Closed mswarowsky closed 7 months ago
athoelke
commented
10 months ago If we are going to be concerned with ensuring that the error clean-up code is correct in this example, we should probably also ensure that the example destroys the temporary keys that are created on each call to sp800_108_counter_hmac_kdf() and sp800_108_counter_cmac_kdf() - on both the success and error paths?
athoelke
commented
10 months ago I am satisfied that the example implements the KDF that we agreed in #123.
I have asked @gilles-peskine-arm to take a look to review this follows best practice as an mbedtls example as well.
mswarowsky
commented
10 months ago If we are going to be concerned with ensuring that the error clean-up code is correct in this example, we should probably also ensure that the example destroys the temporary keys that are created on each call to
sp800_108_counter_hmac_kdf()andsp800_108_counter_cmac_kdf()- on both the success and error paths?
Good point, I added calls for psa_destroy_key(...) to clean up correctly
mswarowsky
commented
9 months ago Rebased again, is there anything more I can do to get this moving forward?
athoelke
commented
9 months ago Rebased again, is there anything more I can do to get this moving forward?
Hi @mswarowsky - as the example is based on using the mbedtls implementation, I was hoping to have one of the mbedtls team review the example as well.
Let me check if that is likely to happen soon - if not, then I won't let that block merging the PR.
gilles-peskine-arm
commented
9 months ago This is still on my list, I'll try to review this week.
Adds a reference implementation for a counter mode KDF using the construction recommended by NIST SP 800-108, introduced in #123.
The example is using the PSA API's with mbedtls implementation.