> >The salt will just come from the key field. So instead of having >an 128-bit key for example, you'd have 152 bits. ok, quick question, this 152 bits key will be part of input to setkey()? The reason I am asking is because setkey in ablkcipher and blkcipher check key length for min and max size. Thus for example, aes, when using a 256 bit key, would pass in 288 bits or 36 octet key. max is 32 bits, so would result in error. If not passed into setkey, then I assume the salt/nonce would be parsed from key when ipsec daemon passes keys into kernel... Joy - To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
