From e52bff994cbfe1f253a3842663cb2f9d66a646f4 Mon Sep 17 00:00:00 2001 From: Gilles Peskine Date: Wed, 31 May 2023 00:43:29 +0200 Subject: [PATCH] Note possible issue with derive_key: who should choose the input length? Signed-off-by: Gilles Peskine --- docs/proposed/psa-driver-interface.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/proposed/psa-driver-interface.md b/docs/proposed/psa-driver-interface.md index 3aaa58bf5..da251465e 100644 --- a/docs/proposed/psa-driver-interface.md +++ b/docs/proposed/psa-driver-interface.md @@ -510,6 +510,7 @@ psa_status_t acme_derive_key( * `attributes` contains the attributes of the specified key. Note that only the key type and the bit-size are guaranteed to be set. * `input` is a buffer of `input_length` bytes which contains the raw key stream, i.e. the data that `psa_key_derivation_output_bytes()` would return. + TODO: how does the core choose `input_length`? Doesn't the driver know better? Should there be a driver entry point to determine the length, or should there be a callback that allows the driver to retrieve the input? (Note that for some algorithms, it's impossible to predict the amount of input in advance, because it depends on some complex calculation or even on random data, e.g. if doing a randomized pseudo-primality test.) * If `"memory"` property in the driver capability is true, `memory` is a data structure that the driver may use to store data between successive calls of the `"derive_key"` entry point to derive the same key. If the `"memory"` property is false or absent, the `memory` parameter is a null pointer. * `key_buffer` is a buffer for the output material, in the appropriate [export format](#key-format-for-transparent-drivers) for the key type. Its size is `key_buffer_size` bytes. * On success, `*key_buffer_length` must contain the number of bytes written to `key_buffer`.