* [PATCH] sha2-256 truncation
@ 2004-01-09 8:50 Michal Ludvig
2004-01-09 10:12 ` Michal Ludvig
0 siblings, 1 reply; 3+ messages in thread
From: Michal Ludvig @ 2004-01-09 8:50 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev
[-- Attachment #1: Type: text/plain, Size: 505 bytes --]
Hi,
the attached trivial patch corrects the truncation size of computed
hashes that are used in IPsec ESP/AH packets for SHA2-256. All other
hash algorithms use 96 bits as well as does SuperFreeS/WAN and FreeBSD
also for SHA2-256. Only the native Linux sha2-256 used 128 bits what led
to incompatibility with other IPsec implementations.
Please apply, thanks!
Michal Ludvig
--
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal
[-- Attachment #2: kernel-sha256.diff --]
[-- Type: text/plain, Size: 324 bytes --]
--- linux-2.6.0/net/xfrm/xfrm_algo.c 2004-01-08 01:29:52.067261651 +0100
+++ linux-2.6.0.orig/net/xfrm/xfrm_algo.c 2004-01-08 01:28:38.668690081 +0100
@@ -85,7 +85,7 @@ static struct xfrm_algo_desc aalg_list[]
.uinfo = {
.auth = {
- .icv_truncbits = 96,
+ .icv_truncbits = 128,
.icv_fullbits = 256,
}
},
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] sha2-256 truncation
2004-01-09 8:50 [PATCH] sha2-256 truncation Michal Ludvig
@ 2004-01-09 10:12 ` Michal Ludvig
2004-01-10 4:51 ` David S. Miller
0 siblings, 1 reply; 3+ messages in thread
From: Michal Ludvig @ 2004-01-09 10:12 UTC (permalink / raw)
To: David S. Miller; +Cc: netdev
[-- Attachment #1: Type: text/plain, Size: 596 bytes --]
Michal Ludvig told me that:
> the attached trivial patch corrects the truncation size of computed
> hashes that are used in IPsec ESP/AH packets for SHA2-256. All other
> hash algorithms use 96 bits as well as does SuperFreeS/WAN and FreeBSD
> also for SHA2-256. Only the native Linux sha2-256 used 128 bits what led
> to incompatibility with other IPsec implementations.
Oops, sorry. I sent a reversed patch originally. Please use this one
instead.
Michal Ludvig
--
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal
[-- Attachment #2: kernel-sha256.diff --]
[-- Type: text/plain, Size: 324 bytes --]
--- linux-2.6.0/net/xfrm/xfrm_algo.c 2004-01-08 01:29:52.067261651 +0100
+++ linux-2.6.0.orig/net/xfrm/xfrm_algo.c 2004-01-08 01:28:38.668690081 +0100
@@ -85,7 +85,7 @@ static struct xfrm_algo_desc aalg_list[]
.uinfo = {
.auth = {
- .icv_truncbits = 128,
+ .icv_truncbits = 96,
.icv_fullbits = 256,
}
},
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH] sha2-256 truncation
2004-01-09 10:12 ` Michal Ludvig
@ 2004-01-10 4:51 ` David S. Miller
0 siblings, 0 replies; 3+ messages in thread
From: David S. Miller @ 2004-01-10 4:51 UTC (permalink / raw)
To: Michal Ludvig; +Cc: netdev
On Fri, 09 Jan 2004 11:12:40 +0100
Michal Ludvig <michal@logix.cz> wrote:
> Michal Ludvig told me that:
>
> > the attached trivial patch corrects the truncation size of computed
> > hashes that are used in IPsec ESP/AH packets for SHA2-256. All other
> > hash algorithms use 96 bits as well as does SuperFreeS/WAN and FreeBSD
> > also for SHA2-256. Only the native Linux sha2-256 used 128 bits what led
> > to incompatibility with other IPsec implementations.
>
> Oops, sorry. I sent a reversed patch originally. Please use this one
> instead.
Patch applied, thanks Michal.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-01-10 4:51 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-01-09 8:50 [PATCH] sha2-256 truncation Michal Ludvig
2004-01-09 10:12 ` Michal Ludvig
2004-01-10 4:51 ` David S. Miller
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).