Re: [PATCH crypto] crypto: blake2s - remove shash module

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, May 26, 2022 at 11:20:26AM +0200, Jason A. Donenfeld wrote:
> BLAKE2s has no use as an shash and no use is likely to ever come up.

I'm not sure about that.  Anyone who is already using shash (for supporting
multiple algorithms) and wants to add blake2s support would need it.  dm-verity,
dm-integrity, fs-verity, UBIFS authentication, IMA, btrfs checksums, etc.  A
couple of these are already using blake2b, even.  I guess you might as well
remove blake2s until someone explicitly says they want it, but I can easily see
it coming back later.

> Just remove all of this unnecessary plumbing. Removing this shash was
> something we talked about back when we were making BLAKE2s a built-in,
> but I simply never got around to doing it. So this completes that
> project.
> 
> This also helps fix a bug in which the lib code depends on
> crypto_simd_disabled_for_test, which is now unnecessary.
> 
> Cc: gaochao <gaochao49@xxxxxxxxxx>
> Cc: Eric Biggers <ebiggers@xxxxxxxxxx>
> Cc: Ard Biesheuvel <ardb@xxxxxxxxxx>
> Signed-off-by: Jason A. Donenfeld <Jason@xxxxxxxxx>

More importantly, this is removing quite a bit of test coverage because the
extra self-tests in crypto/testmgr.c are more comprehensive than what
lib/crypto/blake2s-selftest.c does.  For example they test the case where the
input data is misaligned, as well as the case where the code is executed in a
context where SIMD instructions are unavailable.

In order for this to be acceptable, I think you'd need to update
blake2s-selftest.c to be more comprehensive.

- Eric



[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux