Re: [TLS] New Cached info draft

Stefan Santesson <stefan@aaa-sec.com> Tue, 30 March 2010 10:14 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8BEE83A67F5 for <tls@core3.amsl.com>; Tue, 30 Mar 2010 03:14:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.469
X-Spam-Level:
X-Spam-Status: No, score=-1.469 tagged_above=-999 required=5 tests=[AWL=0.650, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id d4esq+fyIhPa for <tls@core3.amsl.com>; Tue, 30 Mar 2010 03:14:18 -0700 (PDT)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.115]) by core3.amsl.com (Postfix) with ESMTP id F028F3A67DB for <tls@ietf.org>; Tue, 30 Mar 2010 03:14:17 -0700 (PDT)
Received: from s128.loopia.se (s34.loopia.se [194.9.94.70]) by s87.loopia.se (Postfix) with ESMTP id B6A7528CBAA for <tls@ietf.org>; Tue, 30 Mar 2010 12:14:48 +0200 (CEST)
Received: (qmail 2963 invoked from network); 30 Mar 2010 10:14:44 -0000
Received: from unknown (HELO [192.168.1.3]) (stefan@fiddler.nu@[85.235.2.114]) (envelope-sender <stefan@aaa-sec.com>) by s128.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <simon@josefsson.org>; 30 Mar 2010 10:14:44 -0000
User-Agent: Microsoft-Entourage/12.24.0.100205
Date: Tue, 30 Mar 2010 12:14:43 +0100
From: Stefan Santesson <stefan@aaa-sec.com>
To: Simon Josefsson <simon@josefsson.org>
Message-ID: <C7D79BB3.9B56%stefan@aaa-sec.com>
Thread-Topic: New Cached info draft
Thread-Index: AcrP8dDDnMZMCQG8YEKkYat15whPfQ==
In-Reply-To: <877houyzek.fsf@mocca.josefsson.org>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: Adam Langley <agl@imperialviolet.org>, "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] New Cached info draft
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Mar 2010 10:14:19 -0000

Thanks Simon,

I have included your sample in draft 07.
I think this document is done now and good to go.

Eric stated in Anaheim that he might get back on the issue of selecting FNV
as hash/digest/checksum function.

I have stated that I'm agnostic in principle whether we choose SHA1 or FNV
as long as we choose one without any extra agility complexity requiring
algorithm identifiers and possibly negotiating algorithm capabilities.

I would prefer that we stick to the current draft (FNV) as it is more than
good enough, free, fast, easy to implement, provides interop and effectively
avoids all requirements for agility complexity.

/Stefan



On 10-03-30 9:41 AM, "Simon Josefsson" <simon@josefsson.org>; wrote:

> Stefan Santesson <stefan@aaa-sec.com>; writes:
> 
>> Thanks Marsh,
>> 
>> I implemented the pseudocode in Java and and obtained matching output.
> 
> I have implemented it in C independently from the pseudocode, and I also
> got the same outputs.  My test code prints similar output like Marsh
> code.
> 
>> I'm considering including this code sample in the draft.
>> I would gratefully receive a matching C sample.
> 
> I believe it is important to have sample code and test vectors in the
> document.  I'm donating the code below.
> 
> /Simon
> 
> fnv1a64.h:
> 
> #ifndef FNV1A64_H
> # define FNV1A64_H
> 
> #include <string.h> /* For size_t */
> #include <stdint.h> /* For uint64_t */
> 
> extern uint64_t fnv1a64 (const uint8_t *buffer, size_t len);
> 
> #endif
> 
> fnv1a64.c:
> 
> /* fnv1a.c -- Implementation of the FNV-1A non-cryptographic hash function.
>  * Written by Simon Josefsson <simon@josefsson.org>; on 2010-03-30.
>  */
> 
> #include "fnv1a64.h"
> 
> #define FNV1A64_OFFSET_BASIS 14695981039346656037ULL
> #define FNV1A64_PRIME 1099511628211ULL
> 
> uint64_t
> fnv1a64 (const uint8_t *buffer, size_t len)
> {
>   uint64_t hash;
>   size_t i;
> 
>   hash = FNV1A64_OFFSET_BASIS;
>   for (i = 0; i < len; i++)
>     {
>       hash = hash ^ buffer[i];
>       hash = hash * FNV1A64_PRIME;
>     }
> 
>   return hash;
> }
> 
> fnv1a64_test.c:
> 
> #include "fnv1a64.h"
> 
> #include <stdio.h> /* For printf */
> 
> static void
> hash_buffer (const uint8_t *buffer, size_t len)
> {
>   uint64_t hash;
>   size_t i;
> 
>   puts ("For input data:");
>   for (i = 0; i < len; i++)
>     {
>       if ((i % 16) == 0)
> printf ("%04x  ", i);
>       printf ("%02X ", buffer[i]);
>       if ((i % 16) == 15)
> printf ("\n");
>     }
>   if (len > 0 && (i % 16) != 15)
>     printf ("\n");
>   printf ("%d bytes\n", len);
> 
>   hash = fnv1a64 (buffer, len);
> 
>   printf ("Digest is: ");
>   for (i = 0; i < sizeof (hash); i++)
>     printf ("%02X ", (int) (hash >> (8 * (sizeof (hash) - i -1))) & 0xFF);
>   printf ("\n\n");
> }
> 
> int
> main (void)
> {
>   hash_buffer ((uint8_t *) "", 0);
>   hash_buffer ((uint8_t *) "a", 1);
>   hash_buffer ((uint8_t *) "b", 1);
>   hash_buffer ((uint8_t *) "c", 1);
>   hash_buffer ((uint8_t *) "d", 1);
>   hash_buffer ((uint8_t *) "e", 1);
>   hash_buffer ((uint8_t *) "f", 1);
>   hash_buffer ((uint8_t *) "fo", 2);
>   hash_buffer ((uint8_t *) "foo", 3);
>   hash_buffer ((uint8_t *) "foob", 4);
>   hash_buffer ((uint8_t *) "fooba", 5);
>   hash_buffer ((uint8_t *) "foobar", 6);
>   hash_buffer ((uint8_t *) "\xFF\x00\x00\x01", 4);
>   hash_buffer ((uint8_t *) "http://en.wikipedia.org/wiki/"
>       "Fowler_Noll_Vo_hash_buffer", 48);
> 
>   return 0;
> }