Hi Nicolae,

up to the Linux 2.6.32 kernel the SHA256 hash was erroneously truncated
to 96 bits. With Linux 2.6.33 the correct truncation to 128 bits
was introduce as well as the SHA384_192 and SHA512_256 data integrity
algorithms. If you want to apply the correct SHA2 truncation, use

Best regards


On 03/04/2015 06:13 PM, Nicolae Rosia wrote:
> Hello,
> I'm trying to understand why icv_truncbits is set to 96 for
> hmac(sha256) in xfrm_algo.c because
> RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128.
> Am I looking in the wrong place?
> [1] https://tools.ietf.org/html/rfc4868#section-2.6
> Best regards,
> Nicolae Rosia
> --
> To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
> the body of a message to majord...@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html

Andreas Steffen                         andreas.stef...@strongswan.org
strongSwan - the Open Source VPN Solution!          www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to