lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20251211011846.8179-1-ebiggers@kernel.org>
Date: Wed, 10 Dec 2025 17:18:32 -0800
From: Eric Biggers <ebiggers@...nel.org>
To: linux-crypto@...r.kernel.org
Cc: linux-kernel@...r.kernel.org,
	Ard Biesheuvel <ardb@...nel.org>,
	"Jason A . Donenfeld" <Jason@...c4.com>,
	Herbert Xu <herbert@...dor.apana.org.au>,
	linux-arm-kernel@...ts.infradead.org,
	x86@...nel.org,
	Eric Biggers <ebiggers@...nel.org>
Subject: [PATCH 00/12] NH library and Adiantum cleanup

This series can also be retrieved from:

    git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git nh-lib-v1

This series removes the nhpoly1305 crypto_shash algorithm, which existed
only to fit Adiantum hashing into the traditional Linux crypto API
paradigm.  It replaces it with an nh() library function, combined with
code in the "adiantum" template that handles the Poly1305 step.

The result is simpler code.  As usual, I've also fixed the issue where
the architecture-optimized code was disabled by default.

I've also included some additional cleanups for the Adiantum code.

I'm planning to take this via libcrypto-next.

Eric Biggers (12):
  lib/crypto: nh: Add NH library
  lib/crypto: tests: Add KUnit tests for NH
  lib/crypto: arm/nh: Migrate optimized code into library
  lib/crypto: arm64/nh: Migrate optimized code into library
  lib/crypto: x86/nh: Migrate optimized code into library
  crypto: adiantum - Convert to use NH library
  crypto: adiantum - Use scatter_walk API instead of sg_miter
  crypto: adiantum - Use memcpy_{to,from}_sglist()
  crypto: adiantum - Drop support for asynchronous xchacha ciphers
  crypto: nhpoly1305 - Remove crypto_shash support
  crypto: testmgr - Remove nhpoly1305 tests
  fscrypt: Drop obsolete recommendation to enable optimized NHPoly1305

 Documentation/filesystems/fscrypt.rst         |    5 -
 arch/arm/crypto/Kconfig                       |   10 -
 arch/arm/crypto/Makefile                      |    2 -
 arch/arm/crypto/nhpoly1305-neon-glue.c        |   80 -
 arch/arm64/crypto/Kconfig                     |   10 -
 arch/arm64/crypto/Makefile                    |    3 -
 arch/arm64/crypto/nhpoly1305-neon-glue.c      |   79 -
 arch/x86/crypto/Kconfig                       |   20 -
 arch/x86/crypto/Makefile                      |    5 -
 arch/x86/crypto/nhpoly1305-avx2-glue.c        |   81 -
 arch/x86/crypto/nhpoly1305-sse2-glue.c        |   80 -
 crypto/Kconfig                                |    8 +-
 crypto/Makefile                               |    1 -
 crypto/adiantum.c                             |  442 +++---
 crypto/nhpoly1305.c                           |  255 ---
 crypto/testmgr.c                              |   10 +-
 crypto/testmgr.h                              | 1372 -----------------
 include/crypto/nh.h                           |   52 +
 include/crypto/nhpoly1305.h                   |   74 -
 lib/crypto/Kconfig                            |   13 +
 lib/crypto/Makefile                           |   11 +
 .../crypto => lib/crypto/arm}/nh-neon-core.S  |    0
 lib/crypto/arm/nh.h                           |   33 +
 .../crypto/arm64}/nh-neon-core.S              |    3 +-
 lib/crypto/arm64/nh.h                         |   34 +
 lib/crypto/nh.c                               |   82 +
 lib/crypto/tests/Kconfig                      |    8 +
 lib/crypto/tests/Makefile                     |    1 +
 lib/crypto/tests/nh-testvecs.h                |  298 ++++
 lib/crypto/tests/nh_kunit.c                   |   43 +
 .../crypto/x86/nh-avx2.S                      |    3 +-
 .../crypto/x86/nh-sse2.S                      |    3 +-
 lib/crypto/x86/nh.h                           |   45 +
 scripts/crypto/gen-hash-testvecs.py           |   40 +
 34 files changed, 909 insertions(+), 2297 deletions(-)
 delete mode 100644 arch/arm/crypto/nhpoly1305-neon-glue.c
 delete mode 100644 arch/arm64/crypto/nhpoly1305-neon-glue.c
 delete mode 100644 arch/x86/crypto/nhpoly1305-avx2-glue.c
 delete mode 100644 arch/x86/crypto/nhpoly1305-sse2-glue.c
 delete mode 100644 crypto/nhpoly1305.c
 create mode 100644 include/crypto/nh.h
 delete mode 100644 include/crypto/nhpoly1305.h
 rename {arch/arm/crypto => lib/crypto/arm}/nh-neon-core.S (100%)
 create mode 100644 lib/crypto/arm/nh.h
 rename {arch/arm64/crypto => lib/crypto/arm64}/nh-neon-core.S (97%)
 create mode 100644 lib/crypto/arm64/nh.h
 create mode 100644 lib/crypto/nh.c
 create mode 100644 lib/crypto/tests/nh-testvecs.h
 create mode 100644 lib/crypto/tests/nh_kunit.c
 rename arch/x86/crypto/nh-avx2-x86_64.S => lib/crypto/x86/nh-avx2.S (98%)
 rename arch/x86/crypto/nh-sse2-x86_64.S => lib/crypto/x86/nh-sse2.S (97%)
 create mode 100644 lib/crypto/x86/nh.h


base-commit: 0914d5848096af6496c7aa5e1ac051fcdb3f755b
-- 
2.52.0

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ