[GIT PULL] KEYS: Fixes and crypto fixes
Herbert Xu
herbert at gondor.apana.org.au
Thu Sep 28 10:34:51 UTC 2017
On Thu, Sep 28, 2017 at 12:08:36PM +1000, James Morris wrote:
> On Wed, 27 Sep 2017, Eric Biggers wrote:
>
> > On Thu, Sep 28, 2017 at 09:14:58AM +1000, James Morris wrote:
> > > On Wed, 27 Sep 2017, David Howells wrote:
> > >
> > > > (2) Fixing big_key to use safe crypto from Jason A. Donenfeld.
> > > >
> > >
> > > I'm concerned about the lack of crypto review mentioned by Jason -- I
> > > wonder if we can get this rewrite any more review from crypto folk.
> > >
> > > Also, are there any tests for this code? If not, it would be good to make
> > > some.
> > >
> >
> > There is a test for the big_key key type in the keyutils test suite. I also
> > manually tested Jason's change. And as far as I can tell there isn't actually a
> > whole lot to test besides adding a big_key larger than BIG_KEY_FILE_THRESHOLD
> > bytes, reading it back, and verifying that the data is unchanged --- since that
> > covers the code that was changed. An earlier version of the patch produced a
> > warning with CONFIG_DEBUG_SG=y since it put the aead_request on the stack, but
> > that's been fixed.
> >
>
> Ok, thanks a lot.
>
> > It would be great if someone else would comment on the crypto too, but for what
> > it's worth I'm satisfied with the crypto changes. GCM is a much better choice
> > than ECB as long as we don't repeat (key, IV) pairs --- which we don't. And in
> > any case ECB mode makes no sense in this context; you'd need a *very* good
> > reason to actually choose to encrypt something with ECB mode. Unfortunately it
> > tends to be a favorite of people who don't understand encryption modes...
>
> Adding Herbert.
I think Jason's patch is definitely an improvement over the status quo.
Cheers,
--
Email: Herbert Xu <herbert at gondor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
More information about the Linux-security-module-archive
mailing list