Template Version: @(#)sac_nextcase %I% %G% SMI

1. Introduction
    1.1. Project/Component Working Name:
	 SHA224 support in Cryptographic Framework
    1.2. Name of Document Author/Supplier:
	 Author:  Darren Moffat
    1.3  Date of This Document:
	17 April, 2007
4. Technical Description

This case updates the Cryptographic Framework with support for SHA224.

We already support the FIPS 180-2 defined SHA256,384,512.  A later
ammendment to that standard added SHA224.

Some IETF standards such as NFSv4.1 require SHA224 in addition to
SHA256,384,512.

This case adds SHA224 support to the following components of
the Cryptographic Framework:

Updated Components

+-----------------------------------------+-----------------------------------+
| kernel/crypto/sha2                      | Consolidation Private             |
| Mechanisms:	CKM_SHA224                |                                   |
|               CKM_SHA224_HMAC           |                                   |
|               CKM_SHA224_HMAC_GENERAL   |                                   |
+-----------------------------------------+-----------------------------------+
| pkcs11_softtoken.so                     | Commited                          |
| Mechanisms:	CKM_SHA224                | PKCS#11 v2.20 Amendment 3         |
|               CKM_SHA224_HMAC           |                                   |
|               CKM_SHA224_HMAC_GENERAL   |                                   |
|               CKM_SHA224_RSA_PKCS       |                                   |
|               CKM_SHA224_KEY_DERIVATION |                                   |
+-----------------------------------------+-----------------------------------+
| libmd.so                                | Commited                          |
| SHA224_CTX                              |                                   |
| SHA224Init()                            | materials/libmd.3lib              |
| SHA224Update()                          | materials/sha2.3ext               |
| SHA224Final()                           |                                   |
| SHA2Init() mech numbers:                |                                   |
|   SHA224, SHA224_HMAC, SHA224_HMAC_GEN  |                                   |
+-----------------------------------------+-----------------------------------+

Note that due to previous implementation choices a naive addition
of SHA224 could cause either a possible performance issue or a ABI
issue with libmd (but not with the KCF or PKCS#11 interfaces).  This
case resolves this issue but requires that all kernel/crypto/sha2, libmd
and pkcs11_softtoken deliver concurrently to do so.   The ABI and API
of libmd is preserved.

A release binding of patch is requested incase this needs to be
backported to a Solaris 10 update release to support a consumer of
it (such as NFSv4.1).


6. Resources and Schedule
    6.4. Steering Committee requested information
   	6.4.1. Consolidation C-team Name:
		ON
    6.5. ARC review type: FastTrack