On Fri, 28 Jun 2019 at 19:49, Eric Biggers <ebiggers@xxxxxxxxxx> wrote: > > On Fri, Jun 28, 2019 at 07:07:41PM +0200, Ard Biesheuvel wrote: > > Three variants of AEGIS were proposed for the CAESAR competition, and > > only one was selected for the final portfolio: AEGIS128. > > > > The other variants, AEGIS128L and AEGIS256, are not likely to ever turn > > up in networking protocols or other places where interoperability > > between Linux and other systems is a concern, nor are they likely to > > be subjected to further cryptanalysis. However, uninformed users may > > think that AEGIS128L (which is faster) is equally fit for use. > > > > So let's remove them now, before anyone starts using them and we are > > forced to support them forever. > > > > Note that there are no known flaws in the algorithms or in any of these > > implementations, but they have simply outlived their usefulness. > > > > Signed-off-by: Ard Biesheuvel <ard.biesheuvel@xxxxxxxxxx> > > --- > > arch/x86/crypto/Makefile | 4 - > > arch/x86/crypto/aegis128l-aesni-asm.S | 826 ---------------- > > arch/x86/crypto/aegis128l-aesni-glue.c | 297 ------ > > arch/x86/crypto/aegis256-aesni-asm.S | 703 -------------- > > arch/x86/crypto/aegis256-aesni-glue.c | 297 ------ > > crypto/Makefile | 2 - > > crypto/aegis128l.c | 522 ----------- > > crypto/aegis256.c | 473 ---------- > > crypto/testmgr.c | 12 - > > crypto/testmgr.h | 984 -------------------- > > 10 files changed, 4120 deletions(-) > > > > Need to remove the options from crypto/Kconfig too. > Indeed.