Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-02-18 Thread Herbert Xu
On Fri, Feb 08, 2019 at 09:17:50AM +0100, Stephan Mueller wrote: > > > > > Also, shall we add the signature verification enforcemnt to the helper as > > > well? > > > > What do you mean by that? > > We need to invoke the function crypto_check_module_sig when the module is > loaded. Do you have

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-02-08 Thread Stephan Mueller
Am Freitag, 8. Februar 2019, 09:05:47 CET schrieb Herbert Xu: Hi Herbert, > > > Also, shall we add the signature verification enforcemnt to the helper as > > well? > > What do you mean by that? We need to invoke the function crypto_check_module_sig when the module is loaded. Do you have any

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-02-08 Thread Herbert Xu
On Fri, Feb 08, 2019 at 09:00:59AM +0100, Stephan Mueller wrote: > > Thanks for the clarification. And do you have a suggestion how we can should > ensure that the self-tests are run only once? Making it run at kernel init time should be good enough. > Also, shall we add the signature

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-02-08 Thread Stephan Mueller
Am Freitag, 8. Februar 2019, 08:45:58 CET schrieb Herbert Xu: Hi Herbert, > We could easily add self-tests for the helper. Thanks for the clarification. And do you have a suggestion how we can should ensure that the self-tests are run only once? Also, shall we add the signature verification

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-02-07 Thread Herbert Xu
On Wed, Jan 30, 2019 at 03:39:10PM +0100, Stephan Mueller wrote: > Am Mittwoch, 30. Januar 2019, 11:08:54 CET schrieb Herbert Xu: > > Hi Herbert, > > > I'm still not convinced why this needs to go into the crypto API > > instead of being hosted in a helper which should achieve pretty > > much

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-01-30 Thread Stephan Mueller
Am Mittwoch, 30. Januar 2019, 11:08:54 CET schrieb Herbert Xu: Hi Herbert, > I'm still not convinced why this needs to go into the crypto API > instead of being hosted in a helper which should achieve pretty > much the same result. How do you propose to handle the FIPS 140-2 related

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-01-30 Thread Herbert Xu
On Mon, Jan 28, 2019 at 11:07:28AM +0100, Stephan Mueller wrote: > Am Mittwoch, 16. Januar 2019, 12:06:54 CET schrieb Stephan Müller: > > Hi Herbert, > > > Changes v2: > > * Incorporation of all comments from Eric Biggers > > > > Stephan Mueller (6): > > crypto: add template handling for RNGs

Re: [PATCH v2 0/6] General Key Derivation Function Support

2019-01-28 Thread Stephan Mueller
Am Mittwoch, 16. Januar 2019, 12:06:54 CET schrieb Stephan Müller: Hi Herbert, > Changes v2: > * Incorporation of all comments from Eric Biggers > > Stephan Mueller (6): > crypto: add template handling for RNGs > crypto: kdf - SP800-108 Key Derivation Function > crypto: kdf - add known

[PATCH v2 0/6] General Key Derivation Function Support

2019-01-16 Thread Stephan Müller
Changes v2: * Incorporation of all comments from Eric Biggers Stephan Mueller (6): crypto: add template handling for RNGs crypto: kdf - SP800-108 Key Derivation Function crypto: kdf - add known answer tests crypto: hkdf - HMAC-based Extract-and-Expand KDF crypto: hkdf - add known answer