<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux.git/crypto/krb5, branch v6.16</title>
<subtitle>Linux kernel source tree</subtitle>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/'/>
<entry>
<title>crypto/krb5: Fix change to use SG miter to use offset</title>
<updated>2025-04-29T18:28:50+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-04-28T10:22:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=eed848871c96d4b5a7b06307755b75abd0cc7a06'/>
<id>eed848871c96d4b5a7b06307755b75abd0cc7a06</id>
<content type='text'>
The recent patch to make the rfc3961 simplified code use sg_miter rather
than manually walking the scatterlist to hash the contents of a buffer
described by that scatterlist failed to take the starting offset into
account.

This is indicated by the selftests reporting:

    krb5: Running aes128-cts-hmac-sha256-128 mic
    krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
    krb5: MIC mismatch

Fix this by calling sg_miter_skip() before doing the loop to advance
by the offset.

This only affects packet signing modes and not full encryption in RxGK
because, for full encryption, the message digest is handled inside the
authenc and krb5enc drivers.

Note: Nothing in linus/master uses the krb5lib, though the bug is there.
It is used by AF_RXRPC's RxGK implementation in -next, no need to backport.

Fixes: da6f9bf40ac2 ("crypto: krb5 - Use SG miter instead of doing it by hand")
Reported-by: Marc Dionne &lt;marc.dionne@auristor.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
Acked-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Link: https://patch.msgid.link/3824017.1745835726@warthog.procyon.org.uk
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The recent patch to make the rfc3961 simplified code use sg_miter rather
than manually walking the scatterlist to hash the contents of a buffer
described by that scatterlist failed to take the starting offset into
account.

This is indicated by the selftests reporting:

    krb5: Running aes128-cts-hmac-sha256-128 mic
    krb5: !!! TESTFAIL crypto/krb5/selftest.c:446
    krb5: MIC mismatch

Fix this by calling sg_miter_skip() before doing the loop to advance
by the offset.

This only affects packet signing modes and not full encryption in RxGK
because, for full encryption, the message digest is handled inside the
authenc and krb5enc drivers.

Note: Nothing in linus/master uses the krb5lib, though the bug is there.
It is used by AF_RXRPC's RxGK implementation in -next, no need to backport.

Fixes: da6f9bf40ac2 ("crypto: krb5 - Use SG miter instead of doing it by hand")
Reported-by: Marc Dionne &lt;marc.dionne@auristor.com&gt;
Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
Acked-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
Link: https://patch.msgid.link/3824017.1745835726@warthog.procyon.org.uk
Signed-off-by: Jakub Kicinski &lt;kuba@kernel.org&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto: krb5 - Use SG miter instead of doing it by hand</title>
<updated>2025-03-21T09:33:38+00:00</updated>
<author>
<name>Herbert Xu</name>
<email>herbert@gondor.apana.org.au</email>
</author>
<published>2025-03-13T05:14:56+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=da6f9bf40ac267b5c720694a817beea84fa40f77'/>
<id>da6f9bf40ac267b5c720694a817beea84fa40f77</id>
<content type='text'>
The function crypto_shash_update_sg iterates through an SG by
hand.  It fails to handle corner cases such as SG entries longer
than a page.  Fix this by using the SG iterator.

Fixes: 348f5669d1f6 ("crypto/krb5: Implement the Kerberos5 rfc3961 get_mic and verify_mic")
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
The function crypto_shash_update_sg iterates through an SG by
hand.  It fails to handle corner cases such as SG entries longer
than a page.  Fix this by using the SG iterator.

Fixes: 348f5669d1f6 ("crypto/krb5: Implement the Kerberos5 rfc3961 get_mic and verify_mic")
Signed-off-by: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement crypto self-testing</title>
<updated>2025-03-02T21:56:47+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-02-03T13:44:37+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=fc0cf10c04f49ddba1925b630467f49ea993569e'/>
<id>fc0cf10c04f49ddba1925b630467f49ea993569e</id>
<content type='text'>
Implement self-testing infrastructure to test the pseudo-random function,
key derivation, encryption and checksumming.

Add the testing data from rfc8009 to test AES + HMAC-SHA2.

Add the testing data from rfc6803 to test Camellia.  Note some encryption
test vectors here are incomplete, lacking the key usage number needed to
derive Ke and Ki, and there are errata for this:

	https://www.rfc-editor.org/errata_search.php?rfc=6803

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement self-testing infrastructure to test the pseudo-random function,
key derivation, encryption and checksumming.

Add the testing data from rfc8009 to test AES + HMAC-SHA2.

Add the testing data from rfc6803 to test Camellia.  Note some encryption
test vectors here are incomplete, lacking the key usage number needed to
derive Ke and Ki, and there are errata for this:

	https://www.rfc-editor.org/errata_search.php?rfc=6803

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the Camellia enctypes from rfc6803</title>
<updated>2025-03-02T21:55:23+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2020-09-25T11:24:50+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=742e38d4d4033e7ff53178acf7edd2b1fe0142ef'/>
<id>742e38d4d4033e7ff53178acf7edd2b1fe0142ef</id>
<content type='text'>
Implement the camellia128-cts-cmac and camellia256-cts-cmac enctypes from
rfc6803.

Note that the test vectors in rfc6803 for encryption are incomplete,
lacking the key usage number needed to derive Ke and Ki, and there are
errata for this:

	https://www.rfc-editor.org/errata_search.php?rfc=6803

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement the camellia128-cts-cmac and camellia256-cts-cmac enctypes from
rfc6803.

Note that the test vectors in rfc6803 for encryption are incomplete,
lacking the key usage number needed to derive Ke and Ki, and there are
errata for this:

	https://www.rfc-editor.org/errata_search.php?rfc=6803

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the AES enctypes from rfc8009</title>
<updated>2025-03-02T21:53:55+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-02-03T13:42:41+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=6c3c0e86c2acf53bf67c095c67335a0bec2a16af'/>
<id>6c3c0e86c2acf53bf67c095c67335a0bec2a16af</id>
<content type='text'>
Implement the aes128-cts-hmac-sha256-128 and aes256-cts-hmac-sha384-192
enctypes from rfc8009, overriding the rfc3961 kerberos 5 simplified crypto
scheme.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement the aes128-cts-hmac-sha256-128 and aes256-cts-hmac-sha384-192
enctypes from rfc8009, overriding the rfc3961 kerberos 5 simplified crypto
scheme.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the AES enctypes from rfc3962</title>
<updated>2025-03-02T21:52:48+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2020-09-03T11:05:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=7c164b66b276c49b3888d3280e1b70a85732a38c'/>
<id>7c164b66b276c49b3888d3280e1b70a85732a38c</id>
<content type='text'>
Implement the aes128-cts-hmac-sha1-96 and aes256-cts-hmac-sha1-96 enctypes
from rfc3962, using the rfc3961 kerberos 5 simplified crypto scheme.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement the aes128-cts-hmac-sha1-96 and aes256-cts-hmac-sha1-96 enctypes
from rfc3962, using the rfc3961 kerberos 5 simplified crypto scheme.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the Kerberos5 rfc3961 get_mic and verify_mic</title>
<updated>2025-03-02T21:51:47+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2020-09-24T09:23:48+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=348f5669d1f6c1c210b9017ebb8b82282eca6f25'/>
<id>348f5669d1f6c1c210b9017ebb8b82282eca6f25</id>
<content type='text'>
Add functions that sign and verify a message according to rfc3961 sec 5.4,
using Kc to generate a checksum and insert it into the MIC field in the
skbuff in the sign phase then checksum the data and compare it to the MIC
in the verify phase.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add functions that sign and verify a message according to rfc3961 sec 5.4,
using Kc to generate a checksum and insert it into the MIC field in the
skbuff in the sign phase then checksum the data and compare it to the MIC
in the verify phase.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the Kerberos5 rfc3961 encrypt and decrypt functions</title>
<updated>2025-03-02T21:50:43+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2020-09-24T07:31:06+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=00244da40f7821b242c4612428d4192230dba27f'/>
<id>00244da40f7821b242c4612428d4192230dba27f</id>
<content type='text'>
Add functions that encrypt and decrypt a message according to rfc3961 sec
5.3, using Ki to checksum the data to be secured and Ke to encrypt it
during the encryption phase, then decrypting with Ke and verifying the
checksum with Ki in the decryption phase.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Add functions that encrypt and decrypt a message according to rfc3961 sec
5.3, using Ki to checksum the data to be secured and Ke to encrypt it
during the encryption phase, then decrypting with Ke and verifying the
checksum with Ki in the decryption phase.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Provide RFC3961 setkey packaging functions</title>
<updated>2025-03-02T21:49:40+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2025-01-17T13:20:34+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=8bcdbfa89f4fc1ab7b06e784cb9c3346a943955e'/>
<id>8bcdbfa89f4fc1ab7b06e784cb9c3346a943955e</id>
<content type='text'>
Provide functions to derive keys according to RFC3961 (or load the derived
keys for the selftester where only derived keys are available) and to
package them up appropriately for passing to a krb5enc AEAD setkey or a
hash setkey function.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Provide functions to derive keys according to RFC3961 (or load the derived
keys for the selftester where only derived keys are available) and to
package them up appropriately for passing to a krb5enc AEAD setkey or a
hash setkey function.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
<entry>
<title>crypto/krb5: Implement the Kerberos5 rfc3961 key derivation</title>
<updated>2025-03-02T21:48:34+00:00</updated>
<author>
<name>David Howells</name>
<email>dhowells@redhat.com</email>
</author>
<published>2020-09-03T11:05:04+00:00</published>
<link rel='alternate' type='text/html' href='https://git.tavy.me/linux.git/commit/?id=c8d8f6af66c3cd7896460da4a0ddd006f391f6d2'/>
<id>c8d8f6af66c3cd7896460da4a0ddd006f391f6d2</id>
<content type='text'>
Implement the simplified crypto profile for Kerberos 5 rfc3961 with the
pseudo-random function, PRF(), from section 5.3 and the key derivation
function, DK() from section 5.1.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</content>
<content type='xhtml'>
<div xmlns='http://www.w3.org/1999/xhtml'>
<pre>
Implement the simplified crypto profile for Kerberos 5 rfc3961 with the
pseudo-random function, PRF(), from section 5.3 and the key derivation
function, DK() from section 5.1.

Signed-off-by: David Howells &lt;dhowells@redhat.com&gt;
cc: Herbert Xu &lt;herbert@gondor.apana.org.au&gt;
cc: "David S. Miller" &lt;davem@davemloft.net&gt;
cc: Chuck Lever &lt;chuck.lever@oracle.com&gt;
cc: Marc Dionne &lt;marc.dionne@auristor.com&gt;
cc: Eric Dumazet &lt;edumazet@google.com&gt;
cc: Jakub Kicinski &lt;kuba@kernel.org&gt;
cc: Paolo Abeni &lt;pabeni@redhat.com&gt;
cc: Simon Horman &lt;horms@kernel.org&gt;
cc: linux-afs@lists.infradead.org
cc: linux-nfs@vger.kernel.org
cc: linux-crypto@vger.kernel.org
cc: netdev@vger.kernel.org
</pre>
</div>
</content>
</entry>
</feed>
