* [PATCH 2/2] xfrm: Drop support for HMAC-RIPEMD-160
2026-04-08 9:42 [PATCH 0/2] pull request (net-next): ipsec-next 2026-04-08 Steffen Klassert
2026-04-08 9:42 ` [PATCH 1/2] xfrm: update outdated comment Steffen Klassert
@ 2026-04-08 9:42 ` Steffen Klassert
1 sibling, 0 replies; 3+ messages in thread
From: Steffen Klassert @ 2026-04-08 9:42 UTC (permalink / raw)
To: David Miller, Jakub Kicinski; +Cc: Herbert Xu, Steffen Klassert, netdev
From: Eric Biggers <ebiggers@kernel.org>
Drop support for HMAC-RIPEMD-160 from IPsec to reduce the UAPI surface
and simplify future maintenance. It's almost certainly unused.
RIPEMD-160 received some attention in the early 2000s when SHA-* weren't
quite as well established. But it never received much adoption outside
of certain niches such as Bitcoin.
It's actually unclear that Linux + IPsec + HMAC-RIPEMD-160 has *ever*
been used, even historically. When support for it was added in 2003, it
was done so in a "cleanup" commit without any justification [1]. It
didn't actually work until someone happened to fix it 5 years later [2].
That person didn't use or test it either [3]. Finally, also note that
"hmac(rmd160)" is by far the slowest of the algorithms in aalg_list[].
Of course, today IPsec is usually used with an AEAD, such as AES-GCM.
But even for IPsec users still using a dedicated auth algorithm, they
almost certainly aren't using, and shouldn't use, HMAC-RIPEMD-160.
Thus, let's just drop support for it. Note: no kconfig update is
needed, since CRYPTO_RMD160 wasn't actually being selected anyway.
References:
[1] linux-history commit d462985fc1941a47
("[IPSEC]: Clean up key manager algorithm handling.")
[2] linux commit a13366c632132bb9
("xfrm: xfrm_algo: correct usage of RIPEMD-160")
[3] https://lore.kernel.org/all/1212340578-15574-1-git-send-email-rueegsegger@swiss-it.ch
Signed-off-by: Eric Biggers <ebiggers@kernel.org>
Signed-off-by: Steffen Klassert <steffen.klassert@secunet.com>
---
net/xfrm/xfrm_algo.c | 20 --------------------
tools/testing/selftests/net/ipsec.c | 8 ++------
2 files changed, 2 insertions(+), 26 deletions(-)
diff --git a/net/xfrm/xfrm_algo.c b/net/xfrm/xfrm_algo.c
index 749011e031c0..70434495f23f 100644
--- a/net/xfrm/xfrm_algo.c
+++ b/net/xfrm/xfrm_algo.c
@@ -290,26 +290,6 @@ static struct xfrm_algo_desc aalg_list[] = {
.sadb_alg_maxbits = 512
}
},
-{
- .name = "hmac(rmd160)",
- .compat = "rmd160",
-
- .uinfo = {
- .auth = {
- .icv_truncbits = 96,
- .icv_fullbits = 160,
- }
- },
-
- .pfkey_supported = 1,
-
- .desc = {
- .sadb_alg_id = SADB_X_AALG_RIPEMD160HMAC,
- .sadb_alg_ivlen = 0,
- .sadb_alg_minbits = 160,
- .sadb_alg_maxbits = 160
- }
-},
{
.name = "xcbc(aes)",
diff --git a/tools/testing/selftests/net/ipsec.c b/tools/testing/selftests/net/ipsec.c
index f4afef51b930..89c32c354c00 100644
--- a/tools/testing/selftests/net/ipsec.c
+++ b/tools/testing/selftests/net/ipsec.c
@@ -62,8 +62,6 @@
#define VETH_FMT "ktst-%d"
#define VETH_LEN 12
-#define XFRM_ALGO_NR_KEYS 29
-
static int nsfd_parent = -1;
static int nsfd_childa = -1;
static int nsfd_childb = -1;
@@ -96,7 +94,6 @@ struct xfrm_key_entry xfrm_key_entries[] = {
{"cbc(cast5)", 128},
{"cbc(serpent)", 128},
{"hmac(sha1)", 160},
- {"hmac(rmd160)", 160},
{"cbc(des3_ede)", 192},
{"hmac(sha256)", 256},
{"cbc(aes)", 256},
@@ -813,7 +810,7 @@ static int xfrm_fill_key(char *name, char *buf,
{
int i;
- for (i = 0; i < XFRM_ALGO_NR_KEYS; i++) {
+ for (i = 0; i < ARRAY_SIZE(xfrm_key_entries); i++) {
if (strncmp(name, xfrm_key_entries[i].algo_name, ALGO_LEN) == 0)
*key_len = xfrm_key_entries[i].key_len;
}
@@ -2061,8 +2058,7 @@ static int write_desc(int proto, int test_desc_fd,
int proto_list[] = { IPPROTO_AH, IPPROTO_COMP, IPPROTO_ESP };
char *ah_list[] = {
"digest_null", "hmac(md5)", "hmac(sha1)", "hmac(sha256)",
- "hmac(sha384)", "hmac(sha512)", "hmac(rmd160)",
- "xcbc(aes)", "cmac(aes)"
+ "hmac(sha384)", "hmac(sha512)", "xcbc(aes)", "cmac(aes)"
};
char *comp_list[] = {
"deflate",
--
2.43.0
^ permalink raw reply related [flat|nested] 3+ messages in thread