On Fri, Jun 28, 2019 at 07:07:41PM +0200, Ard Biesheuvel wrote: > Three variants of AEGIS were proposed for the CAESAR competition, and > only one was selected for the final portfolio: AEGIS128. > > The other variants, AEGIS128L and AEGIS256, are not likely to ever turn > up in networking protocols or other places where interoperability > between Linux and other systems is a concern, nor are they likely to > be subjected to further cryptanalysis. However, uninformed users may > think that AEGIS128L (which is faster) is equally fit for use. > > So let's remove them now, before anyone starts using them and we are > forced to support them forever. > > Note that there are no known flaws in the algorithms or in any of these > implementations, but they have simply outlived their usefulness. > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > --- > arch/x86/crypto/Makefile | 4 - > arch/x86/crypto/aegis128l-aesni-asm.S | 826 ---------------- > arch/x86/crypto/aegis128l-aesni-glue.c | 297 ------ > arch/x86/crypto/aegis256-aesni-asm.S | 703 -------------- > arch/x86/crypto/aegis256-aesni-glue.c | 297 ------ > crypto/Makefile | 2 - > crypto/aegis128l.c | 522 ----------- > crypto/aegis256.c | 473 ---------- > crypto/testmgr.c | 12 - > crypto/testmgr.h | 984 -------------------- > 10 files changed, 4120 deletions(-) > Need to remove the options from crypto/Kconfig too. - Eric