Re: [PATCH net-next v3 0/5] sctp: Convert to use crypto lib, and upgrade cookie auth
From: patchwork-bot+netdevbpf@kernel.org
Date: 2025-08-20 15:00:15
Also in:
linux-crypto, linux-sctp
Hello: This series was applied to netdev/net-next.git (main) by Jakub Kicinski [off-list ref]: On Mon, 18 Aug 2025 13:54:21 -0700 you wrote:
This series converts SCTP chunk and cookie authentication to use the crypto library API instead of crypto_shash. This is much simpler (the diffstat should speak for itself), and also faster too. In addition, this series upgrades the cookie authentication to use HMAC-SHA256. I've tested that kernels with this series applied can continue to communicate using SCTP with older ones, in either direction, using any choice of None, HMAC-SHA1, or HMAC-SHA256 chunk authentication. [...]
Here is the summary with links:
- [net-next,v3,1/5] selftests: net: Explicitly enable CONFIG_CRYPTO_SHA1 for IPsec
https://git.kernel.org/netdev/net-next/c/490a9591b5fe
- [net-next,v3,2/5] sctp: Fix MAC comparison to be constant-time
https://git.kernel.org/netdev/net-next/c/dd91c79e4f58
- [net-next,v3,3/5] sctp: Use HMAC-SHA1 and HMAC-SHA256 library for chunk authentication
https://git.kernel.org/netdev/net-next/c/bf40785fa437
- [net-next,v3,4/5] sctp: Convert cookie authentication to use HMAC-SHA256
https://git.kernel.org/netdev/net-next/c/2f3dd6ec901f
- [net-next,v3,5/5] sctp: Stop accepting md5 and sha1 for net.sctp.cookie_hmac_alg
https://git.kernel.org/netdev/net-next/c/d5a253702add
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html