Simon Josefsson <si...@josefsson.org> writes: > This feels a bit inconsistent with the hmac interface,
Anything in particular which you think is inconsistent? HMAC is a bit special both in theory and practice. In that it isn't defined on top of any arbitrary hash function, it's defined only for hash functions in the Merkle-Damgård family (if I get the terminology right), and needs to know the underlying blocksize, which is usually considered an internal property of the hash function. And then nettle's hmac_update and hmac_digest are a bit peculiar, since they avoid using types from HMAC_CTX, and use const for the two contexts which depend on the key only. PBDKF2 is a more regular construction, which doesn't depend on the internals of the underlying mac/prf. > Do you want me to submit an updated patch? It would be great if you could try out the proposed interface. And if it works out well, submit a new patch. Regards, /Niels -- Niels Möller. PGP-encrypted email is preferred. Keyid C0B98E26. Internet email is subject to wholesale government surveillance. _______________________________________________ nettle-bugs mailing list nettle-bugs@lists.lysator.liu.se http://lists.lysator.liu.se/mailman/listinfo/nettle-bugs