Answered questions inline. I will regenerate the patch and submit it to fix the issues with the numbering of test cases and remove the additional line. Regards Jonathan -----Original Message----- From: Sebastian Siewior [mailto:linux-crypto@xxxxxxxxxxxxxxxx] Sent: Tuesday, November 06, 2007 19:03 To: Lynch, Jonathan Cc: linux-crypto@xxxxxxxxxxxxxxx; herbert@xxxxxxxxxxxxxxxxxxx Subject: Re: [PATCH] [CRYPTO] Extend sha256_generic.c to support SHA-224and SHA-224-HMAC * Jonathan Lynch | 2007-11-06 18:28:00 [+0000]: >SHA-224 should be chosen as a hash algorithm when 112 bits of security >strength is required. Who uses such an algorithm (in terms of application)? [JL] Other crypto algorithms to offer 112 bits of security are as follows: 3-key Triple DES DSA L=2048, N=224 (DSA2 - fips 186-3) RSA K=2048 Elliptic-curve ciphers F=224 fips 186-3 recommends new sizes for DSA old size : DSA 1024 - SHA 160 in fips 186-2 chnage notice 1 new sizes : DSA 2048 SHA 224 , DSA 3072 SHA 256 This is more generally known as DSA2 http://csrc.nist.gov/publications/PubsDrafts.html http://csrc.nist.gov/publications/drafts/fips_186-3/Draft-FIPS-186-3%20_Marc h2006.pdf section 4.2 RFC 4055 sha 224 used with RSA padding In Intel we use Crypto API to validate and benchmark our QuickAssist hardware acceleration of hash and cipher algorithms. SHA-224 is currently the only SHA2 algorithm not supported in the Linux kernel. >diff -uprN -X linux-2.6.24-rc1-vanilla/Documentation/dontdiff linux-2.6.24-rc1-vanilla/crypto/tcrypt.c linux-2.6.24-rc1/crypto/tcrypt.c >--- linux-2.6.24-rc1-vanilla/crypto/tcrypt.c 2007-11-05 17:12:50.468842000 +0000 >+++ linux-2.6.24-rc1/crypto/tcrypt.c 2007-11-06 10:20:30.985270000 +0000 >@@ -1097,10 +1102,14 @@ static void do_test(void) > break; > > case 6: >- test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); >+ test_hash("sha224", sha224_tv_template, SHA224_TEST_VECTORS); > break; > > case 7: >+ test_hash("sha256", sha256_tv_template, SHA256_TEST_VECTORS); >+ break; >+ >+ case 8: > test_cipher("ecb(blowfish)", ENCRYPT, bf_enc_tv_template, > BF_ENC_TEST_VECTORS); > test_cipher("ecb(blowfish)", DECRYPT, bf_dec_tv_template, >@@ -1111,7 +1120,7 @@ static void do_test(void) > BF_CBC_DEC_TEST_VECTORS); > break; > >- case 8: >+ case 9: > test_cipher("ecb(twofish)", ENCRYPT, tf_enc_tv_template, > TF_ENC_TEST_VECTORS); > test_cipher("ecb(twofish)", DECRYPT, tf_dec_tv_template, Extend does not mean you change the user interface of the module. Please pick your own number. This breaks atleast two of mine scripts. [JL] Motivation was to keep sha224 tests beside sha256 tests. I will give the sha224 tests new numbers at the end of each group in the switch statement. >diff -uprN -X linux-2.6.24-rc1-vanilla/Documentation/dontdiff linux-2.6.24-rc1-vanilla/crypto/tcrypt.h linux-2.6.24-rc1/crypto/tcrypt.h >--- linux-2.6.24-rc1-vanilla/crypto/tcrypt.h 2007-11-05 17:12:50.492842000 +0000 >+++ linux-2.6.24-rc1/crypto/tcrypt.h 2007-11-05 18:18:31.610720000 +0000 >@@ -173,6 +173,33 @@ static struct hash_testvec sha1_tv_templ > } > }; > >+ >+/* >+ * SHA224 test vectors from from FIPS PUB 180-2 >+ */ >+#define SHA224_TEST_VECTORS 2 >+ >+static struct hash_testvec sha224_tv_template[] = { >+ { >+ .plaintext = "abc", >+ .psize = 3, >+ .digest = { 0x23, 0x09, 0x7D, 0x22, 0x34, 0x05, 0xD8, 0x22, >+ 0x86, 0x42, 0xA4, 0x77, 0xBD, 0xA2, 0x55, 0xB3, >+ 0x2A, 0xAD, 0xBC, 0xE4, 0xBD, 0xA0, 0xB3, 0xF7, >+ 0xE3, 0x6C, 0x9D, 0xA7}, >+ }, { >+ .plaintext = >+ "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq", >+ .psize = 56, >+ .digest = { 0x75, 0x38, 0x8B, 0x16, 0x51, 0x27, 0x76, 0xCC, >+ 0x5D, 0xBA, 0x5D, 0xA1, 0xFD, 0x89, 0x01, 0x50, >+ 0xB0, 0xC6, 0x45, 0x5C, 0xB4, 0xF5, 0x8B, 0x19, >+ 0x52, 0x52, 0x25, 0x25 }, >+ .np = 2, >+ .tap = { 28, 28 } >+ } >+}; >+ > /* > * SHA256 test vectors from from NIST > */ >@@ -753,6 +780,7 @@ static struct hash_testvec hmac_md5_tv_t > }, > }; > >+ > /* > * HMAC-SHA1 test vectors from RFC2202 > */ >@@ -817,6 +845,121 @@ static struct hash_testvec hmac_sha1_tv_ > }, > }; > >+ >+/* >+ * SHA224 HMAC test vectors from RFC4231 >+ */ >+#define HMAC_SHA224_TEST_VECTORS 4 >+ >+static struct hash_testvec hmac_sha224_tv_template[] = { Please don't introduce any empty lines. You could save hunk #2 btw :) [JL] I will remove this. Sebastian
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
--------------------------------------------------------------------- Intel Shannon Limited Registered in Ireland Registered Office: One Spencer Dock, North Wall Quay, Dublin 1 Registered Number: 308263 Business address: Dromore House, East Park, Shannon, Co. Clare This e-mail and any attachments may contain confidential material for the sole use of the intended recipient(s). Any review or distribution by others is strictly prohibited. If you are not the intended recipient, please contact the sender and delete all copies.
