On Wed, May 28, 2008 at 09:42:47AM -0700, Loc Ho wrote: > Hi, > > With IPSec ESP Authenc, it is expected that the selected driver > generates "IV" as well as encrypts the data. Our 'hardware' (available > currently), can only handle either no header processing or header > processing (from ESP to IV processing but not individual field > processing). > > For no header processing, we will have to do a lot more work in software > - create a context SA for each requested operation, copy from the > initial context SA, after the operation completed, retrieve the update > IV from context SA, and then write it back to the packet. Do you still need to do this if we used a software-generated IV? Cheers, -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx> Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
