Re: [RFC PATCH 4/5] keyctl.2: document the ability to provide KDF parameters in KEYCTL_DH_COMPUTE

public inbox for linux-man@vger.kernel.org
 help / color / mirror / Atom feed

From: Stephan Mueller <smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org>
To: Eugene Syromyatnikov <evgsyr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Cc: Michael Kerrisk-manpages
	<mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>,
	linux-man <linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
	David Howells <dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
	Mat Martineau
	<mathew.j.martineau-VuQAYsv1563Yd54FQh9/CA@public.gmane.org>,
	keyrings-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: [RFC PATCH 4/5] keyctl.2: document the ability to provide KDF parameters in KEYCTL_DH_COMPUTE
Date: Thu, 31 Aug 2017 18:21:37 +0200	[thread overview]
Message-ID: <3012446.sSctSvPOAs@tauon.chronox.de> (raw)
In-Reply-To: <CACGkJdveSTUSYXEWzRCAXPF1nwhbtUeH2LsaoYpDGJ_FfyesTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>

Am Donnerstag, 31. August 2017, 18:17:09 CEST schrieb Eugene Syromyatnikov:

Hi Eugene,

> On Thu, Aug 31, 2017 at 6:07 PM, Stephan Mueller <smueller-T9tCv8IpfcWELgA04lAiVw@public.gmane.org> 
wrote:
> > Am Donnerstag, 31. August 2017, 17:58:36 CEST schrieb Eugene
> > Syromyatnikov:
> > 
> > Hi Eugene,
> > 
> >> +field is a null-terminated string no longer than
> >> +.B CRYPTO_MAX_ALG_NAME
> >> +(128 bytes as of this writing) which specifies hash name
> > 
> > Is it necessary to specify that size? Note, up to 4.11 it was 64 bytes.
> > Also, it must be a valid cipher name as mentioned. Thus, I do not think
> > the size is relevant here considering the requirement to use a proper
> > name.
> 
> Right, it's probably more important for syscall decoding, but not for
> the documentation. However, my understanding is that cipher template
> can be specified (like "rfc4106(gcm(aes))"), and I'm not sure how deep
> this nesting can be and whether it is possible to reach algorithm name
> limit this way (by employing the usage of driver name instead of
> common name, for example—as I understood, it is also possible). It
> probably makes more sense to just mention this limit in the ERRORS
> section instead.

CRYPTO_MAX_ALG_NAME is given a size that all allowed cipher names can be 
represented.

Somehow in the 4.12 release cycle, somebody found a very obscure yet valid 
name for a symmetric cipher that exceeded the 64 byte limit causing the bump 
to 128 bytes.

Though, that obscure name is no SHASH. All SHASH keyed digest cipher names are 
below 64 bytes.
> 
> > Otherwise, the KDF documentation looks good.
> > 
> > Ciao
> > Stephan



Ciao
Stephan
--
To unsubscribe from this list: send the line "unsubscribe linux-man" in
the body of a message to majordomo-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

next prev parent reply	other threads:[~2017-08-31 16:21 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-08-31 15:58 [RFC PATCH 4/5] keyctl.2: document the ability to provide KDF parameters in KEYCTL_DH_COMPUTE Eugene Syromyatnikov
     [not found] ` <20170831155836.GA5257-ZbobWygYI+YXGNroddHbYwC/G2K4zDHf@public.gmane.org>
2017-08-31 16:07   ` Stephan Mueller
     [not found]     ` <1638688.g8nhH00jlV-b2PLbiJbNv8ftSvlWXw0+g@public.gmane.org>
2017-08-31 16:17       ` Eugene Syromyatnikov
     [not found]         ` <CACGkJdveSTUSYXEWzRCAXPF1nwhbtUeH2LsaoYpDGJ_FfyesTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-08-31 16:21           ` Stephan Mueller [this message]
     [not found]             ` <3012446.sSctSvPOAs-b2PLbiJbNv8ftSvlWXw0+g@public.gmane.org>
2017-08-31 16:32               ` Eugene Syromyatnikov
     [not found]                 ` <CACGkJduHdKeJApsmCP-GC0BhvyqHn49EztZZxGY5LOdTwRMYtg-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-03  0:43                   ` Michael Kerrisk (man-pages)
     [not found]                     ` <82a9a90c-86b9-9c90-f873-c679b9f77791-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2017-09-03  1:41                       ` Eugene Syromyatnikov
     [not found]                         ` <CACGkJdtNaU8t1_9nm-MnEq850jV1hHKEwpKY2ud+XNAdG1ejhQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-03 11:17                           ` Michael Kerrisk (man-pages)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=3012446.sSctSvPOAs@tauon.chronox.de \
    --to=smueller-t9tcv8ipfcwelga04laivw@public.gmane.org \
    --cc=dhowells-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=evgsyr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
    --cc=keyrings-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-man-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=mathew.j.martineau-VuQAYsv1563Yd54FQh9/CA@public.gmane.org \
    --cc=mtk.manpages-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox