[PATCH v3 2/2] tpm: use SM3 instead of SM3_256

James Bottomley jejb at linux.ibm.com
Thu Oct 28 12:56:38 UTC 2021


On Tue, 2021-10-26 at 15:56 +0800, Tianjia Zhang wrote:
> According to https://tools.ietf.org/id/draft-oscca-cfrg-sm3-01.html,
> SM3 always produces a 256-bit hash value and there are no plans for
> other length development, so there is no ambiguity in the name of
> sm3.

Please just drop this piece.

[...]
>         hash=         hash algorithm name as a string. For TPM 1.x
> the only
>                       allowed value is sha1. For TPM 2.x the allowed
> values
> -                     are sha1, sha256, sha384, sha512 and sm3-256.
> +                     are sha1, sha256, sha384, sha512 and sm3.

the hash parameter is an external ABI we can't simply change ... as
Jarkko already told you.

The rest are constants defined in the TPM standard, which we shouldn't
change because then it makes everyone wonder why we're deviating.

James






More information about the Linux-security-module-archive mailing list