From 5cc843521dee0a7da86093eb32a66f3f082da458 Mon Sep 17 00:00:00 2001
From: David Gibson <david@gibson.dropbear.id.au>
Date: Thu, 28 Sep 2023 11:20:57 +1000
Subject: siphash: Fix bug in state initialisation

The SipHash algorithm starts with initializing the 32 bytes of internal
state with some magic numbers XORed with the hash key.  However, our
implementation has a bug - rather than XORing the hash key, it *sets* the
initial state to copies of the key.

I don't know if that affects any of the cryptographic properties of SipHash
but it's not what we should be doing.  Fix it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 siphash.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'siphash.c')

diff --git a/siphash.c b/siphash.c
index ec39793..6932da2 100644
--- a/siphash.c
+++ b/siphash.c
@@ -65,7 +65,7 @@
 									  \
 	do {								  \
 		for (__i = sizeof(v) / sizeof(v[0]) - 1; __i >= 0; __i--) \
-			v[__i] = k[__i % 2];				  \
+			v[__i] ^= k[__i % 2];				  \
 	} while (0)
 
 /**
-- 
cgit v1.2.3