Re: [PATCH] Revert "crypto: caam - add IPsec ESN support"

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, 20 Mar 2013 16:31:58 +0200
Horia Geanta <horia.geanta@xxxxxxxxxxxxx> wrote:

> This reverts commit 891104ed008e8646c7860fe5bc70b0aac55dcc6c.
> 
> Current IPsec ESN implementation for authencesn(cbc(aes), hmac(sha))
> (separate encryption and integrity algorithms) does not conform
> to RFC4303.
> 
> ICV is generated by hashing the sequence
> SPI, SeqNum-High, SeqNum-Low, IV, Payload
> instead of
> SPI, SeqNum-Low, IV, Payload, SeqNum-High.
> 
> Cc: <stable@xxxxxxxxxxxxxxx> # 3.8, 3.7
> Reported-by: Chaoxing Lin <Chaoxing.Lin@xxxxxxxxxxxxxx>
> Signed-off-by: Horia Geanta <horia.geanta@xxxxxxxxxxxxx>
> ---

Reviewed-by: Kim Phillips <kim.phillips@xxxxxxxxxxxxx>

Kim

--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Kernel]     [Gnu Classpath]     [Gnu Crypto]     [DM Crypt]     [Netfilter]     [Bugtraq]

  Powered by Linux