Received: by 2002:a05:6358:53a8:b0:117:f937:c515 with SMTP id z40csp357886rwe; Fri, 14 Apr 2023 04:06:21 -0700 (PDT) X-Google-Smtp-Source: AKy350ahAQGG25cF/au3uKhg76K+tS9ihgiksAKLE8hOtgUkGDbEH6ikmBCsGMF1l+vxFDKebef1 X-Received: by 2002:a05:6a20:2448:b0:e3:6fdb:f6c6 with SMTP id t8-20020a056a20244800b000e36fdbf6c6mr2661943pzc.6.1681470381408; Fri, 14 Apr 2023 04:06:21 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1681470381; cv=none; d=google.com; s=arc-20160816; b=qfr33//a2hxD+8Zz+cCIlVZNLTphWx95bQvrJWkIS1uMQkQ8kTYl02M8f8+v3tlSFr F7CoOvmZosCT0/ShmcTtPrDljjXerjLzB20s7DffA587KDmPYb8ysb44ZRJNk7hT4qNl Ah2xKuozgv472xJbxSiEg92+xVk34rSjrZ1gT5GBHdL2pH5zPvNrafusQ3D4Gw/iLyZO OFBVlx1qk0bngrpYniJ6bXYB3/SR1jzIv9o62vY/Y33wXLWAUGwwMOwmuUHd5vJi00ua iARlAxchGS3uhsFE3UNOu3nG+s9ZD2+YrmitrT17/eH1DH+ieIVwVipzyCJyj/tZdXJ/ JUNA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date; bh=7peZZ6IzBZvI/4dB2ELdM3vgZ7ApaxR6+7bO+U4s2g8=; b=yp4GA0NONTf6Ca4enbEvijWOMjKxL6UGDzfwfugAlX3nrhhOOFa2sHTuxkwjbtsOt3 YsN3qDxTRHaUNR3FPTld7FBLAOZDYZm7fSXZZ2vz1tX7zx1Y3Z9vRX4T/1/kEW/UC9PT Op4eLhdae9mRn0iylxexQ9mIjYePF/htLvh+bYYBqBR9W8FAcxQHptWw3SwjnJP5xHvT gVMhIr5s8hz0q48sMm0gyPYVh+2lTwDpaceQufx/uNTjVW7JA1FzgEMr5bsyo6B06TvR W/rrcK/N18X797YPSxkJ+2FsKHcg2ofoGYnC3zI9fM0x99SOez1oPJK+HWUhIecAfzQW 6F7Q== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id s16-20020a63dc10000000b004fca80d4647si4388702pgg.216.2023.04.14.04.06.01; Fri, 14 Apr 2023 04:06:21 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-crypto-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-crypto-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229596AbjDNLFs (ORCPT + 99 others); Fri, 14 Apr 2023 07:05:48 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:40336 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230092AbjDNLFq (ORCPT ); Fri, 14 Apr 2023 07:05:46 -0400 Received: from 167-179-156-38.a7b39c.syd.nbn.aussiebb.net (167-179-156-38.a7b39c.syd.nbn.aussiebb.net [167.179.156.38]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DB6664C2D; Fri, 14 Apr 2023 04:05:29 -0700 (PDT) Received: from loth.rohan.me.apana.org.au ([192.168.167.2]) by formenos.hmeau.com with smtp (Exim 4.94.2 #2 (Debian)) id 1pnHEc-00FqgN-A2; Fri, 14 Apr 2023 19:04:55 +0800 Received: by loth.rohan.me.apana.org.au (sSMTP sendmail emulation); Fri, 14 Apr 2023 19:04:54 +0800 Date: Fri, 14 Apr 2023 19:04:54 +0800 From: Herbert Xu To: David Howells Cc: Chuck Lever III , Scott Mayhew , Ard Biesheuvel , Jeff Layton , Linux NFS Mailing List , "linux-crypto@vger.kernel.org" Subject: Re: Did the in-kernel Camellia or CMAC crypto implementation break? Message-ID: References: <48886D84-1A04-4B07-A666-BB56684E759F@oracle.com> <380323.1681314997@warthog.procyon.org.uk> <1078650.1681394138@warthog.procyon.org.uk> <1235770.1681462057@warthog.procyon.org.uk> <1239035.1681467430@warthog.procyon.org.uk> <1239686.1681468477@warthog.procyon.org.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1239686.1681468477@warthog.procyon.org.uk> X-Spam-Status: No, score=2.7 required=5.0 tests=BAYES_00,HELO_DYNAMIC_IPADDR2, RDNS_DYNAMIC,SPF_HELO_NONE,SPF_PASS,TVD_RCVD_IP,T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Level: ** X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-crypto@vger.kernel.org On Fri, Apr 14, 2023 at 11:34:37AM +0100, David Howells wrote: > > In krb5, for encryption, there are two keys, not one, and no IV to be passed > in. The code I have will insert a confounder and a checksum, which must have > space allowed for it. Two keys is not an issue. Authenc for example supports two keys by encoding them into a single byte-stream. AEAD also supports having no IVs by providing IV generators (see seqiv, eseqiv, etc.). Cheers, -- Email: Herbert Xu Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt