Herbert, I'm implementing ablkcipher algorithms in talitos and need some clarification. If an ablkcipher crypto algorithm implements .givencrypt with geniv as "<built-in>" what is the reason that it cannot be used as a building block cipher for an IPsec use case ? I've noticed that if an ablkcipher algorithm does not implement givencrypt, and sets geniv to eseqiv, then the algorithm can somewhat support an IPsec use case. During testing however, it seems that eseqiv_givencrypt doesn't handle a scatterlist fully for an already fragmented src. For example, a large ping (> 1460 bytes) going out causes a scatterlist with two entries within esp_output, but it appears that the src scatterlist doesn't carry forth properly through eseqiv_givencrypt into the ablkcipher encrypt routine. I'm wondering if I've stumbled onto a bug in this case. At the least my understanding is incomplete. Thank you, Lee Nipper Freescale Semiconductor Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
