Hi Nicolae, up to the Linux 2.6.32 kernel the SHA256 hash was erroneously truncated to 96 bits. With Linux 2.6.33 the correct truncation to 128 bits was introduce as well as the SHA384_192 and SHA512_256 data integrity algorithms. If you want to apply the correct SHA2 truncation, use XFRMA_ALG_AUTH_TRUNC instead of XFRMA_ALG_AUTH. Best regards Andreas On 03/04/2015 06:13 PM, Nicolae Rosia wrote: > Hello, > > I'm trying to understand why icv_truncbits is set to 96 for > hmac(sha256) in xfrm_algo.c because > RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128. > Am I looking in the wrong place? > > [1] https://tools.ietf.org/html/rfc4868#section-2.6 > > Best regards, > Nicolae Rosia > -- > To unsubscribe from this list: send the line "unsubscribe linux-crypto" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- ====================================================================== Andreas Steffen andreas.steffen@xxxxxxxxxxxxxx strongSwan - the Open Source VPN Solution! www.strongswan.org Institute for Internet Technologies and Applications University of Applied Sciences Rapperswil CH-8640 Rapperswil (Switzerland) ===========================================================[ITA-HSR]==
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
