Closed mswarowsky closed 7 months ago
If we are going to be concerned with ensuring that the error clean-up code is correct in this example, we should probably also ensure that the example destroys the temporary keys that are created on each call to sp800_108_counter_hmac_kdf()
and sp800_108_counter_cmac_kdf()
- on both the success and error paths?
I am satisfied that the example implements the KDF that we agreed in #123.
I have asked @gilles-peskine-arm to take a look to review this follows best practice as an mbedtls example as well.
If we are going to be concerned with ensuring that the error clean-up code is correct in this example, we should probably also ensure that the example destroys the temporary keys that are created on each call to
sp800_108_counter_hmac_kdf()
andsp800_108_counter_cmac_kdf()
- on both the success and error paths?
Good point, I added calls for psa_destroy_key(...)
to clean up correctly
Rebased again, is there anything more I can do to get this moving forward?
Rebased again, is there anything more I can do to get this moving forward?
Hi @mswarowsky - as the example is based on using the mbedtls implementation, I was hoping to have one of the mbedtls team review the example as well.
Let me check if that is likely to happen soon - if not, then I won't let that block merging the PR.
This is still on my list, I'll try to review this week.
Adds a reference implementation for a counter mode KDF using the construction recommended by NIST SP 800-108, introduced in #123.
The example is using the PSA API's with mbedtls implementation.