Warning: bogus HMAC providers in opencrypto about to be fixed

To: tech-kern%netbsd.org@localhost, tech-crypto%netbsd.org@localhost, tech-net%netbsd.org@localhost
Subject: Warning: bogus HMAC providers in opencrypto about to be fixed
From: Thor Lancelot Simon <tls%rek.tjls.com@localhost>
Date: Thu, 24 Jan 2008 08:18:23 -0500

Several crypto backends in opencrypto treat the HMAC algorithm as if it
were identical to the HMAC_96 algorithm, truncating output to 12 bytes.

This has presumably gone unnoticed because:

        1) IPsec always wants the truncation
        2) There are no other kernel consumers for this API
        3) The only significant consumer of the userspace /dev/crypto API
           is the cryptodev OpenSSL engine, and all support for hashes
           was removed from the source in a fit of pique.

I am about to check in changes which fix this.  If you have any (broken)
code of your own which requests the HMAC algorithm but expects to get a
truncated result, it will stop working (as it did on FreeBSD when they
fixed this some time ago).

-- 
  Thor Lancelot Simon                                        
tls%rek.tjls.com@localhost

  "The inconsistency is startling, though admittedly, if consistency is to
   be abandoned or transcended, there is no problem."         - Noam Chomsky

Prev by Date: Re: CVS commit: [yamt-lazymbuf] src/sys/arch/amd64/include
Next by Date: Re: CVS commit: [yamt-lazymbuf] src/sys/arch/amd64/include
Previous by Thread: Re: CVS commit: [yamt-lazymbuf] src/sys/arch/amd64/include
Next by Thread: Pathological TCP behavior running ls(1) over SSH
Indexes:

Home | Main Index | Thread Index | Old Index