Hi Grzegorz,
IV generator "eseqiv" adds one block more with "seq of SA" to the "src"
packet which is being encrypted with "IV salt" and send as IV.
Change your default IV generation method to "chainiv" and you'll solve the
issue.Proposed patch is something like:
--- linux-3.14.4/crypto/cbc.c 2014-05-13 14:33:14.000000000 +0300
+++ linux-3.14.4-mod/crypto/cbc.c 2014-06-01 09:26:18.311525275 +0300
@@ -255,6 +255,7 @@
inst->alg.cra_blkcipher.setkey = crypto_cbc_setkey;
inst->alg.cra_blkcipher.encrypt = crypto_cbc_encrypt;
inst->alg.cra_blkcipher.decrypt = crypto_cbc_decrypt;
+ inst->alg.cra_blkcipher.geniv = "chainiv";
out_put_alg:
crypto_mod_put(alg);
Regads,
Todor
--
To unsubscribe from this list: send the line "unsubscribe linux-crypto" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
