siphash: Fix bug in state initialisation

The SipHash algorithm starts with initializing the 32 bytes of internal
state with some magic numbers XORed with the hash key.  However, our
implementation has a bug - rather than XORing the hash key, it *sets* the
initial state to copies of the key.

I don't know if that affects any of the cryptographic properties of SipHash
but it's not what we should be doing.  Fix it.

Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
David Gibson 2023-09-28 11:20:57 +10:00 committed by Stefano Brivio
parent 831067f483
commit 5cc843521d

View file

@ -65,7 +65,7 @@
\
do { \
for (__i = sizeof(v) / sizeof(v[0]) - 1; __i >= 0; __i--) \
v[__i] = k[__i % 2]; \
v[__i] ^= k[__i % 2]; \
} while (0)
/**