From: Nicolae Rosia Subject: Re: IPSec hmac(sha256) truncation bits length Date: Wed, 4 Mar 2015 20:28:26 +0200 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Cc: Herbert Xu , James Morris , netdev@vger.kernel.org To: "linux-crypto@vger.kernel.org" Return-path: Received: from mail-la0-f45.google.com ([209.85.215.45]:44384 "EHLO mail-la0-f45.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1758525AbbCDS22 (ORCPT ); Wed, 4 Mar 2015 13:28:28 -0500 In-Reply-To: Sender: linux-crypto-owner@vger.kernel.org List-ID: + CC net, James Morris On Wed, Mar 4, 2015 at 7:13 PM, Nicolae Rosia wrote: > Hello, > > I'm trying to understand why icv_truncbits is set to 96 for > hmac(sha256) in xfrm_algo.c because > RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128. > Am I looking in the wrong place? > > [1] https://tools.ietf.org/html/rfc4868#section-2.6 > > Best regards, > Nicolae Rosia