* IPSec hmac(sha256) truncation bits length
@ 2015-03-04 17:13 Nicolae Rosia
2015-03-04 18:28 ` Nicolae Rosia
2015-03-04 18:38 ` Andreas Steffen
0 siblings, 2 replies; 5+ messages in thread
From: Nicolae Rosia @ 2015-03-04 17:13 UTC (permalink / raw)
To: linux-crypto@vger.kernel.org; +Cc: Herbert Xu
Hello,
I'm trying to understand why icv_truncbits is set to 96 for
hmac(sha256) in xfrm_algo.c because
RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
Am I looking in the wrong place?
[1] https://tools.ietf.org/html/rfc4868#section-2.6
Best regards,
Nicolae Rosia
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPSec hmac(sha256) truncation bits length
2015-03-04 17:13 IPSec hmac(sha256) truncation bits length Nicolae Rosia
@ 2015-03-04 18:28 ` Nicolae Rosia
2015-03-04 18:38 ` Kim Phillips
2015-03-04 18:38 ` Andreas Steffen
1 sibling, 1 reply; 5+ messages in thread
From: Nicolae Rosia @ 2015-03-04 18:28 UTC (permalink / raw)
To: linux-crypto@vger.kernel.org; +Cc: Herbert Xu, James Morris, netdev
+ CC net, James Morris
On Wed, Mar 4, 2015 at 7:13 PM, Nicolae Rosia <nicolae.rosia@gmail.com> wrote:
> Hello,
>
> I'm trying to understand why icv_truncbits is set to 96 for
> hmac(sha256) in xfrm_algo.c because
> RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
> Am I looking in the wrong place?
>
> [1] https://tools.ietf.org/html/rfc4868#section-2.6
>
> Best regards,
> Nicolae Rosia
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPSec hmac(sha256) truncation bits length
2015-03-04 17:13 IPSec hmac(sha256) truncation bits length Nicolae Rosia
2015-03-04 18:28 ` Nicolae Rosia
@ 2015-03-04 18:38 ` Andreas Steffen
1 sibling, 0 replies; 5+ messages in thread
From: Andreas Steffen @ 2015-03-04 18:38 UTC (permalink / raw)
To: Nicolae Rosia, linux-crypto@vger.kernel.org; +Cc: Herbert Xu
[-- Attachment #1: Type: text/plain, Size: 1383 bytes --]
Hi Nicolae,
up to the Linux 2.6.32 kernel the SHA256 hash was erroneously truncated
to 96 bits. With Linux 2.6.33 the correct truncation to 128 bits
was introduce as well as the SHA384_192 and SHA512_256 data integrity
algorithms. If you want to apply the correct SHA2 truncation, use
XFRMA_ALG_AUTH_TRUNC instead of XFRMA_ALG_AUTH.
Best regards
Andreas
On 03/04/2015 06:13 PM, Nicolae Rosia wrote:
> Hello,
>
> I'm trying to understand why icv_truncbits is set to 96 for
> hmac(sha256) in xfrm_algo.c because
> RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
> Am I looking in the wrong place?
>
> [1] https://tools.ietf.org/html/rfc4868#section-2.6
>
> Best regards,
> Nicolae Rosia
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
======================================================================
Andreas Steffen andreas.steffen@strongswan.org
strongSwan - the Open Source VPN Solution! www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)
===========================================================[ITA-HSR]==
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 4255 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPSec hmac(sha256) truncation bits length
2015-03-04 18:28 ` Nicolae Rosia
@ 2015-03-04 18:38 ` Kim Phillips
2015-03-04 18:56 ` Nicolae Rosia
0 siblings, 1 reply; 5+ messages in thread
From: Kim Phillips @ 2015-03-04 18:38 UTC (permalink / raw)
To: Nicolae Rosia
Cc: linux-crypto@vger.kernel.org, Herbert Xu, James Morris, netdev
On Wed, 4 Mar 2015 20:28:26 +0200
Nicolae Rosia <nicolae.rosia@gmail.com> wrote:
> On Wed, Mar 4, 2015 at 7:13 PM, Nicolae Rosia <nicolae.rosia@gmail.com> wrote:
> > I'm trying to understand why icv_truncbits is set to 96 for
> > hmac(sha256) in xfrm_algo.c because
> > RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
See http://comments.gmane.org/gmane.linux.kernel.cryptoapi/6767
Kim
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: IPSec hmac(sha256) truncation bits length
2015-03-04 18:38 ` Kim Phillips
@ 2015-03-04 18:56 ` Nicolae Rosia
0 siblings, 0 replies; 5+ messages in thread
From: Nicolae Rosia @ 2015-03-04 18:56 UTC (permalink / raw)
To: Kim Phillips, Andreas Steffen
Cc: linux-crypto@vger.kernel.org, Herbert Xu, netdev
Thank you, Andreas and Kim.
Best regards,
Nicolae Rosia
On Wed, Mar 4, 2015 at 8:38 PM, Kim Phillips <kim.phillips@freescale.com> wrote:
> On Wed, 4 Mar 2015 20:28:26 +0200
> Nicolae Rosia <nicolae.rosia@gmail.com> wrote:
>
>> On Wed, Mar 4, 2015 at 7:13 PM, Nicolae Rosia <nicolae.rosia@gmail.com> wrote:
>> > I'm trying to understand why icv_truncbits is set to 96 for
>> > hmac(sha256) in xfrm_algo.c because
>> > RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
>
> See http://comments.gmane.org/gmane.linux.kernel.cryptoapi/6767
>
> Kim
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2015-03-04 18:56 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-04 17:13 IPSec hmac(sha256) truncation bits length Nicolae Rosia
2015-03-04 18:28 ` Nicolae Rosia
2015-03-04 18:38 ` Kim Phillips
2015-03-04 18:56 ` Nicolae Rosia
2015-03-04 18:38 ` Andreas Steffen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).