On Mon, Sep 15, 2025 at 11:39:49AM -0500, Eric Biggers wrote: > On Sun, Sep 07, 2025 at 07:57:12AM -0400, Mimi Zohar wrote: > > On Tue, 2025-08-05 at 16:41 +0300, Jarkko Sakkinen wrote: > > > On Thu, Jul 31, 2025 at 11:47:47AM -0700, Eric Biggers wrote: > > > > Instead of the "sha256" crypto_shash, just use sha256(). Similarly, > > > > instead of the "hmac(sha256)" crypto_shash, just use > > > > hmac_sha256_usingrawkey(). This is simpler and faster. > > > > > > > > Signed-off-by: Eric Biggers <[email protected]> > > > > > > Yeah, fully agree. > > > > > > Reviewed-by: Jarkko Sakkinen <[email protected]> > > > > > > David, will you pick this? > > > > > > > Do you want this patch being upstreamed with "[PATCH 0/2] Convert > > lib/digsig.c > > to SHA-1 library" patch set? > > > > thanks, > > > > Mimi > > If someone could apply this for v6.18, that would be great. It's > independent of my other patches. It looks like Mimi has been taking > changes to this file most recently. If David or Jarkko wants to take it > instead, that's fine too. As long as someone does it.
I did it and I'm sorry that I didn't do this earlier! df8f189a0d3e (HEAD -> next, origin/next) KEYS: encrypted: Use SHA-256 library instead of crypto_shash 72f6cd8ad0db (origin/master, origin/HEAD, master) tpm: Use HMAC-SHA256 library instead of open-coded HMAC Somehow my head did ticks after applying patch below and thought that everything is ok :-) I actually had plan to apply this one too but now it is there ready for PR. > > - Eric BR, Jarkko
