lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAMuHMdX0ShSafh44_D7D9GW5OzxYPx1NUc4uxpsKe1jAiTsBaA@mail.gmail.com>
Date: Tue, 18 Mar 2025 11:51:16 +0100
From: Geert Uytterhoeven <geert@...ux-m68k.org>
To: David Howells <dhowells@...hat.com>
Cc: netdev@...r.kernel.org, Herbert Xu <herbert@...dor.apana.org.au>, 
	Marc Dionne <marc.dionne@...istor.com>, Jakub Kicinski <kuba@...nel.org>, 
	"David S. Miller" <davem@...emloft.net>, Eric Dumazet <edumazet@...gle.com>, 
	Paolo Abeni <pabeni@...hat.com>, Simon Horman <horms@...nel.org>, 
	Trond Myklebust <trond.myklebust@...merspace.com>, Chuck Lever <chuck.lever@...cle.com>, 
	Eric Biggers <ebiggers@...nel.org>, Ard Biesheuvel <ardb@...nel.org>, linux-crypto@...r.kernel.org, 
	linux-afs@...ts.infradead.org, linux-nfs@...r.kernel.org, 
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH net 03/24] crypto: Add 'krb5enc' hash and cipher AEAD algorithm

Hi David,

On Mon, 3 Feb 2025 at 15:25, David Howells <dhowells@...hat.com> wrote:
> Add an AEAD template that does hash-then-cipher (unlike authenc that does
> cipher-then-hash).  This is required for a number of Kerberos 5 encoding
> types.
>
> [!] Note that the net/sunrpc/auth_gss/ implementation gets a pair of
> ciphers, one non-CTS and one CTS, using the former to do all the aligned
> blocks and the latter to do the last two blocks if they aren't also
> aligned.  It may be necessary to do this here too for performance reasons -
> but there are considerations both ways:
>
>  (1) firstly, there is an optimised assembly version of cts(cbc(aes)) on
>      x86_64 that should be used instead of having two ciphers;
>
>  (2) secondly, none of the hardware offload drivers seem to offer CTS
>      support (Intel QAT does not, for instance).
>
> However, I don't know if it's possible to query the crypto API to find out
> whether there's an optimised CTS algorithm available.
>
> Signed-off-by: David Howells <dhowells@...hat.com>

Thanks for your patch, which is now commit d1775a177f7f3815 ("crypto:
Add 'krb5enc' hash and cipher AEAD algorithm") in crypto/master.

> --- a/crypto/Kconfig
> +++ b/crypto/Kconfig
> @@ -228,6 +228,18 @@ config CRYPTO_AUTHENC
>
>           This is required for IPSec ESP (XFRM_ESP).
>
> +config CRYPTO_KRB5ENC
> +       tristate "Kerberos 5 combined hash+cipher support"
> +       select CRYPTO_AEAD
> +       select CRYPTO_SKCIPHER
> +       select CRYPTO_MANAGER
> +       select CRYPTO_HASH
> +       select CRYPTO_NULL
> +       help
> +         Combined hash and cipher support for Kerberos 5 RFC3961 simplified
> +         profile.  This is required for Kerberos 5-style encryption, used by
> +         sunrpc/NFS and rxrpc/AFS.

Hence shouldn't the latter (e.g. RPCSEC_GSS_KRB5) select CRYPTO_KRB5ENC
or CRYPTO_KRB5? Or am I missing something?

Thanks!

> +
>  config CRYPTO_TEST
>         tristate "Testing module"
>         depends on m || EXPERT

Gr{oetje,eeting}s,

                        Geert


--
Geert Uytterhoeven -- There's lots of Linux beyond ia32 -- geert@...ux-m68k.org

In personal conversations with technical people, I call myself a hacker. But
when I'm talking to journalists I just say "programmer" or something like that.
                                -- Linus Torvalds

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ