Subject: Re: opencrypto(9) API botch: HMAC sizes, IPsec vs. TLS vs. known-answer
To: Jonathan Stone <jonathan@dsg.stanford.edu>
From: Jason Thorpe <thorpej@wasabisystems.com>
List: tech-kern
Date: 05/02/2004 19:08:27
--Apple-Mail-14-16209048
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset=US-ASCII; format=flowed
On Apr 28, 2004, at 8:06 PM, Jonathan Stone wrote:
> So.... anyone got any bright ideas on how to address the problem?
1. Rename the current HMAC crypto operations to CRYPTO_HMAC_MD5_96 and
CRYPTO_HMAC_SHA1_96 (different API, same ABI).
2. Add new CRYPTO_HMAC_MD5_128 and CRYPTO_HMAC_SHA1_160 operations.
3. All devices that provide a CRYPTO_HMAC_MD5_128 or
CRYPTO_HMAC_SHA1_160 must also provide a CRYPTO_HMAC_MD5_96 and
CRYPTO_HMAC_SHA1_96, i.e. do the truncation in the back-end.
4. Anything that wants something other than the aforementioned sizes (I
doubt there will be very many that use something different) can use the
128 / 160 versions and truncate themselves.
This seems to me like the least disruptive solution.
-- Jason R. Thorpe <thorpej@wasabisystems.com>
--Apple-Mail-14-16209048
content-type: application/pgp-signature; x-mac-type=70674453;
name=PGP.sig
content-description: This is a digitally signed message part
content-disposition: inline; filename=PGP.sig
content-transfer-encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (Darwin)
iD8DBQFAlambOpVKkaBm8XkRAjlEAKCm47PVOW5p6gt4IT5mdku+kqfqHgCgjDZD
1hTlo3uRufoYWpUsHrmiJrA=
=l3mq
-----END PGP SIGNATURE-----
--Apple-Mail-14-16209048--