lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <aYHCC-BiBKUXyUbd@kwain>
Date: Tue, 3 Feb 2026 10:41:30 +0100
From: Antoine Tenart <atenart@...nel.org>
To: Aleksander Jan Bajkowski <olek2@...pl>
Cc: herbert@...dor.apana.org.au, davem@...emloft.net, 
	linux-crypto@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 2/2] crypto: safexcel - Add support for
 authenc(hmac(md5),*) suites

On Mon, Feb 02, 2026 at 09:21:08PM +0100, Aleksander Jan Bajkowski wrote:
> This patch adds support for the following AEAD ciphersuites:
> - authenc(hmac(md5),cbc(aes))
> - authenc(hmac(md5),cbc(des)))
> - authenc(hmac(md5),cbc(des3_ede))
> - authenc(hmac(md5),rfc3686(ctr(aes)))
> 
> This is enhanced version of the patch found in the mtk-openwrt-feeds repo.

Can you say how it was tested in the commit message?

> +static int safexcel_aead_md5_ctr_cra_init(struct crypto_tfm *tfm)
> +{
> +	struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);
> +
> +	safexcel_aead_md5_cra_init(tfm);
> +	ctx->mode = CONTEXT_CONTROL_CRYPTO_MODE_CTR_LOAD; /* override default */
> +	return 0;
> +}
> +
> +struct safexcel_alg_template safexcel_alg_authenc_hmac_md5_ctr_aes = {
> +	.type = SAFEXCEL_ALG_TYPE_AEAD,
> +	.algo_mask = SAFEXCEL_ALG_AES | SAFEXCEL_ALG_MD5,
> +	.alg.aead = {
> +		.setkey = safexcel_aead_setkey,
> +		.encrypt = safexcel_aead_encrypt,
> +		.decrypt = safexcel_aead_decrypt,
> +		.ivsize = CTR_RFC3686_IV_SIZE,
> +		.maxauthsize = SHA1_DIGEST_SIZE,

MD5_DIGEST_SIZE?

> +		.base = {
> +			.cra_name = "authenc(hmac(md5),rfc3686(ctr(aes)))",
> +			.cra_driver_name = "safexcel-authenc-hmac-md5-ctr-aes",
> +			.cra_priority = SAFEXCEL_CRA_PRIORITY,
> +			.cra_flags = CRYPTO_ALG_ASYNC |
> +				     CRYPTO_ALG_ALLOCATES_MEMORY |
> +				     CRYPTO_ALG_KERN_DRIVER_ONLY,
> +			.cra_blocksize = 1,
> +			.cra_ctxsize = sizeof(struct safexcel_cipher_ctx),
> +			.cra_alignmask = 0,
> +			.cra_init = safexcel_aead_md5_ctr_cra_init,
> +			.cra_exit = safexcel_aead_cra_exit,
> +			.cra_module = THIS_MODULE,
> +		},
> +	},
> +};
> +
>  static int safexcel_aead_sha1_ctr_cra_init(struct crypto_tfm *tfm)
>  {
>  	struct safexcel_cipher_ctx *ctx = crypto_tfm_ctx(tfm);

Thanks!
Antoine

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ