The following patchset adds support for defining truncation lengths
for authentication algorithms in userspace. The main purpose for this
is to support SHA256 in IPsec using the standardized 128 bit
instead of the currently used 96 bit truncation.
Martin Willi (3):
xfrm: Define new XFRM netlink auth attribute with specified
truncation bits
xfrm: Store aalg in xfrm_state with a user specified truncation
length
xfrm: Use the user specified truncation length in ESP and AH
include/linux/xfrm.h | 8 +++
include/net/xfrm.h | 12 ++++-
net/ipv4/ah4.c | 2 +-
net/ipv4/esp4.c | 2 +-
net/ipv6/ah6.c | 2 +-
net/ipv6/esp6.c | 2 +-
net/xfrm/xfrm_state.c | 2 +-
net/xfrm/xfrm_user.c | 129 ++++++++++++++++++++++++++++++++++++++++++++++---
8 files changed, 145 insertions(+), 14 deletions(-)
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
