Re: [PATCH 00/26] SHA-1 library functions
From: Ard Biesheuvel <ardb@kernel.org>
Date: 2025-07-14 05:22:25
Also in:
linux-arm-kernel, linux-crypto, linux-mips, linux-s390, lkml, sparclinux
On Sun, 13 Jul 2025 at 09:26, Eric Biggers [off-list ref] wrote:
This series is also available at:
git fetch https://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/linux.git sha1-lib-v1
Patches 1-14 reorganize the kernel's SHA-1 code to be consistent with
the way the SHA-2 code is now organized:
- Add SHA-1 and HMAC-SHA1 library functions.
- Make the SHA-1 (and HMAC-SHA1) library functions use the existing
architecture-optimized SHA-1 code, which is moved into lib/crypto/.
- Reimplement the old-school crypto API's "sha1" and "hmac(sha1)"
algorithms on top of the SHA-1 and HMAC-SHA1 library functions.
The diffstat for that part is:
65 files changed, 1052 insertions(+), 1582 deletions(-)
This hopefully should look quite boring and familiar by now, as
essentially the same cleanup was already applied to SHA-2.
Patch 15 adds sha1_kunit.
Note that while SHA-1 is a legacy algorithm, it still has many in-kernel
users for legacy protocols. So it's not like we'll be able to remove
the SHA-1 code from the kernel anytime soon. And some of these users
are currently having to jump through some *major* hoops to work around
the limitations of the old-school crypto API. The library API greatly
simplifies things, and it makes the SHA-1 code consistent with the SHA-2
code. So, IMO it's well worth doing this reorganization of the SHA-1
code, even though SHA-1 is a legacy algorithm.
To show this even more clearly, patches 16-26 convert various users to
use the SHA-1 library API (or both SHA-1 and SHA-2, in the case of some
users that use both algorithms). The diffstat for that part is:
27 files changed, 169 insertions(+), 903 deletions(-)
For 6.17, I'd like to take patches 1-15 at the most. Patches 16-26
would be for later, and I'll probably resend them individually later for
subsystem maintainers to take.
Eric Biggers (26):
crypto: x86/sha1 - Rename conflicting symbol
lib/crypto: sha1: Rename sha1_init() to sha1_init_raw()
lib/crypto: sha1: Add SHA-1 library functions
lib/crypto: sha1: Add HMAC support
crypto: sha1 - Wrap library and add HMAC support
crypto: sha1 - Use same state format as legacy drivers
lib/crypto: arm/sha1: Migrate optimized code into library
lib/crypto: arm64/sha1: Migrate optimized code into library
lib/crypto: mips/sha1: Migrate optimized code into library
lib/crypto: powerpc/sha1: Migrate optimized code into library
lib/crypto: s390/sha1: Migrate optimized code into library
lib/crypto: sparc/sha1: Migrate optimized code into library
lib/crypto: x86/sha1: Migrate optimized code into library
crypto: sha1 - Remove sha1_base.h
lib/crypto: tests: Add KUnit tests for SHA-1 and HMAC-SHA1
bpf: Use sha1() instead of sha1_transform() in bpf_prog_calc_tag()
sctp: Use HMAC-SHA1 and HMAC-SHA256 library functions
ipv6: sr: Use HMAC-SHA1 and HMAC-SHA256 library functions
tee: Use SHA-1 library instead of crypto_shash
lib/digsig: Use SHA-1 library instead of crypto_shash
drm/bridge: it6505: Use SHA-1 library instead of crypto_shash
nfc: s3fwrn5: Use SHA-1 library instead of crypto_shash
ppp: mppe: Use SHA-1 library instead of crypto_shash
KEYS: trusted_tpm1: Use SHA-1 library instead of crypto_shash
ipv6: Switch to higher-level SHA-1 functions
lib/crypto: sha1: Remove low-level functions from API...
92 files changed, 1472 insertions(+), 2474 deletions(-)
Again, the diffstat speaks for itself. For the series, Reviewed-by: Ard Biesheuvel <ardb@kernel.org>