netdev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[PATCH] sha2-256 truncation

from [Michal Ludvig] [Permanent Link][Original]
To: "David S. Miller" <davem@xxxxxxxxxx>
Subject: [PATCH] sha2-256 truncation
From: Michal Ludvig <michal@xxxxxxxx>
Date: Fri, 09 Jan 2004 09:50:58 +0100
Cc: netdev@xxxxxxxxxxx
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.5) Gecko/20030925 
Hi,
the attached trivial patch corrects the truncation size of computed hashes that are used in IPsec ESP/AH packets for SHA2-256. All other hash algorithms use 96 bits as well as does SuperFreeS/WAN and FreeBSD also for SHA2-256. Only the native Linux sha2-256 used 128 bits what led to incompatibility with other IPsec implementations. 

Please apply, thanks!

Michal Ludvig
--
* A mouse is a device used to point at the xterm you want to type in.
* Personal homepage - http://www.logix.cz/michal

--- linux-2.6.0/net/xfrm/xfrm_algo.c    2004-01-08 01:29:52.067261651 +0100
+++ linux-2.6.0.orig/net/xfrm/xfrm_algo.c       2004-01-08 01:28:38.668690081 
+0100
@@ -85,7 +85,7 @@ static struct xfrm_algo_desc aalg_list[]
 
        .uinfo = {
                .auth = {
-                       .icv_truncbits = 96,
+                       .icv_truncbits = 128,
                        .icv_fullbits = 256,
                }
        },
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Possible weird TCP bug, Nathaniel M Nelson
Next by Date:  [PATCH] Mark IBM TR driver as not 64 bit clean, Andi Kleen
Previous by Thread:  Possible weird TCP bug, Nathaniel M Nelson
Next by Thread:  Re: [PATCH] sha2-256 truncation, Michal Ludvig
Indexes:  [Date] [Thread] [Top] [All Lists]