From: Eric Biggers <ebiggers@kernel.org>
To: linux-crypto@vger.kernel.org
Cc: linux-kernel@vger.kernel.org, Eric Biggers <ebiggers@kernel.org>
Subject: [PATCH 17/33] lib/crypto: aes: Remove aes_cbcmac_* functions
Date: Mon, 6 Jul 2026 22:34:47 -0700 [thread overview]
Message-ID: <20260707053503.209874-18-ebiggers@kernel.org> (raw)
In-Reply-To: <20260707053503.209874-1-ebiggers@kernel.org>
The aes_cbcmac_* functions are no longer used, except by their KUnit
test, since their functionality was folded directly into the AES-CCM
library code. Remove them.
Note that the aes_cmac_* and aes_xcbcmac_* functions remain unchanged.
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
---
include/crypto/aes-cbc-macs.h | 22 +--------
lib/crypto/aes.c | 43 -----------------
lib/crypto/tests/aes_cbc_macs_kunit.c | 68 +--------------------------
3 files changed, 2 insertions(+), 131 deletions(-)
diff --git a/include/crypto/aes-cbc-macs.h b/include/crypto/aes-cbc-macs.h
index e61df108b926..95bbb8603420 100644
--- a/include/crypto/aes-cbc-macs.h
+++ b/include/crypto/aes-cbc-macs.h
@@ -1,6 +1,6 @@
/* SPDX-License-Identifier: GPL-2.0 */
/*
- * Support for AES-CMAC, AES-XCBC-MAC, and AES-CBC-MAC
+ * Support for AES-CMAC and AES-XCBC-MAC
*
* Copyright 2026 Google LLC
*/
@@ -131,24 +131,4 @@ static inline void aes_cmac(const struct aes_cmac_key *key, const u8 *data,
aes_cmac_final(&ctx, out);
}
-/*
- * AES-CBC-MAC support. This is provided only for use by the implementation of
- * AES-CCM. It should have no other users. Warning: unlike AES-CMAC and
- * AES-XCBC-MAC, AES-CBC-MAC isn't a secure MAC for variable-length messages.
- */
-struct aes_cbcmac_ctx {
- const struct aes_enckey *key;
- size_t partial_len;
- u8 h[AES_BLOCK_SIZE];
-};
-static inline void aes_cbcmac_init(struct aes_cbcmac_ctx *ctx,
- const struct aes_enckey *key)
-{
- *ctx = (struct aes_cbcmac_ctx){ .key = key };
-}
-void aes_cbcmac_update(struct aes_cbcmac_ctx *ctx, const u8 *data,
- size_t data_len);
-void aes_cbcmac_final(struct aes_cbcmac_ctx *ctx,
- u8 out[at_least AES_BLOCK_SIZE]);
-
#endif /* _CRYPTO_AES_CBC_MACS_H */
diff --git a/lib/crypto/aes.c b/lib/crypto/aes.c
index 1a1b32e41ac1..aeefd55eacaa 100644
--- a/lib/crypto/aes.c
+++ b/lib/crypto/aes.c
@@ -674,49 +674,6 @@ void aes_cmac_final(struct aes_cmac_ctx *ctx, u8 out[AES_BLOCK_SIZE])
}
EXPORT_SYMBOL_GPL(aes_cmac_final);
-void aes_cbcmac_update(struct aes_cbcmac_ctx *ctx, const u8 *data,
- size_t data_len)
-{
- bool enc_before = false;
- size_t nblocks;
-
- if (ctx->partial_len) {
- size_t l = min(data_len, AES_BLOCK_SIZE - ctx->partial_len);
-
- crypto_xor(&ctx->h[ctx->partial_len], data, l);
- data += l;
- data_len -= l;
- ctx->partial_len += l;
- if (ctx->partial_len < AES_BLOCK_SIZE)
- return;
- enc_before = true;
- }
-
- nblocks = data_len / AES_BLOCK_SIZE;
- data_len %= AES_BLOCK_SIZE;
- if (nblocks == 0) {
- if (enc_before)
- aes_encrypt(ctx->key, ctx->h, ctx->h);
- } else {
- aes_cbcmac_blocks(ctx->h, ctx->key, data, nblocks, enc_before,
- /* enc_after= */ true);
- data += nblocks * AES_BLOCK_SIZE;
- }
- crypto_xor(ctx->h, data, data_len);
- ctx->partial_len = data_len;
-}
-EXPORT_SYMBOL_NS_GPL(aes_cbcmac_update, "CRYPTO_INTERNAL");
-
-void aes_cbcmac_final(struct aes_cbcmac_ctx *ctx, u8 out[AES_BLOCK_SIZE])
-{
- if (ctx->partial_len)
- aes_encrypt(ctx->key, out, ctx->h);
- else
- memcpy(out, ctx->h, AES_BLOCK_SIZE);
- memzero_explicit(ctx, sizeof(*ctx));
-}
-EXPORT_SYMBOL_NS_GPL(aes_cbcmac_final, "CRYPTO_INTERNAL");
-
/*
* FIPS cryptographic algorithm self-test for AES-CMAC. As per the FIPS 140-3
* Implementation Guidance, a cryptographic algorithm self-test for at least one
diff --git a/lib/crypto/tests/aes_cbc_macs_kunit.c b/lib/crypto/tests/aes_cbc_macs_kunit.c
index ae3745212f03..97a4594895c2 100644
--- a/lib/crypto/tests/aes_cbc_macs_kunit.c
+++ b/lib/crypto/tests/aes_cbc_macs_kunit.c
@@ -141,75 +141,10 @@ static void test_aes_xcbcmac_rfc3566(struct kunit *test)
KUNIT_ASSERT_MEMEQ(test, actual_mac, expected_mac, AES_BLOCK_SIZE);
}
-static void test_aes_cbcmac_rfc3610(struct kunit *test)
-{
- /*
- * The following AES-CBC-MAC test vector is extracted from RFC 3610
- * Packet Vector #11. It required some rearrangement to get the actual
- * input to AES-CBC-MAC from the values given.
- */
- static const u8 raw_key[AES_KEYSIZE_128] = {
- 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
- 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
- };
- const size_t unpadded_data_len = 52;
- static const u8 data[64] = {
- /* clang-format off */
- /* CCM header */
- 0x61, 0x00, 0x00, 0x00, 0x0d, 0x0c, 0x0b, 0x0a,
- 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0x00, 0x14,
- /* CCM additional authentication blocks */
- 0x00, 0x0c, 0x00, 0x01, 0x02, 0x03, 0x04, 0x05,
- 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x00, 0x00,
- /* CCM message blocks */
- 0x0c, 0x0d, 0x0e, 0x0f, 0x10, 0x11, 0x12, 0x13,
- 0x14, 0x15, 0x16, 0x17, 0x18, 0x19, 0x1a, 0x1b,
- 0x1c, 0x1d, 0x1e, 0x1f, 0x00, 0x00, 0x00, 0x00,
- 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
- /* clang-format on */
- };
- static const u8 expected_mac[AES_BLOCK_SIZE] = {
- 0x6b, 0x5e, 0x24, 0x34, 0x12, 0xcc, 0xc2, 0xad,
- 0x6f, 0x1b, 0x11, 0xc3, 0xa1, 0xa9, 0xd8, 0xbc,
- };
- struct aes_enckey key;
- struct aes_cbcmac_ctx ctx;
- u8 actual_mac[AES_BLOCK_SIZE];
- int err;
-
- err = aes_prepareenckey(&key, raw_key, sizeof(raw_key));
- KUNIT_ASSERT_EQ(test, err, 0);
-
- /*
- * Trailing zeroes should not affect the CBC-MAC value, up to the next
- * AES block boundary.
- */
- for (size_t data_len = unpadded_data_len; data_len <= sizeof(data);
- data_len++) {
- aes_cbcmac_init(&ctx, &key);
- aes_cbcmac_update(&ctx, data, data_len);
- aes_cbcmac_final(&ctx, actual_mac);
- KUNIT_ASSERT_MEMEQ(test, actual_mac, expected_mac,
- AES_BLOCK_SIZE);
-
- /* Incremental computations should produce the same result. */
- for (size_t part1_len = 0; part1_len <= data_len; part1_len++) {
- aes_cbcmac_init(&ctx, &key);
- aes_cbcmac_update(&ctx, data, part1_len);
- aes_cbcmac_update(&ctx, &data[part1_len],
- data_len - part1_len);
- aes_cbcmac_final(&ctx, actual_mac);
- KUNIT_ASSERT_MEMEQ(test, actual_mac, expected_mac,
- AES_BLOCK_SIZE);
- }
- }
-}
-
static struct kunit_case aes_cbc_macs_test_cases[] = {
HASH_KUNIT_CASES,
KUNIT_CASE(test_aes_cmac_rfc4493),
KUNIT_CASE(test_aes_xcbcmac_rfc3566),
- KUNIT_CASE(test_aes_cbcmac_rfc3610),
KUNIT_CASE(benchmark_hash),
{},
};
@@ -222,7 +157,6 @@ static struct kunit_suite aes_cbc_macs_test_suite = {
};
kunit_test_suite(aes_cbc_macs_test_suite);
-MODULE_DESCRIPTION(
- "KUnit tests and benchmark for AES-CMAC, AES-XCBC-MAC, and AES-CBC-MAC");
+MODULE_DESCRIPTION("KUnit tests and benchmark for AES-CMAC and AES-XCBC-MAC");
MODULE_IMPORT_NS("CRYPTO_INTERNAL");
MODULE_LICENSE("GPL");
--
2.54.0
next prev parent reply other threads:[~2026-07-07 5:37 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-07-07 5:34 [PATCH 00/33] Library APIs for AES encryption modes Eric Biggers
2026-07-07 5:34 ` [PATCH 01/33] crypto: xts - Split out __xts_verify_key() helper Eric Biggers
2026-07-07 13:20 ` Thomas Huth
2026-07-07 5:34 ` [PATCH 02/33] lib/crypto: aes: Add ECB support Eric Biggers
2026-07-07 13:59 ` Thomas Huth
2026-07-07 19:22 ` Eric Biggers
2026-07-08 5:29 ` Thomas Huth
2026-07-07 5:34 ` [PATCH 03/33] lib/crypto: aes: Add CBC and CBC-CTS support Eric Biggers
2026-07-07 5:34 ` [PATCH 04/33] lib/crypto: aes: Add CTR and XCTR support Eric Biggers
2026-07-07 5:34 ` [PATCH 05/33] lib/crypto: aes: Add XTS support Eric Biggers
2026-07-07 5:34 ` [PATCH 06/33] lib/crypto: aes: Add GCM support Eric Biggers
2026-07-07 5:34 ` [PATCH 07/33] lib/crypto: aes: Add CCM support Eric Biggers
2026-07-07 5:34 ` [PATCH 08/33] crypto: aes - Add ECB support using library Eric Biggers
2026-07-07 5:34 ` [PATCH 09/33] crypto: aes - Add CBC and CBC-CTS " Eric Biggers
2026-07-07 5:34 ` [PATCH 10/33] crypto: aes - Add CTR and XCTR " Eric Biggers
2026-07-07 5:34 ` [PATCH 11/33] crypto: aes - Add XTS " Eric Biggers
2026-07-07 5:34 ` [PATCH 12/33] crypto: aes - Add GCM " Eric Biggers
2026-07-07 5:34 ` [PATCH 13/33] crypto: aes - Add CCM " Eric Biggers
2026-07-07 5:34 ` [PATCH 14/33] x86/sev: Use new AES-GCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 15/33] lib/crypto: aesgcm: Remove old " Eric Biggers
2026-07-07 5:34 ` [PATCH 16/33] crypto: aes - Remove AES-CBC-MAC support Eric Biggers
2026-07-07 5:34 ` Eric Biggers [this message]
2026-07-07 5:34 ` [PATCH 18/33] fscrypt: Use aes_ecb_encrypt() for v1 key derivation Eric Biggers
2026-07-07 5:34 ` [PATCH 19/33] KEYS: encrypted: Use AES-CBC library instead of crypto_skcipher Eric Biggers
2026-07-07 5:34 ` [PATCH 20/33] KEYS: trusted: dcp: Use AES-GCM library instead of crypto_aead Eric Biggers
2026-07-07 5:34 ` [PATCH 21/33] libceph: Use AES-CBC library in ceph_aes_crypt() Eric Biggers
2026-07-07 5:34 ` [PATCH 22/33] libceph: Reimplement messenger v2 encryption using AES-GCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 23/33] wifi: mac80211: Use AES-CTR library in fils_aead.c Eric Biggers
2026-07-07 5:34 ` [PATCH 24/33] wifi: mac80211: Use AES-GCM library for GMAC suite Eric Biggers
2026-07-07 5:34 ` [PATCH 25/33] wifi: mac80211: Use crypto libraries for GCMP and CCMP suites Eric Biggers
2026-07-07 5:34 ` [PATCH 26/33] macsec: Use AES-GCM library instead of crypto_aead Eric Biggers
2026-07-07 5:34 ` [PATCH 27/33] wifi: ipw2x00: Use AES-CCM library Eric Biggers
2026-07-07 5:34 ` [PATCH 28/33] mac802154: Use AES-CCM and AES-CTR libraries Eric Biggers
2026-07-07 5:34 ` [PATCH 29/33] bpf: crypto: Use AES-CBC and AES-ECB libraries Eric Biggers
2026-07-07 15:01 ` Vadim Fedorenko
2026-07-07 18:20 ` Eric Biggers
2026-07-07 22:50 ` Vadim Fedorenko
2026-07-07 23:16 ` Eric Biggers
2026-07-08 11:47 ` Vadim Fedorenko
2026-07-07 5:35 ` [PATCH 30/33] bpf: crypto: Add AES-GCM support Eric Biggers
2026-07-07 15:02 ` Vadim Fedorenko
2026-07-07 5:35 ` [PATCH 31/33] smb: client: Use AES-GCM and AES-CCM libraries Eric Biggers
2026-07-07 5:35 ` [PATCH 32/33] ksmbd: " Eric Biggers
2026-07-07 10:51 ` Namjae Jeon
2026-07-07 5:35 ` [PATCH 33/33] net: tipc: Use AES-GCM library instead of crypto_aead Eric Biggers
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260707053503.209874-18-ebiggers@kernel.org \
--to=ebiggers@kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox