tech-kern: Re: opencrypto(9) API botch: HMAC sizes, IPsec vs. TLS vs. known-answer

Subject: Re: opencrypto(9) API botch: HMAC sizes, IPsec vs. TLS vs. known-answer
To: Jonathan Stone <jonathan@dsg.stanford.edu>
From: Jason Thorpe <thorpej@wasabisystems.com>
List: tech-kern
Date: 05/02/2004 19:08:27

--Apple-Mail-14-16209048
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; format=flowed


On Apr 28, 2004, at 8:06 PM, Jonathan Stone wrote:

> So.... anyone got any bright ideas on how to address the problem?

1. Rename the current HMAC crypto operations to CRYPTO_HMAC_MD5_96 and 
CRYPTO_HMAC_SHA1_96 (different API, same ABI).

2. Add new CRYPTO_HMAC_MD5_128 and CRYPTO_HMAC_SHA1_160 operations.

3. All devices that provide a CRYPTO_HMAC_MD5_128 or 
CRYPTO_HMAC_SHA1_160 must also provide a CRYPTO_HMAC_MD5_96 and 
CRYPTO_HMAC_SHA1_96, i.e. do the truncation in the back-end.

4. Anything that wants something other than the aforementioned sizes (I 
doubt there will be very many that use something different) can use the 
128 / 160 versions and truncate themselves.

This seems to me like the least disruptive solution.

         -- Jason R. Thorpe <thorpej@wasabisystems.com>


--Apple-Mail-14-16209048
content-type: application/pgp-signature; x-mac-type=70674453;
	name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)

iD8DBQFAlambOpVKkaBm8XkRAjlEAKCm47PVOW5p6gt4IT5mdku+kqfqHgCgjDZD
1hTlo3uRufoYWpUsHrmiJrA=
=l3mq
-----END PGP SIGNATURE-----

--Apple-Mail-14-16209048--