diff options
| author | David Gibson <david@gibson.dropbear.id.au> | 2023-09-28 11:20:57 +1000 |
|---|---|---|
| committer | Stefano Brivio <sbrivio@redhat.com> | 2023-09-30 12:40:43 +0200 |
| commit | 5cc843521dee0a7da86093eb32a66f3f082da458 (patch) | |
| tree | 826ae98df2772e158b2ee84d394e5f0a15b5e75c /siphash.c | |
| parent | 831067f483f68c88bce04a642e50ee6c8e632291 (diff) | |
| download | passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar.gz passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar.bz2 passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar.lz passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar.xz passt-5cc843521dee0a7da86093eb32a66f3f082da458.tar.zst passt-5cc843521dee0a7da86093eb32a66f3f082da458.zip | |
siphash: Fix bug in state initialisation
The SipHash algorithm starts with initializing the 32 bytes of internal
state with some magic numbers XORed with the hash key. However, our
implementation has a bug - rather than XORing the hash key, it *sets* the
initial state to copies of the key.
I don't know if that affects any of the cryptographic properties of SipHash
but it's not what we should be doing. Fix it.
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
Diffstat (limited to 'siphash.c')
| -rw-r--r-- | siphash.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -65,7 +65,7 @@ \ do { \ for (__i = sizeof(v) / sizeof(v[0]) - 1; __i >= 0; __i--) \ - v[__i] = k[__i % 2]; \ + v[__i] ^= k[__i % 2]; \ } while (0) /** |