lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <16a76d3e-910f-4fdf-5b2d-9f3355cce4ca@novek.ru>
Date:   Thu, 30 Sep 2021 23:56:13 +0100
From:   Vadim Fedorenko <vfedorenko@...ek.ru>
To:     Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>,
        "David S. Miller" <davem@...emloft.net>,
        Jakub Kicinski <kuba@...nel.org>,
        Boris Pismenny <borisp@...dia.com>,
        John Fastabend <john.fastabend@...il.com>,
        Daniel Borkmann <daniel@...earbox.net>, netdev@...r.kernel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] net/tls: support SM4 CCM algorithm

On 30.09.2021 04:34, Tianjia Zhang wrote:
> Hi Vadim,
> 
> On 9/29/21 5:24 AM, Vadim Fedorenko wrote:
>> On 28.09.2021 07:28, Tianjia Zhang wrote:
>>> The IV of CCM mode has special requirements, this patch supports CCM
>>> mode of SM4 algorithm.
>>>
>> Have you tried to connect this implementation to application with
>> user-space implementation of CCM mode? I wonder just because I have an
>> issue with AES-CCM Kernel TLS implementation when it's connected to
>> OpenSSL-driven server, but still have no time to fix it correctly.
> 
> I did not encounter any issue when using KTLS with AES-CCM algorithm, but the 
> KTLS RX mode on the OpenSSL side does not seem to be supported.
> 
> I encountered some problems when using the SM4-CCM algorithm of KTLS. Follow the 
> RFC8998 specification, the handshake has been successful, and the first data 
> transmission can be successful. After that, I will encounter the problem of MAC 
> verification failure, but this is issue on the OpenSSL side. because the problem 
> is still being investigated, I have not opened the code for the time being.
> 
Are you sure that this is an issue on the OpenSSL side? Because absolutely the 
same problem is reported for AES-CCM algo and only when it's offloaded to 
kernel. Looks like encryption of CCM could be broken somehow.

I will try to investigate it a bit later from the AES-CCM side.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ