 KDF implementation to crypto API

On Fri, Nov 19, 2021 at 07:55:03AM +0100, Stephan Müller wrote:
> Hi,
> 
> The key derviation functions are considered to be a cryptographic
> operation. As cryptographic operations are provided via the kernel
> crypto API, this patch set consolidates the SP800-108 KDF
> implementation into the crypto API.
> 
> If this patch is accepted, another patch set will be published attempting
> to move the HKDF implementation from the crypto file system code base
> to the kernel crypto API.
> 
> The KDF implementation is provided as service functions. Yet, the
> interface to the the provided KDF is modeled such, that additional
> KDF implementation can use the same API style. The goal is to allow
> the transformation from a service function into a crypto API template
> eventually.
> 
> The KDF executes a power-on self test with test vectors from commonly
> known sources.
> 
> Tbe SP800-108 KDF implementation is used to replace the implementation
> in the keys subsystem. The implementation was verified using the
> keyutils command line test code provided in
> tests/keyctl/dh_compute/valid. All tests show that the expected values
> are calculated with the new code.
> 
> Changes v3 to v4:
> * SP800-108 KDF kernel configuration parameter is not user selectable
>   as suggested by Eric Biggers
> * update the error code path for the self test handling to mirror
>   testmgr.c as suggested by Eric Biggers
> * further cleanup in kdf_alloc as suggested by Mat Martineau
> 
> Changes v2 to v3:
> 
> * port to kernel 5.16-rc1
> * remove the HKDF patch to only leave the SP800-108 patch
> 
> Stephan Mueller (4):
>   crypto: Add key derivation self-test support code
>   crypto: add SP800-108 counter key derivation function
>   security: DH - remove dead code for zero padding
>   security: DH - use KDF implementation from crypto API
> 
>  crypto/Kconfig                         |   4 +
>  crypto/Makefile                        |   5 +
>  crypto/kdf_sp800108.c                  | 153 +++++++++++++++++++++++++
>  include/crypto/internal/kdf_selftest.h |  71 ++++++++++++
>  include/crypto/kdf_sp800108.h          |  61 ++++++++++
>  security/keys/Kconfig                  |   2 +-
>  security/keys/dh.c                     | 130 ++++-----------------
>  7 files changed, 315 insertions(+), 111 deletions(-)
>  create mode 100644 crypto/kdf_sp800108.c
>  create mode 100644 include/crypto/internal/kdf_selftest.h
>  create mode 100644 include/crypto/kdf_sp800108.h

All applied.  Thanks.
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ