<feed xmlns='http://www.w3.org/2005/Atom'>
<title>kernel/linux.git/crypto/hmac.c, branch v7.2-rc1</title>
<subtitle>Linux kernel stable tree (mirror)</subtitle>
<id>https://git.radix-linux.su/kernel/linux.git/atom?h=v7.2-rc1</id>
<link rel='self' href='https://git.radix-linux.su/kernel/linux.git/atom?h=v7.2-rc1'/>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/'/>
<updated>2026-05-29T00:45:45+00:00</updated>
<entry>
<title>crypto: hash - Remove support for cloning hash tfms</title>
<updated>2026-05-29T00:45:45+00:00</updated>
<author>
<name>Eric Biggers</name>
<email>ebiggers@kernel.org</email>
</author>
<published>2026-05-22T05:30:23+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=f331c7be97cec765c611f95df31ee2a99628a013'/>
<id>urn:sha1:f331c7be97cec765c611f95df31ee2a99628a013</id>
<content type='text'>
Hash transformation cloning no longer has a user, and there's a good
chance no new one will appear because the library API solves the problem
in a much simpler and more efficient way.  Remove support for it.

Note that no tests need to be removed, as this feature had no tests.

Reviewed-by: Ard Biesheuvel &lt;ardb@kernel.org&gt;
Signed-off-by: Eric Biggers &lt;ebiggers@kernel.org&gt;
Acked-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Link: https://patch.msgid.link/20260522053028.91165-2-ebiggers@kernel.org
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Add ahash support</title>
<updated>2025-05-19T05:48:20+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-05-15T05:54:51+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=c3103416d5217655d707d9417aaf66f184e3d72f'/>
<id>urn:sha1:c3103416d5217655d707d9417aaf66f184e3d72f</id>
<content type='text'>
Add ahash support to hmac so that drivers that can't do hmac in
hardware do not have to implement duplicate copies of hmac.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Add export_core and import_core</title>
<updated>2025-05-19T05:48:19+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-05-15T05:54:42+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=8cf4c341f1931c20c564ab2ee0f9eb990a606cac'/>
<id>urn:sha1:8cf4c341f1931c20c564ab2ee0f9eb990a606cac</id>
<content type='text'>
Add export_import and import_core so that hmac can be used as a
fallback by block-only drivers.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Zero shash desc in setkey</title>
<updated>2025-05-19T05:48:19+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-05-15T05:54:40+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=a05a8bc5705165fe3ce9ea79048a5ff807e4651f'/>
<id>urn:sha1:a05a8bc5705165fe3ce9ea79048a5ff807e4651f</id>
<content type='text'>
The shash desc needs to be zeroed after use in setkey as it is
not finalised (finalisation automatically zeroes it).

Also remove the final function as it's been superseded by finup.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>Revert "crypto: run initcalls for generic implementations earlier"</title>
<updated>2025-05-05T10:20:44+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-04-30T08:17:02+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=ef93f1562803cd7bb8159e3abedaf7f47dce4e35'/>
<id>urn:sha1:ef93f1562803cd7bb8159e3abedaf7f47dce4e35</id>
<content type='text'>
This reverts commit c4741b23059794bd99beef0f700103b0d983b3fd.

Crypto API self-tests no longer run at registration time and now
occur either at late_initcall or upon the first use.

Therefore the premise of the above commit no longer exists.  Revert
it and subsequent additions of subsys_initcall and arch_initcall.

Note that lib/crypto calls will stay at subsys_initcall (or rather
downgraded from arch_initcall) because they may need to occur
before Crypto API registration.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Make descsize an algorithm attribute</title>
<updated>2025-04-16T07:36:24+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-04-12T10:47:45+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=aeffd9093820c16e10f61d1c894c16d435b82975'/>
<id>urn:sha1:aeffd9093820c16e10f61d1c894c16d435b82975</id>
<content type='text'>
Rather than setting descsize in init_tfm, make it an algorithm
attribute and set it during instance construction.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - remove unnecessary alignment logic</title>
<updated>2023-10-27T10:04:24+00:00</updated>
<author>
<name>Eric Biggers</name>
<email>ebiggers@google.com</email>
</author>
<published>2023-10-19T05:53:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=25c74a39e0f637a44982c3820a583755aedc9811'/>
<id>urn:sha1:25c74a39e0f637a44982c3820a583755aedc9811</id>
<content type='text'>
The hmac template is setting its alignmask to that of its underlying
unkeyed hash algorithm, and it is aligning the ipad and opad fields in
its tfm context to that alignment.  However, hmac does not actually need
any sort of alignment itself, which makes this pointless except to keep
the pads aligned to what the underlying algorithm prefers.  But very few
shash algorithms actually set an alignmask, and it is being removed from
those remaining ones; also, after setkey, the pads are only passed to
crypto_shash_import and crypto_shash_export which ignore the alignmask.

Therefore, make the hmac template stop setting an alignmask and simply
use natural alignment for ipad and opad.  Note, this change also moves
the pads from the beginning of the tfm context to the end, which makes
much more sense; the variable-length fields should be at the end.

Signed-off-by: Eric Biggers &lt;ebiggers@google.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Add missing blank line</title>
<updated>2023-06-16T12:30:35+00:00</updated>
<author>
<name>Franziska Naepelt</name>
<email>franziska.naepelt@googlemail.com</email>
</author>
<published>2023-06-06T11:17:49+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=f75bd28beb4a804a42a01e26f162f8c42b65fb09'/>
<id>urn:sha1:f75bd28beb4a804a42a01e26f162f8c42b65fb09</id>
<content type='text'>
The following checkpatch warning has been fixed:
- WARNING: Missing a blank line after declarations

Signed-off-by: Franziska Naepelt &lt;franziska.naepelt@gmail.com&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - Add support for cloning</title>
<updated>2023-04-20T10:20:04+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2023-04-13T06:24:21+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=8538e60d36d0c683d59eaeabea19f101a6cf1c66'/>
<id>urn:sha1:8538e60d36d0c683d59eaeabea19f101a6cf1c66</id>
<content type='text'>
Allow hmac to be cloned.  The underlying hash can be used directly
with a reference count.

Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
<entry>
<title>crypto: hmac - disallow keys &lt; 112 bits in FIPS mode</title>
<updated>2022-02-11T09:22:01+00:00</updated>
<author>
<name>Stephan Müller</name>
<email>smueller@chronox.de</email>
</author>
<published>2022-02-01T08:41:32+00:00</published>
<link rel='alternate' type='text/html' href='https://git.radix-linux.su/kernel/linux.git/commit/?id=37f36e5717869a69775ecb23baedf0f06ea940b4'/>
<id>urn:sha1:37f36e5717869a69775ecb23baedf0f06ea940b4</id>
<content type='text'>
FIPS 140 requires a minimum security strength of 112 bits. This implies
that the HMAC key must not be smaller than 112 in FIPS mode.

This restriction implies that the test vectors for HMAC that have a key
that is smaller than 112 bits must be disabled when FIPS support is
compiled.

Signed-off-by: Stephan Mueller &lt;smueller@chronox.de&gt;
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
</entry>
</feed>
