[PATCH 0/2] crypto: remove MD4 generic shash

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



As discussed on the list [0], MD4 is still being relied upon by the CIFS
driver, even though successful attacks on MD4 are as old as Linux
itself.

So let's move the code into the CIFS driver, and remove it from the
crypto API so that it is no longer exposed to other subsystems or to
user space via AF_ALG.

Note: this leaves the code in crypto/asymmetric_keys that is able to
parse RSA+MD4 keys if an "md4" shash is available. Given that its
Kconfig symbol does not select CRYPTO_MD4, it only has a runtime
dependency on md4 and so we can either decide remove it later, or just
let it fail on the missing MD4 shash as it would today if the module is
not enabled.

[0] https://lore.kernel.org/linux-cifs/YRXlwDBfQql36wJx@sol.localdomain/

Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
Cc: ronnie sahlberg <ronniesahlberg@xxxxxxxxx>
Cc: linux-cifs <linux-cifs@xxxxxxxxxxxxxxx>
Cc: Steve French <sfrench@xxxxxxxxx>
Cc: David Howells <dhowells@xxxxxxxxxx>
Cc: keyrings@xxxxxxxxxxxxxxx

Ard Biesheuvel (2):
  fs/cifs: Incorporate obsolete MD4 crypto code
  crypto: md4 - Remove obsolete algorithm

 crypto/Kconfig       |   6 -
 crypto/Makefile      |   1 -
 crypto/md4.c         | 241 --------------------
 crypto/tcrypt.c      |  14 +-
 crypto/testmgr.c     |   6 -
 crypto/testmgr.h     |  42 ----
 fs/cifs/Kconfig      |   1 -
 fs/cifs/cifsfs.c     |   1 -
 fs/cifs/smbencrypt.c | 200 ++++++++++++++--
 9 files changed, 178 insertions(+), 334 deletions(-)
 delete mode 100644 crypto/md4.c

-- 
2.20.1




[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux