[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <1400771437-14096-1-git-send-email-horia.geanta@freescale.com>
Date: Thu, 22 May 2014 18:10:36 +0300
From: Horia Geanta <horia.geanta@...escale.com>
To: Steffen Klassert <steffen.klassert@...unet.com>,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>
CC: Lei Xu <Lei.Xu@...escale.com>,
Sandeep Malik <Sandeep.Malik@...escale.com>,
<netdev@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [RFC ipsec-next] Non-standard sha256 ICV truncation size
Hi,
I am sending this patch as RFC, since the change is likely to create
interoperability issues.
I'd like to get some comments on what should be the correct approach in this
standard vs. de facto setup.
Note that an older commit (which is no longer in git's history, but can be found
here https://archive.org/details/git-history-of-linux) changed truncated ICV size
from 128bit to 96bit:
commit 627d1054055f465603bcfb7ef5c9adc5db9b2a53
Author: Michal Ludvig <michal@...ix.cz>
Date: Fri Jan 9 04:55:59 2004 -0800
[XFRM]: SHA2-256 should be truncated to 96 bits, not 128.
It seems that initially the sha256 ICV was truncated to 128 bits, but later
changed to 96 bits due to interoperability issues - see comment here:
http://oss.sgi.com/archives/netdev/2004-01/msg00824.html
Note that commit above is from 2004, long before RFC4868 was released (2007).
Thanks,
Horia
Lei Xu (1):
xfrm: make sha256 icv truncation length RFC-compliant
net/xfrm/xfrm_algo.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--
1.8.3.1
--
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists