From: Jarkko Sakkinen <jarkko@kernel.org>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Mimi Zohar <zohar@linux.ibm.com>,
keyrings@vger.kernel.org, David Howells <dhowells@redhat.com>,
linux-integrity@vger.kernel.org, linux-crypto@vger.kernel.org,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH] KEYS: encrypted: Use SHA-256 library instead of crypto_shash
Date: Mon, 15 Sep 2025 21:16:27 +0300 [thread overview]
Message-ID: <aMhX-6jTkaLo-HsG@kernel.org> (raw)
In-Reply-To: <20250915163949.GF1993@quark>
On Mon, Sep 15, 2025 at 11:39:49AM -0500, Eric Biggers wrote:
> On Sun, Sep 07, 2025 at 07:57:12AM -0400, Mimi Zohar wrote:
> > On Tue, 2025-08-05 at 16:41 +0300, Jarkko Sakkinen wrote:
> > > On Thu, Jul 31, 2025 at 11:47:47AM -0700, Eric Biggers wrote:
> > > > Instead of the "sha256" crypto_shash, just use sha256(). Similarly,
> > > > instead of the "hmac(sha256)" crypto_shash, just use
> > > > hmac_sha256_usingrawkey(). This is simpler and faster.
> > > >
> > > > Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> > >
> > > Yeah, fully agree.
> > >
> > > Reviewed-by: Jarkko Sakkinen <jarkko@kernel.org>
> > >
> > > David, will you pick this?
> > >
> >
> > Do you want this patch being upstreamed with "[PATCH 0/2] Convert lib/digsig.c
> > to SHA-1 library" patch set?
> >
> > thanks,
> >
> > Mimi
>
> If someone could apply this for v6.18, that would be great. It's
> independent of my other patches. It looks like Mimi has been taking
> changes to this file most recently. If David or Jarkko wants to take it
> instead, that's fine too. As long as someone does it.
I did it and I'm sorry that I didn't do this earlier!
df8f189a0d3e (HEAD -> next, origin/next) KEYS: encrypted: Use SHA-256 library instead of crypto_shash
72f6cd8ad0db (origin/master, origin/HEAD, master) tpm: Use HMAC-SHA256 library instead of open-coded HMAC
Somehow my head did ticks after applying patch below and thought that
everything is ok :-) I actually had plan to apply this one too but now
it is there ready for PR.
>
> - Eric
BR, Jarkko
next prev parent reply other threads:[~2025-09-15 18:16 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-07-31 18:47 [PATCH] KEYS: encrypted: Use SHA-256 library instead of crypto_shash Eric Biggers
2025-08-05 13:41 ` Jarkko Sakkinen
2025-09-07 11:57 ` Mimi Zohar
2025-09-15 16:39 ` Eric Biggers
2025-09-15 18:16 ` Jarkko Sakkinen [this message]
2025-09-07 11:51 ` Mimi Zohar
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=aMhX-6jTkaLo-HsG@kernel.org \
--to=jarkko@kernel.org \
--cc=dhowells@redhat.com \
--cc=ebiggers@kernel.org \
--cc=keyrings@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-integrity@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=zohar@linux.ibm.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.