summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel P. Berrange <berrange@redhat.com>2016-09-07 13:17:07 +0100
committerDaniel P. Berrange <berrange@redhat.com>2016-09-19 16:30:45 +0100
commitacd0dfd0c252a06ec6f2146fea01b66b7bc68cfc (patch)
tree9b982fb18aa77bf208cfce399dc7ad2a6969ba76
parente74aabcffb74e6c15de05255480d43771ec63d8b (diff)
downloadqemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.tar.gz
qemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.tar.bz2
qemu-acd0dfd0c252a06ec6f2146fea01b66b7bc68cfc.zip
crypto: remove bogus /= 2 for pbkdf iterations
When calculating iterations for pbkdf of the key slot data, we had a /= 2, which was copied from identical code in cryptsetup. It was always unclear & undocumented why cryptsetup had this division and it was recently removed there, too. Reviewed-by: Eric Blake <eblake@redhat.com> Signed-off-by: Daniel P. Berrange <berrange@redhat.com>
-rw-r--r--crypto/block-luks.c4
1 files changed, 0 insertions, 4 deletions
diff --git a/crypto/block-luks.c b/crypto/block-luks.c
index 9269aaf488..3ab3250e3d 100644
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -1170,10 +1170,6 @@ qcrypto_block_luks_create(QCryptoBlock *block,
/* iter_time was in millis, but count_iters reported for secs */
iters = iters * luks_opts.iter_time / 1000;
- /* Why /= 2 ? That matches cryptsetup, but there's no
- * explanation why they chose /= 2... */
- iters /= 2;
-
if (iters > UINT32_MAX) {
error_setg_errno(errp, ERANGE,
"PBKDF iterations %llu larger than %u",