lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Tue, 18 Feb 2020 09:24:43 -0500
From:   Mimi Zohar <zohar@...ux.ibm.com>
To:     Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>,
        herbert@...dor.apana.org.au, davem@...emloft.net,
        jarkko.sakkinen@...ux.intel.com, ebiggers@...nel.org,
        dmitry.kasatkin@...il.com, jmorris@...ei.org, serge@...lyn.com
Cc:     linux-crypto@...r.kernel.org, linux-integrity@...r.kernel.org,
        linux-security-module@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2 1/2] crypto: fix mismatched hash algorithm name
 sm3-256 to sm3

On Tue, 2020-02-18 at 10:34 +0800, Tianjia Zhang wrote:
> On 2020/2/18 9:33, Mimi Zohar wrote:
> > On Mon, 2020-02-17 at 17:36 +0800, Tianjia Zhang wrote:
> >> The name sm3-256 is defined in hash_algo_name in hash_info, but the
> >> algorithm name implemented in sm3_generic.c is sm3, which will cause
> >> the sm3-256 algorithm to be not found in some application scenarios of
> >> the hash algorithm, and an ENOENT error will occur. For example,
> >> IMA, keys, and other subsystems that reference hash_algo_name all use
> >> the hash algorithm of sm3.
> >>
> >> According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
> >> SM3 always produces a 256-bit hash value and there are no plans for
> >> other length development, so there is no ambiguity in the name of sm3.
> >>
> >> Signed-off-by: Tianjia Zhang <tianjia.zhang@...ux.alibaba.com>
> >> Cc: Jarkko Sakkinen <jarkko.sakkinen@...ux.intel.com>
> > The previous version of this patch set is queued in the next-
> > integrity-testing branch.  That version of this patch didn't
> > change TPM_ALG_SM3_256.  Unless the TPM standard was modified, the TPM
> > spec refers to it as TPM_ALG_SM3_256.  Has that changed?
> >
> > Mimi
> 
> The definition in the TPM specification is still TPM_ALG_SM3_256, please
> ignore the modification to the TPM definition in this patch.

Ok.  Just confirming that I should ignore v2 of this patch set.
 Upstreaming the original version, as queued in next-integrity-
testing, is fine.

thanks,

Mimi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ