Re: ESP output when using NULL encryption and NON authentication

Dean Jenkins <djenkins@xxxxxxxxxx> · Tue, 02 Dec 2008 10:59:48 +0000

Hi Herbert,

Thanks for the clue. I had set the IV size to AES_BLOCK_SIZE in my NULL
crypto registered structure. Now fixed the IV size to 0 and put the
maxauthsize also to 0. Now I have basic Async AEAD NULL enc and NON auth
working with ping over ESP.

Regards,
Dean Jenkins
MontaVista Software
--- Begin Message ---

Subject: Re: ESP output when using NULL encryption and NON authentication
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 29 Nov 2008 12:33:39 +0800
Cc: linux-crypto@xxxxxxxxxxxxxxx
In-reply-to: <200811271813.18727.djenkins@xxxxxxxxxx>
Organization: Core
User-agent: tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.6.17-rc4	(i686))

Dean Jenkins <djenkins@xxxxxxxxxx> wrote:
>
> However, ESP's call to crypto_aead_decrypt() puts the start of the 
> encapsulated packet (first 16 bytes) into the IV field of the AEAD request 
> instead of wholly in the src scatterlist. The dst scatterlist is in fact the 
> same src scatterlist.

Well if you're using NULL encryption then the IV size will be zero.
So even though the IV field has the pointer to the start of the
payload so does the src scatterlist.

Cheers,
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

--- End Message ---