[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <83d7f550-7216-6ff4-bc8a-859e752e12a3@auristor.com>
Date: Wed, 31 May 2023 20:14:02 -0400
From: Jeffrey E Altman <jaltman@...istor.com>
To: David Howells <dhowells@...hat.com>,
Chuck Lever III <chuck.lever@...cle.com>
Cc: Herbert Xu <herbert@...dor.apana.org.au>,
"linux-afs@...ts.infradead.org" <linux-afs@...ts.infradead.org>,
Linux NFS Mailing List <linux-nfs@...r.kernel.org>,
"linux-crypto@...r.kernel.org" <linux-crypto@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: Re: How to get my krb5 crypto lib upstream?
On 5/31/2023 4:08 PM, David Howells wrote:
> Fair point. In rxgk, I use key_len, key_bytes, block_len, cksum_len plus the
> name for procfs purposes. I also wonder if I need separate key_len and
> key_bytes if I'm not supporting DES (DES keys gets expanded IIRC). Also, some
> of the checks I'm doing could perhaps be moved into the krb5 lib.
The "K" in RXGK is RFC3961 without support for weak ciphers. No DES, no
3DES
and no RC4-HMAC. DES keys are never expanded.
The supported ciphers are
* aes128-cts-hmac-sha1-96 (RFC3962)
* aes256-cts-hmac-sha1-96 (RFC3962)
* aes128-cts-hmac-sha256-128 (RFC8009)
* aes256-cts-hmac-sha384-192 (RFC8009)
There are other Kerberos ciphers that could be used with RXGK but there
are no RXGK server implementations that use them. None of the RFC3961
ciphers or the RFC3961 interfaces support AEAD modes.
Luke Howard proposed "AEAD Encryption Types for Kerberos 5"
https://datatracker.ietf.org/doc/draft-howard-krb-aead/ to IETF Kitten
which would add AES128 and AES256 GCM, CCM, and OCB modes. However,
there is some resistance to these additions because at the moment all
RFC3961 ciphers are safe for use with long term keys and repeating
cipher state; AEAD modes are not.
RXGK can be constrained such that it is safe for use with AEAD modes and
I would like to see Luke's draft be adopted if only because CTS-HMAC is
not supported by Intel QAT and GCM is. Adoption of Luke's draft would
not only benefit AuriStorFS but NFSv4 gss-krb5 as well.
My suggestion is that the kernel should provide an RFC3961 API for use
by gss_krb5 applications. AEAD modes can be added to that if and when
Luke's draft is adopted.
Jeffrey Altman
Download attachment "smime.p7s" of type "application/pkcs7-signature" (4039 bytes)
Powered by blists - more mailing lists