[PATCH crypto 2/2] lib/crypto: blake2s: move hmac construction into wireguard
Eric Biggers
ebiggers at kernel.org
Wed Jan 12 18:35:38 UTC 2022
On Tue, Jan 11, 2022 at 02:49:34PM +0100, Jason A. Donenfeld wrote:
> Basically nobody should use blake2s in an HMAC construction; it already
> has a keyed variant. But for unfortunately historical reasons, Noise,
> used by WireGuard, uses HKDF quite strictly, which means we have to use
> this. Because this really shouldn't be used by others, this commit moves
> it into wireguard's noise.c locally, so that kernels that aren't using
> WireGuard don't get this superfluous code baked in. On m68k systems,
> this shaves off ~314 bytes.
>
> Cc: Geert Uytterhoeven <geert at linux-m68k.org>
> Cc: Herbert Xu <herbert at gondor.apana.org.au>
> Cc: Ard Biesheuvel <ardb at kernel.org>
> Cc: netdev at vger.kernel.org
> Cc: wireguard at lists.zx2c4.com
> Signed-off-by: Jason A. Donenfeld <Jason at zx2c4.com>
> ---
Reviewed-by: Eric Biggers <ebiggers at google.com>
- Eric
More information about the WireGuard
mailing list