• Eric Biggers's avatar
    crypto: vmac - remove insecure version with hardcoded nonce · 0917b873
    Eric Biggers authored
    Remove the original version of the VMAC template that had the nonce
    hardcoded to 0 and produced a digest with the wrong endianness.  I'm
    unsure whether this had users or not (there are no explicit in-kernel
    references to it), but given that the hardcoded nonce made it wildly
    insecure unless a unique key was used for each message, let's try
    removing it and see if anyone complains.
    
    Leave the new "vmac64" template that requires the nonce to be explicitly
    specified as the first 16 bytes of data and uses the correct endianness
    for the digest.
    Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
    Signed-off-by: default avatarHerbert Xu <herbert@gondor.apana.org.au>
    0917b873
tcrypt.c 76.2 KB