git.baikalelectronics.ru Git - kernel.git/commit

author	Jason A. Donenfeld <Jason@zx2c4.com>
	Tue, 11 Jan 2022 13:37:41 +0000 (14:37 +0100)
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>
	Mon, 30 May 2022 07:28:59 +0000 (09:28 +0200)
commit	bf46016049f73f02c0fde6bbae12a68adbcae7cb
tree	1a53e65d50d8b61801f1137aa572fa78f82e73c7	tree \| snapshot
parent	62e2c3aaca9bbbd5bbcdde5e04d3c696ef017cb8	commit \| diff

lib/crypto: blake2s: move hmac construction into wireguard

commit 8e362a7179518cabb4e16049c8001f33c1df1e4d upstream.

Basically nobody should use blake2s in an HMAC construction; it already
has a keyed variant. But unfortunately for historical reasons, Noise,
used by WireGuard, uses HKDF quite strictly, which means we have to use
this. Because this really shouldn't be used by others, this commit moves
it into wireguard's noise.c locally, so that kernels that aren't using
WireGuard don't get this superfluous code baked in. On m68k systems,
this shaves off ~314 bytes.

Cc: Herbert Xu <herbert@gondor.apana.org.au>
Tested-by: Geert Uytterhoeven <geert@linux-m68k.org>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

drivers/net/wireguard/noise.c		diff \| blob \| history
include/crypto/blake2s.h		diff \| blob \| history
lib/crypto/blake2s-selftest.c		diff \| blob \| history
lib/crypto/blake2s.c		diff \| blob \| history