diff options
author | Daniel P. Berrange <berrange@redhat.com> | 2016-09-07 13:17:07 +0100 |
---|---|---|
committer | Daniel P. Berrange <berrange@redhat.com> | 2016-09-19 16:30:45 +0100 |
commit | acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc (patch) | |
tree | 9b982fb18aa77bf208cfce399dc7ad2a6969ba76 | |
parent | e74aabcffb74e6c15de05255480d43771ec63d8b (diff) | |
download | qemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.tar.gz qemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.tar.bz2 qemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.zip |
crypto: remove bogus /= 2 for pbkdf iterations
When calculating iterations for pbkdf of the key slot
data, we had a /= 2, which was copied from identical
code in cryptsetup. It was always unclear & undocumented
why cryptsetup had this division and it was recently
removed there, too.
Reviewed-by: Eric Blake <eblake@redhat.com>
Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-rw-r--r-- | crypto/block-luks.c | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c index 9269aaf488..3ab3250e3d 100644 --- a/crypto/block-luks.c +++ b/crypto/block-luks.c @@ -1170,10 +1170,6 @@ qcrypto_block_luks_create(QCryptoBlock *block, /* iter_time was in millis, but count_iters reported for secs */ iters = iters * luks_opts.iter_time / 1000; - /* Why /= 2 ? That matches cryptsetup, but there's no - * explanation why they chose /= 2... */ - iters /= 2; - if (iters > UINT32_MAX) { error_setg_errno(errp, ERANGE, "PBKDF iterations %llu larger than %u", |