| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <42a0c4c6-8b75-4aec-a8d7-6c71e0a90b9c@wp.pl>
Date: Tue, 3 Feb 2026 19:13:01 +0100
From: Aleksander Jan Bajkowski <olek2@...pl>
To: Antoine Tenart <atenart@...nel.org>
Cc: herbert@...dor.apana.org.au, davem@...emloft.net,
linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] crypto: safexcel - Add support for
authenc(hmac(md5),*) suites
On 2/3/26 10:41, Antoine Tenart wrote:
> On Mon, Feb 02, 2026 at 09:21:08PM +0100, Aleksander Jan Bajkowski wrote:
>> This patch adds support for the following AEAD ciphersuites:
>> - authenc(hmac(md5),cbc(aes))
>> - authenc(hmac(md5),cbc(des)))
>> - authenc(hmac(md5),cbc(des3_ede))
>> - authenc(hmac(md5),rfc3686(ctr(aes)))
>>
>> This is enhanced version of the patch found in the mtk-openwrt-feeds repo.
> Can you say how it was tested in the commit message?
Sure. The first three algorithms were tested using the test vectors
recently sent upstream. I also tried to add test vectors for
authenc(hmac(sha*/md5),rfc3686(ctr(aes))), but I had some trouble with
the hmac results on NXP P2020. I suspect the problem may be in my
calculations.
I'm also planning to test IPSEC between EIP93 and EIP97/197. The former
has some issues with HMAC, and in the case of the latter, there are
reports that EIP197 drops connections.
>
>> +static int safexcel_aead_md5_ctr_cra_init(struct crypto_tfm *tfm)
>> +{
>> + struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
>> +
>> + safexcel_aead_md5_cra_init(tfm);
>> + ctx->mode = CONTEXT_CONTROL_CRYPTO_MODE_CTR_LOAD; /* override default */
>> + return 0;
>> +}
>> +
>> +struct safexcel_alg_template safexcel_alg_authenc_hmac_md5_ctr_aes = {
>> + .type = SAFEXCEL_ALG_TYPE_AEAD,
>> + .algo_mask = SAFEXCEL_ALG_AES | SAFEXCEL_ALG_MD5,
>> + .alg.aead = {
>> + .setkey = safexcel_aead_setkey,
>> + .encrypt = safexcel_aead_encrypt,
>> + .decrypt = safexcel_aead_decrypt,
>> + .ivsize = CTR_RFC3686_IV_SIZE,
>> + .maxauthsize = SHA1_DIGEST_SIZE,
> MD5_DIGEST_SIZE?
Indeed. A copy-paste mistake.
>
>> + .base = {
>> + .cra_name = "authenc(hmac(md5),rfc3686(ctr(aes)))",
>> + .cra_driver_name = "safexcel-authenc-hmac-md5-ctr-aes",
>> + .cra_priority = SAFEXCEL_CRA_PRIORITY,
>> + .cra_flags = CRYPTO_ALG_ASYNC |
>> + CRYPTO_ALG_ALLOCATES_MEMORY |
>> + CRYPTO_ALG_KERN_DRIVER_ONLY,
>> + .cra_blocksize = 1,
>> + .cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
>> + .cra_alignmask = 0,
>> + .cra_init = safexcel_aead_md5_ctr_cra_init,
>> + .cra_exit = safexcel_aead_cra_exit,
>> + .cra_module = THIS_MODULE,
>> + },
>> + },
>> +};
>> +
>> static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm)
>> {
>> struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> Thanks!
> Antoine
Powered by blists - more mailing lists