From: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: James Bottomley <James.Bottomley@hansenpartnership.com>,
linux-integrity <linux-integrity@vger.kernel.org>,
"open list:HARDWARE RANDOM NUMBER GENERATOR CORE"
<linux-crypto@vger.kernel.org>,
linux-security-module <linux-security-module@vger.kernel.org>,
Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com>
Subject: Re: [PATCH v4 2/7] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling
Date: Wed, 24 Oct 2018 11:40:49 +0300 (EEST) [thread overview]
Message-ID: <alpine.DEB.2.21.1810241137400.3525@jsakkine-mobl1> (raw)
In-Reply-To: <CAKv+Gu8T8yGEu2GWWKzLXR=wgd=mYHcTYLrD69_zpaddQK3Zxw@mail.gmail.com>
On Tue, 23 Oct 2018, Ard Biesheuvel wrote:
> On 23 October 2018 at 04:01, James Bottomley
> <James.Bottomley@hansenpartnership.com> wrote:
>> On Mon, 2018-10-22 at 19:19 -0300, Ard Biesheuvel wrote:
>> [...]
>>>> +static void hmac_init(struct shash_desc *desc, u8 *key, int
>>>> keylen)
>>>> +{
>>>> + u8 pad[SHA256_BLOCK_SIZE];
>>>> + int i;
>>>> +
>>>> + desc->tfm = sha256_hash;
>>>> + desc->flags = CRYPTO_TFM_REQ_MAY_SLEEP;
>>>
>>> I don't think this actually does anything in the shash API
>>> implementation, so you can drop this.
>>
>> OK, I find crypto somewhat hard to follow. There were bits I had to
>> understand, like when I wrote the CFB implementation or when I fixed
>> the ECDH scatterlist handling, but I've got to confess, in time
>> honoured tradition I simply copied this from EVM crypto without
>> actually digging into the code to understand why.
>>
>
> Yeah, it is notoriously hard to use, and we should try to improve that.
James,
I would hope (already said in my review) to use longer than one
character variable names for most of the stuff. I did not quite
understand why you decided to use 'counter' for obvious counter
variable and one character names for non-obvious stuff :-)
I'm not sure where the 'encoded' exactly comes in the variable
name 'encoded_key' especially in the context of these cryptic
names.
/Jarkko
next prev parent reply other threads:[~2018-10-24 17:08 UTC|newest]
Thread overview: 35+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-10-22 7:33 [PATCH v4 0/7] add integrity and security to TPM2 transactions James Bottomley
2018-10-22 7:35 ` [PATCH v4 1/7] tpm-buf: create new functions for handling TPM buffers James Bottomley
2018-10-23 19:12 ` Jarkko Sakkinen
2018-10-23 19:16 ` Jarkko Sakkinen
2018-10-22 7:36 ` [PATCH v4 2/7] tpm2-sessions: Add full HMAC and encrypt/decrypt session handling James Bottomley
2018-10-22 22:19 ` Ard Biesheuvel
2018-10-22 22:19 ` Ard Biesheuvel
2018-10-23 7:01 ` James Bottomley
2018-10-23 7:01 ` James Bottomley
2018-10-23 10:08 ` Ard Biesheuvel
2018-10-23 10:08 ` Ard Biesheuvel
2018-10-24 8:40 ` Jarkko Sakkinen [this message]
2018-10-24 8:40 ` Jarkko Sakkinen
2018-10-23 23:48 ` Jarkko Sakkinen
2018-10-24 9:31 ` James Bottomley
2018-10-25 15:56 ` Jarkko Sakkinen
2018-10-22 7:37 ` [PATCH v4 3/7] tpm2: add hmac checks to tpm2_pcr_extend() James Bottomley
2018-10-22 7:37 ` [PATCH v4 4/7] tpm2: add session encryption protection to tpm2_get_random() James Bottomley
2018-10-22 7:38 ` [PATCH v4 5/7] trusted keys: Add session encryption protection to the seal/unseal path James Bottomley
2018-10-24 0:03 ` Jarkko Sakkinen
2018-10-22 7:39 ` [PATCH v4 6/7] tpm: add the null key name as a tpm2 sysfs variable James Bottomley
2018-10-22 7:40 ` [PATCH v4 7/7] tpm2-sessions: NOT FOR COMMITTING add sessions testing James Bottomley
2018-10-22 13:53 ` [PATCH v4 0/7] add integrity and security to TPM2 transactions Ken Goldman
2018-10-22 14:18 ` James Bottomley
2018-10-22 15:50 ` Ken Goldman
2018-10-22 15:55 ` James Bottomley
2018-10-24 0:13 ` Jarkko Sakkinen
2018-10-24 7:41 ` James Bottomley
2018-10-25 15:39 ` Jarkko Sakkinen
2018-10-24 0:06 ` Jarkko Sakkinen
2018-10-24 7:34 ` James Bottomley
2018-10-25 16:53 ` Ken Goldman
2018-10-23 23:51 ` Jarkko Sakkinen
2018-10-24 7:43 ` James Bottomley
2018-10-25 15:42 ` Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=alpine.DEB.2.21.1810241137400.3525@jsakkine-mobl1 \
--to=jarkko.sakkinen@linux.intel.com \
--cc=James.Bottomley@hansenpartnership.com \
--cc=ard.biesheuvel@linaro.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.