From: Nicolae Rosia Subject: Re: IPSec hmac(sha256) truncation bits length Date: Wed, 4 Mar 2015 20:56:58 +0200 Message-ID: References: <20150304123834.c27417981d6ef63c0b310e11@freescale.com> Mime-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Cc: "linux-crypto@vger.kernel.org" , Herbert Xu , netdev@vger.kernel.org To: Kim Phillips , Andreas Steffen Return-path: In-Reply-To: <20150304123834.c27417981d6ef63c0b310e11@freescale.com> Sender: netdev-owner@vger.kernel.org List-Id: linux-crypto.vger.kernel.org Thank you, Andreas and Kim. Best regards, Nicolae Rosia On Wed, Mar 4, 2015 at 8:38 PM, Kim Phillips wrote: > On Wed, 4 Mar 2015 20:28:26 +0200 > Nicolae Rosia wrote: > >> On Wed, Mar 4, 2015 at 7:13 PM, Nicolae Rosia wrote: >> > I'm trying to understand why icv_truncbits is set to 96 for >> > hmac(sha256) in xfrm_algo.c because >> > RFC4868 [1] says that the truncation length for HMAC-SHA256 should be 128. > > See http://comments.gmane.org/gmane.linux.kernel.cryptoapi/6767 > > Kim