From: Thomas Huth <thuth@redhat.com>
To: Eric Biggers <ebiggers@kernel.org>, linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org
Subject: Re: [PATCH 02/33] lib/crypto: aes: Add ECB support
Date: Tue, 7 Jul 2026 15:59:24 +0200 [thread overview]
Message-ID: <f41f7217-c444-41da-84b9-1592dcd9b58d@redhat.com> (raw)
In-Reply-To: <20260707053503.209874-3-ebiggers@kernel.org>
On 07/07/2026 07.34, Eric Biggers wrote:
> Add support for AES-ECB to the crypto library.
>
> This will be used to provide a streamlined implementation of the
> "ecb(aes)" crypto_skcipher algorithm. fs/crypto/keysetup_v1.c will also
> use aes_ecb_encrypt() directly.
>
> As usual, the architecture-optimized AES-ECB code will be migrated into
> the library as well (using the hooks provided in this commit),
> eliminating lots of repetitive boilerplate code.
>
> ECB is obsolete of course, but we need this for parity with the
> traditional API and to support some odd users of ECB in the kernel.
>
> Initial test coverage is provided by the crypto_skcipher support added
> in a later commit. I'm planning a KUnit test suite as well.
>
> Create a documentation file libcrypto-unauth-encryption.rst to hold the
> documentation for this and other unauthenticated encryption modes.
>
> Signed-off-by: Eric Biggers <ebiggers@kernel.org>
> ---
> .../crypto/libcrypto-unauth-encryption.rst | 28 ++++++++++
> Documentation/crypto/libcrypto.rst | 1 +
> include/crypto/aes-ecb.h | 49 ++++++++++++++++
> lib/crypto/Kconfig | 9 ++-
> lib/crypto/aes.c | 56 +++++++++++++++++++
> lib/crypto/tests/Kconfig | 1 +
> 6 files changed, 142 insertions(+), 2 deletions(-)
> create mode 100644 Documentation/crypto/libcrypto-unauth-encryption.rst
> create mode 100644 include/crypto/aes-ecb.h
>
> diff --git a/Documentation/crypto/libcrypto-unauth-encryption.rst b/Documentation/crypto/libcrypto-unauth-encryption.rst
> new file mode 100644
> index 000000000000..891c15279749
> --- /dev/null
> +++ b/Documentation/crypto/libcrypto-unauth-encryption.rst
> @@ -0,0 +1,28 @@
> +.. SPDX-License-Identifier: GPL-2.0-or-later
> +
> +Unauthenticated encryption
> +==========================
> +
> +Support for unauthenticated encryption and decryption, including bare stream
> +ciphers and other length-preserving algorithms such as block ciphers in XTS
> +mode.
This sentence no verb?
> +
> +- Support for legacy protocols that really should have chosen an authenticated
> + mode (or even another primitive entirely) but didn't.
> +
> +- Internal components of authenticated modes. For example, AES-CTR is used by
> + AES-GCM and AES-CCM internally.
> +
> +- Storage encryption that cannot accommodate ciphertext expansion. Usually
> + AES-XTS is used for this.
> +
> +- Stream ciphers for key derivation and random number generation.
> +
> +Besides the above, these shouldn't be used.
> +
> +AES-ECB
> +-------
> +
> +Support for AES in the ECB mode of operation.
> +
> +.. kernel-doc:: include/crypto/aes-ecb.h
> diff --git a/Documentation/crypto/libcrypto.rst b/Documentation/crypto/libcrypto.rst
> index a1557d45b0e5..bbf5ca137910 100644
> --- a/Documentation/crypto/libcrypto.rst
> +++ b/Documentation/crypto/libcrypto.rst
> @@ -161,5 +161,6 @@ API documentation
> libcrypto-blockcipher
> libcrypto-hash
> libcrypto-signature
> + libcrypto-unauth-encryption
> libcrypto-utils
> sha3
> diff --git a/include/crypto/aes-ecb.h b/include/crypto/aes-ecb.h
> new file mode 100644
> index 000000000000..bfc56bdb082c
> --- /dev/null
> +++ b/include/crypto/aes-ecb.h
> @@ -0,0 +1,49 @@
> +/* SPDX-License-Identifier: GPL-2.0 */
> +/*
> + * AES-ECB unauthenticated encryption and decryption
> + *
> + * Copyright 2026 Google LLC
> + */
> +#ifndef _CRYPTO_AES_ECB_H
> +#define _CRYPTO_AES_ECB_H
> +
> +#include <crypto/aes.h>
> +
> +/**
> + * aes_ecb_encrypt() - Encrypt data using AES-ECB
> + * @dst: The destination buffer. Can be in-place or out-of-place. For other
> + * overlaps the behavior is unspecified.
> + * @src: The source data
> + * @len: Number of bytes to encrypt. Must be a multiple of AES_BLOCK_SIZE.
> + * @key: The key
> + *
> + * ECB mode is insecure by itself. This function exists only for compatibility
> + * with legacy protocols and for internal use by other modes.
> + *
> + * This supports incremental encryption, but the length of each chunk must be a
> + * multiple of AES_BLOCK_SIZE.
> + *
> + * Context: Any context.
> + */
> +void aes_ecb_encrypt(u8 *dst, const u8 *src, size_t len, aes_encrypt_arg key);
Other similar functions like aes_encrypt() use the key as first argument ...
so maybe do the same here, too, for consistency?
> +/**
> + * aes_ecb_decrypt() - Decrypt data using AES-ECB
> + * @dst: The destination buffer. Can be in-place or out-of-place. For other
> + * overlaps the behavior is unspecified.
> + * @src: The source data
> + * @len: Number of bytes to decrypt. Must be a multiple of AES_BLOCK_SIZE.
> + * @key: The key
> + *
> + * ECB mode is insecure by itself. This function exists only for compatibility
> + * with legacy protocols and for internal use by other modes.
> + *
> + * This supports incremental decryption, but the length of each chunk must be a
> + * multiple of AES_BLOCK_SIZE.
> + *
> + * Context: Any context.
> + */
> +void aes_ecb_decrypt(u8 *dst, const u8 *src, size_t len,
> + const struct aes_key *key);
dito
Apart from that, patch looks fine to me.
Thomas
next prev parent reply other threads:[~2026-07-07 13:59 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-07 5:34 [PATCH 00/33] Library APIs for AES encryption modes Eric Biggers
2026-07-07 5:34 ` [PATCH 01/33] crypto: xts - Split out __xts_verify_key() helper Eric Biggers
2026-07-07 13:20 ` Thomas Huth
2026-07-07 5:34 ` [PATCH 02/33] lib/crypto: aes: Add ECB support Eric Biggers
2026-07-07 13:59 ` Thomas Huth [this message]
2026-07-07 19:22 ` Eric Biggers
2026-07-08 5:29 ` Thomas Huth
2026-07-07 5:34 ` [PATCH 03/33] lib/crypto: aes: Add CBC and CBC-CTS support Eric Biggers
2026-07-09 13:06 ` Thomas Huth
2026-07-07 5:34 ` [PATCH 04/33] lib/crypto: aes: Add CTR and XCTR support Eric Biggers
2026-07-07 5:34 ` [PATCH 05/33] lib/crypto: aes: Add XTS support Eric Biggers
2026-07-07 5:34 ` [PATCH 06/33] lib/crypto: aes: Add GCM support Eric Biggers
2026-07-07 5:34 ` [PATCH 07/33] lib/crypto: aes: Add CCM support Eric Biggers
2026-07-07 5:34 ` [PATCH 08/33] crypto: aes - Add ECB support using library Eric Biggers
2026-07-07 5:34 ` [PATCH 09/33] crypto: aes - Add CBC and CBC-CTS " Eric Biggers
2026-07-07 5:34 ` [PATCH 10/33] crypto: aes - Add CTR and XCTR " Eric Biggers
2026-07-07 5:34 ` [PATCH 11/33] crypto: aes - Add XTS " Eric Biggers
2026-07-07 5:34 ` [PATCH 12/33] crypto: aes - Add GCM " Eric Biggers
2026-07-07 5:34 ` [PATCH 13/33] crypto: aes - Add CCM " Eric Biggers
2026-07-07 5:34 ` [PATCH 14/33] x86/sev: Use new AES-GCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 15/33] lib/crypto: aesgcm: Remove old " Eric Biggers
2026-07-07 5:34 ` [PATCH 16/33] crypto: aes - Remove AES-CBC-MAC support Eric Biggers
2026-07-07 5:34 ` [PATCH 17/33] lib/crypto: aes: Remove aes_cbcmac_* functions Eric Biggers
2026-07-07 5:34 ` [PATCH 18/33] fscrypt: Use aes_ecb_encrypt() for v1 key derivation Eric Biggers
2026-07-07 5:34 ` [PATCH 19/33] KEYS: encrypted: Use AES-CBC library instead of crypto_skcipher Eric Biggers
2026-07-07 5:34 ` [PATCH 20/33] KEYS: trusted: dcp: Use AES-GCM library instead of crypto_aead Eric Biggers
2026-07-07 5:34 ` [PATCH 21/33] libceph: Use AES-CBC library in ceph_aes_crypt() Eric Biggers
2026-07-07 5:34 ` [PATCH 22/33] libceph: Reimplement messenger v2 encryption using AES-GCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 23/33] wifi: mac80211: Use AES-CTR library in fils_aead.c Eric Biggers
2026-07-07 5:34 ` [PATCH 24/33] wifi: mac80211: Use AES-GCM library for GMAC suite Eric Biggers
2026-07-07 5:34 ` [PATCH 25/33] wifi: mac80211: Use crypto libraries for GCMP and CCMP suites Eric Biggers
2026-07-07 5:34 ` [PATCH 26/33] macsec: Use AES-GCM library instead of crypto_aead Eric Biggers
2026-07-07 5:34 ` [PATCH 27/33] wifi: ipw2x00: Use AES-CCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 28/33] mac802154: Use AES-CCM and AES-CTR libraries Eric Biggers
2026-07-07 5:34 ` [PATCH 29/33] bpf: crypto: Use AES-CBC and AES-ECB libraries Eric Biggers
2026-07-07 15:01 ` Vadim Fedorenko
2026-07-07 18:20 ` Eric Biggers
2026-07-07 22:50 ` Vadim Fedorenko
2026-07-07 23:16 ` Eric Biggers
2026-07-08 11:47 ` Vadim Fedorenko
2026-07-09 15:47 ` Eric Biggers
2026-07-09 16:46 ` Vadim Fedorenko
2026-07-07 5:35 ` [PATCH 30/33] bpf: crypto: Add AES-GCM support Eric Biggers
2026-07-07 15:02 ` Vadim Fedorenko
2026-07-07 5:35 ` [PATCH 31/33] smb: client: Use AES-GCM and AES-CCM libraries Eric Biggers
2026-07-07 5:35 ` [PATCH 32/33] ksmbd: " Eric Biggers
2026-07-07 10:51 ` Namjae Jeon
2026-07-07 5:35 ` [PATCH 33/33] net: tipc: Use AES-GCM library instead of crypto_aead Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f41f7217-c444-41da-84b9-1592dcd9b58d@redhat.com \
--to=thuth@redhat.com \
--cc=ebiggers@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox