On Mon, 2020-02-10 at 11:30 -0500, Ken Goldman wrote: > On 2/9/2020 10:17 PM, Eric Biggers wrote: > > According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html > > , > > SM3 always produces a 256-bit hash value. E.g., it says: > > > > "SM3 produces an output hash value of 256 bits long" > > > > and > > > > "SM3 is a hash function that generates a 256-bit hash value." > > > > I don't see any mention of "SM3-256". > > > > So why not just keep it as "sm3" and change hash_info.c instead? > > Since the name there is currently wrong, no one can be using it > > yet. > > Question: Is 256 bits fundamental to SM3? No. > Could there ever be a > variant in the future that's e.g., 512 bits? Yes, SM3 like SHA-3 is based on a 512 bit input blocks. However, what's left of the standard: https://www.ietf.org/archive/id/draft-sca-cfrg-sm3-02.txt Currently only defines a 256 output (via compression from the final 512 bit output). In theory, like SHA-3, SM3 could support 384 and 512 output variants. However, there's no evidence anyone is working on adding this. James
