[API-NEXT,v2,3/3] api: crypto: deprecate DES algorithm

Message ID	1514401208-30010-4-git-send-email-odpbot@yandex.ru
State	Superseded
Headers	show Delivered-To: patch@linaro.org Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org designates 54.197.127.237 as permitted sender) client-ip=54.197.127.237; From: Github ODP bot <odpbot@yandex.ru> To: lng-odp@lists.linaro.org Date: Wed, 27 Dec 2017 22:00:08 +0300 Message-Id: <1514401208-30010-4-git-send-email-odpbot@yandex.ru> In-Reply-To: <1514401208-30010-1-git-send-email-odpbot@yandex.ru> References: <1514401208-30010-1-git-send-email-odpbot@yandex.ru> Github-pr-num: 374 Subject: [lng-odp] [PATCH API-NEXT v2 3/3] api: crypto: deprecate DES algorithm Precedence: list Errors-To: lng-odp-bounces@lists.linaro.org Sender: "lng-odp" <lng-odp-bounces@lists.linaro.org>
Series	[API-NEXT,v2,1/3] linux-gen: ipsec: stop supporting DES operation \| expand [API-NEXT,v2,1/3] linux-gen: ipsec: stop supporting DES operation [API-NEXT,v2,2/3] validation: crypto, ipsec: stop supporting DES operation [API-NEXT,v2,3/3] api: crypto: deprecate DES algorithm

Message ID

1514401208-30010-4-git-send-email-odpbot@yandex.ru

State

Superseded

Headers

Received-SPF: pass (google.com: domain of lng-odp-bounces@lists.linaro.org
	designates 54.197.127.237 as permitted sender)
	client-ip=54.197.127.237; 
From: Github ODP bot <odpbot@yandex.ru>
To: lng-odp@lists.linaro.org
Date: Wed, 27 Dec 2017 22:00:08 +0300
Message-Id: <1514401208-30010-4-git-send-email-odpbot@yandex.ru>
In-Reply-To: <1514401208-30010-1-git-send-email-odpbot@yandex.ru>
References: <1514401208-30010-1-git-send-email-odpbot@yandex.ru>
Github-pr-num: 374
Subject: [lng-odp] [PATCH API-NEXT v2 3/3] api: crypto: deprecate DES
	algorithm
Precedence: list
Errors-To: lng-odp-bounces@lists.linaro.org
Sender: "lng-odp" <lng-odp-bounces@lists.linaro.org>

Series

[API-NEXT,v2,1/3] linux-gen: ipsec: stop supporting DES operation | expand

Commit Message

Github ODP bot Dec. 27, 2017, 7 p.m. UTC

From: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>


DES is too weak, 56-bit keys, 64-bit blocks. Can be cracked nearly
bare-handed nowdays. Depreate it now, to be dropped in next release.
Note: Tripple-DES (TDES) remains in place.

Signed-off-by: Dmitry Eremin-Solenikov <dmitry.ereminsolenikov@linaro.org>

---
/** Email created from pull request 374 (lumag:no-des)
 ** https://github.com/Linaro/odp/pull/374
 ** Patch: https://github.com/Linaro/odp/pull/374.patch
 ** Base sha: a7b46491ca049998dc38b0a5b29213a407931523
 ** Merge commit sha: 681726cebb6b8b580b1180f1c97eb29176d20b8c
 **/
 include/odp/api/spec/crypto.h | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/include/odp/api/spec/crypto.h b/include/odp/api/spec/crypto.h
index 81fecbc36..78a3b699a 100644
--- a/include/odp/api/spec/crypto.h
+++ b/include/odp/api/spec/crypto.h
@@ -71,9 +71,6 @@  typedef enum {
 	/** No cipher algorithm specified */
 	ODP_CIPHER_ALG_NULL,
 
-	/** DES */
-	ODP_CIPHER_ALG_DES,
-
 	/** Triple DES with cipher block chaining */
 	ODP_CIPHER_ALG_3DES_CBC,
 
@@ -95,6 +92,9 @@  typedef enum {
 	/** @deprecated  Use ODP_CIPHER_ALG_AES_GCM instead */
 	ODP_DEPRECATE(ODP_CIPHER_ALG_AES128_GCM),
 
+	/** @deprecated  Do not use DES, 56-bit keys are too weak nowdays */
+	ODP_DEPRECATE(ODP_CIPHER_ALG_DES),
+
 } odp_cipher_alg_t;
 
 /**
@@ -168,9 +168,6 @@  typedef union odp_crypto_cipher_algos_t {
 		/** ODP_CIPHER_ALG_NULL */
 		uint32_t null        : 1;
 
-		/** ODP_CIPHER_ALG_DES */
-		uint32_t des         : 1;
-
 		/** ODP_CIPHER_ALG_3DES_CBC */
 		uint32_t trides_cbc  : 1;
 
@@ -189,6 +186,9 @@  typedef union odp_crypto_cipher_algos_t {
 		/** @deprecated  Use aes_gcm instead */
 		uint32_t ODP_DEPRECATE(aes128_gcm) : 1;
 
+		/** @deprecated  Too weak, do not use */
+		uint32_t ODP_DEPRECATE(des)        : 1;
+
 	} bit;
 
 	/** All bits of the bit field structure