| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250809171941.5497-1-ebiggers@kernel.org>
Date: Sat, 9 Aug 2025 10:19:38 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: James Bottomley <James.Bottomley@...senPartnership.com>,
Jarkko Sakkinen <jarkko@...nel.org>,
Mimi Zohar <zohar@...ux.ibm.com>,
keyrings@...r.kernel.org
Cc: David Howells <dhowells@...hat.com>,
linux-integrity@...r.kernel.org,
linux-crypto@...r.kernel.org,
linux-kernel@...r.kernel.org,
Eric Biggers <ebiggers@...nel.org>
Subject: [PATCH v2 0/3] KEYS: trusted_tpm1: HMAC fix and cleanup
Patch 1 fixes the HMAC-SHA1 comparison in trusted_tpm1 to be
constant-time.
Patch 2 simplifies the SHA-1 and HMAC-SHA1 computation in trusted_tpm1
by using library APIs instead of crypto_shash. Note that this depends
on the SHA-1 and HMAC-SHA1 library APIs that were merged for v6.17-rc1.
Patch 3 is a trusted_tpm1 cleanup that moves private functionality out
of a public header.
Changed in v2:
- Added the requested note to the commit message of patch 1.
- Added a Reviewed-by tag
Eric Biggers (3):
KEYS: trusted_tpm1: Compare HMAC values in constant time
KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash
KEYS: trusted_tpm1: Move private functionality out of public header
include/keys/trusted_tpm.h | 79 ------
security/keys/trusted-keys/Kconfig | 5 +-
security/keys/trusted-keys/trusted_tpm1.c | 284 ++++++++--------------
3 files changed, 100 insertions(+), 268 deletions(-)
base-commit: 561c80369df0733ba0574882a1635287b20f9de2
--
2.50.1
Powered by blists - more mailing lists