[PATCH RFC v1 0/3] remove remaining users of SHA-1

From: Jason A. Donenfeld
Date: Wed Jan 12 2022 - 08:12:47 EST


Hi,

There are currently two remaining users of SHA-1 left in the kernel: bpf
tag generation, and ipv6 address calculation. In an effort to reduce
code size and rid ourselves of insecure primitives, this RFC patchset
moves to using the more secure BLAKE2s function. I wanted to get your
feedback on how feasible this patchset is, and if there is some
remaining attachment to SHA-1, why exactly, and what could be done to
mitigate it. Rather than sending a mailing list post just asking, "what
do you think?" I figured it'd be easier to send this as an RFC patchset,
so you see specifically what I mean.

Thoughts? Comments?

Thanks,
Jason

Cc: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
Cc: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Cc: Ard Biesheuvel <ardb@xxxxxxxxxx>
Cc: Jean-Philippe Aumasson <jeanphilippe.aumasson@xxxxxxxxx>
Cc: linux-crypto@xxxxxxxxxxxxxxx

Jason A. Donenfeld (3):
bpf: move from sha1 to blake2s in tag calculation
ipv6: move from sha1 to blake2s in address calculation
crypto: sha1_generic - import lib/sha1.c locally

crypto/sha1_generic.c | 114 +++++++++++++++++++++++++++++++++++
include/crypto/sha1.h | 10 ---
kernel/bpf/core.c | 39 ++----------
lib/Makefile | 2 +-
lib/sha1.c | 137 ------------------------------------------
net/ipv6/addrconf.c | 31 +++-------
6 files changed, 128 insertions(+), 205 deletions(-)
delete mode 100644 lib/sha1.c

--
2.34.1