On Tue, 2007-06-26 at 13:09 +0400, Evgeniy Polyakov wrote: > On Mon, Jun 25, 2007 at 05:13:58PM -0500, Joy Latten (latten@xxxxxxxxxxxxxx) wrote: > > I have been reading IP Encapsulating Payload-(ESP) RFC4303 where use of > > combined mode algorithms are mentioned and accommodated for. > > In trying to determine how I should handle this, I examined the > > crypto code and could not readily recognize any combined mode > > algorithms. Are there any current plans to implement combined mode > > algorithms? > > I think it should be first supported by ipsec stack at least with state, > where SA cold be configured, integrity check for the data/header is not > a problem after that changes are stable. sha1/encryption is a poor man's > combined algo after all with hash data being ICV :) > Ok, thanks. This helps. I can code up the infrastructure for this. I am thinking I will eventually need one of the algorithms to test and complete it though. RFCs 4309 and 4106 specify ESP working with AES-CCM and AES-GCM. Regards, Joy - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
