crypto: remove bogus /= 2 for pbkdf iterations

When calculating iterations for pbkdf of the key slot data, we had a /= 2, which was copied from identical code in cryptsetup. It was always unclear & undocumented why cryptsetup had this division and it was recently removed there, too. Reviewed-by: N Eric Blake <eblake@redhat.com> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com>

crypto: remove bogus /= 2 for pbkdf iterations
When calculating iterations for pbkdf of the key slot data, we had a /= 2, which was copied from identical code in cryptsetup. It was always unclear & undocumented why cryptsetup had this division and it was recently removed there, too. Reviewed-by: N Eric Blake <eblake@redhat.com> Signed-off-by: N Daniel P. Berrange <berrange@redhat.com>
acd0dfd0 · Daniel P. Berrange · e74aabcf · acd0dfd0
隐藏空白更改
内联并排

Showing with 0 addition and 4 deletion

crypto/block-luks.c crypto/block-luks.c +0 -4

未找到文件。
--- a/crypto/block-luks.c
+++ b/crypto/block-luks.c
@@ -1170,10 +1170,6 @@ qcrypto_block_luks_create(QCryptoBlock *block,
    /* iter_time was in millis, but count_iters reported for secs */
    iters = iters * luks_opts.iter_time / 1000;

-    /* Why /= 2 ?  That matches cryptsetup, but there's no
-     * explanation why they chose /= 2... */
-    iters /= 2;
-
    if (iters > UINT32_MAX) {
        error_setg_errno(errp, ERANGE,
                         "PBKDF iterations %llu larger than %u",