diff options
author | Eric Biggers <ebiggers@google.com> | 2018-06-18 20:22:40 +0300 |
---|---|---|
committer | Herbert Xu <herbert@gondor.apana.org.au> | 2018-07-01 16:00:44 +0300 |
commit | 0917b873127cebd4a259b92d43af5963484981ae (patch) | |
tree | 863d6988a27042ca432b7da830fc924cf6434324 /crypto/testmgr.c | |
parent | ed331adab35bcddc595dae066522ca6336ee9210 (diff) | |
download | linux-0917b873127cebd4a259b92d43af5963484981ae.tar.xz |
crypto: vmac - remove insecure version with hardcoded nonce
Remove the original version of the VMAC template that had the nonce
hardcoded to 0 and produced a digest with the wrong endianness. I'm
unsure whether this had users or not (there are no explicit in-kernel
references to it), but given that the hardcoded nonce made it wildly
insecure unless a unique key was used for each message, let's try
removing it and see if anyone complains.
Leave the new "vmac64" template that requires the nonce to be explicitly
specified as the first 16 bytes of data and uses the correct endianness
for the digest.
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>
Diffstat (limited to 'crypto/testmgr.c')
-rw-r--r-- | crypto/testmgr.c | 6 |
1 files changed, 0 insertions, 6 deletions
diff --git a/crypto/testmgr.c b/crypto/testmgr.c index 60a557b0f8d3..63f263fd1dae 100644 --- a/crypto/testmgr.c +++ b/crypto/testmgr.c @@ -3478,12 +3478,6 @@ static const struct alg_test_desc alg_test_descs[] = { .hash = __VECS(tgr192_tv_template) } }, { - .alg = "vmac(aes)", - .test = alg_test_hash, - .suite = { - .hash = __VECS(aes_vmac128_tv_template) - } - }, { .alg = "vmac64(aes)", .test = alg_test_hash, .suite = { |