lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <Z8P2L6nZGUEUiNwS@gondor.apana.org.au>
Date: Sun, 2 Mar 2025 14:09:51 +0800
From: Herbert Xu <herbert@...dor.apana.org.au>
To: David Howells <dhowells@...hat.com>
Cc: Marc Dionne <marc.dionne@...istor.com>,
	Jakub Kicinski <kuba@...nel.org>,
	"David S. Miller" <davem@...emloft.net>,
	Eric Dumazet <edumazet@...gle.com>, Paolo Abeni <pabeni@...hat.com>,
	Simon Horman <horms@...nel.org>,
	Trond Myklebust <trond.myklebust@...merspace.com>,
	Chuck Lever <chuck.lever@...cle.com>,
	Eric Biggers <ebiggers@...nel.org>,
	Ard Biesheuvel <ardb@...nel.org>, linux-crypto@...r.kernel.org,
	linux-afs@...ts.infradead.org, linux-nfs@...r.kernel.org,
	netdev@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [GIT PULL] crypto: Add Kerberos crypto lib

On Fri, Feb 28, 2025 at 09:55:47AM +0000, David Howells wrote:
> Hi Herbert,
> 
> Could you pull this into the crypto tree please?  It does a couple of
> things:
> 
>  (1) Provide an AEAD crypto driver, krb5enc, that mirrors the authenc
>      driver, but that hashes the plaintext, not the ciphertext.  This was
>      made a separate module rather than just being a part of the authenc
>      driver because it has to do all of the constituent operations in the
>      opposite order - which impacts the async op handling.
> 
>      Testmgr data is provided for AES+SHA2 and Camellia combinations of
>      authenc and krb5enc used by the krb5 library.  AES+SHA1 is not
>      provided as the RFCs don't contain usable test vectors.
> 
>  (2) Provide a Kerberos 5 crypto library.  This is an extract from the
>      sunrpc driver as that code can be shared between sunrpc/nfs and
>      rxrpc/afs.  This provides encryption, decryption, get MIC and verify
>      MIC routines that use and wrap the crypto functions, along with some
>      functions to provide layout management.
> 
>      This supports AES+SHA1, AES+SHA2 and Camellia encryption types.
> 
>      Self-testing is provided that goes further than is possible with
>      testmgr, doing subkey derivation as well.
> 
> The patches were previously posted here:
> 
>     https://lore.kernel.org/r/20250203142343.248839-1-dhowells@redhat.com/
> 
> as part of a larger series, but the networking guys would prefer these to
> go through the crypto tree.  If you want them reposting independently, I
> can do that.

I tried pulling it but it's not based on the cryptodev tree so
it will create a mess when I push this upstream.  If you want me
to pull it through cryptodev please rebase it on my tree.

Thanks,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ