Simon Josefsson simon@josefsson.org writes:
This feels a bit inconsistent with the hmac interface,
Anything in particular which you think is inconsistent?
HMAC is a bit special both in theory and practice. In that it isn't defined on top of any arbitrary hash function, it's defined only for hash functions in the Merkle-Damgård family (if I get the terminology right), and needs to know the underlying blocksize, which is usually considered an internal property of the hash function.
And then nettle's hmac_update and hmac_digest are a bit peculiar, since they avoid using types from HMAC_CTX, and use const for the two contexts which depend on the key only.
PBDKF2 is a more regular construction, which doesn't depend on the internals of the underlying mac/prf.
Do you want me to submit an updated patch?
It would be great if you could try out the proposed interface. And if it works out well, submit a new patch.
Regards, /Niels