From: Simon Horman <horms@kernel.org>
To: David Howells <dhowells@redhat.com>
Cc: Herbert Xu <herbert@gondor.apana.org.au>,
Chuck Lever <chuck.lever@oracle.com>,
Trond Myklebust <trond.myklebust@hammerspace.com>,
"David S. Miller" <davem@davemloft.net>,
Marc Dionne <marc.dionne@auristor.com>,
Eric Dumazet <edumazet@google.com>,
Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com>,
Eric Biggers <ebiggers@kernel.org>,
Ard Biesheuvel <ardb@kernel.org>,
linux-crypto@vger.kernel.org, linux-afs@lists.infradead.org,
linux-nfs@vger.kernel.org, linux-fsdevel@vger.kernel.org,
netdev@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [RFC PATCH 03/24] crypto: Add 'krb5enc' hash and cipher AEAD algorithm
Date: Mon, 20 Jan 2025 13:57:54 +0000 [thread overview]
Message-ID: <20250120135754.GX6206@kernel.org> (raw)
In-Reply-To: <20250117183538.881618-4-dhowells@redhat.com>
On Fri, Jan 17, 2025 at 06:35:12PM +0000, David Howells wrote:
> Add an AEAD template that does hash-then-cipher (unlike authenc that does
> cipher-then-hash). This is required for a number of Kerberos 5 encoding
> types.
>
> [!] Note that the net/sunrpc/auth_gss/ implementation gets a pair of
> ciphers, one non-CTS and one CTS, using the former to do all the aligned
> blocks and the latter to do the last two blocks if they aren't also
> aligned. It may be necessary to do this here too for performance reasons -
> but there are considerations both ways:
>
> (1) firstly, there is an optimised assembly version of cts(cbc(aes)) on
> x86_64 that should be used instead of having two ciphers;
>
> (2) secondly, none of the hardware offload drivers seem to offer CTS
> support (Intel QAT does not, for instance).
>
> However, I don't know if it's possible to query the crypto API to find out
> whether there's an optimised CTS algorithm available.
>
> Signed-off-by: David Howells <dhowells@redhat.com>
...
> diff --git a/crypto/krb5enc.c b/crypto/krb5enc.c
...
> +static int krb5enc_verify_hash(struct aead_request *req, void *hash)
> +{
> + struct crypto_aead *krb5enc = crypto_aead_reqtfm(req);
> + struct aead_instance *inst = aead_alg_instance(krb5enc);
> + struct krb5enc_instance_ctx *ictx = aead_instance_ctx(inst);
> + struct krb5enc_request_ctx *areq_ctx = aead_request_ctx(req);
> + struct ahash_request *ahreq = (void *)(areq_ctx->tail + ictx->reqoff);
> + unsigned int authsize = crypto_aead_authsize(krb5enc);
> + u8 *ihash = ahreq->result + authsize;
> +
> + scatterwalk_map_and_copy(ihash, req->src, ahreq->nbytes, authsize, 0);
> +
> + if (crypto_memneq(ihash, ahreq->result, authsize))
> + return -EBADMSG;
> + return 0;
> +}
> +
> +static void krb5enc_decrypt_hash_done(void *data, int err)
> +{
> + struct aead_request *req = data;
> +
> + if (err)
> + return krb5enc_request_complete(req, err);
> +
> + err = krb5enc_verify_hash(req, 0);
Hi David,
Sparse complains that the second argument to krb5enc_verify_hash should be
a pointer rather than an integer. So perhaps this would be slightly better
expressed as (completely untested!):
err = krb5enc_verify_hash(req, NULL);
> + krb5enc_request_complete(req, err);
...
> +}
next prev parent reply other threads:[~2025-01-20 13:57 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-01-17 18:35 [RFC PATCH 00/24] crypto: Add generic Kerberos library with AEAD template for hash-then-crypt David Howells
2025-01-17 18:35 ` [RFC PATCH 01/24] crypto/krb5: Add API Documentation David Howells
2025-01-17 18:35 ` [RFC PATCH 02/24] crypto/krb5: Add some constants out of sunrpc headers David Howells
2025-01-17 18:35 ` [RFC PATCH 03/24] crypto: Add 'krb5enc' hash and cipher AEAD algorithm David Howells
2025-01-20 13:57 ` Simon Horman [this message]
2025-01-20 14:25 ` David Howells
2025-01-20 17:39 ` Eric Biggers
2025-01-20 18:59 ` David Howells
2025-01-20 19:12 ` Eric Biggers
2025-01-20 20:18 ` David Howells
2025-01-20 20:47 ` Eric Biggers
2025-01-20 23:12 ` David Howells
2025-01-17 18:35 ` [RFC PATCH 04/24] crypto/krb5: Test manager data David Howells
2025-01-17 18:35 ` [RFC PATCH 05/24] crypto/krb5: Implement Kerberos crypto core David Howells
2025-01-17 18:35 ` [RFC PATCH 06/24] crypto/krb5: Add an API to query the layout of the crypto section David Howells
2025-01-17 18:35 ` [RFC PATCH 07/24] crypto/krb5: Add an API to alloc and prepare a crypto object David Howells
2025-01-17 18:35 ` [RFC PATCH 08/24] crypto/krb5: Add an API to perform requests David Howells
2025-01-17 18:35 ` [RFC PATCH 09/24] crypto/krb5: Provide infrastructure and key derivation David Howells
2025-01-17 18:35 ` [RFC PATCH 10/24] crypto/krb5: Implement the Kerberos5 rfc3961 " David Howells
2025-01-17 18:35 ` [RFC PATCH 11/24] crypto/krb5: Provide RFC3961 setkey packaging functions David Howells
2025-01-17 18:35 ` [RFC PATCH 12/24] crypto/krb5: Implement the Kerberos5 rfc3961 encrypt and decrypt functions David Howells
2025-01-17 18:35 ` [RFC PATCH 13/24] crypto/krb5: Implement the Kerberos5 rfc3961 get_mic and verify_mic David Howells
2025-01-17 18:35 ` [RFC PATCH 14/24] crypto/krb5: Implement the AES enctypes from rfc3962 David Howells
2025-01-17 18:35 ` [RFC PATCH 15/24] crypto/krb5: Implement the AES enctypes from rfc8009 David Howells
2025-01-17 18:35 ` [RFC PATCH 16/24] crypto/krb5: Implement the AES encrypt/decrypt " David Howells
2025-01-17 18:35 ` [RFC PATCH 17/24] crypto/krb5: Implement crypto self-testing David Howells
2025-01-17 18:35 ` [RFC PATCH 18/24] crypto/krb5: Add the AES self-testing data from rfc8009 David Howells
2025-01-17 18:35 ` [RFC PATCH 19/24] crypto/krb5: Implement the Camellia enctypes from rfc6803 David Howells
2025-01-17 18:35 ` [RFC PATCH 20/24] rxrpc: Add the security index for yfs-rxgk David Howells
2025-01-17 18:35 ` [RFC PATCH 21/24] rxrpc: Add YFS RxGK (GSSAPI) security class David Howells
2025-01-17 18:35 ` [RFC PATCH 22/24] rxrpc: rxgk: Provide infrastructure and key derivation David Howells
2025-01-17 18:35 ` [RFC PATCH 23/24] rxrpc: rxgk: Implement the yfs-rxgk security class (GSSAPI) David Howells
2025-01-17 18:35 ` [RFC PATCH 24/24] rxrpc: rxgk: Implement connection rekeying David Howells
2025-01-17 18:57 ` [RFC PATCH 00/24] crypto: Add generic Kerberos library with AEAD template for hash-then-crypt Chuck Lever
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250120135754.GX6206@kernel.org \
--to=horms@kernel.org \
--cc=ardb@kernel.org \
--cc=chuck.lever@oracle.com \
--cc=davem@davemloft.net \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=edumazet@google.com \
--cc=herbert@gondor.apana.org.au \
--cc=kuba@kernel.org \
--cc=linux-afs@lists.infradead.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=marc.dionne@auristor.com \
--cc=netdev@vger.kernel.org \
--cc=pabeni@redhat.com \
--cc=trond.myklebust@hammerspace.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.